Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsNokia Solutions and Networks Oy › 18003524
Last updated: April 19, 2026
Application No. 18/003,524

SECURE NETWORK ARCHITECTURE

Non-Final OA §103
Filed
Dec 28, 2022
Examiner
MAYE, AYUB A
Art Unit
2436
Tech Center
2400 — Computer Networks
Assignee
Nokia Solutions and Networks Oy
OA Round
3 (Non-Final)
58%
Grant Probability
Moderate
3-4
OA Rounds
5y 2m
To Grant
99%
With Interview

This examiner grants 58% of cases after interview

+41.6% interview lift. A telephonic interview to clarify the technical implementation could significantly improve the outcome.
Based on 652 resolved cases, 2023–2026

Examiner Intelligence

MAYE, AYUB A View full profile →
Grants 58% of resolved cases
58%
Career Allow Rate
377 granted / 652 resolved
At TC average
Strong +42% interview lift
Without
With
+41.6%
Interview Lift
resolved cases with interview
Typical timeline
5y 2m
Avg Prosecution
32 currently pending
Career history
684
Total Applications
across all art units

Statute-Specific Performance

§101
3.0%
-37.0% vs TC avg
§103
57.5%
+17.5% vs TC avg
§102
18.6%
-21.4% vs TC avg
§112
13.2%
-26.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 652 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/29/2025 has been entered. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 71-73, 75, 77-84, and 86-90 are rejected under 35 U.S.C. 103 as being unpatentable over Applicant’s Admitted Prior Art in IDs Zhang et al (CN 103532963) in views of Milburn et al (2020/0287905) and Lesenne et al (EP 1402679). For claim 71, Zhang teaches a master device (abstract), comprising:, cause the master device (IoT device) at least to: transmit, to a network device (authentication center as Zhang teaches in par.16 on machine translation), a first level start-up request with a first identification signature corresponding to a first identification key for identifying the master device (Zhang teaches of system that configured to generate bidirectional authentication information and transmitting the first information and the key information K generating part in operation of bidirectional authentication key K ', and according to the key K ' and the random number R of the calculation result as Zhang teaches in par.21 on machine translation; par 24, IoT device generates a key that is used to calculate authentication information to verify the IoT device), the first identification key being generated based on a master key specific to the master device (Zhang teaches that IoT device or master device generate key K participating in bidirectional authentication such that IoT generates based on master key specific to the IoT device or master device as Zhang teaches in par.24 on machine translation); receive, from the network device (again since the system works in bidirectional operation). While Zhang discloses several devices and authenticating the IoT device, Zhang fails to teach at least one processor; and at least one memory including computer program codes; the at least one memory and the computer program codes are configured to, with the at least one processor and master and slave devices and authorization signature with first identification key, a first level start-up authorization response with a first authorization signature corresponding to a second identification key and verify the first authorization signature with the first identification key. Milburn teaches, similar system, at least one processor; and at least one memory including computer program codes; the at least one memory and the computer program codes are configured to, with the at least one processor and master and slave devices (par.24, 40-44) and authorization signature with first identification key (par 97, challenge id and challenge result a digital signature). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include processor and memory as taught and suggested by Milburn for the purpose of processing and storing data associated with devices and providing instructions for determining which electrical devices are permitted to link based on the received identification information and generating corresponding authentication codes for each permitted link (Milburn, par.25). Lesenne teaches, similar system, a first level start-up authorization response with a first authorization signature corresponding to a second identification key (Lesenne teaches that a two-level enciphering of the messages of the service to be encrypted, which follow the authenticated service announcement messages, is produced in the following way: encryption with a current encryption key selected from a first set of available keys, then signature with a current authentication key selected from a second set of available keys, the enciphering for authentication being preferably applied to the whole message minus signature, including the encrypted part as Lesenne teaches in par.26 and 45) and verify the first authorization signature with the first identification key (Lesenne teaches that verification of the signature SGN of the authentication as Lesenne teaches in par.102 and 113). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include a first level start-up authorization response with a first authorization signature corresponding to a second identification key as taught and suggested by Lesenne for the purpose of protecting messages intended to be dispatched over a network, from a sender to at least one receiver comprising means for control of identification of messages by a modifiable current identification key (Lesenne, par.19). For claim 72, Zhang, in views of Milburn and Lesenne discloses the master device of claim 71, further teaches wherein the master device is further caused to: in accordance with a determination that the verification of the first authorization signature is correct, complete the start-up of the master device; and in accordance with a determination that the verification of the first authorization signature is incorrect, drop the first level start-up authorization response (Zhang teaches that the authentication center compares the authentication information A2 with the received remote management platform transmitted by said second authentication