Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
Applicant’s Election was made without traverse of Group II (claims 15-21) in the reply filed on 12/22/2025 is acknowledge.
DETAILED ACTION
This is the initial office action that has been issued in response to patent application, 18/676,435, filed on 05/28/2024. Claims 1-21 are currently pending and have been considered below. Claims 8 and 15 are independent claims.
Priority
This application has PRO 63/504,643 filed on 05/26/2023
Drawings
The drawings filed on 05/28/2024 are accepted by the examiner.
Information Disclosure Statement
The information disclosure statements (IDS’s) submitted on 11/06/2025 is in compliance with provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claim 20 is objected to because of the following informalities: the claim recites the acronym “FROST” without providing its meaning in the claim. The claim should be amended to recite the full meaning of the acronym. Appropriate correction is required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 8-12 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Gustave (US Publication No. 20060087999 A1) in view of King(US Publication No. 20130149996 A1) in further view of Orsini(US Publication No. 20110202755 A1).
Regarding Claim 8:
Gustave discloses:
A device capable of efficient network handoffs, comprising(Gustave, [0009], wireless mobile communications, convergence between different wireless communications technologies has recently been fueled by standardization bodies and by industry):
establish secure connection with a first wireless network by using an umbrella cryptographic key(Gustave, [0033], the mobile network node 202-2 requests 204, perhaps via the serving network proxy 206, cryptographic information required to authenticate the mobile network node 202-1. Cryptographic information necessary to authenticate the mobile network node 202-1 is obtained 208 from home environment 210 of the mobile network node 202-1 and forwarded 208 to the mobile network node 202-2;);
transmit a signal to a first certificate authority of a certification authority alliance(Gustave, [0034], The mobile network node 202-1 requests 204, perhaps via a serving network proxy 206 (typically associated with an access point or base station), required cryptographic information to authenticate the mobile network node 202-2.),
the signal being associated with the umbrella cryptographic key and comprising a request for a digital certificate and information to verify the identity of the device(Gustave, [0028], The use of cryptographic techniques entails deploying and accessing cryptographic key infrastructure, distribution of cryptographic content such as cryptographic keys, and sharing of cryptographic information between heterogeneous network elements. Security features have been found difficult to deploy and manage in an ad-hoc network, due to the requirement of sharing cryptographic information.);
communicate via the first wireless network(Gustave, [0008], . A successful response 114 to the challenge 112 leads to a successful authentication of the mobile node 102. The serving wireless network 100 provides communications services to the mobile node 102);
determine that a secure connection to a second wireless network, different from the first wireless network, should be made(Gustave, [0009], In the field of wireless mobile communications, convergence between different wireless communications technologies has recently been fueled by standardization bodies and by industry. );
authenticate connection with the second wireless network using the same umbrella cryptographic key(Gustave, [0007], …sufficient information to authenticate the mobile node 102. The retrieved information is typically encapsulated and has a triplet, quintuplet, etc. authentication vector structure… [0033], a successful full-duplex cross-authentication and the establishment of a full-duplex secure context between the pair of mobile network nodes 202-1 and 202-2. [0009], In the field of wireless mobile communications, convergence between different wireless communications) ;
and communicate via the second wireless network(Gustave, [0033], The mobile node 202-1 and the mobile node 202-2, in order to authenticate one another in establishing a secure communications).
Gustave does not disclose:
a wireless transceiver configured to communicate with at least one class of wireless network
a processor connected to the wireless transceiver
and a memory having software stored thereon which, when executed by the processor causes the processor to
King discloses:
a wireless transceiver configured to communicate with at least one class of wireless network(King,[0039], Transceiver 340 may wirelessly send and receive data to network 180, and may wirelessly receive data from network 180. Transceiver 340 may include, for example, an antenna, a transmitter, and a receiver.);
a processor connected to the wireless transceiver(King, [0039], Processor 330 may include a processor, a microprocessor, or processing logic (e.g., an application specific integrated circuit (ASIC) or a field programmable gate array (FPGA)) that may interpret and execute instructions, such as instructions stored in a computer-readable medium (e.g., memory 350). Transceiver 340 may wirelessly send and receive data to network 180);
and a memory having software stored thereon which, when executed by the processor causes the processor to(King, [0040], Memory 350 may include a random access memory (RAM) or another type of dynamic or non-volatile storage device that may store data and instructions for execution by processor 330.),:
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave’s method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave’s systems for implementing authentication and secure communication operations using a wireless transceiver, processor, and memory executing authentication software to ensure reliable execution of secure authentication and communication protocols within a wireless communication device as taught by King in order to enhance secure wireless communication and device-level processing of authentication procedures across wireless networks. The motivation is to ensure that authentication and secure communication operations are performed efficiently and securely within the hardware and software architecture of a wireless communication device.
