Method and system of location-aware certificate based authentication
First Claim
1. A method for authentication between a first device and a second device, the method comprising:
- using a server comprising a processor;
receiving, by the server, a request from the first device to access the second device;
receiving, by the server, a location of the first device;
receiving, by the server, a location of the second device;
registering, by the server, a first public key associated with the first device;
registering, by the server, a second public key associated with the second device;
comparing, by the server, the location of the first device with the location of the second device;
issuing, by the server, if the location of the first device is within a predetermined distance from the location of the second device, a first certificate to the first device, wherein the first certificate certifies that the first public key is associated with the first device;
issuing, by the server, if the location of the first device is within a predetermined distance from the location of the second device, a second certificate to the second device, wherein the second certificate certifies that the second public key is associated with the second device; and
sending, by the server, if the location of the first device is within a predetermined distance from the location of the second device, the second public key to the first device and the first public key to the second device,wherein the first device and the second device are physically separate from the server, and the first device is a mobile device and the second device is a utility device, the utility device is selected from a group consisting of a utility meter, a phasor measurement unit, a phasor data concentrator, and a power quality product.
2 Assignments
0 Petitions
Accused Products
Abstract
In one aspect, a method of mutual certificate authentication between a first device and a second device based on location is described. This embodiment of a method comprises receiving a request from a first device, wherein the request comprises a location of the first device; registering a first public key for the first device in response to the request, wherein the registration associates the first device with the first public key; determining at least one second device that can be accessed by the first device based upon a location of the second device relative to the location of the first device; registering a second public key for the second device, wherein the registration associates the second device with the second public key; sending the second public key to the first device; sending the first public key to the second device; and mutually authenticating the first device to the second device when the first device and the second device are connected.
69 Citations
22 Claims
-
1. A method for authentication between a first device and a second device, the method comprising:
using a server comprising a processor; receiving, by the server, a request from the first device to access the second device; receiving, by the server, a location of the first device; receiving, by the server, a location of the second device; registering, by the server, a first public key associated with the first device; registering, by the server, a second public key associated with the second device; comparing, by the server, the location of the first device with the location of the second device; issuing, by the server, if the location of the first device is within a predetermined distance from the location of the second device, a first certificate to the first device, wherein the first certificate certifies that the first public key is associated with the first device; issuing, by the server, if the location of the first device is within a predetermined distance from the location of the second device, a second certificate to the second device, wherein the second certificate certifies that the second public key is associated with the second device; and sending, by the server, if the location of the first device is within a predetermined distance from the location of the second device, the second public key to the first device and the first public key to the second device, wherein the first device and the second device are physically separate from the server, and the first device is a mobile device and the second device is a utility device, the utility device is selected from a group consisting of a utility meter, a phasor measurement unit, a phasor data concentrator, and a power quality product. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A method, comprising:
-
receiving, by a server comprising a processor, a request from a first device to access a second device; receiving, by the server, a first public key from the first device; receiving, by the server, a location information for the first device; receiving, by the server, a location information for the second device; receiving, by the server, a second public key from the second device; determining, by the server, whether the location information of the first device is within a predetermined distance from the location information of the second device, wherein the location information for the second device is previously stored in the server; issuing, by the server, if the first device is within a predetermined distance from the second device, a first certificate to the first device, wherein the first certificate certifies that the first public key is associated with the first device; issuing, by the server, if the location information of the first device is within a predetermined distance from the location information of the second device, a second certificate to the second device, wherein the second certificate certifies that the second public key is associated with the second device; sending, by the server, the second public key to the first device; and sending, by the server the first public key to the second device, wherein the first device and the second device are physically separate from the server, and the first device is a mobile device and the second device is a utility device, the utility device is selected from a group consisting of a utility meter, a phasor measurement unit, a phasor data concentrator, and a power quality product. - View Dependent Claims (9, 10)
-
-
11. A system for authentication between a plurality of devices, the system comprising:
-
a first device; a second device; and a server in communication with the first device and the second device, the server having; a processor; and a memory comprising instructions that, when executed by the processor, cause the processor to perform operations comprising; receiving a request from the first device to access the second device; receiving a location of the first device; receiving a location of the second device; registering a first public key associated with the first device; registering a second public key associated with the second device; comparing the location of the first device with the location of the second device; issuing, if the location of the first device is within a predetermined distance from the location of the second device, a first certificate to the first device, wherein the first certificate certifies that the first public key is associated with the first device; issuing, if the location of the first device is within a predetermined distance from the location of the second device, a second certificate to the second device, wherein the second certificate certifies that the second public key is associated with the second device; and sending, if the location of the first device is within a predetermined distance from the location of the second device, the second public key to the first device and the first public key to the second device, wherein the first device and the second device are physically separate from the server, and the first device is a mobile device and the second device is a utility device, the utility device is selected from a group consisting of a utility meter, a phasor measurement unit, a phasor data concentrator, and a power quality product. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for authentication between a plurality of devices, the system comprising:
-
a first device; a second device; a server in communication with the first device and the second device, the server comprising a processor; and a memory comprising instructions that, when executed by the processor, cause the processor to perform operations comprising; receiving a request from a first device to access a second device; receiving a location of the first device from the first device; receiving a first public key from the first device; receiving a second public key from the second device; determining whether the location of the first device is within a predetermined distance from a location of the second device, wherein the location of the second device is received from the second device; issuing, if the location of the first device is within a predetermined distance from the location of the second device, a first certificate to the first device, wherein the first certificate certifies that the first public key is associated with the first device; issuing, by the server, if the location of the first device is within a predetermined distance from the location of the second device, a second certificate to the second device, wherein the second certificate certifies that the second public key is associated with the second device; sending, by the server, the second public key to the first device; and sending, by the server, the first public key to the second device, wherein the first device and the second device are physically separate from the server, and the first device is a mobile device and the second device is a utility device, the utility device is selected from a group consisting of a utility meter, a phasor measurement unit, a phasor data concentrator, and a power quality product.
-
Specification