DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in response to Application with case number 16/362,828, filed on 3/25/2019 in which claims 1-23 are presented for examination.
Status of Claims
	Claims 1-23 are pending, of which claims 1, 12, 17, and 21 are in independent form.
Specification
The examiner notes that the Specification does not include any URL links and Trademark terms requiring capitalization.
The examiner notes that the abstract is in narrative form and is limited to a single paragraph on a separate sheet within the range of 50 to 150 words in length. The examiner also notes that Abstract includes no legal phraseology.
The examiner notes no claims invoke 35 USC section 112(f).
IDS
References cited in the IDS filed on 6/17/2019 is have been considered by the examiner. 
Allowable Subject Matter
Claims 6, 7, 10, 11, 14, 15, and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 1-5, 8, 9, 12-13, 16-19, 21-23 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kim et al. (US 10,771,244 B2) hereinafter Kim, in view of Gehrmann (US 2018/0123784 A1).
As to claim 1, Kim teaches an apparatus (see second device 1600 in Fig. 16), comprising: a processing resource; memory having instructions executable by the processing resource; and a network management device communication component coupled to the processing resource (see Fig. 7 second device), wherein the network management device communication component (e.g., communication unit 1610 in Fig. 16) is configured to, in response to identification of a network attached device within a first domain (see col.6, lines 36-42; It is noted that first device 110 makes known to the second device (i.e., network management device)  its presence in the network by requesting participation in the short-range network relayed by the second device 120 by sending first authentication information, its identification information.; see also col. 7, lines 33-47): 
wherein each respective one of the number of coupling iterations includes: generating a network management device private key and a network management device public key (see col. 11, lines 26-33); 
providing, via short-range communication, the network management device public key and the domain device secret corresponding to the first domain to a network attached device communication component included in each network attached device of the first domain (see col. 7, lien 31-col. 8, line 6; It is noted that second authentication information, from the second device 120, including second public key and the second device identification information, is transmitted to the first device (i.e., a network attacked device or network attacked device communication component).) ; and 	receiving, via short-range communication (see col. 8. Lines 54-60, e.g., Ziggbee network using short-range wireless communication, Bluetooth), a network attached device public key from each network attached device within the first domain and data from the network attached device communication component in response to providing the network management device public key to the network attached device communication component (see col. 10, lines 26-37; The examiner notes that the public key exchange protocol is flexible such that the second device public key can be obtained by the first device, and subsequently, the first device can transmit its public key and its identification information encrypted with the public key from second device.).
Kim does not explicitly teach but Gehrmann teaches the following limitations -
generate a domain device secret corresponding to the first domain (see para. [0045], “The group key unit or component (e.g., 216) may generate and/or store (e.g., hold) the group key K.sub.G, and the index, seq, that it may update. According to an example, the group key unit or component (e.g., 216) may calculate and distribute in the local LAN or WLAN (e.g., 204 or 206) the corresponding session group key KS.sub.Gseq using suitable wireless communication technology such as Wi-Fi, Bluetooth, ZigBee or the like and/or a wired IP communication medium together with local broadcast in the LAN or WLAN”) wherein the network attached device within the first domain shares the domain device secret with another network attached devices included in the first domain (see para. [0041] “The group G may have a local group shared key or secret K.sub.G.”); perform a number of coupling iterations for each network attached device within the first domain (see para. [0046], e.g. calculation and distribution of a local group shared key or secret K.sub.G).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Kim and Gehrmann before him or her, to modify the scheme of Kim by including Gehrmann. The suggestion/motivation for doing so would have been to dynamically protect end-to-end channel that can be set up between devices in the same domain using shared group/domain key and sequence number n that changes over time.
As to claim 12, Kim teaches an apparatus (see Fig. 14, first device 1400), comprising: a processing resource; memory having instructions executable by the processing resource; and a network attached device communication component coupled to the processing resource, wherein the network attached device communication component is included in a first domain and configured to, in response see col.6, lines 36-42; It is noted that first device 110 makes known to the second device (i.e., network management device)  its presence in the network by requesting participation in the short-range network relayed by the second device 120 by sending first authentication information, its identification information.; see also col. 7, lines 33-47): wherein each respective one of the number of coupling iterations includes: generating a network attached device private key and a network attached device public key for each network attached device in the first domain (see col. 12, lines 5-10); 
	providing the network attached device public key and data to the network management device communication component via short-range communication (see col. 12, lines 11-13); and 
receiving a conformation from the network management device communication component, via short-range communication, in response to providing the network attached device public key and data to the network management device communication component (see col. 14, lines 7-18; It is noted that being able to decrypt the message encrypted and sent by the second device with the first device authentication information is considered by the examiner as equal to conformation from the network management device communication component.)
Kim does not explicitly teach but Gehrmann teaches the following limitations -

receive a domain device secret, via short-range communication, from a server communication component, wherein the domain device secret corresponds to the first domain; perform a number of coupling iterations (see para. [0045], “The group key unit or component (e.g., 216) may generate and/or store (e.g., hold) the group key K.sub.G, and the index, seq, that it may update. According to an example, the group key unit or component (e.g., 216) may calculate and distribute in the local LAN or WLAN (e.g., 204 or 206) the corresponding session group key KS.sub.Gseq using suitable wireless communication technology such as Wi-Fi, Bluetooth, ZigBee or the like and/or a wired IP communication medium together with local broadcast in the LAN or WLAN”) wherein the network attached device within the first domain shares the domain device secret with another network attached devices included in the first domain (see para. [0041] “The group G may have a local group shared key or secret K.sub.G.”); perform a number of coupling iterations for each network attached device within the first domain (see para. [0046], e.g. calculation and distribution of a local group shared key or secret K.sub.G).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Kim and Gehrmann before him or her, to modify the scheme of Kim by including Gehrmann. The suggestion/motivation for doing so would have been to dynamically protect end-to-end channel that can be set up between devices in the same domain using shared group/domain key and sequence number n that changes over time.


