DETAILED ACTION
This Action is in consideration of the Applicant' s response on December 24, 2025. Claims 1 and 12 are amended by the Applicant. Claims 1 – 8, 10 – 18, 23, 25, and 26, where Claims 1 and 12 are in independent form, are presented for examination.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on December 24, 2025 has been entered.
Response to Arguments
Applicant’s arguments filed December 24, 2025 have been fully considered but they are moot based on the new grounds of rejection necessitated by amendment
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim(s) 1 – 8, 10, 12 – 18, 23, and 25 – 26 are rejected under 35 U.S.C. 103 being unpatentable over PGPub. 2015/0046710 (hereinafter “Clish”), in view of PGPub. 2007/0297609 (hereinafter “Adams”).
1. Regarding Claims 1, 23, and 26, Clish discloses of an electronic device [Fig. 3; Para. 0032] comprising:
one or more processors [Fig. 3; Para. 0032];
a storage device on which one or more programs are stored (Claim 26), when the one or more programs are executed by the one or more processors, such that the one or more processors implement a device identity authentication method [Fig. 3; Para. 0032, 0057];
one or more I/O interfaces connected between the processor and the memory, configured to implement information exchange between the processor and the memory [Fig. 3; Para. 0032, 0057];
the device identity authentication method is applied to a terminal device [Fig. 2, item 106B and Fig. 5] and comprises:
generating, by the terminal device, a first identity authentication message in response to an identity authentication instruction [Fig. 2, item 204, Fig. 5; Para. 0026, 0034; module 106B]; wherein the identity authentication instruction is an instruction initiated by a second device to authenticate an identity of the terminal device [Fig. 2, item 202; Para. 0024, 0034];
sending the first identity authentication message to the second device, for the second device to authenticate the identity of the terminal device based on the first identity authentication message [Fig. 2, items 204 and Fig. 5; Para. 0026-27, 0034], to obtain a first identity authentication result [Para. 0027-28, 0034];
receiving, by the terminal device, a second identity authentication message [Fig. 2, items 206 and Fig. 5; Para. 0029, 0034]; wherein the second identity authentication message is a message sent by the second device when the first identity authentication result is passed;
authenticating an identity of the second device based on the second identity authentication message, to obtain a second identity authentication result [Fig. 2, item 208 and Fig. 5; Para. 0030, 0034];
when the second identity authentication result is passed, entering, by the terminal device a credit mode [Para. 0054; secure communications between devices after authentication], wherein in the credit mode, the terminal device and the second device communicate with each other and are capable of securely transmitting data to each other [Para. 0054; secure communications between devices after authentication],
Clish, however, does not specifically disclose that the credit mode ends when the terminal device and the second device are disconnected from each other or of cyclically monitoring, within a preset time period, a number of effective communications that occur in the credit mode between the terminal device and the second device and exiting from the credit mode when the number of effective communications is less than a preset threshold.
Adams discloses a system and method of establishing a secure connection between devices [Abstract]. Adams further discloses that after the terminal device enters credit mode (secure channel) [Fig. 2; Para. 0026], if a heartbeat response is not received within the heartbeat response lost timeout period, the secure channel is dropped (cyclically monitoring, within a preset time period, a number of effective communications that occur in the credit mode between the terminal device and the second device and exiting from the credit mode when the number of effective communications is less than a preset threshold) and the encryption keys can be cleared from the devices (the credit mode ends when the terminal device and the second device are disconnected from each other) [Fig. 2; Para. 0015, 0027]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Adams with Clish since both systems perform device authentication utilizing security keys. The combination would enable the Clish system to provide additional security by providing the heartbeat in the secure channel to prevent attackers from keeping the connection alive [Adams; Para. 0016-17].
2. Regarding Claim 2, Clish, in view of Adams, discloses the limitations of Claim 1. Clish further discloses that the first identity authentication message comprises a first random number, an identifier of the terminal device, and first signature data [Fig. 2, item 204; Para. 0026]; wherein the first random number is generated by the terminal device [Para. 0026], and the first signature data is obtained by signing the first random number using a private key of the terminal device and through a pre agreed signature algorithm [Para. 0026].
3. Regarding Claim 3, Clish, in view of Adams, discloses the limitations of Claim 2. Clish further discloses that generating a first identity authentication message in response to an identity authentication instruction comprising:
generating, by the terminal device, the first random number in response to the identity authentication instruction [Fig. 2, item 204; Para. 0026];
signing the first random number using the private key of the terminal device and through a pre agreed signature algorithm, to obtain the first signature data [Fig. 2, item 204; Para. 0026];
obtaining the first identity authentication message based on the first random number, the identifier of the terminal device, and the first signature data [Fig. 2, item 204; Para. 0026].
