Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response Amendments and Arguments
Applicants has amended claims significantly. Examiner has reviewed these amendments and found to have overcome objections for claims 2, 4-5, 10, 12 & 15 issued in the previous office action. Claim objections for these has been withdrawn. However, this amendment itself has created new issues as illustrated below in this office action.
The Applicant’s arguments against issuance of 103 rejections has been reviewed but found to be moot due to change of ground.
Claim objection
Claim 1 is objected to as it recites “receiving, with a central office server, a first secret random number and a first public key based on the first secret random number from a first computing device; receiving, with the central office server, a second secret random number and a second public key based on the second secret random number from a second computing device; authenticating, with the central office server, the first public key based on a first private key associated with a first vehicle for generating a shared secret key at the first computing device  to secure a communication channel with the second computing device; and  authenticating, with the central office server, the second public key of  a second vehicle based on a second private key associated with  a second vehicle  for generating the shared secret key at the second computing device to secure the communication channel with the first computing device”.  As unencrypted/clear public keys from computing devices  with the private keys of first and second vehicles.
Claim 1 is further objected as it recites “authenticating, with the central office server, the first public key based on a first private key associated with a first vehicle for generating a shared secret key at the first computing device  to secure a communication channel with the second computing device;  authenticating, with the central office server, the second public key of  a second vehicle based on a second private key associated with  a second vehicle for generating the shared secret key at the second computing device to secure the communication channel with the first computing device”; as recited it is not clear how authentications at the central office server are related to generation of shared keys at the computing devices. Furthermore, the limitation expresses an intent of use by reciting “for generating a shared secret key at the first computing device to secure a communication channel with the second computing device;  and “for generating the shared secret key at the second computing device to secure the communication channel with the first computing device”. These limitations are not in positive form and may not be executed at all. Hence they do not carry any patentable weight.
Claim 11 is objected to as it recites “send a secure second public key to the first computer vehicle to be utilized to generate a shared secret key by digitally signing with the private key associated with the first computer vehicle; and send a secure first public to be utilized to generate the shared secret key by digitally signing with the private key associated with the second vehicle, and wherein the first on-board computer generates a-the shared secret key based on the first secret random number and the second public key’ and wherein the shared secret key is used to authenticate communication between the first vehicle and the second vehicle”, as recited the limitations expresses an intent of use (to be utilized) and may not be executed and hence carries no patentable weight.
	Claim 11 is further objected to as it recites “send a secure second public key to the first computer vehicle to be utilized to generate a shared secret key by digitally signing with the private key associated with the first computer vehicle; and send a secure first public key to the second vehicle to be utilized to generate the shared secret key by digitally signing with the private key associated with the second vehicle, and wherein the first on-board computer generates a-the shared secret key based on the first secret random number and the second public key’, as recited it is not clear how first computer vehicle generate shared key using secure public keys and secret random number. Specification also does not provide any supportive description. 
Claim 11 is additionally objected to as it recites “wherein the first on-board computer generates a-the shared secret key based on the first secret random number and the second public key’ and wherein the shared secret key is used to authenticate communication between the first vehicle and the second vehicle”, as recited it not clear how key generated at the first computer can be used as shared key unless it is shared with the second computer or the same key is generated at the second computer. .  
vehicle by digitally signing with a-the first private key associated with the first vehicle; and send a secure first public key to the second vehicle by digitally signing with the second private key associated with the second vehicle, and wherein a shared secret key based on the secure first public key and secure second public key is used to authenticate communication between the first vehicle and the second vehicle”, as recited it is not clear how a shared key generated based on “the secure first public key and secure second public key” and how it authenticate communication between the first vehicle and the second vehicle’

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention

Claim 1- 3, 6-13, 16 & 18-25 are rejected under 35 U.S.C. 112 (b), as being indefinite for failing to particularly point out and distinctly claim subject matter which applicant regards as the invention. 
