DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after 16 March 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to papers filed on 11 September 2024. Claims 1, 6, and 11 are independent. Claims 1-13 are pending.
Priority
Acknowledgment is made of Applicant’s claim for domestic benefit priority. This application is a continuation of U.S. Patent Application No. 17/853,215, filed 29 June 2022.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11 September 2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 6-7, and 11-13 are rejected under 35 U.S.C. 103 as being unpatentable over Burns et al., US 9,935,962 B2 (hereinafter, “Burns ‘962”), in view of Kravitz et al., US 2017/0279620 A1 (hereinafter, “Kravitz ‘620”).
As per claim 1, Burns ‘962 discloses:
An apparatus that utilizes a security token, comprising: a memory configured to store a security token, wherein the security token is a software security artifact used to uniquely identify the apparatus, wherein the apparatus comprises a product associated with a serial number (a wireless-enabled product 120 comprising a memory 213 configured to store a security token, wherein the security token is a unique value stored in memory used to authenticate the product 120, and wherein the product 120 is associated with a product ID which may be a product serial number, MAC ID, or other unique identifier [Burns ‘962, Col.5 line 54-Col.6 line 9])
and a processor operably coupled with the memory, and configured to: store the security token in the memory (a CPU 212 coupled via a bus 219 to memory 213, wherein the product receives and stores the security token in memory during manufacture [Burns ‘962, Col.8 lines 33-55, Col.11 lines 43-49])
(the server 150 receives the device ID and security token provided by the manufacturer 157 for each wireless-enabled product, and this information is stored in a database which enables the server to find the corresponding security token when provided the device ID [Burns ‘962, Col.6 lines 10-21]); ;
receive a query message to provide the security token (the wireless-enabled product 120 receives a request to provide authentication credentials when contacting the server 150, where the wireless-enabled product transmits the security token to the server 150 for verification [Burns ‘962, Col.7 line 51-Col.8 line 2]); transmit the security token to be verified (the wireless-enabled product transmits the security token to the server 150 for verification [Burns ‘962, Col.7 line 51-Col.8 line 2])
wherein the security token is determined to be verified when (a) the serial number corresponds to an expected serial number associated with the security token (the server authenticates the wireless-enabled product based on the device ID and security token by using the device ID to look up a database record and comparing the received security token to the token stored in the database [Burns ‘962, Col.11 lines 12-24]), ;
and in response to the security token being verified, participate in a communication with a user device such that the product becomes controllable from the user device (in response to the server authenticating the wireless-enabled product, the server provides network credentials to the wireless-enabled product, enabling the product to connect to the customer’s private network and communicate with user devices; control commands and operating status are exchanged [Burns ‘962, Col.8 lines 3-18, Col.10 lines 16-38]).
As stated above, Burns ‘962 does not explicitly disclose the limitations “… wherein the security token is associated with a unique identifier that uniquely identifies the security token … and the unique identifier is associated with the serial number associated with the product ... (b) the unique identifier corresponds to an expected unique identifier associated with the security token ...”.
Kravitz ‘620, however, discloses:
... wherein the security token is associated with a unique identifier that uniquely identifies the security token (IoT devices are provisioned with a digital identity token (DIT) that is associated with a unique globally unique identifier (GUID); the DIT token includes configurable identifying fields including the GUID which uniquely identifies the device client instance [Kravitz ‘620, ¶¶43-45]) ...
... and the unique identifier is associated with the serial number associated with the product (the digital identity token (DIT) and associated certificate include both the GUID and the device serial number as identifying fields, thereby associating the unique identifier (GUID) with the serial number; a certificate is provided attesting to the device’s identity including device client GUID and device public identity such as serial number [Kravitz ‘620, ¶¶43-45]) ...
... (b) the unique identifier corresponds to an expected unique identifier associated with the security token (the security ecosystem authenticates the IoT device by verifying that the IoT device client provided an acceptable digital token confirming it uniquely has received the unique ID; the security ecosystem examines the token for authenticity and each token is unique [Kravitz ‘620, ¶¶49, 53]) ...
Burns ‘962 and Kravitz ‘620 are analogous art because they are from the same field of endeavor, namely that of security token-based authentication systems for IoT devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burns ‘962 and Kravitz ‘620 before them, to modify the security token system of Burns ‘962 to include the teachings of Kravitz ‘620, namely to implement the security token of Burns ‘962 such that the security token is associated with a unique identifier (such as a GUID) that is stored together with the device serial number in the digital identity token and associated certificate, as disclosed in Kravitz ‘620, and to verify the unique identifier during the authentication process. A motivation for doing so would be to provide strong identity management for IoT devices by ensuring control over the data that is produced, exerting access control so that unauthorized parties cannot get access to the device, and having the ability to instruct a device to only listen to authorized parties (see Kravitz ‘620, ¶¶7, 25).
