Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the filing of the application on 11/07/2024. Claims 1-10 are currently pending in the filing of 11/07/2024, and no claims have been amended, cancelled, or added since the filing of the application.
Information Disclosure Statements
The information disclosure statement(s) (IDS) submitted on 12/04/2024 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement(s) have been considered by the examiner.
Claim Objections
Claim 10 is objected to because of the following informalities: claim 10 starts with the recitation of “A system for establishing a communication connection”, however, claim 10 depends upon claim 9. The examiner will interpret claim 10 instead as “The system for establishing a communication connection …”. Appropriate correction is required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 5, and 7-10 are rejected under 35 U.S.C. 103 as being unpatentable over US 20240267728 to Woodworth et al. (hereinafter Woodworth ), in view of US 20240364760 to Paiuk (hereinafter Paiuk), in view of US 20240187242 to Tsou (hereinafter Tsou).
Regarding claim 1, Woodworth teaches,
A method for authorizing a configuring of a first device by a second device, the method comprising: (fig. 1, Abstract & [0012] teach user device 105 \ “second device” and new wireless device 140 & local network device 110 \ “first device”. [0047] teaches devices 140 of fig. 1 on customer premises providing configuration data to each other.)
displaying, by the first device, an (fig. 1, Abstract & [0012] teach barcode displayed a display device of a local network device.)
detecting, by the second device, the first code via an optical sensor; (fig. 1, Abstract & [0012] teach user device \ “second device” scanning the displayed barcode.)
detecting, by the second device, a second code provided on a surface of the first device; (fig. 1, Abstract & [0012] teaches the code affixed to the device’s surface.)
authenticating the second device (fig. 1, Abstract & [0012] teach the user device establishing a secure wireless connection with the local area device. [0027] teaches the user device using a password to establish the connection with the local area device.)
authorizing, . (fig. 1, Abstract & [0012] teach the configuration of the user device & local area device by the second device \ “user device”. )
Woodworth fails to explicitly teach use of a server to authenticate the second device and using the server to authorize based on codes,
However, Paiuk teaches,
authenticating the second device to a server; (Abstract, [0014] & fig. 7 teaches that the first mobile device 402 is known and associated with a user account, while the second mobile device 408 is unknown.)
authenticating, by the server, an identity of the second device; (Abstract, [0014] & fig. 7 teaches that the first mobile device 402 is known and associated with a user account, while the second mobile device 408 is unknown.)
sending, by the first device, a first representation of the codes over a network to the server; (fig. 7, 708 & 710, and [0104] teaches the first and second user devices sending the image data, based on a displayed codes.)
sending, by the second device, a second representation of the codes to the server; and (fig. 7, 708 & 710, and [0104] teaches the first and second user devices sending the image data, based on a displayed codes.)
authorizing, by the server, a configuring of the first device by the second device based on the representations. (fig. 7, 712 & 418 teach comparing and mating the image data, and opening a channel at 420. See also [0104].)
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Woodworth, which teaches using barcodes \ visual codes to authorize configuration of a device that was not known (Abstract & [0012]), with Paiuk, which also teaches using visual codes to authenticate an unknown device (Abstract, fig. 7, & [0104]), and additionally teaches using a server to authenticate the unknown device based on the known device 402 and unknown device 408 providing images of the visual codes to the server for comparison (fig. 7 & [0104]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Woodworth with the added ability to use an external server to authenticate an unknown user so that the unknown user can access additional services online, as taught by Paiuk, for the purpose of increasing security and increasing user convenience by using a known \ authenticated device to authenticate an unknown device.
Woodworth and Paiuk fail to explicitly teach the first device displaying a code that is generated at least partially on randomness,
However, Tsou teaches,
displaying, by the first device, an at least partially randomly generated first code; ([0045] teaches that the self-key \ QR code is based on random information.)
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Woodworth, which teaches using barcodes \ visual codes to authorize configuration of a device that was not known (Abstract & [0012]), with Paiuk, which also teaches using visual codes to authenticate an unknown device (Abstract, fig. 7, & [0104]), and additionally teaches using a server to authenticate the unknown device based on the known device 402 and unknown device 408 providing images of the visual codes to the server for comparison (fig. 7 & [0104]), with Tsou, which also teaches authentication \ verification using visual codes ([0019]), and additionally teaches the use of random information to generate the visual code \ QR code ([0045]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Woodworth and Paiuk with the added ability to utilize randomness in generating the visual code, as taught by Tsou, for the purpose of increasing security by utilizing random visual codes that cannot be calculated or determined by an imposter.
Regarding claim 2, Woodworth, Paiuk and Tsou teach,
The method according to claim 1, wherein the second code is a one- or two-dimensional barcode. (Woodworth, [0019] teaches both one and two dimensional barcodes.)
Regarding claim 5, Woodworth, Paiuk and Tsou teach,
The method according to claim 1, wherein the first device is configured to start displaying the first code in response to a request by the second device or a manual input to the first device. (Woodworth, [0027] teaches generating a second barcode on the display in response to initiating the configuration \ access of the device, which generates the second barcode.)
