DETAILED ACTION
This office action is in reply to applicant communication filed on October 23, 2020.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 1-34 have been amended.
Claims 1-34 are pending. 

Response to Argument
Applicant’s arguments filed on October 23, 2020 with respect to the 35 U.S.C. 102/103 rejections have been fully considered but are moot in view of new ground(s) of rejection.

Applicant’s argues that the prior art on record fails to teach the amended limitation of the independent claims. However, upon further consideration a new ground(s) of rejection is made using newly discovered prior arts to Liao (US Pub. No. 2010/0067695).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been 

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1, 3, 6-8 and 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Trostle (US Pub. No. 2005/0097317) in view of Liao (US Pub. No. 2010/0067695) and further in view of Menoher (US Pub. No. 2011/0252116).

As per claim 1 Trostle discloses:
A robot middleware system comprising: a first robot middleware node; a second robot middleware node; (paragraph 27 of Trostle, publishers are network entities that send events to subscribers who receive events) and (paragraph 29 of Trostle, a plurality of nodes is configured for functioning as a subscriber and a publisher, wherein each of the nodes has a private key. An event server is coupled to the plurality of nodes).
One or more secure encrypted type-enforced context message to communicate between the first robot middleware node and the second robot middleware node. (Paragraph 28 of Trostle, the event server determines whether the publishers are authorized to produce certain events corresponding to the event types and whether the subscribers are authorized to receive the certain events. If so, a group session key is generated for establishing one of the multicast groups. The group session key is encrypted in a message that has a prescribed format. The subscribers receive the message).
Trostle teaches the system of sending event/message to the subscriber using session key that is generated for establishing one of the multicast groups. The group session key is encrypted in a message  but fails to disclose:
Wherein the one or more secure encrypted type-enforced context message comprises a protected message that adds a security context, and wherein the security context comprises a pre-requisite action to be performed before the one or more secure encrypted context message is exchanged between the first robot middleware node and the second robot middleware node; the pre-requisite action including verifying a pre-action contract, the pre-action contract signed by a service indicating that the pre-action contract is valid, and the pre-action contract enumerating action to be taken by the first robot middleware node and the second robot middleware node and wherein a context may be issued before a message is exchanged,.
 However, in the same field of endeavor, Liao teaches this limitation as, (paragraph 22 of Liao, the message processing system 1 at least comprises a publisher 10, a message broker 20 and a number of subscribers 40. The publisher 10 may publish a message to the subscribers 40 via the message broker 20 and the publisher 10 and the subscribers 40 may follow a specific agreement which is referred to a an service level agreements (SLA) for message transmission) and (paragraph 34 of Liao, if it is known from the predetermined agreement content that the privacy level setting for the message topic being published may be configured as the Protected level or the Private level, a key or keys defined by the predetermined agreement will be used for encrypting the message. After the message is properly encrypted and the privacy level setting is completed, the encrypted and configured message is then published (step S450). The published message will be publish to the message broker 20 via the publish point 21) and (paragraph 33 of Liao, configuration result is sent to all members within the publisher list/subscriber list to synchronize content of the setting of the corresponding agreement thereof, such as privacy level setting for the selected message topic (step S350). Therefore, the administrator 50 may configure multiple subscribers for the same message topic and may sign a one-to-multi agreement using the message topic via the privacy configurator 24, thereby simplifying the complexity for individual agreement and the complexity for key management).

The combination of Trostle and Liao teaches the system of sending event/message to the subscriber by publishier (see paragraph 27 of Trostle) but fails to disclose:
If traffic in one direction should be protected differently than traffic in a different direction, a different context may be used for messages that flow in the different direction than a context used for messages that flow in the one direction.
 However, in the same field of endeavor, Menoher teaches this limitation as, (paragraph 41 of Menoher, the foregoing descriptions of the exemplary embodiment of the present invention in FIG. 2 show that by deploying in parallel two one-way data transfer systems based on one-way data links, bilateral communications between two terminals can be separated or segregated into two one-way communication channels, each of which can be subject to separate data routing configuration and administration. By separately configuring and administering each of the data routing associated with the one-way data transfer across Link R 204 (e.g., through the data sending and receiving configuration files 214 and 216) and the data routing associated with the one-way data transfer across Link L 205 in the opposite direction (e.g., through the data sending and receiving configuration files 217 and 215), it is possible to impose different data filtering process, different type or level of security policy or restriction, different restriction on allowable data types, etc. on each of the one-way communication channels 204 and 205. In this way, significant benefits in network security can be achieved).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Trostle and Liao to include the above limitation using the teaching of Menoher in order to enhance the security of message exchange during bilateral data communication between two network/devices that apply different security policy.