As per claim 2: Burns ‘962 in view of Kravitz ‘620 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Furthermore, Burns ‘962 discloses:
wherein the processor is further configured to authenticate the apparatus in response to the security token being verified (the server authenticates the wireless-enabled product based on the device ID and security token; once authenticated, the wireless-enabled product is granted access to the customer’s network credentials and is able to connect to the private network [Burns ‘962, Col.7 line 51-Col.8 line 18]).
As per claims 6-7: Claims 6-7 define a method that recites substantially similar subject matter as the apparatus of claims 1-2, respectively. Specifically, claims 6-7 are directed to a method operated by an apparatus that utilizes a security token, where the method may be performed by the apparatus of claims 1-2, respectively. Thus, the rejection of claims 1-2 is equally applicable to claims 6-7, respectively.
As per claims 11-12: Claims 11-12 define a method that recites substantially similar subject matter as the apparatus of claims 1-2, respectively. Specifically, claims 11-12 are directed to a non-transitory computer-readable medium storing instructions that when executed by one or more processors, causes the one or more processors to perform the methods that may be performed by the apparatus of claims 1-2, respectively. Thus, the rejection of claims 1-2 is equally applicable to claims 11-12, respectively.
As per claim 13: Burns ‘962 in view of Kravitz ‘620 discloses all limitations of claim 11, as stated above, from which claim 13 is dependent upon. Burns ‘962 does not explicitly disclose the limitation of claim 13. Kravitz ‘620, however, discloses:
wherein the apparatus is a thermostat (an IoT device manufacturer’s specification may be created by which manufactures of IoT devices or products incorporate IoT devices (such as: televisions; refrigerators; security systems; thermostats; and the like) to incorporate the technology into their devices at the time of manufacture [Kravitz ‘620, ¶34]).
Burns ‘962 and Kravitz ‘620 are analogous art because they are from the same field of endeavor, namely that of security token-based authentication systems for IoT devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burns ‘962 and Kravitz ‘620 before them, to modify the security token system of Burns ‘962 to include the teachings of Kravitz ‘620, namely to implement the device of Burns ‘962 to be a thermostat, as disclosed in Kravitz ‘620. A motivation for doing so would be to increase the utility of the disclosed provisioning method to a range of different IoT devices (see Kravitz ‘620, ¶34).
Claims 3 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Burns ‘962, in view Kravitz ‘620, and further in view of Brickell et al., US 2012/0137137 A1 (hereinafter, “Brickell ‘137”), and further in view of van Greunen et al., US 2010/0166015 A1 (hereinafter, “Greunen ‘015”).
As per claim 3: Burns ‘962 in view of Kravitz ‘620 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Furthermore, Burns ‘962 discloses:
The apparatus of Claim 1, wherein: the security token is one of a first plurality of security tokens (the security token is one of a plurality of security tokens, where a manufacturer 157 may configure a wireless-enabled product 120 with a product ID and a security token that are stored in memory during product manufacture [Burns ‘962, Col.5 line 54-Col.6 line 8]);
.
As stated above, Burns ‘962 does not explicitly disclose the limitations “... transmitted by a remote server to a production line server in response to the production line server requesting the remote server to provide the first plurality of security tokens designated for a component line associated with the apparatus; the first plurality of security tokens are divided into batches in response to a wireless communication channel reliability between the remote server and the production line server determined to be less than a threshold percentage; the security token is transmitted in one of the batches to the production line server; and each batch from the batches is transmitted to the production line server one at a time.”
Brickell ‘137, however, discloses:
... transmitted by a remote server to a production line server in response to the production line server requesting the remote server to provide the first plurality of security tokens designated for a component line associated with the apparatus (a key generation server 106 transmits a device unique key 110 to a manufacturing tester machine 104 via a secure channel 108, where the manufacturing tester machine 104 is coupled to hardware devices 102 under test, and where the key generation server 106 generates key materials including the hardware device unique key 110 assigned to the hardware device 102 [Brickell ‘137, ¶¶27, 30, 32-33, 51]) ...
.
