System, method and apparata for secure communications using an electrical grid network

US 9,246,691 B2
Filed: 11/12/2014
Issued: 01/26/2016
Est. Priority Date: 06/01/2009
Status: Active Grant

First Claim

Patent Images

1. A method for tracking the location of any device that runs on electricity;

comprising the steps of;

whenever the device is powered ON, automatically generating and sending a message to a Location Tracking Server (LTS), via the electric power plug, to the power meter that monitors the electricity usage from the plug to which the device is connected;

The message including timestamps, device identifiers, tracking server identifiers and cryptographic authentication challenge/nonce values;

the power meter appending its own location identifiers along with all the necessary cryptographic authentication tokens, timestamps, state-indicators to the message and sending the combined message over an out-of-band communication channel that spans at least a portion of the electric grid which is connected to the said electric power meter on the upstream side;

to a Location Tracking Server;

at the Location Tracking Server, verifying all the timestamps and cryptographic tokens and determining whether the location reported by the meter is a pre-designated safe location where the device normally operates or whether the device is at an unexpected location and potentially stolen;

the Location Tracking Server preparing a reply message (referred to as a “

blessing”

) including a recommendation or directive to the device being tracked, indicating what level of functionality the device should operate in;

along with cryptographic tokens, nonces and timestamps;

the Location Tracking Server sending its blessing back in the reverse direction over the forward path including the at least some portion of the electric grid connected to the electric power meter on the upstream side;

the electric power meter relaying the message to the device being tracked via the power plug;

the device being tracked receiving the blessing message, decrypting it if required and verifying the cryptographic credentials and/or responses from the Location Tracking Server and learning the state it is expected to go into, and entering that state.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure communications and location authorization system using a power line or a potion thereof as a side-channel that mitigates man-in-the-middle attacks on communications networks and devices connected to those networks. The system includes a power grid server associated with a substation, or curb-side distribution structure such as a transformer, an electric meter associated with a structure having electric service and able to communicate with the power grid server, a human authorization detector input device connected to the electric meter and the power grid server. The human authorization detector is able to receive an input from a user physically located at the structure and capable of communicating with the power grid server via the electric meter. The user'"'"'s physical input into the device causing a request to be sent to the power grid server that then generates a location certificate for the user. Without the location certificate, access to the communications network and devices connected to those networks can be denied.

24 Citations

26 Claims

1. A method for tracking the location of any device that runs on electricity;
- comprising the steps of;
  
  whenever the device is powered ON, automatically generating and sending a message to a Location Tracking Server (LTS), via the electric power plug, to the power meter that monitors the electricity usage from the plug to which the device is connected;
  
  The message including timestamps, device identifiers, tracking server identifiers and cryptographic authentication challenge/nonce values;
  
  the power meter appending its own location identifiers along with all the necessary cryptographic authentication tokens, timestamps, state-indicators to the message and sending the combined message over an out-of-band communication channel that spans at least a portion of the electric grid which is connected to the said electric power meter on the upstream side;
  
  to a Location Tracking Server;
  
  at the Location Tracking Server, verifying all the timestamps and cryptographic tokens and determining whether the location reported by the meter is a pre-designated safe location where the device normally operates or whether the device is at an unexpected location and potentially stolen;
  
  the Location Tracking Server preparing a reply message (referred to as a “
  
  blessing”
  
  ) including a recommendation or directive to the device being tracked, indicating what level of functionality the device should operate in;
  
  along with cryptographic tokens, nonces and timestamps;
  
  the Location Tracking Server sending its blessing back in the reverse direction over the forward path including the at least some portion of the electric grid connected to the electric power meter on the upstream side;
  
  the electric power meter relaying the message to the device being tracked via the power plug;
  
  the device being tracked receiving the blessing message, decrypting it if required and verifying the cryptographic credentials and/or responses from the Location Tracking Server and learning the state it is expected to go into, and entering that state.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the state can be anything from “
    - safe location, provide full functionality, you are blessed to run freely”
      
      on one extreme, to “
      
      wipe out all non-volatile storage, including discs or semiconductor memories, RAM, all bios values/keys if any and shut yourself down”
      
      on the extreme;
      
      depending upon whether the device is at its usual location or it is stolen and is therefore at a strange location; and
      
      upon the sensitivity/importance of data if any that resides on that device.
  - 3. The method of claim 1, wherein each individual message sent includes new cryptographic challenges and responses to previous cryptographic challenges from the peer.
  - 4. The method of claim 1, wherein the device being tracked optionally sends an acknowledgement informing the LTS that it is entering the state indicated in the blessing message before entering that state.
  - 5. The method of claim 1, wherein the device being tracked enters a pre-designated safe state if it cannot communicate with the LTS via the electric plug for a duration exceeding a timeout-interval.
  - 6. The method of claim 1, wherein, the attempt to communicate with a Location Tracking Server is made optionally at every 2^ndor 3^rdor n^thpowering-ONN or in general every k^thtime the device is powered-ONN, where “
    - k”
      
      is dynamically determined via some algorithm.
  - 7. The method of claim 1, wherein the electronic device is or is not part of a computer.
  - 8. The method of claim 1, wherein the device is part of an electric vehicle or car and is used to identify and track the location of the vehicle.
  - 9. The method of claim 1, wherein the device optionally sends an alarm signal after it is connected to an unauthorized portion of the electric grid.
  - 10. The method of claim 1 further comprising:
    - optional execution of more authentication and/or theft identification and reporting procedures if the LTS does not get a message from the device being tracked for a time period exceeding a dynamically adaptable timeout-threshold interval.
  - 11. The method of claim 1, applied to tracking the location where licensed software is run and verifying compliance with DRM (Digital Rights Management) and license controls.
  - 12. The method of claim 1, wherein the device is a part of Voting Machines and is used to verify compliance with all election rules and procedures.
  - 13. The method of claim 1, wherein the device is installed within shipping containers and is used to enforce “
    - verifiable custody chains”
      
      .

