DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to communication filed on 09/03/2024.
Claims 1-20 present for examination.
Response to Arguments
Applicant's arguments filed 03/30/2026 have been fully considered but they are not persuasive.
Applicant argued that Mondello does not disclose the feature of “storing, in a memory of a device having pins, a unique device secret inaccessible through the pins of the device after completion of manufacture of the device”.
In response to applicant’s argument, the examiner interpreted the claim as storing a unique device secret in a memory of a device after completion of manufacture of the device, and the unique device secret is inaccessible through the pins of the device. Mondello discloses when the computing device is manufactured, the manufacturer can inject a UDS into memory ([0064]), security of the communication protocol is based on a secret value, which is a device secret (e.g., a UDS), that is set during manufacture (or also later) ([0118]), the device secret UDS is accessible to the first stage ROM-based boot loader at boot time ([0119]), and the customer UDS is protected at a hardware level (e.g., inaccessibility of layer 0 external to the component), the UDS cannot be read by anyone, but it can be replaced ([0158]). Therefore, Mondello discloses “storing, in a memory of a device having pins, a unique device secret inaccessible through the pins of the device after completion of manufacture of the device”.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1, 4, 6, 9, 10, 13, 15, and 18-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 3, 7, 11, 15, 16, and 18-20 of U.S. Patent No. 12,088,581 B2 in view of Uy et al. (US 2022/0167152 A1) and Neystadt et al. (US 2020/0186501 A1).
Instant Application
Patent (12,088,581 B2)
1. A method, comprising:
storing, in a memory of a device having pins, a unique device secret inaccessible through the pins of the device after completion of manufacture of the device;
generating, by the device, a cryptographic key based at least in part on the unique device secret;
generating, in connection with an activity of an endpoint containing the device, identity data having a message and a verification code generated using the message and the cryptographic key; and
providing the identity data to enable generation of, based on validation of the endpoint having the device, an activity record in association with the activity.
1. A method, comprising:
storing, into a server system during manufacture of a memory device, first data representative of a unique device secret configured in the memory device and inaccessible through pins of the memory device after completion of the manufacture of the memory device;
generating, in the server system, a first cryptographic key based at least in part on the first data and independently from the memory device generating a second cryptographic key based at least in part on the unique device secret configured in the memory device, wherein the memory device is installed in a computing device having a plurality of components;
receiving, in the server system, a validation request in an activity of the computing device, the validation request containing identity data having a message and a verification code generated using the message and the second cryptographic key;
determining, by the server system using the first cryptographic key, whether the verification code is valid for the message;
determining a plurality of identifications for the plurality of components respectively through validation of the identity data; and
generating an activity record associating the activity of the computing device with the plurality of identifications in response to a determination that the verification code is valid.
4. The method of claim 3, wherein the message includes a plurality of identifications respectively for a plurality of components configured in the endpoint.
7. The method of claim 6, wherein the message includes the public identification of the memory device; and the determining of the plurality of identifications includes looking up the identification of the component using the public identification of the memory device provided in the message.
6. The method of claim 5, wherein the plurality of components include a hardware component outside of the device, and a software component stored in the device.
3. The method of claim 2, wherein the plurality of components include a software component and a hardware component.
9. The method of claim 8, further comprising:
generating an activity record associating the activity of the endpoint with the plurality of identifications in response to a determination that the verification code is valid.
1. A method, comprising:
…
…
generating an activity record associating the activity of the computing device with the plurality of identifications in response to a determination that the verification code is valid.
10. A device, comprising:
pins;
a memory configured to store a unique device secret inaccessible through the pins of the device after completion of manufacture of the device; and
a circuit configured to:
generate a cryptographic key based at least in part on the unique device secret;
generate, in connection with an activity of an endpoint containing the device, identity data having a message and a verification code generated using the message and the cryptographic key; and
provide the identity data to enable generation of, based on validation of the endpoint having the device, an activity record in association with the activity.
11. A computing system, comprising:
memory storing instructions; and
at least one processor configured via the instructions to:
store, into a database during manufacture of a memory device, first data representative of a unique device secret configured in the memory device and inaccessible through pins of the memory device after completion of the manufacture of the memory device;
generate a first cryptographic key based at least in part on the first data and independently from the memory device generating a second cryptographic key based at least in part on the unique device secret configured in the memory device, wherein the memory device is installed in a computing device having a plurality of components;
receive a validation request in an activity of the computing device, the validation request containing identity data having a message and a verification code generated using the message and the second cryptographic key;
determine, using the first cryptographic key, whether the verification code is valid for the message;
determining a plurality of identifications for the plurality of components respectively through validation of the identity data; and
generating an activity record associating the activity of the computing device with the plurality of identifications, in response to a determination that the verification code is valid.
