Prosecution Insights
Last updated: July 17, 2026
Application No. 19/018,673

WIRELESS NETWORK PROVISIONING USING A PRE-SHARED KEY

Non-Final OA §103
Filed
Jan 13, 2025
Priority
Sep 30, 2019 — provisional 62/908,221 +3 more
Examiner
LANE, GREGORY A
Art Unit
Tech Center
Assignee
DISH Network LLC
OA Round
1 (Non-Final)
75%
Grant Probability
Favorable
1-2
OA Rounds
1y 10m
Est. Remaining
74%
With Interview

Examiner Intelligence

Grants 75% — above average
75%
Career Allowance Rate
447 granted / 599 resolved
+14.6% vs TC avg
Minimal -0% lift
Without
With
+-0.3%
Interview Lift
resolved cases with interview
Typical timeline
3y 4m
Avg Prosecution
16 currently pending
Career history
621
Total Applications
across all art units

Statute-Specific Performance

§101
0.7%
-39.3% vs TC avg
§103
97.3%
+57.3% vs TC avg
§102
1.3%
-38.7% vs TC avg
§112
0.1%
-39.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 599 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 1. The following is a non-Final Office Action in response to applicant’s arguments/filing filed on January 13, 2025 Claims 1-20 are pending Examiner’s Note: Paragraph 0003 of the specification describes that an access point may be a wireless router [i.e. hardware] Information Disclosure Statement The information disclosure statement (IDS) submitted on 1/15/2026 was filed prior to the mailing date of the first office action. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. The information disclosure statement (IDS) submitted on 12/12/2025 was filed prior to the mailing date of the first office action. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. The information disclosure statement (IDS) submitted on 5/21/2025 was filed prior to the mailing date of the first office action. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Drawings Acknowledgment is made of applicant’s drawings submitted on 1/13/2025. Oath/Declaration Acknowledgment is made of applicant’s oath submitted on 1/13/2025 Application Data Sheet Acknowledgment is made of applicant’s application data sheet submitted on 1/13/2025. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/forms/. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 1-20 are rejected on the ground of nonstatutory double patenting over claims 1-20 of U. S. Patent No. 12/231,884 since the claims, if allowed, would improperly extend the "right to exclude" already granted in the patent. The subject matter claimed in the instant application is fully disclosed in the patent and is covered by the patent since the patent and the application are claiming common subject matter, as follows: Instant Application Patent 12/231,884 1. A method for wireless network provisioning, the method comprising: storing, by a provisioning system, a plurality of wireless network access profiles, wherein each wireless network access profile of the plurality of wireless network access profiles comprises: a pre-shared key (PSK); and an SSID of a wireless network; receiving, by an access point, from a wireless device, a message integrity code (MIC) and a station announcement message (SNonce), wherein the MIC and the SNonce were created by the wireless device using the PSK and the SSID; determining, by the access point, that the MIC and the SNonce is to be transmitted to the provisioning system to determine whether network access is to be granted; transmitting, by the access point, the MIC, the SNonce, and an access point announcement message (ANonce) to the provisioning system based on the determining, wherein the provisioning system is remotely located from the access point and the access point communicates with the provisioning system via the Internet; receiving, by the provisioning system, the MIC, the SNonce, and the ANonce; calculating, by the provisioning system, calculated MICs for multiple wireless network access profiles of the plurality of wireless network access profiles, wherein calculating is performed using: the ANonce and the SNonce from the access point and the PSK from a wireless network access profile of the plurality of wireless network access profiles; determining, by the provisioning system, that a first calculated MIC for a first wireless network access profile of the multiple wireless network access profiles does not match the received MIC; determining, by the provisioning system, that a second calculated MIC for a second wireless network access profile of the multiple wireless network access profiles matches the received MIC; transmitting, by the provisioning system, a value based on a pairwise master key (PMK), the PSK, or both for the second wireless network access profile to the access point in response to determining that the calculated MIC for the second wireless network access profile matches the received MIC; receiving, by the access point, the value from the provisioning system; establishing, by the access point, an encrypted communication session with the wireless device using the value; and granting, by the access point, network access to the wireless device based on the value. 2. The method for wireless network provisioning of claim 1, wherein the second wireless network access profile further comprises a unique identifier of a user. 3. The method for wireless network provisioning of claim 2, further comprising: determining, by the provisioning system, that a received unique identifier of the user matches the unique identifier of the user stored in the second wireless network access profile, wherein: the value for the second wireless network access profile is transmitted to the access point in response to determining that the received unique identifier of the user matches the unique identifier of the user stored in the second wireless network access profile. 4. The method for wireless network provisioning of claim 1, wherein the second wireless network access profile further defines a time period during which network access is permitted. 5. The method for wireless network provisioning of claim 4, further comprising: determining whether network access is to be granted based on the time period from the second wireless network access profile, wherein the access point grants network access to the wireless device based on the time period. 6. The method for wireless network provisioning of claim 1, wherein the second wireless network access profile further defines a bandwidth restriction. 7. The method for wireless network provisioning of claim 6, wherein the access point grants network access to the wireless device based on the bandwidth restriction. 8. The method for wireless network provisioning of claim 1, further comprising: transmitting, by the access point, a MAC address for the wireless device to the provisioning system; and storing, by the provisioning system, the MAC address in association with the second wireless network access profile. 9. The method for wireless network provisioning of claim 1, further comprising: determining, by the provisioning system, that the second wireless network access profile is being used for network access for a first time based upon an indication stored as part of the second wireless network access profile; in response to determining that the second wireless network access profile is being used for the first time, cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the data is performed based on receiving assent to the terms of service; and in response to receiving the assent to the terms of service presented by the wireless device, modifying, by the provisioning system, the indication stored as part of the second wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the second wireless network access profile. 