DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 04/10/2026.
In the instant Amendment, claims 3, 7, 8, and 11 have been amended; and claims 1, 3, 7, 10, and 11 are independent claims. Claims 1-13 have been examined and are pending. This Action is made FINAL.
Response to Arguments
Claims 7 and 8 are no longer interpreted under 35 U.S.C. 112(f) as claims have been amended.
Applicants’ arguments in the instant Amendment, filed on 04/10/2026, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant’s arguments: “Pfeffer does not disclose the “transmitting to a network address configuration server a request for allocating at least one network address comprising at least one hash of a physical address of said item of equipment,” recite in claim 1 and 3.”
The Examiner disagrees with the Applicants. The Examiner respectfully submits that Pfeffer transmitting to a network address configuration server a request for allocating at least one network address comprising at least one hash of a physical address of said item of equipment (Pfeffer: par. 0006 when the application server communicates with the CMTS to reserve the network resources required to provide the services to the requesting subscriber, the application server provides the CMTS the CM MAC and CM IP addresses to facilitate resource allocation; par. 0031 a MAC address token may be ciphertext produced by [] a hash value produced by applying a hash algorithm to the CM MAC address). More specifically, Pfeffer discloses trusted proxy-identifying information comprises the trusted proxy server 200 IP address. Tokens representing subscriber-identifying information comprise identifiers that are associated with, or that may be used to obtain, the MAC address and the IP address of the CM through which the service request packet is sent [] a MAC token may be ciphertext produced by applying an encryption algorithm to the CM MAC address, a hash value produced by applying a hash algorithm to the CM MAC address, or a database location where the CM MAC address is stored. Similarly, an IP address token may be ciphertext produced by applying an encryption algorithm to the CM IP address, a hash value produced by applying a hash algorithm to the CM IP address, or a database locator where the CM IP address is stored [par. 0054]. Therefore, the examiner finds this argument not persuasive.
Applicant’s arguments: “Pastusiak fails to teach the deficiencies of Pfeffer. Claims 1 and 11 is therefore new and not obvious over Pfeffer combined with Pastusiak.”
In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). In this case, Pfeffer teaches session-level state management by authenticating and authorizing client requests based policies established by the service provider and Pastusiak teaches generation, distribution and verification of tokens for representing the offer. Pfeffer and Pastusiak are both from the same analogous art and therefore they are combinable. One of the ordinary skill in the art before the effective filing date of the claimed invention would been motivated to combine the two references to drive at applicant invention. Therefore, the examiner finds this argument not persuasive.
Applicant’s arguments: “Claims 3 and 7 are therefore new and not obvious over Pfeffer combined with Pastusiak and Angus.”
In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). In this case, Pfeffer teaches authenticating and authorizing client requests based policies established by the service provider, Pastusiak teaches generation, distribution and verification of tokens for representing the offer and Angus teaches securely provisioning devices for wireless sensor networks during manufacturing and maintenance. Pfeffer, Pastusiak and Angus are from the same analogous art and therefore they are combinable. One of the ordinary skill in the art before the effective filing date of the claimed invention would been motivated to combine the two references to drive at applicant invention. Therefore, the examiner finds this argument not persuasive.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record. Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 270 7857 to schedule an interview.
A substantially similar rejection to the previous non-final rejection follows below.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-2 and 10-12 are rejected under 35 U.S.C. 103 as being unpatentable over Pfeffer et al. (“Pfeffer,” US 2006/0165082) in view of Pastusiak et al. (“Pastusiak et al.,” US 2006/01295.01).
Regarding claim 1: Pfeffer discloses a method for authenticated establishment of a connection between an item of equipment connected to at least one communication network and a server of a service provider, said method being implemented by said item of equipment and comprising:
transmitting to a network address configuration server a request for allocating at least one network address comprising at least one hash of a physical address of said item of equipment (Pfeffer: par. 0006 when the application server communicates with the CMTS to reserve the network resources required to provide the services to the requesting subscriber, the application server provides the CMTS the CM MAC and CM IP addresses to facilitate resource allocation; par. 0031 a MAC address token may be ciphertext produced by [] a hash value produced by applying a hash algorithm to the CM MAC address).
