Prosecution Insights
Last updated: July 17, 2026
Application No. 19/070,353

METHODS AND SYSTEMS OF AUTHENTICATING VIDEO SURVEILLANCE DATA

Non-Final OA §103§112
Filed
Mar 04, 2025
Priority
Mar 06, 2024 — GB 2403249.2
Examiner
AVERY, BRIAN WILLIAM
Art Unit
Tech Center
Assignee
Milestone Systems A/S
OA Round
1 (Non-Final)
60%
Grant Probability
Moderate
1-2
OA Rounds
1y 9m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 60% of resolved cases
60%
Career Allowance Rate
52 granted / 86 resolved
+0.5% vs TC avg
Strong +54% interview lift
Without
With
+53.9%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
14 currently pending
Career history
118
Total Applications
across all art units

Statute-Specific Performance

§103
94.8%
+54.8% vs TC avg
§102
2.3%
-37.7% vs TC avg
§112
2.6%
-37.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 86 resolved cases

Office Action

§103 §112
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in response to the amendment filed on 03/04/2025. Claims 1-20 are currently pending in the filing of 03/04/2025, with no amendments, cancellation or addition of new claims. Information Disclosure Statements The information disclosure statement(s) (IDS) submitted on 03/04/2025 & 09/10/2025 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement(s) have been considered by the examiner. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. Claims 14 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 1 & 14 recite two instances of “a first digital signature applied to the video surveillance data package by the video management system”. The examiner will interpret the second instance of “a first digital signature applied to the video surveillance data package by the video management system” instead as “the first digital signature applied to the video surveillance data package by the video management system”. Appropriate correction is required. Claims 1 & 14 recite “a secure repository” and “the secure remote repository” which has no antecedent basis. The examiner will interpret “the secure remote repository” instead as “the secure repository”. Appropriate correction is required. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-5, 8-9, 12-18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20170344728 to Steele et al. (hereinafter Steele), in view of US 20220217533 to Drubay et al. (hereinafter Drubay). Regarding claim 1, Steele teaches, A method of authenticating a video surveillance data package from a video management system (VMS) of a video surveillance system, the method comprising the steps of: (figs. 1a & 1b teaches the system, and [0003] teaches recording device 100 / security camera generating video to provide evidence that is not manipulatable to content repository 700 which provides content to playback device 200.) a) receiving, by a computing device, a video surveillance data package generated by the video management system in a location remote to the computing device, wherein the video surveillance data package comprises media data from the video management system, an information data table, and a first digital signature applied to the video surveillance data package by the video management system; (fig. 3b teaches bundling multimedia content, metadata and hash. [0044] teaches including digital signature with multimedia content, metadata, and hash in 3240. Fig. 1b teaches content repository 700 / “location remote to the computing device”.) (Drubay, further discussed below, [0003] teaches database / “data table”.) b) calculating, by the computing device, a first hash value for the video surveillance data package received by the computing device; (Claim 19 teaches calculating a second validation hash, which is then matched with another hash. [0013] & [0023-24] teach a signature and hash / digest used to verify the decrypted information including content, including a separate key for signature.) c) comparing the first hash value of the received video surveillance data package to a second hash value, wherein the second hash value is provided by a secure repository, (fig. 1b teaches content repository 700 including content 712 & hash 716. ) the secure remote repository storing a video surveillance data package received from the video management system upon completion of the process of generating the video surveillance data package prior to step a), the video surveillance data package stored with the secure remote repository comprising at least an information data table and a first digital signature applied to the video surveillance data package by the video management system; (Claim 19 teaches verifying that the first and second validation hashes match. See also fig. 1b teaches content repository 700 including hash 716 and other data. ) d) validating the first (See discussion of claim 19. [0013] & [0023-24] teach a signature and hash / digest used to verify the decrypted information including content.) e) determining that the video surveillance data package received by the computing device is authentic based on both step c) and step d) indicating that the video surveillance data package received by the computing device is an unmodified version of the video surveillance data package generated by the video management system prior to step a). (Claim 19 as discussed above. [0013] teaches validation hash and digital signature during the encryption to detect tampering. See also [0043-44].) Steele fails to explicitly teach a digital signature including a hash that is compared to a signed hash for verification, However, Drubay teaches, d) validating the first digital signature of the video surveillance data package received by the computing device; and ([0023] teaches signature comparison to verify evidence data. [0031] teaches a hash of the data being signed.