Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Detailed Action
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 01/14/2026 has been entered.
Claims 1, 7, and 23-25 are amended
Claims 1-27 are pending
Priority
The present application is a National Phase entry of PCT Application No. PCT/EP2021/066104, filed Jun. 15, 2021, which claims priority from GB Patent Application No. 2009726.7, filed Jun. 25, 2020. All priority documents have been received. Therefore, the effective filing date is 06/25/2020.
Response to Arguments
Applicant’s arguments filed on 12/19/2025 have been fully considered
With respect to the USC 103 rejection for independent claim 1 applicant has argued that CALLAN fails to teach “service provider” or “configuring a functionality of the user device accessible to the service provider, based at least in part on the response from the node of the DLN”. Examiner is not relying on CALLAN to teach these limitations. As can be seen in the rejection below and in the non-final mailed on 07/10/2025 LAM is being used to teach these limitations.
Applicant has further argued that the Office’s rationale for modifying CALLAN by LAM is not sufficient. Examiner respectfully disagrees. Both references CALLAN and LAM relate to providing data produced by a data generator in the case of LAM an IOT device. The data is provided to a data consumer of CALLAN and a peer consumer of LAM. LAM further teaches that the peer consumer is able to provide a service which is not taught by CALLAN. CALLAN further recites ([CALLAN, para. 0006] “However, centralized systems have a number of problems. The central authority may have access to or the ability to gain access to and read the data in the system.”). LAM also addresses this security concern ([LAM, para. 0007] “Embodiments facilitate data exchange with respect to large amounts of data using a blockchain system, enabling the data exchange in an efficient manner while preserving data accuracy and security.”). Both references relate to providing data while maintaining security and protection of the data and data producer (IOT device). LAM is used to modify the CALLAN reference to better teach of the limitation “characteristics associated with a service provider … configuring a functionality of the user device accessible to the service provider”. Therefore, the combination of CALLAN and LAM is proper and the rejection still stands.
With respect to the amendments for claims 1, 23-25. Applicant’s representative has argued that CALLAN-LAM-BARDAY fails to teach the limitation of “characteristic associated with a service provider, wherein the characteristic includes compliance of the service provider with a legal requirement”. Examiner is now relying on a third reference BARDAY to better teach this limitation.
Additional arguments are moot in view of new grounds of rejection necessitated by the
claim amendments.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 5, 12, 23, 26, and 27 are rejected under 35 U.S.C. 103 as being unpatentable over CALLAN (US-20190334700-A1) in view of LAM (US-20210211286-A1), and further in view of BARDAY (US-20180341782-A1), hereinafter CALLAN-LAM-BARDAY.
Regarding claim 1, CALLAN teaches “A method of configuring a user device, the method comprising: sending, from the user device to a node of a distributed ledger network (DLN), the node configured to store a distributed ledger of the DLN, a request for characteristic data indicative of a characteristic associated with a service … ([CALLAN, para. 0008] “a device or entity producing the data is referred to as a “data generator””) ([CALLAN, para. 0062] “Devices connected to the peer-to-peer network 108 may include data generators, for example a network connected device 102, that may generate data. Such a network connected device 102 may embody a data generator.”) ([CALLAN, para. 0129] “The data owner 106 may submit a permission record 728 to the blockchain 700, comprising a message granting permission or consent to the data receiver 107 to view or access data produced by the data generator 102.”) ([CALLAN, para. 0131] “The data generator 102 may extract the permission record 728 and extract the assignment record 722 from the blockchain 700. The data generator 102 may then analyze the contents of the assignment record 722 and the permission record 728, to validate a plurality of digital signatures within the permission record and assignment record”) receiving, at the user device, a response from the node of the DLN in response to the request; and ([CALLAN, para. 0131] “The data generator 102 may extract the permission record 728 and extract the assignment record 722 from the blockchain 700. … In FIG. 7 an action of extracting the assignment record 722 is indicated by 724, and an action of extracting the permission record 728 is indicated by 730”) ([CALLAN, para. 0129] “The permission record 728 may be included in a block 710 by participants on the blockchain. In FIG. 7 an action of transmitting the permission record 728 is indicated by 726.”) ([CALLAN, para. 0009] “Blockchain validators, comprising, in a preferred embodiment of the present disclosure, a plurality of network connected devices participating in maintaining and extending the blockchain, may receive data and messages over the peer-to-peer network”)
However, CALLAN does not teach of “characteristics associated with a service provider … configuring a functionality of the user device accessible to the service provider, based at least in part on the response from the node of the DLN.”.
