SYSTEM, METHOD, AND APPARATA FOR SECURE COMMUNICATIONS USING AN ELECTRICAL GRID NETWORK

US 20100306533A1
Filed: 05/28/2010
Published: 12/02/2010
Est. Priority Date: 06/01/2009
Status: Active Grant

First Claim

Patent Images

1. A security system comprising:

an input device for receiving an instruction to accept or deny a request for a location certificate to verify the presence of a user at a structure; and

at least one electric meter associated with the structure for receiving the accepted request and transmitting the same over a power line.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure communications and location authorization system using a power line or a potion thereof as a side-channel that mitigates man-in-the-middle attacks on communications networks and devices connected to those networks. The system includes a power grid server associated with a substation, or curb-side distribution structure such as a transformer, an electric meter associated with a structure having electric service and able to communicate with the power grid server, a human authorization detector input device connected to the electric meter and the power grid server. The human authorization detector is able to receive an input from a user physically located at the structure and capable of communicating with the power grid server via the electric meter. The user'"'"'s physical input into the device causing a request to be sent to the power grid server that then generates a location certificate for the user. Without the location certificate, access to the communications network and devices connected to those networks can be denied.

125 Citations

86 Claims

1. A security system comprising:
- an input device for receiving an instruction to accept or deny a request for a location certificate to verify the presence of a user at a structure; and
  
  at least one electric meter associated with the structure for receiving the accepted request and transmitting the same over a power line.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The security system of claim 1, further comprising a power grid server for receiving the request from the electric meter.
  - 3. The security system of claim 1, further comprising a client computer connected to the input device for accessing an application server over a communications network.
  - 4. The security system of claim 1, wherein the power grid server comprises one or more subsystems for receiving the request and outputting a location certificate.
  - 5. The security system of claim 1, wherein the at least one electric meter is adapted to communicating information about the at least one electric meter to the power grid server.
  - 6. The security system of claim 1, wherein the request is sent to the power grid server over at least part of an electrical grid between the structure and an upstream distribution point.
  - 7. The security system of claim 1, wherein the input device comprises one or more of a microprocessor, input/output device, memory device, GPS, wireless transceivers, infrared/optical communications devices, acoustic communications devices, communications device, and power supply or transformer device.
  - 8. The security system of claim 7, wherein the input/output device outputs information about each request.
  - 9. The security system of claim 1, wherein the input device comprises embedded software for generating a signal comprising the accepted request.
  - 10. The security system of claim 1, wherein the input device is tamper resistant.
  - 11. The security system of claim 10, wherein the input device outputs information about an event to at least one input/output device and a power grid server indicating information about (i) attempts that are or have been made to tamper with the input device or (ii) whether the input device has been successfully tampered with, as soon as one or both of the events are detected, during a pre-determined monitoring period, or when the input device performs a forensic audit.
  - 12. The security system of claim 1, wherein the at least one electric meter comprises a subsystem for independently determining whether to deny a request for a location certificate.
  - 13. The security system of claim 12, wherein the at least one electric meter sends a forged location requests to the power grid server and also outputs the request to an input/output device for later forensic or accounting analysis.

14. A method for location authentication, comprising the steps of:
- displaying on a human authorization detector at least some transaction data and requesting an input to accept or deny a location certificate request;
  
  receiving the input at the human authorization detector;
  
  requesting over at least a portion of an electrical grid a location certificate from a power grid server;
  