10. A system for wireless network provisioning, the system comprising: an access point that provides wireless devices with Internet access and is configured to: receive, from a wireless device, a message integrity code (MIC) and a station announcement message (SNonce), wherein the MIC and the SNonce were created by the wireless device using a pre-shared key (PSK) and a service set identifier (SSID); determine that the MIC and the SNonce is to be transmitted to a provisioning system to determine whether network access is to be granted; transmit the MIC, the SNonce, and an access point announcement message (ANonce) to the provisioning system based on the determining, wherein the provisioning system is remotely located from the access point and the access point communicates with the provisioning system via the Internet; and the provisioning system that communicates with the access point, wherein the provisioning system is an internet-connected server system, the provisioning system configured to:store a plurality of wireless network access profiles, wherein each wireless network access profile of the plurality of wireless network access profiles comprises: the PSK; and the SSID of a wireless network; receive the MIC, the SNonce, and the ANonce from the access point; calculate a calculated MIC for a wireless network access profile of the plurality of wireless network access profiles, wherein calculating is performed using: the ANonce and the SNonce from the access point and the PSK from the wireless network access profile; determine that the calculated MIC for the wireless network access profile matches the received MIC; and transmit a value based on a pairwise master key (PMK), the PSK, or both for the wireless network access profile to the access point in response to determining that the calculated MIC for the wireless network access profile matches the received MIC; wherein the access point is further configured to:  receive the value from the provisioning system;  establish an encrypted communication session with the wireless device using the value; and  grant network access to the wireless device based on the value. 11. The system for wireless network provisioning of claim 10, wherein the wireless network access profile further comprises a stored unique identifier of a user. 12. The system for wireless network provisioning of claim 11, wherein the provisioning system is further configured to: request a unique identifier from the wireless device; receive the unique identifier from the wireless device; and compare the unique identifier to the stored unique identifier that is part of the wireless network access profile, wherein providing network access is conditional on the unique identifier matching the stored unique identifier of the wireless network access profile. 13. The system for wireless network provisioning of claim 10, wherein the wireless network access profile further defines a time period during which network access is permitted. 14. The system for wireless network provisioning of claim 13, wherein the access point is further configured to: determine whether network access is to be granted based on the time period from the wireless network access profile. 15. The system for wireless network provisioning of claim 10, wherein the wireless network access profile further defines a bandwidth restriction. 16. The system for wireless network provisioning of claim 15, wherein the access point is further configured to grant network access in accordance with the bandwidth restriction from the wireless network access profile. 17. The system for wireless network provisioning of claim 10, wherein the provisioning system is further configured to store a MAC address of the wireless device in association with the wireless network access profile. 18. The system for wireless network provisioning of claim 10, further comprising the wireless device. 19. The system for wireless network provisioning of claim 18, wherein the provisioning system is further configured to: determine that the wireless network access profile is being used for network access for a first time based upon an indication stored as part of the wireless network access profile; in response to determining that the wireless network access profile is being used for the first time, cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the value is performed based on receiving assent to the terms of service; and in response to receiving the assent to the terms of service presented by the wireless device, modify the indication stored as part of the wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the wireless network access profile. 20. The system for wireless network provisioning of claim 19, wherein the PSK is never transmitted from the wireless device to the access point. 1. A method for wireless network provisioning, the method comprising: storing, by a cloud-based provisioning system, a plurality of wireless network access profiles, wherein each wireless network access profile of the plurality of wireless network access profiles comprises: a pre-shared key (PSK); and an SSID of a wireless network; receiving, by an access point, from a wireless device, a message integrity code (MIC) and a station announcement message (SNonce), wherein the MIC and the SNonce were created by the wireless device using the PSK and the SSID; determining, by the access point, that the MIC and the SNonce is to be transmitted to the cloud-based provisioning system to determine whether network access is to be granted; transmitting, by the access point, the MIC, the SNonce, and an access point announcement message (ANonce) to the cloud-based provisioning system based on the determining, wherein the cloud-based provisioning system is remotely located from the access point and the access point communicates with the cloud-based provisioning system via the Internet; receiving, by the cloud-based provisioning system, the MIC, the SNonce, and the ANonce; calculating, by the cloud-based provisioning system, calculated MICs for multiple wireless network access profiles of the plurality of wireless network access profiles, wherein calculating is performed using: the ANonce and the SNonce from the access point and the PSK from a wireless network access profile of the plurality of wireless network access profiles; determining, by the cloud-based provisioning system, that a first calculated MIC for a first wireless network access profile of the multiple wireless network access profiles does not match the received MIC; determining, by the cloud-based provisioning system, that a second calculated MIC for a second wireless network access profile of the multiple wireless network access profiles matches the received MIC; transmitting, by the cloud-based provisioning system, a pairwise master key (PMK) for the second wireless network access profile to the access point in response to determining that the calculated MIC for the second wireless network access profile matches the received MIC; receiving, by the access point, the PMK from the cloud-based provisioning system; establishing, by the access point, an encrypted communication session with the wireless device using the PMK; and granting, by the access point, network access to the wireless device based on the PMK. 2. The method for wireless network provisioning of claim 1, wherein the second wireless network access profile further comprises a unique identifier of a user. 3. The method for wireless network provisioning of claim 2, further comprising: determining, by the cloud-based provisioning system, that a received unique identifier of the user matches the unique identifier of the user stored in the second wireless network access profile, wherein: the PMK for the second wireless network access profile is transmitted to the access point in response to determining that the received unique identifier of the user matches the unique identifier of the user stored in the second wireless network access profile. 