DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1 – 6 and 8 – 12 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Lekkas, publication number: US 2019/0281052.
As per claim 1, Lekkas teaches a mobility service provision system comprising:
an in-vehicle system that includes a plurality of electronic control units that are mounted in a vehicle and connected to an in-vehicle network (ECUs 140, 145 and 150, [0025] Fig. 1);
an authorization policy provision unit provided outside the vehicle (server 390, Fig. 3, 390, [0059][0064]),
wherein
the in-vehicle system includes:
a plurality of function blocks, each of which is mounted in one of the plurality of electronic control units and configured to execute a predetermined process (ECUs corresponding to different domains, [0025]); and
a coordination controller configured to implement coordination between the plurality of function blocks (Security module 310, [0061]),
the coordination controller includes:
a policy storage configured to acquire and store an authorization policy that defines an access privilege between the plurality of function blocks from the authorization policy provision unit (Security policies 364 from server 390, [0072]); and
an access controller configured to
when receiving an access request from a use source block that is one of the plurality of function blocks to a use destination block that is another of the plurality of function blocks, determine whether the access privilege of the use source block to the use destination block is present based on the authorization policy stored in the policy storage, and transmit the access request to the use destination block when determining that the access privilege is present (security module buffering requests, [0068-0070]), and
the authorization policy provision unit is configured to provide, to the in-vehicle system, as the authorization policy, a static viewpoint policy generated by integrating a plurality of viewpoint-specific policies based on the plurality of viewpoint-specific policies that define the access privilege for each of a plurality of viewpoints focusing on a static attribute of the plurality of function blocks (Combination of benign operations for ECU target, [0072]).
As per claim 2, Lekkas teaches wherein one of the plurality of viewpoint-specific policies has, as a viewpoint, safety of a function provided by the plurality of function blocks (Active safety system, [0025]).
As per claim 3, Lekkas teaches wherein one of the plurality of viewpoint-specific policies has a viewpoint of reliability of a provider of the plurality of function blocks (Credentials [0031]).
As per claim 4, Lekkas teaches wherein the authorization policy includes, in addition to the static viewpoint policy, at least one dynamic viewpoint policy that defines the access privilege for each of at least one viewpoint focusing on a dynamic attribute of the plurality of function blocks (Installed by owner, [0031]).
As per claim 5, Lekkas teaches wherein one of the at least one dynamic viewpoint policy has, as the viewpoint, presence or absence of consent of a vehicle user (Installed by owner, [0031]).
As per claim 6, Lekkas teaches wherein one of the at least one dynamic viewpoint policy has, as the viewpoint, an access status between the plurality of function blocks (Disabling, [0052]).
As per claim 8, Lekkas teaches an in-vehicle system comprising:
a plurality of function blocks, each of which is mounted in one of a plurality of electronic control units connected to an in-vehicle network and configured to execute a predetermined process (ECUs corresponding to different domains, [0025]); and
a coordination controller configured to implement coordination between the plurality of function blocks (Security module 310, [0061]),
wherein
the coordination controller includes:
a policy storage configured to store an authorization policy that defines an access privilege between the plurality of function blocks (Security policies 364, [0072]);
an access controller configured to
when receiving an access request from a use source block that is one of the plurality of function blocks to a use destination block that is another of the plurality of function blocks, determine whether the access privilege of the use source block to the use destination block is present based on the authorization policy stored in the policy storage (Security module buffering requests, [0068-0070]), and
transmit the access request to the use destination block when determined that the access privilege is present (Transmitting buffered instructions, [0070]), and
the authorization policy includes a static viewpoint policy generated by integrating a plurality of viewpoint-specific policies based on the plurality of viewpoint-specific policies that define the access privilege for each of a plurality of viewpoints focusing on a static attribute of the plurality of function blocks (Combination of benign operations for ECU targets, [0072]).
As per claim 9, Lekkas teaches a management server communicably connected to a vehicle including an in-vehicle system including a plurality of electronic control units connected to an in-vehicle network, the management server comprising:
an authorization policy storage that is mounted in any one of the plurality of electronic control units and configured to store an authorization policy referenced for controlling an access privilege from a use source block that is one of a plurality of function blocks configured to execute a predetermined process to a use destination block that is another one of the plurality of function blocks (Security policies 364, [0072]);
an authorization policy generation unit configured to
generate a static viewpoint policy by integrating a plurality of viewpoint-specific policies based on the plurality of viewpoint-specific policies that define the access privilege for each of a plurality of viewpoints focusing on a static attribute of the plurality of function blocks (Receiving policies from remote server 390, [0064][0072]), and
cause the authorization policy storage to store the static viewpoint policy as the authorization policy (Storing policy from remote server, [0072]); and
an authorization policy provision unit configured to provide the authorization policy stored in the authorization policy storage to the vehicle (Using stored security policies to authorize requests, [0072]).
As per claim 10, Lekkas teaches wherein
the authorization policy generation unit is configured to
generate a dynamic viewpoint policy by integrating a plurality of viewpoint-specific policies based on the plurality of viewpoint-specific policies that define the access privilege for each of a plurality of viewpoints focusing on a dynamic attribute of the plurality of function blocks, and
cause the authorization policy storage to store the dynamic viewpoint policy as the authorization policy (disabling access, [0052]).
As per claim 11 and 12, Lekkas teaches an access control method for controlling an access between a plurality of function blocks by at least one of a plurality of electronic control units using an authorization policy that defines an access privilege between the plurality of function blocks, each which is mounted on any one of the plurality of electronic control units and configured to execute a predetermined process, the at least one of a plurality of electronic control units being connected to an in-vehicle network (ECUs corresponding to different domains, [0025], ECUs being controlled by security module 310, [0061]), the access control method comprising:
using, as the authorization policy, a static viewpoint policy generated by integrating a plurality of viewpoint-specific policies based on the plurality of viewpoint-specific policies that define the access privilege for each of a plurality of viewpoints focusing on a static attribute of the plurality of function blocks (Combination of benign operations for ECU target, [0072]);
when receiving an access request from a use source block that is one of the plurality of function blocks to a use destination block that is another of the plurality of function blocks, determining whether the access privilege of the use source block to the use destination block is present according to the authorization policy (buffering requests, [0068-0070]); and
transmitting the access request to the use destination block when determined that the access privilege is present (Transmitting buffered instructions, [0070]).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 7 is rejected under 35 U.S.C. 103 as being unpatentable over Lekkas, publication number: US 2019/0281052 in view of Guo, publication number: US 2022/0019676.
As per claim 7, Lekkas teaches authorizing commands with regards to ECUs in a vehicle.
Lekkas does not teach wherein the authorization policy is generated to have, as the viewpoint, at least one of safety, finance, operation, or privacy, and
the safety, the finance, the operation, and the privacy are classified as a security protection asset.
In an analogous art, Guo teaches wherein the authorization policy is generated to have, as the viewpoint, at least one of safety, finance, operation, or privacy, and
the safety, the finance, the operation, and the privacy are classified as a security protection asset (Security analysis based on the Safety, Finance, operation and privacy method, [0047][0052][0096-0097][0113]).
Therefore, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify Lekkas to include an SFOP system as described in Guo’s automotive risk analysis system for the advantage of reducing decision related risks.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLUGBENGA O IDOWU whose telephone number is (571)270-1450. The examiner can normally be reached Monday-Friday 8am - 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached at 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/OLUGBENGA O IDOWU/Primary Examiner, Art Unit 2494