Systems and methods for security in a wireless utility network

US 8,756,675 B2
Filed: 08/06/2008
Issued: 06/17/2014
Est. Priority Date: 08/06/2008
Status: Active Grant

First Claim

Patent Images

1. A method for enrolling a requesting and previously untrusted node in a network consisting of a plurality of trusted nodes, the method comprising:

exchanging manufacturer originated digital certificates between the requesting node and a responding node, wherein the responding node is one of the plurality of trusted nodes;

verifying a manufacturer originated certificate received from the requesting node, the manufacturer originated certificate having been stored in the requesting node when the requesting node was manufactured, containing a unique identifier of the requesting node so as to be unique to the requesting node, and including identifying information about a manufacturer that produced the requesting node at a time the requesting node was manufactured prior to enrolling the requesting node in the network;

establishing a first trust state with the requesting node based on the manufacturer originated certificate received from the requesting node and a response manufacturer originated certificate sent to the requesting node from the responding node;

while in the first trust state, sending, from one of the plurality of trusted nodes, an enrollment request to a certifying authority, the enrollment request including information extracted from the manufacturer originated certificate received from the requesting node;

while in the first trust state, receiving, at one of the plurality of trusted nodes, a second digital certificate from the certifying authority, said second digital certificate being provided by the certifying authority based on a verification of the information extracted from the manufacturer originated certificate received from the requesting node;

while in the first trust state, providing the second digital certificate to the requesting node, the second digital certificate including the information extracted from the manufacturer originated certificate of the requesting node;

establishing a second, higher-level, trust state with the requesting node based on the second digital certificate received from the certifying authority and a second digital certificate of the responding node;

while in the second trust state, enrolling the requesting node in the network; and

in response to not being fully able to verify the authenticity of the requesting node within a preset time;

maintaining one or more intermediate trusted states between the first and the second trust states; and

subsequently requesting additional validation or repetition of the enrollment request,wherein the exchanging of the manufacturer originated certificates includes establishing a secure link between one of the plurality of trusted nodes and the requesting node, andwherein the establishing of the secure link includes;

negotiating shared symmetric keys; and

establishing a link layer (layer-2) secure link.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems a provided for security in a wireless utility network. The methods and systems use different levels of trust to securely enroll new nodes into a network through other nodes acting as proxies. A node'"'"'s security state with respect to another node in the network is categorized into one of several trust levels. A node responds to certain requests, actions or messages depending based on its trust level with the other entity. Initially, a node is not trusted. A first trust level is established based on a digital certificate that is stored in a node when the node is manufactured. A second trust level is established based on a second digital certificate obtained from a certifying authority while a node is in the first trust level. A node with a verified second certificate can be fully enrolled in the network and participate as a network node with minimal or no constraints.

Citations

19 Claims

1. A method for enrolling a requesting and previously untrusted node in a network consisting of a plurality of trusted nodes, the method comprising:
- exchanging manufacturer originated digital certificates between the requesting node and a responding node, wherein the responding node is one of the plurality of trusted nodes;
  
  verifying a manufacturer originated certificate received from the requesting node, the manufacturer originated certificate having been stored in the requesting node when the requesting node was manufactured, containing a unique identifier of the requesting node so as to be unique to the requesting node, and including identifying information about a manufacturer that produced the requesting node at a time the requesting node was manufactured prior to enrolling the requesting node in the network;
  
  establishing a first trust state with the requesting node based on the manufacturer originated certificate received from the requesting node and a response manufacturer originated certificate sent to the requesting node from the responding node;
  
  while in the first trust state, sending, from one of the plurality of trusted nodes, an enrollment request to a certifying authority, the enrollment request including information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, receiving, at one of the plurality of trusted nodes, a second digital certificate from the certifying authority, said second digital certificate being provided by the certifying authority based on a verification of the information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, providing the second digital certificate to the requesting node, the second digital certificate including the information extracted from the manufacturer originated certificate of the requesting node;
  
  establishing a second, higher-level, trust state with the requesting node based on the second digital certificate received from the certifying authority and a second digital certificate of the responding node;
  
  while in the second trust state, enrolling the requesting node in the network; and
  
  in response to not being fully able to verify the authenticity of the requesting node within a preset time;
  
  maintaining one or more intermediate trusted states between the first and the second trust states; and
  
  subsequently requesting additional validation or repetition of the enrollment request,wherein the exchanging of the manufacturer originated certificates includes establishing a secure link between one of the plurality of trusted nodes and the requesting node, andwherein the establishing of the secure link includes;
  
  negotiating shared symmetric keys; and
  
  establishing a link layer (layer-2) secure link.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein each of the manufacturer originated certificates includes:
    - a unique node identifier;
      
      manufacturing information of the node; and
      
      a public key corresponding to a private key stored at the node.
  - 3. The method of claim 2, wherein each of the manufacturer originated certificates is signed by a certified manufacturing station.
  - 4. The method of claim 2, wherein both the manufacturer originated certificate received from the requesting node and the response manufacturer originated certificate sent to the requesting node identify a role of the respective nodes in the network.
  - 5. The method of claim 1, wherein the shared symmetric keys are independently derived by each node using a preset formula, and are not exchanged over the air.
  - 6. The method of claim 1, wherein the responding node puts the requesting node in an un-trusted state in the event a response from the certifying authority is not received within a preset period of time, and wherein in the un-trusted state the responding node is prohibited from sending an enrollment request to the certifying authority on behalf of the requesting node.
  - 7. The method of claim 6, wherein the responding node informs at least one other node in the network of the placement of the requesting node in the un-trusted state.

