Office Action Predictor
Last updated: April 15, 2026
Application No. 18/331,588

Bluetooth Low Energy for Network Troubleshooting

Final Rejection §103§112
Filed
Jun 08, 2023
Examiner
HENNING, MATTHEW T
Art Unit
2491
Tech Center
2400 — Computer Networks
Assignee
Centurylink Intellectual Property LLC
OA Round
2 (Final)
71%
Grant Probability
Favorable
3-4
OA Rounds
3y 5m
To Grant
93%
With Interview

Examiner Intelligence

Grants 71% — above average
71%
Career Allow Rate
410 granted / 577 resolved
+13.1% vs TC avg
Strong +22% interview lift
Without
With
+22.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
17 currently pending
Career history
594
Total Applications
across all art units

Statute-Specific Performance

§101
8.9%
-31.1% vs TC avg
§103
44.8%
+4.8% vs TC avg
§102
17.3%
-22.7% vs TC avg
§112
18.0%
-22.0% vs TC avg
Black line = Tech Center average estimate • Based on career data from 577 resolved cases

Office Action

§103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This office action is in response to the communication filed on 5/28/2025. Claims 1-10 and 17-20 have been examined. Response to Arguments Applicant's arguments filed 9/10/2025 have been fully considered but they are not persuasive. The applicants have amended the claims to require both read and write access to a plurality of attributes in a storage system on the customer device related to servicing the customer device via the mobile device over the secure connection. The applicants assert that this is not taught by the combination of references relied upon in the rejection. The examiner respectfully disagrees. The applicants assert that BALSA only teaches the client writing to the sensor, and not reading. This is clearly not true, as BALSA discusses both reading from and writing to the sensor (and thus data storage therein) by the client throughout the teachings of BALSA. For example, in section V.B it is discussed that after establishing a secure session the client writes to the sensor (steps 4.1, 4.2, 4.3, etc. for example), and the clients reads from the sensor (step 5.1 for example). BALSA also discusses in section VII.C that from the point of view of the user of the client that initiates the operations “no lag is perceivable when sensitive characteristics are read or written”. There are further examples of the client reading and writing attributes related to servicing the customer device throughout BALSA. Regarding the applicants’ further comments regarding BALSA, the examiner notes a few things with respect to the claim language. First, the claim language does not require “read-and-write access to each of a plurality of attributes”. Instead, being able to read some attributes and write some attributes meets the claim language of “read-and-write access to a plurality of attributes”. Second, the claims do not limit what falls into the scope of “customer device” and as such any device being serviced would fall under the broad scope of “customer device”. Third, the description of why the instant application is different from the teachings of BALSA are not relevant as the claims are much broader than this description. Last, the examiner notes that the claims do not require reading and writing, but simply require that those operations are allowed. As discussed above, BALSA discusses client reading from and writing to the sensor, which certainly shows that those operations are allowed. The applicants could amend the claims to be more specific, such that a system like BALSA does not read on the broad language being claimed, but at this time have chosen not to do so. As such, the teachings of BALSA still apply. As such, the examiner does not find the applicants’ arguments persuasive, and therefore the examiner has maintained the rejections set forth below. As objections and rejections not set forth below have been withdrawn. Claims 1-10 and 17-20 have been examined. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 17-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 17 recites “allowing the mobile device or read-and-write access…”. It appears as though this statement is incomplete, as it is not clear what the mobile device is being allowed in the alternative to read-and-write access. Based on the amendment made to claim 1, the examiner assumes that “or” was meant to be removed from the claim but was accidentally left in the claim. All claims depending from any of the above rejected claims are also rejected by virtue of their dependence upon their respective rejected parent claim(s). Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-3, 5-10, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over “BALSA: Bluetooth Low Energy Application Layer Security Add-on” hereinafter referred to as Balsa, and further in view of Scott et al. (US Patent Number 5,311,596) hereinafter referred to as Scott, and further in view of “Kerberos: An Authentication Service for Open Network Systems” hereinafter referred to as Kerberos. Regarding claim 1, Balsa disclosed a method for providing remote servicing of a customer device over a secure short-range wireless communication network connection, comprising: advertising, by the customer device, a unique identifier of the customer device over a short-range wireless communication network (Balsa Page 23 Lines 17-20 for example); receiving a request from a mobile device to initiate a connection to the customer device (Balsa Section V.A for example); in response to the request, exchanging pairing information with the mobile device (Balsa Section IV.A for example); based on the pairing information, establishing a secure connection between the mobile device and the customer device (Balsa Section IV.A for example); and performing an authentication method over the secure connection, comprising: deriving a public key (Balsa Sections IV.A and V.A.1 for example); advertising the public key to the mobile device (Balsa Sections IV.A and V.A.1 for example); collecting authentication information (Balsa Sections IV.A and V.A for example); receiving a second authentication key from the mobile device (Balsa Sections IV.A and V.A for example); and in response to determining that authentication information matches information within a decryption of the second authentication key, allowing the mobile device read-and-write access to a plurality of attributes in a storage system on the customer device related to servicing the customer device via the mobile device over the secure connection (Balsa Sections IV.A and V.A and V.B for example – also see VII.C). Balsa did not indicate that the collecting authentication information included deriving a first authentication key using the public key, a stored private key, and the unique identifier of the customer device, or that authentication could be performed by ensuring that the two authentication keys match. Kerberos taught that in a ticket based authentication system, which is analogous to the token based authentication of Balsa, the ticket (token) should include the identifiers of both the client and the server in order to limit the use of the ticket to only those two devices (Kerberos Page 5 Col. 2 Lines 8-23 for example). It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Kerberos in the token based authentication system of Balsa by including the unique ids of the client and the sensor in the encrypted token. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure that the token could only be used for authenticating the identified client to the identified sensor. Scott taught that in a challenge response system, instead of decrypting the encrypted challenge received in the response and comparing the decrypted challenge with the plain challenge, the verifier can encrypt the challenge and compare this to the encrypted challenge received in the response (Scott Col. 4 Line 56- Col. 5 Line 59). It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to employed the teachings of Scott in the system of Balsa and Kerberos by encrypting the expected token data at the verifier and comparing this to the received encrypted token. This would have been obvious because the person having ordinary skill in the art would have recognized that decrypting the received token and then comparing the decrypted data to the expected data predictably accomplishes the same result as encrypting the expected token data and comparing encrypted expected token data with the received encrypted token. Regarding claim 2, Balsa, Kerberos, and Scott taught that advertising the unique identifier comprises advertising a serial number of the customer device (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 3, Balsa, Kerberos, and Scott taught that advertising the unique identifier of the customer device is in association with advertising a first service of one or more services provided by the customer device, wherein the first service includes one or more attributes of the plurality of attributes; receiving the second authentication key comprises receiving, in a first writable attribute of the plurality of attributes included in the first service, a first value including the second authentication key; and in response to determining that the first authentication key and the second authentication key match: writing a portion of the first value to the first attribute; and allowing the mobile device read, write, or read-and-write access to the plurality of attributes included in the first service via the secure connection (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 5, Balsa, Kerberos, and Scott taught writing the portion of the first value to the first attribute comprises: converting a user identifier included in the first value from a hexadecimal format to text format; and writing the user identifier in the text format to a user identifier attribute included in the plurality of attributes (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 6, Balsa, Kerberos, and Scott taught after allowing the mobile device read, write, or read-and-write access to the plurality of attributes included in the first service, advertising one or more of the one or more services, including the unique identifier of the customer device in advertisements of the one or more services (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 7, Balsa, Kerberos, and Scott taught deriving the public key comprises repeatedly deriving a new public key according to a predetermined frequency (Balsa Sections IV.A and V.A.1 for example). Regarding claim 8, Balsa, Kerberos, and Scott taught that deriving the public key comprises including one or more digits in the public key (Ks for example) that indicate a version of the stored private key (Balsa Section IV.B for example). Regarding claim 9, Balsa, Kerberos, and Scott taught that deriving the first authentication key comprises: concatenating the unique identifier of the customer device, the public key, and the stored private key; inputting the concatenation into a hashing algorithm; and truncating a resulting hash to a predetermined number of characters (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 10, Balsa, Kerberos, and Scott taught that in response to receiving a read request from the mobile device for an attribute of the plurality of attributes, providing a value of the attribute; and in response to receiving a write request from the mobile device for an attribute of the plurality of attributes, writing the value to the attribute (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 17, Balsa disclosed a customer device permitting remote servicing of the customer device over a secure short-range wireless communication network connection, the customer device comprising: at least one processor; memory, operatively connected to the at least one processor and storing instructions that, when executed by the at least one processor, cause the customer device to: advertise a unique identifier of the customer device over a short-range wireless communication network (Balsa Page 23 Lines 17-20 for example); receive a request from a mobile device to initiate a connection (Balsa Section IV.A for example); in response to the request, exchange pairing information with the mobile device (Balsa Sections IV.A for example), comprising at least one of: indicating support for secure connections; indicating a requirement for man-in-the-middle (MITM) protection; indicating capability for out of band (OOB) authentication information reception; and indicating the customer device does not have input or output capabilities for authentication; based on the pairing information, establish a secure connection between the mobile device and the customer device (Balsa Sections IV.A for example); and perform an authentication method over the secure connection, comprising: deriving a public key (Balsa Sections IV.A and V.A.1 for example); advertising the public key to the mobile device (Balsa Sections IV.A and V.A.1 for example); collecting authentication information including the public key, a stored private key received OOB, and the unique identifier of the customer device (Balsa Sections IV.A and V.A for example); receiving a second authentication key from the mobile device (Balsa Sections IV.A and V.A for example); and in response to determining that authentication information matches information within a decryption of the second