DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are:
"at least one communication module…cause the electronic device to: receive, from an external device, a message including at least one of a pass code pair and device information of the external device via the at least one communication module…connect, based on a request from the external device, to the external device via the at least one communication module." in claim 1; “at least one communication module…connecting, based on a request from the external device, to the external device via the at least one communication module” in claim 8.
This limitation is being interpreted under 35 U.S.C. 112(f) because the limitation recites the functional result of connecting to the external device based on a request from the external device, while relying on “communication module” as a generic placeholder without reciting sufficient structure, material, or acts for performing the claimed connecting function.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claims 1 and 8 recite “receive, from an external device, a message including at least one of a pass code pair and device information of the external device” and “authenticate a pass code associated with the external device by using the bio-hash stored in the memory and the pass code pair.” Under the broadest reasonable interpretation, this limitation encompasses a genus of authentication techniques defined by the functional result of authenticating a pass code using a bio-hash and a pass code pair. The specification, however, appears to describe only limited species for achieving that result, such as encoding a pass code using the bio-hash and comparing the encoded result to another pass code, or decoding an encoded pass code using the bio-hash and comparing the decoded result to another pass code. As per MPEP 2161.01, “The Federal Circuit has explained that a specification cannot always support expansive claim language and satisfy the requirements of 35 U.S.C. 112 merely by clearly describing one embodiment of the thing claimed”, citing LizardTech Inc. v. Earth Resource Mapping Inc., 424 F.3d 1336, 1345, 76 USPQ2d 1724, 1732 (Fed. Cir. 2005).
Claim 19 recite “obtaining a second biometric information from the second external device and generating a second bio-hash based on the obtained second biometric information” and “performing a process of connecting to the second external device using the second biometric information”. The specification describes that the external device detects disconnection, cancels the connection with the first electronic device, detects a new connection request, obtains new biometric information from the second user via a camera, and generates a new bio hash based on the obtained biometric information.
However, claim 1 does not require that the pass code pair received from the external device includes a pass code encoded with a generated bio hash generated by the external device using biometric information of the user, and claim 19 recites obtaining the second biometric information from the second external device rather than obtaining biometric information from the second user using the external device’s such as sensor or camera. Thus, claims 1 and 19 are broader and different than the disclosed embodiments because the specification ties the pairing process to biometric information obtained from a user, a generated bio hash based on that biometric information, and a pass code encoded with that generated bio hash.
As per MPEP § 2161.01, problems satisfying the written description requirement for original claims often occur when claim language is generic or functional, or both. Ariad, 593 F.3d at 1349, 94 USPQ2d at 1171 ("The problem is especially acute with genus claims that use functional language to define the boundaries of a claimed genus. In such a case, the functional claim may simply claim a desired result, and may do so without describing species that achieve that result. But the specification must demonstrate that the applicant [inventor] has made a generic invention that achieves the claimed result and do so by showing that the applicant [inventor] has invented species sufficient to support a claim to the functionally-defined genus.").
Furthermore, the Federal Circuit has explained that a specification cannot always support expansive claim language and satisfy the requirements of 35 U.S.C. 112 "merely by clearly describing one embodiment of the thing claimed." LizardTech v. Earth Resource Mapping, Inc., 424 F.3d 1336, 1346, 76 USPQ2d 1731, 1733 (Fed. Cir. 2005). The issue is whether a person skilled in the art would understand the inventor to have invented, and been in possession of, the invention as broadly claimed. In LizardTech, claims to a generic method of making a seamless discrete wavelet transformation (DWT) were held invalid under 35 U.S.C. 112, first paragraph, because the specification taught only one particular method for making a seamless DWT and there was no evidence that the specification contemplated a more generic method. "[T]he description of one method for creating a seamless DWT does not entitle the inventor . . . to claim any and all means for achieving that objective." LizardTech, 424 F.3d at 1346, 76 USPQ2d at 1733.
Claims depending from the rejected claims inherit the written description deficiency of their respective base claims. Accordingly, claims 2-7 depend directly or indirectly from claim 1 and inherit the written description deficiency of claim 1; Claims 9-14 depend directly or indirectly from claim 8 and inherit the written description deficiency of claim 8; Claim 19 depend directly or indirectly from claim 15 and inherit the written description deficiency of claim 15.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claimsare rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Regarding claims 1 and 8, the claims recite “a message including at least one of a pass code pair and device information of the external device” and further recite authenticating a pass code by using the “pass code pair.” The phrase “at least one of a pass code pair and device information” renders the claims indefinite because the message may include only device information and no pass code pair, while the later authentication step requires use of the pass code pair. Therefore, it is unclear whether the pass code pair required in the received message or optional, and it is unclear how authentication using the pass code pair is performed when the message includes only device information.
Regarding claim 16, The claim recites “generating a message including at least one of the generated pass code, the encoded pass code, and device information of the electronic device.” However, claim 15, from which claim 16 depends, recites “generating a message including a pass code that is encoded with the generated bio-hash.” The phrase “at least one of the generated pass code, the encoded pass code, and device information of the electronic device” renders claim 16 indefinite because it permits the generated message to include only the generated pass code or only device information, while claim 15 requires the generated message to include an encoded pass code. Therefore, it is unclear whether the generated message of claim 16 must include the encoded pass code or may omit it.
Regarding claim 19, The claim recites “obtaining a second biometric information from the second external device and generating a second bio-hash based on the obtained second biometric information” and “performing a process of connecting to the second external device using the second biometric information.” This language renders claim 19 indefinite because it is unclear whether the second biometric information is biometric information of a user obtained by the external device’s sensor/camera or biometric information received from the second external device itself. The specification describes obtaining biometric information from the second user via a camera and generating a second bio hash based on that biometric information, but claim 19 recites obtaining second biometric information from the second external device.
As stated in MPEP 2173.05(e) Lack of Antecedent Basis [R-01.2024], A claim is indefinite when it contains words or phrases whose meaning is unclear. In re Packard, 751 F.3d 1307, 1314, 110 USPQ2d 1785, 1789 (Fed. Cir. 2014). The lack of clarity could arise where a claim refers to "said lever" or "the lever," where the claim contains no earlier recitation or limitation of a lever and where it would be unclear as to what element the limitation was making reference. Similarly, if two different levers are recited earlier in the claim, the recitation of "said lever" in the same or subsequent claim would be unclear where it is uncertain which of the two levers was intended. A claim which refers to "said aluminum lever," but recites only "a lever" earlier in the claim, is indefinite because it is uncertain as to the lever to which reference is made. Obviously, however, the failure to provide explicit antecedent basis for terms does not always render a claim indefinite. If the scope of a claim would be reasonably ascertainable by those skilled in the art, then the claim is not indefinite. Ex parte Porter, 25 USPQ2d 1144, 1145 (Bd. Pat. App. & Inter. 1992) ("controlled stream of fluid" provided reasonable antecedent basis for "the controlled fluid"). Inherent components of elements recited have antecedent basis in the recitation of the elements themselves. For example, the limitation "the outer surface of said sphere" would not require an antecedent recitation that the sphere has an outer surface. See Bose Corp. v. JBL, Inc., 274 F.3d 1354, 1359, 61 USPQ2d 1216, 1218-19 (Fed. Cir 2001) (holding that recitation of "an ellipse" provided antecedent basis for "an ellipse having a major diameter" because "[t]here can be no dispute that mathematically an inherent characteristic of an ellipse is a major diameter").