In analogous teaching LAM teaches “characteristics associated with a service provider … ([LAM, para. 0020] “peer consumer 120 may, for example, comprise one or more systems of a consumer of IoT data (e.g., systems of an individual, commercial enterprise, governmental department, researcher, security force, etc.) operable to access, obtain, utilize, analyze, consume, or otherwise facilitate accessing IoT data for various purposes (e.g., identifying needs to be served, determining eligibility for special offers, targeting advertising and other marketing efforts, identifying behaviors and trends, identifying security threats, etc.)”) ([LAM, para. 0029] “At block 305 of flow 300, IoT data server 130 verifies the data token using blockchain 150, as illustrated by arrow 205 of FIG. 2. In accordance with embodiments, IoT data server 130, or peer provider 110 operating in cooperation with IoT data server 130, may invoke a smart contract (e.g., smart contract SC4 of the examples above) to check the validity of the data token (e.g., data_access_secret) provided by peer consumer 120.”) configuring a functionality of the user device accessible to the service provider, based at least in part on the response from the node of the DLN.” ([LAM, para. 0030] “If the data token is determined to be valid, IoT data server 130 provides the requested data of IoT data 131 to peer consumer 120 at block 306 of flow 300, as illustrated by arrow 206 of FIG. 2. In accordance with embodiments of the invention, IoT data server 130, as may be operating in cooperation with peer provider 110, sends requested data (e.g., data_0, data_1 . . . data_n) of IoT data 131 to peer consumer 120. Thereafter, peer consumer 120 receives the data at block 307 of flow 300.”)
Thus, given the teaching of LAM, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of configuring functionality and service providers by LAM into the teaching of a method for configuring a device as taught by CALLAN. One of ordinary skill in the art would have been motivated to do so because LAM recognizes the need for sharing data while maintaining security ([LAM, para. 0007] “Embodiments facilitate data exchange with respect to large amounts of data using a blockchain system, enabling the data exchange in an efficient manner while preserving data accuracy and security.”)
However, CALLAN-LAM does not teach “characteristic associated with a service provider, wherein the characteristic includes compliance of the service provider with a legal requirement”.
In analogous teaching BARDAY teaches “characteristic associated with a service provider, wherein the characteristic includes compliance of the service provider with a legal requirement” ([BARDAY, para. 0020] “a particular organization may be required to implement operational policies and processes to comply with one or more legal requirements in handling such personal data.”) ([BARDAY, para. 0040] “In some embodiments, the privacy maturity rating may be further based on a likelihood of continued compliance with such legal and industry requirements, which the system may determine, for example, based on one or more attributes of the organization”) ([BARDAY, para. 0081] “the system may, for example, alleviate or otherwise prevent exposure to potential fines or other sanctions as a result of insufficiently protecting collected data (e.g., by failing to meet one or more legal standards).”) ([BARDAY, para. 0114] “The system may then, in various embodiments, use the privacy maturity score in order to calculate a risk rating or other risk score for a particular piece of software or other service initiated by the group”).
Thus, given the teaching of BARDAY, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of legal requirement by BARDAY into the teaching of a method for configuring a device as taught by CALLAN-LAM. One of ordinary skill in the art would have been motivated to do so because BARDAY recognizes the need for improved privacy of data ([BARDAY, para. 0004] “Accordingly, there is a need for improved systems and methods for evaluating the privacy maturity of particular individuals and/or groups of individuals within an organization.”)
Regarding claim 2, CALLAN-LAM-BARDAY teaches all limitations of claim 1. CALLAN further teaches “wherein configuring the functionality of the user device accessible to the service provider comprises configuring a data access policy for access of the service provider to data captured by the user device.” ([CALLAN, para. 0101] “An embodiment of a permission record, is presented in FIG. 5, through which a network connected device 106 henceforth referred to as a “data owner” may grant permission to access and read data produced by the data generator 102.”) ([CALLAN, para. 0102] “The permission record may comprise a header 500, which may comprise: an identifier indicating that the permission record contains a permission or consent to access or read data”) ([CALLAN, para. 0103] “The permission record may comprise a list of data receivers 502 to grant read access to, comprising a one or more public keys 504, with each one of the one or more public keys corresponding to a data receiver to whom to grant permission to access or read a data produced by a data generator.”).
Regarding claim 3, CALLAN-LAM-BARDAY teaches all limitations of claim 1. CALLAN further teaches “wherein configuring the functionality of the user device accessible to the service provider comprises configuring a functionality access policy for access of the service provider to at least one function provided by the user device.” ([CALLAN, para. 0101] “An embodiment of a permission record, is presented in FIG. 5, through which a network connected device 106 henceforth referred to as a “data owner” may grant permission to access and read data produced by the data generator 102.”) ([CALLAN, para. 0102] “The permission record may comprise a header 500, which may comprise: an identifier indicating that the permission record contains a permission or consent to access or read data”) ([CALLAN, para. 0103] “The permission record may comprise a list of data receivers 502 to grant read access to, comprising a one or more public keys 504, with each one of the one or more public keys corresponding to a data receiver to whom to grant permission to access or read a data produced by a data generator.”) ([CALLAN, para. 0196] “the data generator 102 may receive a data from, for example, the sensor 217. In other embodiments data may be received from a plurality of sensors”) [Examiner’s note: By granting permission the provider has access to function of the data generator being data obtained from sensors.]
Regarding claim 5, CALLAN-LAM-BARDAY teaches all limitations of claim 1. CALLAN further teaches “wherein the user device comprises a sensor configured to capture sensor data indicative of at least one of: a feature of an environment of the user device or a feature of a user of the user device.” ([CALLAN, para. 0077] “Optionally, the network connected device 102 may also comprise a sensor module 224, connected to one or more sensors or MEMS devices 217, 218, 219. Such sensors may comprise one or more of: an altimeter, a magnetometer, a gyroscopic sensor, an accelerometer, a thermometer, a pressure gauge, a light sensor, a camera, a microphone, an odometer, an infrared sensor, an ultrasonic sensor, a gas sensor, a smoke sensor, an alcohol sensor, a proximity sensor, a humidity sensor, a moisture sensor, a tilt sensor, a force sensor, an electrical resistance meter, a voltage meter, an electrical current meter, and other sensor type.”).
