Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-30 are subject under examination.

EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Mr. J Scott Karren (registration number 58665) on 12/01/2020.

			Claims 

Claims have been replaced with the claims below:
(Previously Presented) A method for wireless communication comprising: 
creating, by a managing device of a group of devices, a first group security configuration for a first device of the group of devices, the first group security configuration comprising a group security parameter associated with the group of devices and a device-specific security parameter associated with the first device, 
creating, by the managing device, a second group security configuration for a second device of the group of devices, the second group security configuration comprising the group security parameter and a device-specific security parameter associated with the second device, wherein a combination of the device-specific security parameter associated with the second device and the group security parameter is configured for pairwise key generation for secure connection establishment with the second device; and
providing the first group security configuration to the first device and the second group security configuration to the second device, wherein the first group security configuration and the second group security configuration are configured to be used to establish a secure connection for communications between the first device and the second device.

2.     (Original) The method of claim 1 wherein the first group security configuration and the second group security configuration are configured to be used to establish the secure connection without additional communications with the managing device during the establishment of the secure connection.

3.    (Original) The method of claim 1, further comprising:


4.    (Original) The method of claim 1, further comprising:
updating the first group security configuration and the second group security configuration based at least in part on a quantity of devices that change their group connection status exceeding a threshold quantity of devices.

5.    (Original) The method of claim 4, further comprising:
providing the updated first group security configuration to the first device using a first secure unicast channel; and
providing the updated second group security configuration to the second device using a second secure unicast channel.

6.    (Original) The method of claim 4, wherein the updating comprises:
changing the group security parameter, the device-specific security parameter
associated with the first device, or the device-specific security parameter associated with the second device, or a combination thereof.

7.    (Original) The method of claim 4, wherein the updating comprises:
selecting a group identifier providing an index to an updated group security

providing the selected group identifier to the first device, or the second device, or both the first device and the second device.
8.    (Original) The method of claim 4, wherein a device changing its group connection status comprises the device being identified as a compromised device, a periodic security configuration update, the device departing from the group of devices, or the device joining the group of devices, or a combination thereof.
9.    (Original) The method of claim 1, wherein the group of devices comprise a group of sensor nodes, a group of wireless devices forming a wireless peer-to-peer (P2P)  network, a group of wireless devices forming a mesh network, or a group of devices forming an infrastructure-less network, or a combination thereof.
10.    (Currently Amended) A method of wireless communication comprising: 
receiving, at a first device of a group of devices, a first group security configuration from a managing device, the first group security configuration comprising a group security parameter associated with the group of devices and a device-specific security parameter associated with the first device, wherein a combination of the device-specific security parameter associated with the first device and the group security parameter is configured for  pairwise key generation for secure connection establishment with the first device; and

determining, at the first device, the device-specific security parameter associated with the second device, wherein establishing the secure connection is based at least in part on a combination of the device-specific security parameter associated with the first device, the group security parameter, and the device-specific security parameter associated with the second device as determined at the first device.
11.    (Original) The method of claim 10, wherein the secure connection is established without additional communications with the managing device during the establishment of the secure connection.
12.    (Previously Presented) The method of claim 10, further comprising: generating a pairwise key based at least in part on the combination of the group security parameter and the  device-specific security parameter associated with the first device, wherein establishing the secure connection is based at least in part on determining that the generated pairwise key is symmetric with a pairwise key of the second device.
13. (Cancelled)


receiving a broadcast message from the second device, the broadcast message comprising the device-specific security parameter associated with the second device.

15.    (Original) The method of claim 10, further comprising: receiving an updated first group security configuration; and
reestablishing the secure connection for communications with the second device based at least in part on the updated first group security configuration.

16.    (Currently Amended) An apparatus for wireless communication,
comprising:
a processor;
memory in electronic communication with the processor; and instructions stored in the memory and operable, when executed by the processor, to cause the apparatus to:
create, by a managing device of a group of devices, a first group security configuration for a first device of the group of devices, the first group security configuration comprising a group security parameter associated with the group of devices and a device-specific security parameter associated with the first device, wherein a combination of the device-specific security parameter associated with the first device and the group security parameter is configured for pairwise key generation for secure connection establishment with the first device;
, wherein a combination of the device-specific security parameter associated with the second device and the group security parameter is configured for pairwise key generation for secure connection establishment with the second device; and
provide the first group security configuration to the first device and the second group security configuration to the second device, wherein the first group security configuration and the second group security configuration are configured to be used to establish a secure connection for communications between the first device and the second device.
17.    (Original) The apparatus of claim 16 wherein the first group security configuration and the second group security configuration are configured to be used to establish the secure connection without additional communications with the managing device during the establishment of the secure connection.
18.    (Original) The apparatus of claim 16, wherein the instructions are operable to cause the apparatus to:
determine a group security level for the group of devices based at least in part on a maximum number of devices in the group of devices.

update the first group security configuration and the second group security configuration based at least in part on a quantity of devices that change their group connection status exceeding a threshold quantity of devices.
20.    (Original) The apparatus of claim 19, wherein the instructions are operable to cause the apparatus to:
provide the updated first group security configuration to the first device using a first secure unicast channel; and
provide the updated second group security configuration to the second device using a second secure unicast channel.