Claim 1 recitation does not make it clear (indefinite) how central office server performs authentication of the received unencrypted/clear public keys from computing devices  with the private keys of first and second vehicles. Specification also does not provide any description on this claim recitation. Furthermore, in claim 1 it is not clear (indefinite) how authentications at the 
Dependent claims 2-3, 6-10 & 21 are also rejected because of their dependencies on claim 1.
Claim 11 recites receive, from the first on-board computer of the first vehicle, a digitally signed first public key based on a first private key associated with the first on-board computer; and receive from the second on-board computer a digitally signed second public key based on a second private key associated with the second on-board computer”.  As recited it is not clear whether “first public key” and “second public key” recited in these limitations are same or not  of those mentioned in lines 6 & 12 respectively. 
Claim 11 does not make clear how keys are generated at the first computer can be used as shared key unless it is shared with the second computer or the same key is generated at the second computer. 
Dependent claims 12-13, 16, 18-19 & 22 are also rejected because of their dependencies on claim 11.
Claim 20 recitation does not make it clear how a shared key generated based on “the secure first public key and secure second public key” and how it authenticate communication between the first vehicle and the second vehicle’
Dependent claims 23-25 are also rejected because of their dependencies on claim 20.




Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims 1- 2,  7-9, 11-12, & 18-25 are rejected under 35 USC 103 as being unpatentable over Felsher (US8316237) in view of Kuhnapfel (US20170206717)
Regarding claim 1, Felsher teaches:
a computer-implemented method, comprising: receiving, a first secret random number and a first public key based on the first secret random number from a first computing device; [Column 3: lines 60-65: According to the Diffie Hellman scheme, two hosts can create and share a secret key without ever communicating the key. Each host receives the "Diffie-Hellman parameters". A prime number, `p` (larger than 2) and "base", `g`, an integer that is smaller than `p`. The hosts each secretly generate their own private number, called `x (first/second secret random number) `, which is less than "p-1". The hosts next generate a respective public key, `y`(first/second pubic key). They are created with the function: y=g.sup.X Mod p.]
receiving, a second secret random number and a second public key based on the second secret random number from a second computing device; [Column 3: lines 60-65: According to the Diffie Hellman scheme, two hosts can create and share a secret key without ever communicating the key. Each host receives the "Diffie-Hellman parameters". A prime number, `p` (larger than 2) and "base", `g`, an integer that is smaller than `p`. The hosts each secretly generate their own private number, called `x (first/second secret random number) `, which is less than "p-1". The hosts next generate a respective public key, `y`(first/second pubic key). They are created with the function: y=g.sup.X Mod p.]
authenticating, the first public key based on a first private key associated with a first Computer,[Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 (central server) may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]

for generating a shared secret key at the first computing device [Column 3: lines 60-65: According to the Diffie Hellman scheme, two hosts can create and share a secret key without ever communicating the key. Each host receives the "Diffie-Hellman parameters". A prime number, `p` (larger than 2) and "base", `g`, an integer that is smaller than `p`. The hosts each secretly generate their own private number, called `x (first/second secret random number) `, which is less than "p-1". The hosts next generate a respective public key, `y`(first/second pubic key). They are created with the function: y=g.sup.X Mod p.]
to secure a communication channel with the second computing device;[ Column 4,lines 1-5:the exchanged numbers are converted into a secret key, `z` by the following function: z=y.sup.x Mod p. `z` can now be used as an encryption key in a symmetric encryption scheme. (securing communication channel)	
authenticating, the second public key of  a second computer based on a second private key associated with  a second  Computer,[Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 (central server) may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
for generating the shared secret key at the second computing device to secure the communication channel with the first computing device. [Column 3: lines 60-65: According to the Diffie Hellman scheme, two hosts can create and share a secret key without ever communicating the key. Each host receives the "Diffie-Hellman parameters". A prime number, `p` (larger than 2) and "base", `g`, an integer that is smaller than `p`. The hosts each secretly generate their own private number, called `x (first/second secret random number) `, which is less than "p-1". The hosts next generate a respective public key, `y`(first/second pubic key). They are created with the function: y=g.sup.X Mod p.]