Claims 15 and 29 are rejected under the same reason set forth in rejection of claim 1:

As per claim 2 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 1, wherein the first robot middleware node is a publisher node and the second robot middleware node is a subscriber node. (Paragraph 27 of Trostle, publishers are network entities that send events to subscribers who receive events) and (paragraph 29 of Trostle, a plurality of nodes is configured for functioning as a subscriber and a publisher, wherein each of the nodes has a private key. An event server is coupled to the plurality of nodes).

Claim 16 is rejected under the same reason set forth in rejection of claim 2:

As per claim 3 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 1, comprising a key management server to provide key management between the first robot middleware node and the second robot middleware node. (Paragrah 73 of Trostle, the event service node 401, which can be implemented as an event server, manages keys for all of the event type principals).

Claims 17 and 30 are rejected under the same reason set forth in rejection of claim 3:

As per claim 4 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 1, wherein the first robot middleware node includes a server application and the second robot middleware node includes a client application. (Paragraph 99 of Trostle, in the preferred embodiment subscribers 405 can receive and process messages that have a message length that indicates the presence of fields that exist after the wrap token field. The subscriber will check that the client in the event message request is the event server).

Claim 18 is rejected under the same reason set forth in rejection of claim 4:

As per claim 5 Trostle in view of Liao and further in view of Menoher discloses:
See fig. 3 blocks 103, 105, 103a, 103b, 105a, and 105b).

Claim 19 is rejected under the same reason set forth in rejection of claim 5:

As per claim 6 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 1, wherein the one or more secure encrypted type-enforced context message includes a context identifier, a token, and a message protection block. (See the event message in fig. 5B of Trostle).

Claim 20 is rejected under the same reason set forth in rejection of claim 6:

As per claim 7 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 6, wherein the token includes one or more node keys, node authorization, and a peer token. (Paragraph 75 of Trostle, to produce an event, publisher 407 creates one or more messages according the message format of FIG. 5B. For example, publisher 407 creates an initialize token and a wrap token, which grants the bearer permission to access an object or service, targeted at the event service node 401. In one specific embodiment, the initialize token is an InitializeSecurityContext token).

Claim 21 is rejected under the same reason set forth in rejection of claim 7:

As per claim 11 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 1, wherein the one or more secure encrypted type-enforced context message includes an object that provides a cryptographic message wrapper around an original message. (Paragraph 75 of Trostle, to produce an event, publisher 407 creates one or more messages according the message format of FIG. 5B. For example, publisher 407 creates an initialize token and a wrap token, which grants the bearer permission to access an object or service, targeted at the event service node 401. In one specific embodiment, the initialize token is an InitializeSecurityContext token. The target principal is the event object principal. The event service node 401 wraps the event, or message, in a Kerberos wrap token and then creates a new event message in the format of FIG. 5B with the unencapsulated event from the producer event message. The event service node 401 can then multicast the message to the subscribers 405).

Claims 25 and 31 are rejected under the same reason set forth in rejection of claim 11:

As per claim 12 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 3, wherein the first robot middleware node is a publisher node, the first robot middleware node to request a key from the key management server, to receive a content protection context token from the key management server in response to the key request, and to securely publish content using the content protection context token. (Paragraph 73 of Trostle, the event service node 401, which can be implemented as an event server, manages keys for all of the event type principals. Publisher 407 and subscribers 405 communicate with event service node 401 through MSA 401a to authenticate themselves, to discover what events they can publish or subscribe, and to obtain a group session key).

