DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/22/2023 has been considered by the examiner.
Response to Amendment
This Office action has been modified in response to Applicant’s arguments filed 3/12/2026.
Response to Arguments
Applicant’s arguments with respect to claims 1-13 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-13 are rejected under 35 U.S.C. 103 as being unpatentable over Chan et al. (US 2022/0417235 A1, hereinafter Chan,) in view of Lee et al. (US 2024/0169071 A1, hereinafter Lee,) further in view of Bar-El et al. (US 2020/0167480 A1, hereinafter Bar-El).
Regarding claim 1, Chan discloses an access filtering method for filtering access of a connected object to a local area communication network, ([0004], methods for establishing, or re-establishing, trust for untrusted devices and to provision or re-provision an untrusted device connected to a network.) implemented by a routing device of said local area network ([figure 1, 111] and [0022] The gateway interface device 111 may also include local network interfaces to provide communication signals to requesting entities/devices in the premises.) wherein the method comprises: detecting a connected object waiting for pairing within said local area network; ([0038] The Laptop computer 306, read as connected object, may generate and submit a service request via the gateway 307. [Figure 3, 302] The network, read as LAN. That is, the connected object may request to pair with the LAN.) blocking an access of said connected object to said local area network. (Chan [Figure 7A, 706] and [0058] The service request may be rejected (step 706).)
Chan differs from the claimed invention in not specifically teaching the steps of assigning a confidence score to said connected object, based on information relating to said connected object; notifying at least one trusted device of said local network of the request to pair said connected object and of said assigned confidence score. However, Lee teaches a trusted device confirmation unit (figure 4, 400) having a risk score calculation unit to calculate and assign confidence score to the connect object based on information, i.e., user device account settings, relating to the connected object ([0069] and [0079]). Lee further teaches the trusted device confirmation unit 400 may then transmit the calculated risk score to the device management server to determine whether the user device is a trusted device through the received risk score. Therefore, it would have been obvious to a person of skill in the art before the effective filing date of the claimed invention to modify Chan to include the steps of assigning a confidence score to said connected object and notifying at least one trusted device of said local network of the request to pair said connected object and of said assigned confidence score, as taught by Lee, in order to improve the performance of the system.
The combination of Chan and Lee is not relied on for the claim language -upon receipt of a user pairing refusal from said at least one trusted device. However, Bar-El teaches [0028] referring to FIG. 1, system 100 may operate to provide trustworthiness data (e.g., trustworthiness report, score(s), indicators) to querying device 113, with regard to the trustworthiness of target device 112 (e.g., an IoT device whose trustworthiness is being queried), i.e. providing information to at least one trusted device 113. Bar-El also teaches -upon receipt of a user pairing refusal from said at least one trusted device ([0011] the ability to allow devices, servers, and interested parties to ensure, verify, and/or confirm, verify/confirm read as the ability to perform a “user pairing refusal,” the identity and/or trustworthiness of one or more deployed appliances or devices, i.e. target device 112 attempts to connect, thus a report is generated for querying device 113, wherein device 113 may accept, decline, or perform other operations for target device’s 112 connection). Therefore, it would have been obvious to a person of skill in the art before the effective filing date of the claimed invention to modify the combination of Chan and Lee to include a “user pairing refusal” ability, as taught by Bar-El, in order to [0011] allow devices, servers, and interested parties to ensure, verify and/or confirm the identity and/or trustworthiness of one or more deployed appliances or devices.
Regarding claim 2, Chan discloses the information relating to said connected object is received from said connected object and/or obtained by said routing device upon a request sent to a remote server. ([Figure 7] and [0057] the registration entity 304 may receive a service request from a user device, e.g., the laptop computer 306, via the gateway 307 and the network 302, and the service request may include identifying information for the user device.)
Regarding claim 3, Chan discloses the information relating to said connected object belongs to the group consisting of: a MAC address of said connected object; a power of a signal received from said connected object; a connection identifier of said connected object; a product identifier of said connected object; a manufacturer identifier of said connected object; a validity period of a security certificate associated with said connected object; a security level of a security certificate associated with said connected object; an identifier of an organization that issued a security certificate associated with said connected object. ([0057] The request to the connected object, read as user device 306, may also include identifying information about the user device 306 (e.g., the user device 306 IP address, the user device 306 MAC address, and/or other information that would assist in identifying the user device 306.))
Regarding claim 4, Lee teaches the confidence score calculation that may calculate the score based on a vulnerability score ([0060] such that Lee teaches the assigned confidence score result belonging to the group consisting of a vulnerability score of said connected object. Lee also teaches the risk score calculation unit may include: an additional test process for calculating scores for detailed inspections included in the additional check item through a second check result based on the completed additional check process ([0010]). The combination of Chan and Lee does not specifically teach the assigned confidence score results from an aggregation of at least some of elements belonging to the group consisting of: a respect for user privacy score of said connected object; an eco-design score of said connected object. However, Bar-El teaches [0091] a trustworthiness report that may include [0073] privacy concerns in the calculation. That is, the trustworthiness report, read as confidence score, includes retaining a privacy score related to the device 112, which is requesting to join the network. Therefore, it would have been obvious to a person of skill in the art before the effective filing date of the claimed invention to modify the combination of Chan and Lee to include the steps of assigning a confidence score to said connected object, including a privacy score for said connected object, as taught by Bar-El, in order to improve the system performance.