Although, Felsher teaches secure communication between two entities using shared key, he does not explicitly teach, however, Kuhnapfel  teaches secure communication between vehicles using a central server [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 (it is obvious to skilled person that vehicle and vehicle subsystem may be same object) that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this central server may be located in an office or may be called central office server. Moreover as vehicles communicates with the central office server via telematics unit , it can also communicates directly with the central server. , a network client 140, a mobile device 130 app/user, or a network resource 150. ….. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central office server communicate with computers on board (first second) vehicles/vehicles subsystems  and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to a skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of  Schmidt. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse, and also help to reduce vehicle operating, maintenance, and replacement costs.. (para 0001-0005, Kuhnapfel)  
Regarding claims 2 & 12, Felsher teaches:
 sending, a  computer  identifier associated with the second computer for determining an access request;  [Column 67, lines 30-35: a second (could be first ) computer system /device transmits requested digital information to a requesting first computing system in wrapped form, It is obvious to ordinary skilled person that (source /could be first device/responding device)  received identifier/address of the requesting device as it is sending the requested information) ]
 receiving, a digitally signed first public key from the first computer based on the first private key, wherein the first private key is assigned to the first computer;  [Column 24, lines 35-40:The Intermediary 10 (central office server) may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
Although, Felsher teaches secure communication between two entities using shared key, he does not explicitly teach, however, Kuhnapfel  teaches secure communication between vehicles and a central server. [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this server may be located in an office or may be called central office server), a network client 140, a mobile device 130 app/user, or a network resource 150. As such, the telematics unit 110 may communicate the processed vehicle data to any of a variety of client and/or server systems. More specifically, in one example embodiment, the telematics unit 110 may be configured to wirelessly communicate the processed vehicle data to the mobile device 130 via a networked or direct data interface. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central server communicate with computers on board (first second) vehicles and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of Kuhnapfel. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse. (para 0001-0005, Kuhnapfel)  
Regarding claims 7, Felsher  teaches wherein the communication channel is a peer-to-peer communication channel between the first computer and the second computer based on the shared secret key;[ Column 4,lines 1-5:the exchanged numbers are converted into a secret key, `z` by the following function: z=y.sup.x Mod p. `z` can now be used as an encryption key in a symmetric encryption scheme. (securing communication channel)	
Fuhnapfel teaches communication between vehicles and the central office server,  [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this server may be located in an office or may be called central office server), a network client 140, a mobile device 130 app/user, or a network resource 150. As such, the telematics unit 110 may communicate the processed vehicle data to any of a variety of client and/or server systems. More specifically, in one example embodiment, the telematics unit 110 may be configured to wirelessly communicate the processed vehicle data to the mobile device 130 via a networked or direct data interface. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central server communicate with computers on board (first second) vehicles and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of Kuhnapfel. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse. (para 0001-0005, Kuhnapfel)  
 Regarding claim 8, 18 & 23, Flesher teaches preventing a man-in- the-middle attack, [Column 4, lines 5-25: a method of public-key encryption developed by Rivest, Shamir & Adelman, and now generally referred to as RSA, is based upon the use of two extremely large prime numbers which fulfill the criteria for the "trap-door, one-way permutation." Such a permutation function enables the sender to encrypt the message using a non-secret encryption key, but does not permit (prevent) an eavesdropper (man in the middle attack) to decrypt the message by crypto-analytic techniques within an acceptably long period of time. This is due to the fact that for a composite number composed of the product of two very large prime numbers, the computational time necessary to factor this composite number is unacceptably long. A brute force attack requires a sequence of putative keys to be tested to determine which, if any, is appropriate. Therefore a brute force attack requires a very large number of iterations. The number of iterations increases geometrically with the key bit size, while the normal decryption generally suffers only an arithmetic-type increase in computational complexity.]
