DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
This office action is in response to the claim amendments filed on March 10, 2026.
Claims 1-20 are pending.
Claims 21-60 have been canceled.
Claims 10-12 have been withdrawn.
Claims 1-9 and 13-20 have been examined.
Response to Arguments
With respect to Claim Rejections - 35 USC § 101
Applicant argues, without concurring in the rejection and in the interests of advancing prosecution, Applicant has amended the independent claims to recite:....For example, amended claim 1 recites that the user identifier comprises "an ephemeral public key of a user generated for a current content distribution session" and "a signed one-time identifier signed by an identification node that is separate from the content distribution node" and further recites "in response to determining, using control circuitry, whether a signature used to sign the signed one-time identifier is valid by verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user." These limitations provide a specific cryptographic network security architecture in which user authorization is cryptographically verified while persistent user identify is structurally prevented from reaching the content distribution node. These are not steps that can be performed mentally or by hand, rather, they define generation of session-specific asymmetric key pairs at the user node, cryptographic signing by a network node that is separate from the content distribution node, and public-key signature verification as a gating condition before any content supplier request is generated. See Applicant’s arguments pages 9-10.
The Examiner, however, respectfully disagrees. As a preliminary matter, the Examiner follows the 2019 Patent Eligibility Guidance (“2019 PEG”) which is a synthesis of the case law of Alice and its progeny. Additionally, the reasoning for this rejection is the same as was laid out in the Office Action Non-Final Rejection, dated 09/11/2025 (hereinafter, “Office Action”). Furthermore, while Applicant has amended the claim to recite additional subject matter, for example, the amended claim limitations recite, receiving at a content distribution node and using control circuitry, a content request from a user node, the content request including a content identifier and a user identifier, wherein the user identifier further comprises an ephemeral public key of a user generated for a current content distribution session and a signed one-time identifier signed by an identification node that is separate from the content distribution node; in response to determining, using control circuitry, whether a signature used to sign the signed one-time identifier is valid by verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user, further describe the abstract idea of distribution of content license keys and categorized as a part of organizing human activity.
Applicant further argues that, [m]oreover, as stated in paragraph [0006] and [0007] of the specification, the claimed system addresses the technological problem that, when seeking to access content, "the user requires anonymization as to the source of the request to view the content, but still needs to be able to access the content via the content delivery network," giving rise to "an increasing need for privacy protection for both the user and the content license provider." Applicant's amended claims address this problem in a specific way where the identification node signs a one-time random identifier together with the user's ephemeral public key (e.g., see [0054] - [0068]), the content distribution node verifies the signature using the identification node's public key as a precondition to forwarding the content supplier request (e.g., see [0076] - [0084]), and the content distribution node signs a verification message binding the one-time identifier and a hash of the content license identifier using its own private key, enabling downstream duplicate detection without any user identity record (e.g., see [0084] - [0089]). Such aspects provide a technical improvement to computer network security that solves a problem arising in the context of multi-party digital content distribution networks. See Applicant’s arguments page 10.
The Examiner however, respectfully disagrees, the claims also fail to recite a practical application of the abstract ideas. According to the 2019 PEG, the additional claim elements are considered when determining whether the claim recites a practical application, such as a technological improvement, of the abstract idea. However, the amendments fail to introduce any such additional elements. Therefore, this analysis is the same as the analysis laid out in the Office Action.
The claims also fail to recite significantly more than the abstract idea. According to the 2019 PEG, the additional elements, when considered individually and as a combination, are analyzed to determine whether the claims recite significantly more than the abstract idea. However, the amended claims fail to recite any new additional elements. As noted in the Office Action, the additional elements serve to implement the abstract idea in a computing environment.