21.    (Original) The apparatus of claim 19, wherein the instructions to update the first group security configuration and the second group security configuration are operable to cause the apparatus to:
change the group security parameter, the device-specific security parameter associated with the first device, or the device-specific security parameter associated with the second device, or a combination thereof.
22.    (Original) The apparatus of claim 19, wherein the instructions to update the first group security configuration and the second group security configuration are operable to cause the apparatus to:

provide the selected group identifier to the first device, or the second device, or both the first device and the second device.
23.    (Original) The apparatus of claim 19, wherein a device changing its group connection status comprises the device being identified as a compromised device, a periodic security configuration update, the device departing from the group of devices, or the device joining the group of devices, or a combination thereof.
24.    (Original) The apparatus of claim 16, wherein the group of devices comprise a group of sensor nodes, a group of wireless devices forming a wireless peer-to-peer (P2P) network, a group of wireless devices forming a mesh network, or a group of devices forming an infrastructure-less network, or a combination thereof.
25.    (Currently Amended) An apparatus for wireless communication,
comprising:
a processor;
memory in electronic communication with the processor; and
instructions stored in the memory and operable, when executed by the processor, to cause the apparatus to:

establish a secure connection for communications with a second device of the group of devices based at least in part on the first group security configuration and a second group security configuration provided to the second device, the second group security configuration comprising the group security parameter and a device-specific security parameter associated with the second device;
 determine, at the first device, the device-specific security parameter associated with the second device, wherein establishing the secure connection is based at least in part on a combination of the device-specific security parameter associated with the first device, the group security parameter, and the device-specific security parameter associated with the second device as determined at the first device.

26.    (Original) The apparatus of claim 25, wherein the secure connection is established without additional communications with the managing device during the establishment of the secure connection.

27.    (Currently Amended) The apparatus of claim 25, wherein the instructions are operable to cause the apparatus to:


	28. (Cancelled)


29.    (Currently Amended) The apparatus of claim
receive a broadcast message from the second device, the broadcast message comprising the device-specific security parameter associated with the second device.

30.    (Original) The apparatus of claim 25, wherein the instructions are operable to cause the apparatus to:
receive an updated first group security configuration; and
reestablish the secure connection for communications with the second device based at least in part on the updated first group security configuration.

Allowable Subject Matter

Claims 1-12, 14-27, 29 and 30 are allowed. 
The following is a statement of reason for the indication of allowable subject matter:


Regarding claim 16, Prior art fails to teach the combination of “the second group security configuration comprising the group security parameter and a device-specific security parameter associated with the second device, wherein a combination of the device-specific security parameter associated with the second device and the group security parameter is configured for pairwise key generation for secure connection establishment with the second device; …provide the first group security configuration to the first device and the second group security configuration to the second device, wherein the first group security configuration and the second group security configuration are configured to be used to establish a secure connection for communications between the first device and the second device.” In addition to other limitations of claim 16. 





Regarding claim 25, Prior art fails to teach “wherein a combination of the devices specific security parameter and the group security parameter is configured for  pairwise key generation for secure connection establishment with the first device;…..establish a secure connection for communications with a second device of the group of devices based at least in part on the first group security configuration and a second group security configuration provided to the second device…..determine, at the first device, the device-specific security parameter associated with the second device, wherein establishing the secure connection is based at least in part on a combination of the device-specific security parameter associated with the first device, the group security parameter, and the device-specific security parameter associated with the second device as determined at the first device.” In addition to other limitations of claim 25. 


In the closest prior art Kruys (US 8983066)  teaches about  providing devices keying material to derive a key to communicate with any other member of the group. However, it doesn’t teach providing each device  a combination of the devices specific security parameter and the group security parameter  which is configured for  pairwise key generation for secure connection establishment. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PAMIT KAUR whose telephone number is (571)270-5665.  The examiner can normally be reached on 9AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, NOEL BEHARRY can be reached on 5712705630.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  






/PAMIT KAUR/Examiner, Art Unit 2416

/NOEL R BEHARRY/Supervisory Patent Examiner, Art Unit 2416