Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsCisco Technology Inc. › 18623817
Last updated: April 19, 2026
Application No. 18/623,817

TOKEN-BASED DEVICE TRACKING

Non-Final OA §103
Filed
Apr 01, 2024
Examiner
PATEL, DHAIRYA A
Art Unit
2453
Tech Center
2400 — Computer Networks
Assignee
Cisco Technology Inc.
OA Round
3 (Non-Final)
71%
Grant Probability
Favorable
3-4
OA Rounds
4y 0m
To Grant
99%
With Interview

Interview Optional

+28.7% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 726 resolved cases, 2023–2026

Examiner Intelligence

PATEL, DHAIRYA A View full profile →
Grants 71% — above average
71%
Career Allow Rate
516 granted / 726 resolved
+13.1% vs TC avg
Strong +29% interview lift
Without
With
+28.7%
Interview Lift
resolved cases with interview
Typical timeline
4y 0m
Avg Prosecution
30 currently pending
Career history
756
Total Applications
across all art units

Statute-Specific Performance

§101
15.3%
-24.7% vs TC avg
§103
58.9%
+18.9% vs TC avg
§102
7.6%
-32.4% vs TC avg
§112
7.4%
-32.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 726 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This action is responsive to RCE filed on 2/6/2026. Claims 1-3, 5-6 are subject to examination. Claim 4 is cancelled This amendment and applicant’s arguments have been fully considered and entered by the Examiner. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Henry et al. U.S. Patent Publication # 2019/0028892 (hereinafter Henry) in view of Hanna et al. U.S. Patent Publication # 2009/0041252 (hereinafter Hanna) further in view of Paaske et al. U.S. Patent Publication # 2006/0107032 (hereinafter Paaske) With respect to claim 1, Henry teaches a method comprising: -receiving, by a user device, a request for a token from one of one of an access node or an identity provider (i.e. server may send request information about the client device such as MAC address, device type and/or device capability of the client device) (Paragraph 62-63); -in response to the request, generating the token using a trusted platform module of the user device (i.e. the server generates private key for the client and associates the generated private key with the MAC address of the client device) (paragraph 62-64); and -transmitting, by the user device, the token to one of the access node or the identity provider (i.e. server sending the private key to the user/user device)(Paragraph 62-65), wherein an access decision for the user device is made based on the token (i.e. client device sends a network access request contains at least MAC address, a private key and upon receiving the authentication response from the server, the WLC authorizes access to the network assuming the encrypted string is not compromised and private keys are different) (Paragraph 65-67). Henry fails to teach wherein the request comprises a nonce value and wherein generating the token comprises a hashing the nonce value using internal key of the trusted platform module. Hanna teaches request comprises a nonce value (i.e. initial message includes digital signature based on TPM and a nonce value) (Paragraph 31); wherein generating the token comprises hashing the nonce value using an internal key of the trust platform module (i.e. generating a digital signature wherein the digital signature maybe result of (1) concatenating the TPM value and the nonce value, (2) generating a hash value by applying a hash function to this concatenation and (3) then using a private encryption key of a TPM chip in endpoint device to encrypt the hash value)(Paragraph 23-25). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Hanna’s teaching in Henry’s teaching to come up with having request comprising nonce value and generating token comprising hashing the nonce value using internal key of the TPM. The motivation for doing so would be to verify the identity of TPM and also verifying access control and denying unauthorized device or person access to resource network thereby controlling access control. Henry and Haana teaches hashing the nonce value using an internal key of the trusted platform module, but does not explicitly teach wherein the internal key is unique to the trusted platform module. Paaske teaches wherein the internal key is unique to the trusted platform module (Paragraph 108). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Paaske’s teaching in Henry and Haan’s teaching to come up with having internal key is unique to the trusted platform module. The motivation for doing so would be to track the number of updates to the flash memory and internal keys is used to encrypt and perform authentication operation on information that is stored in the flash memory (Paragraph 109-110) With respect to claim 2, Henry teaches the method of Claim 1, wherein the access decision for the user device is made based on information about the user device determined based on the token (i.e. client device sends a network access request contains at least MAC address, a private key and upon receiving the authentication response from the server, the WLC authorizes access to the network assuming the encrypted string is not compromised and private keys are different) (Paragraph 65-67). With respect to claim 3, Henry teaches the method of Claim 2, wherein the access decision for the user device is made based on comparing the information about the user device with information in a database (i.e. the server uses the MAC address included in the authentication request to search its databases, the server finds an entry of the MAC address, the server retrieves a private key associated with the MAC address and generates an authentication response that includes the second private key) (Paragraph 66-67, 73) Claim(s) 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Henry et al. U.S. Patent Publication # 2019/0028892 (hereinafter Henry) in view of Hanna further in view of Paaske further in view of Bhattacharyya et al. U.S. Patent Publication # 2020/0137563 (hereinafter Bhattacharyya) With respect to claim 5, Henry teaches the method of Claim 1, but fails to further comprising communicating, by the user device, a connection request using information from a detected beacon. Bhattacharyya teaches communicating, by the user device, a connection request using information from a detected beacon (Paragraph 38, 44, 46, 56). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Bhattacharyya’s teaching in Henry, Hanna and Paaske’s teaching to come up with communication a connection requesting information from a detected beacon. The motivation for doing so would be to establish a secure connection using the nonce value and token which comprises a hash of the nonce value. Claim(s) 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Henry et al. U.S. Patent Publication # 2019/0028892 (hereinafter Henry) in view of Hanna further in view of Paaske further in view of Mutairi et al. U.S. Patent Publication # 2021/0377297 (hereinafter Mutairi) With respect to claim 6, Henry, Hanna and Paaske teaches the method of Claim 1, but fails to further teach further comprising changing a MAC address of the user device after being disconnected from the access node. Mutairi teaches changing a MAC address of the user device after being disconnected from the access node (i.e. MAC spoofing) (Paragraph 1-2). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Mutairi’s teaching in Henry, Hanna and Paaske’s teaching to come up with changing a MAC address of the user device after being disconnected from the access node. The motivation for doing so would be to having to allow the bypassing of the access control lists on the communication network by either hiding the endpoint device on the communication network or allowing the endpoint device to impersonate another endpoint device (Paragraph 1). Response to Arguments Applicant’s arguments with respect to claim(s) 1-3, 5-6 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Applicant's arguments filed 2/6/2026 have been fully considered but they are not persuasive. A). Applicant states Henry does not teach “wherein the request comprises a nonce value” and “wherein generating the token comprises hashing the nonce value using an internal key of the trusted platform module”. Examiner respectfully disagrees with the applicant because in Paragraphs 23-25, Hanna teaches request comprises a nonce value (i.e. initial message includes digital signature based on TPM and a nonce value) (Paragraph 31); wherein generating the token comprises hashing the nonce value using an internal key of the trust platform module (i.e. generating a digital signature wherein the digital signature maybe result of (1) concatenating the TPM value and the nonce value, (2) generating a hash value by applying a hash function to this concatenation and (3) then using a private encryption key of a TPM chip in endpoint device to encrypt the hash value)(Paragraph 23-25). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Hanna’s teaching in Henry’s teaching to come up with having request comprising nonce value and generating token comprising hashing the nonce value using internal key of the TPM. The motivation for doing so would be to verify the identity of TPM and also verifying access control and denying unauthorized device or person access to resource network thereby controlling access control. Henry and Haana teaches hashing the nonce value using an internal key of the trusted platform module, but does not explicitly teach wherein the internal key is unique to the trusted platform module. Paaske teaches wherein the internal key is unique to the trusted platform module (Paragraph 108). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Paaske’s teaching in Henry and Haan’s teaching to come up with having internal key is unique to the trusted platform module. The motivation for doing so would be to track the number of updates to the flash memory and internal keys is used to encrypt and perform authentication operation on information that is stored in the flash memory (Paragraph 109-110) Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. A). Khalil et al. U.S. Patent Publication # 2016/0006719 which teaches about authentication request associated with third party server having MAC address so authentication server may authenticate with third party server on behalf of the user device. B). Achtari et al. U.S. Patent Publication # 2008/0301773 which teaches about identifying potential MAC spoofing including authenticating the device. C). Lee et al. U.S. Patent Publication # 2017/0078285 Any inquiry concerning this communication or earlier communications from the examiner should be directed to DHAIRYA A PATEL whose telephone number is (571)272-5809. The examiner can normally be reached M-F 7:30am-4:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kamal B Divecha can be reached at 571-272-5863. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. DHAIRYA A. PATEL Primary Examiner Art Unit 2453 /DHAIRYA A PATEL/Primary Examiner, Art Unit 2453
Read full office action