8. A system comprising:
- a secure network;
  
  a requesting node; and
  
  a responding node, wherein the responding node includes a data processor and a computer-readable medium having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations to control the responding node to enroll the requesting node in the network, the operations comprising;
  
  exchanging manufacturer originated digital certificates with the requesting node;
  
  verifying the manufacturer originated certificate received from the requesting node, the manufacturer originated certificate having been issued by the manufacturer when the requesting node was manufactured, containing a unique identifier of the requesting node so as to be unique to the requesting node, and including identifying information about the manufacturer that produced the requesting node at a time the requesting node was manufactured prior to enrolling the requesting node in the network;
  
  establishing a first trust state with the requesting node based on the manufacturer originated certificate received from the requesting node and a response manufacturer originated certificate sent to the requesting node;
  
  while in the first trust state, sending an enrollment request to a certifying authority, the enrollment request including information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, receiving a second digital certificate from the certifying authority, said second digital certificate being provided from the certifying authority based on a verification of the information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, providing the second digital certificate to the requesting node, the second digital certificate including the information extracted from the manufacturer originated certificate of the requesting node;
  
  establishing a second, higher-level, trust state with the requesting node based on the second digital certificate received from the certifying authority and a second digital certificate of the responding node;
  
  while in the second trust state, enrolling the requesting node in the network; and
  
  in response to not being fully able to verify the authenticity of the requesting node within a preset time;
  
  maintaining one or more intermediate trusted states between the first and the second trust states; and
  
  subsequently requesting additional validation or repetition of the enrollment request,wherein the exchanging of the manufacturer originated certificates includes establishing a secure link between the responding node and the requesting node, andwherein the establishing of the secure link includes;
  
  negotiating shared symmetric keys; and
  
  establishing a link layer (layer-2) secure link.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein each of the manufacturer originated certificates includes:
    - a unique node identifier;
      
      manufacturing information of the node; and
      
      a public key corresponding to a private key stored at the node.
  - 10. The system of claim 9, wherein each of the manufacturer originated certificates is signed by a certified manufacturing station.
  - 11. The system of claim 9, wherein both the manufacturer originated certificate received from the requesting node and the response manufacturer originated certificate sent to the requesting node identify a role of the respective nodes in the network.
  - 12. The system of claim 8 wherein the shared symmetric key is independently calculated by each node using a preset formula, and is not exchanged over the air.
  - 13. The system of claim 8, wherein the responding node puts the requesting node in an un-trusted state in the event a response from the certifying authority is not received within a preset period of time, and wherein in the un-trusted state the responding node is prohibited from sending an enrollment request to the certifying authority on behalf of the requesting node.
  - 14. The system of claim 13, wherein the responding node informs at least one other node in the network of the placement of the requesting node in the un-trusted state.

15. A method for enrolling a new node in a network via a proxy node, said proxy node being a trusted member of the network, the method comprising:
- exchanging manufacturer originated certificates with the proxy node;
  
  establishing a first trust state with the proxy node based on a manufacturer originated certificate received from the new node via the proxy node and a response manufacturer originated certificate sent to the new node, the manufacturer originated certificate comprising a unique identifier of the new node known at the time the new node was manufactured so as to be unique to the new node, and including identifying information about the manufacturer that produced the new node at a time the new node was manufactured prior to enrolling the new node in the network;
  
  while in the first trust state, receiving a second digital certificate from a certifying authority via the proxy node, said second digital certificate including information extracted from the manufacturer originated certificate of the new node;
  
  while in the first trust state, authenticating the second digital certificate based on a previously provided system-specific root certificate;
  
  establishing a second, higher-level, trust state with the proxy node based on the second digital certificate; and
  
  while in the second trust state, enrolling the new node in the network,wherein the exchanging of the manufacturer originated certificates includes establishing a secure link between the proxy node and the new node, andwherein the establishing of the secure link includes;
  
  negotiating shared symmetric keys; and
  
  establishing a link layer (layer-2) secure link.
- View Dependent Claims (16)
- - 16. The method of claim 15, wherein the information about the new node comprises one or more of:
    - a node type;
      
      a node role;
      
      security configuration; and
      
      other information about the new node known at the time the new node was manufactured.