Regarding claim 12, CALLAN-LAM-BARDAY teaches all limitations of claim 1. CALLAN further teaches “wherein configuring the functionality of the user device accessible to the service provider comprises configuring the user device such that the functionality of the user device is accessible to the service provider upon compliance of the service provider with an accessibility condition.” ([CALLAN, para. 0101] “An embodiment of a permission record, is presented in FIG. 5, through which a network connected device 106 henceforth referred to as a “data owner” may grant permission to access and read data produced by the data generator 102.”) ([CALLAN, para. 0102] “The permission record may comprise a header 500, which may comprise: an identifier indicating that the permission record contains a permission or consent to access or read data”) ([CALLAN, para. 0103] “The permission record may comprise a list of data receivers 502 to grant read access to, comprising a one or more public keys 504, with each one of the one or more public keys corresponding to a data receiver to whom to grant permission to access or read a data produced by a data generator.”) [Examiner’s note: accessibility condition is being taught by permission record]
Regarding claim 23, this claim recites of a data processing system that performs the method of claim 1. Therefore, claim 23 is rejected in a similar manner as in the rejection of claim 1.
Regarding claim 26, CALLAN-LAM-BARDAY teaches all limitations of claim 1. CALLAM further teaches “wherein the response from the node provides the characteristic data.” ([CALLAN, para. 0131] “The data generator 102 may extract the permission record 728 and extract the assignment record 722 from the blockchain 700. The data generator 102 may then analyze the contents of the assignment record 722 and the permission record 728, to validate a plurality of digital signatures within the permission record and assignment record”) ([CALLAN, para. 0129] “The permission record 728 may be included in a block 710 by participants on the blockchain. In FIG. 7 an action of transmitting the permission record 728 is indicated by 726.”) ([CALLAN, para. 0009] “Blockchain validators, comprising, in a preferred embodiment of the present disclosure, a plurality of network connected devices participating in maintaining and extending the blockchain, may receive data and messages over the peer-to-peer network”)
Regarding claim 27, CALLAN-LAM-BARDAY teaches all limitations of claim 1. LAM further teaches “wherein configuring a functionality of the user device accessible to the service provider, based at least in part on the response from the node of the DLN, adapts the functionality of the user device for the service provider.” ([LAM, para. 0030] “If the data token is determined to be valid, IoT data server 130 provides the requested data of IoT data 131 to peer consumer 120 at block 306 of flow 300, as illustrated by arrow 206 of FIG. 2. In accordance with embodiments of the invention, IoT data server 130, as may be operating in cooperation with peer provider 110, sends requested data (e.g., data_0, data_1 . . . data_n) of IoT data 131 to peer consumer 120. Thereafter, peer consumer 120 receives the data at block 307 of flow 300.”).
The same motivation to modify CALLAN with LAM as in the rejection of claim 1 applies.
Claims 4 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of KINARTI (US-20200081519-A1).
Regarding claim 4, CALLAN-LAM-BARDAY teaches all limitations of claim 1. However, CALLAN-LAM-BARDAY does not teach “wherein configuring the functionality of the user device accessible to the service provider comprises configuring the user device such that a first functionality of the user device is accessible to the service provider and a second functionality of the user device, different from the first functionality of the user device, is inaccessible to the service provider.”.
In analogous teaching KINARTI teaches “wherein configuring the functionality of the user device accessible to the service provider comprises configuring the user device such that a first functionality of the user device is accessible to the service provider and a second functionality of the user device, different from the first functionality of the user device, is inaccessible to the service provider.” ([KINRATI, para. 0029] “Prior to transmission of the data stream, a data-filtering module 302 may, based on one or more producer configurations 124 received from the data-brokerage service 118, filter the default data stream provided by the IoT platform 110 to create custom data streams that include only data fields of interest to the data consumers. The data-filtering module 302 may also filter out personal identifiable information or other specified information that ought not be shared (e.g., for the protection of producer confidential information, and/or compliance with privacy laws or other regulations).”) [Examiner’s note: the second functionality is the access to data that is personal and filtered from the data stream]
Thus, given the teaching of KINARTI, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of first and second functionality by KINARTI into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY. One of ordinary skill in the art would have been motivated to do so because KINARTI recognizes the need to optimize data sharing ([KINRATI, para. 0003] “data consumers combine, in many situations, data streams from multiple data producers, but often use only part of the data in the individual data streams. This results in the unnecessary use of bandwidth to transmit data ultimately filtered out by the consumer system”) ([KINRATI, para. 0011] “Described herein are systems, devices, methods, and computer-program products embodied in machine-readable storage media for tailoring shared IoT data to the needs of data consumers”).
Regarding claim 6, CALLAN-LAM-BARDAY teaches all limitations of claim 5. However, CALLAN-LAM-BARDAY does not teach “wherein configuring the functionality of the user device accessible to the service provider comprises configuring the user device such that a first portion of the sensor data is accessible to the service provider and a second portion of the sensor data, different from the first portion of the sensor data, is inaccessible to the service provider.”.