Claim 26 is rejected under the same reason set forth in rejection of claim 12:

As per claim 13 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 3, wherein the second robot middleware node is a subscriber node, the second robot middleware node to subscribe to content securely published with a content protection context token, to obtain the content protection context token from the key management server, to receive the securely published content, and to decrypt the securely published content using the obtained content protection context key. (Paragraph 66 of Trostle, workstation 103 of user A includes a key generator 103b and a cryptographic device 103a. Key generator 103b generates public and private keys used for encrypting and decrypting information exchanged with workstation 105 of user B. Cryptographic device 103a encrypts and decrypts information exchanged with workstation 105 using private and public keys generated by key generator 103b).

Claims 27 and 32 are rejected under the same reason set forth in rejection of claim 13:

As per claim 14 Trostle in view of Liao and further in view of Menoher discloses:
The robot middleware system of claim 3, wherein the key management server is to receive a key request from the first robot middleware node, to provide to the first robot middleware node a content protection context token in response to the key request, and to provide the content protection context token to one or more subscribers permitted to obtain the content protection context token, the one or more subscribers permitted to obtain the content protection context token including the second robot middleware node. (Paragraph 54 of Trostle, other nodes seeking to participate in the secure communication may do so by requesting the group session key from the KDC 111, which distributes it using secured point-to-point communication. For purposes of illustration, assume that user A desires to publish a message to the other users B, C, D. As a publisher, user A sends the authenticated event to an event server (using the format of the message in FIG. 5B), which then uses the group session key to authenticate and protect the multicast transmission to parties B, C, and D. It should be noted that if user A is trusted by the other users B, C, D, user A can itself assume the role of a KDC).

Claim 28 is rejected under the same reason set forth in rejection of claim 14:

As per claim 34 Trostle in view of Liao and further in view of Menoher discloses:
Trostle teaches the system of sending event/message to the subscriber using session key that is generated for establishing one of the multicast groups. The group session key is encrypted in a message that has a prescribed format and the subscribers receive the message (see paragraph 27 and 28 of Trostle) but fails to disclose:

 However, in the same field of endeavor, Liao teaches this limitation as, (paragraph 35 of Liao, after receiving the published message, the message broker 20 joins the received message to a corresponding message chain based on its message topic to generate a corresponding privacy inherent policy (e.g. steps S520-S540) on one hand, and performs a privacy determination to determine whether its privacy level setting conforms to a predetermined privacy inherent policy (e.g. steps S550-S580) on the other hand. In step S520, the received message is joined to the corresponding message chain based on its message topic. Thereafter, in step S530, a privacy inference calculation process is performed based on the corresponding message chain for calculating and determining whether the privacy level setting of the received message conforms to the inference policy of the privacy).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Trostle and include the above limitation using the teaching of Liao in order to enhance the security of message exchange based on the predetermined agreement between the communication device/user.

Claims 8-9 and 22-23 are rejected under 35 U.S.C. 103 as being unpatentable over Trostle (US Pub. No. 2005/0097317) in view of Liao (US Pub. No. 2010/0067695) and further in view of Menoher (US Pub. No. 2011/0252116) and Yeow (US Pub. No. 2014/0056124).

As per claim 8:
The combination of Trostle, Liao and Menoher teaches the system of sending event/message to the subscriber by publishier (see paragraph 27 of Trostle) but fails to disclose:

 However, in the same field of endeavor, Yeow teaches this limitation as, (paragraph 65 of Yeow, all the reports are sent to HR-BS. The scanning control messages can be based on those defined in 802.16m e.g. MOB_SCN-REQ/RSP/REP. Since HR-BS has the knowledge of the topology within its cell, it can select the path centrally and update the path information to the intermediate HR-RS and/or HR-MS along the path to HR-MS. In other words, we assume path selection is determined by HR-B S. The network topology information can be optionally sent to all the stations through the control message such as MOB_NBR-ADV) and (paragraph 66 of Yeow, HR-BS sends the control messages to the nodes (stations) along the alterative path to distribute the path information explicitly. The path information at least includes the identification of the path pair or the connection ID or station flow ID that is unique in HR-BS for a flow) and other necessary network configuration information such as BSID/Cell ID, Physical Frequency that the access station is operating on, if available. At each station along the path, it should be able to identify its next hop and its previous hop, if available). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Trostle, Liao, and Menoher to include the above limitation using the teaching of Yeow in order to identify the authorized communication path and establish secured communication between network devices.