Pfeffer does not explicitly disclose receiving a message comprising a certification token generated from at least the at least one said hash of the physical address of said item of equipment, and a hash of said certification token and transmitting a request for establishing a connection with said server of the service provider comprising at least said certification token and said hash of said certification token.
However, Pastusiak discloses receiving a message comprising a certification token generated from at least the at least one said hash of the physical address of said item of equipment (Pastusiak: par. 0023 the token generation module 114 generates tokens for distribution to the plurality of clients 104(n); par. 0024 the token system 106 may include a database 126 having a plurality of hash values 128(k) [] each of the plurality of hash values 128(k) corresponds to a token previously generated by the token generation module 114), and
transmitting a request for establishing a connection with said server of the service provider comprising at least said certification token and said hash of said certification token (Pastusiak: par. 0032 the distribution server 206 may execute a distribution module 236 on the processor 214 [] to form a communication having the token for distribution across the network 108 to the client 104(n); par. 0033 upon receipt of the token 122(i) by the client 104(n), the token 122(i) may be communicated by the client 104(n) via the network 108 to the token system 106 for verification).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Pastusiak with the system/method of Pfeffer to include a certification token generated from at least the at least one said hash of the physical address, and a hash of said certification token. One would have been motivated to generation, distribution and verification of tokens using a secure hash algorithm (Pastusiak: par. 0001).
Regarding claim 2: Pfeffer in view of Pastusiak discloses the method according to claim 1.
Pastusiak further discloses in response to an authentication of said item of equipment by said server of the service provider from said certification token and said hash of said certification token, receiving a message acknowledging the establishment of said connection with said server of the service provider (Pastusiak: par. 0050 if a match is found (decision block 612), the token system 106 communicates a “verification successful' message to the offer provider 102(m) (block 618)).
The motivation is the same that of claim 1 above.
Regarding claim 10: Pfeffer discloses an item of equipment connected to at least one communication network capable of establishing in an authenticated manner a connection with a server of a service provider, said item of equipment comprising:
transmit, to a network address configuration server, a request for allocating at least one network address comprising at least one hash of a physical address of said item of equipment (Pfeffer: par. 0006 when the application server communicates with the CMTS to reserve the network resources required to provide the services to the requesting subscriber, the application server provides the CMTS the CM MAC and CM IP addresses to facilitate resource allocation; par. 0031 a MAC address token may be ciphertext produced by [] a hash value produced by applying a hash algorithm to the CM MAC address).
Pfeffer does not explicitly disclose at least one processor, receive a certification token corresponding to a certificate created by a certificate creation module from at least said at least one hash of the physical address of said item of equipment, and a hash of said certification token and transmit a request for establishing a connection with said server of the service provider comprising at least said corresponding certification token and said hash of said certification token.
However, Pastusiak discloses at least one processor (Pastusiak: fig. 2 item 212),
receive a certification token corresponding to a certificate created by a certificate creation module from at least said at least one hash of the physical address of said item of equipment, and a hash of said certification token (Pastusiak: par. 0023 the token generation module 114 generates tokens for distribution to the plurality of clients 104(n); par. 0024 the token system 106 may include a database 126 having a plurality of hash values 128(k) [] each of the plurality of hash values 128(k) corresponds to a token previously generated by the token generation module 114), and
transmit a request for establishing a connection with said server of the service provider comprising at least said corresponding certification token and said hash of said certification token (Pastusiak: par. 0032 the distribution server 206 may execute a distribution module 236 on the processor 214 [] to form a communication having the token for distribution across the network 108 to the client 104(n); par. 0033 upon receipt of the token 122(i) by the client 104(n), the token 122(i) may be communicated by the client 104(n) via the network 108 to the token system 106 for verification).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Pastusiak with the system/method of Pfeffer to include a certification token generated from at least the at least one said hash of the physical address, and a hash of said certification token. One would have been motivated to generation, distribution and verification of tokens using a secure hash algorithm (Pastusiak: par. 0001).
