DETAILED ACTION
Claims 1-21 have been examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Priority
The current application claims foreign priority to 24305427.7, filed 03/22/2024.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 05/20/2025 has been considered by the examiner.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-4, 6-10, 12, 13, 15, 16, 18, and 19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by United States Patent Application Publication No. US 20020191548 A1 to Ylonen et al., hereinafter Ylonen.
Regarding claim 1, Ylonen teaches a method for establishing a secure connection between an industrial device and a remote device, wherein one of the industrial device and the remote device is referred as a first device, and the other one of the industrial device and the remote device is referred as a second device, the method comprising: creating a virtual private network, VPN (paragraphs 6, 39, 138, and 144);
storing a first configuration information of the VPN for the first device (paragraphs 138, 140, 142, 186, and 193);
storing a second configuration information of the VPN for the second device (paragraphs 39, 138, 142, 144, 186, and 193);
connecting the first device to the VPN based on the first configuration information (paragraphs 39, 138, 142, 144, 186, and 193);
creating at least one first token that includes the second configuration information (paragraphs 39, 138, 140, 142, 144, 186, and 193);
transferring the second configuration information to the second device through the at least one first token (paragraphs 39, 138, 142, 144, 186, and 193);
connecting the second device to the VPN based on the second configuration information transferred through the at least one first token (paragraphs 39, 138, 142, 144, 186, and 193);
communicating between the first device and the second device via the VPN (paragraph 138).
Regarding claim 2, Ylonen teaches wherein the VPN is created by the first device, and the first configuration information and the second configuration information are stored in the first device (paragraph 112).
Regarding claim 3, Ylonen teaches wherein the VPN is created by a third device, the first configuration information and the second configuration information are stored in the third device, and the step of connecting the first device to the VPN based on the first configuration information comprises: creating at least one second token that includes the first configuration information; transferring the first configuration information to the first device through the at least one second token; connecting the first device to the VPN based on the first configuration information transferred through the at least one second token (paragraph 112).
Regarding claim 4, Ylonen teaches wherein the at least one first token is one first token that includes the entirety of the second configuration information (paragraph 39).
Regarding claim 6, Ylonen teaches wherein the at least one first token is a plurality of first tokens, and each of the plurality of first tokens includes a part of the second configuration information, and the entirety of the second configuration information is derivable from the plurality of first tokens (paragraphs 39, 50, and 51).
Regarding claim 7, Ylonen teaches wherein the at least one second token is a plurality of second tokens, and each of the plurality of second tokens includes a part of the first configuration information, and the entirety of the first configuration information is derivable from the plurality of second tokens (paragraphs 50 and 51).
Regarding claim 8, Ylonen teaches wherein each of the at least one first token is in a form of a physical entity, or a computer readable format (paragraphs 50 and 51).
Regarding claim 9, Ylonen teaches wherein each of the at least one second token is in a form of a physical entity, or a computer readable format (paragraphs 50 and 51).
Regarding claim 10, Ylonen teaches wherein the physical entity is one of the following: a portable computer-readable storage medium storing at least a part of the second configuration information or at least a part of the first configuration information; a portable electronic device storing at least a part of the second configuration information or at least a part of the first configuration information; a physical body on which at least a part of the second configuration information or at least a part of the first configuration information is expressed (paragraphs 39, 50, and 51, “smart card”).
Regarding claim 12, Ylonen teaches wherein the physical entity is one of the following: a portable computer-readable storage medium storing at least a part of the second configuration information or at least a part of the first configuration information; a portable electronic device storing at least a part of the second configuration information or at least a part of the first configuration information; a physical body on which at least a part of the second configuration information or at least a part of the first configuration information is expressed (paragraphs 50-52).Regarding claim 13, Ylonen teaches wherein when a token of the at least one first token is in the form of a computer readable format, transferring the second configuration information to the second device through the at least one first token comprises: sending the token via an electronic communication manner; when a token of the at least one first token is in the form of a physical entity, transferring the second configuration information to the second device through the at least one first token comprises: sending the token through a physical entity delivery manner; when a token of the at least one second token is in the form of a computer readable format, transferring the first configuration information to the first device through the at least one second token comprises: sending the token via an electronic communication manner; when a token of the at least one second token is in the form of a physical entity, transferring the first configuration information to the first device through the at least one second token comprises: sending the token through a physical entity delivery manner (paragraphs 50-52 and 163-165).
Regarding claim 15, Ylonen teaches wherein the first configuration information is identical to the second configuration information, being applicable to both of the first device and the second device for being connected to the VPN (paragraphs 39, 138, 142, 144, 186, and 193).
Regarding claim 16, Ylonen teaches wherein the at least one first token is identical to the at least one second token (paragraphs 49, 50, 51, 61, 76, 82, 106, and 113).
Regarding claim 18, Ylonen teaches wherein each of the first configuration information and the second configuration information comprises security information for a secure communication via the VPN (paragraphs 39, 138, 142, 144, 186, and 193).Regarding claim 19, Ylonen teaches wherein the first configuration information, or the part of first configuration information, or the second configuration information, or the part of second configuration information is encrypted (paragraphs 50, 63, 90, 101, 102, 109, 117, 155, 163, and 164).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 5, 11, 14, 17, 20, and 21 are rejected under 35 U.S.C. 103 as being unpatentable over United States Patent Application Publication No. US 20020191548 A1 to Ylonen et al., hereinafter Ylonen, and further in view of United States Patent Application Publication No. US 20220174043 A1 to Mihatsch et al, hereinafter Mihatsch.