Claims depending from the rejected claims inherit the indefiniteness of their respective base claims. Accordingly, claims 2-7 depend directly or indirectly from claim 1 and inherit the indefiniteness of claim 1; Claims 9-14 depend directly or indirectly from claim 8 and inherit the indefiniteness of claim 8; Claims 17-18 and 20 depend directly or indirectly from claim 15 and inherit the indefiniteness of claim 15.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-4, 7-11, 14-16 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over HUANG et al, (U.S. Pat No. 11,240,671 B1, hereinafter Huang) in view of JHA et al (U.S. PGPub. No. 2022/0035925 A1, hereinafter Jha).
As to claim 1, Huang teaches:
An electronic device comprising: at least one communication module; (see Huang, [14:31- 34]; [14:37-52]: “One or more embodiments of the present specification provide a Bluetooth device. As shown in FIG. 4, the Bluetooth device can initiate re-establishment of a Bluetooth connection, and the Bluetooth device 400. A packet generation module 42, configured to encrypt the additional code generated by the additional code generation module 41 to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected; and generate a Bluetooth protocol-based broadcast packet based on the first ciphertext, and send the broadcast packet. a request processing module 43, configured to receive a scanning request from an external Bluetooth device; send a Bluetooth protocol-based scanning response to the external Bluetooth device based on a random private address included in the scanning request, where the random private address is an address generated by the external Bluetooth device for the scanning request; and establish a Bluetooth connection to the external Bluetooth device when a connection request sent by the external Bluetooth device is received.”);
wherein the one or more computer programs include computer-executable instructions that, when executed by the one or more processors individually or collectively, cause the electronic device to: (see Huang, [16:60-64]; [5:47-51]: “The present specification further provides a computer-readable storage medium storing computer programs. When the computer programs are executed on a computer, the method in any one of the embodiments of the present specification is performed. According to a sixth aspect, a computing device is provided, including a memory and a processor. The memory stores executable code, and the processor implements the method in any one of the previous embodiments when executing the executable code.”);
(Huang teaches that computer programs are stored on a computer-readable storage medium and, when executed on a computer, perform the disclosed Bluetooth connection method. Huang also teaches a computing device having a memory and processor, where the memory stores executable code and the processor implements the disclosed method when executing the executable code.)
receive, from an external device, a message including at least one of a pass code pair and device information of the external device via the at least one communication module: (see Huang, [1:40-44]; [1:54-59]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected; a Bluetooth protocol-based broadcast packet is generated based on the first ciphertext, and the broadcast packet is sent. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet.”);
transmit, based on an authentication result, device information of the electronic device to the external device: (see Huang, [2:11-14]; [ 2:27-29]; [19:2-6]: “In one or more embodiments, after the receiving a scanning request from an external Bluetooth device, and before the sending a Bluetooth protocol-based scanning response to the external Bluetooth device. If yes, the step of sending a Bluetooth protocol-based scanning response to the external Bluetooth device is performed. Sending, by the first Bluetooth device and in response to verifying the scanning request, a scanning response to the second Bluetooth device based on the random private address in the scanning request.);
(Sending a scanning response to the external Bluetooth device after verification/authentication.)
and connect, based on a request from the external device, to the external device via the at least one communication module: (see Huang, [1:50- 53]; [7:36-38]: “A Bluetooth connection is established to the external Bluetooth device when a connection request sent by the external Bluetooth device is received. And a Bluetooth connection can be established, by using the private address, to the external Bluetooth device that sends the scanning request.);
Huang does not teach, but Jha teaches: memory storing biometric information of a user, a bio-hash corresponding to the biometric information, and one or more computer programs; (see Jha, [¶¶0092-0093, 0115, 0118, 0120]: “In an embodiment, a personal identification profile of a user may be used for recovery from lost password. The personal identification profile of the user may include (but not limited to) biometric information (such as voice, face and/or fingerprints) of the user. As part of configuring client system 120 for a user, the biometric information of the user may be provided a priori to client system 120 by user device 230. Such biometric information may be collected by user device 230 in a well known manner and sent to client system 120. Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400. Digital processing system 700 may correspond to one of client system 120. RAM 720 is shown currently containing software instructions constituting shared environment 725 and/or other user programs 726. Secondary memory 730 may store the data and software instructions which enable digital processing system 700 to provide several features in accordance with the present disclosure.”);
(Jha teaches memory storing biometric information and a corresponding profile-hash, where the biometric information is provided to client system 120 and used to generate the profile-hash stored in data store 360. Jha also teaches computer programs/software instructions stored in RAM 720 and secondary memory 730 within the same system. A person of ordinary skill would understand that a client system must store the received biometric data in memory at least during configuration to process it and generate the corresponding profile-hash,)
one or more processors communicatively coupled to the at least one communication module, and the memory: (see Jha, [¶¶0116, 0120]: “Digital processing system 700 may contain one or more processors such as a central processing unit (CPU) 710, random access memory (RAM) 720, secondary memory 730, graphics controller 760, display unit 770, network interface 780 and secondary memory 730 may store the data and software instructions which enable digital processing system 700 to provide several features in accordance with the present disclosure.”);
authenticate a pass code associated with the external device by using the bio-hash stored in the memory and the pass code pair; (see Jha, [¶0077, 0079, 0093, 0105]: “In an embodiment, client system 120 authenticates user device 230 using shared key authentication technique (e.g. a PIN). The PIN may be configured by super user on client system 120 and stored in data store 360. The same PIN may also be configured on user application 340 of user device 230. Referring again to FIG. 6A, user application 340 on user device 230 may send authentication response 615 containing the PIN to client system 120. Pre-boot module 310 may check for a match of the received PIN with the stored PIN. If there is a match, client system 120 is deemed to have authenticated successfully with user device 230. Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400. pre-boot module 310 uses the received biometric information to generate a hash and compares the generated hash with the profile-hash retrieved from data store 360.”);
(Jha teaches device authentication using a passcode/PIN and user authentication using a stored biometric profile hash. It would have been obvious to combine Jha’s PIN authentication with its bio-hash verification into a unified authentication step to provide predictable multi factor authentication and improve security.)