13. The device of claim 12, wherein the message includes a plurality of identifications respectively for a plurality of components configured in the endpoint.
16. The computing system of claim 14, wherein the message includes the public identification of the memory device; and the at least one processor is further configured via the instructions to:
look up the identification of the component using the public identification of the memory device provided in the message.
15. The device of claim 14, wherein the plurality of components include a hardware component outside of the device, and a software component stored in the device.
15. The computing system of claim 14, wherein the component is a software component or a hardware component.
18. The computing system of claim 17, further configured to generate an activity record associating the activity of the endpoint with the plurality of identifications in response to a determination that the verification code is valid.
11. A computing system, comprising:
…
…
generating an activity record associating the activity of the computing device with the plurality of identifications, in response to a determination that the verification code is valid.
19. A non-transitory computer storage medium storing instructions which, when executed by a device, cause the device to perform a method, the method comprising:
generating, by the device having pins, a cryptographic key based at least in part on a unique device secret stored in a memory of the device, wherein the unique device secret is inaccessible through the pins of the device after completion of manufacture of the device;
generating, in connection with an activity of an endpoint containing the device, identity data having a message and a verification code generated using the message and the cryptographic key; and
providing the identity data to enable generation of, based on validation of the endpoint having the device, an activity record in association with the activity.
18. A non-transitory computer storage medium storing instructions which, when executed by a server system, cause the server system to perform a method, the method comprising:
storing, into the server system during manufacture of a memory device, first data representative of a unique device secret configured in the memory device and inaccessible through pins of the memory device after completion of the manufacture of the memory device;
generating, in the server system, a first cryptographic key based at least in part on the first data and independently from the memory device generating a second cryptographic key based at least in part on the unique device secret configured in the memory device, wherein the memory device is installed in a computing device having a plurality of components;
receiving, in the server system, a validation request in an activity of the computing device, the validation request containing identity data having a message and a verification code generated using the message and the second cryptographic key;
determining, by the server system using the first cryptographic key, whether the verification code is valid for the message;
determining a plurality of identifications for the plurality of components respectively through validation of the identity data; and
generating an activity record associating the activity of the computing device with the plurality of identifications, in response to a determination that the verification code is valid.
20. The non-transitory computer storage medium of claim 19, wherein the message includes a plurality of identifications respectively for a plurality of components configured in the endpoint;
wherein the cryptographic key is generated based at least in part on the message; and
wherein the plurality of components include a hardware component outside of the device, and a software component stored in the device.
19. The non-transitory computer storage medium of claim 18, wherein the method further comprises:
extracting, from the message, an identification of a component in the plurality of components; or
looking up the identification of the component using a public identification of the memory device provided in the message.
20. The non-transitory computer storage medium of claim 19, wherein the first cryptographic key is generated further based on the identification of the component; and wherein the public identification of the memory device is a public key in a pair of asymmetric cryptographic keys generated using the unique device secret.
Regarding claims 1, 10, and 19, US patent US12,088,581 B2, hereinafter Shiner, in view of US 2022/0167152 A1, hereinafter Uy, and US 2020/0186501 A1, hereinafter Neystadt, disclose store unique device secret and generate cryptographic key in claims 1, 11, and 18.
Shiner does not explicitly disclose generate identity data having a message and a verification code generated using the message and the cryptographic key.
Uy discloses in [0017], for example, generate a new encrypted token based on the request for the SIM swap and based on a new identifier associated with the new SIM card of the new user device; the new identifier associated with the new Sim card may include a PIN, a password, a biometric input, and/or the like associated with a user of the new Sim card and/or the new device; the new user device may receive a public key generated by authentication device and may encrypt the new token with the public key to generate the new encrypted token.
Therefore, it would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the feature of Uy in Shiner system in order to enhance security.
Shiner and Uy do not explicitly disclose providing the identity data to enable generation of, based on validation of the endpoint having the device, an activity record in association with the activity.
However, Neystadt discloses in [0018], for example, based on the client identifier, the proxy can select and apply the correct security policy, as well as authenticate/authorize the client and create audit log of the client activities with it against that client identifier.
