Office Action Predictor
Application No. 17/465,084

METHODS AND SYSTEMS FOR ENABLING IDENTITY-BASED SERVICES USING A RANDOM IDENTIFIER

Final Rejection §103
Filed
Sep 02, 2021
Examiner
WRIGHT, BRYAN F
Art Unit
2497
Tech Center
2400 — Computer Networks
Assignee
Comcast Cable Communications, LLC
OA Round
6 (Final)
78%
Grant Probability
Favorable
7-8
OA Rounds
3y 4m
To Grant
98%
With Interview

Examiner Intelligence

78%
Career Allow Rate
629 granted / 805 resolved
Without
With
+20.4%
Interview Lift
avg trend
3y 4m
Avg Prosecution
26 pending
831
Total Applications
career history

Statute-Specific Performance

§101
12.1%
-27.9% vs TC avg
§103
53.8%
+13.8% vs TC avg
§102
8.6%
-31.4% vs TC avg
§112
10.2%
-29.8% vs TC avg
Black line = Tech Center average estimate • Based on career data

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. FINAL ACTION This action is in response to applicant’s submittal made on 10/17/2025. Claims 1, 9 and 18 are amended. Claims 1-23 are pending. Response to Arguments Examiner’s Remarks – 35 USC § 103 The applicant argues: “Claim 1 recites, in part, "sending, to a user device, based on a request from the user device to connect to a network using an unencrypted non-persistent random identifier, a network address." Claims 9 and 18 recite similar, though not identical, features. The Office Action asserts that Liu in view of McKibben teaches or suggests "sending, to a user device, based on a request from the user device to connect to a network using an unencrypted non-persistent random identifier, a network address" as claimed. Office Action, (pp. 3-5). Applicant respectfully disagrees. Liu teaches "establishing a mapping between a short term identity for a STA [station] (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network [unencrypted]." Liu at 26; see also id. at 8, 21, and 41 (describing the same "mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network 'in the clear' and periodically changed, and a long term identity for the STA). The Office Action attempts to map Liu's "short term identity" to the claimed "unencrypted non-persistent random identifier," but this mapping fails because Liu teaches that the "short term identity" is assigned by the corresponding access point (AP) after association.”. The examiner notes that applicant’s above contention(s) cannot be substantiated by claims that Liu’s “short term identity” is assigned later rather than earlier. The examiner further notes that the current construction of applicant’s claim 1 does not restrict applicant’s “unencrypted non-persistent random identifier” to a particular assignment time as argued. Thus, it is immaterial of the assignment time as argued. Moreover, Liu states that the “short term identity”, like the “unencrypted non-persistent random identifier” is transmitted over a wireless network and it prevents the device from being track (i.e., Liu par. 0006 “the STA can periodically change its “short term identity” to prevent tracking of the STA.”). The examiner further draws attention to Liu’s par. 0026 where the following is disclosed: “[0026] Specifically, embodiments herein involve establishing a mapping between a “short term identity” for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network. The examiner notes that Liu states that the “short term identity” is transmitted in a clear (i.e., unencrypted) manner. Liu additionally states that the “short term identity” periodically changes. Therefore, Liu’s “short term identity” is non-persistent. The examiner notes that Liu utilizes the “short term identity” in the same manner as the applicant utilizes its “unencrypted non-persistent random identifier”. Furthermore, the examiner notes that the applicant in paragraph 0005 of their original disclosure recites that the “unencrypted non-persistent random identifier” is the following: “The association between the random identifier and the persistent identifier enables the user device to access the identity-based services. The use of the random identifier mitigates and/or prevents any third party, such as a network hacker, an eavesdropper, and/or any other bad actors, from using network sniffing, log tracking, and/or the like to track the user device when connecting to various networks/network devices.”. As such, applicant’s “unencrypted non-persistent random identifier” and Liu’s “short term identity” are functionally and materially equivalent. Notably, applicant’s specification states in par. 0035 the following: “[0035] The network device 104 may determine the device identifier 108 (e.g., the persistent identifier of the user device 102, etc.) from the decrypted information. The network device 104 may associate the random identifier received from the user device 102 with the device identifier 108. The network device 104 may include a database 107. The database 107 may store a mapping/association (e.g., an indication of a mapping/association, etc.) between the random identifier and the device identifier 108. The network device 104 may store the mapping/association between the random identifier and the device identifier 108 for a time period and/or duration.”