4. The method for wireless network provisioning of claim 1, wherein the second wireless network access profile further defines a time period during which network access is permitted. 5. The method for wireless network provisioning of claim 4, further comprising: determining whether network access is to be granted based on the time period from the second wireless network access profile, wherein the access point grants network access to the wireless device based on the time period. 6. The method for wireless network provisioning of claim 1, wherein the second wireless network access profile further defines a bandwidth restriction. 7. The method for wireless network provisioning of claim 6, wherein the access point grants network access to the wireless device based on the bandwidth restriction. 8. The method for wireless network provisioning of claim 1, further comprising: transmitting, by the access point, a MAC address for the wireless device to the cloud-based provisioning system; and storing, by the cloud-based provisioning system, the MAC address in association with the second wireless network access profile. 9. The method for wireless network provisioning of claim 1, further comprising: determining, by the cloud-based provisioning system, that the second wireless network access profile is being used for network access for a first time based upon an indication stored as part of the second wireless network access profile; in response to determining that the second wireless network access profile is being used for the first time, cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the PMK is performed based on receiving assent to the terms of service; and in response to receiving the assent to the terms of service presented by the wireless device, modifying, by the cloud-based provisioning system, the indication stored as part of the second wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the second wireless network access profile. 10. A system for wireless network provisioning, the system comprising: an access point that provides wireless devices with Internet access and is configured to: receive, from a wireless device, a message integrity code (MIC) and a station announcement message (SNonce), wherein the MIC and the SNonce were created by the wireless device using a pre-shared key (PSK) and a service set identifier (SSID); determine that the MIC and the SNonce is to be transmitted to a cloud-based provisioning system to determine whether network access is to be granted; transmit the MIC, the SNonce, and an access point announcement message (ANonce) to the cloud-based provisioning system based on the determining, wherein the cloud-based provisioning system is remotely located from the access point and the access point communicates with the cloud-based provisioning system via the Internet; and a cloud-based provisioning system that communicates with the access point, wherein the cloud-based provisioning system is an internet-connected server system, the cloud-based provisioning system configured to: store a plurality of wireless network access profiles, wherein each wireless network access profile of the plurality of wireless network access profiles comprises: the PSK; and the SSID of a wireless network; receive the MIC, the SNonce, and the ANonce from the access point; calculate a calculated MIC for a wireless network access profile of the plurality of wireless network access profiles, wherein calculating is performed using: the ANonce and the SNonce from the access point and the PSK from the wireless network access profile; determine that the calculated MIC for the wireless network access profile matches the received MIC; and transmit a pairwise master key (PMK) for the wireless network access profile to the access point in response to determining that the calculated MIC for the wireless network access profile matches the received MIC; wherein the access point is further configured to: receive the PMK from the cloud-based provisioning system; establish an encrypted communication session with the wireless device using the PMK; and grant network access to the wireless device based on the PMK. 11. The system for wireless network provisioning of claim 10, wherein the wireless network access profile further comprises a stored unique identifier of a user. 12. The system for wireless network provisioning of claim 11, wherein the cloud-based provisioning system is further configured to: request a unique identifier from the wireless device; receive the unique identifier from the wireless device; and compare the unique identifier to the stored unique identifier that is part of the wireless network access profile, wherein providing network access is conditional on the unique identifier matching the stored unique identifier of the wireless network access profile. 13. The system for wireless network provisioning of claim 10, wherein the wireless network access profile further defines a time period during which network access is permitted. 14. The system for wireless network provisioning of claim 13, wherein the access point is further configured to: determine whether network access is to be granted based on the time period from the wireless network access profile. 15. The system for wireless network provisioning of claim 10, wherein the wireless network access profile further defines a bandwidth restriction. 16. The system for wireless network provisioning of claim 15, wherein the access point is further configured to grant network access in accordance with the bandwidth restriction from the wireless network access profile. 17. The system for wireless network provisioning of claim 10, wherein the cloud-based provisioning system is further configured to store a MAC address of the wireless device in association with the wireless network access profile. 18. The system for wireless network provisioning of claim 10, further comprising the wireless device. 19. The system for wireless network provisioning of claim 18, wherein the cloud-based provisioning system is further configured to: determine that the wireless network access profile is being used for network access for a first time based upon an indication stored as part of the wireless network access profile; in response to determining that the wireless network access profile is being used for the first time, cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the PMK is performed based on receiving assent to the terms of service; and in response to receiving the assent to the terms of service presented by the wireless device, modify the indication stored as part of the wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the wireless network access profile. 20. The system for wireless network provisioning of claim 19, wherein the PSK is never transmitted between the wireless device and the access point. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-8 and 10-18 are rejected under 35 U.S.C. 103 as being unpatentable over US 20170230824, Li in view of US 20060067526, Faccin In regards to claim 1, Li teaches a method for wireless network provisioning, the method comprising: storing, by a provisioning system, a plurality of wireless network access profiles, wherein each wireless network access profile of the plurality of wireless network access profiles(US 20170230824, Li, para. 0026, Thus, a wireless access point or other network device may store multiple valid keys, such as PSKs, PMKs, or other data derived from the preshared keys, with each key associated with a different client or group of clients) comprises:a pre-shared key (PSK) (US 20170230824, Li, para. 0026, each client may be assigned its own exclusive preshared key.); andan SSID of a wireless network(US 20170230824, Li, para. 0039, The indexes are also used to generate a large numbers of passwords (to derive a bunch of PSKs) for guest clients. The “secret” is a shared secret among all wireless access points for generating the same password for the same user. The “location” is used to distinguish the HQ and branches for large companies. The “SSID” is the SSID the PSKs will apply to.);receiving, by an access point, from a wireless device, a message integrity code (MIC) and a station announcement message (SNonce), wherein the MIC and the SNonce were created by the wireless device using the PSK and the SSID(US 20170230824, Li, para. 0048, the access point 235 sends a first message 215 including an A-Nonce to the client. The client 230 response with a second message 217 including an S-Nonce and a MIC created using a PMK derived from the preshared key.);determining, by the access point, that the MIC and the SNonce is to be transmitted to the provisioning system to determine whether network access is to be granted(US 20170230824, Li, para. Fig. 3, para. 0053-0055: [0053]- The client 335 response with a second message 342 including an S-Nonce and a MIC created using a PMK derived from the preshared key. In response to the second message 342, the wireless access point 320 or other network device will traverse list of PSKs or PMKs to match the received MIC with a validation MIC, thereby identifying the specific key used by the guest. [0054]- After the client's key is found, the wireless access point 320 will provide the username and password corresponding to the identified PSK or PMK to the RADIUS server 307 to do RADIUS authentication using PAP, CHAP, MSCHAPv2, EAP, or any other authentication technique. [0055]- If the RADIUS authentication succeeds, the wireless access point 320 will continue the 4-way handshake by sending the third message 344 to the client device 335. The client device 335 will reply fourth message 346 to complete the 4-way handshake.); calculating, by the provisioning system, calculated MICs for multiple wireless network access profiles of the plurality of wireless network access profiles(US 20170230824, Li, para. 0048, The client 230 response with a second message 217 including an S-Nonce and a MIC created using a PMK derived from the preshared key.), wherein calculating is performed using:the ANonce and the SNonce from the access point and the PSK from a wireless network access profile of the plurality of wireless network access profiles(US 20170230824, Li, para. 0023, 0024, and 0025: [0023]- Using the S-Nonce and the A-Nonce, the client generates a copy of a pairwise transient key (PTK), which will be used to encrypt future communications with the network. In an embodiment, the pairwise transient key is determined using a hash of the A-Nonce, S-Nonce, and other data, such as the PMK. For example, PTK=SHA1(PMK, client MAC, wireless access point MAC, A-Nonce, S-Nonce).; [0024]- An embodiment of the invention divides the PTK into four separate keys, each of which is used for different purposes: EAPOL-MIC key, EAPOL-Encr key, Data-MIC key and Data-Encr key (for AES, the Data-MIC key and the Data_Encr key are the same). [0025]- In an embodiment, the MIC is calculated by applying the EAPOL-MIC key, which is part of the PTK, to the other contents of the second message,);determining, by the provisioning system, that a first calculated MIC for a first wireless network access profile of the multiple wireless network access profiles does not match the received MIC(US 20170230824, Li, para. 0030, if the verification MIC does not match the MIC provided by the client in the second message, then method 100 returns to step 120 and the wireless access point or other network device selects another preshared key or PMK from its list, derives a new corresponding PTK and verification MIC in step 125, and compares the new verification MIC with the MIC included in the second message in decision block 130.);determining, by the provisioning system, that a second calculated MIC for a second wireless network access profile of the multiple wireless network access profiles matches the received MIC(US 20170230824, Li, para. 0030, if the verification MIC does not match the MIC provided by the client in the second message, then method 100 returns to step 120 and the wireless access point or other network device selects another preshared key or PMK from its list, derives a new corresponding PTK and verification MIC in step 125, and compares the new verification MIC with the MIC included in the second message in decision block 130. The steps 120, 125, and 130 may be repeated until the verification MIC matches the MIC provided in the second message.);transmitting, by the provisioning system, a value based on a pairwise master key (PMK), the PSK, or both for the second wireless network access profile to the access point in response to determining that the calculated MIC for the second wireless network access profile matches the received MIC(US 20170230824, Li, para. 0029, In decision block 130, the wireless access point or other network device compares the verification MIC with the MIC included in the second message by the client. If the verification MIC matches the MIC included by the client in the second message, then the wireless access point or other network device has successfully identified the preshared key and corresponding PMK and PTK used by the client. An embodiment of method 100 may then proceed to step 135 to complete the authentication process. The wireless access point or other network device can then communicate with the client using the PTK derived from the selected preshared key or PMK.);receiving, by the access point, the value from the provisioning system(US 20170230824, Li, para. 0045, The guest manager application 210 then distributes 208 these PSKs, or derived PMKs, to one or more wireless access points, including wireless access point 235 or other network devices to prepare them to receive connections from clients.);establishing, by the access point, an encrypted communication session with the wireless device using the value(US 20170230824, Li, para. 0023, Using the S-Nonce and the A-Nonce, the client generates a copy of a pairwise transient key (PTK), which will be used to encrypt future communications with the network. In an embodiment, the pairwise transient key is determined using a hash of the A-Nonce, S-Nonce, and other data, such as the PMK. For example, PTK=SHA1(PMK, client MAC, wireless access point MAC, A-Nonce, S-Nonce); andgranting, by the access point, network access to the wireless device based on the value(US 20170230824, Li, para. 0029, If the verification MIC matches the MIC included by the client in the second message, then the wireless access point or other network device has successfully identified the preshared key and corresponding PMK and PTK used by the client. An embodiment of method 100 may then proceed to step 135 to complete the authentication process. The wireless access point or other network device can then communicate with the client using the PTK derived from the selected preshared key or PMK.); Li does not teach transmitting, by the access point, the MIC, the SNonce, and an access point announcement message (ANonce) to the provisioning system based on the determining, wherein the provisioning system is remotely located from the access point and the access point communicates with the provisioning system via the Internet;receiving, by the provisioning system, the MIC, the SNonce, and the ANonce However, Faccin teaches transmitting, by the access point, the MIC, the SNonce, and an access point announcement message (ANonce) to the provisioning system based on the determining, wherein the provisioning system is remotely located from the access point and the access point communicates with the provisioning system via the Internet(US 20060067526, Faccin, para. 0063 and fig. 5A, STA 520 generates and transmits a FT Action Request (Act Req) comprising an EAPOL-Key frame 705c to a target or candidate transition AP 541 that has previously been detected by STA 520 (step 710c1 and c2) by way of current AP 540. The Action Request may include SNonce, ANonce, and MIC values and EAPOL-Key frame 705.