Burns ‘962 (modified by Kravitz ‘620) and Brickell ‘137 are analogous art because they are from the same field of endeavor, namely that of secure provisioning of security credentials to hardware devices during manufacturing. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burns ‘962 (modified by Kravitz ‘620) and Brickell ‘137 before them, to modify the system in Burns ‘962 (modified by Kravitz ‘620) to include the teachings of Brickell ‘137, namely to implement a two-server architecture where a key generation server transmits security tokens to a manufacturing tester machine (production line server) in response to a request, as disclosed in Brickell ‘137. A motivation for doing so would be to enhance security by separating the key generation server from the manufacturing environment, thereby adding protection against a malicious manufacturing tester that stores the keys (see Brickell ‘137, ¶¶30, 37).
As stated above, Burns ‘962 (modified by Kravitz ‘620 and Brickell ‘137) does not explicitly disclose the limitations “... the first plurality of security tokens are divided into batches in response to a wireless communication channel reliability between the remote server and the production line server determined to be less than a threshold percentage; the security token is transmitted in one of the batches to the production line server; and each batch from the batches is transmitted to the production line server one at a time”.
Greunen ‘015, however, discloses:
... the first plurality of security tokens are divided into batches in response to a wireless communication channel reliability between the remote server and the production line server determined to be less than a threshold percentage (a sending node generates fragments by splitting a packet based on a value of a fragment size parameter, where the sending node compares the value of the link quality parameter with a value of a quality threshold parameter, and changes the value of the fragment size parameter based on a result of the comparison; when the link quality parameter is low, e.g., has a value below some lower threshold, the value of fragment size parameter can be lowered [Greunen ‘015, ¶¶6-7, 25]);
the security token is transmitted in one of the batches to the production line server (a first fragment is sent over a communication link to a receiving node; nodes can use multiple “bins” to track link quality corresponding to different fragment sizes and determine a link quality for each respective bin [Greunen ‘015, ¶¶7, 20, 26]);
and each batch from the batches is transmitted to the production line server one at a time (fragments are always sent in order and all fragments of a packet contain the same sequence number; the “More Frags” field is set for all fragments other than the final fragment; when transmission of a fragment fails and is re-transmitted by a node, re-transmission begins with the last unsuccessful fragment such that previously acknowledged fragments do not need to be re-transmitted [Greunen ‘015, ¶¶47-48]).
Burns ‘962 (modified by Kravitz ‘620 and Brickell ‘137) and Greunen ‘015 are analogous art because they are from the same field of endeavor, namely that of data transmission over communication networks. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burns ‘962 (modified by Kravitz ‘620 and Brickell ‘137) and Greunen ‘015 before them, to modify the system in Burns ‘962 (modified by Kravitz ‘620 and Brickell ‘137) to include the teachings of Greunen ‘015, namely to implement a dynamic fragmentation process where data (including security tokens) is divided into batches when the wireless communication channel reliability is below a threshold, and where each batch is transmitted sequentially one at a time, as disclosed in Greunen ‘015. A motivation for doing so would be to optimize network performance by dynamically changing the size of fragments sent over a communication link between two nodes according to the quality of the link, thereby improving transmission reliability by reducing the batch size when link quality is low and reducing the need for retransmissions (see Greunen ‘015, ¶¶6, 25-26).
As per claim 8: Claim 8 defines a method that recites substantially similar subject matter as the apparatus of claim 3. Specifically, claim 8 is directed to a method operated by an apparatus that utilizes a security token, where the method may be performed by the apparatus of claim 3. Thus, the rejection of claim 3 is equally applicable to claim 8.
Claims 4 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Burns ‘962, in view of Kravitz ‘620, and further in view of Brickell ‘137, and further in view of Greunen ‘015, and further in view of Schneider et al., US 2019/0121417 A1 (hereinafter, “Schneider ‘417”).
As per claim 4: Burns ‘962 in view of Kravitz ‘620, Brickell ‘137, and Greunen ‘015 discloses all limitations of claims 1 and 3, as stated above, from which claim 4 is dependent upon. Burns ‘962 in view of Kravitz ‘620, Brickell ‘137, and Greunen ‘015 does not explicitly disclose the limitations of claim 4. Schneider ‘417, however, discloses:
wherein the wireless communication channel reliability between the remote server and the production line server is determined to be less than the threshold percentage when a wireless communication speed between the processor and the production line server is less than a threshold speed (a speed change block predicts the wireless data rate corresponding to data being aggregated within a given window, and this predicted data rate is utilized to determine the link speed to be applied on the link to transfer data; threshold data rate values are defined and associated with supported link speeds of the device; determining that a predicted data rate falls at, above, or below a defined threshold causes determination of a particular link speed to be applied to an upcoming link data transfer based on the predicted data rate; for example, speed changes are determined based on determining a predicted data rate below threshold values such as “below 100 Mbps” [Schneider ‘417, ¶67]).