authentication key, allowing the mobile device or read-and-write access to a plurality of attributes in a storage system on the customer device related to servicing the customer device via the mobile device over the secure connection (Balsa Sections IV.A and V.A and V.B for example – also see VII.C). Balsa did not indicate that the collecting authentication information included deriving a first authentication key using the public key, a stored private key, and the unique identifier of the customer device, or that authentication could be performed by ensuring that the two authentication keys match. Kerberos taught that in a ticket based authentication system, which is analogous to the token based authentication of Balsa, the ticket (token) should include the identifiers of both the client and the server in order to limit the use of the ticket to only those two devices (Kerberos Page 5 Col. 2 Lines 8-23 for example). It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Kerberos in the token based authentication system of Balsa by including the unique ids of the client and the sensor in the encrypted token. This would have been obvious because the person having ordinary skill in the art would have been motivated to ensure that the token could only be used for authenticating the identified client to the identified sensor. Scott taught that in a challenge response system, instead of decrypting the encrypted challenge received in the response and comparing the decrypted challenge with the plain challenge, the verifier can encrypt the challenge and compare this to the encrypted challenge received in the response (Scott Col. 4 Line 56- Col. 5 Line 59). It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to employed the teachings of Scott in the system of Balsa and Kerberos by encrypting the expected token data at the verifier and comparing this to the received encrypted token. This would have been obvious because the person having ordinary skill in the art would have recognized that decrypting the received token and then comparing the decrypted data to the expected data predictably accomplishes the same result as encrypting the expected token data and comparing encrypted expected token data with the received encrypted token. Regarding claim 18, Balsa, Kerberos, and Scott taught that in advertising the unique identifier, the communication network is operative to advertise the unique identifier of the customer device in association with a first service of one or more services included in a profile stored in the storage system, wherein the first service includes a plurality of attributes corresponding to at least a portion of the plurality of attributes of the customer device (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 19, Balsa, Kerberos, and Scott taught that in receiving the second authentication key, the communication network is operative to: receive a request to write a first value in a first writable attribute of the plurality of attributes included in the first service, wherein the first value includes the second authentication key; extract the second authentication key from the first value; and in response to determining that the first authentication key and the second authentication key match: write a remaining portion of the first value to the first attribute; and allow the mobile device read, write, or read-and-write access to the plurality of attributes included in the first service via the secure connection (Balsa Sections IV.A and V.A and V.B for example). Regarding claim 20, the first service includes attributes corresponding to information about the customer device, wherein the customer device is a network access device; a second service of the one or more services includes attributes corresponding to performing one or more troubleshooting operations; and a third service of the one or more services includes attributes corresponding to information about access to a network to which the network access device is connected, wherein the network is not the short-range wireless communication network (Balsa Sections I, IV.A and V.A and V.B for example). Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Balsa, Kerberos, and Scott, and further in view of Mor et al. (US Patent Number 9,507,977). Regarding claim 4, Balsa, Kerberos, and Scott did not teach that the advertising included adjusting the advertising rate. Mor taught in a BLE system that advertising the first service comprises: advertising the first service at a first advertising rate for a predetermined duration; and after the predetermined duration, in response to not receiving the request from the mobile device to initiate a connection, advertising the first service at a second advertising rate, wherein the first advertising rate is more frequent than the second advertising rate (Mor Col. 5 Lines 10-43 for example). It would have been obvious to the person having ordinary skill in the art before the effective filing date of the invention to have employed the teachings of Mor in the BLE system of Balsa, Kerberos, and Scott by increasing the advertising rate of the sensor ID after a period of time without response (e.g. being out of range). This would have been obvious because the person having ordinary skill would have been motivated to help the sensor establish a connection to the client. Conclusion Claims 1-10, 17-20 have been rejected. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW T HENNING whose telephone number is (571)272-3790. The examiner can normally be reached Monday-Friday 9AM-3PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at (571)272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MATTHEW T HENNING/ Primary Examiner, Art Unit 2491
Read full office action

Prosecution Timeline

Jun 08, 2023
Application Filed
Jun 12, 2025
Non-Final Rejection — §103, §112
Sep 10, 2025
Response Filed
Sep 25, 2025
Final Rejection — §103, §112
Apr 07, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12596817
SECURE REMOTE CONTROLS PACKAGE FOR SEMI-AUTONOMOUS SYSTEMS
2y 5m to grant Granted Apr 07, 2026
Patent 12566868
APPARATUS AND METHODS FOR BINDING A SYSTEM ON CHIP AND A MEMORY DEVICE WITH A KEY
2y 5m to grant Granted Mar 03, 2026
Patent 12562911
Fork Processing Method And Blockchain Node
2y 5m to grant Granted Feb 24, 2026
Patent 12554895
ENCRYPTED ANALYTICAL VAULT FOR TRUSTED ACCESS
2y 5m to grant Granted Feb 17, 2026
Patent 12554897
ELECTRONIC DEVICE
2y 5m to grant Granted Feb 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
71%
Grant Probability
93%
With Interview (+22.0%)
3y 5m
Median Time to Grant
Moderate
PTA Risk
Based on 577 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month