. The examiner notes that paragraph 0035 of applicant’s original disclosure establishes that a pre-existing assignment captured in a stored database affords an association between the unencrypted non-persistent random identifier and the persistent identifier. The examiner contends that these particulars cannot be ignored (emphasis). The applicant argues the following: “The Office Action attempts to map Liu's "short term identity" to the claimed "unencrypted non-persistent random identifier," but this mapping fails because Liu teaches that the "short term identity" is assigned by the corresponding access point (AP) after association.”. The examiner respectfully contends that nothing in the claim language of claim 1 as currently constructed explicitly restricts applicant’s “unencrypted non-persistent random identifier” to a particular assignment time as argued by the applicant. Again, the examiner notes that Liu’s “short term identity” is transmitted clear and is changed periodically making it non-persistent and random. This characteristics are consistent with the characteristics of applicant’s “unencrypted non-persistent random identifier”. The applicant argues: “Put differently, Liu does not teach or suggest that the "short term identity" (AID) is sent by a station/user device in an initial connection request. “ Somehow, without an explicit recitation in applicant’s claim 1, the applicant would like to establish that applicant’s “unencrypted non-persistent random identifier” is associated with an “initial connection request”. Notably, applicant’s specification states in par. 0035 the following: “[0035] The network device 104 may determine the device identifier 108 (e.g., the persistent identifier of the user device 102, etc.) from the decrypted information. The network device 104 may associate the random identifier received from the user device 102 with the device identifier 108. The network device 104 may include a database 107. The database 107 may store a mapping/association (e.g., an indication of a mapping/association, etc.) between the random identifier and the device identifier 108. The network device 104 may store the mapping/association between the random identifier and the device identifier 108 for a time period and/or duration.”. The examiner notes that paragraph 0035 of applicant’s original disclosure establishes that a pre-existing assignment captured in a stored database affords an association between the unencrypted non-persistent random identifier and the persistent identifier. The applicant argues: “Instead, for the initial connection, Liu uses the "long term identity for the STA (e.g., a MAC address)." See id. at 26. For example, Liu explains that users "connect to wireless networks using various wireless communication standards" and that "wireless communication standards such as IEEE 802.11 often use the electronic device's long term identity (e.g., the#4933-4726-6413 v5 electronic device's media access control (MAC) address)." Id. at 22. Thus, Liu fails to teach or suggest at least the aforementioned features of claim 1.”. Again, applicant’s paragraph 0035, clearly indicates by way of a stored database that there is a pre-assignment between the unencrypted non-persistent random identifier and the persistent identifier. Meaning, regardless of a connection time, applicant’s “unencrypted non-persistent random identifier” is associated with a persistent identifier in some form or factor. The applicant argues: “Moreover, McKibben fails to cure Liu's deficiencies, because McKibben's system requires a "real MAC address" when associating with an access point. For example, McKibben teaches receiving "an access request originating from a user device" and performing "an authentication process for connecting with the user device" followed by transmitting "a request message for a media access control (MAC) address of the user device" and receiving "a response message including the MAC address of the user device." See e.g., McKibben at 4. In other words, paragraph 4 of McKibben describes use of a "real" MAC address (i.e., persistent) when associating with an access point.”. The examiner notes that applicant’s assessment noted in this instance of McKibben’s teachings is/are miss-represented. McKibben teaches in par. 0006 the following: “The access point includes at least processor in communication with at least one memory device. The access point is programmed to receive a first association request message originating from a user device including a first MAC address. The first MAC address is a randomized MAC address.”. Additionally, par. 0053 of McKibben states the following: “The access request can include a randomized MAC address”. As such, the examiner notes that the request will comprise a random (i.e., non-persistent) identifier. The applicant argues: “As another example, McKibben further describes a process where a "user device 105" sends an "association request using a random MAC address" to an "access point 110[,]" and a "Network server 115 determines that the MAC address is not registered" and "the access point 110 may transmit an 802.11 association response to the user device, where the association response includes information indicating that a real MAC address is required." Id. at 76. The "user device 105" then "transmits the 802.11 association request with the real MAC address[,]" which "the Network server 115 verifies[,]" and finally "the access point 110 transmits an 802.11 association response-association accepted message to the user device 105." Id. In other words, in McKibben the user device 115 is required to provide its real (persistent) MAC address when associating with the access point 110. By contrast, in claim 1, a non-persistent random identifier is used for associating a user device with a network/AP.”