In analogous teaching KINARTI teaches “wherein configuring the functionality of the user device accessible to the service provider comprises configuring the user device such that a first portion of the sensor data is accessible to the service provider and a second portion of the sensor data, different from the first portion of the sensor data, is inaccessible to the service provider.” ([KINRATI, para. 0029] “Prior to transmission of the data stream, a data-filtering module 302 may, based on one or more producer configurations 124 received from the data-brokerage service 118, filter the default data stream provided by the IoT platform 110 to create custom data streams that include only data fields of interest to the data consumers. The data-filtering module 302 may also filter out personal identifiable information or other specified information that ought not be shared (e.g., for the protection of producer confidential information, and/or compliance with privacy laws or other regulations).”)
The same motivation to modify CALLAN-LAM-BARDAY with KINARTI as in the rejection of claim 4 applies.
Claims 7, 10, and 11 are rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of WANG (US-20160285979-A1).
Regarding claim 7, CALLAN-LAM-BARDAY teaches all limitations of claim 1. However, CALLAN-LAM-BARDAY does not teach “wherein the characteristic additionally comprises at least one of: a service provided by the service provider, or compliance of the service provider with a technical standard.”.
In analogous teaching WANG teaches “wherein the characteristic additionally comprises at least one of: a service provided by the service provider, or compliance of the service provider with a technical standard.” ([WANG, para. 0046] “the processor 210 may be configured to cause mobile device 105 to detect a plurality of IoT devices 101; obtain an identifier for each of the plurality of IoT devices 101 based on the detection; obtain an indicator for each of the plurality of IoT devices 101 based at least in part on a corresponding one of the obtained identifiers; generate a notification that indicates a plurality of services available to the mobile device 105 based on each of the obtained indicators; and enable the mobile device 105 to access a service of the plurality of services”) ([WANG, para. 0035] “the services category may describe a service name and/or type, a service provider, a service description, privacy information, and/or any other like description of a service provided”) ([WANG, para. 0022] “Thus, the services may utilize multiple IoT devices that are provided by different vendors/manufacturers/service providers. Furthermore, each IoT device may be utilized by multiple services that are provided by different service providers.”).
Thus, given the teaching of WANG, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of characteristic data being type of service provided by WANG into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY. One of ordinary skill in the art would have been motivated to do so because WANG recognizes the need to improve utilization of services ([WANG, para. 0004] “many users are unable to utilize the services provided by the IoT devices they encounter. In order to utilize the services provided by IoT devices, a user usually has to be aware of the existence of the IoT devices surrounding the user.”) ([WANG, para. 0001] “The present disclosure relates to the field of Internet of Things (“IoT”), and in particular, to apparatuses, methods and storage media associated with discovering and utilizing services provided by IoT devices.”) ([WANG, abstract] “mobile device may generate a notification that indicates a plurality of services available to the mobile device based on each of the obtained indicators. The mobile device may access a service of the plurality of services”).
Regarding claim 10, CALLAN-LAM-BARDAY teaches all limitations of claim 1. However, CALLAN-LAM-BARDAY does not teach “wherein the response comprises the characteristic data, and the method further comprises sending the characteristic data to a policy decision engine for determining the functionality of the user device to be made accessible to the service provider.”.
In analogous teaching WANG teaches “wherein the response comprises the characteristic data, and the method further comprises sending the characteristic data to a policy decision engine for determining the functionality of the user device to be made accessible to the service provider.” ([WANG, para. 0046] “The IoT service detection application 300 may include various modules that may be loaded into the processor 210. The various modules may include a detection module 305, a service identification module 310, a service notification module 325, a service access module 330”) ([WANG, para. 0058] “In some embodiments, the user preferences may be in the form of a privacy policy that indicates desired service types and/or undesired service types. The desired service types may indicate a type of service that the user of the mobile device 105 desires to access or control, and the undesired service types may indicate a type of service that the user of the mobile device 105 considers to be privacy-invasive or otherwise does not wish to access. In such embodiments, the service notification module 325 may filter the list of services according to the privacy policy, such that the services having the desired service type are distinguished from services of the plurality of services having the undesired service type.”).
The same motivation to modify CALLAN-LAM-BARDAY with WANG as in the rejection of claim 7 applies.
Regarding claim 11, CALLAN-LAM-BARDAY teaches all limitations of claim 1. However, CALLAN-LAM-BARDAY does not teach “further comprising the user device receiving configuration instructions from the policy decision engine to cause the configuring of the functionality of the user device accessible to the service provider.”.
In analogous teaching WANG teaches “further comprising the user device receiving configuration instructions from the policy decision engine to cause the configuring of the functionality of the user device accessible to the service provider.” ([WANG, para. 0058] “the user preferences may be in the form of a privacy policy that indicates desired service types and/or undesired service types. The desired service types may indicate a type of service that the user of the mobile device 105 desires to access or control”) ([WANG, para. 0038] “the service provider 120 may develop and distribute one or more applications that allow mobile device 105 to access one or more IoT devices 101 that have a same or similar service type. For example, service provider 120 may be a home security service that develops and distributes a mobile application that enable mobile device 105 to control IoT devices 101 having a “home security” service type”).