Therefore, it would have been obvious to one of the ordinary skill in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth device connection method that generates a random additional code, encrypts the additional code to generate a first ciphertext, includes the additional code in plaintext form in a broadcast packet, verifies the broadcast packet by generating a third ciphertext, and establishes a Bluetooth connection based on a connection request, by using Jha’s biometric profile-hash as the encryption key in Huang’s encryption process, as Jha teaches generating a profile-hash biometric information and using the profile-hash as an encryption key. The result would have yielded the predictable benefit of improving Bluetooth connection security by making the encoded pass code dependent on biometric information while retaining Huang’s dynamic code and ciphertext verification process.
As to claim 2, the combination Huang in view of Jha teaches:
wherein the pass code pair comprises a first pass code obtained by encoding the pass code with the bio-hash, and a second pass code corresponding to the pass code. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet: (see Huang, [1:40- 42]; [1:54-59]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet.”);
(see Jha, [¶0093]: “Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400.”);
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s pass-code-pair structure, where the additional code is included in plaintext form and also encrypted to generate a first cyphertext, by using Jha’s biometric profile-hash as the encryption key for generating the cyphertext, because Jha teaches using a biometric profile-hash as an encryption key. The results would have yielded the predictable benefit of making Huang’s encoded pass code biometric dependent while still preserving Huang’s two-part code structure of a plaintext code and an encrypted version of that code.
As to claim 3, the combination Huang in view of Jha teaches:
wherein the one or more computer programs further include computer-executable instructions that, when executed by the one or more processors individually or collectively, cause the electronic device to: decode a first pass code included in the pass code pair by using the bio-hash stored in the memory; and determine whether the decoded first pass code is identical to a second pass code included in the pass code pair, and authenticate the pass code associated with the external device: (see Huang, [1:40- 42]; [1:54-59]; [2:60-63]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet. In one or more embodiments, the broadcast packet includes an additional code in a plaintext form; and the obtaining an additional code includes: obtaining the additional code from the broadcast packet.”);
(see Jha, [¶¶0093, 0105]: “Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Specifically, pre-boot module 310 uses the received biometric information to generate a hash and compares the generated hash with the profile-hash retrieved from data store 360. Upon a certain threshold percentage match (e.g. 80%), pre-boot module 310 may decrypt the corresponding row in table 400.”);
(Huang gives two code values: the ciphertext version and the plaintext additional code in the same packet. Jha supplies the biometric hash key concept after biometric hash matching then encrypted stored data maybe decrypted.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth code verification process , where a plaintext additional code and a first ciphertext generated from that additional code are used to verify a broadcast packet, by using Jha’s biometric profile hash as the encryption/decryption key and checking the encrypted value by decrypting it and comparing the decrypted result with the plaintext additional code. The results would have yielded the predictable benefit of verifying that the encrypted code and plaintext code correspond to the same dynamic pass code while making the verification dependent on biometric information.
As to claim 4, the combination Huang in view of Jha teaches:
wherein the one or more computer programs further include computer-executable instructions that, when executed by the one or more processors individually or collectively, cause the electronic device to: encode a second pass code included in the pass code pair by using the bio-hash stored in the memory; and determine whether the encoded second pass code is identical to a first pass code included in the pass code pair, and authenticate the pass code associated with the external device: (see Huang, [Col. 7 & 8, Ln. 63-65 & 1-5]; [8:29-29]; [8:39-41]; [11:31-42]: “Method 1: A random number generated randomly is used as the additional code, and the additional code in the plaintext form is included in the broadcast packet. Because the additional code is generated randomly and cannot be predicted in advance, it can be more difficult to forge a broadcast packet. Then, the additional code in the plaintext form is included in the broadcast packet so that the external Bluetooth device that monitors the broadcast packet can verify the first ciphertext in the broadcast packet based on the additional code in the plaintext form. To further increase the difficulty for the attacker to forge a broadcast packet, the first ciphertext can be obtained by encrypting the additional code and the local key by using the first encryption algorithm. Therefore, after the broadcast packet is monitored, if the value of the additional code obtained is assigned to the first variable x.sub.1 of the first encryption algorithm, the value of the locally-stored key is assigned to the second variable y.sub.1 of the first encryption algorithm F.sub.1(x.sub.1, y.sub.1). If the value of the additional code obtained is assigned to the second variable y.sub.1, the local key is assigned to the first variable x.sub.1. Then, a third ciphertext can be generated by using the first encryption algorithm with assigned values. The third ciphertext is compared with the first ciphertext in the broadcast packet. If the two are the same, it can be determined that the broadcast packet is not forged, and the broadcast packet is valid.”);
(see Jha, [¶¶0093, 0117, 0120]: “Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400. CPU 710 may execute instructions stored in RAM 720 to provide several features of the present disclosure. Secondary memory 730 may store the data (for example, data shown in FIG. 4) and software instructions (for example, for implementing the various features of the present disclosure as shown in FIGS. 5A-5B, etc.), which enable digital processing system 700 to provide several features in accordance with the present disclosure.”);
(Huang shows the basic check: the device takes the plaintext additional code, encrypt it again and compares the newly generated ciphertext with the ciphertext already in the broadcast packet. Jha adds the biometric parts that can be used as the encryption key, so the encrypted code becomes tied to the user’s biometric information.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth verification process, where a plaintext additional code is encrypted with a stored local key to generate a third ciphertext and the third ciphertext is compared with a first ciphertext in the broadcast packet, by using Jha’s biometric profile-hash as the stored encryption key. Jha teaches generating a profile-hash of biometric information and using the profile-hash as an encryption key. The results would have yielded the predictable benefit of making Huang’s ciphertext comparison biometric dependent while preserving Jha’s verification process of comparing a locally generated ciphertext with the received ciphertext.