[i.e. note: the action request is sent to a target AP from the current AP]);receiving, by the provisioning system, the MIC, the SNonce, and the ANonce(US 20060067526, Faccin, para. 0064, On receipt of EAPOL-Key frame 705, target transition AP 541 may validate the ANonce read from the request message received in step 710c2, compute a PTK using ANonce 560 obtained or generated by AP 541 and the SNonce value read from EAPOL-Key frame 705, and validate MIC read from EAPOL-Key frame 705 (step 712c).). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Li with the teaching of Faccin because a user would have been motivated to use fast BSS transition enabled access points, taught by Faccin, in order to minimize transition times in the network for communication signals taught by Li (Faccin, para. 0035). In regards to claim 2, the combination of Li and Faccin teach the method for wireless network provisioning of claim 1, wherein the second wireless network access profile further comprises a unique identifier of a user(US 20170230824, Li, para. 0064, The client responds with a second message 534 including an S-Nonce and a MIC created using a PMK derived from the preshared key. In response to the second message 534, the wireless access point 520 will traverse the stored PSKs or PMKs to match the received MIC with a validation MIC, thereby identifying the specific key used by the guest user device 530.). In regards to claim 3, the combination of Li and Faccin teach the method for wireless network provisioning of claim 2, further comprising:determining, by the provisioning system, that a received unique identifier of the user matches the unique identifier of the user stored in the second wireless network access profile(US 20170230824, Li, para. 0029, In decision block 130, the wireless access point or other network device compares the verification MIC with the MIC included in the second message by the client. If the verification MIC matches the MIC included by the client in the second message, then the wireless access point or other network device has successfully identified the preshared key and corresponding PMK and PTK used by the client. An embodiment of method 100 may then proceed to step 135 to complete the authentication process.), wherein:the value for the second wireless network access profile is transmitted to the access point in response to determining that the received unique identifier of the user matches the unique identifier of the user stored in the second wireless network access profile(US 20170230824, Li, para. 0045,a network administrator 205 will create a set (for example, 1024) of username/password pairs, derives PSKs from these pairs, and save the PSKs. In an embodiment, the pregenerated preshared keys are saved 207 in a preshared key database associated with a guest manager application 210. The guest manager application 210 then distributes 208 these PSKs, or derived PMKs, to one or more wireless access points, including wireless access point 235 or other network devices to prepare them to receive connections from clients.). In regards to claim 4, the combination of Li and Faccin teach the method for wireless network provisioning of claim 1, wherein the second wireless network access profile further defines a time period during which network access is permitted(US 20170230824, Li, para. 0067, In a further embodiment, PSKs may be assigned creation times and expiration times. In an embodiment, these assigned times are stored by wireless access points in addition to their respective PSKs or PMKs. Upon receiving a second message from a client during the 4-way authentication and identifying the PSK or PMK used by the client, an embodiment of the invention compares the current time with the creation and expiration times associated with the PSK or PMK. If the current time is between the creation and expiration times, then authentication proceeds; otherwise the authorization fails and the client is disassociated from the wireless access point.). In regards to claim 5, the combination of Li and Faccin teach the method for wireless network provisioning of claim 4, further comprising:determining whether network access is to be granted based on the time period from the second wireless network access profile, wherein the access point grants network access to the wireless device based on the time period(US 20170230824, Li, para. 0067, If the current time is between the creation and expiration times, then authentication proceeds; otherwise the authorization fails and the client is disassociated from the wireless access point.). In regards to claim 6, the combination of Li and Faccin teach the method for wireless network provisioning of claim 1, wherein the second wireless network access profile further defines a bandwidth restriction(US 20170230824, Li, para. 0056, After the customer exhausts their time or bandwidth, the client device 335 of the guest user 330 will be disassociated from the wireless access point 320.). In regards to claim 7, the combination of Li and Faccin teach the method for wireless network provisioning of claim 6, wherein the access point grants network access to the wireless device based on the bandwidth restriction(US 20170230824, Li, para. 0056, The wireless access point 320 will send accounting start message 348 to an accounting server 350, which is optionally embedded in the guest manager application 310, to count the time or bandwidth used by the guest user 330. After the customer exhausts their time or bandwidth, the client device 335 of the guest user 330 will be disassociated from the wireless access point 320.