17. A method for enrolling a requesting and previously untrusted node in a network consisting of a plurality of trusted nodes, the method comprising:
- exchanging manufacturer originated digital certificates between the requesting node and a responding node, wherein the responding node is one of the plurality of trusted nodes;
  
  verifying a manufacturer originated certificate received from the requesting node, the manufacturer originated certificate having been stored in the requesting node when the requesting node was manufactured, containing a unique identifier of the requesting node so as to be unique to the requesting node, and including identifying information about a manufacturer that produced the requesting node at a time the requesting node was manufactured prior to enrolling the requesting node in the network;
  
  establishing a first trust state with the requesting node based on the manufacturer originated certificate received from the requesting node and a response manufacturer originated certificate sent to the requesting node from the responding node;
  
  while in the first trust state, sending, from one of the plurality of trusted nodes, an enrollment request to a certifying authority, the enrollment request including information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, receiving, at one of the plurality of trusted nodes, a second digital certificate from the certifying authority, said second digital certificate being provided by the certifying authority based on a verification of the information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, providing the second digital certificate to the requesting node;
  
  establishing a second, higher-level, trust state with the requesting node based on the second digital certificate received from the certifying authority and a second digital certificate of the responding node;
  
  while in the second trust state, enrolling the requesting node in the network; and
  
  in response to not being fully able to verify the authenticity of the requesting node within a preset time;
  
  maintaining one or more intermediate trusted states between the first and the second trust states; and
  
  subsequently requesting additional validation or repetition of the enrollment request,wherein the network is a utility network, and at least one of the requesting node and the responding node is configured to distribute commodity meter information to at least one other node in the utility network.

18. A system comprising:
- a secure network;
  
  a requesting node; and
  
  a responding node, wherein the responding node includes a data processor and a computer-readable medium having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations to control the responding node to enroll the requesting node in the network, the operations comprising;
  
  exchanging manufacturer originated digital certificates with the requesting node;
  
  verifying the manufacturer originated certificate received from the requesting node, the manufacturer originated certificate having been issued by the manufacturer when the requesting node was manufactured, containing a unique identifier of the requesting node so as to be unique to the requesting node, and including identifying information about the manufacturer that produced the requesting node at a time the requesting node was manufactured prior to enrolling the requesting node in the network;
  
  establishing a first trust state with the requesting node based on the manufacturer originated certificate received from the requesting node and a response manufacturer originated certificate sent to the requesting node;
  
  while in the first trust state, sending an enrollment request to a certifying authority, the enrollment request including information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, receiving a second digital certificate from the certifying authority, said second digital certificate being provided from the certifying authority based on a verification of the information extracted from the manufacturer originated certificate received from the requesting node;
  
  while in the first trust state, providing the second digital certificate to the requesting node;
  
  establishing a second, higher-level, trust state with the requesting node based on the second digital certificate received from the certifying authority and a second digital certificate of the responding node;
  
  while in the second trust state, enrolling the requesting node in the network; and
  
  in response to not being fully able to verify the authenticity of the requesting node within a preset time;
  
  maintaining one or more intermediate trusted states between the first and the second trust states; and
  
  subsequently requesting additional validation or repetition of the enrollment request,wherein the secure network is a utility network, and at least one of the requesting node and the responding node is configured to distribute commodity meter information to at least one other node in the utility network.

19. A method for enrolling a new node in a network via a proxy node, said proxy node being a trusted member of the network, the method comprising:
- exchanging manufacturer originated certificates with the proxy node;
  
  establishing a first trust state with the proxy node based on a manufacturer originated certificate received from the new node via the proxy node and a response manufacturer originated certificate sent to the new node, the manufacturer originated certificate comprising a unique identifier of the new node known at the time the new node was manufactured so as to be unique to the new node, and including identifying information about the manufacturer that produced the new node at a time the new node was manufactured prior to enrolling the new node in the network;
  
  while in the first trust state, receiving a second digital certificate from a certifying authority via the proxy node, said second digital certificate including information extracted from the manufacturer originated certificate of the new node;
  
  while in the first trust state, authenticating the second digital certificate based on a previously provided system-specific root certificate;
  
  establishing a second, higher-level, trust state with the proxy node based on the second digital certificate; and
  
  while in the second trust state, enrolling the new node in the network,wherein the network is a utility network, and at least one of the new node and the proxy node is configured to distribute commodity meter information to at least one other node in the utility network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Itron Networked Solutions, Inc. (Itron, Inc.)
Original Assignee
Silver Spring Networks, Inc. (Itron, Inc.)
Inventors
StJohns, Michael, Vaswani, Raj, Dubey, Aditi
Primary Examiner(s)
CHAO, MICHAEL W

Application Number

US12/187,354
Publication Number

US 20100037293A1
Time in Patent Office

2,141 Days
Field of Search

726/10
US Class Current

726/10
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/20   for managing network securi...

H04L 9/3263   involving certificates, e.g...

Systems and methods for security in a wireless utility network

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for security in a wireless utility network

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links