Prosecution Insights
Last updated: July 17, 2026
Application No. 18/456,996

SECURE DEVICE REFERRAL TO SECOND ENVIRONMENT SYSTEM

Non-Final OA §102
Filed
Aug 28, 2023
Examiner
BAYOU, YONAS A
Art Unit
2499
Tech Center
2400 — Computer Networks
Assignee
Lenovo (United States) Inc.
OA Round
3 (Non-Final)
84%
Grant Probability
Favorable
3-4
OA Rounds
0m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 84% — above average
84%
Career Allowance Rate
728 granted / 864 resolved
+26.3% vs TC avg
Strong +15% interview lift
Without
With
+15.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
18 currently pending
Career history
879
Total Applications
across all art units

Statute-Specific Performance

§101
2.8%
-37.2% vs TC avg
§103
56.0%
+16.0% vs TC avg
§102
29.7%
-10.3% vs TC avg
§112
1.7%
-38.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 864 resolved cases

Office Action

§102
DETAILED ACTION This Office Action is in response to Appeal Brief filed on 05/18/2026. In the instant Amendment, claims 1, 11 and 20 have been amended; and claims 1, 11 and 20 are independent claims. Claims 1-20 have been examined and are pending. This Action is made non-final. In view of the Appeal Brief filed on 05/18/2026, PROSECUTION IS HEREBY REOPENED. A new ground of rejection is set forth below. To avoid abandonment of the application, appellant must exercise one of the following two options: (1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 CFR 1.113 (if this Office action is final); or, (2) initiate a new appeal by filing a notice of appeal under 37 CFR 41.31 followed by an appeal brief under 37 CFR 41.37. The previously paid notice of appeal fee and appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth in 37 CFR 41.20 have been increased since they were previously paid, then appellant must pay the difference between the increased fees and the amount previously paid. A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by signing below: Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments with respect to claims 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Applicant’s arguments, see the Applicant Arguments/Remarks, filed 05/18/2026, with respect to the rejection(s) of claim(s) 1-20 under 35 U.S.C. 103(a) as being unpatentable over Gattu (US Patent Pub. No.: 2017/0324565) in view of Borch (U.S. Patent No.: 8,494,485) have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Song et al., Pub. No.: US 2023/0362170. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1-20 are rejected under 35 U.S.C. 102 (a) (2) as being anticipated by Song et al., Pub. No.: US 2023/0362170. Referring to claim 1, Song teaches a method, the method comprising: receiving, from a device at a first environment system, an enterprise configuration request (abstract, an access configuration request is received from a client device in a first network environment; paras. 0093 and fig. 10); verifying, at the first environment system, an identity of the device (abstract, para. 0095-0099 and fig. 10, step 1030); identifying, at the first environment system, the device is assigned to a second environment system (abstract; paras. 0093 and fig. 10. Step 1010, The access configuration request may be associated with an access to a network resource in a second network environment); and providing, at the first environment system and to the device, instructions for the device identifying how the device is to access the second environment system, wherein the providing comprises providing encryption information to the device allowing the device to verify the second environment system, wherein the second environment system provides a response to the enterprise configuration request (abstract, para. 0055-0056 and fig. 4-5; para. 0063 and fig. 6; After verifying that the user 510 is allowed to access the network resource 550 (i.e. second environment system)). Referring to claim 2, Song further teaches wherein the providing encryption information comprises providing a public key that the device presents at the second environment system that the second environment system utilizes to verify the device (Abstract, paras. 0061, 0068-0069, 0072 and figs. 6-8, client device 620 presents a secret key for verification). Referring to claim 3, Song further teaches wherein the public key comprises a public key provided to the first environment system from the second environment system and corresponds to a private key held by the second environment system (para. 0061 and fig. 6, he first authentication information 630 may be generated based on a secret key associated with the network resource 670 (i.e., second environment system)). Referring to claim 4, Song further teaches wherein the providing encryption information comprises providing an encryption certificate that the device presents at the second environment system to verify encryption information provided by the second environment system in response to the encryption certificate (para. 0061 and fig. 6, token is generated using a secret key of the network resource 670; paras. 0068, 0070, 0085, 0103-0104). Referring to claim 5, Song further teaches wherein the identifying comprises identifying the device is assigned, within a database accessible by the first environment system, to an entity hosting the second environment system (abstract, paras. 0059 and fig. 6; access configuration request is associated with an access to a network resource in a second network environment and comprises first authentication information associated with the client device.). Referring to claim 6, Song further teaches wherein the verifying comprises validating the device using a public key of the first environment system against a private key stored within the device (abstract, paras. 0062-0063, 0072; access configuration request can be verified based on the first authentication information, e.g., the encrypted token…. para.0095 and fig. 10, step 1030). Referring to claim 7, Song further teaches wherein the providing instructions comprises providing, from the first environment system, signed metadata indicating an endpoint of the second environment system; wherein the signed metadata is signed by the first environment system utilizing a private key of the first environment system; wherein the device verifies a signature of the signed metadata against a signature certificate stored on the device and generated utilizing the private key of the first environment system (abstract, paras. 0093-0097 and fig. 10; it is the verification steps/process). Referring to claim 8, Song further teaches wherein the providing instructions comprises identifying an endpoint corresponding to the second environment system (abstract, para. 0063, send an instruction 650 to a firewall 660 to add the client device 620 to a permission list (e.g., allow list), thereby the connectivity between the client device 620 and the network resource 670 can be established.). Referring to claim 9, Song further teaches wherein the receiving an enterprise configuration request comprises receiving a zero-touch configuration request (paras. 0022, 0046, 0049 and fig. 3, automatically without requiring human interaction with the service's provider/virtualization/zero touch). Referring to claim 10, Song further teaches wherein the first environment system and the second environment system comprise cloud service providers (paras. 0004, 0093, 0102 and fig. 1; para. 0109, first network environment may comprise a public cloud, and the second network environment may comprise a private cloud). Referring to claim 11, This claim is similar in scope to claim 1, and is therefore r ejected under similar rationale. Referring to claim 12, This claim is similar in scope to claim 2, and is therefore rejected under similar rationale. Referring to claim 13, This claim is similar in scope to claim 3, and is therefore rejected under similar rationale. Referring to claim 14, This claim is similar in scope to claim 4, and is therefore rejected under similar rationale. Referring to claim 15, This claim is similar in scope to claim 5, and is therefore rejected under similar rationale. Referring to claim 16, This claim is similar in scope to claim 6, and is therefore rejected under similar rationale. Referring to claim 17, This claim is similar in scope to claim 7, and is therefore rejected under similar rationale. Referring to claim 18, This claim is similar in scope to claim 8, and is therefore rejected under similar rationale. Referring to claim 19, This claim is similar in scope to claim 9, and is therefore rejected under similar rationale. Referring to claim 20, This claim is similar in scope to claim 1, and is therefore rejected under similar rationale. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Please see the attached PTO-892. Any inquiry concerning this communication or earlier communications from the examiner should be directed to YONAS A BAYOU whose telephone number is (571)272-7610. The examiner can normally be reached Monday-Friday 7AM-4PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached at 571-272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /YONAS A BAYOU/Primary Examiner, Art Unit 2499 06/12/2026 /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499
Read full office action