information A2 is consistent. if it is consistent, the verifying the remote management platform identity and if not then it will disconnect or ignore the connection as Zhang teaches in par.33 o machine translation). For claim 73, Zhang, in views of Milburn and Lesenne discloses the master device of claim 71, fails to teach wherein the master device is further caused to: receive, from the network device, configuration file comprising sensitive data, the configuration file being encrypted with a second data encryption key; and decrypt the encrypted configuration file with a first data encryption key, the first data encryption key being generated based on the master key specific to the master device. Milburn further teaches wherein the master device is further caused to: receive, from the network device, configuration file comprising sensitive data, the configuration file being encrypted with a second data encryption key (par.61); and decrypt the encrypted configuration file with a first data encryption key, the first data encryption key being generated based on the master key specific to the master device (par.98). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include encryption and decrypt key as taught and suggested by Milburn for the purpose of enabling secure and or/authorized communication with other devices, which may be stored in each device (Milburn, par.81). For claim 75, Zhang, in views of Milburn and Lesenne discloses the master device of claim 71, fails to teach wherein the master device is comprised in a group of devices with at least one slave device, and each of the group of devices is assigned with a corresponding device level, and the master device is further caused to: receive, from the network device, a challenge message for verifying a constitution integrity of the group, the challenge message being with a challenge signature corresponding to the second identification key, and nested with at least one slave challenge signature corresponding to at least one slave identification key for identifying the at least one slave device in the order of device levels; verify the challenge signature with the first identification key specific to the master device; in accordance with a determination that the verification of the challenge signature is correct, extract an internal layer of the challenge message; and transmit the internal layer of the challenge message to a first slave device, a device level of the first slave device is one device level lower than that of the master device; and in accordance with a determination that the verification of the challenge signature is incorrect, drop the challenge message. Milburn further teaches that wherein the master device is comprised in a group of devices with at least one slave device, and each of the group of devices is assigned with a corresponding device level (par.55), and the master device is further caused to: receive, from the network device, a challenge message for verifying a constitution integrity of the group, the challenge message being with a challenge signature corresponding to the second identification key (Milburn teaches that the server may transmit the challenge result for the slave device and the challenge ID to the master device, which may transmit the challenge, the challenge ID, and the public key of the master device to the targeted slave device as Milburn discloses in par.99), and nested with at least one slave challenge signature corresponding to at least one slave identification key for identifying the at least one slave device in the order of device levels (the system includes generate and store information indicating the particular slave device to which it linked and/or store the device ID associated with the slave device in a list comprising all the slave devices with which the master device is currently linked as and system further teaches of allocating values or level in each device where one device can be more than the other device Milburn teaches in par.55-56 and106); verify the challenge signature with the first identification key specific to the master device (Each challenge result of the keycode authorizes a specific link. For example, a first challenge result associated with a first slave device may authorize a link between the first slave device and the master device as Milburn teaches in par.107); in accordance with a determination that the verification of the challenge signature is correct, extract an internal layer of the challenge message; and transmit the internal layer of the challenge message to a first slave device, a device level of the first slave device is one device level lower than that of the master device; and in accordance with a determination that the verification of the challenge signature is incorrect, drop the challenge message (Milburn teaches that the server may transmit the challenge result for the slave device and not the challenge ID to the master device, which may transmit the challenge result and the public key of the master device to the targeted slave device. In some embodiments, if the challenge ID is transmitted, the receiving device can check the transmitted challenge ID and ensure that the devices internal notion of the challenge ID is less than or equal to the transmitted challenge ID. If the device knows that its internal challenge ID is equal or above the transmitted challenge ID, then the device will not attempt to validate the challenge result. This is because the device has determined that this is an ‘old’ message, which it should ignore (the challenge ID is ‘already used’) as Milburn discloses in par.97, 98, 99 and 100). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include challenge message as taught and suggested by Milburn for the purpose of determining whether the server authorized the master device to communicate with the targeted slave device by independently computing the challenge result of the slave device in the same manner as the server based on the challenge ID associated with the slave device and the public key of the master (Milburn, par.104). For claim 77, Zhang, in views of Milburn and Lesenne discloses the master device of claim 71, further teaches wherein the master device is further caused to: update the master key based on a preconfigured key updating rule; and update at least the first identification key based on the updated master key (the authentication center perform bidirectional authentication with the remote management platform periodically, and updating the session key as Zhang teaches in par.70-73). For claim 78, Zhang, in views of Milburn and Lesenne discloses the master device of claim 71, further teaches wherein the master device is caused to update the master key by: receiving, from the network device, a key update message indicative of updating the master key; and in response to the key update message, updating the master key based on the preconfigured key updating rule (the authentication center perform bidirectional authentication with the remote management platform periodically, and updating the session key as Zhang teaches in par.65 and 69-73). For claim 79, Zhang, in views of Milburn and Lesenne discloses the master device of claim 71, fails to teach wherein the master device is comprised in a group of devices with at least one slave device, and each of the group of devices is assigned with a corresponding device level, and the master device is further caused to: receive, from a first slave device of the group of devices, a second level start-up request with a first slave identification signature corresponding to a slave identification key for identifying the first slave device, a device level of the first slave device being one device level lower than that of the master device; and encapsulate the second level start-up request with the first slave identification signature into the first level start-up request. Milburn further teaches wherein the master device is comprised in a group of devices with at least one slave device (par.55), and each of the group of devices is assigned with a corresponding device level, and the master device is further caused to: receive, from a first slave device of the group of devices, a second level start-up request with a first slave identification signature corresponding to a slave identification key for identifying the first slave device (the system includes generate and store information indicating the particular slave device to which it linked and/or store the device ID associated with the slave device in a list comprising all the slave devices with which the master device is currently linked as and system further teaches of allocating values or level in each device where one device can be more than the other device Milburn teaches in par.55-56 and106); a device level of the first slave device being one device level lower than that of the master device; and encapsulate the second level start-up request with the first slave identification signature into the first level start-up request (Milburn teaches provides authentication information associated with the one or more designated links in the keycode that is received by the master device as Milburn teaches in par.7 and 28). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include master device with slave devices as taught and suggested by Milburn for the purpose determining which electrical devices are permitted to link based on the received identification information and generating corresponding authentication codes for each permitted link (Milburn, par.29). For claim 80, Zhang, in views of Milburn and Lesenne discloses the master device of claim 71, fails to teach wherein the first level start-up authorization response is nested with at least a second level authorization signature corresponding to the first slave device, and the first device is further caused to: in accordance with a determination that the verification of the first authorization signature is correct, extract an internal layer of the first level start-up authorization response; and transmit the internal layer of the first level start-up authorization response to the first slave device; and in accordance with a determination that the verification of the first authorization signature is incorrect, drop the first level start-up authorization response. Milburn further teaches wherein the first level start-up authorization response is nested with at least a second level authorization signature corresponding to the first slave device, and the first device is further caused to: in accordance with a determination that the verification of the first authorization signature is correct, extract an internal layer of the first level start-up authorization response (The keycode allows the master device to authenticate whether a link between the master device and the back-end server is authorized and allows the one or more slave devices to authenticate whether the back-end server authorized the master device to link with the one or more slave devices associated with the user's account as Milburn teaches in par.7); and transmit the internal layer of the first level start-up authorization response to the first slave device; and in accordance with a determination that the verification of the first authorization signature is incorrect, drop the first level start-up authorization response (Milburn teaches disconnect from the system, disable the device, and/or deactivate any links established with other devices in the system as Milburn teaches in par.77 and 78). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include master device with slave devices as taught and suggested by Milburn for the purpose determining which electrical devices are permitted to link based on the received identification information and generating corresponding authentication codes for each permitted link (Milburn, par.29). For claim 81, Zhang teaches A device (abstract), comprising: cause the device at least to: transmit, to a first target device (IoT device abstract), (the identification key being generated based on a master key specific to the device (Zhang teaches that IoT device or master device generate key K participating in bidirectional authentication such that IoT generates based on master key specific to the IoT device or master device as Zhang teaches in par.24 on machine translation); receive, from the first target device, a start-up authorization response with a first authorization signature (Zhang teaches that first authentication information and second authentication information A2 is the authentication center corresponding to the first information and the key information K to generate mutual authentication involved in operation of the keys K as Zhang teaches in par.39 on machine translations). Zhang fails to teach a slave device, at least one processor; and at least one memory including computer program codes; the at least one memory and the computer program codes are configured to, with the at least one processor, a second level start-up request with a first identification signature corresponding to a first identification key for identifying the device, first slave identification signature corresponding to a first salve identification key for identifying the slave device, a second level start-up authorization response with a first authorization signature corresponding to a second identification key, the slave device and the first target device being comprised in a group of devices each assigned with a corresponding device level, and a device level of the slave device is one device level lower than that of the first target device; and verify the first slave authorization [[signature]] with the first slave identification key. Milburn teaches a slave device (par.55), at least one processor; and at least one memory including computer program codes; the at least one memory and the computer program codes are configured to, with the at least one processor (par.24), first slave identification signature corresponding to a first salve identification key for identifying the slave device (par.28), the slave device and the first target device being comprised in a group of devices each assigned with a corresponding device level (the system includes generate and store information indicating the particular slave device to which it linked and/or store the device ID associated with the slave device in a list comprising all the slave devices with which the master device is currently linked as and system further teaches of allocating values or level in each device where one device can be more than the other device Milburn teaches in par.55-56 and106), and a device level of the slave device is one device level lower than that of the first target device (the system includes generate and store information indicating the particular slave device to which it linked and/or store the device ID associated with the slave device in a list comprising all the slave devices with which the master device is currently linked as and system further teaches of allocating values or level in each device where one device can be more than the other device Milburn teaches in par.55-56 and106); and verify the first slave authorization signature with the first slave identification key (The keycode allows the master device to authenticate whether a link between the master device and the back-end server is authorized and allows the one or more slave devices to authenticate whether the back-end server authorized the master device to link with the one or more slave devices associated with the user's account as Milburn teaches par.7 and 28). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include master device with slave devices as taught and suggested by Milburn for the purpose determining which electrical devices are permitted to link based on the received identification information and generating corresponding authentication codes for each permitted link (Milburn, par.29). Lesenne teaches, similar system, a second level start-up request with a first identification signature corresponding to a first identification key for identifying the device (Lesenne teaches that a two-level enciphering of the messages of the service to be encrypted, which follow the authenticated service announcement messages, is produced in the following way: encryption with a current encryption key selected from a first set of available keys, then signature with a current authentication key selected from a second set of available keys, the enciphering for authentication being preferably applied to the whole message minus signature, including the encrypted part as Lesenne teaches in par.26 and 45) and , a second level start-up authorization response with a first authorization signature corresponding to a second identification key (Lesenne teaches two level as Lesenne teaches in par.26 and 45). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include level start-up authorization response with a first authorization signature corresponding to a second identification key as taught and suggested by Lesenne for the purpose of protecting messages intended to be dispatched over a network, from a sender to at least one receiver comprising means for control of identification of messages by a modifiable current identification key (Lesenne, par.19). For claim 82, Zhang, in views of Milburn and Lesenne discloses the device of claim 81, further teach wherein the device is further caused to: in accordance with a determination that the verification of the first slave authorization signature is correct, complete the start-up of the device; and in accordance with a determination that the verification of the first authorization signature is incorrect, drop the second level start-up authorization response (Zhang teaches that the authentication center compares the authentication information A2 with the received remote management platform transmitted by said second authentication information A2 is consistent. if it is consistent, the verifying the remote management platform identity and if not then it will disconnect or ignore the connection as Zhang teaches in par.33 o machine translation). Zhang fails to teach a slave device. Milburn further teaches a slave device (par.7 and 55). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include slave devices as taught and suggested by Milburn for the purpose determining which electrical devices are permitted to link based on the received identification information and generating corresponding authentication codes for each permitted link (Milburn, par.29). . For claim 83, Zhang, in views of Milburn and Lesenne discloses the device of claim 81, fails to teach wherein the second level start-up authorization response with the first slave authorization signature is an internal layer of a first level start-up authorization response extracted by the first target device with the first identification key specific to the first target device, and the first level start-up authorization response is generated and nested, by the network device, with a first authorization signature corresponding to a second identification key specific to the first target device and the first slave authorization signature corresponding to a second slave identification key in the order of device levels. Milburn further teaches wherein the second level start-up authorization response with the first slave authorization signature is an internal layer of a first level start-up authorization response extracted by the first target device with the first identification key specific to the first target device, and the first level start-up authorization response is generated (par.7 and 28) and nested, by the network device, with a first authorization signature corresponding to a second identification key specific to the first target device and the first slave authorization signature corresponding to a second slave identification key in the order of device levels (the system includes generate and store information indicating the particular slave device to which it linked and/or store the device ID associated with the slave device in a list comprising all the slave devices with which the master device is currently linked as and system further teaches of allocating values or level in each device where one device can be more than the other device Milburn teaches in par.55-56 and106). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include master device with slave devices as taught and suggested by Milburn for the purpose determining which electrical devices are permitted to link based on the received identification information and generating corresponding authentication codes for each permitted link (Milburn, par.29). For claim 84, Zhang, in views of Milburn and Lesenne discloses the device of claim 81, fails to teach wherein the slave device is further caused to: receive, from the first target device, configuration file including sensitive data, the configuration file being delivered from a network device and encrypted with a second slave data encryption key; and decrypt the encrypted configuration file with a first slave data encryption key, the first slave data encryption key being generated based on the master key specific to the slave device. Milburn further teaches wherein the slave device is further caused to: receive, from the first target device, configuration file including sensitive data, the configuration file being delivered from a network device and encrypted with a second slave data encryption key (par.61); and decrypt the encrypted configuration file with a first slave data encryption key, the first slave data encryption key being generated based on the master key specific to the slave device (par.98). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include encryption and decrypt key as taught and suggested by Milburn for the purpose of enabling secure and or/authorized communication with other devices, which may be stored in each device (Milburn, par.81). For claim 86, Zhang, in views of Milburn and Lesenne discloses the device of claim 81, fails to teach wherein the slave device is of a lowest device level in the group of devices, and the slave device is further caused to: in accordance with a determination that the verification of the first slave authorization signature is correct, complete the start-up of the slave device; receive, from the first target device, a second level challenge message for verifying a constitution integrity of the group of devices, the second level challenge message being with a slave challenge signature corresponding to the second slave identification key; verify the slave challenge signature with the first slave identification key specific to the slave device; in accordance with a determination that the verification of the slave challenge signature is correct, transmit, to the first target device, another second level start-up request with the first slave identification signature corresponding to the first slave identification key; and in accordance with a determination that the verification of the slave challenge signature is incorrect, drop the second level challenge message. Milburn further teaches wherein the slave device is of a lowest device level in the group of devices, and the slave device is further caused to: in accordance with a determination that the verification of the first slave authorization signature is correct, complete the start-up of the slave device; receive, from the first target device, a second level challenge message for verifying a constitution integrity of the group of devices, the second level challenge message being with a slave challenge signature corresponding to the second slave identification key (Milburn teaches that the server may transmit the challenge result for the slave device and the challenge ID to the master device, which may transmit the challenge, the challenge ID, and the public key of the master device to the targeted slave device as Milburn discloses in par.99); verify the slave challenge signature with the first slave identification key specific to the slave device(par.7 and 28); in accordance with a determination that the verification of the slave challenge signature is correct, transmit, to the first target device, another second level start-up request with the first slave identification signature corresponding to the first slave identification key (the system includes generate and store information indicating the particular slave device to which it linked and/or store the device ID associated with the slave device in a list comprising all the slave devices with which the master device is currently linked as and system further teaches of allocating values or level in each device where one device can be more than the other device Milburn teaches in par.55-56 