[i.e. note: association to the access point is maintained if the bandwidth has not been exhausted]). In regards to claim 8, the combination of Li and Faccin teach the method for wireless network provisioning of claim 1, further comprising:transmitting, by the access point, a MAC address for the wireless device to the provisioning system(US 20170230824, Li, para. 0070, In a further embodiment, upon successfully identifying a client's assigned PSK, a wireless access point or other network device forwards the client's MAC address or other identifier, such as a user name, to a roaming cache data structure accessible to other wireless access points or other devices.); andstoring, by the provisioning system, the MAC address in association with the second wireless network access profile(US 20170230824, Li, para. 0071, a wireless access point or other network device can use a roaming cache to store previously connected clients' MAC addresses or other identifiers and their associations with PSKs or PMKs.). In regards to claim 10, Li teaches a system for wireless network provisioning, the system comprising: an access point that provides wireless devices with Internet access and is configured to:receive, from a wireless device, a message integrity code (MIC) and a station announcement message (SNonce), wherein the MIC and the SNonce were created by the wireless device using a pre-shared key (PSK) and a service set identifier (SSID) (US 20170230824, Li, para. 0048, the access point 235 sends a first message 215 including an A-Nonce to the client. The client 230 response with a second message 217 including an S-Nonce and a MIC created using a PMK derived from the preshared key.); determine that the MIC and the SNonce is to be transmitted to a provisioning system to determine whether network access is to be granted(US 20170230824, Li, para. Fig. 3, para. 0053-0055: [0053]- The client 335 response with a second message 342 including an S-Nonce and a MIC created using a PMK derived from the preshared key. In response to the second message 342, the wireless access point 320 or other network device will traverse list of PSKs or PMKs to match the received MIC with a validation MIC, thereby identifying the specific key used by the guest. [0054]- After the client's key is found, the wireless access point 320 will provide the username and password corresponding to the identified PSK or PMK to the RADIUS server 307 to do RADIUS authentication using PAP, CHAP, MSCHAPv2, EAP, or any other authentication technique. [0055]- If the RADIUS authentication succeeds, the wireless access point 320 will continue the 4-way handshake by sending the third message 344 to the client device 335. The client device 335 will reply fourth message 346 to complete the 4-way handshake.); and the provisioning system that communicates with the access point, wherein the provisioning system is an internet-connected server system, the provisioning system configured to:store a plurality of wireless network access profiles, wherein each wireless network access profile of the plurality of wireless network access profiles(US 20170230824, Li, para. 0026, Thus, a wireless access point or other network device may store multiple valid keys, such as PSKs, PMKs, or other data derived from the preshared keys, with each key associated with a different client or group of clients) comprises:the PSK(US 20170230824, Li, para. 0026, each client may be assigned its own exclusive preshared key.); andthe SSID of a wireless network(US 20170230824, Li, para. 0039, The indexes are also used to generate a large numbers of passwords (to derive a bunch of PSKs) for guest clients. The “secret” is a shared secret among all wireless access points for generating the same password for the same user. The “location” is used to distinguish the HQ and branches for large companies. The “SSID” is the SSID the PSKs will apply to.);calculate a calculated MIC for a wireless network access profile of the plurality of wireless network access profiles(US 20170230824, Li, para. 0048, The client 230 response with a second message 217 including an S-Nonce and a MIC created using a PMK derived from the preshared key.), wherein calculating is performed using:the ANonce and the SNonce from the access point and the PSK from the wireless network access profile(US 20170230824, Li, para. 0023, 0024, and 0025: [0023]- Using the S-Nonce and the A-Nonce, the client generates a copy of a pairwise transient key (PTK), which will be used to encrypt future communications with the network. In an embodiment, the pairwise transient key is determined using a hash of the A-Nonce, S-Nonce, and other data, such as the PMK. For example, PTK=SHA1(PMK, client MAC, wireless access point MAC, A-Nonce, S-Nonce).; [0024]- An embodiment of the invention divides the PTK into four separate keys, each of which is used for different purposes: EAPOL-MIC key, EAPOL-Encr key, Data-MIC key and Data-Encr key (for AES, the Data-MIC key and the Data_Encr key are the same). [0025]- In an embodiment, the MIC is calculated by applying the EAPOL-MIC key, which is part of the PTK, to the other contents of the second message,);determine that the calculated MIC for the wireless network access profile matches the received MIC(US 20170230824, Li, para. 0030, if the verification MIC does not match the MIC provided by the client in the second message, then method 100 returns to step 120 and the wireless access point or other network device selects another preshared key or PMK from its list, derives a new corresponding PTK and verification MIC in step 125, and compares the new verification MIC with the MIC included in the second message in decision block 130. The steps 120, 125, and 130 may be repeated until the verification MIC matches the MIC provided in the second message.); andtransmit a value based on a pairwise master key (PMK), the PSK, or both for the wireless network access profile to the access point in response to determining that the calculated MIC for the wireless network access profile matches the received MIC(US 20170230824, Li, para. 0029, In decision block 130, the wireless access point or other network device compares the verification MIC with the MIC included in the second message by the client. If the verification MIC matches the MIC included by the client in the second message, then the wireless access point or other network device has successfully identified the preshared key and corresponding PMK and PTK used by the client. An embodiment of method 100 may then proceed to step 135 to complete the authentication process. The wireless access point or other network device can then communicate with the client using the PTK derived from the selected preshared key or PMK.); wherein the access point is further configured to:receive the value from the provisioning system(US 20170230824, Li, para. 0045, The guest manager application 210 then distributes 208 these PSKs, or derived PMKs, to one or more wireless access points, including wireless access point 235 or other network devices to prepare them to receive connections from clients.);establish an encrypted communication session with the wireless device using the value(US 20170230824, Li, para. 0023, Using the S-Nonce and the A-Nonce, the client generates a copy of a pairwise transient key (PTK), which will be used to encrypt future communications with the network. In an embodiment, the pairwise transient key is determined using a hash of the A-Nonce, S-Nonce, and other data, such as the PMK. For example, PTK=SHA1(PMK, client MAC, wireless access point MAC, A-Nonce, S-Nonce); and grant network access to the wireless device based on the value(US 20170230824, Li, para. 0029, If the verification MIC matches the MIC included by the client in the second message, then the wireless access point or other network device has successfully identified the preshared key and corresponding PMK and PTK used by the client. An embodiment of method 100 may then proceed to step 135 to complete the authentication process. The wireless access point or other network device can then communicate with the client using the PTK derived from the selected preshared key or PMK.); Li does not teach transmit the MIC, the SNonce, and an access point announcement message (ANonce) to the provisioning system based on the determining, wherein the provisioning system is remotely located from the access point and the access point communicates with the provisioning system via the Internet; receive the MIC, the SNonce, and the ANonce from the access point. However, Faccin teaches transmit the MIC, the SNonce, and an access point announcement message (ANonce) to the provisioning system based on the determining, wherein the provisioning system is remotely located from the access point and the access point communicates with the provisioning system via the Internet(US 20060067526, Faccin, para. 0063 and fig. 5A, STA 520 generates and transmits a FT Action Request (Act Req) comprising an EAPOL-Key frame 705c to a target or candidate transition AP 541 that has previously been detected by STA 520 (step 710c1 and c2) by way of current AP 540. The Action Request may include SNonce, ANonce, and MIC values and EAPOL-Key frame 705.