Furthermore, the amended claims recite, receiving at a content distribution node and using control circuitry, a content request from a user node, the content request including a content identifier and a user identifier, wherein the user identifier further comprises an ephemeral public key of a user generated for a current content distribution session and a signed one-time identifier signed by an identification node that is separate from the content distribution node; in response to determining, using control circuitry, whether a signature used to sign the signed one-time identifier is valid by verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user. It does not appear that an ephemeral public key of a user generated for a current content distribution session and a signed one-time identifier signed by an identification node that is separate from the content distribution node; and verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user, would result in any improvement to the recited technology. The additional elements of a processing circuitry, limitations are recited at a high level of generality in that it results in no more than simply applying the abstract idea using generic computer elements. The additional elements when considered separately and as an ordered combination do not amount to add significantly more as these limitations provide nothing more than to simply apply the exception in a generic computer environment. Therefore, the amended claim limitations do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. See detail rejection below. Accordingly, this ground of rejection is maintained.
With respect to Claim Rejections - 35 U.S.C. 112(a)
Applicant s amendments to the claims 8 and 20 have overcome this ground of rejection. Accordingly, this ground of rejection is withdrawn.
With respect to Claim Rejections - 35 U.S.C. 112(b)
Applicant’s amendments to the claims 1-9 and 13-20 have overcome this ground of rejection. Accordingly, this ground of rejection is withdrawn.
With respect to Claim Rejections - 35 USC § 103
Applicant’s arguments with respect to claims 1-9 and 13-20 have been considered but are moot in view of new grounds of rejection initiated by applicant’s amendment to the claims.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-9 and 13-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
In the instant case, claims 1-9 are directed to a method, and claims 13-20 are directed to a system comprising control circuitry (i.e., processing circuitry). Therefore, these claims fall within the four statutory categories of invention.
The claims recite an abstract idea of distribution of content license keys. Specifically, the claims recite “receive a content request from a user node, the content request including a content identifier and a user identifier, wherein the user identifier further comprises an ephemeral public key of a user generated for a current content distribution session and a signed one-time identifier signed by an identification node that is separate from the content distribution node; determine whether a signature used to sign the signed one-time identifier is valid, by verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user, and in response to determining the signature used to sign the signed one-time identifier is valid: generate a content supplier request, from the content request; send the content supplier request and the user identifier to a content supply node; receive a content reply from the content supply node, the content reply comprising a content encryption key and a content license identifier associated with the content supplier request and the signed one-time identifier; generate a verification message from the signed one-time identifier, and the content license identifier, and signing the verification message using a private key of the content distribution node; and send to the user node the content license identifier, and the signed verification message”, which is grouped within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See MPEP 2106.04(a)) because it describes a process for carrying out a commercial interaction between parties that involves communicating data needed to complete a transaction to the parties. Accordingly, the claims recite an abstract idea (See MPEP 2106.04).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See MPEP 2106.04(a or d)), the additional element(s) of the claim(s) such as a processing circuitry merely use(s) a computer as a tool to perform an abstract idea. Specifically, the processing circuitry perform(s) the steps or functions of “receive a content request from a user node, the content request including a content identifier and a user identifier, wherein the user identifier further comprises an ephemeral public key of a user generated for a current content distribution session and a signed one-time identifier signed by an identification node that is separate from the content distribution node; determine whether a signature used to sign the signed one-time identifier is valid, by verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user, and in response to determining the signature used to sign the signed one-time identifier is valid: generate a content supplier request, from the content request; send the content supplier request and the user identifier to a content supply node; receive a content reply from the content supply node, the content reply comprising a content encryption key and a content license identifier associated with the content supplier request and the signed one-time identifier; generate a verification message from the signed one-time identifier, and the content license identifier, and signing the verification message using a private key of the content distribution node; and send to the user node the content license identifier, and the signed verification message.” The use of a processor/computer as a tool to implement the abstract idea does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (See MPEP 2106.05(a)), the claims do not apply the abstract idea with, or by use of, a particular machine (See MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (See MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See MPEP 2106.05), the additional element(s) of using a processing circuitry to perform the steps amounts to no more than using a computer or processor to automate and/or implement the abstract idea of distribution of content license keys. As discussed above, taking the claim elements separately, the processing circuitry perform(s) the steps or functions of “receive a content request from a user node, the content request including a content identifier and a user identifier, wherein the user identifier further comprises an ephemeral public key of a user generated for a current content distribution session and a signed one-time identifier signed by an identification node that is separate from the content distribution node; determine whether a signature used to sign the signed one-time identifier is valid, by verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user, and in response to determining the signature used to sign the signed one-time identifier is valid: generate a content supplier request, from the content request; send the content supplier request and the user identifier to a content supply node; receive a content reply from the content supply node, the content reply comprising a content encryption key and a content license identifier associated with the content supplier request and the signed one-time identifier; generate a verification message from the signed one-time identifier, and the content license identifier, and signing the verification message using a private key of the content distribution node; and send to the user node the content license identifier, and the signed verification message.” These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of distribution of content license keys. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a computer or processor to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). Therefore, the claim is not patent eligible.