  receiving the location certificate from the power grid server over the portion of the electrical grid.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 15. The method of claim 14, further comprising the step of outputting the location certificate through a secure channel between the input device and an application server.
  - 16. The method of claim 15, further comprising requesting, by the application server, a user to authenticate the user'"'"'s location.
  - 17. The method of claim 14, wherein at least some of the transaction data is received from an application server.
  - 18. The method of claim 17, wherein requesting the location certificate from the power grid server includes (i) at least some of the transaction data in unmodified or in encrypted form, (ii) or a digest or hash of at least some of the transaction data, or (iii) a parameter representing some of the transaction data.
  - 19. The method of claim 14, wherein the input is received when a manual switch or button is physically pressed or activated or an input instruction is physically entered into the human authorization device.
  - 20. The method of claim 19, wherein a signal or a data is generated by the human authorization detector in response to the physical action, and wherein the signal or the data are cryptographically bound to at least one sequence or a set of tokens.
  - 21. The method of claim 20, wherein the sequence is generated only after the physical action and it uses one of a key, a token, and the data.
  - 22. The method of claim 20, further comprising a meter for receiving the sequence and determining whether to send the request, wait for a different time to send the request, or deny the request.
  - 23. The method of claim 14, further comprising the step of, if the input indicates an acceptance of the request, saving, at the human authorization detector, at least one transaction data detail for a time period for later display on the human authorization detector.
  - 24. The method of claim 14, further comprising the step of replacing the transaction data with its hash or a digest and sending the hash/digest over at least a portion of the electrical grid.
  - 25. The method of claim 14, further comprising the step of forwarding, by the human authorization detector, the request to at least one electric meter.
  - 26. The method of claim 25, wherein the at least one electric meter sends a forged location request to the power grid server and also outputs the request to an input/output device for later forensic or accounting analysis.
  - 27. The method of claim 14, further comprising the step of, after mutually authenticating between the meter and either a substation or a nearest upstream electric power distribution unit, relaying the location certificate request from the meter to the power grid server.
  - 28. The method of claim 14, further comprising the step of:
    - verifying, at the power grid server, a timeliness of one or more time stamps; and
      
      optionally receiving, at the power grid server, a payload from the electric meter having one or more messages.
  - 29. The method of claim 14, further comprising the step of constructing, at the power grid server, the location certificate with a signature and one or more additional safeguard parameters.
  - 30. The method of claim 14, further comprising the step of sending, by the power grid server, the location certificate to a substation.
  - 31. The method of claim 14, further comprising the steps of:
    - sending the location certificate from at least one electric meter to the human authorization detector; and
      
      sending the location certificate from the human authorization detector to the a user'"'"'s computer after verifying the location certificate using at least some of the transaction data.
  - 32. The method of claim 14, further comprising the step of sending at least one copy of the location certificate from the power grid server to an application server over a second path that does not include a substation, the at least one electric meter, and the human authorization detector where the location request originated.
  - 33. The method of claim 32, further comprising the step of, upon receiving the location certificate from the power grid server and from a user'"'"'s computer, verifying, at an application server, the location certificates.
  - 34. The method of claim 33, further comprising the step of matching the location certificate received from the power grid server over alternate paths with the location certificate received from the user'"'"'s computer.
  - 35. The method of claim 34, further comprising the step of allowing an action or transaction by the application server to proceed.

36. A method for authenticating instructions sent to a control plane of a real-time monitoring or control system, comprising the steps of:
- receiving an electronic instruction at a control plane to modify an operating parameter of a facility;
  
  displaying on a human authorization detector at least some data associated with either the instruction, the parameter, or both, and requesting an input to accept or deny a location certificate request;
  
  receiving the input at the human authorization detector;
  
  requesting over at least a portion of an electrical grid a location certificate from a remote power grid server;
  
  receiving the location certificate from the power grid server over the portion of the electrical grid; and
  
  after verifying the location certificate and matching it with a copy of the location certificate sent over a separate channel, causing the operating parameter to be modified.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 37. The method of claim 36, wherein the operating parameter is a value specifying one of a physical, chemical, electronic, acoustic, and magnetic state of a device. and/or photonic/optical and/or acoustic and/or thermodynamic/enegy/entropy state, location, position, angle, temperature, rate, linear or angular velocity, acceleration or pressure of a device.
  - 38. The method of claim 36, wherein requesting the location certificate includes at least some data associated with either the instruction, the parameter, or both.
  - 39. The method of claim 36, wherein the input is received when a manual switch or button is activated or an input instruction is entered on the human authorization device.
  - 40. The method of claim 36, further comprising the step of, if the user accepts the request, saving, at the human authorization detector, at least some data associated with either the instruction, the parameter, or both, for a time period for later display on the human authorization detector.
  - 41. The method of claim 36, further comprising the step of forwarding, by the human authorization detector, to an electric meter, the request.
  - 42. The method of claim 36, further comprising the step of constructing, at the power grid server, the location certificate and signing the location certificate.
  - 43. The method of claim 36, further comprising the step of sending, by the power grid server, to a substation through a secure connection, the location certificate.
  - 44. The method of claim 36, further comprising the step of transmitting the location certificate from the power grid server or from a substation and over at least a portion of an electrical grid, the location certificate to a meter, wherein the transmission is encrypted using a working key.
  - 45. The method of claim 44, sending the location certificate from the meter to the human authorization detector.