Gustave in view of King do not disclose:
receive a digital certificate for authenticating the device via the umbrella cryptographic key in collaboration with at least a portion of other certificate authorities of the certification authority alliance through a threshold signature scheme
Orsini discloses:
receive a digital certificate for authenticating the device via the umbrella cryptographic key in collaboration with at least a portion of other certificate authorities of the certification authority alliance through a threshold signature scheme(Orsini, [0004], the data using keys of a certificate authority. Certificate authorities may be run by trusted third-party organizations or companies that issue digital certificates, such as, for example, VeriSign, Baltimore, Entrust, or the like, [0009], This computation of shared encryption keys may be part of a key establishment phase of secure communications between devices. Secret information may be generated, and public keys may be obtained from unique certificate authorities. The secret information may be dispersed into any number of shares of secret information. Each share of secret information may be encrypted based on a public key of a certificate associated with a different one of the unique certificate authorities):
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of King's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of King's systems for generating authentication credentials through cooperation between multiple certificate authorities using distributed cryptographic signing operations to ensure that no single authority possesses complete signing control over the authentication credential as taught by Orsini in order to enhance the security and trustworthiness of digital certificate generation used for authenticating mobile devices across network providers. The motivation is to ensure that authentication credentials are generated through a distributed threshold signing process, thereby reducing the risk of compromise of any single certificate authority and improving the overall security of the authentication infrastructure.
Regarding Claim 9:
The device of claim 8, Gustave in view of King in further view of Orsini disclose wherein the first wireless network and second wireless network are provided by separate entities conducting digital certificate issuance operations through the certification authority alliance(Orsini, [0004], the data using keys of a certificate authority. Certificate authorities may be run by trusted third-party organizations or companies that issue digital certificates, such as, for example, VeriSign, Baltimore, Entrust, or the like, [0009], This computation of shared encryption keys may be part of a key establishment phase of secure communications between devices. Secret information may be generated, and public keys may be obtained from unique certificate authorities. The secret information may be dispersed into any number of shares of secret information. Each share of secret information may be encrypted based on a public key of a certificate associated with a different one of the unique certificate authorities)
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of King's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of King's systems for generating authentication credentials through cooperation between multiple certificate authorities using distributed cryptographic signing operations to ensure that no single authority possesses complete signing control over the authentication credential as taught by Orsini in order to enhance secure communication and seamless authentication of mobile devices when communication across multiple wireless network provided by separate entities. The motivation is to ensure that devices can be authenticated across networks operated by different providers through a shared trust framework, thereby improving security, scalability, and interoperability of network authentication systems.
Regarding Claim 10:
The device of claim 9, Gustave in view of King in further view of Orsini disclose wherein establishing secure connection with the first wireless network further comprises receiving an umbrella certificate usable for authentication with any network conducting digital certificate issuance through the certification authority alliance(Orsini, [0004], the data using keys of a certificate authority. Certificate authorities may be run by trusted third-party organizations or companies that issue digital certificates, such as, for example, VeriSign, Baltimore, Entrust, or the like, [0009], This computation of shared encryption keys may be part of a key establishment phase of secure communications between devices. Secret information may be generated, and public keys may be obtained from unique certificate authorities. The secret information may be dispersed into any number of shares of secret information. Each share of secret information may be encrypted based on a public key of a certificate associated with a different one of the unique certificate authorities):
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of King's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of King's systems for generating authentication credentials through cooperation between multiple certificate authorities using distributed cryptographic signing operations to ensure that no single authority possesses complete signing control over the authentication credential as taught by Orsini in order to enhance secure communication and seamless authentication of mobile devices when communication across multiple wireless network provided by separate entities. The motivation is to ensure that devices can be authenticated across networks operated by different providers through a shared trust framework, thereby improving security, scalability, and interoperability of network authentication systems.