As to claim 7, the combination Jha in view of Huang teaches:
wherein the one or more computer programs further include computer-executable instructions that, when executed by the one or more processors individually or collectively, cause the electronic device to, upon authentication of the pass code, determine that a user who uses the external device is identical to a user of the electronic device, and to transmit the device information of the electronic device to the external device: (see Jha, [¶¶0092-0093, 0103, 0105]: “In an embodiment, a personal identification profile of a user may be used for recovery from lost password. The personal identification profile of the user may include (but not limited to) biometric information (such as voice, face and/or fingerprints) of the user. Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400. Once OTP has been validated successfully (consent is received from central server 130), user application 340 collects the current biometric information of the user. For example, a voice profile may be collected using a microphone attached to user device 230, a face profile may be collected using a camera attached to the user device 230 and a fingerprint profile may be collected using a fingerprint scanner attached to user device 230. User device 230 then sends the biometric information to client system 120 using personal identification profile response 685. In step 580, pre-boot module 310 performs pre-boot authentication using the personal identification profile. Specifically, pre-boot module 310 uses the received biometric information to generate a hash and compares the generated hash with the profile-hash retrieved from data store 360. Upon a certain threshold percentage match (e.g. 80%), pre-boot module 310 may decrypt the corresponding row in table 400. If the decrypted value matches with the disk-encryption-key retrieved from data store 360, pre-boot module 310 concludes that the request is received from an authorized user.”);
(see Huang, [2:11- 14]; [2:27-29]; [19:2- 6]: “In one or more embodiments, after the receiving a scanning request from an external Bluetooth device, and before the sending a Bluetooth protocol-based scanning response to the external Bluetooth device, and if yes, the step of sending a Bluetooth protocol-based scanning response to the external Bluetooth device is performed. Sending, by the first Bluetooth device and in response to verifying the scanning request, a scanning response to the second Bluetooth device based on the random private address in the scanning request.
(Jha checks the user’s biometrics against a stored profile-hash to prove the right person is making the request and Huang sends a scanning response back to the external device once the check is successful. This match sending device information after authentication.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth authentication/connection process, where a device sends a scanning response to an external Bluetooth device after verification, by using Jha’s biometric profile-hash authentication technique to confirm that the user associated with the external device is the authorized user of the electronic device. The results would have yielded the predictable benefit of sending device information only after the user identity has been confirmed, thereby improving security in the Bluetooth pairing process.
As to claim 8, Huang teaches:
A method performed by an electronic device, the method comprising: (see Huang, [1:38- 39]; [2:43-44]: “According to a first aspect, a Bluetooth device connection method is provided. According to a second aspect, a Bluetooth device connection method is provided.”);
receiving, from an external device, a message including at least one of a pass code pair and device information of the external device via at least one communication module; (see Huang, [1:42-44]; [1:54-59]; [2:60-63]: “A Bluetooth protocol-based broadcast packet is generated based on the first ciphertext, and the broadcast packet is sent. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet. In one or more embodiments, the broadcast packet includes an additional code in a plaintext form; and the obtaining an additional code includes: obtaining the additional code from the broadcast packet.”);
(Huang teaches receiving/monitoring a broadcast packet from an external Bluetooth device. The packet includes a first ciphertext and an additional code in plain text form, which connects to the pass code pair like encoded plus unencoded pass code.)
transmitting, based on an authentication result, device information of the electronic device to the external device; (see Huang, [2:11-14]; [ 2:27-29]; [2:30-43]: “In one or more embodiments, after the receiving a scanning request from an external Bluetooth device, and before the sending a Bluetooth protocol-based scanning response to the external Bluetooth device. And if yes, the step of sending a Bluetooth protocol-based scanning response to the external Bluetooth device is performed. In one or more embodiments, the sending a Bluetooth protocol-based scanning response to the external Bluetooth device based on a random private address included in the scanning request includes: encrypting the random private address included in the scanning request and the locally-stored key by using a third encryption algorithm, to obtain a second ciphertext, where the second encryption algorithm is a unidirectional function, and the local key is a key agreed upon jointly with the Bluetooth device connected through the Bluetooth connection; generating the Bluetooth protocol-based scanning response by using the second ciphertext; and sending the scanning response to the external Bluetooth device by using the random private address.”);
(Sending a scanning response to the external Bluetooth device after verification/authentication.)
and connecting, based on a request from the external device, to the external device via the at least one communication module: (see Huang, [1:50- 53]; [7:36-38]: “A Bluetooth connection is established to the external Bluetooth device when a connection request sent by the external Bluetooth device is received. And a Bluetooth connection can be established, by using the private address, to the external Bluetooth device that sends the scanning request.);
Huang does not teach, but Jha teaches:
authenticate a pass code associated with the external device by using the bio-hash stored in the memory and the pass code pair; (see Jha, [¶0077, 0079, 0093, 0105]: “In an embodiment, client system 120 authenticates user device 230 using shared key authentication technique (e.g. a PIN). The PIN may be configured by super user on client system 120 and stored in data store 360. The same PIN may also be configured on user application 340 of user device 230. Referring again to FIG. 6A, user application 340 on user device 230 may send authentication response 615 containing the PIN to client system 120. Pre-boot module 310 may check for a match of the received PIN with the stored PIN. If there is a match, client system 120 is deemed to have authenticated successfully with user device 230. Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400. pre-boot module 310 uses the received biometric information to generate a hash and compares the generated hash with the profile-hash retrieved from data store 360.”);
(Jha teaches device authentication using a passcode/PIN and user authentication using a stored biometric profile hash. It would have been obvious to combine Jha’s PIN authentication with its bio-hash verification into a unified authentication step to provide predictable multi factor authentication and improve security.)
Therefore, it would have been obvious to one of the ordinary skill in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth device connection method that generates a random additional code, encrypts the additional code to generate a first ciphertext, includes the additional code in plaintext form in a broadcast packet, verifies the broadcast packet by generating a third ciphertext, and establishes a Bluetooth connection based on a connection request, by using Jha’s biometric profile-hash as the encryption key in Huang’s encryption process, as Jha teaches generating a profile-hash biometric information and using the profile-hash as an encryption key. The result would have yielded the predictable benefit of improving Bluetooth connection security by making the encoded pass code dependent on biometric information while retaining Huang’s dynamic code and ciphertext verification process.
As to claim 9, the combination Huang in view of Jha teaches:
wherein the pass code pair comprises a first pass code obtained by encoding the pass code with the bio-hash, and a second pass code corresponding to the pass code: (see Huang, [1:40- 41]; [1:54-59]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet.”); (see Jha, [¶¶0093]: “Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400.”);
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s pass code pair structure, where an additional code is included in plaintext form and also encrypted to generate a first ciphertext, by using Jha’s biometric profile hash as the encryption key for generating the ciphertext. The result would have yielded the predictable benefit of making Huang’s encoded pass code biometric dependent while preserving Huang’s two-part code structure of a plaintext code and an encrypted version of that code.
As to claim 10, the combination Huang in view of Jha teaches:
wherein the authenticating comprises: decoding a first pass code included in the pass code pair by using the bio-hash stored in the memory; and determining whether the decoded first pass code is identical to a second pass code included in the pass code pair, and authenticating the pass code associated with the external device: (see Huang, [1:40- 42]; [1:54-59]; [2:60-63]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet. In one or more embodiments, the broadcast packet includes an additional code in a plaintext form; and the obtaining an additional code includes: obtaining the additional code from the broadcast packet.”); (see Jha, [¶¶0093, 0105]: “Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Specifically, pre-boot module 310 uses the received biometric information to generate a hash and compares the generated hash with the profile-hash retrieved from data store 360. Upon a certain threshold percentage match (e.g. 80%), pre-boot module 310 may decrypt the corresponding row in table 400.”);
(Huang gives two code values: the ciphertext version and the plaintext additional code in the same packet. Jha supplies the biometric hash key concept after biometric hash matching then encrypted stored data maybe decrypted.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth code verification process , where a plaintext additional code and a first ciphertext generated from that additional code are used to verify a broadcast packet, by using Jha’s biometric profile hash as the encryption/decryption key and checking the encrypted value by decrypting it and comparing the decrypted result with the plaintext additional code. The results would have yielded the predictable benefit of verifying that the encrypted code and plaintext code correspond to the same dynamic pass code while making the verification dependent on biometric information.
