Prosecution Insights
Last updated: July 17, 2026
Application No. 19/096,354

SYSTEMS AND METHODS FOR SECURING A QUANTUM-SAFE DIGITAL NETWORK ENVIRONMENT

Non-Final OA §103§112
Filed
Mar 31, 2025
Priority
Oct 04, 2021 — provisional 63/252,062 +2 more
Examiner
AMBAYE, SAMUEL
Art Unit
Tech Center
Assignee
Qds Holdings Inc.
OA Round
1 (Non-Final)
82%
Grant Probability
Favorable
1-2
OA Rounds
1y 7m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allowance Rate
556 granted / 676 resolved
+22.2% vs TC avg
Strong +25% interview lift
Without
With
+25.1%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
23 currently pending
Career history
706
Total Applications
across all art units

Statute-Specific Performance

§101
0.3%
-39.7% vs TC avg
§103
93.9%
+53.9% vs TC avg
§102
2.4%
-37.6% vs TC avg
§112
0.2%
-39.8% vs TC avg
Black line = Tech Center average estimate • Based on career data from 676 resolved cases

Office Action

§103 §112
DETAILED ACTION Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 2. Claims 1-14 are pending. Claims 1 is in independent forms. Priority 3. No foreign priority is claimed. Information Disclosure Statement 4. The information disclosure statements (IDS's) submitted on 03/31/2025 and 04/07/2025 are in compliance with provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Drawings 5. The drawings filed on 03/31/2025 are accepted by the examiner. Claim Rejections - 35 USC § 112 6. The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 7. Claim 13 recites : “A quantum-safe ecosystem (QSE) for secure communication for a plurality of quantum-safe user and endpoint devices, the QSE comprising: one or more systems according to claim 1”. Claim 1 recites: “A system configured to create a quantum-safe ecosystem (QSE), the QSE providing a quantum private network for communication between two or more devices, the system comprising: a quantum identity and access management service (QIAM) configured…. a plurality of QPADs configured with a QSE key structure…. a quantum gateway operatively connected to the QIAM…..” Claim 16 recites a quantum-safe ecosystem (QSE), secure communication for a plurality of quantum-safe user and endpoint devices, a plurality of QPADs configured with a QSE key structure. Claim 1 also recites a quantum-safe ecosystem (QSE), secure communication for a plurality of quantum-safe user and endpoint devices in the preamble. When claim 1 is rejoined with claim 16, the whole claim creates an antecedent basis issue. Appropriate correction is necessary. Claim 14 is also rejected as the claim is vague and indefinite. When claim 1 is rejoined with claim 14, then the whole claim creates antecedent basis issue. Appropriate correction is required. Double Patenting 6. The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on non-statutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. 7. Claim 1 is rejected on the ground of non-statutory obviousness type double patenting as being unpatentable over claim 1 of U.S. Patent No. 12,294,645 B1 in view of Williams et al. (US 2023/0020193 A1) in view of Ragan (US 2020/0274697 A1). Although the conflicting claims are not identical, they are not patentably distinct from each other because the instant application merely attempts to broaden the scope of the invention by omitting “wherein the first QPAD is stored on the first device and is uniquely associated with the first device, and wherein the second QPAD is stored on the second device and is uniquely associated with the second device.”. Since it has been held that omission of an element and its function in a combination where the remaining elements perform the same functions as before involves only routine skill in the art. In re Karison, 136 USPQ 184, Application 19/096,354 is an obvious variant of Patent Application No. 12,294,645. The dependent claims are rejected because of their dependency on independent claim. respectively (see table below). Instant Application 19/096354 Patent No. 12,294,645 Claim 1: A system configured to create a quantum-safe ecosystem (QSE), the QSE providing a quantum private network for communication between two or more devices, the system comprising: a quantum identity and access management service (QIAM) configured to manage user and device identity, access, and authorization services within the QSE; a plurality of QPADs configured with a QSE key structure, each of the plurality of QPADs configured to encrypt a communication between the two or more devices, wherein each of the plurality of QPADs is minted and centrally managed by a quantum key management system (QKMS) within the QSE; and a quantum gateway operatively connected to the QIAM, the quantum gateway configured for access by the two or more devices and to facilitate communication between the two or more devices through the QSE. Claim 2: The system according to claim 1, further comprising a quantum random number generator (QRNG), the QRNG configured to generate quantum-safe random numbers for use in the plurality of QPADs. Claim 3: The system according to claim 1, wherein each QPAD comprises multiple sets of true random number generator (TRNG) bytes of key data sequenced in a sequentially ordered fashion. Claim 4: The system according to claim 1, further comprising one or more quantum universal endpoint managers (QUEM), wherein each QUEM is configured to manage devices deployed throughout the QSE. Claim 5: The system according to claim 1, further comprising one or more quantum policy orchestrators (QPO), wherein each QPO is configured to manage and deliver zero trust policy services within the QSE and wherein each QPO is configured to orchestrate one or more of user, group, or other security policies for providing access and control to the QSE. Claim 6: The system according to claim 1, further comprising one or more quantum user and endpoint device authorization (QAuth) services, wherein each QAuth is configured to interface with the QIAM to remotely manage one or more devices associated with the QSE. Claim 7: The system according to claim 1, further comprising one or more firewalls, wherein each firewall is configured to provide capabilities including one or more zero trust access, ingress, and/or egress, and network traffic inspection, the firewall providing the capabilities between devices, platforms, applications, and services within and between different systems outside of the QSE. Claim 8: The system according to claim 1, further comprising one or more endpoint management services (QAgent), wherein the QAgent is installed or operatively connected with a particular device and wherein the QAgent is operative to interact with the system for access of the QSE by the particular device. Claim 9: The system according to claim 1, further comprising one or more quantum risk managers (QRM), wherein the QRM is configured to assess and manage risk within the QSE and one or more devices operative within the QSE. Claim 10: The system according to claim 1, further comprising a QRouter deployed at a location remote from the system, wherein the QRouter is configured to secure a remote communication tunnel with the system. Claim 11: The system according to claim 1, further comprising a QAdapter configured to bind with a specific remote device, wherein upon binding of the QAdapter to the specific remote device, the QAdapter communicates with the system for establishing a quantum private network for communication within the QSE by the specific remote device. Claim 12: The system according to claim 11, wherein the QAdapter is a memory device having software stored thereon and is connectable with the specific remote device by a wired or wireless connection. Claim 13: A quantum-safe ecosystem (QSE) for secure communication for a plurality of quantum-safe user and endpoint devices, the QSE comprising: one or more systems according to claim 1; a QRouter deployed at a location remote from the system, wherein the QRouter is configured to secure a remote communication tunnel with the system; and one or more quantum-safe user and endpoint devices (QSUEDs), each QSUED including a plurality of QPADS, each QPAD configured with a proprietary QSE key structure are minted and managed by the QKMS within the QSE. Claim 14: An end-user device for use within a QSE created by a system according to claim 1, the end-user device comprising: a processor; a memory having stored thereon one or more QPADs; the memory further storing machine executable instructions, the instructions when executed by the processor cause the end-user device to be configured to: communicate with a QAuth, the QAuth configured to conduct multi-factor authentication (MFA) with the QIAM within the system; and communicate with one or more other devices associated with the QSE using a QPAD for encrypting communications. Claim 1: A system configured to create a quantum-safe ecosystem (QSE), the QSE providing a quantum private network (QPN) using shared symmetric keys and quantum one-time pad (QPAD) ciphers, for communication between a first device and a second device, the system comprising: a quantum identity and access management service (QIAM) configured to manage user and device identity, access, and authorization services within the QSE; a first QPAD and a second QPAD, each configured to encrypt the communication between the first device and the second device, wherein the first QPAD and the second QPAD are minted and centrally managed by a quantum key management system (QKMS) within the QSE, wherein the first QPAD is stored on the first device and is uniquely associated with the first device, and wherein the second QPAD is stored on the second device and is uniquely associated with the second device; and a quantum gateway operatively connected to the QIAM, the quantum gateway configured for access by the first device and the second device and to facilitate the communication between the first device and the second device through the QSE. Claim 2: The system according to claim 1, further comprising a quantum random number generator (QRNG), the QRNG configured to generate quantum-safe random numbers for use in the first QPAD and the second QPAD. Claim 3: The system according to claim 1, wherein the first QPAD and the second QPAD each comprise multiple sets of true random number generator (TRNG) bytes of key data sequenced in a sequentially ordered fashion. Claim 4: The system according to claim 1, further comprising one or more quantum universal endpoint managers (QUEM), wherein each QUEM is configured to manage devices deployed throughout the QSE. Claim 5: The system according to claim 1, further comprising one or more quantum policy orchestrators (QPO), wherein each QPO is configured to manage and deliver zero trust policy services within the QSE and wherein each QPO is configured to orchestrate one or more of user, group, or other security policies for providing access and control to the QSE. Claim 6: The system according to claim 1, further comprising one or more quantum user and endpoint device authorization (QAuth) services, wherein each QAuth is configured to interface with the QIAM to remotely manage one or more devices associated with the QSE. Claim 7: The system according to claim 1, further comprising one or more firewalls, wherein each firewall is configured to provide capabilities including one or more zero trust access, ingress and/or egress, and network traffic inspection, the firewall providing the capabilities between devices, platforms, applications and services within and between different systems outside of the QSE. Claim 8: The system according to claim 1, further comprising one or more endpoint management services (QAgent), wherein the QAgent is installed or operatively connected with a particular device and wherein the QAgent is operative to interact with the system for access of the QSE by the particular device. Claim 9: The system according to claim 1, further comprising one or more quantum risk managers (QRM), wherein the QRM is configured to assess and manage risk within the QSE and one or more devices operative within the QSE. Claim 10: The system according to claim 1, further comprising a QRouter deployed at a location remote from the system, wherein the QRouter is configured to secure a remote communication tunnel with the system. Claim 11: The system according to claim 1, further comprising a QAdapter configured to bind with a specific remote device, wherein upon binding of the QAdapter to the specific remote device, the QAdapter communicates with the system for establishing the QPN for communication within the QSE by the specific remote device. Claim Rejections - 35 USC § 103 7. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 8. Claims 1-6 and 8-13 are rejected under 35 U.S.C. 103 as being unpatentable over Williams et al. US Patent Application Publication No. 2023/0020193 (hereinafter Williams) in view of Ragan US Patent Application Publication No. 2020/0274697 (hereinafter Ragan). Regarding claim 1, a system configured to create a quantum-safe ecosystem (QSE) (Fig. 1a, Quantum-safe (QS) system 100), the QSE providing a quantum private network for communication between two or more devices, the system comprising: “a quantum identity and access management service (QIAM) configured to manage user and device identity, access, and authorization services within the QSE” (see Williams par. 0275, The QS network 101 may further include a QD key or quantum key assignment mechanism, component and/or controller (now shown) configured and/or operable to ensure each of the QS servers 103a-103l requesting one or more available QD keys from the identical set of QD keys stored in the corresponding HSM(s) 106a-106l and/or in the QS repository 107 are not already in use. For example, each QD key in the identical set of QD keys stored on each HSM 106a-106l and/or QS repository 107 may be assigned a unique quantum key identifier (e.g. QKID), where the QD key assignment mechanism/controller manages the assignment of the QD keys from the set of QD keys based on the quantum key identifiers in response to a request for one or more available QD keys. A QS server 103a-103l may thus request one or more available QD key(s) and the QD key assignment mechanism/controller allocates one or more quantum key identifiers of available QD keys that the QS server can use. The HSM 106a-106l of the QS server 103a-103l may provide access to the QD keys corresponding to the allocated quantum key identifiers); “a quantum gateway operatively connected to the QIAM, the quantum gateway configured for access by the two or more devices and to facilitate communication between the two or more devices through the QSE” (see Williams par. 0258, The QS registration server may be connected over quantum-safe channels to one or more registration nodes, which a user or customer may connect to for registering with the QS system, storing and/or depositing data into the QS system. The QS registration server may be coupled to one or more registration nodes (or registration computing devices) over