Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsQualcomm Incorporated › 17657566
Last updated: May 29, 2026
Application No. 17/657,566

ASSOCIATING DEVICES WITH ACCESS POINTS USING CREDENTIALS

Non-Final OA §103
Filed
Mar 31, 2022
Priority
Apr 29, 2021 — provisional 63/201,448
Examiner
MADANI, FARIDEH
Art Unit
2643
Tech Center
2600 — Communications
Assignee
Qualcomm Incorporated
OA Round
3 (Non-Final)
78%
Grant Probability
Favorable
3-4
OA Rounds
0m
Est. Remaining
97%
With Interview

Interview Optional

+19.7% interview lift. Interview already conducted in this application's prosecution history. This examiner has a 78% grant rate with +19.7% interview lift. Since an interview has already been tried, recommend written response with narrowed claims based on precedent claim evolution patterns.
Based on 389 resolved cases, 2023–2026

Examiner Intelligence

MADANI, FARIDEH View full profile →
Grants 78% — above average
78%
Career Allowance Rate
302 granted / 389 resolved
+15.6% vs TC avg
Strong +20% interview lift
Without
With
+19.7%
Interview Lift
resolved cases with interview
Typical timeline
2y 6m
Avg Prosecution
15 currently pending
Career history
415
Total Applications
across all art units

Statute-Specific Performance

§101
0.8%
-39.2% vs TC avg
§103
91.9%
+51.9% vs TC avg
§102
4.1%
-35.9% vs TC avg
§112
1.3%
-38.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 389 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 2. A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/20/2026 has been entered. Response to Arguments 3. Applicant’s arguments with respect to claims have been considered but are moot, please refer to rejection below for details. Claim Rejections - 35 USC § 103 4. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. A) Claims 1, 17, 19, 27, and 29 are rejected under 35 U.S.C. 103 as being unpatentable over Cohen (US 2018/0234848 A1) in view of PARK (US 2014/0056209 A1). As per claim 1, Cohen teaches an apparatus of a device for wireless communication (Fig.6, electronic device 600 for wireless communication), comprising: one or more memories (Fig.6, memory subsystem 612); and one or more processors (Fig.6, processing subsystem 610 can include one or more microprocessors, ASICs, microcontrollers, programmable-logic devices, and/or one or more digital signal processors (DSPs)), coupled to the memory one or more memories, the one or more processors individually or collectively configured to: transmit, via a broadcast, a first frame that indicates one or more of a device credential or a first payload (¶0029 and ¶0045, transmitting and broadcasting advertising frames (first, second, or more) indicating additional information as payloads or electronic device passcode (i.e. credential)); associate with an access point based at least in part on the access point credential (¶0045 and ¶0047-48, associate with the access point based on the passcode); and perform a communication after the device has been associated with the access point (¶0045 and ¶0047-48, performing the communication after the electronic device has been associated with the access point). However, Cohen does not explicitly teach receive, via an access point a second frame that indicates a second payload comprising content from a cloud computing system, wherein the content includes an access point credential for the access point. In the same field of endeavor, PARK teaches receive, via an access point a second frame that indicates a second payload comprising content from a cloud computing system, wherein the content includes an access point credential for the access point (¶0087 and ¶0069, receiving by the client device, a second relay frame from the access point comprising a second payload from the access point and comprising a source address associated with the access point (i.e. an access point credential) and payload comprising data from a remote server (i.e. cloud computing system)); also see ¶0019 for identification/credential of the AP). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of PARK into invention of Cohen in order to relay medium access control (MAC) frames through a Wireless Fidelity (Wi-Fi) Direct network such as a network of Peer-to-Peer (P2P) connections to extend the wireless range of the devices or access points beyond the transmission range of the individual devices or access points to improve communication performance. As per claim 17, Cohen teaches an apparatus of an access point for wireless communication (Fig.6, device 600 implement as access point 110 for wireless communication), comprising: one or more memories (Fig.6, memory subsystem 612); and one or more processors (Fig.6, processing subsystem 610 can include one or more microprocessors, ASICs, microcontrollers, programmable-logic devices, and/or one or more digital signal processors (DSPs)), coupled to the memory one or more memories, the one or more processors individually or collectively configured to: receive, from a device via a broadcast, a first frame that indicates a device credential and a first payload (¶0029 and ¶0045, receiving by broadcasting advertising frames (first, second, or more) indicating additional information as payloads or electronic device passcode (i.e. credential)); relay, to a cloud computing system, the first payload with an access point credential for the access point (Fig.4, ¶0028-29 and ¶0045, forward or relay to the computer (such as a computer, a server or an access control system) payloads with the access point passcode); and associate with the device based at least in part on the access point credential to enable communications between the device and the cloud computing system via the access point (Fig.4 and ¶0045 and ¶0047-48, associate with the device based on the passcode and to enable for performing the communication between the device and the computer system via the access point). However, Cohen does not explicitly teach receive, from the cloud computing system, a second payload for the device and comprising the access point credential based at least in part on a validation of the first payload and the access point credential. In the same field of endeavor, PARK teaches receive, from the cloud computing system, a second payload for the device and comprising the access point credential based at least in part on a validation of the first payload and the access point credential (¶0085-87 and ¶0069, receiving from the remote server a second payload comprising a source address associated with the access point (i.e. access point credential) based on payload of the first relay frame and source address associated with the access point). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of PARK into invention of Cohen in order to relay medium access control (MAC) frames through a Wireless Fidelity (Wi-Fi) Direct network such as a network of Peer-to-Peer (P2P) connections to extend the wireless range of the devices or access points beyond the transmission range of the individual devices or access points to improve communication performance. As per claim 19 as applied to claim 17 above, Cohen further teaches transmit, to the device, a second frame that indicates the second payload; or verify the device credential, as indicated in the first frame, based at least in part on a cloud computing system credential that is previously installed on the access point, wherein relaying the second payload with the access point credential is based at least in part on verifying the device credential (¶0029-30, receiving or transmitting by exchanging subsequent data/management frames (i.e. second frame) that indicates additional information as payloads (i.e. second payload)). As per claim 27, Cohen teaches an apparatus of a cloud computing system for wireless communication (Fig.6, device 600 implement as computer 114 for wireless communication), comprising: one or more memories (Fig.6, memory subsystem 612); and one or more processors (Fig.6, processing subsystem 610 can include one or more microprocessors, ASICs, microcontrollers, programmable-logic devices, and/or one or more digital signal processors (DSPs)), coupled to the memory one or more memories, the one or more processors individually or collectively configured to: receive, from an access point, an indication of a first payload associated with a device and an access point credential for the access point (¶0029 and ¶0045, receiving from access point advertising frames (first, second, or more) indicating additional information as payloads or electronic device passcode (i.e. credential)); validate the first payload and the access point credential, as indicated in the indication (¶0029-30 and ¶0040, receiving or transmitting to/from computer 114 by exchanging subsequent data/management frames (i.e. second frame) that indicates additional information as payloads (i.e. second payload) based on successful association (i.e. validation); and communicate with the device via the access point based at least in part on an association between the device and the access point, wherein the association is based at least in part on the access point credential (Fig.4 and ¶0045 and ¶0047-48, associate with the device based on the passcode and to enable for performing the communication between the device and the computer system via the access point). However, Cohen does not explicitly teach transmit, to the access point, a second payload for the device and comprising the access point credential based at least in part on the validation of the first payload and the access point credential. In the same field of endeavor, PARK teaches transmit, to the access point, a second payload for the device and comprising the access point credential based at least in part on the validation of the first payload and the access point credential. (¶0085-87 and ¶0069, receiving by the access point a second payload comprising a source address associated with the access point (i.e. access point credential) based on payload of the first relay frame and source address associated with the access point). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of PARK into invention of Cohen in order to relay medium access control (MAC) frames through a Wireless Fidelity (Wi-Fi) Direct network such as a network of Peer-to-Peer (P2P) connections to extend the wireless range of the devices or access points beyond the transmission range of the individual devices or access points to improve communication performance. As per claim 29 as applied to claim 27 above, Cohen further teaches validate the first payload based at least in part on a device credential (¶0029-30 and ¶0040, receiving or transmitting to/from computer 114 by exchanging subsequent data/management frames that indicates additional information as payloads based on successful association (i.e. validation) and device certificate/credential). B) Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Cohen (US 2018/0234848 A1) in view of PARK (US 2014/0056209 A1) and further in view of Krzych (US 2020/0064487 A1). As per claim 2 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach retrieve, from the second frame, the access point credential based at least in part on a cloud computing system credential, and wherein the content in the second frame is protected end-to-end using asymmetric keys. In the same field of endeavor, Krzych teaches retrieve, from the second frame, the access point credential based at least in part on a cloud computing system credential (¶0085, ¶0090-91, retrieving credentials based on communication credentials (e.g., an authentication token, an authentication identifier, etc. (i.e. cloud system credential)), and wherein the content in the second frame is protected end-to-end using asymmetric keys (¶0085, ¶0090-91, data or content in the packet/frame from cloud system and encrypted using asymmetric key). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Krzych into invention of Cohen and PARK in order to encrypt a payload such as sensor data, identifier, event model, and/or any other suitable data using a symmetric key protocol, an asymmetric key protocol, or any other suitable encryption scheme for managing an asset in the field of wireless communication. C) Claims 3-11, 13-16, 18, 20, 23-26, 28, and 30 are rejected under 35 U.S.C. 103 as being unpatentable over Cohen (US 2018/0234848 A1) in view of PARK (US 2014/0056209 A1) and further in view of Patil (US 2020/0389869 A1). As per claim 3 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach wherein the device credential is signed by the cloud computing system; the first payload includes one or more of a device identifier, security credentials associated with the device, or service-specific information; and the first frame indicates one or more of: a frame signature that is associated with the first frame and is derived based at least in part on the device credential, or a uniform resource identifier associated with a destination, wherein the destination is associated with the cloud computing system. In the same field of endeavor, Patil teaches wherein the device credential is signed by a cloud computing system (¶0106, device certificate/credential is signed by the cloud service); the first payload includes one or more of a device identifier, security credentials associated with the device, or service-specific information (¶0189 and ¶0010, payload field includes wireless device identifier); and the first frame indicates one or more of: a frame signature that is associated with the first frame and is derived based at least in part on the device credential, or a uniform resource identifier associated with a destination, wherein the destination is associated with the cloud computing system (¶0231, the eBCS UL Frame Action Field include the Destination uniform resource identifier (URI) and the Destination URI element may carry the network address of the remote server). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 4 as applied to claim 3 above, Cohen in view of PARK does not explicitly teach wherein: the device credential is a device certificate that is provisioned when the device is manufactured or when a certain application is installed on the device; the first payload is protected end-to-end using an asymmetric key between the device and the cloud computing system; the security credentials associated with the device in the first payload is the device credential; and the service-specific information indicates one or more of: an amount of data to upload to a server, or a desired destination associated with a user; and additional information indicating a duration of a session or an amount of data permitted during the session is indicated from the cloud computing system to the access point based at least in part on the service-specific information. In the same field of endeavor, Patil teaches wherein: the device credential is a device certificate that is provisioned when the device is manufactured or when a certain application is installed on the device (¶0092 and ¶0106, device certificate/credential provisioned when the device is manufactured or installation/configuration of a client device); the first payload is protected end-to-end using an asymmetric key between the device and the cloud computing system (¶0192 and ¶0106, payload data is encrypted (i.e. end-to-end protected) using private/public key (i.e. asymmetric key) between device and cloud service); the security credentials associated with the device in the first payload is the device credential (¶0106 and ¶0133, security information associated with the device is the device certificate/credential); and the service-specific information indicates one or more of: an amount of data to upload to a server, or a desired destination associated with a user (¶0203, service message indicate or include information such as desired remote destination associated with the user device); and additional information indicating a duration of a session or an amount of data permitted during the session is indicated from the cloud computing system to the access point based at least in part on the service-specific information (¶0082 and ¶0118, information such as amount of bandwidth and data that permitted during session based on the service information). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 5 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach transmit the first frame based at least in part on a condition being satisfied, wherein the condition is satisfied based at least in part on an application being launched on the device, and wherein the condition is satisfied based at least in part on the device performing a task. In the same field of endeavor, Patil teaches transmit the first frame based at least in part on a condition being satisfied, wherein the condition is satisfied based at least in part on an application being launched on the device, and wherein the condition is satisfied based at least in part on the device performing a task (¶0106 and ¶0108, after installation/configuration of the application on the wireless device and when application being executed (therefore launched) on the wireless device and perform various operations or functions or task). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 6 as applied to claim 1 above, Cohen does not explicitly teach transmit the first frame in a periodic manner. In the same field of endeavor, Patil teaches transmit the first frame in a periodic manner (¶0164-165, sending/transmitting periodic ‘hello’ fames). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 7 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach receive the second frame via a unicast transmission; or receive the second frame via a broadcast transmission, wherein the second frame indicates a device identifier associated with the device and the access point credential. In the same field of endeavor, Patil teaches receive the second frame via a unicast transmission; or receive the second frame via a broadcast transmission, wherein the second frame indicates a device identifier associated with the device and the access point credential (¶0157, receiving frames via unicast or broadcast (or both) transmission). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 8 as applied to claim 7 above, Patil further teaches wherein; the second frame is a beacon frame broadcasted from the access point (¶0091 and ¶0160, beacon frame broadcasted from the Aps or other STAs); and the device identifier is a media access control address associated with the device, or a hash of the media access control address associated with the device (¶0091 and ¶0153, device identifier is MAC address associated with the device). As per claim 9 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach verify the second payload and the access point credential based at least in part on a cloud computing system credential. In the same field of endeavor, Patil teaches verify the second payload and the access point credential based at least in part on a cloud computing system credential (¶0106 and ¶0190, verify the certificate/credential of the access point based on the certificate of cloud service). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 10 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach transmit, to the access point, an association request that indicates the device credential; receive, from the access point, an association response that indicates the access point credential; and verify the access point credential, as indicated in the association response, with the access point credential, as indicated in the second frame. In the same field of endeavor, Patil teaches transmit, to the access point, an association request that indicates the device credential (¶0106 and ¶0109, transmitting to the AP a service request that indicating device identification and certificate/credential); receive, from the access point, an association response that indicates the access point credential (¶0106 and ¶0127, receiving service response that indicates the access point certificate/credential); and verify the access point credential, as indicated in the association response, with the access point credential, as indicated in the second frame (¶0106 and ¶0110-111, verify the AP certificate based on the service response as indicated in the frame). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 11 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach associate with the access point based at least in part on a public key-based authentication. In the same field of endeavor, Patil teaches associate with the access point based at least in part on a public key-based authentication (¶0106, associating the AP based on the public key verification/authentication). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 13 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach, receive, from the access point, a list of addresses associated with the cloud computing system that are accessible to the device, wherein addresses not indicated in the list of addresses are not accessible to the device. In the same field of endeavor, Patil teaches receive, from the access point, a list of addresses associated with the cloud computing system that are accessible to the device, wherein addresses not indicated in the list of addresses are not accessible to the device (¶0132, receiving from the AP a list of service providers associated with cloud service which is accessible to the device, therefore list doesn’t include not allowed or accessible networks). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 14 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach, receive, from the access point, an instruction that limits a payload size of communications with the cloud computing system or a quantity of requests that are permitted to be relayed on behalf of the device from the access point to the cloud computing system over a time period, wherein the payload size and the quantity of requests are based at least in part on a local policy at the access point or based at least in part on a relationship between the access point and the cloud computing system. In the same field of endeavor, Patil teaches receive, from the access point, an instruction that limits a payload size of communications with a cloud computing system or a quantity of requests that are permitted to be relayed on behalf of the device from the access point to the cloud computing system over a time period, wherein the payload size and the quantity of requests are based at least in part on a local policy at the access point or based at least in part on a relationship between the access point and the cloud computing system (¶0094 and ¶0171, receiving instruction that limits payload amount of communication with cloud serve based on the policies which is local to the access point). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 15 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach receive, from the access point, an instruction that limits a duration of an association between the device and the access point. In the same field of endeavor, Patil teaches receive, from the access point, an instruction that limits a duration of an association between the device and the access point (¶0094-95, receiving instruction that limit the amount or frequency or duration of association between wireless device and AP). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 16 as applied to claim 1 above, Cohen in view of does not explicitly teach receive, from the access point, an instruction that limits an amount or frequency of relaying of payloads for the device while in a pre-associated state, wherein the device is in the pre-associated state prior to associating with the access point. In the same field of endeavor, Patil teaches receive, from the access point, an instruction that limits an amount or frequency of relaying of payloads for the device while in a pre-associated state, wherein the device is in the pre-associated state prior to associating with the access point (¶0105 and ¶0164, receiving from the AP instruction to limit amount of use while in the pre-associated state and it is prior to associating with the AP). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 18 as applied to claim 17 above, Cohen in view of does not explicitly teach, one or more of: evaluating criteria, maintaining or managing a relationship with the cloud computing system, appending additional information to the first payload or the second payload, or limiting a size of the first payload relayed on behalf of the device is performed at a proxy entity associated with the access point, wherein the proxy entity is collocated within the access point or the proxy entity in a local area network associated with the access point; a link between the access point and the cloud computing system is secured using transport layer security or Internet Protocol security, wherein the link is secured using the access point or using the proxy entity associated with the access point; or content exchanged between the access point and the cloud computing system is protected using an asymmetric key between the access point and the cloud computing system. In the same field of endeavor, Patil teaches one or more of: evaluating criteria, maintaining or managing a relationship with the cloud computing system, appending additional information to the first payload or the second payload, or limiting a size of the first payload relayed on behalf of the device is performed at a proxy entity associated with the access point (¶0106, the connectivity unit may obtain the public key of the cloud service via an intermediate proxy server that maintains or manages relationships with various remote destination networks), wherein the proxy entity is collocated within the access point or the proxy entity in a local area network associated with the access point (¶0113 and ¶0132, access point vicinity and location with the enhanced broadcast service (eBCS) proxy); a link between the access point and the cloud computing system is secured using transport layer security or Internet Protocol security, wherein the link is secured using the access point or using the proxy entity associated with the access point (¶0088 and ¶0133, link between access point and cloud service is secured using IP security layer); or content exchanged between the access point and the cloud computing system is protected using an asymmetric key between the access point and the cloud computing system (¶0192 and ¶0106, payload data is encrypted (i.e. end-to-end protected) using private/public key (i.e. asymmetric key) between device and cloud service). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 20 as applied to claim 17 above, Cohen in view of PARK does not explicitly teach verify that the device is authorized to transmit the first payload to the cloud computing system based at least in part on the device credential, wherein the device credential is signed by the cloud computing system, and wherein the device is verified based at least in part on a cloud computing system credential; discard the first frame when a device certificate subfield is present in the first frame and one or more of: the cloud computing system credential or a credentials of a central authority that signed the device credential is not installed, a verification of the device credential using an installed credential of a destination associated with the cloud computing system or the credentials of the central authority fails, or a frame signature type subfield is not associated with a higher layer authentication and a verification of a frame signature associated with the first frame using the device credential fails; or discard the first frame when a replay protection subfield is present in the first frame and one or more of: a time subfield is set to a nonzero value and a difference between the nonzero value and a time the first frame is received satisfies a time threshold value, a frame count subfield is nonzero and is less than or equal to a value in a previously received first frame, or the frame count subfield is zero and the value in the previously received first frame satisfies a frame count threshold value. In the same field of endeavor, Patil teaches verify that the device is authorized to transmit the first payload to the cloud computing system based at least in part on the device credential, wherein the device credential is signed by the cloud computing system (¶0106, device is authorized to transmit the payload data to the cloud service and device certificate/credential is signed by the cloud service), and wherein the device is verified based at least in part on a cloud computing system credential (¶0106, device is validated or verified based on the cloud service certificate); discard the first frame when a device certificate subfield is present in the first frame and one or more of: the cloud computing system credential or a credentials of a central authority that signed the device credential is not installed, a verification of the device credential using an installed credential of a destination associated with the cloud computing system or the credentials of the central authority fails, or a frame signature type subfield is not associated with a higher layer authentication and a verification of a frame signature associated with the first frame using the device credential fails; or discard the first frame when a replay protection subfield is present in the first frame and one or more of: a time subfield is set to a nonzero value and a difference between the nonzero value and a time the first frame is received satisfies a time threshold value, a frame count subfield is nonzero and is less than or equal to a value in a previously received first frame, or the frame count subfield is zero and the value in the previously received first frame satisfies a frame count threshold value (¶0094 and ¶0163, reject or discard the wireless association when credential fails or service denial). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 23 as applied to claim 17 above, Cohen in view of PARK does not explicitly teach receive, from the device, an association request that indicates the device credential; and transmit, to the device, an association response that indicates the access point credential. In the same field of endeavor, Patil teaches receive, from the device, an association request that indicates the device credential (¶0106 and ¶0109, receiving from the device a service request that indicating device identification and certificate/credential); and transmit, to the device, an association response that indicates the access point credential (¶0106 and ¶0127, device is receiving service response that indicates the access point certificate/credential). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 24 as applied to claim 17 above, Cohen in view of PARK does not explicitly teach, transmit, to the device, a list of addresses associated with the cloud computing system that are accessible to the device, wherein addresses not indicated in the list of addresses are not accessible to the device; or transmit, to the device, an instruction that limits a payload size of communications between the device and the cloud computing system or a quantity of requests that are permitted to be relayed on behalf of the device from the access point to the cloud computing system over a time period, wherein the payload size and the quantity of requests are based at least in part on a local policy at the access point or based at least in part on a relationship between the access point and the cloud computing system. In the same field of endeavor, Patil teaches transmit, to the device, a list of addresses associated with the cloud computing system that are accessible to the device, wherein addresses not indicated in the list of addresses are not accessible to the device; or transmit, to the device, an instruction that limits a payload size of communications between the device and the cloud computing system or a quantity of requests that are permitted to be relayed on behalf of the device from the access point to the cloud computing system over a time period, wherein the payload size and the quantity of requests are based at least in part on a local policy at the access point or based at least in part on a relationship between the access point and the cloud computing system (¶0132, receiving from the AP a list of service providers associated with cloud service which is accessible to the device, therefore list doesn’t include not allowed or accessible networks). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 25 as applied to claim 17 above, Cohen in view of PARK does not explicitly teach transmit, to the device, a first instruction that limits a duration of an association between the device and the access point, wherein the access point is configured to disassociate with the device after a certain period of time based at least in part on a second instruction from the cloud computing system; or transmit, to the device, an instruction that limits an amount or frequency of relaying of payloads for the device while in a pre-associated state, wherein the device is in the pre-associated state prior to associating with the access point. In the same field of endeavor, Patil teaches transmit, to the device, a first instruction that limits a duration of an association between the device and the access point, wherein the access point is configured to disassociate with the device after a certain period of time based at least in part on a second instruction from the cloud computing system; or transmit, to the device, an instruction that limits an amount or frequency of relaying of payloads for the device while in a pre-associated state, wherein the device is in the pre-associated state prior to associating with the access point (¶0105 and ¶0164, receiving from the AP instruction to limit amount of use while in the pre-associated state and it is prior to associating with the AP). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 26 as applied to claim 17 above, Cohen in view of PARK does not explicitly teach, wherein the access point is co-located with an enhanced broadcast service proxy. In the same field of endeavor, Patil teaches wherein the access point is co-located with an enhanced broadcast service proxy (¶0113 and ¶0132, access point vicinity and location with the enhanced broadcast service (eBCS) proxy). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 28 as applied to claim 27 above, Cohen in view of PARK does not explicitly teach, signaling between the cloud computing system and the access point is between the cloud computing system and a proxy entity associated with the access point, wherein the proxy entity is collocated within the access point or the proxy entity in a local area network associated with the access point; a link between the access point and the cloud computing system is secured using transport layer security or Internet Protocol security; content exchanged between the access point and the cloud computing system is protected using an asymmetric key between the access point and the cloud computing system; or the second payload and the access point credential that are transmitted to the access point are intended for the device. In the same field of endeavor, Patil teaches signaling between the cloud computing system and the access point is between the cloud computing system and a proxy entity associated with the access point, wherein the proxy entity is collocated within the access point or the proxy entity in a local area network associated with the access point (¶0113 and ¶0132, access point vicinity and location with the enhanced broadcast service (eBCS) proxy); a link between the access point and the cloud computing system is secured using transport layer security or Internet Protocol security (¶0088 and ¶0133, link between access point and cloud service is secured using IP security layer); content exchanged between the access point and the cloud computing system is protected using an asymmetric key between the access point and the cloud computing system; or the second payload and the access point credential that are transmitted to the access point are intended for the device (¶0192 and ¶0106, payload data is encrypted (i.e. end-to-end protected) using private/public key (i.e. asymmetric key) between device and cloud service). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. As per claim 30 as applied to claim 27 above, Cohen in view of PARK does not explicitly teach, verify that the indication received from the access point is from a trusted access point based at least in part on the access point credential. In the same field of endeavor, Patil teaches verify that the indication received from the access point is from a trusted access point based at least in part on the access point credential (¶0106, validate or verify that the access point is a trusted AP based on the certificate/credentials). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Patil into invention of Cohen and PARK in order for providing uplink broadcast service connectivity via a wireless local area network (WLAN) to prevent flooding and unauthorized uplink communications being used for a denial of service attack on the remote destination. D) Claims 12 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Cohen (US 2018/0234848 A1) in view of PARK (US 2014/0056209 A1) and further in view of Kaal (US 2012/0266217 A1). As per claim 12 as applied to claim 1 above, Cohen in view of PARK does not explicitly teach wherein the access point credential is a temporary key that is appended to the second payload to enable the device to become associated associate with the access point. In the same field of endeavor, Kaal teaches wherein the access point credential is a temporary key that is appended to the second payload to enable the device to become associated associate with the access point (¶0005 and ¶0042, access point credential is a temporary key to enable device to associated with the access point). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Kaal into invention of Cohen and PARK in order for permitting access to a network by sharing access credentials over the communication system between first and second communication clients executed at respective first and second user terminals of respective first and second users of the communication system. As per claim 22 as applied to claim 17 above, Cohen in view of PARK does not explicitly teach wherein: the access point credential is a temporary key that is appended to the first payload to enable the device to become associated with the access point; or an indication of a location associated with the device is appended to the first payload based at least in part on an agreement between the access point and the cloud computing system. In the same field of endeavor, Kaal teaches wherein: the access point credential is a temporary key that is appended to the first payload to enable the device to become associated with the access point; or an indication of a location associated with the device is appended to the first payload based at least in part on an agreement between the access point and the cloud computing system (¶0005 and ¶0042, access point credential is a temporary key to enable device to associated with the access point). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of Kaal into invention of Cohen and PARK in order for permitting access to a network by sharing access credentials over the communication system between first and second communication clients executed at respective first and second user terminals of respective first and second users of the communication system. Allowable Subject Matter 5. Claim 21 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Conclusion 6. Any inquiry concerning this communication or earlier communications from the examiner should be directed to FARIDEH MADANI whose telephone number is (571)272-1249. The examiner can normally be reached Monday through Friday; 9 AM to 5 PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JINSONG HU can be reached at 5712723965. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /FARIDEH MADANI/Examiner, Art Unit 2643 /JINSONG HU/ Supervisory Patent Examiner, Art Unit 2643
Read full office action

Prosecution Timeline

Show 3 earlier events
Jul 17, 2025
Applicant Interview (Telephonic)
Jul 17, 2025
Examiner Interview Summary
Aug 01, 2025
Response Filed
Nov 06, 2025
Final Rejection mailed — §103
Jan 06, 2026
Response after Non-Final Action
Jan 20, 2026
Request for Continued Examination
Jan 27, 2026
Response after Non-Final Action
Apr 01, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/248,905
Patent 12634889
PAGING ENHANCEMENTS FOR UE POWER SAVINGS
3y 1m to grant Granted May 19, 2026
18/402,161
Patent 12615608
WIRELESS USER EQUIPMENT (UE) REGISTRATION WITH NETWORKING DATA RESPONSIVE TO EXTERNAL CONTROL
2y 3m to grant Granted Apr 28, 2026
17/925,847
Patent 12593260
METHOD AND APPARATUS FOR A MASTER CELL GROUP
3y 4m to grant Granted Mar 31, 2026
17/603,892
Patent 12581268
LOCATION DATA HARVESTING AND PRUNING FOR WIRELESS ACCESSORY DEVICES
4y 5m to grant Granted Mar 17, 2026
17/657,936
Patent 12568434
DCI DECODING FOR MICRO SLEEP ACTIVATION
3y 11m to grant Granted Mar 03, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
78%
Grant Probability
97%
With Interview (+19.7%)
2y 6m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 389 resolved cases by this examiner. Grant probability derived from career allowance rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month