Prosecution Timeline

Aug 28, 2023
Application Filed
Jul 03, 2025
Non-Final Rejection mailed — §102
Nov 03, 2025
Response Filed
Dec 17, 2025
Final Rejection mailed — §102
Mar 17, 2026
Notice of Allowance
May 18, 2026
Response after Non-Final Action
Jun 02, 2026
Response after Non-Final Action
Jun 16, 2026
Non-Final Rejection mailed — §102 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12670287
Session Access to Files in a File System Mounted in a Secure Memory Device
4y 0m to grant Granted Jun 30, 2026
Patent 12664869
ANTI TAMPER PROCESSING
3y 9m to grant Granted Jun 23, 2026
Patent 12657250
SYSTEMS AND METHODS FOR INTERCONNECTING DIRECTORIES
2y 9m to grant Granted Jun 16, 2026
Patent 12659306
COMMUNICATION MEDIATION DEVICE FOR MEDIATING COMMUNICATION WITH CLOUD SERVICE FOR STORING DATA, COMPUTER-READABLE NON-TRANSITORY RECORDING MEDIUM STORING COMMUNICATION MEDIATION PROGRAM, AND IMAGE PROCESSING SYSTEM
2y 1m to grant Granted Jun 16, 2026
Patent 12659151
SYSTEMS AND METHODS FOR LINKING AN AUTHENTICATION ACCOUNT TO A DEVICE
1y 1m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
84%
Grant Probability
99%
With Interview (+15.3%)
2y 10m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 864 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month