As to claim 11, the combination Huang in view of Jha teaches:
wherein the authenticating comprises: encoding a second pass code included in the pass code pair by using the bio-hash stored in the memory; and determining whether the encoded second pass code is identical to a first pass code included in the pass code pair, and authenticating the pass code associated with the external device: (see Huang, [Col. 7 & 8, Ln. 63-65 & 1-5]; [8:29-29]; [8:39-41]; [11:31-42]: “Method 1: A random number generated randomly is used as the additional code, and the additional code in the plaintext form is included in the broadcast packet. Because the additional code is generated randomly and cannot be predicted in advance, it can be more difficult to forge a broadcast packet. Then, the additional code in the plaintext form is included in the broadcast packet so that the external Bluetooth device that monitors the broadcast packet can verify the first ciphertext in the broadcast packet based on the additional code in the plaintext form. To further increase the difficulty for the attacker to forge a broadcast packet, the first ciphertext can be obtained by encrypting the additional code and the local key by using the first encryption algorithm. Therefore, after the broadcast packet is monitored, if the value of the additional code obtained is assigned to the first variable x.sub.1 of the first encryption algorithm, the value of the locally-stored key is assigned to the second variable y.sub.1 of the first encryption algorithm F.sub.1(x.sub.1, y.sub.1). If the value of the additional code obtained is assigned to the second variable y.sub.1, the local key is assigned to the first variable x.sub.1. Then, a third ciphertext can be generated by using the first encryption algorithm with assigned values. The third ciphertext is compared with the first ciphertext in the broadcast packet. If the two are the same, it can be determined that the broadcast packet is not forged, and the broadcast packet is valid.”); (see Jha, [¶¶0093, 0117, 0120]: “Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400. CPU 710 may execute instructions stored in RAM 720 to provide several features of the present disclosure. Secondary memory 730 may store the data (for example, data shown in FIG. 4) and software instructions (for example, for implementing the various features of the present disclosure as shown in FIGS. 5A-5B, etc.), which enable digital processing system 700 to provide several features in accordance with the present disclosure.”);
(Huang shows the basic check: the device takes the plaintext additional code, encrypt it again and compares the newly generated ciphertext with the ciphertext already in the broadcast packet. Jha adds the biometric parts that can be used as the encryption key, so the encrypted code becomes tied to the user’s biometric information.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth verification process, where a plaintext additional code is encrypted with a stored local key to generate a third ciphertext and the third ciphertext is compared with a first ciphertext in the broadcast packet, by using Jha’s biometric profile-hash as the stored encryption key. Jha teaches generating a profile-hash of biometric information and using the profile-hash as an encryption key. The results would have yielded the predictable benefit of making Huang’s ciphertext comparison biometric dependent while preserving Jha’s verification process of comparing a locally generated ciphertext with the received ciphertext.
As to claim 14, the combination Jha in view of Huang teaches:
wherein the transmitting comprises, upon authentication of the pass code, determining that a user who uses the external device is identical to a user of the electronic device, and transmitting the device information of the electronic device to the external device: (see Jha, [¶¶0092-0093, 0103, 0105]: “In an embodiment, a personal identification profile of a user may be used for recovery from lost password. The personal identification profile of the user may include (but not limited to) biometric information (such as voice, face and/or fingerprints) of the user. Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400. Once OTP has been validated successfully (consent is received from central server 130), user application 340 collects the current biometric information of the user. For example, a voice profile may be collected using a microphone attached to user device 230, a face profile may be collected using a camera attached to the user device 230 and a fingerprint profile may be collected using a fingerprint scanner attached to user device 230. User device 230 then sends the biometric information to client system 120 using personal identification profile response 685. In step 580, pre-boot module 310 performs pre-boot authentication using the personal identification profile. Specifically, pre-boot module 310 uses the received biometric information to generate a hash and compares the generated hash with the profile-hash retrieved from data store 360. Upon a certain threshold percentage match (e.g. 80%), pre-boot module 310 may decrypt the corresponding row in table 400. If the decrypted value matches with the disk-encryption-key retrieved from data store 360, pre-boot module 310 concludes that the request is received from an authorized user.”); (see Huang, [2:11- 14]; [2:27-29]; [19:2- 6]: “In one or more embodiments, after the receiving a scanning request from an external Bluetooth device, and before the sending a Bluetooth protocol-based scanning response to the external Bluetooth device, and if yes, the step of sending a Bluetooth protocol-based scanning response to the external Bluetooth device is performed. Sending, by the first Bluetooth device and in response to verifying the scanning request, a scanning response to the second Bluetooth device based on the random private address in the scanning request.
(Jha checks the user’s biometrics against a stored profile-hash to prove the right person is making the request and Huang sends a scanning response back to the external device once the check is successful. This match sending device information after authentication.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth verification process, where a device sends a scanning response to an external Bluetooth device after verification, by using Jha’s biometric profile-hash authentication technique to confirm that the user associated with the external device is the authorized user of the electronic device. The results would have yielded the predictable benefit of sending device information only after the user identity has been confirmed, thereby improving security in the Bluetooth pairing process.