Regarding claim 11: Pfeffer discloses a network address configuration server capable of providing a certification token associated with an item of equipment connected to at least one communication network for an authenticated establishment of a connection between said item of equipment and a server of a service provider, said network address configuration server comprising;
receive a request for allocating at least one network address comprising at least one hash of a physical address of said item of equipment (Pfeffer: par. 0006 when the application server communicates with the CMTS to reserve the network resources required to provide the services to the requesting subscriber, the application server provides the CMTS the CM MAC and CM IP addresses to facilitate resource allocation; par. 0031 a MAC address token may be ciphertext produced by [] a hash value produced by applying a hash algorithm to the CM MAC address).
Pfeffer does not explicitly disclose at least one processor, generate a certificate associated with said item of equipment and a certification token corresponding to said certificate based on at least one hash of the physical address of said item of equipment and transmit said certification token and the hash of said certification token to said item of equipment.
However, Pastusiak discloses at least one processor (Pastusiak: fig. 2 item 212),
obtain a certificate associated with said item of equipment and a certification token corresponding to said certificate, the certificate and the token being generated from the at least one hash of the physical address of said item of equipment (Pastusiak: par. 0023 the token generation module 114 generates tokens for distribution to the plurality of clients 104(n); par. 0024 the token system 106 may include a database 126 having a plurality of hash values 128(k) [] each of the plurality of hash values 128(k) corresponds to a token previously generated by the token generation module 114), and
transmit said certification token and the hash of said certification token to said item of equipment (Pastusiak: par. 0032 the distribution server 206 may execute a distribution module 236 on the processor 214 [] to form a communication having the token for distribution across the network 108 to the client 104(n); par. 0033 upon receipt of the token 122(i) by the client 104(n), the token 122(i) may be communicated by the client 104(n) via the network 108 to the token system 106 for verification).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Pastusiak with the system/method of Pfeffer to include a certification token generated from at least the at least one said hash of the physical address, and a hash of said certification token. One would have been motivated to generation, distribution and verification of tokens using a secure hash algorithm (Pastusiak: par. 0001).
Regarding claim 12: Pfeffer in view of Pastusiak discloses the method according to claim 1.
Pastusiak further discloses a non-transitory computer readable medium comprising a computer: par. 0025 in the case of a software implementation, the module, functionality, or logic represents program code that performs specified tasks when executed on a processor (e.g., CPU or CPUs). The program code can be stored in one or more computer readable memory devices).
The motivation is the same that of claim 1 above.
Claims 3, 6 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Pfeffer et al. (“Pfeffer,” US 2006/0165082) in view of Pastusiak et al. (“Pastusiak et al.,” US 2006/01295.01) and Angus (US 2016/0294829).
Regarding claim 3: Pfeffer discloses a method for providing a certification token associated with an item of equipment connected to at least one communication network for authenticated establishment of a connection between said item of equipment and a server of a service provider, said method being implemented by a network address configuration server and comprising:
receiving a request for allocating at least one network address comprising at least one hash of a physical address of said item of equipment (Pfeffer: par. 0031 a hash value produced by applying a hash algorithm to the CM MAC address).
Pfeffer does not explicitly disclose generating a certificate associated with said item of equipment and a certification token corresponding to said certificate based on the at least one hash of the physical address of said item of equipment and transmitting said certification token and a hash of said certification token to said item of equipment.