Regarding claim 7, Woodworth, Paiuk and Tsou teach,
The method according to claim 1, wherein the first device is a control device. (Woodworth, [0040] teaches devices 140 may include computers, home appliances, and industrial devices.)
Regarding claim 8, Woodworth, Paiuk and Tsou teach,
The method according to claim 1, wherein the second device is a portable device with an energy storage that supplies the second device with energy. (Woodworth, [0020] teaches that the user device \ “second device” is a mobile phone.) (Paiuk, fig. 7, teaches first mobile device 402 as the known device.)
Regarding claim 9, Woodworth, Paiuk and Tsou teach,
A system for establishing a communication connection between a first device and a server over a network, the system comprising:
the first device; and
a second device configured to authenticate itself to the server and configured to forward a second representation of a first code, which is visually displayed by the first device, and a second code, which is provided on a surface of the first device and detected by the second device, to the server.
Claim 9 is rejected using the same basis of arguments used to reject claim 1 above.
Regarding claim 10, Woodworth, Paiuk and Tsou teach,
A system for establishing a communication connection between a first device and a server over a system according to claim 9, wherein the first device is configured:
to generate the first code at least partially randomly; and
to authenticate itself to the server by sending a first representation of the first code and the second code.
Claim 10 is rejected using the same basis of arguments used to reject claim 1 above.
Claims 3-4 are rejected under 35 U.S.C. 103 as being unpatentable over Woodworth, in view of Paiuk, in view of Tsou, in view of US 20160219047 to Jayaraman et al. (hereinafter Jayaraman).
Regarding claim 3, Woodworth, Paiuk and Tsou teach,
The method according to claim 1,
Woodworth, Paiuk and Tsou fail to explicitly teach the use of sequential / flashing codes as the first code,
However, Jayaraman teaches,
wherein the displaying of the first code is a sequential displaying of first elements of which the first code is composed. (Abstract, teaches visual flashing codes used for authentication. [0045] teaches the visual flashing codes are a sequence or patterns of flickering / flashes at different frequencies.)
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Woodworth, which teaches using barcodes \ visual codes to authorize configuration of a device that was not known (Abstract & [0012]), with Paiuk, which also teaches using visual codes to authenticate an unknown device (Abstract, fig. 7, & [0104]), and additionally teaches using a server to authenticate the unknown device based on the known device 402 and unknown device 408 providing images of the visual codes to the server for comparison (fig. 7 & [0104]), with Tsou, which also teaches authentication \ verification using visual codes ([0019]), and additionally teaches the use of random information to generate the visual code \ QR code ([0045]), with Jayaraman, which also teaches the use of visual codes in authentication (Abstract), and additionally teaches the use of flashes at various frequencies to implement the visual flashing code ([0045]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Woodworth, Paiuk and Tsou with the added ability to utilize visually flashing codes, as taught by Jayaraman, for the purpose of increasing security on devices that have limited visual output means while maintaining computational efficiency on simple devices without displays.
Regarding claim 4, Woodworth, Paiuk, Tsou and Jayaraman teach,
The method according to claim 3, wherein the sequential displaying of the first elements is performed by flashing one or more signal lights. (Jayaraman, Abstract, teaches visual flashing codes used for authentication. [0045] teaches the visual flashing codes are a sequence or patterns of flickering / flashes at different frequencies.)
Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Woodworth, in view of Paiuk, in view of Tsou, in view of US 20220417744 to Ilincic et al. (hereinafter Ilincic).
Regarding claim 6, Woodworth, Paiuk and Tsou teach,
The method according to claim 1,
Woodworth, Paiuk and Tsou fail to explicitly teach stopping display of the code based on a request \ signal,
However, Ilincic teaches,
wherein the first device is configured to stop displaying the first code in response to a request by the second device or a manual input to the first device. (Claim 4, teaches stop displaying a QR code in response to a signal from the untrusted device.)
Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Woodworth, which teaches using barcodes \ visual codes to authorize configuration of a device that was not known (Abstract & [0012]), with Paiuk, which also teaches using visual codes to authenticate an unknown device (Abstract, fig. 7, & [0104]), and additionally teaches using a server to authenticate the unknown device based on the known device 402 and unknown device 408 providing images of the visual codes to the server for comparison (fig. 7 & [0104]), with Tsou, which also teaches authentication \ verification using visual codes ([0019]), and additionally teaches the use of random information to generate the visual code \ QR code ([0045]), with Ilincic, which also teaches authentication of untrusted devices using QR codes (Title & Abstract), and additionally teaches ceasing of display of QR codes based on receiving a signal from the device requesting the QR code (Claim 4). One of ordinary skill in the art would have been motivated to perform such an addition to provide Woodworth, Paiuk and Tsou with the added ability to stop displaying visual codes in response to a signal from another device, as taught by Ilincic, for the purpose of increasing security by not displaying an authentication code for any longer than needed.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN WILLIAM AVERY whose telephone number is (571) 272-3942. The examiner can normally be reached on 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/B.W.A./
/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495