Regarding dependent claims
Claims 2 and 14 recite: wherein the user identifier further includes a seed value for modification of the signed one-time identifier.
Claims 3 and 15 recite: wherein the verification message is calculated and signed in a trusted execution environment.
Claims 4 and 16 recite: receiving at the content distribution node and using control circuitry, a license verification request from the user node for a license stored on the user node; determining, using control circuitry, whether a license associated with the license verification request from the user node is a duplicate license; and in response to determining that the license is a duplicate license: sending, using control circuitry, a request to the user node to modify the license on the user node; and sending, to a reporting node, using control circuitry, a notification that the license is a duplicate license.
Claims 5 and 17 recite: wherein the request to the user node to modify the license on the user node is a request to delete the license on the user node.
Claims 6 and 18 recite: wherein the content reply is sent in a content decryption package.
Claims 7 and 19 recite: wherein the content decryption package is encrypted.
Claims 8 and 20 recite: receiving at the content distribution node and using control circuitry, a verification request from a user node for a content decryption package stored on the user node, the verification request including the content decryption package; decrypting, using control circuitry, the content decryption package; decrypting, using control circuitry, the content encryption key, one-time content license identifier, and verifying the signed verification message; and determining, using control circuitry, that the decryption of both the content decryption package and the content encryption key, the one-time content license identifier, and the signed verification message were decrypted successfully; and in response to determining that both the content decryption package and the content encryption key, the one-time content license identifier, and the signed verification message were not decrypted successfully: sending, using control circuitry, a request to the user node to modify the content decryption package on the user node; and sending, to a reporting system and using control circuitry, a notification that the content decryption package is a duplicate content decryption package.
Claim 9 recites: wherein the request to the user node to modify the content decryption package on the user node is a request to delete the content decryption package on the user node.
The dependent claims further describe the abstract idea of distribution of content license keys. The dependent claims do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-9 and 13-20 rejected under 35 U.S.C. 112, first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claim 1 recites, by verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user. Thus, claim contain negative limitations.
The Examiner notes that negative limitations tend to define the invention in terms of what it was not, rather than pointing out the invention. In re Schechter, 205 F.2d 185, 98 USPQ 144 (CCPA 1953).
Any negative limitation or exclusionary proviso must have basis in the original disclosure. If alternative elements are positively recited in the specification, they may be explicitly excluded in the claims. See In re Johnson, 558 F.2d 1008, 1019, 194 USPQ 187, 196 (CCPA 1977) (“[the] specification, having described the whole, necessarily described the part remaining.”).
However, As noted in MPEP 2100, “Any claim containing a negative limitation which does not have basis in the original disclosure should be rejected under 35 U.S.C. 112, first paragraph, as failing to comply with the written description requirement.” Ex parte Parks, 30 USPQ2d 1234, 1236 (Bd. Pat. App. & Inter. 1993). See MPEP § 2163 - § 2163.07(b) for a discussion of the written description requirement of 35 U.S.C. 112, first paragraph.
Claim Rejections - 35 USC § 103
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1, 2, 3, 6, 7, 9, 13-15, 18 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Robert W. Fransdonk (US 20060193474 A1, “Fransdonk”) in view of in view of BOLCER et al. (US 20080028207 A1, “BOLCER”).
