Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This is in response to applicant’s amendment filed on 01/22/2026 to Application #18/427,690 filed on 01/30/2024 in which Claims 1-14, 21-26 are presented for examination.
Status of Claims
Claims 1-14, 21-26 are pending for examination, of which Claims 1, 9, 21, and 22, 23, 25, 26 are rejected under 35 U.S.C. 103, dependent Claims 2-8, 10-14, 24 are objected to as being allowable as a whole over prior art if rewritten in independent form including all of the limitations of their base independent claim and any intervening dependent claims, with all applicable 35 U.S.C. 103 rejections satisfied, Claims 15-20 are canceled.
Applicant’s Most Recent Claim Set of 01/22/2026
Applicant’s most recent claim set of 01/22/2026 is considered to be the latest claim set under consideration by the examiner.
Prior Art Rejections - 35 USC § 102 and/or 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1, 9, 21 are rejected under 35 U.S.C. 103 as being unpatentable over Dujari et al US Patent Application Publication #2006/0185021 and further in view of Silverman US Patent Application Publication #2003/0046577.
Regarding Claim 1, Dujari et al discloses:
A device, comprising: a network interface; and a processing system including an electronic processor [(Dujari et al Par 25 Lines 5-12, Par 26 Lines 8-10; Fig 1 Items 120, 170) where Dujari et al teaches an electronic device with a network interface and a processing system with an electronic processor], wherein the processing system is to:
receive, via the network interface, a first challenge received from a server system, the first challenge being received while the processing system has a verified connection to the server system via the network interface [(Dujari et al Par 25 Lines 5-12, Par 26 Lines 8-10, Par 91 Lines 1-6, Par 92 Lines 4-6; Fig 1 Items 120, 170) where Dujari et al teaches the receipt by the electronic device over a network interface via an authenticated and verified network connection a first authenticated server challenge].
transmit, wirelessly, the first challenge to an electronic tether [(Dujari et al Par 91 Lines 4-6, Par 92 Lines 4-6; Par 28 Lines 26-29) where Dujari et al teaches that this received server challenge is then transmitted by the electronic device over wired or wireless communication to an authenticated, connected, or tethered electronic third party login server];
receive, from the electronic tether, a tether response to the first challenge [(Dujari et al Par 92 Lines 6-7) where Dujari et al teaches that the authenticated, connected, or tethered electronic third party login server returns tickets for the server system as the payload of its authenticated challenge response]; and
Dujari et al does not appear to explicitly disclose:
that the challenges are periodic, maintain the verified connection by transmitting, via the network interface, the tether response to the server system.
However, Silverman discloses:
that the challenges are periodic, maintain the verified connection by transmitting, via the network interface, the tether response to the server system [(Silverman Par 63 Lines 1-6, 13-22) where Silverman teaches that a periodic challenge response method of a plurality of challenges is used to maintain a verified connection to a server, in which if the server receives a correct response to a periodic challenge, then the verified connection is maintained, if an incorrect response to the periodic challenge is received, then the verified connection is disabled].
Dujari et al and Silverman are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”. Namely, they are all from the field of “information security”.
It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the teachings of Dujari et al and the teachings of Silverman by providing a periodic challenge response method of a plurality of challenges is used to maintain a verified connection to a server, in which if the server receives a correct response to a periodic challenge, then the verified connection is maintained, if an incorrect response to the periodic challenge is received, then the verified connection is disabled as taught by Silverman in the teaching described by Dujari et al.
The motivation for doing so would be to increase the usability and flexibility of Dujari et al by providing a periodic challenge response method of a plurality of challenges is used to maintain a verified connection to a server, in which if the server receives a correct response to a periodic challenge, then the verified connection is maintained, if an incorrect response to the periodic challenge is received, then the verified connection is disabled as taught by Silverman the teaching described by Dujari et al so as to provide identification of the legitimacy of external constant connections to legitimate devices versus illegitimate devices so that any connections to illegitimate devices can be disabled.
Regarding Claim 9:
It is a method claim corresponding to the system claim of claim 1. Therefore, claim 9 is rejected with the same rationale as applied against claim 1 above.
Regarding Claim 21, the combination of Dujari et al and Silverman discloses:
The device of claim 1, wherein the verified connection to the server allows the device to access the server [(Dujari et al Par 25 Lines 5-12, Par 26 Lines 8-10, Par 91 Lines 1-6, Par 92 Lines 4-6; Fig 1 Items 120, 170) where Dujari et al teaches the receipt by an electronic device over a network interface via an authenticated and verified network connection a first authenticated server challenge, indicating that the verified network connection between the electronic device and a server allows the electronic device to access the server and process an authentication with the server over that verified network connection].