The same motivation to modify CALLAN-LAM-BARDAY with WANG as in the rejection of claim 7 applies.
Claims 8 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of NAIK (US-20140164106-A1), hereinafter CALLAN-LAM-BARDAY-NAIK.
Regarding claim 8, CALLAN-LAM-BARDAY teaches all limitations of claim 1. However, CALLAN-LAM-BARDAY does not teach “wherein the service provider is a first service provider, the functionality is a first functionality, and the method further comprises configuring the user device to make a second functionality of the user device, different from the first functionality, accessible to a second service provider, different from the first service provider.”
In analogous teaching NAIK teaches “wherein the service provider is a first service provider, the functionality is a first functionality, and the method further comprises configuring the user device to make a second functionality of the user device, different from the first functionality, accessible to a second service provider, different from the first service provider.” ([NAIK, para. 0017] “process a first device function type, a first service type, and a first cost function from the communication device, and the communication device includes a hardware component that is specific to a first service provider, a firmware identification module, when executed by the processor, identifies a first firmware that is configured to be executed on the communication device, a firmware selection and retrieving module that is configured to retrieve the first firmware from the database and communicate the first firmware to the communication device, a service enabling module that is configured to activate a first set of service enabling instructions to enable a first service and a first functionality associated with the first firmware when the first firmware is executed on the communication device. … further retrieves the second firmware from the database and communicates the second firmware to the communication device. The service enabling module, when executed by the processor, further activates a second set of service enabling instructions to enable a second service and a second functionality associated with the second firmware when the second firmware is executed on the communication device.”).
Thus, given the teaching of NAIK, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of a single device having multiple functionalities by NAIK into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY. One of ordinary skill in the art would have been motivated to do so because NAIK recognizes the benefits of flexible devices ([NAIK, para. 0007] “If a customer wants to use a function or a feature that is not inherently supported by the phone, he/she has to change the equipment to migrate from one technology to another. Thus, the consumer does not have the flexibility and the freedom to use the functions and features at will”) ([NAIK, para. 0008] “As a consequence, the consumers have to either (i) bear additional cost for improved services, (ii) be satisfied with inadequate bandwidth, inconsistent service”) ([NAIK, para. 0012] “an embodiment herein provides a portal server for enabling services and functionalities across device types and service providers within a communication device.”).
Regarding claim 9, CALLAN-LAM-BARDAY -NAIK teaches all limitations of claim 8. NAIK further teaches “further comprising configuring the user device to provide the first functionality to the first service provider with the user device connected to a first network via a first network device, and configuring the user device to provide the second functionality to the second service provider with the user device connected to a second network via a second network device.” ([NAIK, para. 0009, fig. 1] “FIG. 1A illustrates a typical distribution of one or more services to one or more user devices 108A-N associated with one or more users 110A-N from one or more service operators 102A-N via one or more networks 104A-N.”) ([NAIK, para. 0048] “The communication device includes a hardware component (e.g., a Subscriber identity module (SIM)) that is specific to a first service provider (e.g., a first mobile operator).”) ([NAIK, para. 0049] “The processor is further configured by the instructions to: process a second device function type, a second service type, and a second cost function from the communication device.”) ([NAIK, para. 0050] “The second service and the second functionality associated with the second firmware specific to a second service provider (e.g., a second mobile operator who is different from the first mobile operator), are enabled for the same hardware component (e.g., for the same SIM). For example, the first mobile operator may be Vodafone Group plc, and the second mobile operator may be Bharti Airtel Limited.”).
The same motivation to modify CALLAN-LAM-BARDAY with NAIK as in the rejection of claim 8 applies.
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of FRAHIM (US-20180167370-A1).
Regarding claim 13, CALLAN-LAM-BARDAY teaches all limitations of claim 12. However, CALLAN-LAM-BARDAY does not teach “wherein the accessibility condition comprises connection of a computing system associated with the service provider, for communication with the user device, to a virtual private network (VPN) to which the user device is connected.”.
In analogous teaching FRAHIM teaches “wherein the accessibility condition comprises connection of a computing system associated with the service provider, for communication with the user device, to a virtual private network (VPN) to which the user device is connected.” ([FRAHIM, para. 0035] “The techniques herein introduce a secure data exchange platform for sharing IoT data with multiple entities/data consumers.”) ([FRAHIM, para. 0028] “FIG. 2 is a schematic block diagram of an example node/device 200 that may be used with one or more embodiments described herein … Device 200 comprises one or more network interfaces 210”) ([FRAHIM, para. 0029] “The network interfaces may be configured to transmit and/or receive data using a variety of different communication protocols. Notably, a physical network interface 210 may also be used to implement one or more virtual network interfaces, such as for virtual private network (VPN) access, known to those skilled in the art.”).
Thus, given the teaching of FRAHIM, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of a VPN by FRAHIM into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY. One of ordinary skill in the art would have been motivated to do so because FRAHIM recognizes the need to improve sharing of data ([FRAHIM, para. 0027] “The high number of nodes in LLNs in comparison to traditional networks also makes routing, quality of service (QoS), security, network management, and traffic engineering extremely challenging, to mention a few”) ([FRAHIM, para. 0035] “The techniques herein introduce a secure data exchange platform for sharing IoT data with multiple entities/data consumers.”)
Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of HOLTMANNS (US-20050086061-A1).
Regarding claim 14, CALLAN-LAM-BARDAY teaches all limitations of claim 1. CALLAN further teaches “wherein the characteristic data is first characteristic data, the response from the node of the DLN comprises the first characteristic data, and the method further comprises: ([CALLAN, para. 0131] “The data generator 102 may extract the permission record 728 and extract the assignment record 722 from the blockchain 700. The data generator 102 may then analyze the contents of the assignment record 722 and the permission record 728, to validate a plurality of digital signatures within the permission record and assignment record”).
However, CALLAN-LAM-BARDAY does not teach “… receiving, at the user device, second characteristic data from the service provider, the second characteristic data indicative of the characteristic associated with the service provider; and configuring the functionality of the user device accessible to the service provider based at least in part on a comparison between the first characteristic data and the second characteristic data.”.
In analogous teaching HOLTMANNS teaches “… receiving, at the user device, second characteristic data from the service provider, the second characteristic data indicative of the characteristic associated with the service provider; and configuring the functionality of the user device accessible to the service provider based at least in part on a comparison between the first characteristic data and the second characteristic data.” ([HOLTMANNS, para. 0044] “In order to prove whether the privacy policy for the present service provider request for personal information is the actual service provider's privacy policy, it is possible to compare the privacy policy for the service provider request data and further privacy policy obtained from the service provider and to inform the end user device in case the compared privacy policies are different. If the comparison shows that the privacy policies are equal the privacy receipt data can be created.”) ([HOLTMANNS, para. 0069] “the communications server 2 forwards the data generated on the basis of the personal information PI-Data provided by the user to the service provider 20.”) [Examiner’s note: examiner is interpreting further privacy policy as second characteristic data.]
Thus, given the teaching of HOLTMANNS, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of comparing two characteristic data by HOLTMANNS into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY . One of ordinary skill in the art would have been motivated to do so because HOLTMANNS recognizes the need to protect personal information ([HOLTMANNS, para. 0012] “Personal information should be only provided to the service providing party by the operator of the mobile environment after agreement of the user. Otherwise, users could loose their trust in their mobile environment operator, and mobile environments could loose the status as trusted systems”) ([HOLTMANNS, para. 0013] “The object of the present invention is to provide for a solution wherein the provision of personal information to be accessed by a third party can be easily controlled and monitored. Further, the present invention should provide information how provided personal information will be accessed and used.”).
Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of BARRETT (US-20180026802-A1).
Regarding claim 15, CALLAN-LAM-BARDAY teaches all limitations of claim 1. However, CALLAN-LAM-BARDAY does not teach “wherein the characteristic data is indicative of a certificate associated with the service provider.”.
In analogous teaching BARRETT teaches “wherein the characteristic data is indicative of a certificate associated with the service provider.” ([BARETT, para. 0062] “Upon receipt of the policy enforcement request, the Policy Contact Point 232 verifies that the signer certificate Common Name is a known Common Name from a white list of Service Providers. Then, the signer certificate is verified using an encryption framework such as OpenSSL (Open Secure Sockets Layer). This means that the signer certificate can be verified towards a trusted certificate or certificate chain, locally stored. Furthermore, a check can be performed that the signer certificate has not been revoked or expired. If all steps in the verification succeed, the Policy Contact Point 232 enables the policies in the network 230 for communications between the user device 230 and service provider 250”).
Thus, given the teaching of BARRETT, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of certificate by BARRETT into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY. One of ordinary skill in the art would have been motivated to do so because BARRETT recognizes the need to prevent malicious users ([BARRETT, para. 0087] “This means that the signer certificate can be verified towards a trusted certificate or certificate chain, locally stored. Furthermore, a check can be performed that the signer certificate has not been revoked or expired. This is important to ensure a malicious user or application does not attempt to spoof a policy rule to obtain improved service or free network resource usage”).
Claims 16, 17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of IRWAN (US-20190245699-A1), hereinafter CALLAN-LAM-BARDAY -IRWAN.
Regarding claim 16, CALLAN-LAM-BARDAY teaches all limitations of claim 1. CALLAN further teaches “wherein sending the request comprises sending the request via a network device, receiving the response comprises receiving the request via the network device, and the method further comprises: …” ([CALLAN, para. 0062] “Devices connected to the peer-to-peer network 108 may include data generators, for example a network connected device 102, that may generate data. Such a network connected device 102 may embody a data generator.”) ([CALLAN, para. 0073] “The wireless components may provide network connectivity to a packet switched network and hence to the peer-to-peer network for the network connected device 102.”) ([CALLAN, para. 0078] “the network connected device 102, detailed in FIG. 2B, the network connected device 102 may comprise a data generator”) ([CALLAN, para. 0131] “The data generator 102 may extract the permission record 728 and extract the assignment record 722 from the blockchain 700.”).
However, CALLAN-LAM-BARDAY does not teach “the user device receiving network device authorization data from the network device for use in authorizing the network device; and the user device validating the network device authorization data against a version of the network device authorization data stored in the distributed ledger or a further distributed ledger.”.