4. Regarding Claim 4, Clish, in view of Adams, discloses the limitations of Claim 2. Clish further discloses that the second identity authentication message comprises second signature data obtained by signing the first random number using a private key of the second device and through the signature algorithm [Fig. 2, item 206; Para. 0029].
5. Regarding Claim 5, Clish, in view of Adams, discloses the limitations of Claim 4. Clish further discloses that the authenticating an identity of the second device based on the second identity authentication message to obtain a second identity authentication result comprising: authenticating the second signature data using a public key of the second device and through an authentication algorithm to obtain the second identity authentication result [Para. 0030].
6. Regarding Claim 6, Clish, in view of Adams, discloses the limitations of Claim 2. Clish further discloses that the signature algorithm comprises either an ECDSA algorithm [Para. 0025, 0027] or an RSA algorithm.
7. Regarding Claim 7, Clish, in view of Adams, discloses the limitations of Claim 1. Clish further discloses that after obtaining the second identity authentication result, the method further comprises: when the second identity authentication result is authentication passed, returning a second identity authentication result to the second device [Fig. 2, item 208; Para. 0030].
8. Regarding Claim 8, Clish, in view of Adams, discloses the limitations of Claim 1. Clish further discloses that after obtaining the second identity authentication result, the method further comprises: when the second identity authentication result is authentication failed, generating, recording, or sending an alarm message [Fig. 2, item 208; Para. 0030].
9. Regarding Claim 10, Clish, in view of Adams, discloses the limitations of Claim 8. Adams further discloses that after the terminal device entering a credit mode [Fig. 2], the method further comprises: monitoring a connection status between the terminal device and the second device; when the connection status is disconnected, exiting from the credit mode [Fig. 2; Para. 0027-28].
10. Regarding Claims 12 and 25, Clish discloses of an electronic device [Fig. 3; Para. 0032] comprising:
one or more processors [Fig. 3; Para. 0032];
a memory on which one or more programs are stored, wherein the one or more programs are executed by the one or more processors [Fig. 3; Para. 0032], such that the one or more processors implement the device identity authentication method applied to an upper computer [Fig. 2, item 106A and Fig. 4], comprising:
sending, by the upper computer, an identity authentication instruction to a first device [Fig. 2, item 202 and Fig. 4; Para. 0024];
receiving a first identity authentication message returned by the first device [Fig. 2, item 204 and Fig. 4; Para. 0026, 0033]; wherein the first identity authentication message is information generated by the first device in response to the identity authentication instruction [Fig. 2, item 202, 204 and Fig. 4; Para. 0024-26, 0033];
authenticating an identity of the first device based on the first identity authentication message, to obtain a first identity authentication result [Fig. 2, item 204 and Fig. 4; Para. 0027-28, 0033];
when the first identity authentication result is passed, sending a second identity authentication message to the first device for the first device to authenticate an identity of the upper computer based on the second identity authentication message [Fig. 2, item 206 and Fig. 4; Para. 0029-30, 0033], to obtain the second identity authentication result [Fig. 2, item 208 and Fig. 4; Para. 0029-30, 0033];
receiving a message of entering a credit mode sent by the first device; wherein the first device enters the credit mode when the second identity authentication result is authentication passed [Para. 0054; secure communications between devices after authentication]; in the credit mode, the first device and the upper computer communicate with each other and are capable of securely transmitting data to each other [Para. 0054; secure communications between devices after authentication];
one or more I/O interfaces connected between the processors and the memory, configured to implement information exchange between the processors and the memory [Fig. 3, items 302, 304; Para. 0032].
Clish, however, does not specifically disclose of receiving a message of exiting from the credit mode sent by the first device; wherein the first device sends the message of exiting from the credit mode when a number of effective communications within a preset time period is lower than a preset threshold.
Clish, however, does not specifically disclose that the credit mode ends when the first device and the upper computer are disconnected from each other or receiving a message of exiting from the credit mode sent by the first device; wherein the first device sends the message of exiting from the credit mode when a number of effective communications that occur in the credit mode between the upper computer and the first device within a preset time period is lower than a preset threshold.