Burns ‘962 (modified by Kravitz ‘620, Brickell ‘137, and Greunen ‘015) and Schneider ‘417 are analogous art because they are from the same field of endeavor, namely that of data transmission over communication networks. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burns ‘962 (modified by Kravitz ‘620, Brickell ‘137, and Greunen ‘015) and Schneider ‘417 before them, to modify the system in Burns ‘962 (modified by Kravitz ‘620, Brickell ‘137, and Greunen ‘015) to include the teachings of Schneider ‘417, namely to determine communication channel reliability based on whether the wireless communication speed (data rate) falls below a defined threshold speed, as disclosed in Schneider ‘417. A motivation for doing so would be to select adequate link speeds for sending data at the lowest power consumption while still being capable of handling the incoming data, thereby optimizing power usage by the link (see Schneider ‘417, ¶¶61, 67).
As per claim 9: Claim 9 defines a method that recites substantially similar subject matter as the apparatus of claim 4. Specifically, claim 9 is directed to a method operated by an apparatus that utilizes a security token, where the method may be performed by the apparatus of claim 4. Thus, the rejection of claim 4 is equally applicable to claim 9.
Claims 5 and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Burns ‘962, in view of Kravitz ‘620, and further in view of Brickell ‘137.
As per claim 5: Burns ‘962 in view of Kravitz ‘620 discloses all limitations of claim 1, as stated above, from which claim 5 is dependent upon. Furthermore, Burns ‘962 discloses:
wherein the security token is one of a second plurality of security tokens (the security token is one of a plurality of security tokens, where a manufacturer 157 may provide a security token and device ID to the server 150 for each wireless-enabled product [Burns ‘962, Col.5 line 54-Col.6 line 8]).
As stated above, Burns ‘962 does not explicitly disclose the limitation “... transmitted by a token server to a remote server in response to the remote server requesting the token server to provide the second plurality of security tokens for a component line associated with the apparatus”.
Brickell ‘137, however, discloses:
... transmitted by a token server to a remote server in response to the remote server requesting the token server to provide the second plurality of security tokens for a component line associated with the apparatus (a key generation server 106 sends the contents of a provisioning database 112 to a provisioning server 500, where the provisioning database 112 stores a provisioning identifier and a provisioning key for each hardware device 102 that has been tested by the manufacturing tester machine 104, and where the provisioning server 500 performs on-line provisioning of keys via a communications network 504 to platforms 502 in which the hardware device 102 is installed; when the hardware device 102 discovers that its keys have been revoked, the device issues a request to contact the provisioning server 500, and accordingly the provisioning server 500 requires keys from the key generation server 106 to fulfill such requests [Brickell ‘137, ¶¶51, 53-55]).
Burns ‘962 (modified by Kravitz ‘620) and Brickell ‘137 are analogous art because they are from the same field of endeavor, namely that of secure provisioning of security credentials to hardware devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burns ‘962 (modified by Kravitz ‘620) and Brickell ‘137 before them, to modify the system in Burns ‘962 (modified by Kravitz ‘620) to include the teachings of Brickell ‘137, namely to implement a two-tier server architecture where a key generation server (token server) transmits security tokens to a provisioning server (remote server) for subsequent distribution to hardware devices, as disclosed in Brickell ‘137. A motivation for doing so would be to enable on-line provisioning of keys to platforms via a communications network, thereby allowing keys to be provisioned to hardware devices after manufacture and enabling key renewal when existing keys have been revoked (see Brickell ‘137, ¶¶54-55).
As per claim 10: Claim 10 defines a method that recites substantially similar subject matter as the apparatus of claim 5. Specifically, claim 10 is directed to a method operated by an apparatus that utilizes a security token, where the method may be performed by the apparatus of claim 5. Thus, the rejection of claim 5 is equally applicable to claim 10.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
Wah, US 20190287096 A1: providing security to a token, where a digital security system generating a unique token identification code for each token to be locked; the digital security system storing in a database each token identification code; a POS system obtaining the unique token identification code from the token being purchased.
De Jong et al., US 10505931 B2: provisioning an integrated circuit (IC) device with a unique identification number (UID). The IC device is configured to calculate a device-specific key (DSK) using the UID. The UID is used with a secure application separate from the IC device to calculate the DSK.
Duval, US 20200322134 A1: a key management server (KMS) has a certificate generator and is coupled to a registration portal. A copy of secret implemented into a secure component during its manufacture in a factory is stored in the KMS. The component can be assembled into the device. The portal receives a hash of software of the device.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN L KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 9:00am-7:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ALAN L KONG/
Examiner, Art Unit 2494
/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494