System and method for authenticating and authorizing devices

The invention claimed is: 1. A control unit for communicating with an equipment component, the control unit comprising: a communication interface operable configured to communicate wirelessly with a remote device; a memory configured to store one or more encryption keys pertaining to authentication and authorization of the remote device; an equipment interface operable configured to communicate with the equipment component; a controller configured to establish a communication link with the remote device via the communication interface, the controller configured to receive a ledgers; the ledger includes an authorization node with authorization information pertaining to the equipment component and includes a chain of nodes that includes the authorization node and that begins with a root grant based on a root certificate, wherein: the ledger is a chain-based ledger with each node of the ledger being based at least in part on a hash of one or more prior nodes of the ledger, wherein the authorization information in the authorization node of the ledger including one or more rights for the equipment component is a layered package having a plurality of layers, each layer is encrypted in accordance with one key of an asymmetric key pair, and wherein a node of the ledger subsequent to the authorization node is based at least in part on a hash that is based at least in part on the one or more rights for the equipment component; and based at least in part on the authorization information of the ledger, the controller is configured to authenticate an identity of the remote device and determine whether the remote device is authorized with respect to the equipment component. 2. The control unit of claim 1 wherein the ledger is received from the remote device. 3. The control unit of claim 1 , wherein the authorization information includes authentication information. 4. The control unit of claim 1 , wherein a layer of the authorization information includes authorization data, wherein the authorization data relates to one or more authorizations associated with at least one of communication and operation. 5. The control unit of claim 4 wherein an owner encrypted layer of the plurality of layers is encrypted by an owner device associated with the control unit that is established as an authority over operation of the control unit, and wherein encryption of the owner encrypted layer is indicative of the owner device having authorized the authorization data included in the layer. 6. The control unit of claim 1 , wherein the control unit is capable of decrypting all of the plurality layers. 7. A control unit for granting a right to a remote device that pertains to an equipment component, the control unit comprising: a communication interface operable configured to communicate wirelessly with the remote device; a memory configured to store one or more encryption keys pertaining to granting rights to other devices, and a ledger having a chain of nodes that begins with a root grant based on a root certificate; a controller configured to establish a communication link with the remote device via the communication interface, wherein the controller configured to: generate ledger information that includes one or more rights for the equipment component, and a layered package having a plurality of layers, wherein each layer is encrypted in accordance with one key of an asymmetric key pair, and include the ledger information in the ledger as a new node, wherein the new node of the ledger is based at least in part on a hash of one or more prior nodes of the ledger, and wherein a node of the ledger subsequent to the new node is based at least in part on a hash that is based at least in part on the one or more rights for the equipment component; and the controller configured to transmit the ledger to the remote device, wherein the ledger includes the ledger information including the one or more rights for the equipment component. 8. The control unit of claim 7 wherein the controller is configured to transmit the ledger to the remote device. 9. The control unit of claim 7 wherein, based at least in part on the ledger information of the ledger, the remote device is configured to identify that the remote device is authorized with respect to the equipment component. 10. The control unit of claim 9 wherein the remote device is configured to transmit the ledger to an equipment controller associated with operation of the equipment component, wherein based on the ledger, the remote device is configured to identify that the remote device has the right, granted by the controller, with respect to the equipment component. 11. The control unit of claim 10 wherein the equipment controller is configured to verify the ledger and the one or more rights of the remote device via verification of the chain of nodes to the root grant based on the root certificate. 12. The control unit of claim 7 , wherein a layer of the ledger information includes authorization data, wherein the authorization data relates to one or more authorizations associated with at least one of communication and operation. 13. The control unit of claim 12 wherein an owner encrypted layer of the plurality of layers is encrypted by an owner device associated with the control unit that is established as an authority over operation of the control unit, and wherein encryption of the owner encrypted layer is indicative of the owner device having authorized the authorization data included in the layer. 14. The control unit of claim 7 , wherein only the control unit is capable of decrypting all of the plurality of layers. 15. A method for providing a ledger for granting rights with respect to an equipment component, the method comprising: providing the ledger with a chain of nodes that begins with a root grant based on a root certificate; generating a new node for the ledger including ledger information, that wherein: the ledger information includes one or more rights for the equipment component and a layered package having a plurality of layers, wherein each layer is encrypted in accordance with one key of an asymmetric key pair, the new node is based at least in part on a hash of one or more prior nodes of the ledger, and a node of the ledger subsequent to the new node is based at least in part on a hash that is based at least in part on the one or more rights for the equipment component; adding the new node to the chain of nodes; and verifying the chain of nodes of the ledger based at least in part on the root grant. 16. The method of claim 15 comprising identifying a verification failure based on a node of the ledger being untraceable to the root grant. 17. The method of claim 15 wherein nodes of the ledger are never removed from the ledger after being included in the ledger. 18. The method of claim 15 wherein the one or more rights for the equipment component includes permission to grant another right to another device relative to the equipment component. 19. The method of claim 18 comprising distributing the ledger to the other device. 20. The method of claim 15 wherein the ledger is a first ledger, and comprising joining the first ledger with a second ledger that includes a chain of nodes that begins with the root grant. 21. The method of claim 20 wherein the second ledger includes a revocation list identifying a right of the first ledger that is revoked.