METHOD AND SYSTEM OF LOCATION-AWARE CERTIFICATE BASED AUTHENTICATION

US 20120328101A1
Filed: 06/27/2011
Published: 12/27/2012
Est. Priority Date: 06/27/2011
Status: Active Grant

First Claim

Patent Images

1. A method for mutual certificate authentication between a first device and a second device based on location comprising:

receiving a request from a first device, wherein the request comprises a location of the first device;

registering a first public key for the first device in response to the request, wherein the registration associates the first device with the first public key;

determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device;

registering a second public key for the second device, wherein the registration associates the second device with the second public key;

sending the second public key to the first device;

sending the first public key to the second device; and

mutually authenticating the first device to the second device when the first device and the second device are connected.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one aspect, a method of mutual certificate authentication between a first device and a second device based on location is described. This embodiment of a method comprises receiving a request from a first device, wherein the request comprises a location of the first device; registering a first public key for the first device in response to the request, wherein the registration associates the first device with the first public key; determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device; registering a second public key for the second device, wherein the registration associates the second device with the second public key; sending the second public key to the first device; sending the first public key to the second device; and mutually authenticating the first device to the second device when the first device and the second device are connected.

114 Citations

View as Search Results

34 Claims

1. A method for mutual certificate authentication between a first device and a second device based on location comprising:
- receiving a request from a first device, wherein the request comprises a location of the first device;
  
  registering a first public key for the first device in response to the request, wherein the registration associates the first device with the first public key;
  
  determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device;
  
  registering a second public key for the second device, wherein the registration associates the second device with the second public key;
  
  sending the second public key to the first device;
  
  sending the first public key to the second device; and
  
  mutually authenticating the first device to the second device when the first device and the second device are connected.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the first device is a mobile device and the second device is a utility device.
  - 3. The method of claim 2, wherein the utility device is a utility meter.
  - 4. The method of claim 2, wherein the utility device includes one or more of a phasor measurement unit, a phasor data concentrator, and a power quality product.
  - 5. The method of claim 2, wherein the mobile device includes one or more of a laptop computer with GPS capability, a mobile phone with GPS capability, and a tablet computing device.
  - 6. The method of claim 1, wherein registering a first public key for the first device in response to the request comprises generating a public/private key pair for the first device and distributing the key pair to the first device.
  - 7. The method of claim 1, wherein registering a first public key for the first device in response to the request comprises receiving the first public key from the first device, wherein a software agent residing on the first device generates a public/private key pair for the first device.
  - 8. The method of claim 1, wherein registering a second public key for the second device comprises generating a public/private key pair for the second device and distributing the key pair to the second device.
  - 9. The method of claim 1, wherein registering a second public key for the second device comprises receiving the second public key from the second device, wherein a software agent residing on the second device generates a public/private key pair for the second device.
  - 10. The method of claim 1, wherein the first public key or the second public key are valid only while the first device is located at or within a defined distance of the second device.
  - 11. The method of claim 1, wherein the first public key or the second public key are valid only for a defined time period.

12. A method comprisingsending a request from a first device to a server, wherein the request comprises location information for the first device;
- generating, by a first software agent residing on the first device, a first public key and a first private key;
  
  registering, by the server, the first public key for the first device, wherein the registration associates the first device with the first public key;
  
  issuing, by the server, a first certificate to the first device;
  
  determining, by the server, at least one second device that is accessible by the first device based on the location of the second device relative to the first device;
  
  notifying, by the server, the second device that the first device requests access to the second device;
  
  generating, by a second software agent residing on the second device, a second public key and a second private key in response to the notification;
  
  registering, by the server, the second public key for the second device, wherein the registration associates the second device with the second public key;
  
  issuing, by the server, a second certificate to the second device;
  
  sending, by the server, the second public key to the first device;
  