. Again, the examiner notes that applicant’s assessment of McKibben’s teachings is/are miss-represented. McKibben teaches in par. 0006 the following: “The access point includes at least processor in communication with at least one memory device. The access point is programmed to receive a first association request message originating from a user device including a first MAC address. The first MAC address is a randomized MAC address.”. Additionally, par. 0053 of McKibben states the following: “The access request can include a randomized MAC address”. As such, the examiner notes that the request will comprise a random (i.e., non-persistent) identifier. The applicant argues: “b. The asserted motivation for combining the references is not properly supported The Supreme Court of the United States noted that the analysis supporting a rejection under 35 U.S.C. §103 should be made explicit. See KSR International Co. v. Teleflex Inc. (KSR), 550 U.S. 398, 82 USPQ2d 1385 (2007). The Court quoting In re Kahn, 441 F.3d 977, 988, 78 USPQ2d 1329, 1336 (Fed. Cir. 2006), stated that "rejections on obviousness cannot be sustained by mere conclusory statements; instead, there must be some articulated reasoning with some rational underpinning to support the legal conclusion of obviousness." KSR, 550 U.S. at 398, 82 USPQ2d at 1396. In the present case, the Office Action acknowledges that Liu "does not expressly teach[] the user device to connect to the network[,]" and the Office Action relies on McKibben for allegedly teaching these features. See Office Action, (p. 5). The Office Action then asserts that "it would have been obvious to one of ordinary skill in the art [...] to implement the teachings of Liu with the teachings of McKibben by having their system comprise an enhanced access process" in order to "provide a simple and effective means to secure network access, wherein the enhanced access process helps facilitate robust network security and makes it easier to control device information." Id. Applicant respectfully submits that the rationale provided by the Office Action for combining the prior art references is not properly supported. In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). The applicant argues: “The Office Action does not define the supposed "enhanced access process" that Liu's system would gain by incorporating McKibben's teachings, nor does the Office Action explainhow the "enhanced access process helps facilitate robust network security and makes it easier to control device information." For example, the Office Action fails to provide any explanation regarding how (i.e., in what way) the "enhanced access process" would "mak[e] it easier to control device information." Instead, the Office Action provides a threadbare assertion of obviousness - indeed, a mere conclusory statement - that is entirely unsupported as required by KSR. Therefore, Applicant respectfully submits that the combination of Liu and McKibben is not properly supported by the Office Action. In other words, the Office Action fails to provide articulated reasoning for the combination, aside from an undefined "enhanced access process" that somehow, though also undefined, provides additional network security and device information control. Accordingly, Applicant respectfully requests that the rejection be withdrawn.”. See id at 50 (explaining that "the AP can assign the first short term identity to the STA based on a random value" and that "the STA's first short term identity can identify the STA in the wireless network of the AP"). Therefore, because Liu's "short term identity" (AID) is assigned by the AP after association with the network, versus being used for the initial connection request, Liu fails to teach or suggest "sending, to a user device, based on a request from the user device to connect to a network using an unencrypted non-persistent random identifier, a network address" as claimed. Again, applicant’s current construction for claim 1 does not restrict the “unencrypted non-persistent random identifier” to an initial connection request as argued. Moreover, McKibben teaches in par. 006 the following: “The access point includes at least processor in communication with at least one memory device. The access point is programmed to receive a first association request message originating from a user device including a first MAC address. The first MAC address is a randomized MAC address.”. Additionally, par. 0053 of McKibben states the following: “The access request can include a randomized MAC address”. The applicant argues: “Instead, for the initial connection, Liu uses the "long term identity for the STA (e.g., a MAC address)." See id. at 26. For example, Liu explains that users "connect to wireless networks using various wireless communication standards" and that "wireless communication standards such as IEEE 802.11 often use the electronic device's long term identity (e.g., the#4933-4726-6413 v5 electronic device's media access control (MAC) address)." Id. at 22. Thus, Liu fails to teach or suggest at least the aforementioned features of claim 1.”