In analogous teaching IRWAN teaches “the user device receiving network device authorization data from the network device for use in authorizing the network device; and ([IRWAN, para. 0073] “At step 330, in response to validating the device, the algorithm or method further comprises receiving, at the second server, a certificate request from the device and verifying the certificate request against the inventory list stored in the blockchain. For example, after the TLS session, the security gateway 170 may receive an encrypted certificate request or CSR that was generated by the enterprise device 180. The security gateway 170 may also receive a private key, originally generated by the CA 120 and stored in the blockchain 150, for validating and decrypting the CSR. Any transport protocol may be used to send and receive the CSR and private key”) the user device validating the network device authorization data against a version of the network device authorization data stored in the distributed ledger or a further distributed ledger. ([IRWAN, para. 0075] “At step 340, in response to verifying the certificate request, the algorithm or method may further comprise enrolling the device by sending a certificate from the plurality of certificates stored in the blockchain to the device. In an embodiment, the security gateway 170 may act in place of the CA 120 by enrolling the enterprise device 180 locally. The security gateway 170 may enroll the enterprise device 180 by accessing a certificate and private key stored in the database 260 and/or the blockchain 150 and sending the certificate and private key to the enterprise device 180.”).
Thus, given the teaching of IRWAN, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of authorizing network device by IRWAN into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY. One of ordinary skill in the art would have been motivated to do so because IRWAN recognizes the need to regulate access ([IRWAN, para. 0001] “The disclosure relates more specifically to improved computer-implement methods and systems for providing decentralized security certificate enrollment and revocation. Certain embodiments are useful in regulating access to data of internet of things (IoT) devices and improving the resistance of networked IoT devices to attacks, unauthorized or malicious use, or malware.”).
Regarding claim 17, CALLAN-LAM-BARDAY-IRWAN teaches all limitations of claim 16. IRWAN further teaches “wherein the network device authorization data is indicative of a certificate associated with the network device.” ([IRWAN, para. 0073] “the algorithm or method further comprises receiving, at the second server, a certificate request from the device and verifying the certificate request against the inventory list stored in the blockchain. For example, after the TLS session, the security gateway 170 may receive an encrypted certificate request or CSR that was generated by the enterprise device 180.”).
The same motivation to combine CALLAN-LAM-BARDAY with IRWAN as in the rejection of claim 16 applies.
Regarding claim 20, CALLAN-LAM-BARDAY-IRWAN teaches all limitations of claim 16. IRWAN further teaches “wherein the network device comprises a gateway device.” ([IRWAN, para. 0042] “Enrollment and revocation services 160 may be computer-implemented services that are programmatically offered by a security gateway 170, including services for enrolling an enterprise device 180 … The enterprise device 180 may be computer network devices such as gateways, modems, routers, wireless access points, switches, hubs, and firewalls.”).
The same motivation to combine CALLAN-LAM-BARDAY with IRWAN as in the rejection of claim 16 applies.
Claims 21 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY-IRWAN in view of UEHARA (US-20190207813-A1), hereinafter CALLAN-LAM-BARDAY-IRWAN-UEHARA.
Regarding claim 21, CALLAN-LAM-BARDAY-IRWAN teaches all limitations of claim 16. However, CALLAN-LAM-BARDAY-IRWAN does not teach “further comprising: the user device sending user attribute data representative of at least one attribute of at least one of the user device or a user to a verification system; and the user device receiving, from the verification system, user authorization data for use in authorizing the at least one of the user device or the user.”.
In analogous teaching UEHARA teaches “further comprising: the user device sending user attribute data representative of at least one attribute of at least one of the user device or a user to a verification system; and ([UEHARA, para. 0102] “the device 4 is in the initial state, the process proceeds to step S203 to perform the initial provisioning processing of the device 4. FIG. 14 is a flowchart illustrating the process of the initial provisioning processing.”) ([UEHARA, para. 0103] “First at step S301, the device identification data ID stored in the normal region 45 b is transmitted to the provisioning server 3 to request for providing initial provisioning data. Then, at step S302, the provisioning server 3 receives the request and starts processing of providing the initial provisioning data to the device 4.”) the user device receiving, from the verification system, user authorization data for use in authorizing the at least one of the user device or the user. ([UEHARA, para. 0106] “When the verification of the device identification data at step S303 is successful and the device 4 is determined to be valid, the process proceeds from step S304 to step S305 to perform generation processing of the initial provisioning data.”) ([UEHARA, para. 0143] “After the provisioning data generation at step S802 is completed through the processing as described above, the provisioning data is transmitted to the device 4 at step S803. At step S804, the device 4 receives and loads the provisioning data”).
Thus, given the teaching of UEHARA, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of authorizing network device by UEHARA into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY-IRWAN. One of ordinary skill in the art would have been motivated to do so because UEHARA recognizes the need to verify devices ([UEHARA, para. 0011] “in a case of IoT devices, a security risk is high due to what is called an unknown IoT device on which correct management is not performed any more in this manner, and the device is unknowingly used as a steppingstone for attack in actual cases.”) ([UEHARA, para. 0018] “when the provisioning data is provided to the device in the initial state based on verification of the validity of the device identification data, the device can be securely registered to the system.”).