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Steele, which teaches a security camera / system ([0003]) that compares hashes of the content to verify integrity (Claim 19), with Drubay, which also teaches a video surveillance system ([0009]) and additionally explicitly teaches using signatures of a hash for verification ([0023] & [0031]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Steele with the added ability to use comparisons of digital signatures of hashes to verify data / content, as taught by Drubay, for the purpose of increasing security by using digital signatures of hashes which proved authenticity of the hash. Regarding claim 2, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, wherein the video surveillance data package received by the computing device comprises an encrypted media database and a second digital signature applied to the encrypted media database, wherein the encrypted media database includes the media data from the video management system. (Steele, fig. 3b teaches that the content, metadata, key included in the license plus the validation hash. [0043] teaches encryption of captured content, and both the encrypted and unencrypted data may be hashed. [0013] & [0023-24] teach digital signatures and hashes being used for verification.) (Drubay, [0023] teaches comparing digital signatures to validate evidence.) Regarding claim 3, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 2, further comprising the steps of: f) decrypting the received encrypted media database, and (Steele, Claim 19 teaches decrypting the content item.) g) validating the second digital signature of the received encrypted media database; wherein step e) is further based on step g). (Steele, Claim 19 teaches generating the second validation hash based on the decrypted content item and verifying that the first and second validation hashes match. [0043] teaches encryption of captured content, and both the encrypted and unencrypted data may be hashed.) Regarding claim 4, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, further comprising the step of h) receiving, by the computing device, an audit log from the secure repository, the audit log comprising a record of at least one of the following upload information, download information, viewing information and interaction information. (Steele, Abstract teaches allowing to content item to be audited. fig. 1b audit log 510 & [0035] teaches recording the authorization token which records user information such as time window and identity of user and the device that shot the video.) Regarding claim 5, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, further comprising the step of providing a portable computer-readable storage medium, wherein the portable computer-readable storage medium comprises the video surveillance data package generated by the video management system, and wherein step a) comprises accessing, by the computing device, the portable computer-readable storage medium. (Steele, [0027] & fig. 1b teaches content repository 700 storing content 712. [0028] teaches computer readable medium to implement the techniques of the secure content playback.) Regarding claim 8, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, further comprising the step of: registering the video management system with the secure repository prior to generating the video surveillance data package, wherein the step of registration comprises validating the identity of the video management system and generating a single-use secure key. (Steele, fig 2a & [0034-35] teach registering the content. Fig. 3b & [0043] teaching registering by creating content key and validation hash / “registering”.) Regarding claim 9, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, comprising the step of validating, by the secure remote repository, the video surveillance data package received from the video management system based on identity information stored in the secure remote repository. (Steele, [0023] teaches digital signature of content by recording device, which includes metadata and hash in fig. 1b, that is later verified by playback device.) (Drubay, [0021-23] & [0029-33] teaches third party service / “secure remote repository” that validates the evidence. See also [0034-35] & fig. 4. [0149] teaches broadcast server verifies the signature) Regarding claim 12, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, wherein the video surveillance data package stored in the secure repository further comprises media data from the video management system. (Steele, Fig. 1b teaches content repository 700 stores content 712.) Regarding claim 13, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 12, wherein step a) comprises transmitting, from the secure repository to the computing device, the video surveillance data package stored in the secure repository. (Steele, Fig. 1b & [0027] teaches content 710 that is sent to playback device 200.) Regarding claim 14, Steele and Drubay teach, A system for authenticating a surveillance data package, the system comprising: a computing device including a processor, memory and communication interface; and a secure