. Again, applicant’s current construction for claim 1 does not restrict the “unencrypted non-persistent random identifier” to an initial connection request as argued. Moreover, McKibben teaches in par. 006 the following: “The access point includes at least processor in communication with at least one memory device. The access point is programmed to receive a first association request message originating from a user device including a first MAC address. The first MAC address is a randomized MAC address.”. Additionally, par. 0053 of McKibben states the following: “The access request can include a randomized MAC address”. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-23 are rejected under 35 U.S.C. 103 as being unpatentable over LIU et al. (US Patent Publication No. 2021/0014679 and LIU hereinafter) in view of McKibben et al. (US Patent Publication No. 2021/0036988 and McKibben hereinafter). As to claim 1, LIU teaches a method comprising: sending, to a user device, based on a request from the user device to connect to a network using an unencrypted non-persistent random identifier, a network address (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”), receiving, based on the network address, encrypted information, wherein the encrypted information comprises a persistent identifier (i.e., …teaches in par. 0008 the following: “an AP can establish a security association with a STA and assign a short-term identity to the STA. The short term identity can be an AID assigned to the STA by the AP when the STA first established the security association with the AP. The AP can then receive a new long term identity from the STA. The new long term identity can be a MAC address. The AP can receive the new long term identity based on the security association. For example, the STA can transmit the new long term identity in encrypted form to the AP using a set of cryptographic keys installed by the security association. Both the AP and the STA can map the STA's new long term identity to its short term identity assigned by the AP); determining, based on the encrypted information, that the persistent identifier is associated with the user device (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA”. …teaches in par. 0008 the following: “the STA can transmit the new long term identity in encrypted”. …teaches in par. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”.); and causing, based on the unencrypted non-persistent random identifier and the persistent identifier (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA”. …teaches in par. 0008 the following: “the STA can transmit the new long term identity in encrypted”. …teaches in par. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”. …teaches in par. 0026 the following: “sending, to a user device, based on a request from the user device to connect to a network using an unencrypted non-persistent random identifier, a network address (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”.). LIU does not expressly teach: the user device to connect to the network. In this instance the examiner notes the teachings of prior art reference McKibben. McKibben teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request. The network server 135 or 140 transmits an access request failure message S325 if the determination is to deny the access request. The network server 135 or 140 terminates service for the user device 105 if the determination is to deny the access request.”. Teaches in par. 0061 the following: “The network server 135 or 140 determines whether to grant the access request based on results of at least one of the integrity check and the confidentiality check.”. Teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request.”. Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the of the claimed invention was made to implement the teachings of LLIU with the teachings of McKibben by having their system comprise an enhanced access process. One would have been motivated to do so to provide a simple and effective means to secure network access, wherein the enhanced access process helps facilitate robust network security and makes it easier to control device information. As to claim 2, the system of LIU and McKibben as applied to claim 1 above teaches the use of identifiers, specifically LIU teaches a method of claim 1, further comprising causing, based on the persistent identifier being sent to a service associated with the user device (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”). LIU does not expressly teach: the user device to access to the service. In this instance the examiner notes the teachings of prior art reference McKibben. McKibben teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request. The network server 135 or 140 transmits an access request failure message S325 if the determination is to deny the access request. The network server 135 or 140 terminates service for the user device 105 if the determination is to deny the access request.”. Teaches in par. 0061 the following: “The network server 135 or 140 determines whether to grant the access request based on results of at least one of the integrity check and the confidentiality check.”. Teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request.”. Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the of the claimed invention was made to implement the teachings of LLIU with the teachings of McKibben by having their system comprise an enhanced access process. One would have been motivated to do so to provide a simple and effective means to secure network access, wherein the enhanced access process helps facilitate robust network security and makes it easier to control device information. As to claim 3, the system of LIU and McKibben as applied to claim 1 above teaches the use of identifiers, specifically LIU teaches a method of claim 2, wherein the service comprises at least one of: a subscription service, a parental control service, an information tracking service, a private network service, or an auto-login service (i.e., …teaches in par. 0022 the following: “Users often use their electronic devices (e.g., mobile phones, laptops, smart watches, and various other electronic devices as would be appreciated by a person of ordinary skill in the art) to connect to wireless networks provided at public places such as coffee shops, departments stores, and airports. Users connect to these wireless networks using various wireless communication standards.”). As to claim 4, the system of LIU and McKibben as applied to claim 1 above teaches the use of identifiers, specifically LIU teaches a method of claim 1, wherein the user device comprises at least one of: a mobile device, a smart device, or a content player (i.e., …teaches in par. 0022 the following: “Users often use their electronic devices (e.g., mobile phones, laptops, smart watches, and various other electronic devices as would be appreciated by a person of ordinary skill in the art) to connect to wireless networks provided at public places such as coffee shops, departments stores, and airports. Users connect to these wireless networks using various wireless communication standards.”). As to claim 5, the system of LIU and McKibben as applied to claim 1 above teaches the use of identifiers, specifically LIU teaches a method of claim 1, wherein the unencrypted non-persistent random identifier comprises at least one of: a random Media Access Control (MAC) address, a random International Mobile Subscriber Identity (IMSI), or a random International Mobile Station Equipment Identity (IMEI) (i.e., …teaches in par. 0038 the following: “MAC address to a random value…” …teaches in par. 0026 the following: “sending, to a user device, based on a request from the user device to connect to a network using an unencrypted non-persistent random identifier, a network address (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”). As to claim 6, the system of LIU and McKibben as applied to claim 1 above teaches the use of identifiers, specifically LIU teaches a method of claim 1, wherein the persistent identifier comprises at least one of: a Media Access Control (MAC) address, an International Mobile Subscriber Identity (IMSI), or an International Mobile Station Equipment Identity (IMEI) (i.e., …teaches in par. 0021 the following: “a long term identity for the STA (e.g., a media access control (MAC) address) that remains constant while the STA is associated with an access point (AP) and which is never transmitted over the wireless network “in the clear.”). As to claim 7, the system of LIU and McKibben as applied to claim 1 above teaches the use of identifiers, specifically LIU teaches a method of claim 1, wherein receiving the encrypted information comprises receiving the encrypted information via at least one of: Hypertext Transfer Protocol Secure (HTTPS), Extensible Authentication Protocol - Transport Layer Security (EAP-TLS), or a version of Wi-Fi Protected Access (WPA) (i.e., …teaches in par. 0067 the following: “Extensible Authentication Protocol over LAN Key Confirmation Key (EAPOL-KCK) and an EAPOL Key Encryption Key (EAPOL-KEK). ”). As to claim 8, the system of LIU and McKibben as applied to claim 1 above teaches the use of identifiers, specifically LIU teaches a method of claim 1, wherein causing the user device to connect to the network comprises: decrypting the encrypted information (i.e., …teaches as part of his claim 18 limitation the following: “decrypt the long short term identity for the station using a decryption key associated with the first security association.”); determining an association between the unencrypted non-persistent random identifier and the persistent identifier (i.e., …teaches in par. 0026 the following: “sending, to a user device, based on a request from the user device to connect to a network using an unencrypted non-persistent random identifier, a network address (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”); and granting, based on the association between the unencrypted non-persistent random identifier and the persistent identifier (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA” …teaches inpar. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”). LIU does not expressly teach: network access to the user device. In this instance the examiner notes the teachings of prior art reference McKibben. McKibben teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request. The network server 135 or 140 transmits an access request failure message S325 if the determination is to deny the access request. The network server 135 or 140 terminates service for the user device 105 if the determination is to deny the access request.”. Teaches in par. 0061 the following: “The network server 135 or 140 determines whether to grant the access request based on results of at least one of the integrity check and the confidentiality check.”. Teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request.”. Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the of the claimed invention was made to implement the teachings of LLIU with the teachings of McKibben by having their system comprise an enhanced access process. One would have been motivated to do so to provide a simple and effective means to secure network access, wherein the enhanced access process helps facilitate robust network security and makes it easier to control device information. As to claim 9, LIU teaches a method comprising: receiving, by a user device, based on a request to connect to a network using an unencrypted non-persistent random identifier associated with the user device, a network address (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”); sending to a network device, based on the network address, encrypted information, wherein the encrypted information comprises a persistent identifier associated with the user device (i.e., …teaches in par. 0008 the following: “an AP can establish a security association with a STA and assign a short-term identity to the STA. The short term identity can be an AID assigned to the STA by the AP when the STA first established the security association with the AP. The AP can then receive a new long term identity from the STA. The new long term identity can be a MAC address. The AP can receive the new long term identity based on the security association. For example, the STA can transmit the new long term identity in encrypted form to the AP using a set of cryptographic keys installed by the security association. Both the AP and the STA can map the STA's new long term identity to its short term identity assigned by the AP), wherein the network device is configured to decrypt the encrypted information (i.e., …teaches as part of his claim 18 limitation the following: “decrypt the long short term identity for the station using a decryption key associated with the first security association.”); and connecting, based on the unencrypted non-persistent random identifier (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA” …teaches in par. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”). LIU does not expressly teach: connecting to the network. In this instance the examiner notes the teachings of prior art reference McKibben. McKibben teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request. The network server 135 or 140 transmits an access request failure message S325 if the determination is to deny the access request. The network server 135 or 140 terminates service for the user device 105 if the determination is to deny the access request.”. Teaches in par. 0061 the following: “The network server 135 or 140 determines whether to grant the access request based on results of at least one of the integrity check and the confidentiality check.”. Teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request.”. Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the of the claimed invention was made to implement the teachings of LLIU with the teachings of McKibben by having their system comprise an enhanced access process. One would have been motivated to do so to provide a simple and effective means to secure network access, wherein the enhanced access process helps facilitate robust network security and makes it easier to control device information. As to claim 10, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 9, further comprising sending to a service associated with the user device, the persistent identifier (i.e., …teaches in par. 0021 the following: “a STA establishing a mapping between a short term identity for the STA (e.g., an AID) that is transmitted over a wireless network “in the clear” and periodically changed, and a long term identity for the STA (e.g., a media access control (MAC) address) that remains constant while the STA is associated with an access point (AP) and which is never transmitted over the wireless network “in the clear.”). As to claim 11, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 9, wherein the user device comprises at least one of: a mobile device, a smart device, or a content player (i.e., …teaches in par. 0022 the following: “Users often use their electronic devices (e.g., mobile phones, laptops, smart watches, and various other electronic devices as would be appreciated by a person of ordinary skill in the art) to connect to wireless networks provided at public places such as coffee shops, departments stores, and airports. Users connect to these wireless networks using various wireless communication standards.”). As to claim 12, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 9, wherein the unencrypted non-persistent random identifier comprises at least one of: a random Media Access Control (MAC) address, a random International Mobile Subscriber Identity (IMSI), or a random International Mobile Station Equipment Identity (IMEI) (i.e., …teaches in par. 0038 the following: “MAC address to a random value…). As to claim 13, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 9, wherein the network device comprises at least one of: an access point or a gateway device (i.e., …teaches in par. 0021 the following: “an access point (AP)”). As to claim 14, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 9, wherein the persistent identifier