Although, Felsher teaches preventing man in the middle attack, he does not explicitly teach, however, Kuhnapfel teaches by securing at least one of a first computer vehicle-to-central office communication, a central office-to-first vehicle communication, or a first vehicle-to-second vehicle, by securing at least one of a first computer vehicle-to-central office communication, a central office-to-first vehicle communication, or a first vehicle-to-second vehicle, [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 (it is obvious to skilled person that vehicle and vehicle subsystem may be same object) that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this central server may be located in an office or may be called central office server. Moreover as vehicles communicates with the central office server via telematics unit , it can also communicates directly with the central server. , a network client 140, a mobile device 130 app/user, or a network resource 150. ….. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central office server communicate with computers on board (first second) vehicles/vehicles subsystems  and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to a skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of  Schmidt. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse, and also help to reduce vehicle operating, maintenance, and replacement costs.. (para 0001-0005, Kuhnapfel)  
Regarding claim 9 & 19, Felsher  teaches wherein the  communication are authenticated based on a determined private key associated with a respective first computer, [Column 12, lines 20-30: Thus, it is seen that in an RSA scheme, M=C.sup.d mod n=(M.sup.e mod n).sup.d mod n. Therefore, in order to communicate the intermediary private information to the intended recipient, the recipient public key `e1` and intermediary private key `d2` are defined using the same modulus n, multiplied, and provided to the sender. At the sender, the ciphertext C2=M.sup.e2 Mod n, previously encrypted with the intermediary's public key e2, is subjected to the function: C1=C2.sup.d2e1 mod n=M.sup.e1 mod n. The recipient may then apply its private key d1 do decrypt the message: M=C1.sup.d1 mod n.]
Although Flesher teaches private key he does not explicitly teach, however, Kuhnapfel  teaches secure communication between vehicles and a central server, [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this server may be located in an office or may be called central office server), a network client 140, a mobile device 130 app/user, or a network resource 150. As such, the telematics unit 110 may communicate the processed vehicle data to any of a variety of client and/or server systems. More specifically, in one example embodiment, the telematics unit 110 may be configured to wirelessly communicate the processed vehicle data to the mobile device 130 via a networked or direct data interface. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central server communicate with computers on board (first second) vehicles and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of Kuhnapfel. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse. (para 0001-0005, Kuhnapfel)  
Regarding claim 11, Felsher teaches: 
a computer -to-computer key exchange system, comprising: comprising one or more processors configured to: receive from a first computer a first secret random number and a first public key based on the first secret random number; [Column 3: lines 60-65: According to the Diffie Hellman scheme, two hosts (devices/computers) can create and share a secret key without ever communicating the key. Each host (device computer) receives the "Diffie-Hellman parameters". A prime number, `p` (larger than 2) and "base", `g`, an integer that is smaller than `p`. The hosts each secretly generate their own private number, called `x (first/second secret random number) `, which is less than "p-1". The hosts next generate a respective public key, `y`(first/second pubic key). They are created with the function: y=g.sup.X Mod p.]
receive, from the first computer a digitally signed first public key based on a first private key associated with the first computer; [Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 (central server) may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
receive from a second computer  a second secret random number and a second public key based on the second secret random number; [Column 3: lines 60-65: According to the Diffie Hellman scheme, two hosts (devices/computers) can create and share a secret key without ever communicating the key. Each host (device computer) receives the "Diffie-Hellman parameters". A prime number, `p` (larger than 2) and "base", `g`, an integer that is smaller than `p`. The hosts each secretly generate their own private number, called `x (first/second secret random number) `, which is less than "p-1". The hosts next generate a respective public key, `y`(first/second pubic key). They are created with the function: y=g.sup.X Mod p.]