[i.e. note: the action request is sent to a target AP from the current AP]); receive the MIC, the SNonce, and the ANonce from the access point(US 20060067526, Faccin, para. 0064, On receipt of EAPOL-Key frame 705, target transition AP 541 may validate the ANonce read from the request message received in step 710c2, compute a PTK using ANonce 560 obtained or generated by AP 541 and the SNonce value read from EAPOL-Key frame 705, and validate MIC read from EAPOL-Key frame 705 (step 712c).) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Li with the teaching of Faccin because a user would have been motivated to use fast BSS transition enabled access points, taught by Faccin, in order to minimize transition times in the network for communication signals taught by Li (Faccin, para. 0035). In regards to claim 11, the combination of Li and Faccin teach the system for wireless network provisioning of claim 10, wherein the wireless network access profile further comprises a stored unique identifier of a user(US 20170230824, Li, para. 0064, The client responds with a second message 534 including an S-Nonce and a MIC created using a PMK derived from the preshared key. In response to the second message 534, the wireless access point 520 will traverse the stored PSKs or PMKs to match the received MIC with a validation MIC, thereby identifying the specific key used by the guest user device 530.). In regards to claim 12, the combination of Li and Faccin teach the system for wireless network provisioning of claim 11, wherein the provisioning system is further configured to:request a unique identifier from the wireless device(US 20170230824, Li, para. 0022, Upon a client connecting or associating with one of the wireless access points or other network devices of the network, in step 110 the wireless access point begins the 4-way handshake[i.e. note: requesting step] by sending a first message to the client.);receive the unique identifier from the wireless device(US 20170230824, Li, para. 0027, Upon receiving the second message from a client that includes a S-Nonce and MIC,); andcompare the unique identifier to the stored unique identifier that is part of the wireless network access profile, wherein providing network access is conditional on the unique identifier matching the stored unique identifier of the wireless network access profile(US 20170230824, Li, para. 0029, In decision block 130, the wireless access point or other network device compares the verification MIC with the MIC included in the second message by the client. If the verification MIC matches the MIC included by the client in the second message, then the wireless access point or other network device has successfully identified the preshared key and corresponding PMK and PTK used by the client. An embodiment of method 100 may then proceed to step 135 to complete the authentication process.). In regards to claim 13, the combination of Li and Faccin teach the system for wireless network provisioning of claim 10, wherein the wireless network access profile further defines a time period during which network access is permitted(US 20170230824, Li, para. 0067, In a further embodiment, PSKs may be assigned creation times and expiration times. In an embodiment, these assigned times are stored by wireless access points in addition to their respective PSKs or PMKs. Upon receiving a second message from a client during the 4-way authentication and identifying the PSK or PMK used by the client, an embodiment of the invention compares the current time with the creation and expiration times associated with the PSK or PMK. If the current time is between the creation and expiration times, then authentication proceeds; otherwise the authorization fails and the client is disassociated from the wireless access point.). In regards to claim 14, the combination of Li and Faccin teach the system for wireless network provisioning of claim 13, wherein the access point is further configured to:determine whether network access is to be granted based on the time period from the wireless network access profile(US 20170230824, Li, para. 0067, If the current time is between the creation and expiration times, then authentication proceeds; otherwise the authorization fails and the client is disassociated from the wireless access point.). In regards to claim 15, the combination of Li and Faccin teach the system for wireless network provisioning of claim 10, wherein the wireless network access profile further defines a bandwidth restriction(US 20170230824, Li, para. 0056, After the customer exhausts their time or bandwidth, the client device 335 of the guest user 330 will be disassociated from the wireless access point 320.). In regards to claim 16, the combination of Li and Faccin teach the system for wireless network provisioning of claim 15, wherein the access point is further configured to grant network access in accordance with the bandwidth restriction from the wireless network access profile(US 20170230824, Li, para. 0056, The wireless access point 320 will send accounting start message 348 to an accounting server 350, which is optionally embedded in the guest manager application 310, to count the time or bandwidth used by the guest user 330. After the customer exhausts their time or bandwidth, the client device 335 of the guest user 330 will be disassociated from the wireless access point 320.[i.e. note: association to the access point is maintained if the bandwidth has not been exhausted]). In regards to claim 17, the combination of Li and Faccin teach the system for wireless network provisioning of claim 10, wherein the provisioning system is further configured to store a MAC address of the wireless device in association with the wireless network access profile(US 20170230824, Li, para. 0071, a wireless access point or other network device can use a roaming cache to store previously connected clients' MAC addresses or other identifiers and their associations with PSKs or PMKs.). In regards to claim 18, the combination of Li and Faccin teach the system for wireless network provisioning of claim 10, further comprising the wireless(US 20170230824, Li, para. 0019, An embodiment of the invention also includes a modified authentication and handshake technique for network devices, such as wireless access points, to identify and authenticate the different preshared keys provided by client devices.). Claims 9 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20170230824, Li in view of US 20060067526, Faccin and further in view of US 20110243553, Russell In regards to claim 9, the combination of Li and Faccin teach the method for wireless network provisioning of claim 1, further comprising:determining, by the provisioning system, that the second wireless network access profile is being used for network access for a first time based upon an indication stored as part of the second wireless network access profile(US 20170230824, Li, para. 0067, In a further embodiment, PSKs may be assigned creation times and expiration times. In an embodiment, these assigned times are stored by wireless access points in addition to their respective PSKs or PMKs. Upon receiving a second message from a client during the 4-way authentication and identifying the PSK or PMK used by the client, an embodiment of the invention compares the current time with the creation and expiration times associated with the PSK or PMK.);in response to determining that the second wireless network access profile is being used for the first time(US 20170230824, Li, para. 0066, Upon establishing a connection between the guest user device 530 and the wireless access point 520, the wireless access point 520 may notify the accounting server 540 to allow tracking and possible billing for network usage.