14. A system for tracking the location of any device that runs on electricity;
- comprising;
  
  a Location Tracking Server (LTS);
  
  a power meter;
  
  a device that runs on electricity configured so that whenever the device is powered ON, the device automatically generates and sends a message to the Location Tracking Server (LTS), via an electric power plug, to the power meter that monitors the electricity usage from the plug to which the device is connected;
  
  the message including timestamps, device identifiers, tracking server identifiers and cryptographic authentication challenge/nonce values;
  
  wherein the power meter is configured to append its own location identifiers along with all the necessary cryptographic authentication tokens, timestamps, state-indicators to the message and sends the combined message over an out-of-band communication channel that spans at least a portion of the electric grid which is connected to the power meter on the upstream side;
  
  to the Location Tracking Server;
  
  wherein the Location Tracking Server is configured to perform steps includingat the Location Tracking Server, verifying all the timestamps and cryptographic tokens and determining whether the location reported by the power meter is a pre-designated safe location where the device normally operates or whether the device is at an unexpected location and potentially stolen;
  
  preparing a reply message (referred to as a “
  
  blessing”
  
  ) including a recommendation or directive to the device being tracked, indicating what level of functionality the device should operate in;
  
  along with cryptographic tokens, nonces and timestamps;
  
  sending its blessing back in the reverse direction over the forward path including the at least some portion of the electric grid connected to the power meter on the upstream side;
  
  wherein the power meter is configured to relay the blessing to the device being tracked via the power plug; and
  
  wherein the device being tracked is configured to receive the blessing, decrypting it if required and verifying the cryptographic credentials and/or responses from the Location Tracking Server and learning the state it is expected to go into, and enter that state.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The system of claim 14, wherein the state can be anything from “
    - safe location, provide full functionality, you are blessed to run freely”
      
      on one extreme, to “
      
      wipe out all non-volatile storage, including discs or semiconductor memories, RAM, all bios values/keys if any and shut yourself down”
      
      on the other extreme;
      
      depending upon whether the device is at its usual location or it is stolen and is therefore at a strange location; and
      
      upon the sensitivity/importance of data if any that resides on that device.
  - 16. The system of claim 14, wherein each individual message sent includes new cryptographic challenges and responses to previous cryptographic challenges from the peer.
  - 17. The system of claim 14, wherein the device being tracked optionally sends an acknowledgement informing the LTS that it is entering the state indicated in the blessing before entering that state.
  - 18. The system of claim 14, wherein the device being tracked enters a pre-designated safe state if it cannot communicate with the LTS via the electric plug for a duration exceeding a timeout-interval.
  - 19. The system of claim 14, wherein, the attempt to communicate with a Location Tracking Server is made optionally at every 2nd or 3rd or nth powering-ONN or in general every kth time the device is powered-ONN, where “
    - k”
      
      is dynamically determined via some algorithm.
  - 20. The system of claim 14, wherein the device is or is not part of a computer.
  - 21. The system of claim 14, wherein the device is part of an electric vehicle or car and is used to identify and track the location of the electric vehicle or car.
  - 22. The system of claim 14, wherein the device optionally sends an alarm signal after it is connected to an unauthorized portion of the electric grid.
  - 23. The system of claim 14, further comprising:
    - optional sub-systems that perform more authentication checks and/or theft identification and reporting if the LTS does not get a message from the device being tracked for a time period exceeding a dynamically adaptable timeout-threshold interval.
  - 24. The system of claim 14, applied to tracking the location where licensed software is run and verifying compliance with DRM (Digital Rights Management) and license controls.
  - 25. The system of claim 14, wherein the device is a part of Voting Machines and is used to verify compliance with all election rules and procedures.
  - 26. The system of claim 14, wherein the device is installed within shipping containers and is used to enforce “
    - verifiable custody chains”
      
      .

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dhananjay S. Phatak
Original Assignee
Dhananjay S. Phatak
Inventors
Phatak, Dhananjay S.
Primary Examiner(s)
SHAW, PETER C

Application Number

US14/539,359
Publication Number

US 20150378382A1
Time in Patent Office

440 Days
Field of Search

713/156
US Class Current

1/1
CPC Class Codes

G01D 4/002   Remote reading of utility m...

G06F 21/30   Authentication, i.e. establ...

G06F 21/34   involving the use of extern...

G06F 21/40   by quorum, i.e. whereby two...

G06F 2221/2111   Location-sensitive, e.g. ge...

G08B 25/00   Alarm systems in which the ...

G08B 25/06   using power transmission lines

G08B 29/16   Security signalling or alar...

H04B 2203/5445   Local network

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0823   using certificates cryptogr...

H04L 63/107   wherein the security polici...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

H04L 63/18   using different networks or...

H04L 9/3215   using a plurality of channe...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

H04L 9/3273   for mutual authentication n...

Y02B 90/20 : Smart grids as enabling tec...

Y04S 20/30 : Smart metering, e.g. specia...

Y04S 40/20 : Information technology spec...

View All

System, method and apparata for secure communications using an electrical grid network

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and apparata for secure communications using an electrical grid network

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links