Claim(s) 22, 23, 25, 26 are rejected under 35 U.S.C. 103 as being unpatentable over Dujari et al US Patent Application Publication #2006/0185021 and further in view of Asaumi US Patent Application Publication #2009/0193502.
Regarding Claim 22, Dujari et al discloses:
A non-transitory computer-readable storage medium including instructions that, when executed by a processor of an electronic device, cause the processor to [(Dujari et al Par 25 Lines 5-12, Par 26 Lines 8-10; Fig 1 Items 120, 170, 155, 156) where Dujari et al teaches an electronic device with a network interface, a medium for storing instructions, and a processing system with an electronic processor]:
receive, via a network interface of the electronic device, a challenge from a server, the challenge being received while the electronic device has a verified connection to the server via the network interface [(Dujari et al Par 25 Lines 5-12, Par 26 Lines 8-10, Par 91 Lines 1-6, Par 92 Lines 4-6; Fig 1 Items 120, 170) where Dujari et al teaches the receipt by the electronic device over a network interface via an authenticated and verified network connection an authenticated server challenge];
transmit, wirelessly, the challenge to an electronic tether [(Dujari et al Par 91 Lines 4-6, Par 92 Lines 4-6; Par 28 Lines 26-29) where Dujari et al teaches that this received server challenge is then transmitted by the electronic device over wired or wireless communication to an authenticated, connected, or tethered electronic third party login server];
receive, from the electronic tether, a tether response to the challenge [(Dujari et al Par 92 Lines 6-7) where Dujari et al teaches that the authenticated, connected, or tethered electronic third party login server returns tickets for the server system as the payload of its authenticated challenge response]; and
Dujari et al does not appear to explicitly disclose:
terminate the verified connection between the electronic device and the server by: transmitting an invalid tether response to the server, the invalid tether response to terminate the verified connection;
However, Asaumi discloses:
terminate the verified connection between the electronic device and the server by: transmitting an invalid tether response to the server, the invalid tether response to terminate the verified connection;
[(Asaumi Par 71 Lines 1-14; Par 73 Lines 1-11; Par 74 Lines 1-8; Fig 7 Items 100, 200, 250, S240, S242, S244, S246, S248, S252) where Asaumi teaches that the verified connection between the electronic device or terminal device and the server is terminated or disconnected by the server after an invalid tether response or personal identification device authentication reply is sent from the electronic device or terminal device to the server];
Dujari et al and Asaumi are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”. Namely, they are all from the field of “information security”.
It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the teachings of Dujari et al and the teachings of Asaumi by providing a verified connection between the electronic device or terminal device and the server that is terminated or disconnected by the server after an invalid tether response or personal identification device authentication reply is sent from the electronic device or terminal device to the server as taught by Asaumi in the teaching described by Dujari et al.
The motivation for doing so would be to increase the usability and flexibility of Dujari et al by providing a verified connection between the electronic device or terminal device and the server that is terminated or disconnected by the server after an invalid tether response or personal identification device authentication reply is sent from the electronic device or terminal device to the server as taught by Asaumi in the teaching described by Dujari et al so as to provide a higher security process of a server authenticating a terminal device by making use of a third party tether or third party personal identification device to make that decision for the terminal device.
Regarding Claim 23, the combination of Dujari et al and Asaumi discloses:
The non-transitory computer-readable storage medium of claim 22, wherein the instructions include instructions to cause the processor to: determine that the tether response is invalid by determining that the tether response from the electronic tether has been received after a predetermined period of time; and terminate the verified connection in response to determining that the tether response is invalid [(Dujari et al Par 92 Lines 6-7 Par 86 Table Member Rtw) where Dujari et al teaches that if the authenticated, connected, or tethered electronic third party login server returns a tether response after a maximum specified time window, then the login authentication request fails, causing the verified connection to the server to be terminated or disconnected].
Regarding Claim 25, the combination of Dujari et al and Asaumi discloses:
The non-transitory computer-readable storage medium of claim 22, wherein the instructions include instructions to cause the processor to: transmit, wirelessly, the challenge to the electronic tether using a short-range communication protocol [(Dujari et al Par 91 Lines 4-6, Par 92 Lines 4-6; Par 28 Lines 26-29) where Dujari et al teaches that this received server challenge is then transmitted by the electronic device over wired or short range wireless communication via acoustic or infrared to an authenticated, connected, or tethered electronic third party login server].
Regarding Claim 26, the combination of Dujari et al and Asaumi discloses:
The non-transitory computer-readable storage medium of claim 22, wherein the electronic tether is a mobile device, a mobile phone, or an embedded device in a personal property [(Asaumi Par 59 Lines 5-9) where Asaumi teaches that the electronic tether or personal identification device can be a personal property of a USB token comprising a recording medium, or more commonly known as a USB Stick].