Regarding claim 5, Chan discloses at least one trusted device that is notified of said pairing request is said trusted device closest to said connected object or a trusted device belonging to an administrator of said local area network. ([0045], the trust-assigning entity 303 may provide confirmation of the authentication of the gateway 307 to the registration entity 304 as in step 509 and the registration entity 304 may, in step 510, and via the gateway 307, provide the laptop computer 306 an acknowledgement that the gateway 307 authentication has been confirmed and/or that the gateway 307 is trusted.
Regarding claim 6, Chan discloses the method also comprises: transmitting, to said at least one trusted device, a request to obtain a code associated with said connected object; ([Figure 6] and [0048] The trusted device 403 may ascertain identifying information from said connected object 409, via manual entry or bar code scanning. connecting said routing device, based on said code obtained from said at least one trusted device, to said connected object, in order to obtain said information relating to said connected object. ([Figure 5] Step 510 shows connecting the routing device to said connected object 306 after obtaining a code from the connected object with identifiable information of said connected object.)
Regarding claim 7, Chan discloses request to obtain a code is a request to scan a Quick-Response (QR) code associated with said connected object, and wherein the scanned QR code is received by said routing device from said at least one trusted device. ([Figure 6 and [0048] the mobile device 409 may ascertain the identifying information, for example, via manual entry or bar code scanning, read as QR code.)
Regarding claim 8, Chan discloses the method also comprises, once said connected object has been paired with said routing device of said local area communication network, ([Figure 6] Step 614 shows connected object 409 has been paired with routing device 407.) transmitting, to said at least one trusted device, a request to pair said connected object to said at least one trusted device, ([Figure 6] Steps 601 and 608 show connected object 409 transmitting to the registration entity 404 and later in steps 602 and 610 the trusted device 403.) and in case a pairing request with said at least one trusted device is received, transmitting, to said connected object, a request to initiate a pairing sequence.([Figure 6] Steps 606 and 614 show communication between trusted devices and the connected object, i.e. the a pairing request and initiation sequence has taken place. )
Regarding claim 9, Chan discloses in response to said connected object paired with said routing device being unable to be paired with said at least one trusted device too, said routing device acts as a proxy server between said at least one trusted device and said connected object. [0018] In the event the connected object may not connect to a trusted device on the network, the communication links 101 from the routing device may be configured to provide wireless communication channels to network devices 125 for communication, therefore acting as a proxy server between trusted devices and said connected object.)
Regarding claim 10, Chan discloses the routing device is a gateway to access said local area communication network. (Figure 3 and [0031], computing devices having a network interface suitable for exchanging communications via a local network, the network 302.)
Regarding claim 11, the claimed limitations are similar to the claimed limitations as recited in claim 1, except the claim 11 is directed to a non-transitory computer readable medium comprising program code instructions stored thereon for implementing an access filtering method for filtering access of a connected object to a local area communication network. Note Chan teaches [0056] the method steps may be performed based on execution, by one or more processors of one or more computing devices, of instructions that are stored in a computer-readable medium, such as a non-transitory computer-readable memory. Thus, claim 11 is rejected as the same reasons as set forth in claim 1.
Regarding claim 12, the claimed limitations are rejected as the same reasons as set forth in claim 1 and Chan also discloses a routing device (figure 3, 307) of a local area communication network (figure 3, 302.)
Regarding claim 13, the claimed limitations of claim are rejected as the same reasons as set forth in claim 10.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Pochuev, Denis Alexandrovich et al. (2020). Internet of things (iot) device management (US 20200145409 A1). Filed 2018-06-14. Discloses technologies to address initial establishment of device credentials in an Internet of Things (IoT) infrastructure. (abstract)
Bar-El, Hagai et al. (2018). System, device, and method of managing trustworthiness of electronic devices (US 20180293387 A1). Filed 2016-05-02. Discloses a method of managing trustworthiness of electronic device. (abstract)
Johnson, Michael W. et al. (2020). Managing network connected devices (US 10637724 B2). Filed 2017-06-05. Discloses methods, systems, and computer program products for managing Internet of Things (IoT) network-connected devices. (abstract)
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MATTHEW JAMES DWYER whose telephone number is (571)272-5121. The examiner can normally be reached M-F 6 a.m. - 3 p.m. EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yuwen Pan can be reached at (571) 272-7855. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MATTHEW JAMES DWYER/
Examiner, Art Unit 2649
/GEORGE ENG/ Supervisory Patent Examiner, Art Unit 2699
Prosecution Insights