Regarding Claim 11:
The device of claim 10, Gustave in view of King in further view of Orsini disclose wherein the umbrella certificate was generated by multiple certification authorities of the certification authority alliance, using multi-party computation-based thresholding(Orsini, [0007], the present invention provides two approaches to distributing trust among a set of certificate authorities… the secure proxy service may be implemented in conjunction with any suitable protocol that makes use of certificate authorities to ensure the confidentiality, integrity, and authenticity of exchanged messages. [0009], a key establishment phase of secure communications between devices. Secret information may be generated, and public keys may be obtained from unique certificate authorities. The secret information may be dispersed into any number of shares of secret information… secret information may be encrypted based on a public key of a certificate associated with a different one of the unique certificate authorities.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of King's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of King's systems for generating authentication credentials through cooperation between multiple certificate authorities using distributed cryptographic signing operations to ensure that no single authority possesses complete signing control over the authentication credential as taught by Orsini in order to enhance secure communication and seamless authentication of mobile devices when communication across multiple wireless network provided by separate entities. The motivation is to ensure that devices can be authenticated across networks operated by different providers through a shared trust framework, thereby improving security, scalability, and interoperability of network authentication systems.
Regarding Claim 12:
The device of claim 8, Gustave in view of King in further view of Orsini disclose wherein the software does not cause the processor to request a new digital certificate to authenticate connection with the second wireless network(Gustave, [0038], each mobile network node 202 needs to authenticate 112/114 with the serving network 200 only once, which enables the authenticated mobile network node 202 to request 204 cryptographic information regarding multiple peer mobile network nodes 202. ).
Regarding Claim 14:
The device of claim 8, Gustave in view of King in further view of Orsini disclose wherein the umbrella cryptographic key is an umbrella symmetric key(Orsini, [0075], A skilled artisan will recognize from the disclosure herein that the cryptographic keys may advantageously include some or all of symmetric keys.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of King's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of King's systems for generating authentication credentials through cooperation between multiple certificate authorities using distributed cryptographic signing operations to ensure that no single authority possesses complete signing control over the authentication credential as taught by Orsini in order to enhance secure communication and seamless authentication of mobile devices when communication across multiple wireless network provided by separate entities. The motivation is to ensure that authentication and communication processes are performed using computationally efficient symmetric key operations, thereby reducing processing overhead and improving real-time secure communication performance is mobile network systems.
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Gustave (US Publication No. 20060087999 A1) in view of King(US Publication No. 20130149996 A1) in further view of Orsini(US Publication No. 20110202755 A1) and in further view of Giraud(US Publication No. 20160295414 A1).
Regarding Claim 13:
Gustave in view of King in further view of Orsini disclose:
The device of claim 8…
Giraud discloses:
wherein the device is a component of an automobile(Giraud, [0003], a telematics control unit (TCU) residing on-board a vehicle and interfacing with and on-board diagnostic (OBD) system of the vehicle. [0024], vehicle 110 includes an OBD system that obtains, processes, stores, and reports telematics data concerning operation of the vehicle, [0026], vehicle 110 is further depicted as including a TCU 114 location on-board the vehicle. )
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of King in further view of Orsini method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of King in further view of Orsini systems for supporting authentication of mobile communication devices integrated within vehicular platforms to ensure secure communication between vehicle-embedded devices and wireless network infrastructure while operating across different network environments as taught by Giraud in order to enhance secure network connectivity and authentication for vehicular communication systems interacting with multiple wireless networks. The motivation is to ensure that devices embedded within automobiles can securely authenticate and maintain trusted communications with wireless networks while the vehicle moves between different network coverage areas.
Claims 15-16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Gustave (US Publication No. 20060087999 A1) in view of Orsini(US Publication No. 20110202755 A1)
Regarding Claim 15:
Gustave discloses:
A method for authenticating a device on a network comprising the steps of: determining that the signal includes a request for a digital certificate(Gustave, [0033], The mobile node 202-1 and the mobile node 202-2, in order to authenticate one another in establishing a secure communications context);
verifying an identity of the device(Gustave, [0034], requests 204, perhaps via a serving network proxy 206 (typically associated with an access point or base station), required cryptographic information to authenticate the mobile network node 202-2. )
and transmitting the digital certificate to the device(Gustave, [0033], The mobile node 202-1 and the mobile node 202-2, in order to authenticate one another in establishing a secure communications context, ).