Regarding claims 1 and 13: Fransdonk discloses: A method for distributing content, the method comprising:
receiving at a content distribution node and using control circuitry, a content request from a user node, the content request including a content identifier and a user identifier, wherein the user identifier further comprises a public key of a user and a signed one-time identifier (Fransdonk [0217]: At block 122, a content consumer, for example utilizing a secure device 46, issues a request via the network 18 to a content distributor 20, operating a conditional access agent 28, to deliver (e.g., via streaming) particular content. In response to the issuance of such a request, a conditional access client 48 executing on a user viewing device (e.g., a PC or set top box) initiates communications with an appropriate conditional access agent 28, via a network 18, to obtain the necessary keys. Specifically, at block 122, as part of the request, the conditional access client 48 communicates a user certificate (e.g., issued by a payment gateway) and optionally a copy-protected device certificate to the conditional access agent 28), (see paragraphs [0074], [0228] and [0262] and Figs. 6A, 6B and 10A);
Examiner’s Note: with respect to claim language “the content request including a content identifier and …, user identifier further comprises an ephemeral public key of a user generated for a current content distribution session and …” this is nonfunctional descriptive material as it only describes data values (i.e., content identifier and ephemeral public key), while the data values are not used to perform any of the recited method steps. Therefore, it has been held the nonfunctional descriptive material will not distinguish the invention from the prior art in term of patentability. MPEP 2111.05.
in response to determining, using control circuitry, whether a signature used to sign the signed one-time identifier is valid, the method further comprising (Fransdonk [0218]: At block 124, the content distributor 20 utilizing the conditional access agent 28, verifies the received user certificate and optionally the copy-protected device certificate by verifying a challenge communicated by the client 48 to the agent 28 in association with the user device and copy-protected device certificates), (see paragraph [0218] and Figs. 6A and 6B):
generating, using control circuitry, a content supplier request, from the content request (see paragraphs [0219] and [0263] and Fig. 10A);
sending from the content distribution node and using control circuitry, the content supplier request and the user identifier to a content supply node (Fransdonk [0263]: At block 224, the conditional access agent 28 transmits a request to a conditional access server 36, associated with a content provider 16 that is an owner or provider of the requested content, for (1) the product key (S.sub.p) in which to decrypt the content and (2) rule information or access criteria, associated with the requested content), (see paragraphs [0232] and Fig. 10A);
receiving at the content distribution node and using control circuitry, a content reply from the content supply node, the content reply comprising a content encryption key and a content license identifier associated with the content supplier request and the signed one-time identifier (Fransdonk [0219]: At block 126, the content distributor 20 utilizing the conditional access agent 28, retrieves access criteria and a product key related to the requested content from a content provider 16. As discussed above, the access criteria and the product key (S.sub.p) are encrypted with a public key of the conditional access agent 28 so that only the specific conditional access agent 28 is able to access the product key), (see paragraphs [0232] and [0267] and Figs. 6B, 7 and 10);
generating at the content distribution node and using control circuitry, a verification message from the signed one-time identifier, and the content license identifier, signing the verification message using a content distributor key (Fransdonk [0220]: The retrieval of the access criteria and product key involves the conditional access agent 28 issuing a request to a conditional access server 36, responsive to which the server 36 verifies regional constraints associated with the requested content in order to return the appropriate access criteria; [0267]: At block, 232, the conditional access agent 28 receives the access criteria and product key, and verifies the signature of the access criteria and the product key utilizing a supplied certificate for the conditional access server 36, which is signed by a trusted third party. The public key of the trusted third party is well known and, in one embodiment, embedded within the conditional access agent 28; [0270]: At block 238, the conditional access agent 28 constructs an order request utilizing the acquired information (e.g., the secure device information, access criteria and subscription information), signs the order request, and communicates the order request to the conditional access client 48 associated with the content destination), (see paragraphs [0074],[0222], [0227] and [0270] and Figs. 6B and 10A); and
sending from the content distribution node to the user node, the content encryption key, the content license identifier, and the signed verification message (Fransdonk [0240]: At block 158, the content distributor 20 transmits the encrypted content, the encrypted product key, and the encrypted unique user key to the content consumer at a content destination 22), (see paragraph [0270] and Figs. 6B and 10A).