and106); and in accordance with a determination that the verification of the slave challenge signature is incorrect, drop the second level challenge message (Milburn teaches that the server may transmit the challenge result for the slave device and not the challenge ID to the master device, which may transmit the challenge result and the public key of the master device to the targeted slave device. In some embodiments, if the challenge ID is transmitted, the receiving device can check the transmitted challenge ID and ensure that the devices internal notion of the challenge ID is less than or equal to the transmitted challenge ID. If the device knows that its internal challenge ID is equal or above the transmitted challenge ID, then the device will not attempt to validate the challenge result. This is because the device has determined that this is an ‘old’ message, which it should ignore (the challenge ID is ‘already used’) as Milburn discloses in par.97, 98, 99 and 100). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include challenge message as taught and suggested by Milburn for the purpose of determining whether the server authorized the master device to communicate with the targeted slave device by independently computing the challenge result of the slave device in the same manner as the server based on the challenge ID associated with the slave device and the public key of the master (Milburn, par.104). For claim 87, Zhang, in views of Milburn and Lesenne discloses the device of claim 81, fails to teach wherein the slave device is further caused to: in accordance with a determination that the verification of the first slave authorization signature is correct, complete the start-up of the slave device; update the master key based on a preconfigured key updating rule; and update at least the first slave identification key based on the updated master key. Milburn further teaches wherein the slave device is further caused to: in accordance with a determination that the verification of the first slave authorization signature is correct, complete the start-up of the slave device; update the master key based on a preconfigured key updating rule; and update at least the first slave identification key based on the updated master key (the master device may include enabling or updating the master device based on the allocated credits as Milburn discloses in par.7 and 57). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include updating device as taught and suggested by Milburn for the purpose of determining whether the server authorized the master device to communicate with the targeted slave device by independently computing the challenge result of the slave device in the same manner as the server based on the challenge ID associated with the slave device and the public key of the master (Milburn, par.104). For claim 88, Zhang, in views of Milburn and Lesenne discloses the device of claim 81, fails to teach wherein the slave device is caused to update the master key by: receiving, from the first target device, a second level key update message indicative of updating the master key; and in response to the second level key update message, updating the master key based on the preconfigured key updating rule. Milburn further teaches wherein the slave device is caused to update the master key by: receiving, from the first target device, a second level key update message indicative of updating the master key; and in response to the second level key update message, updating the master key based on the preconfigured key updating rule (the master device may include enabling or updating the master device based on the allocated credits as Milburn discloses in par.7 and 57 and 69). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include updating device as taught and suggested by Milburn for the purpose of determining whether the server authorized the master device to communicate with the targeted slave device by independently computing the challenge result of the slave device in the same manner as the server based on the challenge ID associated with the slave device and the public key of the master (Milburn, par.104). For claim 89, Zhang teaches a network device (abstract), comprising:, cause the network device (authentication center par.16) at least to: receive, from a master device (IoT device abstract), the first identification key being generated based on a master key specific to the master device (Zhang teaches that first authentication information and second authentication information A2 is the authentication center corresponding to the first information and the key information K to generate mutual authentication involved in operation of the keys K as Zhang teaches in par.39 on machine translations); and in accordance with a determination that the verification of the first identification signature is correct, transmit, to the master device,(Zhang teaches that the remote management platform compares the received ' Al is consistent with the first authentication information, if it is consistent, the verifying Internet of things device identity as Zhang teaches in par.57 and 60 on machine translation). While Zhang discloses several devices, Zhang fails to teach at least one processor; and at least one memory including computer program codes; the at least one memory and the computer program codes are configured to, with the at least one processor and master and slave devices, a first level start-up request with a first identification signature corresponding to a first identification key for identifying the master device and verify the first identification signature with a second identification key and a first level start-up authorization response with a first authorization signature corresponding to the second identification key. Milburn teaches, similar system, at least one processor; and at least one memory including computer program codes; the at least one memory and the computer program codes are configured to, with the at least one processor and master and slave devices. (par.24, 40-44). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include processor and memory as taught and suggested by Milburn for the purpose of processing and storing data associated with devices and providing instructions for determining which electrical devices are permitted to link based on the received identification information and generating corresponding authentication codes for each permitted link (Milburn, par.25). Lesenne teaches, similar system, a first level start-up request with a first identification signature corresponding to a first identification key for identifying the master device (Lesenne teaches that a two-level enciphering of the messages of the service to be encrypted, which follow the authenticated service announcement messages, is produced in the following way: encryption with a current encryption key selected from a first set of available keys, then signature with a current authentication key selected from a second set of available keys, the enciphering for authentication being preferably applied to the whole message minus signature, including the encrypted part as Lesenne teaches in par.26 and 45) and verify the first identification signature with a second identification key and a first level start-up authorization response with a first authorization signature corresponding to the second identification key (Lesenne teaches that verification of the signature SGN of the authentication as Lesenne teaches in par.102 and 113). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include a first level start-up authorization response with a first authorization signature corresponding to a second identification key as taught and suggested by Lesenne for the purpose of protecting messages intended to be dispatched over a network, from a sender to at least one receiver comprising means for control of identification of messages by a modifiable current identification key (Lesenne, par.19). For claim 90, Zhang, in views of Milburn and Lesenne discloses the network device of claim 89, fails to teach wherein the master device is included in a group of devices with at least one slave device, and each of the group of devices is assigned with a corresponding device level, and the network device is further caused to: transmit, to the master device, a challenge message for verifying a constitution integrity of the group, the challenge message being with a challenge signature corresponding to the second identification key, and nested with at least one slave challenge signatures corresponding to at least one slave identification key for identifying the at least one slave device in the order of device levels; receive, from the master device, another first level start-up request being with the first identification signature and nested with the at least one slave identification signatures; and verify the nested at least one slave identification signatures with at least one second slave identification key recorded in a constitution integrity table for indicating associations between the group of the devices. Milburn further teaches wherein the master device is included in a group of devices with at least one slave device, and each of the group of devices is assigned with a corresponding device level (par.7 and 28), and the network device is further caused to: transmit, to the master device, a challenge message for verifying a constitution integrity of the group, the challenge message being with a challenge signature corresponding to the second identification key, and nested with at least one slave challenge signatures corresponding to at least one slave identification key for identifying the at least one slave device in the order of device levels (Milburn teaches that the server may transmit the challenge result for the slave device and the challenge ID to the master device, which may transmit the challenge, the challenge ID, and the public key of the master device to the targeted slave device as Milburn discloses in par.99); receive, from the master device, another first level start-up request being with the first identification signature and nested with the at least one slave identification signatures (par.7 and 28); and verify the nested at least one slave identification signatures with at least one second slave identification key recorded in a constitution integrity table for indicating associations between the group of the devices (The master device may transmit the retrieved slave device authentication code to the slave device as part of a request to establish a communication link between the master device and the slave device. If the slave device determines based on the slave device authentication code that the server authorized the master device to link with the slave device, then the slave device may accept the request and establish the communication link between the master device and the slave device. In some embodiments, the back-end server, not the user, designates which devices may be linked and provides authentication information associated with the one or more designated links in the keycode that is received by the master device as Milburn teaches in par.7). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang to include challenge message as taught and suggested by Milburn for the purpose of determining whether the server authorized the master device to communicate with the targeted slave device by independently computing the challenge result of the slave device in the same manner as the server based on the challenge ID associated with the slave device and the public key of the master (Milburn, par.104). Claim(s) 74 and 85 is/are rejected under 35 U.S.C. 103 as being unpatentable over Applicant’s Admitted Prior Art in IDs Zhang et al (CN 103532963) in views of Milburn et al (2020/0287905) as applied to claims above, and further in view of Evans et al (2003/0200451). For claim 74, Zhang, as modified by Milburn, teaches all the limitations as previously set forth and Zhang further teaches that wherein the master device is further caused to: in accordance with a determination of sensitive data to be written into the master device, encrypt the sensitive data with a first data encryption key (Zhang par.62 on machine translation), the first data encryption key being generated based on the master key specific to the master device (Zhang par.62 and 63 on machine translation). Zhang, as modified by Milburn, fails to teach write the encrypted sensitive data into the master device. Evans teaches, similar system, write the encrypted sensitive data into the master device (par.11 and 40). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang, as modified by Milburn, to include write the encrypted sensitive data into the master device as taught and suggested by Evans for the purpose of determining whether to deny forwarding of the data, to pass the data clear, or to encrypt the data (Evans, par.11). For claim 85, Zhang, as modified by Milburn, teaches all the limitations as previously set forth except for wherein the slave device is further caused to: in accordance with a determination of sensitive data to be written into the slave device, encrypt the sensitive data with a first slave data encryption key, the first slave data encryption key being generated based on the master key specific to the slave device; and write the encrypted sensitive data into the slave device. Evans further teaches wherein the slave device is further caused to: in accordance with a determination of sensitive data to be written into the slave device, encrypt the sensitive data with a first slave data encryption key (par.30), the first slave data encryption key being generated based on the master key specific to the slave device; and write the encrypted sensitive data into the slave device (par.11 and 40). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang, as modified by Milburn, to include write the encrypted sensitive data into the master device as taught and suggested by Evans for the purpose of determining whether to deny forwarding of the data, to pass the data clear, or to encrypt the data (Evans, par.11). Claim(s) 76 is/are rejected under 35 U.S.C. 103 as being unpatentable over Applicant’s Admitted Prior Art in IDs Zhang et al (CN 103532963) in views of Milburn et al (2020/0287905) and Lesenne et al (EP 1402679) as applied to claims above, and further in view of Campanotti et al (2016/0042024). Zhang, as modified by Milburn and Lesenne, teaches all the limitations as previously set forth except for wherein the master device is further caused to: determine a first crypto-checksum based on a first integrity key for checking integrity of data and a current version of the data stored on the master device, the first integrity key being generated based on the master key specific to the master device; and in accordance with a determination that the first crypto-checksum is the same as a second crypto-checksum obtained from an network device, determine that an integrity check on the master device is completed, the second crypto-checksum being generated by the network device based on a stored version of the data and a second integrity key. Campanotti teaches, similar system, wherein the master device is further caused to: determine a first crypto-checksum based on a first integrity key for checking integrity of data and a current version of the data stored on the master device (par.21), the first integrity key being generated based on the master key specific to the master device (par.22); and in accordance with a determination that the first crypto-checksum is the same as a second crypto-checksum obtained from an network device, determine that an integrity check on the master device is completed, the second crypto-checksum being generated by the network device based on a stored version of the data and a second integrity key (par.35 and 43). It would have been obvious to one ordinary skill in the art before effective filling date to modify Zhang, as modified by Milburn and Lesenne, to include crypto-checksum as taught and suggested by Campanotti for the purpose of creating and updating an integrity status of the at least a portion of the data, verifying and providing the integrity status to a storage system user (Campanotti, abstract). Response to Amendments/Arguments Applicant’s arguments with respect to claim(s) 71-90 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. The applicant’s arguments regarding new amendment limitations in claims 71, 81 and 89, has been considered but is moot, because the examiner applied new art, Lesenne et al (EP 1402679), that covers newly claimed limitation. Regarding dependent claims arguments, said arguments are moot because the applied references are not considered to have alleged differences, and therefore are considered to properly show that for which they were cited. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYUB A MAYE whose telephone number is (571)270-5037. The examiner can normally be reached Monday-Friday 9AM-5PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached at 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /AYUB A MAYE/Examiner, Art Unit 2436 /AMIE C. LIN/Primary Examiner, Art Unit 2436
Read full office action

Prosecution Timeline

Dec 28, 2022
Application Filed
Dec 28, 2022
Response after Non-Final Action
Mar 08, 2025
Non-Final Rejection — §103
Jun 12, 2025
Response Filed
Sep 26, 2025
Final Rejection — §103
Nov 18, 2025
Response after Non-Final Action
Dec 29, 2025
Request for Continued Examination
Jan 07, 2026
Response after Non-Final Action
Jan 24, 2026
Non-Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/725,337
Patent 12574211
PERSONAL PRIVATE KEY ENCRYPTION DEVICE
2y 5m to grant Granted Mar 10, 2026
17/978,147
Patent 12574247
DEVICE FOR COMPUTING SOLUTIONS OF LINEAR SYSTEMS AND ITS APPLICATION TO DIGITAL SIGNATURE GENERATIONS
2y 5m to grant Granted Mar 10, 2026
18/077,305
Patent 12547740
INFORMATION PROCESSING DEVICES AND INFORMATION PROCESSING METHODS
2y 5m to grant Granted Feb 10, 2026
18/093,124
Patent 12526274
Geolocated Portable Authenticator for Transparent and Enhanced Information-Security Authentication of Users
2y 5m to grant Granted Jan 13, 2026
18/041,725
Patent 12373573
Vulnerability Processing Method, Apparatus and Device, and Computer-readable Storage Medium
2y 5m to grant Granted Jul 29, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
58%
Grant Probability
99%
With Interview (+41.6%)
5y 2m
Median Time to Grant
High
PTA Risk
Based on 652 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month