Claim 22 is rejected under the same reason set forth in rejection of claim 8:

As per claim 9 Trostle in view of Liao and further in view of Menoher and Yeow discloses:
The robot middleware system of claim 8, wherein the swimlane includes a source endpoint, a destination endpoint, a topic service identifier, and a swimlane configuration. (paragraph 66 of Yeow, the path information at least includes the identification of the path pair or the connection ID or station flow ID that is unique in HR-BS for a flow) and other necessary network configuration information such as BSID/Cell ID, Physical Frequency that the access station is operating on, if available. At each station along the path, it should be able to identify its next hop and its previous hop, if available).

Claim 23 is rejected under the same reason set forth in rejection of claim 9:

Claims 10 and 24 are rejected under 35 U.S.C. 103 as being unpatentable over Trostle (US Pub. No. 2005/0097317) in view of Liao (US Pub. No. 2010/0067695) and further in view of Menoher (US Pub. No. 2011/0252116) and Carey (US Pub. No. 2018/0324104).

As per claim 10:
The combination of Trostle, Liao and Menoher teaches the system of sending event/message to the subscriber by publishier (see paragraph 27 of Trostle) but fails to disclose:
The robot middleware system of claim 1, wherein the one or more secure encrypted type-enforced context message includes a context identifier, a Concise Binary Object Representation (CBOR) Object Signing and Encryption (COSE) protocol payload, and a message protection block.
 However, in the same field of endeavor, Carey teaches this limitation as, (paragraph 37 of Carey, the USP Record may include: a version; an originating USP endpoint identifier (from_id); a session context identifier (session_id); a datagram sequence identifier (sequence_id); an expected sequence identifier (expected_id); payload encoding information (payload_encoding); payload encryption information (payload_encryption); a payload segmentation and reassembly (SAR) state (payload_sar_state); and a payload record SAR state (payload_rec_sar_state); a payload; and a retransmit identifier (retransmit_id)) and (paragraph 44 of Carey, the payload portion of a USP record, which represents a USP message, may include one or more payload records. A USP message may be unencrypted, encrypted using Concise Binary Object Representation (CBOR) Object Signing and Encryption (COSE), or encrypted using Transport Layer Security (TLS) encryption). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Trostle, Liao, and Menoher to include the above 

Claim 24 is rejected under the same reason set forth in rejection of claim 10: 


Claim 33 is rejected under 35 U.S.C. 103 as being unpatentable over Trostle (US Pub. No. 2005/0097317) in view of Liao (US Pub. No. 2010/0067695) and further in view of Menoher (US Pub. No. 2011/0252116) and Dayka (US Pub. No. 2017/0093879).

As per claim 33:
The combination of Trostle, Liao, and Menoher teaches the system of sending event/message to the subscriber using session key that is generated for establishing one of the multicast groups. The group session key is encrypted in a message that has a prescribed format and the subscribers receive the message (see paragraph 27 and 28 of Trostle) but fails to disclose:
The robot middleware system of claim 1, wherein a different context is used for messages that flow in different directions.
 However, in the same field of endeavor, Dayka teaches this limitation as, (Paragraph 65 of Dayka, one embodiment of type enforcement described in FIGS. 1A, 1B, and 1C in the present specification is used to identify what security level a piece of data may belong to. Security levels as used in the context of term multi-level security (MLS) for cryptography service provider (CSP) comprise, no-security, integrity, and confidentiality. Data belonging to a no-security level are unsigned plaintexts. Data belonging to an integrity level have been authenticated in order to track back to the origin of the data, either plaintext or ciphertext. Data belonging to a confidentiality level are signed ciphertexts).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Trostle, Liao and Menoher to include the above .

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TESHOME HAILU whose telephone number is (571)270-3159.  The examiner can normally be reached on M-F 8 a.m. - 5 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-




/TESHOME HAILU/Primary Examiner, Art Unit 2434