receive from the second computer a digitally signed second public key based on a second private key associated with the second on-board computer; [Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 (central server) may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
authenticate the first public key of the first computer  based on the first private key associated with the first computer; [Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
authenticate the second public key of the second computer based on the second private key associated with the second computer; [Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
send a secure second public key to the first computer to be utilized to generate a shared secret key by digitally signing with the private key associated with the first computer; [Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
send a secure first public key to the second to be utilized to generate the shared secret key by digitally signing with the private key associated with the second  [Column 24, lines 35-40:This public key is then received by the User 20 as partial evidence of authority and association with the patient. Such keys may expire periodically, preventing persisting use of outdated keys. The Intermediary 10 may then partially authenticate the User 20, by analysis of the patient public key-signed transmission from the User 20 with respect to a patient private key retained by the Intermediary 10.]
wherein the first on-board computer generates a-the shared secret key based on the first secret random number and the second public key, [Column 3 & 4: lines 65-68 & 1-5 respectively: the two hosts now exchange their respective public keys (`y`) and the exchanged numbers are 33converted into a secret key, `z` by the following function: z=y.sup.x Mod p. `z` can now be used as an encryption key in a symmetric encryption scheme. Mathematically, the two hosts should have generated the same value for `z`, since according to mathematical identity theory, z=(g.sup.x Mod p).sup.x' Mod p=(g.sup.x'(Mod p).sup.x Mod p.]
wherein the shared secret key is used to authenticate communication between the first  and the second ,[Column 4,lines 1-5:the exchanged numbers are converted into a secret key, `z` by the following function: z=y.sup.x Mod p. `z` can now be used as an encryption key in a symmetric encryption scheme. (securing communication channel)	
Although, Felsher teaches secure communication between two entities using shared key, he does not explicitly teach, however, Kuhnapfel  teaches secure communication between vehicles using a central server [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 (it is obvious to skilled person that vehicle and vehicle subsystem may be same object) that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this central server may be located in an office or may be called central office server. Moreover as vehicles communicates with the central office server via telematics unit , it can also communicates directly with the central server. , a network client 140, a mobile device 130 app/user, or a network resource 150. ….. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central office server communicate with computers on board (first second) vehicles/vehicles subsystems  and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to a skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of  Schmidt. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse, and also help to reduce vehicle operating, maintenance, and replacement costs.. (para 0001-0005, Kuhnapfel)  
Regarding claim 20, the claim is interpreted to be same as claim 11 and rejected for the same reason as set forth claim 11.
Regarding claims 21, 22 & 25, Felsher  teaches wherein the  communication are authenticated based on a determined private key associated with a respective second computer, [Column 12, lines 20-30: Thus, it is seen that in an RSA scheme, M=C.sup.d mod n=(M.sup.e mod n).sup.d mod n. Therefore, in order to communicate the intermediary private information to the intended recipient, the recipient public key `e1` and intermediary private key `d2` are defined using the same modulus n, multiplied, and provided to the sender. At the sender, the ciphertext C2=M.sup.e2 Mod n, previously encrypted with the intermediary's public key e2, is subjected to the function: C1=C2.sup.d2e1 mod n=M.sup.e1 mod n. The recipient may then apply its private key d1 do decrypt the message: M=C1.sup.d1 mod n.]
Although Flesher teaches private key he does not explicitly teach, however, Kuhnapfel  teaches secure communication between vehicles and a central server, [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this server may be located in an office or may be called central office server), a network client 140, a mobile device 130 app/user, or a network resource 150. As such, the telematics unit 110 may communicate the processed vehicle data to any of a variety of client and/or server systems. More specifically, in one example embodiment, the telematics unit 110 may be configured to wirelessly communicate the processed vehicle data to the mobile device 130 via a networked or direct data interface. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central server communicate with computers on board (first second) vehicles and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of Kuhnapfel. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse. (para 0001-0005, Kuhnapfel)
Regarding claim 24, Felsher  teaches wherein the  communication are authenticated based on a predetermined private key associated with a respective fcomputer, [Column 12, lines 20-30: Thus, it is seen that in an RSA scheme, M=C.sup.d mod n=(M.sup.e mod n).sup.d mod n. Therefore, in order to communicate the intermediary private information to the intended recipient, the recipient public key `e1` and intermediary private key `d2` are defined using the same modulus n, multiplied, and provided to the sender. At the sender, the ciphertext C2=M.sup.e2 Mod n, previously encrypted with the intermediary's public key e2, is subjected to the function: C1=C2.sup.d2e1 mod n=M.sup.e1 mod n. The recipient may then apply its private key d1 do decrypt the message: M=C1.sup.d1 mod n.]