As to claim 15, Huang teaches:
A method performed by an electronic device, the method comprising: (see Huang, [1:38- 39]; [1:40-42]: “According to a first aspect, a Bluetooth device connection method is provided. An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected.”);
generating a pass code for connection to the electronic device; (see Huang, [1:54-59]: “In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet.”);
generating a message including a pass code that is encoded with the generated bio-hash; (see Huang, [1:40- 44]; [1:54- 59]; [8:39-41]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected; a Bluetooth protocol-based broadcast packet is generated based on the first ciphertext, and the broadcast packet is sent. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet. The first ciphertext can be obtained by encrypting the additional code and the local key by using the first encryption algorithm.”);
(Huang teaches generating a broadcast message containing an encoded passcode because Huang encrypts the additional code to generate a first ciphertext and generate a broadcast packet based on that ciphertext. Jha supplies the bio-hash aspect because Jha teaches using a bio-metric profile-hash as an encryption key, which would be used as Huang’s local key in the modified system.)
broadcasting the generated message; (see Huang, [1:42- 44]: “A Bluetooth protocol-based broadcast packet is generated based on the first ciphertext, and the broadcast packet is sent.)”;
(Generating and sending/broadcasting the Bluetooth packet containing the ciphertext.)
receiving device information of an external device from the external device that responds to the broadcasted message; (see Huang, [1:44- 53]: “A scanning request sent by an external Bluetooth device is received; a Bluetooth protocol-based scanning response is sent to the external Bluetooth device based on a random private address included in the scanning request, where the random private address is an address generated by the external Bluetooth device for the scanning request; and a Bluetooth connection is established to the external Bluetooth device when a connection request sent by the external Bluetooth device is received.”);
(Huang teaches receiving a response or request from the external Bluetooth device after the broadcast packet. The random private address in the scanning request function as device related information used to communicate with that external device.)
and pairing with the external device based on the device information of the external device: (see Huang, [1:50- 53]; [2:54-59]: “And a Bluetooth connection is established to the external Bluetooth device when a connection request sent by the external Bluetooth device is received. And sending a connection request to the external Bluetooth device based on the random private address when a scanning response sent by the external Bluetooth device based on the random private address is received, to establish a connection to the external Bluetooth device by using the connection request.”);
(The Bluetooth connection is then established using the information received from the external device.)
Huang does not teach but, Jha teaches: generating a bio-hash corresponding to biometric information of a user in response to a connection request; (see Jha, [¶¶0092-0096]: “In an embodiment, a personal identification profile of a user may be used for recovery from lost password. The personal identification profile of the user may include (but not limited to) biometric information (such as voice, face and/or fingerprints) of the user. Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400.”);
(Jha teaches converting biometric information into a profile-hash (bio-hash) and using it as an encryption key to secure the connection process.)
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth device connection method, where a random additional code is generated, encrypted to generate a first ciphertext, placed in a Bluetooth broadcast packet, and used to establish a Bluetooth connection with an external Bluetooth device, by using Jha’s biometric profile-hash as the encryption key in Huang’s encryption process, as Jha teaches generating a profile-hash of biometric information and using the profile-hash as an encryption key. The results would have yielded the predictable benefit of improving Bluetooth connection security by making the encoded connection passcode validation to be mathematically tied to user biometric information while cleanly retaining Huang’s dynamic random-code/ciphertext Bluetooth pairing process.
As to claim 16, the combination Huang in view of Jha teaches:
wherein the generating the message comprises, encoding the generated pass code by using the generated bio-hash, and generating a message including at least one of the generated pass code, the encoded pass code, and device information of the electronic device: (see Huang, [1:40- 42]; [1:54-59]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected. In one or more embodiments, the generating an additional code includes: generating a random number to obtain the additional code; and the generating a Bluetooth protocol-based broadcast packet based on the first ciphertext further includes: adding an additional code in a plaintext form to the broadcast packet.”); (see Jha, [¶0093]: “Client system 120 may generate a profile-hash of the biometric information and use the profile-hash as encryption key to encrypt the disk-encryption-key noted above. Client system 120 may store the profile-hash in data store 360 and the resultant cipher data in table 400.”);
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth message generation process, where a random additional code is encrypted to generate a first ciphertext and a broadcast packet is generated including the first ciphertext and optionally the plaintext additional code, by using Jha’s biometric profile-hash as the encryption key and Jha teaches generating a profile hash of biometric information and using the profile hash as an encryption key. The results would have yielded the predictable benefit of making Huang’s encoded connection code biometric dependent while preserving the existing message structure containing the generated code or encoded code for Bluetooth pairing.
As to claim 19, the combination Huang in view of Jha teaches:
further comprising detecting disconnection with the external device; cancelling the connection with the external device; detecting a connection request with a second external device; obtaining a second biometric information from the second external device and generating a second bio-hash based on the obtained second biometric information; and performing a process of connecting to the second external device using the second biometric information: (see Huang, [1:50- 53]; [7:36-38]: “An additional code is generated; the additional code is encrypted to generate a first ciphertext after it is detected that a Bluetooth connection is disconnected, and a Bluetooth connection is established to the external Bluetooth device when a connection request sent by the external Bluetooth device is received.”); (see Jha, [¶¶0103-0105]: “Once OTP has been validated successfully (consent is received from central server 130), user application 340 collects the current biometric information of the user. For example, a voice profile may be collected using a microphone attached to user device 230, a face profile may be collected using a camera attached to the user device 230 and a fingerprint profile may be collected using a fingerprint scanner attached to user device 230. User device 230 then sends the biometric information to client system 120 using personal identification profile response 685. Specifically, pre-boot module 310 uses the received biometric information to generate a hash and compares the generated hash with the profile-hash retrieved from data store 360.”);
(Huang supports the disconnection and new connection request portion because its process begins after deleting that a Bluetooth connection is connected and then establishes later when connection request is received. Jha support the biometric part because it’s obtained from the user device and then used to generate a hash for authentication.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth connection process, where a Bluetooth connection is detected as disconnected and a later connection request from an external Bluetooth device is used to establish a Bluetooth connection, by using Jha’s biometric profile authentication technique where biometric information is received from a user device and used to generate a hash for authentication. The results would have yielded the predictable benefit of securely reconnecting or switching to another external device only after biometric information from that device or user is verified, thereby improving security when the electronic device moves from one external device connection to another.
Claim 5-6 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over HUANG et al, (U.S. Pat No. 11,240,671 B1, hereinafter Huang) in view of JHA et al (U.S. PGPub. No. 2022/0035925 A1, hereinafter Jha), and in further view of Walia et al. (U.S. PGPub. No. 2005/0039053 A1, hereinafter Walia).
As to claim 5, the combination of Huang in view of Jha teaches all the limitations recites in claim 1 above.