As to claims 17 and 21, claims 17 and 21 include similar limitations as claim 1 and thus claims 17 and 21 is/are rejected under the same rationale as claim 1.
As to claim 2, in view of claim 1, Kim teaches wherein the network management device communication component is configured to, in response to coupling to the network attached device included in the first domain, encrypt a message using the domain device secret and the network attached device public key (see col. 3, lines 48-59; It is noted that from the first device ID, second device ID, first device public key, and second device public key, a secret key is generated to protect the particular communication channel.)
As to claim 3, in view of claim 2, Gehrmann teaches wherein the network management device communication component is configured to transmit the encrypted message to the network attached device via a Local Area Network (LAN) (see para. [0045] “the group key unit or component (e.g., 216) may calculate and distribute in the local LAN or WLAN (e.g., 204 or 206) the corresponding session group key KS.sub.Gseq using suitable wireless communication technology such as Wi-Fi, Bluetooth, ZigBee or the like and/or a wired IP communication medium together with local broadcast in the LAN or WLAN”). 
As to claim 4, in view of claim 1, Kim teaches wherein the network attached device communication component is configured to, prior to providing the data to the network management device communication component, encrypt the data using the network management device public key (see col. 3, lines 48-59; It is noted that from the first device ID, second device ID, first device public key, and second device public key, a secret key is generated to protect the particular communication channel.)
As to claim 5, in view of claim 1, Gehrmann teaches wherein each domain device secret is associated with a user to control network attached devices included in the first domain associated with the domain device secret (see para. [0032]).
As to claim 8, in view of claim 1, Gehrmann teaches wherein the network attached devices included in the first domain are Internet of Things (IoT) devices (see para. [0046])
As to claim 9, in view of claim 1, Kim teaches wherein the network management device communication component is part of a device control panel used to monitor the network attached devices included in the first domain (see Fig. 16, communication unit 1600 and see col.6, lines 36-42; It is noted that first device 110 makes known to the second device (i.e., network management device)  its presence in the network by requesting participation in the short-range network relayed by the second device 120 by sending first authentication information, its identification information.).
As to claim 13, in view of claim 12, Kim teaches wherein the network attached device communication component is configured to, in response to the apparatus being coupled to the network management device: decrypt the received conformation using the network attached device private key (see col. 9, lines 55-62); verify an identity of the network management device communication component; and in response to verifying the identity of the network management device communication component (see col. 4, liens 5-11), perform an operation using received data (see col. 4, lines 17-19
As to claim 16, in view of claim 12, Gehrmann teaches wherein the first domain corresponds to a first collection of Internet of Things (IoT) devices and a second domain corresponds to a second collection of IoT devices wherein each of the IoT devices in the first domain receives the domain device secret and each of the IoT devices in the second domain receive a different domain device secret (see para. [0032] and [0046]).
As to claim 18, in view of claim 17, Kim and Gehrmann teaches wherein the network management device communication component is configured to, in response to the network attached device being coupled to the network management device: encrypt data from the network management device using the network attached device public key and the particular domain device secret (see Kim, col. 7, lines 58-67), wherein the data from the network management device indicates an instruction to be provided to the network attached device; and transmit the encrypted data from the network management device to the network attached device via a Local Area Network (LAN) (see Gehrmann, para. [0045] “the group key unit or component (e.g., 216) may calculate and distribute in the local LAN or WLAN (e.g., 204 or 206) the corresponding session group key KS.sub.Gseq using suitable wireless communication technology such as Wi-Fi, Bluetooth, ZigBee or the like and/or a wired IP communication medium together with local broadcast in the LAN or WLAN”). 
As to claim 19, in view of claim 18, Kim teaches wherein the network attached device communication component is further configured to: receive the encrypted data from the network management device; and decrypt the data from the network see col. 9, lines 55-62) 
As to claim 22, in view of claim 21, Kim and Gehrmann teaches: encrypting a message using the network attached device public key and the domain device secret corresponding to the domain including the network attached device (see Kim, col. 3, lines 48-59; It is noted that from the first device ID, second device ID, first device public key, and second device public key, a secret key is generated to protect the particular communication channel.); and transmitting the encrypted message to the network attached device via a wireless network connecting each domain to the to the network management device (see Gehrmann, para. [0045] “the group key unit or component (e.g., 216) may calculate and distribute in the local LAN or WLAN (e.g., 204 or 206) the corresponding session group key KS.sub.Gseq using suitable wireless communication technology such as Wi-Fi, Bluetooth, ZigBee or the like and/or a wired IP communication medium together with local broadcast in the LAN or WLAN”). 
As to claim 23, in view of claim 22, Gehrmann teaches wherein an instruction is received from an external mobile device prior to encrypting the message using the network attached device public key and the domain device secret corresponding to the domain including the network attached device (see Fig. 11, step 1106).




Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HEE K SONG whose telephone number is (571)270-3260. The examiner can normally be reached on M-F 9:00 am – 5:00 pm. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867 .  The fax phone number for the organization where this application or proceeding is assigned is 571-273-7291.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/HEE K SONG/Examiner, Art Unit 2497