comprises at least one of: a Media Access Control (MAC) address, an International Mobile Subscriber Identity (IMSI), or an International Mobile Station Equipment Identity (IMEI) (i.e., …teaches in par. 0021 the following: “a long term identity for the STA (e.g., a media access control (MAC) address) that remains constant while the STA is associated with an access point (AP) and which is never transmitted over the wireless network “in the clear.”). As to claim 15, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 9, wherein the encrypted information further comprises public key information, wherein the network device is configured to decrypt the encrypted information based on the public key information (i.e., …teaches as part of his claim 18 limitation the following: “decrypt the long short term identity for the station using a decryption key associated with the first security association.”). As to claim 16, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 10, wherein sending the persistent identifier causes the user device to have access to the service (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA” …teaches inpar. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”). As to claim 17, the system of LIU and McKibben as applied to claim 9 above teaches the use of identifiers, specifically LIU teaches a method of claim 10, wherein the service comprises at least one of: a subscription service, a parental control service, an information tracking service, a private network service, or an auto-login service (i.e., …teaches in par. 0022 the following: “Users often use their electronic devices (e.g., mobile phones, laptops, smart watches, and various other electronic devices as would be appreciated by a person of ordinary skill in the art) to connect to wireless networks provided at public places such as coffee shops, departments stores, and airports. Users connect to these wireless networks using various wireless communication standards.”). As to claim 18, LIU teaches a method comprising: receiving, by a network device, a request from a user device to connect to a service associated with the user device (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”), wherein the request comprises an unencrypted non-persistent random identifier associated with the user device (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”); determining that the unencrypted non-persistent random identifier is associated with a persistent identifier associated with the user device (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA” …teaches in par. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”.); and causing, based on the persistent identifier being sent to the service (i.e., …teaches in par. 0026 the following: “Specifically, embodiments herein involve establishing a mapping between a short term identity for a STA (e.g., an AID) that is transmitted over a wireless network in the clear and periodically changed, and a long term identity for the STA (e.g., a MAC address) that remains constant while the STA is associated with an AP and which is never transmitted over the wireless network “in the clear.” Herein, “in the clear” means transmitted unencrypted over the wireless network.”). LIU does not expressly teach: the user device to have access to the service. In this instance the examiner notes the teachings of prior art reference McKibben. McKibben teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request. The network server 135 or 140 transmits an access request failure message S325 if the determination is to deny the access request. The network server 135 or 140 terminates service for the user device 105 if the determination is to deny the access request.”. Teaches in par. 0061 the following: “The network server 135 or 140 determines whether to grant the access request based on results of at least one of the integrity check and the confidentiality check.”. Teaches in par. 0052 the following: “The network server 135 or 140 transmits an access request success message if the determination is to grant the access request.”. Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the of the claimed invention was made to implement the teachings of LLIU with the teachings of McKibben by having their system comprise an enhanced access process. One would have been motivated to do so to provide a simple and effective means to secure network access, wherein the enhanced access process helps facilitate robust network security and makes it easier to control device information. As to claim 19, the system of LIU and McKibben as applied to claim 18 above teaches the use of identifiers, specifically LIU teaches a method of claim 18, wherein the user device comprises at least one of: a mobile device, a smart device, or a content player (i.e., …teaches in par. 0022 the following: “Users often use their electronic devices (e.g., mobile phones, laptops, smart watches, and various other electronic devices as would be appreciated by a person of ordinary skill in the art) to connect to wireless networks provided at public places such as coffee shops, departments stores, and airports. Users connect to these wireless networks using various wireless communication standards.”). As to claim 20, the system of LIU and McKibben as applied to claim 18 above teaches the use of identifiers, specifically LIU teaches a method of claim 