46. A location authentication device for sending requests over at least a portion of an electrical grid, comprising:
- an input for receiving input from a user to send a request to a remote power grid server for a location certificate;
  
  a memory for storing at least transaction data;
  
  a communications module for communicating information between a human authorization detector and an electric meter, the information including at least some of the transaction data; and
  
  an output for displaying information
- View Dependent Claims (47, 48, 49, 50, 51, 52)
- - 47. The location authentication device of claim 46, wherein the communications module communicates over one or more of an Ethernet connection, USB connection, HomePlug connection, or any other local area network connection.
  - 48. The location authentication device of claim 46, further comprising at least one pre-determined secure token key for secure communications with an electric meter.
  - 49. The location authentication device of claim 46, further comprising a database stored in the memory comprising at least a record indicating the request for the location certificate.
  - 50. The location authentication device of claim 46, further comprising a tamper-proof housing.
  - 51. The location authentication device of claim 46, wherein the input device outputs information to one of a display device and a power grid server indicating if the input device has been tampered with.
  - 52. The location authentication device of claim 51, further comprising a software subsystem for inputting information about a status of the tamper-proof housing and storing in the memory information about the status.

53. A power grid server for outputting a location certificate comprising:
- an encryption module for constructing a location certificate for a specific electronic transaction; and
  
  a communications device for communicating data between the power grid server and at least one substation, the data comprising information about the location certificate.
- View Dependent Claims (54, 55, 56, 57, 58)
- - 54. The power grid server of claim 53, further comprising a location certificate request module for processing requests for location certificates
  - 55. The power grid server of claim 53, further comprising an account module for managing a plurality of accounts, each of which is associated with at least one electric meter connected to an electrical grid.
  - 56. The power grid server of claim 55, wherein the account module records for each of the plurality of accounts the number of location certificates constructed for each of the plurality of accounts.
  - 57. The power grid server of claim 53, wherein the communication device uses a secure channel.
  - 58. The power grid server of claim 53, further comprising a verification subsystem for verifying a request for a location certificate received at the power grid server.

59. A method for generating location certificates using an out-of-band channel, comprising the steps of:
- establishing at a substation a link between a substation and at least one power grid server;
  
  forwarding to the power grid server through the link a location certificate request received from an electric meter;
  
  at the power grid server, verifying the information in the request; and
  
  constructing the location certificate.
- View Dependent Claims (60, 61, 62, 63)
- - 60. The method of claim 59, wherein the link is a secure channel.
  - 61. The method of claim 59, further comprising the step of signing the location certificate.
  - 62. The method of claim 59, further comprising the step of sending the location certificate to the substation through the link.
  - 63. The method of claim 59, further comprising the step of transmitting the location certificate from the power grid server or from the substation.

64. A method for out-of-band location authorization in an electronic financial transaction, comprising the steps of:
- receiving at a human authorization detector an encrypted payload challenge token from a financial institution server, the challenge being sent after a user seeks electronic access over a communications network to an account at the financial institution;
  
  physically inputting to the human authorization detector a signal that enables the challenge token from the bank to be transmitted through a unique electrical meter and over at least a portion of an electrical grid to a power grid server;
  
  decrypting at the power grid server the payload using a public key;
  
  constructing an encrypted response payload; and
  
  transmitting the responsive payload to the financial institution server via the same portion of the electrical grid or a different independent path.
- View Dependent Claims (65, 66, 67, 68, 69, 70, 71)
- - 65. The method of claim 64, wherein the encrypted payload includes one or more of an application ID, a user ID, a session ID, a timestamp, an expiry-time, and a random nonce value.
  - 66. The method of claim 64, wherein the encrypted payload is encrypted with a private key associated with the financial institution and the public key of the PLBC server.
  - 67. The method of claim 64, further comprising the step of generating a virtual meter ID for the meter.
  - 68. The method of claim 64, further comprising the step of altering the random nonce to form a new nonce value.
  - 69. The method of claim 64, wherein the response payload contains the altered nonce and the virtual meter ID.
  - 70. The method of claim 64, wherein the response payload is encrypted twice, first with a private key of the PLBC server and then with a public key of the financial institution.
  - 71. The method of claim 64, wherein the step of transmitting the responsive payload is transmitted first to the electric meter and then a user'"'"'s computer.