  sending, by the server, the first public key to the second device; and
  
  mutually authenticating, by the server, the first certificate and the second certificate when the first device and the second device are connected.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The method of claim 12, wherein the first device is a mobile device and the second device is a utility device.
  - 14. The method of claim 13, wherein the utility device is a utility meter.
  - 15. The method of claim 13, wherein the utility device includes one or more of a phasor measurement unit, a phasor data concentrator, and a power quality product.
  - 16. The method of claim 13, wherein the mobile device includes one or more of a laptop computer with GPS capability, a mobile phone with GPS capability, and a tablet computing device.
  - 17. The method of claim 12, wherein registering, by the server, the first public key for the first device comprises the server receiving the first public key from the first device.
  - 18. The method of claim 12, wherein registering, by the server, the second public key for the second device comprises the server receiving the second public key from the second device.
  - 19. The method of claim 12, wherein the first public key or the second public key are valid only while the first device is located at or within a defined distance of the second device.
  - 20. The method of claim 12, wherein the first public key or the second public key are valid only for a defined time period.

21. A system for mutual certificate authentication between a first device and a second device based on location, the system comprised of:
- a first device, wherein the first device is comprised of at least a first software agent executing on a first processor and a first communications interface, and the first device is configured to determine its location;
  
  a second device, wherein the second device is comprised of at least a second software agent executing on a second processor and a second communications interface;
  
  a server comprised of at least a memory, a server communications interface and a server processor, wherein the server is configured to communicate with the first device and the second device and wherein the server processor is configured to;
  
  receive a request from a first device, wherein the request comprises a location of the first device;
  
  register a first public key for the first device in response to the request, wherein the registration associates the first device with the first public key;
  
  determine at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device;
  
  register a second public key for the second device, wherein the registration associates the second device with the second public key;
  
  send the second public key to the first device;
  
  send the first public key to the second device; and
  
  mutually authenticate the first device to the second device when the first device and the second device are connected.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 22. The system of claim 21, wherein the first device is a mobile device and the second device is a utility device.
  - 23. The system of claim 22, wherein the utility device is a utility meter.
  - 24. The system of claim 22, wherein the utility device includes one or more of a phasor measurement unit, a phasor data concentrator, and a power quality product.
  - 25. The system of claim 22, wherein the mobile device includes one or more of a laptop computer with GPS capability, a mobile phone with GPS capability, and a tablet computing device.
  - 26. The system of claim 21, wherein the first device includes a GPS receiver and the first device determines its location using the GPS receiver.
  - 27. The system of claim 21, wherein registering a first public key for the first device in response to the request comprises the server processor generating a public/private key pair for the first device and distributing the key pair to the first device.
  - 28. The system of claim 21, wherein registering a first public key for the first device in response to the request comprises the server receiving the first public key from the first device, wherein the first software agent residing on the first device generates a public/private key pair for the first device.
  - 29. The system of claim 21, wherein registering a second public key for the second device comprises the server processor generating a public/private key pair for the second device and distributing the key pair to the second device.
  - 30. The system of claim 21, wherein registering a second public key for the second device comprises the server receiving the second public key from the second device, wherein second software agent residing on the second device generates a public/private key pair for the second device.
  - 31. The system of claim 21, wherein the first public key or the second public key are valid only while the first device is located at or within a defined distance of the second device.
  - 32. The system of claim 21, wherein the first public key or the second public key are valid only for a defined time period.
  - 33. The system of claim 21, wherein determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device comprises the server processor retrieving stored locations of one or more second devices from a database stored in the memory and comparing the location of the first device to the locations of the one or more second devices to determine whether the second device is at or within a defined distance from the first device.
  - 34. The system of claim 21, wherein the second device is configured to determine its location and determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device comprises the server processor receiving location information from the second device and comparing the location of the first device to the location of the second device to determine whether the second device is at or within a defined distance from the first device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GE Infrastructure Technology, LLC (General Electric Company)
Original Assignee
General Electric Company
Inventors
Lakshminarayanan, Sitaraman Suthamali

Granted Patent

US 10,068,084 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/258
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2115   Third party

H04L 63/0823   using certificates cryptogr...

H04L 63/107   wherein the security polici...

H04Q 2209/40   using a wireless architecture

H04Q 2209/60   for transmitting utility me...

Y04S 40/20   Information technology spec...

METHOD AND SYSTEM OF LOCATION-AWARE CERTIFICATE BASED AUTHENTICATION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

114 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM OF LOCATION-AWARE CERTIFICATE BASED AUTHENTICATION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

114 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links