The combination of Huang in view of Jha does not teach, but Walia teaches:
wherein the one or more computer programs further include computer-executable instructions that, when executed by the one or more processors individually or collectively, cause the electronic device to determine, based on the device information of the external device, a bio-hash to be used for authenticating the pass code from among a plurality of bio-hashes: (see Walia, [¶¶0008, 0082, 0086, 0089-0090]: “In a biometric authentication system according to embodiments of the present invention, biometric data of users is processed according to a plurality of device-dependent processes and stored in a repository. When performing an authentication, the biometric authentication system determines a capture device type and uses that determination to select among the plurality of device-dependent versions of biometric data. The device-dependent processes might be specific to particular manufacturers, device classes or other partitioning scheme. A person to be registered in the repository registers their biometric data using the server and registers using N input-specific processes, where each input-specific process might be for a particular device, device manufacturer's product line, device class or the like. The registered biometric data can be maintained in separate tables, one per input-specific process, as a single table, or some other combination. Whenever a person presents for authentication, the system uses a selected input-specific process for verification or identification. The selection of an input-specific process can be done by the client based on the biometric device being used at the point of presentation. The agent (client) can generate biometric templates for each supported input-specific process and send the templates to the server for registration. The server could store the templates in different tables along with a reference to the registering user's information. Based on the chosen input-specific process, the server authenticates the presented person by invoking the respective input-specific process's authentication component.”);
(Multiple biometric versions/templates are stored for different device dependent processes, and the system selects the proper version based on the device/capture type being used.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth authentication/connection method with the biometric device selection technique of Walia, where biometric data is processed and stored in multiple device dependent versions and the system select the proper version based on the determined capture device type. Walia teaches that biometric data maybe processed according to a plurality of device dependent process, stored in a repository, and selected based on device type, device class, manufacturer product line, or another device based partitioning scheme. The results would have yielded the predictable benefit of improving device specific authentication by selecting the biometric derived value that corresponds to the particular external device or device type being used, instead of using the same biometric value for every device.
As to claim 6, the combination of Huang in view of Jha teaches all the limitations recites in claim 1 above.
The combination of Huang in view of Jha does not teach, but Walia teaches:
The electronic device of The electronic device of wherein the one or more computer programs further include computer- executable instructions that, when executed by the one or more processors individually or collectively, cause the electronic device to: identify device feature information of the external device included in the device information of the external device; in case that the identified device feature information corresponds to a first device feature, authenticate the pass code by using a first bio-hash associated with the first device feature from among the plurality of bio-hashes; and in case that the identified device feature information corresponds to a second device feature, authenticate the pass code by using a second bio-hash associated with the second device feature from among the plurality of bio- hashes, and wherein the first bio-hash and the second bio-hash are stored in the memory and are different from each other: (see Walia, [¶¶0008, 0082, 0086, 0089-0090]: “In a biometric authentication system according to embodiments of the present invention, biometric data of users is processed according to a plurality of device-dependent processes and stored in a repository. When performing an authentication, the biometric authentication system determines a capture device type and uses that determination to select among the plurality of device-dependent versions of biometric data. The device-dependent processes might be specific to particular manufacturers, device classes or other partitioning scheme. A person to be registered in the repository registers their biometric data using the server and registers using N input-specific processes, where each input-specific process might be for a particular device, device manufacturer's product line, device class or the like. The registered biometric data can be maintained in separate tables, one per input-specific process, as a single table, or some other combination. Whenever a person presents for authentication, the system uses a selected input-specific process for verification or identification. The selection of an input-specific process can be done by the client based on the biometric device being used at the point of presentation. The agent (client) can generate biometric templates for each supported input-specific process and send the templates to the server for registration. The server could store the templates in different tables along with a reference to the registering user's information. Based on the chosen input-specific process, the server authenticates the presented person by invoking the respective input-specific process's authentication component.”);
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth authentication/connection method with the biometric device selection technique of Walia, where biometric data is processed according to a plurality of device dependent processes and the system selects among the plurality of device dependent version based on the determined capture device type. Walia further teaches that the device dependent processes maybe specific to particular manufacturer, device classes, or other partitioning schemes. The results would have yielded the predictable benefit of allowing the system to perform more granular device specific authentication by selecting different biometric derived values for different technical features of the connecting external device, thereby reducing the risk that authentication information for one device class, manufactural line, or device type could be reused to spoof another device class, manufactural line, or device type.
As to claim 12, the combination of Huang in view of Jha teaches all the limitations recites in claim 8 above.
The combination of Huang in view of Jha does not teach, but Walia teaches:
further comprising determining, based on the device information of the external device, a bio-hash to be used for authenticating the pass code from among a plurality of bio-hashes: (see Walia, [¶¶0008, 0082, 0086, 0089-0090]: “In a biometric authentication system according to embodiments of the present invention, biometric data of users is processed according to a plurality of device-dependent processes and stored in a repository. When performing an authentication, the biometric authentication system determines a capture device type and uses that determination to select among the plurality of device-dependent versions of biometric data. The device-dependent processes might be specific to particular manufacturers, device classes or other partitioning scheme. A person to be registered in the repository registers their biometric data using the server and registers using N input-specific processes, where each input-specific process might be for a particular device, device manufacturer's product line, device class or the like. The registered biometric data can be maintained in separate tables, one per input-specific process, as a single table, or some other combination. Whenever a person presents for authentication, the system uses a selected input-specific process for verification or identification. The selection of an input-specific process can be done by the client based on the biometric device being used at the point of presentation. The agent (client) can generate biometric templates for each supported input-specific process and send the templates to the server for registration. The server could store the templates in different tables along with a reference to the registering user's information. Based on the chosen input-specific process, the server authenticates the presented person by invoking the respective input-specific process's authentication component.”);
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth authentication/connection method with Walia’s device dependent biometric selection technique, where the system determines the device/capture type and selects the corresponding stored biometric version of authentication. The results would have yielded the predictable benefit of using the correct biometric derived authentication value for the particular external device involved in the connection, instead of using the same biometric value for all device types.
As to claim 13, the combination of Huang in view of Jha teaches all the limitations recites in claim 8 above.
The combination of Huang in view of Jha does not teach, but Walia teaches:
The method of The method of wherein the determining comprises: identifying device feature information of the external device included in the device information of the external device, in case that the identified device feature information corresponds to a first device feature, authenticating the pass code by using a first bio-hash associated with the first device feature from among the plurality of bio-hashes, and in case that the identified device feature information corresponds to a second device feature, authenticating the pass code by using a second bio-hash associated with the second device feature from among the plurality of bio- hashes, and wherein the first bio-hash and the second bio-hash are stored in the memory, and are different from each other: (see Walia, [¶¶0008, 0082, 0086, 0089-0090]: “In a biometric authentication system according to embodiments of the present invention, biometric data of users is processed according to a plurality of device-dependent processes and stored in a repository. When performing an authentication, the biometric authentication system determines a capture device type and uses that determination to select among the plurality of device-dependent versions of biometric data. The device-dependent processes might be specific to particular manufacturers, device classes or other partitioning scheme. A person to be registered in the repository registers their biometric data using the server and registers using N input-specific processes, where each input-specific process might be for a particular device, device manufacturer's product line, device class or the like. The registered biometric data can be maintained in separate tables, one per input-specific process, as a single table, or some other combination. Whenever a person presents for authentication, the system uses a selected input-specific process for verification or identification. The selection of an input-specific process can be done by the client based on the biometric device being used at the point of presentation. The agent (client) can generate biometric templates for each supported input-specific process and send the templates to the server for registration. The server could store the templates in different tables along with a reference to the registering user's information. Based on the chosen input-specific process, the server authenticates the presented person by invoking the respective input-specific process's authentication component.”);
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth pairing process with Walia’s device dependent biometric selection technique, where biometric data is processed according to a plurality of device dependent processes and the system selects among the plurality of device dependent biometric versions based on the determined capture device type. Walia further teaches that the device dependent processes maybe specific to particular manufacturers, device classes, or other partitioning schemes. The results would have yielded the predictable benefit of making authentication safer by picking a different biometric key for each specific device feature. This stops an attacker from reusing stolen login info from one type of device to fake a connection on a completely different brand or model.
