DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments, see Non-Final Rejection, filed 11/26/2025, with respect to the 103 rejection regarding the same assignee have been fully considered and are persuasive. The 103 rejection of claims 1-20 has been withdrawn and replaced with the 103 rejection presented below.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of copending Application No. 18/352,359 in view of Natusuno et al. (US 2003/0236867).
The ‘359 application teaches the instantly recited claims, but does not teach: receiving a request from at least one authenticator to authenticate the at least one device in response a request or transmitting the one or more credentials in response to the request.
Natsuno teaches:
Receiving a request from at least one authenticator to authenticate the at least one device in response a request (Authentication server receives a request for public key from any of mobile terminals, management server, or content servers) – see [0055].
Transmitting the one or more credentials in response to the request (Authentication server transmits public key (i.e., credential), which is requested, to apparatus (i.e., authenticator)) – see [0055] and [0099]),
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of the ‘359 application by using an authentication server to respond to transmission requests for credentials, in order to manage public keys, based upon the beneficial teachings provided by Natsuno. These modifications would result in better efficiency to the system.
The dependent claims are all taught by the ‘359 application or are only slight variants.
This is a provisional nonstatutory double patenting rejection.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “to enable the at least one device to be given access to the secure communication channel responsive to verification of the one or more credentials by the authenticator”. This is merely an intended use limitation. It is unclear if the applicant is trying to claim this limitation. The examiner suggests modifying the claim to recite a system claim to include the authenticator.
Claim 13 recites “to enable the at least one device to be given access to the secure communication channel responsive to verification of the one or more credentials by the authenticator”. This is merely an intended use limitation. It is unclear if the applicant is trying to claim this limitation. The examiner suggests modifying the claim to positively recite this limitation.
Claim 17 recites “to enable the at least one device to be given access to the secure communication channel responsive to verification of the one or more credentials by the authenticator”. This claim is a method defined by specific steps. However, these are merely intended use limitations. It is unclear if this limitation is a step that is included in the method or not. Therefore, it is unclear how this “to enable” and “to be” phrases are limiting the method, and therefore the metes and bounds of the claim are not clear. This step should be positively defined in order to avoid ambiguity. The Examiner suggests using language such as “giving the at least one device access to the secure communication channel responsive to verification of the one or more credentials by the authenticator.”
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 5, 7, 9, 10, 13-15, and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Ports, III et al. (US 2023/0252115) in view of Natusuno et al. (US 2003/0236867).
Regarding claims 1, 13, and 17, Ports teaches a method (and corresponding apparatus and product) comprising:
Authenticating a device to access a secure communication channel to communicate with an onboarding management system, wherein the at least one device is given access to the secure communication channel responsive to authentication (Conventionally, digital onboarding of accounts limited to populations that were authenticatable and verifiable through a specific pre-approved channel – see [0002]).
Ports does not teach, but Natsuno teaches:
Receiving one or more credentials for at least one device (Authentication server manages public keys (i.e., credentials) of mobile terminals, management server, content server, and authentication server in a public key system – see [0055]. Memory controller transmits public key to authentication server through communication unit – see [0069]).
Receiving a request from at least one authenticator to authenticate the at least one device in response a request (Authentication server receives a request for public key from any of mobile terminals, management server, or content servers) – see [0055].
Transmitting the one or more credentials in response to the request (Authentication server transmits public key (i.e., credential), which is requested, to apparatus (i.e., authenticator)) – see [0055] and [0099]),
Wherein the one or more credentials comprise one or more keys (public key) – see [0055]
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Ports by using an authentication server to respond to transmission requests for credentials, in order to manage public keys, based upon the beneficial teachings provided by Natsuno. These modifications would result in better efficiency to the system.
Regarding claim 2, Natsuno teaches a public key of a public-private key pair, as discussed above.
Regarding claims 5, 14, and 18, the combination of Ports and Natsuno teaches that the one or more keys comprise a multi-purpose key used: i) for validating the at least one device for secure onboarding and ii) as a network credential to provide the at least one device with access to the secure communication channel (Ports teaches providing access to the secure communication channel via authentication for onboarding management system, as discussed above – see claim [0002] and Natsuno teaches the authentication server providing the public key to the requesting device, as discussed above – see [0055] and [0099]. Therefore, the combination suggests that the key could be used for both validating for onboarding management system and providing access to the secure channel).
Regarding claims 7, 9, 10, 15, and 19, the claims recite various embodiments of the key being specific or multi-purpose for various uses. As discussed above, the combination of references suggests using a key for both a network credential for providing access to the secure communication channel, as well as using a key for validating the device for onboarding. Accordingly, the result-effective adjustment of this and other particular types of conventional working conditions (e.g., using a multi-purpose key or specific-purpose keys for each task) is deemed merely a matter of judicious selection and routine optimization which is well within the purview of the skilled artisan.