quantum-safe channels. Each registration node may be allocated or assigned an available QD key from the set of QD keys for establishing a QS communication channel in a quantum-safe manner with the corresponding QS registration server. Alternatively or additionally, each QS server/node may include the functionality of a QS registration server and also gateway functionality, where the QS registration server is connected via the gateway functionality to one nor more registration nodes and the like. The gateway functionality providing a secure interface between the QS registration server and the one or more registration nodes and the like); Williams does not explicitly discloses a plurality of QPADs configured with a QSE key structure, each of the plurality of QPADs configured to encrypt a communication between the two or more devices, wherein each of the plurality of QPADs is minted and centrally managed by a quantum key management system (QKMS) within the QSE. However, in analogues art, Ragan discloses a plurality of QPADs configured with a QSE key structure, each of the plurality of QPADs configured to encrypt a communication between the two or more devices, wherein each of the plurality of QPADs is minted and centrally managed by a quantum key management system (QKMS) within the QSE (see Ragan pars. 0016-0017, The key storage devices (KSD) would be uploaded with OTP keys and identifying marks (showing it originated from Quantum Lock) at one or more centralized facilities. These facilities would either generate streams of truly random sequences or obtain them from other facilities with this capability. Transmission of OTP keys between facilities would occur via physical movement of memory devices, or via electronic links using OTP encryption. Software to manage the Quantum Lock system would be distributed on the KSDs, on a separate storage medium, or downloaded directly over the Internet or telecom network. The software would manage the OTP keys, carry out encryption and decryption, interface with other software programs on the user's computer, and assist the user with long term indexing, deletion, and archive functions of already used keys sequences. The software could be publicly available or might be restricted to subscribers of the Quantum Lock system. Alternately, the software could be customized for each user. The software and or version updates might themselves be distributed only via physical transport or OTP encryption to prevent public examination). Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Ragan in to the system of Williams in order to provide a One Time Pad (OTP) encryption system is mathematically impossible to crack, regardless of brute force computing power. Therefore OTP is resistant to cracking by a quantum computer (see Ragan par. 0007). Regarding claim 2, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses the system according to claim 1, further comprising a quantum random number generator (QRNG), the QRNG configured to generate quantum-safe random numbers for use in the plurality of QPADs (see Williams par. 0400, In step 403, the QS server 103a hosting the QS provider registration site may transmit an email to the users email address with a Quantum Random Number Generated (QRNG) code (e.g. “601453”). On the device of the user 105a, a code challenge screen may be displayed or presented to the user 105a asking for the QRNG code to be entered for sending to the QS server 103a). Regarding claim 3, Williams in view of Ragan discloses the system according to claim 1, Ragan further discloses wherein each QPAD comprises multiple sets of true random number generator (TRNG) bytes of key data sequenced in a sequentially ordered fashion (see Ragan par. 0014, random One Time Pad (OTP) keys are generated using a true random number generator and placed on serialized USB flash drives, discs, hard drives, or another data storage device). Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Ragan in to the system of Williams in order to provide a One Time Pad (OTP) encryption system is mathematically impossible to crack, regardless of brute force computing power. Therefore OTP is resistant to cracking by a quantum computer (see Ragan par. 0007). Regarding claim 4, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses one or more quantum universal endpoint managers (QUEM), wherein each QUEM is configured to manage devices deployed throughout the QSE (see Williams par. 0002, When commercially usable universal quantum computers become available, a variety of these types of transactions, tasks and applications including, without limitation, for example digital banking, web certification, Know Your own Client (KYC), digital asset transfer, and authentication will be vulnerable, and some are already vulnerable to conventional cyber attacks. These transactions, tasks and applications are currently provided using software systems that typically use conventional cryptography and/or encryption techniques and protocols that are not