As indicated above, Fransdonk discloses, generating a set of session keys (i.e., a random, time varying sequence of session keys) and encrypting content utilizing the set of session keys to generate encrypted content. The set of session keys is transmitted. The encrypted content is transmitted to a content destination, so as to enable the content destination, utilizing the set of session keys, to decrypt the encrypted content. Thus, Fransdonk discloses, the user identifier further comprises a signed one-time identifier.
Fransdonk doesn’t explicitly disclose, the user identifier further comprises an ephemeral public key of a user generated for a current content distribution session. However, this is nonfunctional descriptive material as it only describes data values (i.e., ephemeral public key), while the data values are not used to perform any of the recited method steps. Therefore, it has been held the nonfunctional descriptive material will not distinguish the invention from the prior art in term of patentability. MPEP 2111.05.
As indicated above, Fransdonk discloses, in response to determining, using control circuitry, whether a signature used to sign the signed one-time identifier is valid (see paragraph [0218]).
Fransdonk doesn’t explicitly disclose, verifying the signature using a public key of the identification node. However, BOLCER discloses:
verifying the signature using a public key of the identification node, such that the content distribution node authenticates the user node without obtaining persistent identify information of the user (BOLCER [claim 22]: obtaining proof from an authorization service that a required action was taken; creating a suitable digital certificate after obtaining the proof of action; and, causing the requested content to be made available to the user computer after verifying a signature on the digital certificate is that of an entity authorized to grant access to the requested content; [0067]: When the HTTP serving program verifies the signature on the certificate is that of an entity authorized to grant access to the requested content and identifies the requested content, it sends and the network delivers 616, 617 the requested content to the browser 252).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Fransdonk with BOLCER to include well-known trusted entity/certificate authority system functions such as allowing trusted entity/certificate authority system to authenticate a user to enhance DRM/digital content protection and system performance.
Regarding claims 2 and 14: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk further discloses: The method of claim 1, wherein the user identifier further includes a seed value for modification of the signed one-time identifier (see abstract, paragraphs [0023], [0074] and [0247] and Fig. 8B).
Regarding claims 3 and 15: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk further discloses: The method of claim 1, wherein the verification message is calculated and signed in a trusted execution environment (see paragraphs [0047] and [0235] and [0242]).
Regarding claims 6 and 18: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk further discloses: The method of claim 1, wherein the content reply is sent in a content decryption package (see paragraphs [0232] and [0235] and Fig. 7).
Regarding claims 7 and 19: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk further discloses: The method of claim 6, wherein the content decryption package is encrypted (see paragraphs [0232] and [0235] and Fig. 7).
Regarding claim 9: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk further discloses: The method of claim 8, wherein the request to the user node to modify the content decryption package on the user node is a request to delete the content decryption package on the user node (see paragraphs [0154] and Fig. #).
Claims 4, 5, 8, 16, 17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Robert W. Fransdonk (US 20060193474 A1, “Fransdonk”) in view of in view of BOLCER et al. (US 20080028207 A1, “BOLCER”) Alternatively in view of Sellars et al. (US 20060173794 A1, “Sellars”) further in view of Soorianarayanan et al. (US 20140207601 A1, “Soorianarayanan”).
Regarding claims 4 and 16: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk further discloses: The method of claim 1, wherein the method further comprises:
receiving at the content distribution node and using control circuitry, a license verification request from the user node for a license stored on the user node (see paragraphs [0343] and [0357]);
determining, using control circuitry, whether a license associated with the license verification request from the user node is [a valid
Fransdonk doesn’t explicitly disclose, determining, whether a license is a duplicate license. However, Soorianarayanan discloses:
determining, using control circuitry, whether a license associated with the license verification request from the user node is a duplicate license (see paragraphs [0087]-[0089] and Fig. 11); and
in response to determining that the license is a duplicate license:
sending, using control circuitry, a request to the user node to modify the license on the user node (see paragraphs [0087]-[0089] and Fig. 11); and
sending, to a reporting node, using control circuitry, a notification that the license is a duplicate license (see paragraphs [0087]-[0089] and Fig. 11).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Fransdonk, BOLCER and Sellars with Soorianarayanan to include well-known function of DRM, such as identifying duplicate licenses to enhance system performance and efficiency.