repository including a processor, memory and communication interface, the secure repository being located remotely to the computing device and selectively in communication with the computing device through the respective communication interfaces; wherein the computing device comprises a computer program which, when run on the processor of the computing device, is configured to cause the computing device to: a) receive a video surveillance data package generated by a video management system in a location remote to the computing device, wherein the video surveillance data package comprises media data from the video management system, an information data table, and a first digital signature of the video surveillance data package, wherein the first digital signature of the video surveillance data package is applied by the video management system; b) calculate a first hash value of the received video surveillance data package; c) compare the first hash value of the received video surveillance data package to a second hash value, wherein the second hash value is provided by a secure repository, the secure remote repository storing a video surveillance data package received from the video management system upon completion of a process of generating the video surveillance data package prior to a), the video surveillance data package stored with the secure remote repository comprising at least an information data table and a first digital signature applied to the video surveillance data package by the video management system; d) validate the first digital signature of the video surveillance data package received by the computing device; and e) determine that the video surveillance data package received by the computing device is authentic based on both c) and d) indicating that the video surveillance data package received by the computing device is an unmodified version of the video surveillance data package generated by the video management system prior to a). Claim 14 is rejected using the same basis of arguments used to reject claim 1 above. Regarding claim 15, Steele teaches, A method of generating a video surveillance data package from a video management system for use in an authentication process using a computing device remote to the video management system, the method comprising the steps of: (figs. 1a & 1b teaches the system, and [0003] teaches recording device 100 / security camera generating video to provide evidence that is not manipulatable to content repository 700 which provides content to playback device 200.) a) establishing a connection between a video surveillance management system and a secure repository through communication interfaces in the video surveillance management system and secure repository; (Fig. 1b, recording device 100 and other components connected to content repository 700.) b) determining, at the video management system, media data to be exported; ([0027] teaches data being sent to content repository 700.) c) collecting, by the video management system, information for an information data table; (fig. 1b, content repository 700, metadata and package license.) (Drubay, further discussed below, [0003] teaches database / “data table”.) d) generating, by the video management system, a video surveillance data package based on the determined media data and the information data table; ([0027] & fig. 1b) e) applying, by the video management system, a first digital signature to the generated video surveillance data package; ([0013] & [0023-24] teach a signature and hash / digest used to verify the decrypted information including content, including a separate key for signature.)) f) transmitting a video surveillance data package comprising at least the information data table and the first digital ([0027] and fig. 1b showing content repository 700. See also rejection of claim 1.) g) storing, by the secure repository, the transmitted video surveillance data package for access by a computing device remote to the secure repository during a process of authenticating a video surveillance data package received by the computing device. ([0027] and fig. 1b showing content repository 700. See also rejection of claim 1.) Steele fails to explicitly teach a digital signature including a hash that is stored for verification, However, Drubay teaches, f) transmitting a video surveillance data package comprising at least the information data table and the first digital signature; and ([0023] teaches signature comparison to verify evidence data. [0031] teaches a hash of the data being signed.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Steele, which teaches a security camera / system ([0003]) that compares hashes of the content to verify integrity (Claim 19), with Drubay, which also teaches a video surveillance system ([0009]) and additionally explicitly teaches using signatures of a hash for verification ([0023] & [0031]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Steele with the added ability to use comparisons of digital signatures of hashes to verify data / content, as taught by Drubay, for the purpose of increasing security by using digital signatures of hashes which proved authenticity of the hash. See also rejection of claim 1, as included above. Regarding claim 16, Steele and Drubay teach, The method of generating a video surveillance data package as claimed in claim 15, wherein the video management system comprises a secure export package server and an authorisation