sufficiently resilient enough to withstand an attack from such quantum computers (QCs) or other advanced cyber attack methods). Regarding claim 5, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses one or more quantum policy orchestrators (QPO), wherein each QPO is configured to manage and deliver zero trust policy services within the QSE and wherein each QPO is configured to orchestrate one or more of user, group, or other security policies for providing access and control to the QSE (see Williams pars. 0534-0535, a malevolent actor or hacker must not only have access to the QREF access token of a registered user, but has to also be able to impersonate the registered user by having their user credentials for signing into the QS system and also overcome any secure authentication procedure (e.g. two-factor authentication and the like) that the registered user is required to go through in order to have a chance at submitting a “bogus” transaction for signing with the access token. Furthermore, the malevolent actor or hacker also has to defeat any consensus mechanism, algorithm, and/or rules associated with the DLT and/or shared ledger. Thus the QS system has a number of failsafe measures that enhances the security and integrity of data items stored thereon and providing access only to authorized users and the like). Regarding claim 6, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses one or more quantum user and endpoint device authorization (QAuth) services, wherein each QAuth is configured to interface with the QIAM to remotely manage one or more devices associated with the QSE (see Williams par. 0253, an advantage of the configuration of the QS system according to the present invention is that it enables two users to quickly and remotely establish a quantum-safe communication channel and/or at least a quantum-resistant communication channel between them using any communication device, end-point device or computing device such as, without limitation, for example a laptop, desktop computer, personal computer, mobile phone, smart-phone, or Internet of Things (IoT) device, user server, and/or any other computing or communication device). Regarding claim 8, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses one or more endpoint management services (QAgent), wherein the QAgent is installed or operatively connected with a particular device and wherein the QAgent is operative to interact with the system for access of the QSE by the particular device (see Williams par. 0253, user end point device or communication devices with users are only example devices that may operate with the QS system enabling QS communications and/or other use cases as described herein, and the skilled person would appreciate that any the user end point device and examples thereof are applicable to any other device with or without a user or operator/control system that is capable of communicating over a communication channel with one or more other devices such as, without limitation, for example IoT devices, sensor devices, robotics devices, smart devices, laptop, desktop computer, personal computer, mobile phone and/or any other computing or communication device and the like as the application demands). Regarding claim 9, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses one or more quantum risk managers (QRM), wherein the QRM is configured to assess and manage risk within the QSE and one or more devices operative within the QSE (see Williams par. 0321, The QS system 170 provides the advantage of mitigating the risk of a Denial of Service attack on the individual QS server(s) and/or the individual quantum receivers (e.g. OGRs) on the ground since there are many QS servers 103a-103c and/or QS servers of users 104a-104c with identical SQKD infrastructure, which renders a simultaneous attack on the QS system 170 and/or QS network 101 impractical for most if not all adversaries. Furthermore, Denial of Service attack is only really possible by physically obscuring the ground receivers (e.g. OGRs) of the QS server(s) 103a-103c and/or QS server(s) of users 104a-104c and their ability to see the QS satellites 171a-171c. However, even though the OGRs may be obscured, this is immediately obvious to the QS provider of the QS network 101, which can be further mitigated through the use of camera and tamper switches built into each OGR, and/or manual human or drone access control and inspections of the OGRs of each QS server 103a-103c and/or QS server(s) of users 104a-104c. Furthermore, given most if not all QS servers 103a-103c have a DLT node 166a-166c this creates a large scale duplication of the DLT records and/or data items stored in the QS DLT 167 through many DLT nodes 166a-166c. This also makes a simultaneous universal DoS attack impractical). Regarding claim 10, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses a QRouter deployed at a location remote from the system, wherein the QRouter is configured to secure a remote communication tunnel with the system (see Williams par. 0350, the terrestrial QS system 190 may be deployed in metropolitan areas and/or city centres and the like until future improved dark fibre enables longer or larger transmission distances, and/or secure repeaters/routers can be used to extend to larger areas/regions and the like). Regarding claim 11, Williams in view of Ragan discloses the system according to claim 1, Williams further discloses a QAdapter configured to bind with a specific remote device, wherein upon binding of the QAdapter to the specific remote device, the QAdapter communicates with the system for establishing a quantum private network for communication within the QSE by the specific remote device (see Williams par. 0258, In the QS system, the plurality or a majority or subset of the QS server(s) of the QS network may form a private or intranet-type QS network and is configured not to be directly Internet accessible or publicly accessible. That is, a QS server of the private QS network may only communicate with other QS server(s) over a QKD connected private circuit in meshed configuration, and that communication only happens over quantum-safe communication channels (or QS channels), which are telecommunications or communications channels of a communication network encrypted using one or more provably secure cryptographic algorithms with one or more of the available or usable QD keys (or quantum keys) from the set of QD keys distributed from the QKD source to each QS server of the QS network). Regarding claim 12, Williams in view of Ragan discloses the system according to claim 11, Williams further discloses wherein the QAdapter is a memory device having software stored thereon and is connectable with the specific remote device by a wired or wireless connection (see Williams pars. 0263-0264, Users and/or customer end-point devices and/or communications devices may establish a quantum-safe communication channel with the QS system, within the QS system and/or end-to-end quantum-safe communication channel with other user and/or customer end-point devices. This may be achieved through the end-point device connecting to a QS server and/or a corporate network hosting a QS server that includes, without limitation, for example an SKQD system and so has a set of QD keys, one or more of which may be assigned to the end-point device of the user and stored in a secure enclave or secure memory on the end-point device. The end-point device may use the one or more assigned QD keys to establish a QS channel with the QS system, and hence, may establish a QS channel to other one or more similarly configured end-point device(s) and the like). Regarding claim 13, a quantum-safe ecosystem (QSE) for secure communication for a plurality of quantum-safe user and endpoint devices, the QSE comprising: one or more systems according to claim 1; a QRouter deployed at a location remote from the system, wherein the QRouter is configured to secure a remote communication tunnel with the system; and one or more quantum-safe user and endpoint devices (QSUEDs), each QSUED including a plurality of QPADS, each QPAD configured with a proprietary QSE key structure are minted and managed by the QKMS within the QSE. Claim 13 is similar in scope to claim 1, and is therefore, rejected under similar rationale. Regarding claim 14, an end-user device for use within a QSE created by a system according to claim 1, the end-user device comprising: a processor; a memory having stored thereon one or more QPADs; the memory further storing machine executable instructions, the instructions when executed by the processor cause the end-user device to be configured to: communicate with a QAuth, the QAuth configured to conduct multi-factor authentication (MFA) with the QIAM within the system; and communicate with one or more other devices associated with the QSE using a QPAD for encrypting communications. Claim 14 is similar in scope to claim 1, and is therefore, rejected under similar rationale. 9. Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Williams et al. US Patent Application Publication No. 2023/0020193 (hereinafter Williams) in view of Ragan US Patent Application Publication No. 2020/0274697 (hereinafter Ragan) in further view of Phillips US Patent Application Publication No. 2018/0026944 (hereinafter Phillips). Regarding claim 7, Williams in view of Ragan discloses the system according to claim 1, Williams in view of Ragan does not explicitly discloses one or more firewalls, wherein each firewall is configured to provide capabilities including one or more zero trust access, ingress, and/or egress, and network traffic inspection, the firewall providing the capabilities between devices, platforms, applications, and services within and between different systems outside of the QSE. However, in analogues art, Phillips discloses one or more firewalls, wherein each firewall is configured to provide capabilities including one or more zero trust access, ingress and/or egress, and network traffic inspection, the