US 12,225,133 B2
Configurable network security for networked energy resources, and associated systems and methods
Randall King, Santa Rosa, CA (US); Roger L. Jungerman, Petaluma, CA (US); and Mayank Saxena, Pleasanton, CA (US)
Assigned to OPERANT NETWORKS, Santa Rosa, CA (US)
Filed by Operant Networks, Santa Rosa, CA (US)
Filed on Jan. 12, 2024, as Appl. No. 18/412,353.
Application 18/412,353 is a continuation of application No. 18/106,402, filed on Feb. 6, 2023, granted, now 11,876,904.
Application 18/106,402 is a continuation of application No. 17/390,726, filed on Jul. 30, 2021, granted, now 11,575,512, issued on Feb. 7, 2023.
Claims priority of provisional application 63/059,876, filed on Jul. 31, 2020.
Prior Publication US 2024/0243915 A1, Jul. 18, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 9/00 (2022.01); H04L 9/08 (2006.01); H04L 9/30 (2006.01); H04L 9/32 (2006.01)
CPC H04L 9/321 (2013.01) [H04L 9/003 (2013.01); H04L 9/0819 (2013.01); H04L 9/30 (2013.01); H04L 9/3265 (2013.01); H04L 63/0263 (2013.01); H04L 63/0823 (2013.01); H04L 63/101 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method, performed by a computing system, to secure access to utility infrastructure, the method comprising:
maintaining, at the computing system, a trust policy comprised of a plurality of trust rules, wherein each trust rule comprises an origin identifier, a target identifier, and an action identifier;
generating an Information Centric Networking (ICN) command message based on a trust rule selected from the plurality of trust rules, wherein the origin identifier of the selected trust rule corresponds to a utility infrastructure user, the action identifier of the selected trust rule corresponds to a command in the ICN command message, and the target identifier of the selected trust rule corresponds to a utility infrastructure resource;
publishing, on a communication channel, the ICN command message, wherein publishing the ICN command message causes an enforcement computing system, on the communication channel and associated with the utility infrastructure resource, to maintain authorization information characterized by the origin identifier, target identifier, and action identifier of the selected trust rule; and
cryptographically signing a certificate associated with the utility infrastructure user, wherein the certificate includes a utility infrastructure user name defined in an ICN hierarchical namespace and a utility infrastructure user public key;
wherein the enforcement computing system associated with the utility infrastructure resource, in response to subscribing to the ICN command message:
determines, from the ICN command message, the target identifier and the action identifier of the ICN command message, wherein the target identifier of the ICN command message corresponds to the utility infrastructure resource; and
determines whether the utility infrastructure user of the ICN command message, associated with the utility infrastructure user name of the certificate, is authorized to perform an action, corresponding to the action identifier of the ICN command message, on the utility infrastructure resource, based on the maintained authorization information.