Therefore, it would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the feature of Neystadt in Shiner and Uy system in order to provide secure system.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 10, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mondello et al. (US 2020/0313909 A1), hereinafter Mondello, in view of Uy et al. (US 2022/0167152 A1), hereinafter Uy, in view of Neystadt et al. (US 2020/0186501 A1), hereinafter Neystadt.
Regarding claim 1, Mondello discloses
A method, comprising:
storing, in a memory (memory 145, FIG. 1) of a device (computing device 141, FIG. 1) having pins, a unique device secret (device secret 149/unique device secret (UDS), FIG. 1) inaccessible through the pins of the device after completion of manufacture of the device ([0054]: device secret 149 is a unique device secret (UDS) stored in memory of computing device 141; & [0056]: a manufacturer can use a UDS for a class or set of items that are being produced; & [0064]: when the computing device 141 is manufactured, the manufacturer can inject a UDS into memory 145; & [0118]: security of the communication protocol is based on a secret value, which is a device secret (e.g., a UDS), that is set during manufacture (or also later); & [0119]: the device secret UDS is accessible to the first stage ROM-based boot loader at boot time; & [0158]: the customer UDS is protected at a hardware level (e.g., inaccessibility of layer 0 external to the component), the UDS cannot be read by anyone, but it can be replaced);
generating, by the device, a cryptographic key based at least in part on the unique device secret ([0053]: computing device 141 generates an identifier, a certificate, and a key; & [0054]: the identifier, the certificate, and the key are generated by identity component 147 and are based on device secret 149; & [0057]: identify component 147 uses the secret key as an input to a message authentication code (MAC) to generate a derived secret).
Mondello does not explicitly disclose
generating, in connection with an activity of an endpoint containing the device, identity data having a message and a verification code generated using the message and the cryptographic key.
However, Uy discloses
generating, in connection with an activity of an endpoint containing the device, identity data having a message and a verification code generated using the message and the cryptographic key ([0017]: generate a new encrypted token based on the request for the SIM swap and based on a new identifier associated with the new SIM card of the new user device; the new identifier associated with the new Sim card may include a PIN, a password, a biometric input, and/or the like associated with a user of the new Sim card and/or the new device; the new user device may receive a public key generated by authentication device and may encrypt the new token with the public key to generate the new encrypted token).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Uy to Mondello and , because Mondello discloses generate a key based on device secret (Mondello: [0054]) and Uy further suggests generate new encrypted token by encrypting new token with key ([0017]).
One of ordinary skill in the art would be motivated to utilize the teachings of Uy in the Mondello system in order to enhance security.
Mondello and Uy do not explicitly disclose
providing the identity data to enable generation of, based on validation of the endpoint having the device, an activity record in association with the activity.
However, Neystadt discloses
providing the identity data to enable generation of, based on validation of the endpoint having the device, an activity record in association with the activity ([0018]: based on the client identifier, the proxy can select and apply the correct security policy, as well as authenticate/authorize the client and create audit log of the client activities with it against that client identifier).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Neystadt to Mondello and Uy, because Mondello and Uy disclose store unique device secret in memory of computing device (Mondello: [0054]) and Neystadt further suggests create audit log of activities ([0018]).
One of ordinary skill in the art would be motivated to utilize the teachings of Neystadt in the Mondello and Uy system in order to provide secure system.
Regarding claims 10 and 19, the limitations of claims 10 and 19 are rejected in the analysis of claim 1 above and these claims are rejected on that basis.
Claim(s) 2, 3, 11, and 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mondello in view of Uy, in view of Neystadt, and further in view of Park (US 2005/0149758 A1).
Regarding claim 2, Mondello, Uy, and Neystadt disclose the method as described in claim 1. Mondello, Uy, and Neystadt do not explicitly disclose
providing, by the device during the manufacture of the device, the unique device secret to a server system.
However, Park discloses
providing, by the device during the manufacture of the device, the unique device secret (device secret key) to a server system (home server)([0048]: the device has the device secret key allocated by the manufacturer and that the allocated device secret key is shared with the home server).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Park to Mondello, Uy, and Neystadt, because Mondello, Uy, and Neystadt disclose store unique device secret in memory of computing device (Mondello: [0054]) and Park further suggests device shares device secret key with home server ([0048]).
One of ordinary skill in the art would be motivated to utilize the teachings of Park in the Mondello, Uy, and Neystadt system in order to provide secure system.