However, Pastusiak discloses generating a certificate associated with said item of equipment and a certification token corresponding to said certificate based on the at least one hash of the physical address of said item of equipment and transmitting said certification token and a hash of said certification token to said item of equipment (Pastusiak: par. 0023 the token generation module 114 generates tokens for distribution to the plurality of clients 104(n); par. 0024 the token system 106 may include a database 126 having a plurality of hash values 128(k) [] each of the plurality of hash values 128(k) corresponds to a token previously generated by the token generation module 114),
transmitting said certification token and a hash of said certification token to said item of equipment (Pastusiak: par. 0032 the distribution server 206 may execute a distribution module 236 on the processor 214 [] to form a communication having the token for distribution across the network 108 to the client 104(n); par. 0033 upon receipt of the token 122(i) by the client 104(n), the token 122(i) may be communicated by the client 104(n) via the network 108 to the token system 106 for verification).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Pastusiak with the system/method of Pfeffer to include transmitting said certification token and a hash of said certification token to said item of equipment. One would have been motivated to generation, distribution and verification of tokens using a secure hash algorithm (Pastusiak: par. 0001).
Pfeffer in view of Pastusiak does not explicitly disclose a certificate associated with said configuration server and at least one network address allocated to said item of equipment by said configuration server.
However, Angus discloses a certificate associated with said configuration server and at least one network address allocated to said item of equipment by said configuration server (Angus: par. 0046 the manufacturer's digital certificate associated with its digital signature is also stored on the sensor 102).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Angus with the system/method of Mahkonen to include a certificate associated with said configuration server and at least one network address allocated to said item of equipment by said configuration. One would have been motivated to providing securely provisioning devices in the manufacturing process (Angus: par. 0001).
Regarding claim 6: Pfeffer in view of Pastusiak and Angus discloses the method according to claim 3.
Angus further discloses generating the certificate associated with said item of equipment and the certification token corresponding to said certificate from the at least one hash of the physical address of said item of equipment, a certificate associated with said configuration server and at least one network address allocated to said item of equipment by said configuration server (Angus: par. 0088 the certification module 506 reissues certificates to the other devices of the WSN, e.g., the sensors 102 and access points 202 that correspond to the new server; par. 0095 a unique identifier for the sensor device 602 (e.g., a MAC address, an IP address, a globally unique identifier, or the like)).
The motivation is the same that of claim 3 above.
Regarding claim 13: Pfeffer in view of Pastusiak discloses the method according to claim 1.
Pastusiak further discloses a non-transitory computer readable medium comprising a computer: par. 0025 in the case of a software implementation, the module, functionality, or logic represents program code that performs specified tasks when executed on a processor (e.g., CPU or CPUs). The program code can be stored in one or more computer readable memory devices).
The motivation is the same that of claim 3 above.
Claims 4 and 5 are rejected under 35 U.S.C. 103 as being unpatentable over Pfeffer et al. (“Pfeffer,” US 2006/0165082) in view of Pastusiak et al. (“Pastusiak et al.,” US 2006/01295.01) and Angus (US 2016/0294829) and Wan et al., (“Wan,” US 2009/0158031).
Regarding claim 4: Pfeffer in view of Pastusiak and Angus discloses the method according to claim 3.
Pfeffer in view of Pastusiak does not explicitly disclose transmitting, to a domain name server, a request for associating said certificate, said certification token and said hash of said certification token with at least one domain name.
However, Wan discloses transmitting, to a domain name server, a request for associating said certificate, said certification token and said hash of said certification token with at least one domain name (Wan: par. 0039 DHCP server 1201 returns a DHCP Response 510, namely a message that includes the domain name or IP address of certificate server 1202. Thereafter, network device 110 determines whether DHCP server 1201 is in the same subnet as the other servers (e.g. a DNS server 1203 and/or certificate server 1202)).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Wan with the system/method of Pfeffer and Pastusiak to include transmitting, to a domain name server, a request for associating said certificate, said certification token and said hash of said certification token with at least one domain name. One would have been motivated to providing a system and method for installing digital certificates securely within a network device (Wan: par. 0018).
Regarding claim 5: Pfeffer in view of Pastusiak, Angus and Wan discloses the method according to claim 4.
Angus further discloses in response to a request for extending an allocation of said network address allocated to said item of equipment, transmitting a request for extending the association of said certificate (Angus: par. 0019 the new CA server reissues certificates to the one or more unchanged devices of the secure wireless sensor network in response to verifying the identities of the one or more unchanged devices).