Ylonen teaches the claimed invention, as cited above. However, Ylonen is not relied upon to teach the claim limitations pertaining to “wherein the at least one second token is one second token that includes the entirety of the first configuration information”. Mihatsch teaches said claim limitations, as cited below.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Mihatsch with the teachings of Ylonen in order to “establish a secure connection to the at least one VPN of the number of VPN, the mobile device container is configured to access at least part of the VPN profile of the VPN of the at least one VPN of the number of VPN through the communication link which is configured to link the mobile device container and the cryptographic token” (Mihatsch – paragraph 3).
Regarding claim 5, Mihatsch teaches wherein the at least one second token is one second token that includes the entirety of the first configuration information (paragraphs 12, 19 and 23).
Ylonen teaches the claimed invention, as cited above. However, Ylonen is not relied upon to teach the claim limitations set forth within claim 11. Mihatsch teaches said claim limitations, as cited below.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Mihatsch with the teachings of Ylonen in order to “establish a secure connection to the at least one VPN of the number of VPN, the mobile device container is configured to access at least part of the VPN profile of the VPN of the at least one VPN of the number of VPN through the communication link which is configured to link the mobile device container and the cryptographic token” (Mihatsch – paragraph 3).
Regarding claim 11, Mihatsch teaches wherein when a token of the at least one first token is in the form of a computer readable format, transferring the second configuration information to the second device through the at least one first token comprises: sending the token via an electronic communication manner; when a token of the at least one first token is in the form of a physical entity, transferring the second configuration information to the second device through the at least one first token comprises: sending the token through a physical entity delivery manner; when a token of the at least one second token is in the form of a computer readable format, transferring the first configuration information to the first device through the at least one second token comprises: sending the token via an electronic communication manner; when a token of the at least one second token is in the form of a physical entity, transferring the first configuration information to the first device through the at least one second token comprises: sending the token through a physical entity delivery manner (paragraphs 19 and 28-31).
Ylonen teaches the claimed invention, as cited above. However, Ylonen is not relied upon to teach the claim limitations set forth within claim 14. Mihatsch teaches said claim limitations, as cited below.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Mihatsch with the teachings of Ylonen in order to “establish a secure connection to the at least one VPN of the number of VPN, the mobile device container is configured to access at least part of the VPN profile of the VPN of the at least one VPN of the number of VPN through the communication link which is configured to link the mobile device container and the cryptographic token” (Mihatsch – paragraph 3).
Regarding claim 14, Mihatsch teaches wherein when the at least one first token is a plurality of first tokens, at least two of the plurality of first tokens are in different forms, and/or transferred in different manners, and/or transferred at different time points; when the at least one second token is a plurality of second tokens, at least two of the plurality of second tokens are in different forms, and/or transferred in different manners, and/or transferred at different time points (paragraphs 19, 28, 31, and 32).
Ylonen teaches the claimed invention, as cited above. However, Ylonen is not relied upon to teach the claim limitations pertaining to “wherein at least one of the at least one first token and/or at least one of the at least one second token is configured with a lifetime, and if the lifetime of a token elapses before the configuration information in the token is used for connecting a device to the VPN, the VPN is terminated”. Mihatsch teaches said claim limitations, as cited below.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Mihatsch with the teachings of Ylonen in order to “establish a secure connection to the at least one VPN of the number of VPN, the mobile device container is configured to access at least part of the VPN profile of the VPN of the at least one VPN of the number of VPN through the communication link which is configured to link the mobile device container and the cryptographic token” (Mihatsch – paragraph 3).
Regarding claim 17, Mihatsch teaches wherein at least one of the at least one first token and/or at least one of the at least one second token is configured with a lifetime, and if the lifetime of a token elapses before the configuration information in the token is used for connecting a device to the VPN, the VPN is terminated (paragraph 28, “single-use or only valid for a certain time”).
Ylonen teaches the claimed invention, as cited above. However, Ylonen is not relied upon to teach the claim limitations pertaining to “wherein the first configuration information, or the part of first configuration information, or the second configuration information, or the part of second configuration information is in at least one of the following forms: plain text, barcode, QR-code”. Mihatsch teaches said claim limitations, as cited below.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Mihatsch with the teachings of Ylonen in order to “establish a secure connection to the at least one VPN of the number of VPN, the mobile device container is configured to access at least part of the VPN profile of the VPN of the at least one VPN of the number of VPN through the communication link which is configured to link the mobile device container and the cryptographic token” (Mihatsch – paragraph 3).
Regarding claim 20, Mihatsch teaches wherein the first configuration information, or the part of first configuration information, or the second configuration information, or the part of second configuration information is in at least one of the following forms: plain text, barcode, QR-code (paragraphs 19, 20, 31, and 32).
Ylonen teaches the claimed invention, as cited above. However, Ylonen is not relied upon to teach the claim limitations pertaining to “wherein the VPN is a temporary VPN with a predetermined lifetime”. Mihatsch teaches said claim limitations, as cited below.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to incorporate the teachings of Mihatsch with the teachings of Ylonen in order to “establish a secure connection to the at least one VPN of the number of VPN, the mobile device container is configured to access at least part of the VPN profile of the VPN of the at least one VPN of the number of VPN through the communication link which is configured to link the mobile device container and the cryptographic token” (Mihatsch – paragraph 3).
Regarding claim 21, Mihatsch teaches wherein the VPN is a temporary VPN with a predetermined lifetime (paragraph 28, “single-use or only valid for a certain time”).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The references cited on form PTO-892 are cited to further show the state of the art with respect to establishing a secure connection within a virtual private network.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JEREMIAH L AVERY whose telephone number is (571)272-8627. The examiner can normally be reached M-F 8:30am -5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached at 571-272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JEREMIAH L AVERY/Primary Examiner, Art Unit 2431