Although Flesher teaches private key he does not explicitly teach, however, Kuhnapfel  teaches secure communication between vehicles and a central server, [0051] As described above, the telematics unit 110 may receive vehicle data signals from the vehicle subsystems 114 that can be converted, filtered, processed, aggregated, stored, and forwarded to the central server 120 (it is obvious that this server may be located in an office or may be called central office server), a network client 140, a mobile device 130 app/user, or a network resource 150. As such, the telematics unit 110 may communicate the processed vehicle data to any of a variety of client and/or server systems. More specifically, in one example embodiment, the telematics unit 110 may be configured to wirelessly communicate the processed vehicle data to the mobile device 130 via a networked or direct data interface. The telematics unit 110 may support several configurations. In some embodiments, the telematics unit 110 may establish a secure data channel between the telematics unit 110 and the central server 120, a network client 140, a mobile device 130 user, or a network resource 150. In addition to or as an alternative to the secure channel, the telematics unit 110 may encrypt the processed vehicle data for transfer to the client or server devices. The receiving device may decrypt the data signals using standard techniques. The inclusion of the secure channel and/or encryption may enhance security of the processed vehicle data communicated to the client or server devices. It is obvious from the teaching Kuhnapfel that central server communicate with computers on board (first second) vehicles and do the conventional functions of receiving and authenticating  as recited in the claim  limitations. Therefore it is obvious to skilled person in the art that Flesher in combination with Kuhnapfel teaches all the limitations of claim 1.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher with disclosure of Kuhnapfel. The motivation or suggestion would have been to implement a system that will provide efficient techniques to prevent or reduce inefficient or unsafe use of the vehicle, vehicle accidents, and vehicle abuse. (para 0001-0005, Kuhnapfel

Claim 3, 6,13 & 16, are rejected under 35 USC 103 as being unpatentable over Felsher in view of Schmidt and Larson (US8504696)
Regarding claims 3 & 13, although Felsher and Kuhnapfel teach digitally signed public key and vehicle communication with central server (central office server as central server could be located in a office)  as illustrated above, they do not teach explicitly, however, Larson teaches wherein receiving the digitally signed first public key at the central office server further comprises: receiving a request for a  computer address of a-the second computer including a  computer identifier associated with the  second computer, [Column 8, lines10-15:  In accordance with one aspect of the invention, a system for connecting a first network device and a second network device includes one or more servers. The servers are configured to: (a) receive, from the first network device, a request to look up a network address of the second network device based on an identifier associated with the second network device;]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher and Schmidt with disclosure of Larson. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secured communications between entities. (Column 1, lines 35-65, Larson)
Regarding claim 6 & 16, Felsher and Fuhnapfel teach vehicles communication with the central office server they do not teach explicitly, however, Larson teaches sending, by the central office server, at least one of a first computer address associated with the first computer device or a second computer address associated with the second computer. [Column 8, lines10-15:  In accordance with one aspect of the invention, a system for connecting a first network device and a second network device includes one or more servers. The servers are configured to: (a) receive, from the first network device, a request to look up a network address of the second network device based on an identifier associated with the second network device;]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings Felsher and Schmidt with disclosure of Larson. The motivation or suggestion would have been to implement a system that will provide efficient techniques for secured communications between entities. (Column 1, lines 35-65, Larson)
Allowable Subject Matter
Claim 10 is objected to, however, could become allowable if incorporated with the base claims along with all the intervening claims, if any and if the applicant rewrites these claims to overcome clam objections and rejections issued for these base claims. 
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHER A KHAN/            Primary Examiner, Art Unit 2497