The motivation is the same that of claim 3 above.
Claims 7 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Pfeffer et al. (“Pfeffer,” US 2006/0165082) in view of Angus (US 2016/0294829) and Wan et al., (“Wan,” US 2009/0158031).
Regarding claim 7: Pfeffer discloses a system comprising:
at least one item of equipment connected to at least one communication network (Pfeffer: par. 0046 standalone device that connects to a cable modem),
at least one network address configuration server (Pfeffer: fig. 1), and
at least one server of a service provider (Pfeffer: par. 0041 service provider),
wherein:
the item of equipment comprises at least one processor configured to transmit, to the configuration server, a request for allocating at least one network address comprising at least one hash of a physical address of said item of equipment (Pfeffer: par. 0006 when the application server communicates with the CMTS to reserve the network resources required to provide the services to the requesting subscriber, the application server provides the CMTS the CM MAC and CM IP addresses to facilitate resource allocation; par. 0031 a MAC address token may be ciphertext produced by [] a hash value produced by applying a hash algorithm to the CM MAC address),
the configuration server comprises at least one processor configured to:
generate a creation request for creating a certificate associated with said item of equipment, the request comprising the at least one hash of the physical address of said item of equipment (Pfeffer: par. 0006 the request is modified to include information identifying the CMTS serving the CPE requesting services from the application server and the cable modem (CM) MAC and CM IP address).
Pfeffer does not explicitly discloses at least one certificate creation module, a certificate associated with said configuration server and at least one network address allocated to said item of equipment by said configuration server, transmit said creation request to the certificate creation module, and the certificate creation module comprises at least one processor configured to: generate, from information comprised in the creation request, a certificate associated with said item of equipment and a certification token corresponding to said certificate.
However, Angus discloses at least one certificate creation module (Angus: par. 0088 the certification module 506),
a certificate associated with said configuration server and at least one network address allocated to said item of equipment by said configuration server (Angus: par. 0019 the new CA server reissues certificates to the one or more unchanged devices of the secure wireless sensor network in response to verifying the identities of the one or more unchanged devices),
transmit said creation request to the certificate creation module (Angus: par. 0087 the sensors 102 and/or the access points 202 may request a new certificate from the new server that indicates the identity of the new server), and
the certificate creation module is configured to generate, from information comprised in the creation request, a certificate associated with said item of equipment and a certification token corresponding to said certificate (Angus: par. 0088 the certification module 506 is configured to issue, or reissue, certificates to maintain or reconstruct the chain of trust within the WSN).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Angus with the system/method of Pfeffer to include a certificate associated with said item of equipment and a certification token corresponding to said certificate. One would have been motivated to providing securely provisioning devices in the manufacturing process (Angus: par. 0001).
Pfeffer in view of Angus does not explicitly disclose at least one domain name server, transmit, to the domain name server, a request for associating said certificate, said certification token and said hash of said certification token with at least one domain name, the domain name server comprises at least one processor configured to associate, with at least one domain name, the certificate associated with said item of equipment, the corresponding certification token and the hash of said certification token, and the at least one processor of the item of equipment if further configured to, following an acknowledgement of the association with the domain name, receive the certification token and the hash of said certification token from the configuration server.