Gustave does not disclose:
receiving a signal at a first certificate authority, the signal containing information regarding the device and being associated with a public key
communicating information associated with the request to other certificate authorities, the first certificate authority and the other certificate authorities being members of a certificate authority alliance
generating a digital certificate for authenticating the device via the public key, in collaboration with at least a portion of the other certificate authorities through a threshold signature scheme
Orsini discloses:
receiving a signal at a first certificate authority, the signal containing information regarding the device and being associated with a public key(Orsini, [0005], the security of the system may be lost for each user for whom the certificate authority is certifying a link between a public key and an identity. For example, an attacker may compromise a certificate authority by inducing that certificate authority to issue a certificate that falsely claims to represent an entity. The attacker would have the private key associated with the certificate authority's certificate.);
communicating information associated with the request to other certificate authorities, the first certificate authority and the other certificate authorities being members of a certificate authority alliance(Orsini, [0006], Based on the foregoing, a need exists to provide a secure proxy service that includes a system that secures communications by distributing trust among a set of certificate authorities. [0139], cross-certification between certificate authorities occurs when a first certificate authority determines to trust certificates from a second certificate authority. In other words, the first certificate authority determines that certificates from the second certificate authority meets certain quality standards, and therefore, may be “certified” as equivalent to the first certificate authority's own certificates);
generating a digital certificate for authenticating the device via the public key, in collaboration with at least a portion of the other certificate authorities through a threshold signature scheme (Orsini, [0004], the data using keys of a certificate authority. Certificate authorities may be run by trusted third-party organizations or companies that issue digital certificates, such as, for example, VeriSign, Baltimore, Entrust, or the like… The digital certificate certifies the ownership of a public key by the named subject of the certificate. [0009], This computation of shared encryption keys may be part of a key establishment phase of secure communications between devices. Secret information may be generated, and public keys may be obtained from unique certificate authorities. The secret information may be dispersed into any number of shares of secret information. Each share of secret information may be encrypted based on a public key of a certificate associated with a different one of the unique certificate authorities):
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave's systems for generating authentication credentials through cooperation between multiple certificate authorities using distributed cryptographic signing operations to ensure that no single authority possesses complete signing control over the authentication credential as taught by Orsini in order to enhance the security and trustworthiness of digital certificate generation used for authenticating mobile devices across network providers. The motivation is to ensure that authentication credentials are generated through a distributed threshold signing process, thereby reducing the risk of compromise of any single certificate authority and improving the overall security of the authentication infrastructure.
Regarding Claim 16:
The method of claim 15, Gustave in view of Orsini disclose wherein the digital certificate is usable to authenticate the device with any of the members of the certificate authority alliance, without requiring use of a new public key or a new certificate signing request(Gustave, [0033], The mobile network node 202-1 requests 204, perhaps via a serving network proxy 206 (typically associated with an access point or base station), required cryptographic information to authenticate the mobile network node 202-2. Cryptographic information necessary to authenticate the mobile network node 202-2 is obtained 208 from home environment 210 of the mobile network node 202-2 and forwarded 208 to the mobile network node 202-1; [0038], mobile network node 202 needs to authenticate 112/114 with the serving network 200 only once, which enables the authenticated mobile network node 202 to request 204 cryptographic information regarding multiple peer mobile network nodes 202. The common association of both mobile network node 202 with the home environment 210 assumes a degree of trust in provisioning cryptographic information to the mobile network nodes 202, at the same time the serving network proxy 206, see FIG. 2, vouches for the mobile network nodes 202 in forwarding requests 204 to the home environment 210.