Prosecution Timeline

Apr 01, 2024
Application Filed
Jul 22, 2025
Non-Final Rejection — §103
Oct 22, 2025
Applicant Interview (Telephonic)
Oct 22, 2025
Examiner Interview Summary
Oct 24, 2025
Response Filed
Nov 03, 2025
Final Rejection — §103
Feb 06, 2026
Request for Continued Examination
Feb 20, 2026
Response after Non-Final Action
Mar 05, 2026
Non-Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/848,773
Patent 12602512
DATA RESOLUTION USING USER DOMAIN NAMES
2y 5m to grant Granted Apr 14, 2026
18/013,544
Patent 12598242
METHOD FOR SENDING MULTIMODAL DATA
2y 5m to grant Granted Apr 07, 2026
16/598,716
Patent 12587266
SYSTEMS AND METHODS FOR USING FLIGHT DATA RECORDER DATA
2y 5m to grant Granted Mar 24, 2026
18/221,820
Patent 12579302
TOKEN AND PRIVACY DEVICE AND METHOD
2y 5m to grant Granted Mar 17, 2026
18/810,628
Patent 12556462
MOBILITY-AS-A-SERVICE (MAAS) DATA SHARING THROUGH A DATASPACE CONNECTOR
2y 5m to grant Granted Feb 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
71%
Grant Probability
99%
With Interview (+28.7%)
4y 0m
Median Time to Grant
High
PTA Risk
Based on 726 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month