However, Wan discloses at least one domain name server (Wan: par. 0025 Domain Name Server (DNS)),
transmit, to the domain name server, a request for associating said certificate, said certification token and said hash of said certification token with at least one domain name (Wan: par. 0038 network device 110 initiates a DHCP Configuration Request 500 to a DHCP server 1201 . DHCP Configuration Request 500 is a message that is adapted to request an IP address or domain name for the certificate server responsible for downloading certificates to the network device during its initial configuration of the trusted certificate list (TCL); par. 0039 DHCP server 1201 returns a DHCP Response 510, namely a message that includes the domain name or IP address of certificate server 1202),
the domain name server comprises at least one processor configured to associate, with at least one domain name, the certificate associated with said item of equipment, the corresponding certification token and the hash of said certification token (Wan: par. 0025 DHCP is a protocol used by network devices (IP clients) to obtain IP addresses and other parameters such as the default gateway, a subnet mask, and/or IP addresses of Domain Name Service (DNS) servers from a DHCP server), and
following an acknowledgement of the association with the domain name, receive the certification token and the hash of said certification token from the configuration server (Wan: par. 0038 network device 110 initiates a DHCP Configuration Request 500 to a DHCP server 1201 . DHCP Configuration Request 500 is a message that is adapted to request an IP address or domain name for the certificate server responsible for downloading certificates to the network device during its initial configuration of the trusted certificate list (TCL)).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Wan with the system/method of Pfeffer and Angus to include following an acknowledgement of the association with the domain name, the item of equipment is configured to receive the certification token and the hash of said certification token from the configuration server. One would have been motivated to providing a system and method for installing digital certificates securely within a network device (Wan: par. 0018).
Regarding claim 9: Pfeffer in view of Angus and Wan discloses the system according to claim 7.
Angus further discloses wherein the certificate creation module is comprised in the at least one network address configuration server (Angus: fig. 5 item 506 certification module; par. 0088 the certification module 506 reissues certificates to the other devices of the WSN, e.g., the sensors 102 and access points 202 that correspond to the new server; par. 0095 a unique identifier for the sensor device 602 (e.g., a MAC address, an IP address, a globally unique identifier, or the like)).
The motivation is the same that of claim 7 above.
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Pfeffer et al. (“Pfeffer,” US 2006/0165082) in view of Angus (US 2016/0294829), Wan et al., (“Wan,” US 2009/0158031) and Pastusiak et al. (“Pastusiak et al.,” US 2006/01295.01).
Regarding claim 8: Pfeffer in view of Angus and Wan discloses the system according to claim 7.
Wan further discloses the server of the service provider comprises at least one processor configured to:
verify the domain name associated with said certification token using said hash of said certification token and said certificate associated with said item of equipment (Wan: par. 0040 if DHCP server 1201 is in the same subnet as DNS server 1203 and/or certificate server 1202 (operation 520), the certificate loading process may be discontinued, generating a displayed error signal on network device 110 to select a DHCP server different than DHCP server 1201 or to contact a network administrator or a call/service center for network device 110),
in response to verification of the certification token and the domain name associated with the certification token, transmit a message acknowledging establishment of said connection with said item of equipment (Wan: par. 0040 the certificate loading process may be discontinued, generating a displayed error signal on network device 110 [] transmit an error signal to another server to prompt an inquiry or the like. Otherwise, a communication session is established between certificate server 1202 and network device 110 in order to coordinate the download of bootstrapping digital certificate 160 from certificate server 120).
The motivation is the same that of claim 7 above.
Pfeffer in view of Angus and Wan does not explicitly disclose the at least one processor of the item of equipment is further configured to transmit a request for establishing a connection with a server of the at least one server of the service provider comprising at least said corresponding certification token and said hash of said certification token and verify the certification token using said hash of said certification token and a cryptographic key associated with said certificate creation module.
However, Pastusiak discloses the at least one processor of the item of equipment is further configured to transmit a request for establishing a connection with a server of the at least one server of the service provider comprising at least said corresponding certification token and said hash of said certification token (Pastusiak: par. 0023 the token generation module 114 generates tokens for distribution to the plurality of clients 104(n); par. 0024 the token system 106 may include a database 126 having a plurality of hash values 128(k) [] each of the plurality of hash values 128(k) corresponds to a token previously generated by the token generation module 114),
verify the certification token using said hash of said certification token and a cryptographic key associated with said certificate creation module (Pastusiak: par. 0018 a token verification system may be utilized which stores hash values of the tokens which are then utilized to verify tokens communicated over the network).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Pastusiak with the system/method of Pfeffer, Angus and Wan to include verify the certification token using said hash of said certification token and a cryptographic key associated with said certificate creation module. One would have been motivated to generation, distribution and verification of tokens using a secure hash algorithm (Pastusiak: par. 0001).
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439
/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439