Regarding Claim 18:
The method of claim 15, Gustave in view of Orsini disclose wherein the first certificate authority is operated by a first operator and at least a portion of the other certificate authorities are operated by other operators, the first operator and the other operators being associated with independently- controlled entities(Gustave, [0004], Each serving network includes wireless communications network infrastructure managed by a corresponding network provider entity. The network provider entity operating the serving network may be different from the service provider entity with which the mobile network node is registered., [0072], the home environment 210 of the mobile network node 202 requesting (204) cryptographic information from a different home environment 210, is requested to vouch for the authenticity of the requesting mobile network node 210. ).
Regarding Claim 19:
The method of claim 15, Gustave in view of Orsini disclose wherein generating the digital certificate further comprises performing a secure, multi-party computation-based thresholding(Orsini, [0007], the present invention provides two approaches to distributing trust among a set of certificate authorities… the secure proxy service may be implemented in conjunction with any suitable protocol that makes use of certificate authorities to ensure the confidentiality, integrity, and authenticity of exchanged messages. [0009], a key establishment phase of secure communications between devices. Secret information may be generated, and public keys may be obtained from unique certificate authorities. The secret information may be dispersed into any number of shares of secret information… secret information may be encrypted based on a public key of a certificate associated with a different one of the unique certificate authorities.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave's systems for generating authentication credentials through cooperation between multiple certificate authorities using distributed cryptographic signing operations to ensure that no single authority possesses complete signing control over the authentication credential as taught by Orsini in order to enhance security and resilience of certificate generation and authentication processes across network environments. The motivation is to ensure that cryptographic credentials are generated using multi-party computation-based thresholding, thereby reducing the risk of compromise and improving trust in distributed authentication infrastructures.
Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Gustave (US Publication No. 20060087999 A1) in view of Orsini(US Publication No. 20110202755 A1) in further view of Takenaka(Foreign Publication No. WO2008075420 A1)
Regarding Claim 20:
Gustave in view of Orsini disclose:
The method of claim 15…
Gustave in view of Orsini do not disclose:
wherein generating the digital certificate further comprises performing a FROST custom threshold signing operating
Takenakai discloses:
wherein generating the digital certificate further comprises performing a FROST custom threshold signing operating(Takenakai, [0164], According to such a series of electronic signatures up to the aggregate signature signature, a Schnoor digital signature based on the elliptic curve discrete logarithm problem that is not used for the aggregate signature is applied to the aggregate signature).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of Orsini’s method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of Orsini’s systems for generating authentication credentials using distributed threshold digital signature operations among multiple trusted authorities to ensure that the signing process does not rely on a single signing authority as taught by Takenakai in order to enhance the security and integrity of certificate generation used for authenticating mobile devices across network environments. The motivation is to ensure that authentication credentials are generated through cooperative threshold signing mechanisms that improve resistance to compromise and strengthen trust in distributed authentication infrastructures.
Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Gustave (US Publication No. 20060087999 A1) in view of Orsini(US Publication No. 20110202755 A1) in further view of Giraud(US Publication No. 20160295414 A1).
Regarding Claim 17:
Gustave in view of Orsini disclose:
The method of claim 15…
Gustave in view of Orsini do not disclosewherein the device is an automobile
Giraud discloses:
wherein the device is an automobile (Giraud, [0026], Vehicle 110 is further depicted as including a TCU 114 located on-board the vehicle. It will be appreciated that vehicle 110 may be one of a plurality of vehicles having their own respective OBD system and on-board TCU).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of Orsini method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of Orsini systems for supporting authentication of mobile communication devices integrated within vehicular platforms to ensure secure communication between vehicle-embedded devices and wireless network infrastructure while operating across different network environments as taught by Giraud in order to enhance secure network connectivity and authentication for vehicular communication systems interacting with multiple wireless networks. The motivation is to ensure that devices embedded within automobiles can securely authenticate and maintain trusted communications with wireless networks while the vehicle moves between different network coverage areas.
Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Gustave (US Publication No. 20060087999 A1) in view of Orsini(US Publication No. 20110202755 A1) and in further view of KIM (US Publication No. 20240193275 A1)
Regarding Claim 21:
Gustave in view of Orsini disclose:
The method of claim 15…
Gustave in view of Orsini do not disclose:
wherein generating the digital certificate further comprises performing a custom lattice-based signing operation
KIM discloses:
wherein generating the digital certificate further comprises performing a custom lattice-based signing operation(KIM, [0045], mbodiments may implement a Merkle signature scheme, a Winternitz signature scheme, various lattice-based signature schemes, a McEliece signature scheme, or a Niederreiter signature scheme. [0054], The computing device may sign the hash value 611 of the firmware image 610 with a private key 640 to generate the signature 620,).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of Orsini's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of Orsini's systems for generating authentication credentials using advanced cryptographic signing algorithms to ensure stronger protection of authentication credentials against evolving cryptographic attacks as taught by Kim in order to enhance the security and robustness of certificate generation and authentication mechanisms used by mobile network devices. The motivation is to ensure that authentication credentials are generated using cryptographic algorithms that provide improved resistance to emerging threats, including attacks enabled by advances in computing capabilities.
Claims 1-7 are rejected under 35 U.S.C. 103 as being unpatentable over Gustave (US Publication No. 20060087999 A1) in view of Orsini(US Publication No. 20110202755 A1) in further view of Giraud(US Publication No. 20160295414 A1).
Regarding Claim 1:
The method of claim 15, Gustave in view of Orsini in further view of Giraud disclose wherein the mobile device was authenticated for secure connection with the first network using the public key(Orsini, [0533], When a communication begins, the devices exchange their respective certificates in equations (2) and (3), and verify the authenticity of these certificates using the public key of the certificate authority);
causing the device to be authenticated for secure connection with the second network using the public key(Orsini, [0533], the first device may perform the verification by running a verification function Verify(CertDev2, PubCA), and the second device may perform the verification by running a verification function Verify(CertDev1, PubCA). If both devices are satisfied with the certificate authority's signature of the exchanged public keys, the first device sends the second device symmetric encryption key material using the second device's public key.);
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave’s method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave’s systems for maintaining authenticated communication when a mobile device transitions between network providers to ensure continuous secure connectivity across multiple wireless networks as taught by Orsini, in order to enhance secure and seamless authentication of mobile devices during transitions between different network providers. The motivation is to ensure that a device maintains a trusted identity across multiple networks without requiring reissuance of credentials, thereby reducing attack surface an improving the efficiency and security of network authentication processes.
Gustave in view of Orsini do not disclose:
further comprising: communicating via a first network operated by a first network provider
identifying a second network operated by a second network provider, different from the first network provider
and communicating via the second network
Giraud discloses:
further comprising: communicating via a first network operated by a first network provider(Giraud, [0029], a wireless link between interface 115 and interface 113 may be utilized for the exchange of communications and/or electrical power. [0032], A mobile computing device, such as example mobile computing device 150, may include or take the form of a wireless enabled portable electronic device such as a smartphone, a tablet computer, mobile communications device, a notebook or laptop computer, a wearable computing device),
identifying a second network operated by a second network provider, different from the first network provider(Giraud, [0040], Communications network 140 may include one or more wide area networks such as the Internet or a portion thereof, one or more cellular networks, one or more telephone networks, various intermediate networking devices, and edge devices such as wireless and/or wired access points, etc. FIG. 1 depicts example wireless access points 122 and 124 of communications network 140. Wireless access points 122 and 124 may support the same or different wireless communications protocols.);
and communicating via the second network(Giruad, [0030], a communications subsystem that is capable of communicating with a variety of other computing devices beyond OBD system 112. For example, FIG. 1 depicts example wireless communications between TCU 114 and mobile computing device 150 indicated by communication flow 180,).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of Orsini’s method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of Orsini’s systems for maintaining authenticated communication when a mobile device transitions between network providers to ensure continuous secure connectivity across multiple wireless networks as taught by Giraud, in order to enhance the security and reliability of communications during network handoff between different network providers. The motivation is to ensure that a mobile device remains securely authenticated and able to communicate while transitioning between different network infrastructures operated by separate providers.
Regarding Claim 2:
Gustave discloses:
The method of claim 1, Gustave in view of Orsini in further view of Giruad disclose wherein the first network provider and second network provider are members of the certificate authority alliance(Gustave, [0004], a mobile network node is situated in a geographic area covered by at least one serving network. Each serving network includes wireless communications network infrastructure managed by a corresponding network provider entity. [0033], cryptographic information to authenticate the mobile network node 202-2. Cryptographic information necessary to authenticate the mobile network node 202-2 is obtained 208 from home environment 210 of the mobile network node 202-2 and forwarded 208 to the mobile network node 202-1. [0072], a mobile network node 202 authenticates 112/114 with the corresponding serving network 200, that authentication provides “unlimited access” to cryptographic information available from peer HE's 210. In practice, cross domain access to cryptographic information needs to be controlled).