Regarding claims 5 and 17: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk doesn’t explicitly disclose, however, Soorianarayanan discloses: The method of claim 4, wherein the request to the user node to modify the license on the user node is a request to delete the license on the user node (see paragraphs [0087]-[0089] and Fig. 11).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Fransdonk, BOLCER and Sellars with Soorianarayanan to include well-known function of DRM, such as identifying duplicate licenses to enhance system performance and efficiency.
Regarding claims 8 and 20: Fransdonk and BOLCER, discloses the limitations of claim 1 above.
Fransdonk further discloses: The method of claim 7, wherein the method further comprises:
receiving at the content distribution node and using control circuitry, a verification request from a user node for a content decryption package stored on the user node, the verification request including the content decryption package (see paragraphs [0232] and [0235] and Fig. 7);
decrypting, using control circuitry, the content decryption package (see paragraph [0235] and Fig. 7);
decrypting, using control circuitry, the content encryption key, one-time content license identifier, and [verifying the signed verification message signature] (Fransdonk [0224]: At block 130, the content distributor 16, and specifically the conditional access agent 28, decrypts the received product key associated with the requested content, utilizing a private key of the conditional access agent 28; [0249]: decrypts the sequence of session keys encrypted with the product key; [0162]: The secure agent 88 will verify all session information (access criteria, user credentials, local time, signature etc.) before granting access), ((see paragraphs [0224, [0249], [0038] and [0162] and [0361] and Figs. 6A and 6B); and
determining, using control circuitry, that the decryption of both the content decryption package and the content encryption key, the one-time content license identifier [were decrypted successfully and verifying the signed verification message signature] (see paragraphs [0224], [0249], [0038] and [0162] and [0361] and Figs. 6A and 6B); and
Fransdonk doesn’t explicitly disclose, however, Sellars discloses:
in response to determining that both the content decryption package and the content encryption key, the one-time content license identifier, and the signed verification message were not decrypted successfully (Sellars [0086]: To do so, it finds the key associated with the number in the E.sub.consumer identifier and decrypt it, revealing the E.sub.consumer identifier. If no key can be found, then the authenticator 28 returns a failure. Using the exact same process, the authenticator 28 recovers the E.sub.content identifier. If no key can be found, then the authenticator 28 returns a failure):
sending, using control circuitry, a request to the user node to modify the content decryption package on the user node (Sellars [0086]: A new mutating ID is then sent, followed by the decoding data; [0074]: The one-time-use number/key pair may take the form of a modified hash. In addition to being random, the one-time-use number/key pair or the hash is immediately discarded after each decryption. In other words, the protocol generates a new random number that has never been used when a hash or a one-time-use number/key is needed), (see paragraphs [0084], [0086], [0067] and [0073]);
sending, to a reporting system and using control circuitry, a notification that the content decryption package is [invalid] (see paragraphs [0082], [0084], [0086], [0067] and [0073]-[0074]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Fransdonk and BOLCER with Sellars to include Mutating ID mechanisms of Sellars to enhance DRM/digital content protection.
Fransdonk doesn’t explicitly disclose, determining, whether a license is a duplicate license. However, Soorianarayanan discloses: sending, to a reporting system and using control circuitry, a notification that the content [content package] is a duplicate content [content package] (see paragraphs [0087]-[0089] and Fig. 11).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Fransdonk, BOLCER and Sellars with Soorianarayanan to include well-known function of DRM, such as identifying duplicate licenses to enhance system performance and efficiency.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAHED ALI whose telephone number is (571)270-1085. The examiner can normally be reached 8:00 - 5:00 M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on (571) 270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAHED ALI/Examiner, Art Unit 3699
/NEHA PATEL/Supervisory Patent Examiner, Art Unit 3699