Systems and Methods for Fuel Dispenser Security
First Claim
1. A security system, comprising:
- at least one database storing, for each of a plurality of users, a unique user identification that identifies the user, authentication information associated with the user, and one or more access privileges defined for the user; and
a server including a network interface configured to communicate with a user device over a network, the server being configured to;
receive at the network interface from the user device encrypted data and a unique identifier of a secure device for which a user of the user device seeks access;
query the at least one database to determine whether the user of the user device is an authorized user of the server;
in response to determining that the user of the user device is an authorized user of the server, query the at least one database to obtain a secret key associated with the unique identifier received from the user device;
decrypt the encrypted data using the obtained secret key;
extract a function code and a session password from the decrypted data;
query the at least one database to determine whether the user of the user device is authorized to access a function represented by the function code; and
in response to determining that the user is authorized to access the function represented by the function code, transmit the session password to the user device via the network interface.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for fuel dispenser security are disclosed herein. In some embodiments, a user seeking access to a protected function of the fuel dispenser is presented with a challenge that is encrypted using a secret key that is unique to the fuel dispenser. To access the secured function, the user must obtain a session password from a server which authenticates the user, decrypts the challenge using a counterpart of the secret key, determines whether the user is authorized to access the secured function, and returns the session password extracted from the challenge only when the user is authorized. The server can thus control access to certain fuel dispenser functions according to a set of user access privileges. The challenge can also include additional information which can be used by the fuel dispenser and/or by the server to store a log of access activity.
-
Citations
20 Claims
-
1. A security system, comprising:
-
at least one database storing, for each of a plurality of users, a unique user identification that identifies the user, authentication information associated with the user, and one or more access privileges defined for the user; and a server including a network interface configured to communicate with a user device over a network, the server being configured to; receive at the network interface from the user device encrypted data and a unique identifier of a secure device for which a user of the user device seeks access; query the at least one database to determine whether the user of the user device is an authorized user of the server; in response to determining that the user of the user device is an authorized user of the server, query the at least one database to obtain a secret key associated with the unique identifier received from the user device; decrypt the encrypted data using the obtained secret key; extract a function code and a session password from the decrypted data; query the at least one database to determine whether the user of the user device is authorized to access a function represented by the function code; and in response to determining that the user is authorized to access the function represented by the function code, transmit the session password to the user device via the network interface. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A fuel dispenser security system, comprising:
-
a server configured to authorize a user device to electronically access a secured function of a select one of a plurality of fuel dispensers in response to the server receiving from the user device an identifier uniquely identifying the select one of the fuel dispensers, authenticating a user of the user device as being among one or more users predetermined to have authorized access to the server, and determining that the user of the user device has been pre-authorized to access the secured function; wherein each of the plurality of fuel dispensers has associated therewith a predetermined identifier that uniquely identifies the fuel dispenser. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A fuel dispenser security method, comprising:
-
receiving over a network a request from a user device to access a function of a fuel dispenser; generating data that includes a session password and a function code corresponding to the requested function; encrypting the generated data using a secret key stored at the fuel dispenser; transmitting the encrypted data to the user device; prompting the user device for the session password; receive from the user device a password in response to the prompting; and allowing the user device to electronically access the requested function in response to the received password matching the session password, and denying the user device electronic access to the requested function in response to the received password not matching the session password. - View Dependent Claims (17, 18, 19, 20)
-
Specification