72. The method of clam 64, further comprising the step of decrypting the responsive payload and verifying the virtual Meter-ID matches one in the financial institution'"'"'s database.

73. A method for tracking the location of an electronic device, comprising the steps of:
- receiving a signal when the electronic device being tracked is turned on;
  
  sending to the device a signal, over a portion of the electrical grid or via a separate channel, requesting a response, wherein the signal comprises a challenge token;
  
  optionally displaying on a human authorization detector separate from the electronic device a request to accept or deny the challenge token;
  
  optionally receiving the input at the human authorization detector;
  
  requesting over at least a portion of an electrical grid a location certificate from the power grid server;
  
  receiving the location certificate from the power grid server over the portion of the electrical grid.
- View Dependent Claims (74, 75, 76, 77, 78)
- - 74. The method of claim 73, wherein the electronic device is or is not part of a computer.
  - 75. The method of claim 73, wherein the computer is part of an electric vehicle.
  - 76. The method of claim 73, wherein the device sends an alarm signal after it is connected to an unauthorized portion of the electric grid.
  - 77. The method of claim 73, wherein the signal to the electronic device is one that prevents it from receiving electricity from the electric grid.
  - 78. The method of claim 73, further comprising executing an authentication procedure if the electronic device does not send the signal through an authorized electric meter.

79. A method for transmitting a signal from an alarm monitoring system at a structure, comprising the steps of:
- receiving a signal when a remote electronic monitoring device is activated indicating an alarm event; and
  
  sending to the remote monitoring server a signal over a side-channel, the signal including the signal information,wherein the side-channel comprises an electric meter connected to a portion of the electrical grid, and wherein the electric meter is associated with a structure that is being monitored by alarm monitoring system.
- View Dependent Claims (80)
- - 80. The method of claim 79, wherein the electronic monitoring device is part of a residential burglary or fire alarm or a flooding, earthquake, collapse, structural-integrity monitoring system.

81. An electric meter for use in an out-of-band network security channel, comprising:
- a first termination point for electrically connecting the electric meter to a distribution system of a structure;
  
  a second termination point for electrically connecting the electric meter to a substation providing electrical service to the structure; and
  
  a memory device storing a plurality of instructions for transmitting to the substation a data package comprising information about a request for a location certificate received from the structure.
- View Dependent Claims (82, 83, 84, 85, 86)
- - 82. The electric meter of claim 81, further comprising a communications circuit for transmitting information over a communications channel.
  - 83. The electric meter of claim 81, further comprising stored information having a public ID for the electric meter or a unique private ID for the electric meter.
  - 84. The electric meter of claim 81, further comprising a tamper-resistant housing.
  - 85. The electric meter of claim 81, further comprising a unique ID for transmitting to a substation over a power line.
  - 86. The electric meter of claim 81, wherein the plurality of instructions comprise instructions for encrypting the information about the request using electronic keys stored in a tamper-proof hardware device within the electric meter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dhananjay S. Phatak
Original Assignee
Dhananjay S. Phatak
Inventors
Phatak, Dhananjay S.

Granted Patent

US 8,639,922 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

G01D 4/002   Remote reading of utility m...

G06F 21/30   Authentication, i.e. establ...

G06F 21/34   involving the use of extern...

G06F 21/40   by quorum, i.e. whereby two...

G06F 2221/2111   Location-sensitive, e.g. ge...

G08B 25/00   Alarm systems in which the ...

G08B 25/06   using power transmission lines

G08B 29/16   Security signalling or alar...

H04B 2203/5445   Local network

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0823   using certificates cryptogr...

H04L 63/107   wherein the security polici...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

H04L 63/18   using different networks or...

H04L 9/3215   using a plurality of channe...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

H04L 9/3273   for mutual authentication n...

Y02B 90/20 : Smart grids as enabling tec...

Y04S 20/30 : Smart metering, e.g. specia...

Y04S 40/20 : Information technology spec...

View All

SYSTEM, METHOD, AND APPARATA FOR SECURE COMMUNICATIONS USING AN ELECTRICAL GRID NETWORK

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

125 Citations

86 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM, METHOD, AND APPARATA FOR SECURE COMMUNICATIONS USING AN ELECTRICAL GRID NETWORK

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

125 Citations

86 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links