server, (Steele, fig. 1a, authorization server 500.) (Drubay, fig. 1 teaches presence terminal 2 and broadcast server 3 corresponding to “secure export package server.”) wherein the video surveillance data package is generated as a protected resource in the secure export package server and the authorisation server controls access by the video management system to the protected resource and allows transmission to the secure repository. (Drubay, [0029-31] teach presence terminal 2a that generates encryption file from hash data and stores presence evidence. [0036-40] teach the broadcast server transmitting evidence.) Regarding claim 17, Steele and Drubay teach, The method of generating a video surveillance data package as claimed in claim 15, further comprising the steps of registering the video management system with the secure repository prior to generating the video surveillance data package, wherein the step of registration comprises validating the identity of the video management system and generating a single-use secure key, The features of claim 17 above are rejected using the same basis of arguments used to reject claim 8 above. wherein the secure repository stores registration information including at least some information identifying the video management system. (Steele, [0019] teaches signature by transmission device.) Regarding claim 18, Steele and Drubay teach, The method of generating a video surveillance data package as claimed in claim 17, further comprising the step of: validating, by the secure repository, the received copy of the video surveillance data package based on the information data table and the registration information. (Steele, [0023] teaches digital signature of content by recording device, which includes metadata and hash in fig. 1b, that is later verified by playback device.) (Drubay, [0021-23] & [0029-33] teaches third party service / “secure remote repository” that validates the evidence. See also [0034-35] & fig. 4. [0149] teaches broadcast server verifies the signature. [0003] teaches database / “data table”.) Regarding claim 20, Steele and Drubay teach, A method of generating a video surveillance data package as claimed in claim 15, further comprising the steps of: generating, by the video management system, a hash value based on the generated video surveillance data package; (Steele, fig. 1b, hash 716. [0013] teaches validation hash being created.) transmitting the hash value to the secure repository, the hash value being transmitted from the video management system through the communication interfaces to the secure repository; and ([0013] and fig. 1b.) storing, by the secure repository, the hash value for use during a process of authenticating a video surveillance data package received by the computing device. (Steele, fig. 1b, hash 716. ) Claims 6 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Steele, in view of Drubay, in view of US 20080082827 to Agrawal et al. (hereinafter Agrawal). Regarding claim 6, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 5, wherein a third hash value calculated by the video management system is provided with the video surveillance data package stored on the computer-readable storage medium, and wherein step c) comprises comparing the first hash value, second hash value . (Steele, Abstract & [0027-28] teaches computer readable medium to perform the methods of the secure multimedia content recorder and playback. [0013] & [0023-24] teach a signature and hash / digest used to verify the decrypted information including content.) (Drubay, [0023] teaches signature comparison to verify evidence data. [0031] teaches a hash of the data being signed.) Steele and Drubay fail to explicitly teach comparing three hashes, However, Agrawal teaches, wherein a third hash value calculated by the video management system is provided with the video . ([0016-17] teach comparing first, second and third hash values of content that is encrypted to determine the document / content is not altered. See also claim 9. [0055] teaches the content may be images or digitized information and data management.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Steele, which teaches a security camera / system ([0003]) that compares hashes of the content to verify integrity (Claim 19), with Drubay, which also teaches a video surveillance system ([0009]) and additionally explicitly teaches using signatures of a hash for verification ([0023] & [0031]), with Agrawal, which also teaches content that is protected by encryption (Abstract & [0006-7]), and additionally teaches comparing three hashes ([0016-17]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Steele and Drubay with the added ability to compare three different hashes to authenticate an obtain a decryption key, as taught by Agrawal, for the purpose of increasing security by performing comparisons of multiple hashes to determine the document / content is not altered ([0017]) Regarding claim 19, Steele, Drubay, and Agrawal teaches, The method of generating a video surveillance data package as claimed in claim 15, further comprising the step of generating, by the secure repository, a secure repository data package, wherein the secure repository data package comprises the video surveillance data package stored with the secure repository, a repository information data table, and a third digital signature applied to the secure repository data package. Claim 19 is rejected using the same basis of arguments used to reject claim 6 above. Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Steele, in view of Drubay, in view of US 20210200903 to Singh et al. (hereinafter Singh). Regarding claim 7, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, wherein the step of determining that the video surveillance data package received by the computing device is authentic comprises determining an . ([0013] & [0023-24] teach a signature and hash / digest used to verify the decrypted information including content.) Steele and Drubay fail to explicitly teach confidence levels, However, Singh teaches, wherein the step of determining that the video surveillance data package received by the computing device is authentic comprises determining an authenticity confidence level based on validating step(s) and comparing step(s). ([0032] teaches the use of hash functions and signatures to prevent alterations in the data, and [0035] teaches using confidence levels to detect alterations of the data.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Steele, which teaches a security camera / system ([0003]) that compares hashes of the content to verify integrity (Claim 19), with Drubay, which also teaches a video surveillance system ([0009]) and additionally explicitly teaches using signatures of a hash for verification ([0023] & [0031]), with Singh, which also teaches the use of hashes and signatures of data to authenticate the source of the data and prevent alteration of the data ([0032]), and additionally teaches the use of confidence levels to detect alterations. ([0035]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Steele and Drubay with the added ability to use confidence levels to detect alterations, as taught by Singh, for the purpose of increasing security by insuring that the data has not been altered. Claims 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Steele, in view of Drubay, in view of US 20120216043 to Le Cam et al. (hereinafter Le Cam). Regarding claim 10, Steele and Drubay teach, The method of authenticating a video surveillance data package as claimed in claim 1, further comprising the step of generating, by the secure repository, a secure repository data package, wherein the secure repository data package comprises the video surveillance data package received from the video management system (Steele, fig. 1b content repository 700) and a digital signature . Steele and Drubay fail to explicitly teach a storage server / repository that applies a signature, However, Le Cam teaches, … and a digital signature applied by the secure repository. ([0066] teaches evidence server providing a signature used for evidence.) Before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to combine the teachings of Steele, which teaches a security camera / system ([0003]) that compares hashes of the content to verify integrity (Claim 19), with Drubay, which also teaches a video surveillance system ([0009]) and additionally explicitly teaches using signatures of a hash for verification ([0023] & [0031]), with Le Cam, which also teaches a video surveillance system (title) using signature for evidence integrity (Abstract), and additionally teaches an evidence server that provides a signature for further integrity of the evidence ([0066]). One of ordinary skill in the art would have been motivated to perform such an addition to provide Steele and Drubay with the added ability to have a storage / evidence server provide an additional signature for authentication, as taught by Le Cam, for the purpose of increasing security by having integrity of the data that is verifiable using server keys. Regarding claim 11, Steele, Drubay, and Le Cam teach, The method of authenticating a video surveillance data package as claimed in claim 10, further comprising the step of validating the secure repository data package. (Steele, fig. 1b content repository 700 stores hash 716. [0013] teaches signature / hash used for validation. See also, at least [0043] teaching hash validation.) (Drubay, [0031] & [0034] teach hash of data used for evidence.) (Le Cam, [0066] teaches the evidence server counter signature as evidence of reliability of the data.) Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN WILLIAM AVERY whose telephone number is (571) 272-3942. The examiner can normally be reached on 9AM-5PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /B.W.A./ /JASON K GEE/Primary Examiner, Art Unit 2495
Read full office action

Prosecution Timeline

Mar 04, 2025
Application Filed
Jun 03, 2026
Non-Final Rejection mailed — §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676839
Digital Rights Management DRM Method, Apparatus, and System
3y 10m to grant Granted Jul 07, 2026
Patent 12665773
SYSTEM AND METHOD FOR AUTHENTICATION IN A CLIENT-SERVER CONNECTION USING CHALLENGE APPLIED TO A SECRET KEY
3y 2m to grant Granted Jun 23, 2026
Patent 12619703
AUTHORIZED REMOTE MOBILE DEVICE MANAGEMENT OF A TARGETED MANAGED DEVICE
3y 8m to grant Granted May 05, 2026
Patent 12609925
SYSTEMS AND METHODS FOR MONITORING DECENTRALIZED DATA STORAGE
4y 1m to grant Granted Apr 21, 2026
Patent 12587381
METHOD AND SYSTEM FOR MONITORING AND CONTROLLING HIGH RISK SUBSTANCES
4y 7m to grant Granted Mar 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
60%
Grant Probability
99%
With Interview (+53.9%)
3y 1m (~1y 9m remaining)
Median Time to Grant
Low
PTA Risk
Based on 86 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month