Allowable Subject Matter – Dependent Claim(s)
Claims 2-8, 10-14, 24 are objected to as being dependent upon a rejected base claim, but would be allowable as a whole over prior art if rewritten in independent form including all of the limitations of their base independent claim, and any intervening dependent claims.
The following is a statement of reasons for the indication of allowable subject matter.
The closest prior art, as recited, Dujari et al US Patent Application Publication #2006/0185021 and Silverman US Patent Application Publication #2003/0046577, are also generally directed to various aspects of providing verification of trust between multiple electronic devices by utilizing a challenge-response procedure. However, Dujari et al or Silverman does not teach or suggest, either singularly or in combination, the particular combination of steps or elements as recited in the dependent Claims 2-8, 10-14 when also incorporating all of the limitations of their base independent claim and any intervening dependent claims. For example, none of the cited prior art teaches or suggests the steps of:
receiving, via a network interface, a second challenge of multiple periodically received challenges from a server system, the second challenge being received while a processing system has a verified connection to the server system, transmit, wirelessly, a second challenge for an electronic tether, and lose the verified connection to the server system in response to failing to transmit a second tether response to the server system that is expected based on the second challenge, receiving, via the network interface, a public key from the electronic tether, and transmitting, via the network interface, the public key and an attribute to the server system, wherein the multiple periodically received challenges from the server system are based on the public key and the attribute, and where an interval between challenges of the multiple periodically received challenges is less than ten seconds, where the instructions include instructions to cause the processor to determine that the tether response is invalid by determining that a distance between the electronic device and the electronic tether exceeds a distance threshold. and terminate the verified connection in response to determining that the tether response is invalid.
As recited in dependent Claims 2-8, 10-14, 24 when also incorporating all of the limitations of their base independent claim, any intervening dependent claims, any additional limitations found in dependent Claims 2-8, 10-14, 24 and with all applicable 35 U.S.C. 103 rejections satisfied.
Response to Arguments
Applicant’s arguments filed 01/22/2026 have been fully considered but are not fully persuasive.
On page 8 of applicant’s arguments, applicant states that Dujari et al does not teach “the first challenge being received while the processing system has a verified connection to the server system via the network interface”, as found in Claim 1 and similarly found in Claim 9.
The examiner disagrees with this argument. The applicant seems to be confusing the broader way that the word verified can be interpreted as compared to the narrower way that the word authenticated is interpreted. Yes, authentication is a type of verification, but there are also many additional types of verification in addition to authentication. Dujari teaches the receipt by an electronic device over a network interface via an authenticated and verified network connection a first authenticated server challenge (Dujari et al Par 25 Lines 5-12, Par 26 Lines 8-10, Par 91 Lines 1-6, Par 92 Lines 4-6; Fig 1 Items 120, 170), this matches the claim limitation being argued because the networked electronic equipment of Dujari et al have to first establish and verify a network communications connection between them, before an authentication challenge can be transmitted over that network communications connection.
On page 8 of applicant’s arguments, applicant states that Dujari et al does not teach “a plurality of received challenges from a server system”, a paraphrase of a limitation found in Claim 1 and a similar paraphrase of a similar limitation found in Claim 9.
The examiner disagrees with this argument. The examiner is not using Dujari et al as an example of teaching this paraphrased limitation of “a plurality of received challenges from a server system”, but rather brings in Silverman as an example of teaching this limitation. See [(Silverman Par 63 Lines 1-6, 13-22) where Silverman teaches that a periodic challenge response method of a plurality of challenges is used to maintain a verified connection to a server, in which if the server receives a correct response to a periodic challenge, then the verified connection is maintained, if an incorrect response to the periodic challenge is received, then the verified connection is disabled.
The applicant on page 9 of applicant’s arguments also argues that the two references combined in the rejection of the claims are not combinable. The examiner completely disagrees with this conclusion on the part of the applicant. Both references, Dujari et al and Silverman, are involved with computer network security and authentication, so they are definitely combinable.
The applicant on page 9 of applicant’s arguments also argues that the two references combined in the rejection of the claims are not combinable.
In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). In this case, the examiner completely disagrees with this conclusion on the part of the applicant. Both references, Dujari et al and Silverman, are involved with computer network security and authentication, as a result, they would be combinable to someone of ordinary skill in the art.
Therefore 35 U.S.C. 103 rejections are still maintained on Claims 1, 9, 21-23, 25-26 of the Instant Application.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Hose - US_20080070550: Hose teaches the provision of subscriber-specific information with respect to subscribers of multiple wireless networks associated with multiple carriers.
Heimlicher et al - US_20180302226: Heimlicher et al teaches first and second challenge responses received at a computer system from a client device.
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789. The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM Eastern Time.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards, can be reached on (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2408