[i.e. note: determine a 1st usage]), the combination of Li and Faccin do not teach cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the data is performed based on receiving assent to the terms of service; andin response to receiving the assent to the terms of service presented by the wireless device, modifying, by the provisioning system, the indication stored as part of the second wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the second wireless network access profile However, Russell teaches cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the data is performed based on receiving assent to the terms of service(see US 20110243553, Russell, para. 0028, where terms of service are transmitted to a recipient and receiving at least one recipient’s consent to establish a secure channel); andin response to receiving the assent to the terms of service presented by the wireless device, modifying, by the provisioning system, the indication stored as part of the second wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the second wireless network access profile(see US 20110243553, Russell, para. 0028, upon verifying the end user and obtaining the consent from the recipient, the system can modify a service identity service token and issues an instruction to establish a channel between the end user and the recipient). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Li and Faccin with the teaching of Russel because a user would have been motivated to optimize the network, taught by Li and Faccin, by enabling users to customize network in order to establish a user defined, managed, and controlled network for providing SMS communications(see Russell, para. 0001). In regards to claim 19, the combination of Li and Faccin teach the system for wireless network provisioning of claim 18, wherein the provisioning system is further configured to:determine that the wireless network access profile is being used for network access for a first time based upon an indication stored as part of the wireless network access profile(US 20170230824, Li, para. 0067, In a further embodiment, PSKs may be assigned creation times and expiration times. In an embodiment, these assigned times are stored by wireless access points in addition to their respective PSKs or PMKs. Upon receiving a second message from a client during the 4-way authentication and identifying the PSK or PMK used by the client, an embodiment of the invention compares the current time with the creation and expiration times associated with the PSK or PMK.);in response to determining that the wireless network access profile is being used for the first time(US 20170230824, Li, para. 0066, Upon establishing a connection between the guest user device 530 and the wireless access point 520, the wireless access point 520 may notify the accounting server 540 to allow tracking and possible billing for network usage.[i.e. note: determine a 1st usage]), the combination of Li and Faccin do not teach cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the value is performed based on receiving assent to the terms of service; andin response to receiving the assent to the terms of service presented by the wireless device, modify the indication stored as part of the wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the wireless network access profile However, Russell teaches cause terms of service to be presented by the wireless device, wherein providing the network access to the wireless device using the value is performed based on receiving assent to the terms of service(see US 20110243553, Russell, para. 0028, where terms of service are transmitted to a recipient and receiving at least one recipient’s consent to establish a secure channel); andin response to receiving the assent to the terms of service presented by the wireless device, modify the indication stored as part of the wireless network access profile to indicate that the terms of service have been accepted such that the terms of service are not presented again in association with the wireless network access profile(see US 20110243553, Russell, para. 0028, upon verifying the end user and obtaining the consent from the recipient, the system can modify a service identity service token and issues an instruction to establish a channel between the end user and the recipient). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Li and Faccin with the teaching of Russel because a user would have been motivated to optimize the network, taught by Li and Faccin, by enabling users to customize network in order to establish a user defined, managed, and controlled network for providing SMS communications(see Russell, para. 0001). 3.) Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over US 20170230824, Li in view of US 20060067526, Faccin and further in view of US 20110243553, Russell and further in view of US 20190313246, Nix In regards to claim 20, the combination of Li, Faccin and Russell teach the system for wireless network provisioning of claim 19. the combination of Li, Faccin and Russell do not teach wherein the PSK is never transmitted from the wireless device to the access point However, Nix teaches wherein the PSK is never transmitted from the wireless device to the access point(see US 20190313246, Nix, para. 0164 and fig. 1b, where WiFi radio 108i[access point] and WiFi radio 101i use a default PSK that is not transmitted to each other). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Li, Faccin, and Russell with the teaching of Nix because a user would have been motivated to expand the use of access communication networks, taught by Li, by enabling communication between various transducers in order to form network technology comprising an Internet of Things (IoT) (see Nix, para. 0003). CONCLUSION Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY LANE whose telephone number is (571)270-7469. The examiner can normally be reached on 571 270 7469 from 8:00 AM to 6:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Taghi Arani, can be reached on 571 272 3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /GREGORY A LANE/Examiner, Art Unit 2438 /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438
Read full office action

Prosecution Timeline

Jan 13, 2025
Application Filed
Jun 16, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683797
CONDITIONAL AUTHENTICATION ACCESS CONTROL METHOD
2y 10m to grant Granted Jul 14, 2026
Patent 12671716
Machine learning to determine command and control sites
5y 0m to grant Granted Jun 30, 2026
Patent 12664315
Managing Privilege Delegation on a Server Device
4y 1m to grant Granted Jun 23, 2026
Patent 12652291
DETECTING DATA TRAFFIC ANOMALIES IN INTERNET OF THINGS (IOT) DEVICES WITH UNSUPERVISED ISOLATION FOREST (IFOREST) MODEL
2y 11m to grant Granted Jun 09, 2026
Patent 12651062
System and Method for Archive AM Scanning
2y 8m to grant Granted Jun 09, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
75%
Grant Probability
74%
With Interview (-0.3%)
3y 4m (~1y 10m remaining)
Median Time to Grant
Low
PTA Risk
Based on 599 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month