Regarding claim 22, CALLAN-LAM-BARDAY-IRWAN-UEHARA teaches all limitations of claim 21. UEHARA further teaches “further comprising the user device sending the user authorization data to the network device for use in authorizing the at least one of the user device or the user.” ([UEHARA, para. 0033] “FIG. 6 illustrates a flowchart of a process 130 used to authenticate devices (e.g., devices 20, 22, 24, 42, 62, and 82) to gateway/edge devices. The gateway/edge device receives an access request to connect to the gateway/edge device (block 132). The gateway/edge device determines whether the requesting device is associated with an authorized user (e.g., employee) of locally connected networks (block 134).”) ([UEHARA, para. 0034] “If the requesting device is coupled to one or more of the local network(s), the gateway/edge device may determine whether a certificate is valid (block 142) … gateway may utilize a certificate-based authorization scheme to authorize the requesting device to connect to the gateway/edge device. If the certificate is valid, access to the gateway/edge device is allowed (block 144).”).
The same motivation to combine CALLAN-LAM-BARDAY -IRWAN with UEHARA as in the rejection of claim 21 applies.
Claims 24 and 25 are rejected under 35 U.S.C. 103 as being unpatentable over CALLAN-LAM-BARDAY in view of YE (US-20200294048-A1).
Regarding claim 24, this claim recites of similar features as to those of claim 1. Therefore, claim 24 is rejected in a similar manner as in the rejection of claim 1. CALLAN further teaches “… and wherein the node of the DLN is configured to: receive the request from the user device; … generate the response for sending to the user device, wherein the response is indicative of whether the distributed ledger comprises the characteristic data; and send the response to the user device. …” ([CALLAN, para. 0064] “devices connected via the peer-to-peer network 108 may include blockchain validators, for example network connected device 109, acting as a validator node or “miner”, whose role may be to act as a communication node, and may also be to receive messages, records and other transaction or data messages from the peer-to-peer network 108, process them, and transmitting the results of said processing back to the peer-to-peer network 108”) ([CALLAN, para. 0131] “The data generator 102 may extract the permission record 728 and extract the assignment record 722 from the blockchain 700. The data generator 102 may then analyze the contents of the assignment record 722 and the permission record 728, to validate a plurality of digital signatures within the permission record and assignment record. In FIG. 7 an action of extracting the assignment record 722 is indicated by 724, and an action of extracting the permission record 728 is indicated by 730.”).
However, CALLAN-LAM-BARDAY does not teach “… determine whether a distributed ledger of the DLN comprises the … data; …”.
In analogous teaching YE teaches “… determine whether a distributed ledger of the DLN comprises the … data; …” ([YE, para. 0038] “Referring to FIG. 1, FIG. 1 illustrates a blockchain-based data verification method, according to an implementation of the present specification. The method is applied to a verification client in a blockchain and includes the following steps:”) ([YE, para. 0040] “Step 104: Determine whether the target data has been stored in the blockchain based on the data identifier.”) ([YE, para. 0041] “Step 106: If the target data has been stored in the blockchain, obtain the target data from the storage location indicated by the data identifier, where the target data stored in the blockchain carries verification information used to verify authenticity of the target data.”).
Thus, given the teaching of YE, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of determine if data is in a blockchain by YE into the teaching of a method for configuring a device as taught by CALLAN-LAM-BARDAY. One of ordinary skill in the art would have been motivated to do so because YE recognizes the benefits of using blockchain for data ([YE, para. 0003] “The blockchain technology has been widely used in many fields because of its features such as decentralization, openness and transparency, and participation of each computing device in recording data in a database, and fast data synchronization among computing devices.”) ([YE, para. 0004] “The present specification provides a blockchain-based data verification method, including: obtaining a data identifier of target data published by a data provider in a blockchain, where the data identifier indicates a storage location of the target data in the blockchain”)
Regarding claim 25, this claim recites of a method claim that corresponds to claim 24. Therefore, claim 25 is rejected in a similar manner as in the rejection of claim 24.
Allowable Subject Matter
Claim 18 and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Pertinent Art
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
AGONI (US-20020133374-A1): This prior art teaches of systems and methods of facilitating communication between a service professional and a client. In one embodiment, a professional submits profile data to a service facilitator who makes the profile data available to prospective clients, and the professional agrees to use a service enhancing system to provide service to any client obtained. The professional may agree to provide payment for use of the service enhancing system, may agree not to charge the client for the use of such system, may agree to use an enhanced version of the service enhancing system in exchange for enhanced availability of the profile data, may agree to specific standards of service in exchange for making the profile data available, and/or may agree to provide periodic assurance of adherence to the specific standards, or may provide a combination of those agreements.
TYLER (US-20170187749-A1): This prior art teaches of techniques provide for a system and method for privacy management between computing devices. The method includes defining, via a first computing device, a user privacy policy for the first computing device based on the privacy preferences of a user of the first computing device, the user privacy policy to be asserted in machine readable format across multiple computing devices requesting access to data of the first computing device. The method includes receiving at the first computing device an access request from a second computing device. The method also includes asserting, via the first computing device, the user privacy policy in the machine readable format to the second computing device.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AFAQ ALI whose telephone number is (571)272-1571. The examiner can normally be reached Mon - Fri 7:30am - 5:30pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/A.A./
01/20/2026
/AFAQ ALI/Examiner, Art Unit 2434 /NOURA ZOUBAIR/Primary Examiner, Art Unit 2434