Regarding claim 3, Mondello, Uy, Neystadt, and Park disclose the method as described in claim 2. Mondello, Uy, Neystadt and Park further disclose
the unique device secret provided by the device during the manufacture of the device enables the server system to independently generate the cryptographic key after the manufacture of the device (Park: [0050]: the home server generates the authentication key for the device using the device secret key, the device address, and the device authentication value). Therefore, the limitations of claim 3 are rejected in the analysis of claim 2 above, and the claim is rejected on that basis.
Regarding claims 11 and 12, the limitations of claims 11 and 12 are rejected in the analysis of claims 2 and 3 respectively, and these claims are rejected on that basis.
Claim(s) 4-6, and 13-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mondello in view of Uy, in view of Neystadt, in view of Park, and further in view of Beck et al. (US 2021/0256133 A1), hereinafter Beck.
Regarding claim 4, Mondello, Uy, Neystadt, and Park disclose the method as described in claim 3. Mondello, Uy, Neystadt and Park do not explicitly disclose
the message includes a plurality of identifications respectively for a plurality of components configured in the endpoint.
However, Beck discloses
the message includes a plurality of identifications respectively for a plurality of components configured in the endpoint ([0048]: the key may be generated based on one or more hardware component identifiers (ID) for hardware of the device and/or one or more pieces of firmware code of the device).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Beck to Mondello, Uy, Neystadt, and Park, because Mondello, Uy, Neystadt, and Park disclose store unique device secret in memory of computing device (Mondello: [0054]) and Beck further suggests generate key based on one or more hardware component identifiers for hardware of the device and one or more pieces of firmware code of the device ([0048]).
One of ordinary skill in the art would be motivated to utilize the teachings of Beck in the Mondello, Uy, Neystadt, and Park system in order to provide secure system.
Regarding claim 5, Mondello, Uy, Neystadt, Park, and Beck disclose the method as described in claim 4. Mondello, Uy, Neystadt, Park, and Beck further disclose
the cryptographic key is generated based at least in part on the message (Park: [0050]: the home server generates the authentication key for the device using the device secret key, the device address, and the device authentication value; device address corresponds to message).
Regarding claim 6, Mondello, Uy, Neystadt, Park, and Beck disclose the method as described in claim 5. Mondello, Uy, Neystadt, Park, and Beck further disclose
the plurality of components include a hardware component outside of the device, and a software component stored in the device (Beck: [0048]: the key may be generated based on one or more hardware component identifiers (ID) for hardware of the device and/or one or more pieces of firmware code of the device).
Regarding claims 13-15, the limitations of claims 13-15 are rejected in the analysis of claims 4-6 respectively, and these claims are rejected on that basis.
Claim(s) 7 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mondello in view of Uy, in view of Neystadt, in view of Park, in view of Beck, and further in view of Loreskar (US 2019/0289464 A1).
Regarding claim 7, Mondello, Uy, Neystadt, Park, and Beck disclose the method as described in claim 6. Mondello, Uy, Neystadt, Park, and Beck do not explicitly disclose
validating, by the server system, the identity data using the cryptographic key generated in independently by the server system after the manufacture of the device.
However, Loreskar discloses
validating, by the server system, the identity data using the cryptographic key generated in independently by the server system after the manufacture of the device ([0042]: a symmetric key may be used both by the terminal device to prove its identity, and by other parties to verify the identity of the terminal device).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Loreskar to Mondello, Uy, Neystadt, Park, and Beck because Mondello, Uy, Neystadt, Park, and Beck disclose generate key based on device secret (Mondello: [0054]) and Loreskar further suggests using symmetric key to verify identity of device ([0042]).
One of ordinary skill in the art would be motivated to utilize the teachings of Loreskar in the Mondello, Uy, Neystadt, Park, and Beck system in order to increase the security.
Regarding claim 16, the limitations of claim 16 are rejected in the analysis of claim 7 above and this claim is rejected on that basis.
Claim(s) 8, 9, 17, and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mondello in view of Uy, in view of Neystadt, in view of Park, in view of Beck, in view of Loreskar, and further in view of Palli et al. (US 2019/0199720 A1), hereinafter Palli.
Regarding claim 8, Mondello, Uy, Neystadt, Park, Beck, and Loreskar disclose the method as described in claim 7. Mondello, Uy, Neystadt, Park, Beck, and Loreskar do not explicitly disclose
determining the plurality of identifications respectively for the plurality of components configured in the endpoint through the validation of the identity data.