firewall providing the capabilities between devices, platforms, applications and services within and between different systems outside of the QSE (see Phillips par. 0022, The disclosed systems, methods apparatus and/or machine-readable storage media provide an automated process for determining whether a user defined firewall rule for their application or service is associated with an acceptable degree of security risk. The automated process involves analyzing individual variables of the firewall rule, including but not limited to: the directionality of the firewall rule (e.g., ingress or egress), the remote address from which traffic can be received or to which the traffic can be sent, and the type of the traffic, wherein the type of traffic includes one or more protocol and port or port range combinations associated with the traffic. In various embodiments, ingress and egress firewall rules are processed separately. Security risk values can further be determined for each of the remote address and traffic type variables based on information previously associated with the respective variables regarding an amount of security risk associated therewith, a quantity of machines/devices associated with the remote address variable, and/or quantity of protocol-port combinations associated with the traffic type variable). Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Phillips in to the system of Williams and Ragan in order to analyze firewall policy information defining traffic authorized to be sent from a machine of a network, the firewall policy information identifying a remote address for a destination to which the traffic is capable of being sent and a type of the traffic. (see Phillips par. 0025). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Fu et al. (US 2016/0226846): discloses A quantum key distribution system includes a quantum security key management (QSKM) device, a plurality of quantum security key distribution (QSKD) devices, and a quantum security key service (QSKS) device. The QSKD device splits an identity-based system private key into a plurality of system sub-private keys, and distributes the plurality of system sub-private keys to a corresponding number of the QSKD devices. The QSKS device forwards a request for acquiring an authorized private key from a first QSKD device to a predetermined number of second QSKD devices. The predetermined number of second QSKD devices each generate an identity-based authorized sub-private key from the system sub-private key. The first QSKD device acquires, from the predetermined number of second QSKD devices, the identity-based authorized sub-private keys, and reconstructs an identity-based authorized private key based on the identity-based authorized sub-private keys. Zhao et al. (US 2016/0127127): discloses A mobile secret communications method based on a quantum key distribution network, comprises the following steps: a mobile terminal registering to access the network and establishing a binding relationship with a certain centralized control station in the quantum key distribution network; after a communication service is initiated, the mobile terminals participating in the current communication applying for service keys from the quantum key distribution network; the quantum key distribution network obtaining addresses of the centralized control stations participating in service key distribution during the current communication, designating a service key generation centralized control station according to a current state indicator of each centralized control station; the service key generation centralized control station generating service keys required in the current communication and distributing the keys to the mobile terminals participating in the current communication. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMUEL AMBAYE whose telephone number is (571)270-7635. The examiner can normally be reached M-F 9:00 AM - 6:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SAMUEL AMBAYE/Examiner, Art Unit 2433 /JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433
Read full office action

Prosecution Timeline

Mar 31, 2025
Application Filed
Jun 11, 2026
Non-Final Rejection mailed — §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12641435
MODIFYING DEVICE SECURITY STATE WITH SECURE RANGING
2y 6m to grant Granted May 26, 2026
Patent 12627498
KEY AND IDENTIFIER FOR SESSION ESTABLISHMENT
2y 9m to grant Granted May 12, 2026
Patent 12609829
METHOD AND APPARATUS FOR VERIFYING SRv6 PACKET
3y 5m to grant Granted Apr 21, 2026
Patent 12609819
METHODS FOR CREATING SECRET KEYS WITH A CHIEF DEVICE AND SYSTEMS THEREOF
3y 4m to grant Granted Apr 21, 2026
Patent 12603912
AUTOMATED SECURITY TESTING SYSTEM AND METHOD
2y 1m to grant Granted Apr 14, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
82%
Grant Probability
99%
With Interview (+25.1%)
2y 10m (~1y 7m remaining)
Median Time to Grant
Low
PTA Risk
Based on 676 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month