Regarding Claim 3:
The method of claim 2, Gustave in view of Orsini in further view of Giruad disclose further comprising: and using the digital certificate to cause the mobile device to be authenticated for secure connection with the second network(Gustava, [0032], Following typical prior art authentication 112/114 with a serving network 200 assuming that both mobile network nodes 202-1 and 202-2 are registered with the same home environment 210, the establishment of a secure peer-to-peer communications context is initiated by the mobile network nodes 202-1… the mobile network nodes 202 may also advertise their availability for the establishment of a secure peer-to-peer communication context therewith. [0033], The mobile network node 202-1 requests 204, perhaps via a serving network proxy 206 (typically associated with an access point or base station), required cryptographic information to authenticate the mobile network node 202-2… the mobile network node 202-2 requests 204, perhaps via the serving network proxy 206, cryptographic information required to authenticate the mobile network node 202-1. ).
Regarding Claim 4:
The method of claim 2, Gustave in view of Orsini in further view of Giruad disclose wherein the public key was generated by the certificate authority alliance using multi party computation-based thresholding(Orsini, [0007], the present invention provides two approaches to distributing trust among a set of certificate authorities… the secure proxy service may be implemented in conjunction with any suitable protocol that makes use of certificate authorities to ensure the confidentiality, integrity, and authenticity of exchanged messages. [0009], a key establishment phase of secure communications between devices. Secret information may be generated, and public keys may be obtained from unique certificate authorities. The secret information may be dispersed into any number of shares of secret information… secret information may be encrypted based on a public key of a certificate associated with a different one of the unique certificate authorities.).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave’s method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave's systems for distributed certificate generation by multiple trusted authorities to ensure improved resistance to compromise of a single authentication authority as taught by Orsini in order to enhance secure authentication of mobile devices across multiple network providers during network communication and handoff operations. The motivation is to ensure that authentication credentials are generated securely through cooperation between multiple authorities, thereby improving trust and security in distributed network authentication environments.
Regarding Claim 5:
The method of claim 1, Gustave in view of Orsini in further view of Giruad disclose wherein causing the device to be authenticated for secure connection with the second network does not involve generation of a new digital certificate for the second network(Gustave, [0038], each mobile network node 202 needs to authenticate 112/114 with the serving network 200 only once, which enables the authenticated mobile network node 202 to request 204 cryptographic information regarding multiple peer mobile network nodes 202…).
Regarding Claim 6:
The method of claim 1, Gustave in view of Orsini in further view of Giruad disclose wherein the device is an automobile(Giraud, [0026], Vehicle 110 is further depicted as including a TCU 114 located on-board the vehicle. It will be appreciated that vehicle 110 may be one of a plurality of vehicles having their own respective OBD system and on-board TCU).
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Gustave in view of Orsini's method of authenticating a mobile network node in establishing a peer-to-peer secure context between a pair of communicating mobile network nodes by enhancing Gustave in view of Orsini's systems for supporting authentication of mobile communication devices integrated into vehicles to ensure secure communication between vehicular devices and wireless network infrastructure as taught by Giraud in order to enhance secure network connectivity and authentication for mobile devices operating within vehicular platforms. The motivation is to ensure that mobile devices embedded in automobiles can securely authenticate and communicate with wireless networks while moving between network coverage areas.
Regarding Claim 7:
The method of claim 1, Gustave in view of Orsini in further view of Giruad disclose wherein the first network and second network are cellular networks having different geographic service areas(Gustave, [0004], a mobile network node is situated in a geographic area covered by at least one serving network. Each serving network includes wireless communications network infrastructure managed by a corresponding network provider entity. The network provider entity operating the serving network may be different from the service provider entity with which the mobile network node is registered.).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939. The examiner can normally be reached on M-F, 8 AM TO 5 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MAYASA SHAAWAT/
Examiner, Art Unit 2433
/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433