Claims 3 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Ports, III et al. (US 2023/0252115) in view of Natusuno et al. (US 2003/0236867), and further in view of Sierra et al. (US 2023/0412373).
The teachings of Ports and Natsuno are relied upon for the reasons set forth above.
Regarding claims 3 and 6, Ports and Natsuno do not teach that the onboarding management system receives the one or more credentials as part of a cryptographically attested digital document from a site corresponding to a manufacturer or the at least one device, or that the multi-purpose key comprises a device attestation key.
Sierra teaches that Public key P.sub.RK can be signed by the device attestation key. The device attestation key is a device specific key that is associated with a chip ID of the accessory device and/or the public key accelerator on the accessory device. Tying in the attested key of the device provides a cryptographic mechanism to secure the recovery key system against attacks via unauthorized or counterfeit devices. Attestation for a device can be enabled using an attestation key pair for the device that is associated with and/or tied to a chip identifier for the accessory device during assembly or factory provisioning (i.e., manufacturer). A private hardware key for the device can be stored in fused memory on the device, such as a PROM. The public attestation key can be stored to an attestation server for use during attestation. The public attestation key may also be stored on the accessory device – see [0058].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Ports and Natsuno by receiving the credentials as part of a cryptographically attested digital document from a site corresponding to a manufacturer of the at least one device, and the multipurpose key being a device attestation key, for the purpose of efficiency, based upon the beneficial teachings provided by Van Wageningen.
Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Ports, III et al. (US 2023/0252115) in view of Natusuno et al. (US 2003/0236867), and further in view of Van Wageningen et al. (US 2023/0337068).
The teachings of Ports and Natsuno are relied upon for the reasons set forth above.
Regarding claim 4, Natsuno teaches that the at least one processing device is an authentication server, as discussed above. However, Ports and Natsuno do not teach that the server utilizes a remote authentication dial-in user service protocol (RADIUS).
Van Wageningen teaches that authentication servers typically run software supporting the Remote Authentication Dial-In User Service (RADIUS) and EAP protocols – see [0009].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Ports and Natsuno by using RADIUS protocol, as is typical for authentication server, for the purpose of efficiency, based upon the beneficial teachings provided by Van Wageningen.
Claims 8, 16, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ports, III et al. (US 2023/0252115) in view of Natusuno et al. (US 2003/0236867), and further in view of Simic et al. (US 12,041,059).
The teachings of Ports and Natsuno are relied upon for the reasons set forth above.
Regarding claims 8, 16, and 20, Ports and Natsuno do not teach that the access comprises initial access to the secure communication channel in connection with the secure onboarding of the at least one device and additional access to the secure communication channel in connection with operations after the secure onboarding of the last least one device.
Simic teaches: embodiments of systems may provide for the efficient verification of a device and user possession of the device, such as prior to affording some privilege to the device (e.g., access to resources or systems). Some embodiments may confer certain privileges for a limited time after verification, for example, a user might be required to complete an onboarding process within a threshold period of time or access to a resource (e.g., like a document to digitally sign or option to confirm registration of account) may be conferred for a limited period of time – see column 4 lines 24-33.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Ports and Natsuno by giving initial access to the communication channel in connection with the secure onboarding and additional access for other operations, for the purpose of completing the onboarding process before giving full access to the communication channel, based upon the beneficial teachings provided by Simic. This would result in increased security.
Claims 11 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Ports, III et al. (US 2023/0252115) in view of Natusuno et al. (US 2003/0236867), and further in view of Brooker et al. (US 11,546,324).
The teachings of Ports and Natsuno are relied upon for the reasons set forth above.
Regarding claims 11 and 12, Ports and Natsuno do not teach that the at least one processing device is configured to pull the credentials from a backend service associated with the onboard management system in response to receiving the request from the authenticator, or that the device is configured to allow the one or more credentials to be pushed to the at least one processing device from the onboarding management system.
Brooker teaches a system wherein the provisioning service 114 can provision the execution environment in the on-demand code execution system 110. As described herein, the provisioned execution environment can be a single-use environment for the request or session. In some embodiments, the provisioning service 114 can publish the credential to the on-demand code execution system 110. The on-demand code execution system 110 can use the credential at execution time to validate that the specific request has proper rights to carry out the requested task. In other embodiments, instead of the credential being pushed to on-demand code execution system 110, the on-demand code execution system 110 can pull the credential from the credential service 116A, which may occur at a later time, such as at step five (5) – see column 11 lines 42-55.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Ports and Natsuno by either pushing or pulling the credential to the processing device, as either is a standard way to obtain a credential, based upon the beneficial teachings provided by Brooker. This would result in efficiency
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LISA C LEWIS whose telephone number is (571)270-7724. The examiner can normally be reached Monday - Thursday 7am-2pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/LISA C LEWIS/Primary Examiner, Art Unit 2495