Claim 17-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over HUANG et al, (U.S. Pat No. 11,240,671 B1, hereinafter Huang) in view of JHA et al (U.S. PGPub. No. 2022/0035925 A1, hereinafter Jha), and in further view of Bonazzoli et al. (U.S. PGPub. No. 2014/0136851 A1, hereinafter Bonazzoli).
As to claim 17, the combination of Huang in view of Jha teaches all the limitations recites in claim 15 above.
The combination of Huang in view of Jha does not teach, but Bonazzoli teaches:
further comprising deleting the generated bio- hash and the generated pass code when paring with the external device is performed: (see Bonazzoli, [¶¶0033, 0038, 0043, 0047]: “Certificate 334 comprises information associated with a unique key or signature corresponding to the user based on and/or derived from biometric data 332 of the user generated by device authenticator module 324. For example, in some embodiments, device authenticator module 324 may comprise a hash function or other type of algorithm for generating a bit string, hash value or other type of unique signature based on biometric data 332 corresponding to a user. Upon the completion of the configuration phase for the selected wireless devices 304, device authenticator module 324 may be configured to automatically purge biometric data 332 and certificate 334 from memory 312. In some embodiments, device authenticator module 324 is configured to automatically purge biometric data 332 and certificate 334 (and any certificate received from a wireless device 304) from memory 312. At block 522, device authenticator module 324 purges biometric data 332 and certificate 334 (along with any certificate received from a wireless device 304) from memory 312 or other storage of data processing system 302.”);
(Generating a biometric based certificate or key or signature from biometric data and then automatically remove that biometric data and certificate after pairing or association is completed.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth pairing process, as modified by Jha’s biometric profile hash encryption technique, by deleting the generated biometric derived authentication value and generated pairing pass code value after pairing is completed, as taught by Bonazzoli. It teaches automatically remove biometric data and biometric based certificates from the memory after wireless device pairing association is performed. The results would have yielded the predictable benefit of improving security by preventing temporary biometric derived pairing values from remaining stored after they are no longer needed.
As to claim 18, the combination of Huang in view of Jha teaches all the limitations recites in claim 15 above.
The combination of Huang in view of Jha does not teach, but Bonazzoli teaches:
further comprising when paring with the external device is performed, storing device information of the external device in a communication connectable device list; providing the communication connectable device list in response to a request from a user during connection with the external device; and switching a device connected for communication based on a user input in the communication connectable device list: (see Bonazzoli, [¶¶0037, 0039, 0040, 0044]: “Device authenticator module 324, which automatically identifies wireless devices 304 connected with data processing system 302. Device authenticator module 324 may present the user with a list of the identified wireless devices 304 to enable the user to identify and select wireless devices 304 the user would like to configure for biometric-based wireless pairing/association with other computing platforms. Device authenticator module 324 may first attempt to automatically associate/pair any wireless device located in the vicinity of data processing system 302 with data processing system 302. Device authenticator module 324 interfaces with communications module 320 and/or otherwise identifies wireless device(s) 304 in the vicinity of data processing system 302 and/or otherwise able to wirelessly communicate with data processing system 302. At block 404, device authenticator module 324 and/or in cooperation with communications module 320 identifies and/or displays to a user presently connected wireless devices 304 to data processing system 302. At block 406, device authenticator module 324 receives a selection of wireless devices 304 to preconfigure with the owner's biometric certificate.”);
(Identifying wireless device that are connected, nearby, or able to communicate and presenting those devices to the user as a selectable list.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth pairing process, as modified by Jha’s biometric profile hash encryption technique, by using Bonazzoli’s connectable device list and user selection technique, where wireless devices able to communicate with system are identified, displayed to the user, and selected by the user for biometric based wireless pairing/association. The results would have yielded the predictable benefit of allowing the user to select or switch among available communication connectable devices after pairing, thereby improving user control and usability in a multi device wireless pairing environment.
As to claim 20, the combination of Huang in view of Jha teaches all the limitations recites in claim 15 above.
The combination of Huang in view of Jha does not teach, but Bonazzoli teaches:
further comprising receiving a data transfer request while the electronic device is connected to the external device and a second external device; and in response to the request, controlling data transfer between the external device and the second external device by transmitting a data transfer instruction to the external device and the second external device: (see Bonazzoli, [¶¶0001, 0031, 0034, 0047]: “These wireless communication devices may by associated and/or paired with counterpart devices in order to carry out communications and/or facilitate the control or exchange of data therebetween. system 300 comprises a data processing system 302 and one or more wireless devices 304 (e.g., wireless devices 304.sub.1 , 304.sub.2 and 304.sub.3). Transceiver 308 is configured for receiving and transmitting wireless communications between data processing system 302 and other devices, such as wireless devices 304. Once paired, communications can be shared between the two devices using the established communication link. The receiving device generally utilizes only that information transmitted with a recognized device identification. device authenticator module 324 automatically associates and/or otherwise wirelessly links/pairs the particular wireless device 304 to data processing system 302 to enable wireless communications and the transfer/sharing of data therebetween by the user.
(Bonazzoli shows a central data processing system wirelessly linking with multiple wireless devices and enabling communication and transfer/sharing of data after biometric based pairing.)
Therefore, it would have been obvious to one of the ordinary skills in the art, before the effective filing date of the claimed invention, to modify Huang’s Bluetooth pairing process, as modified by Jha’s biometric profile hash encryption technique, by integrating Bonazzoli’s biometric based wireless linking and data transfer technique. Bonazzoli also teaches that wireless devices may be paired with counterpart devices to facilitate the control or exchange of data, and that a central data processing system can identify, authenticate, link, and pair multiple wireless devices to enable wireless communication and transfer/sharing of data. The results would have yielded the predictable benefit of using the secure biometric pairing framework to manage a multi-device wireless environment, allowing the electronic device to authorize and control data transfer between connected external devices after successful biometric based pairing.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARHAM AHMED whose telephone number is (571)272-8950. The examiner can normally be reached Monday-Friday 7:30 am - 5 pm. Alternate Friday off..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at (571) 270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/A.N.A./ Examiner, Art Unit 2437
/ALEXANDER LAGOR/ Supervisory Patent Examiner, Art Unit 2437