18, wherein the unencrypted non-persistent random identifier comprises at least one of: a random Media Access Control (MAC) address, a random International Mobile Subscriber Identity (IMSI), or a random International Mobile Station Equipment Identity (IMEI) (i.e., …teaches in par. 0038 the following: “MAC address to a random value…. As to claim 21, the system of LIU and McKibben as applied to claim 18 above teaches the use of identifiers, specifically LIU teaches a method of claim 18, wherein the persistent identifier comprises at least one of: a Media Access Control (MAC) address, an International Mobile Subscriber Identity (IMSI), or an International Mobile Station Equipment Identity (IMEI) (i.e., …teaches in par. 0021 the following: “a long term identity for the STA (e.g., a media access control (MAC) address) that remains constant while the STA is associated with an access point (AP) and which is never transmitted over the wireless network “in the clear.”). As to claim 22, the system of LIU and McKibben as applied to claim 18 above teaches the use of identifiers, specifically LIU teaches a method of claim 18, wherein determining that the unencrypted non-persistent random identifier is associated with the persistent identifier comprises determining: sending, to a database, a query comprising the unencrypted non-persistent random identifier (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA” …teaches in par. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”.); and determining, based on the query, that the unencrypted non-persistent random identifier is associated with the persistent identifier (i.e., …teaches in par. 0008 the following: “Both the AP and the STA can map the new long term identity for the STA to the new short term identity assigned to the STA, and the AP can include the STA's new short term identity in the transmitted frames to the STA” …teaches in par. 0050 the following: “The AP can assign the first short term identity to the STA based on a random value. The STA's first short term identity can identify the STA in the wireless network of the AP. The STA then maps its first short term identity to its first long term identity, and stores the mapping in a memory, such as memory 240.”). As to claim 23, the system of LIU and McKibben as applied to claim 18 above teaches the use of identifiers, specifically LIU teaches a method of claim 18, wherein the service comprises at least one of: a subscription service, a parental control service, an information tracking service, a private network service, or an auto-login service (i.e., …teaches in par. 0022 the following: “Users often use their electronic devices (e.g., mobile phones, laptops, smart watches, and various other electronic devices as would be appreciated by a person of ordinary skill in the art) to connect to wireless networks provided at public places such as coffee shops, departments stores, and airports. Users connect to these wireless networks using various wireless communication standards.”). Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Contact Information Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRYAN F WRIGHT whose telephone number is (571)270-3826. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /BRYAN F WRIGHT/Examiner, Art Unit 2497
Read full office action

Prosecution Timeline

Sep 02, 2021
Application Filed
Sep 20, 2023
Non-Final Rejection — §103
Dec 07, 2023
Interview Requested
Dec 21, 2023
Applicant Interview (Telephonic)
Dec 26, 2023
Response Filed
Dec 30, 2023
Examiner Interview Summary
Apr 04, 2024
Final Rejection — §103
Jul 24, 2024
Request for Continued Examination
Jul 28, 2024
Response after Non-Final Action
Sep 21, 2024
Non-Final Rejection — §103
Dec 16, 2024
Interview Requested
Dec 19, 2024
Applicant Interview (Telephonic)
Dec 19, 2024
Response Filed
Feb 18, 2025
Examiner Interview Summary
Apr 01, 2025
Final Rejection — §103
Jul 07, 2025
Request for Continued Examination
Jul 09, 2025
Response after Non-Final Action
Jul 25, 2025
Non-Final Rejection — §103
Oct 08, 2025
Interview Requested
Oct 16, 2025
Applicant Interview (Telephonic)
Oct 17, 2025
Response Filed
Nov 26, 2025
Examiner Interview Summary
Jan 22, 2026
Final Rejection — §103
Mar 27, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology. Study what changed to get past this examiner.

Patent 12598234
DRONE ELECTRONIC MESH FOR ONLINE NETWORK SERVICES (DEMONS) IMPLEMENTING CRYPTOGRAPHIC OPERATIONS
2y 5m to grant Granted Apr 07, 2026
Patent 12591675
METHODS AND SYSTEMS FOR SECURING COMPUTER SYSTEMS OR NETWORKS AGAINST SUSPECT BINARY FILES
2y 5m to grant Granted Mar 31, 2026
Patent 12587506
INTELLIGENT ROUTING AND REDIRECTION TECHNIQUES FOR OPTIMAL SECURE ACCESS TO RESOURCES
2y 5m to grant Granted Mar 24, 2026
Patent 12579271
CROSS-ARCHITECTURE AUTOMATIC DETECTION METHOD AND SYSTEM FOR THIRD-PARTY COMPONENTS AND SECURITY RISKS RELATED TO FIRMWARE IN INTERNET OF THINGS DEVICES THEREOF
2y 5m to grant Granted Mar 17, 2026
Patent 12580747
COMMUNICATION SYSTEM, INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND COMPUTER PROGRAM PRODUCT
2y 5m to grant Granted Mar 17, 2026

AI Strategy Recommendation

Click below to generate an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

7-8
Expected OA Rounds
78%
Grant Probability
98%
With Interview (+20.4%)
3y 4m
Median Time to Grant
High
PTA Risk
Based on 805 resolved cases by this examiner