Adams discloses a system and method of establishing a secure connection between devices [Abstract]. Adams further discloses that after the terminal device enters credit mode (secure channel) [Fig. 2; Para. 0026], if a heartbeat response is not received within the heartbeat response lost timeout period, the secure channel is dropped (first device sends the message of exiting from the credit mode when a number of effective communications that occur in the credit mode between the upper computer and the first device within a preset time period is lower than a preset threshold) and the encryption keys can be cleared from the devices (the credit mode ends when the first device and the upper computer are disconnected from each other) [Fig. 2; Para. 0015, 0027]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Adams with Clish since both systems perform device authentication utilizing security keys. The combination would enable the Clish system to provide additional security by providing the heartbeat in the secure channel to prevent attackers from keeping the connection alive [Adams; Para. 0016-17].
11. Regarding Claim 13, Clish, in view of Adams, discloses the limitations of Claim 12. Clish further discloses that the first identity authentication message comprises a first random number, an identifier of the first device, and first signature data [Fig. 2, item 204; Para. 0026]; wherein the first random number is generated by the terminal device [Para. 0026], and the first signature data is obtained by signing the first random number using a private key of the terminal device and through a pre agreed signature algorithm [Para. 0026].
12. Regarding Claim 14, Clish, in view of Adams, discloses the limitations of Claim 13. Clish further discloses that authenticating an identity of the first device based on the first identity authentication message to obtain a first identity authentication result comprising: obtaining a public key of the first device based on the identifier of the first device [Fig. 2; Para. 0026-28]; wherein the private key of the first device and the public key of the first device are identity keys of the first device [Fig. 2; Para. 0026-28]; authenticating the first signature data using the public key of the first device and through the signature algorithm, to obtain the first identity authentication result [Fig. 2; Para. 0026-28].
13. Regarding Claim 15, Clish, in view of Adams, discloses the limitations of Claim 13. Clish further discloses that the second identity authentication message comprises second signature data obtained by signing the first random number using a private key of the upper computer and through a predetermined signature algorithm [Fig. 2, item 206; Para. 0029].
14. Regarding Claim 16, Clish, in view of Adams, discloses the limitations of Claim 13. Clish further discloses that the signature algorithm comprises either an ECDSA algorithm [Para. 0025, 0027] or an RSA algorithm.
15. Regarding Claim 17, Clish, in view of Adams, discloses the limitations of Claim 12. Clish further discloses that the first device is authenticated based on the first identity authentication message [Fig. 2, items 204; Para. 0026-28], and after obtaining the first identity authentication result, the method further comprises: when the first identity authentication result is failed, terminating the identity authentication process [Fig. 2; Para. 0028].
16. Regarding Claim 18, Clish, in view of Adams, discloses the limitations of Claim 12. Clish further discloses that after sending a second identity authentication message to the first device [Fig. 2, items 206; Para. 0029], the method further comprises:
receiving the second identity authentication result returned by the first device [Fig. 2, items 208; Para. 0030].
Claim(s) 11 is rejected under 35 U.S.C. 103 being unpatentable over PGPub. Clish, in view of Adams, in further view of PGPub. 2014/0196142 (hereinafter “Louboutin”).
17. Regarding Claim 11, Clish, in view of Adams, discloses the limitations of Claim 10. Neither Clish or Adams discloses that the terminal device and the second device are connected through a cable or that when the connection state is disconnected, exiting from the credit mode comprises: exiting from the credit mode when the cable is disconnected from the terminal device and/or the second device
Louboutin further discloses that the terminal device and the second device are connected through a cable [Para. 0024]; when the connection state is disconnected [Fig. 4; Para. 0075-77], exiting from the credit mode comprises: exiting from the credit mode when the cable is disconnected from the terminal device and/or the second device [Fig. 4; Para. 0075-77]. While Adams discloses a wireless connection, since the heartbeat signals are transmitted in the secure channel, the heartbeat would have been measured through the cable. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Louboutin with Clish and Adams since the systems enable secure communications between devices. The motivation to do so is to provide additional methods of connecting device for system flexibility (obvious to one skilled in the art).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. PGPub. 2009/0094681.
Contacts
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tae K. Kim, whose telephone number is (571) 270-1979. The examiner can normally be reached on Monday - Friday (10:00 AM - 6:30 PM EST).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jorge Ortiz-Criado, can be reached on (571) 272-7624. The fax phone number for submitting all Official communications is (703) 872-9306. The fax phone number for submitting informal communications such as drafts, proposed amendments, etc., may be faxed directly to the examiner at (571) 270-2979.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free).
/TAE K KIM/Primary Examiner, Art Unit 2496