However, Palli discloses
determining the plurality of identifications respectively for the plurality of components configured in the endpoint through the validation of the identity data ([0099]: identifying a plurality of device identifiers of the computing device).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Palli to Mondello, Uy, Neystadt, Park, Beck, and Loreskar, because Mondello, Uy, Neystadt, Park, Beck, and Loreskar disclose store unique device secret in memory of computing device (Mondello: [0054]) and Palli further suggests identify a plurality of device identifiers of the computing device ([0099]).
One of ordinary skill in the art would be motivated to utilize the teachings of Palli in the Mondello, Uy, Neystadt, Park, Beck, and Loreskar system in order to uniquely identify the device.
Regarding claim 9, Mondello, Uy, Neystadt, Park, Beck, Loreskar, and disclose the method as described in claim 8. Mondello, Uy, Neystadt, Park, Beck, Loreskar, and further disclose
generating an activity record associating the activity of the endpoint with the plurality of identifications in response to a determination that the verification code is valid (Neystadt: [0018]: based on the client identifier, the proxy can select and apply the correct security policy, as well as authenticate/authorize the client and create audit log of the client activities with it against that client identifier).
Regarding claims 17-18, the limitations of claims 17-18 are rejected in the analysis of claims 8-9 respectively, and these claims are rejected on that basis.
Claim(s) 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mondello in view of Uy, in view of Neystadt, in view of Beck, and further in view of Park.
Regarding claim 20, Mondello, Uy, and Neystadt disclose the non-transitory computer storage medium as described in claim 19. Mondello, Uy, and Neystadt do not explicitly disclose
the message includes a plurality of identifications respectively for a plurality of components configured in the endpoint;
wherein the plurality of components include a hardware component outside of the device, and a software component stored in the device.
However, Beck discloses
the message includes a plurality of identifications respectively for a plurality of components configured in the endpoint ([0048]: the key may be generated based on one or more hardware component identifiers (ID) for hardware of the device and/or one or more pieces of firmware code of the device);
the plurality of components include a hardware component outside of the device, and a software component stored in the device ([0048]: the key may be generated based on one or more hardware component identifiers (ID) for hardware of the device and/or one or more pieces of firmware code of the device).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Beck to Mondello, Uy, and Neystadt, because Mondello, Uy, and Neystadt disclose store unique device secret in memory of computing device (Mondello: [0054]) and Beck further suggests generate key based on one or more hardware component identifiers for hardware of the device and one or more pieces of firmware code of the device ([0048]).
One of ordinary skill in the art would be motivated to utilize the teachings of Beck in the Mondello, Uy, and Neystadt system in order to provide secure system.
Mondello, Uy, Neystadt, and Beck do not explicitly disclose
the cryptographic key is generated based at least in part on the message.
However, Park discloses
the cryptographic key is generated based at least in part on the message ([0050]: the home server generates the authentication key for the device using the device secret key, the device address, and the device authentication value; device address corresponds to message).
It would have been obvious to a person with ordinary skill in the art before the effective filing date of the claimed invention to incorporate feature of Park to Mondello, Uy, Neystadt, and Beck because Mondello, Uy, Neystadt, and Beck disclose store unique device secret in memory of computing device (Mondello: [0054]) and Park further suggests device shares device secret key with home server ([0048]).
One of ordinary skill in the art would be motivated to utilize the teachings of Park in the Mondello, Uy, Neystadt, and Park system in order to provide secure system.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Murray et al. (US 10,326,797 B1). The first device has a secure element that stores a device secret; generate a pairing key using the device secret.
Sugarev (US 2022/0239483 A1). Generates the protected version of the refresh token by either encrypting the refresh token based on the client identifier or by generating a signature and provide a message authentication code for the refresh token.
Cho et al. (US 8,069,478 B2). The CPU receives the request for authentication and the random value, generates a session key using the random value, generates a first message authentication code (MAC) using the generated session key, and transmits the generated first MAC, pre-stored electronic signature information, and a random value to the main controller.
Teng et al. (US 2011/0131418 A1). a user is allowed to set up a personalized electronic key, and an authentication code of the electronic key is generated according to a hardware identification code and a user password so that the user's data can be further protected ([0040].
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KAYLEE J HUANG whose telephone number is (571)272-0080. The examiner can normally be reached Monday-Friday 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached at 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
Kaylee Huang
06/12/2026
/KAYLEE J HUANG/Primary Examiner, Art Unit 2447