Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 19, 21, 23 and 28-36,  rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

In claims 19, 28, 29, 31, 33, 34 and 35, a first communication subscriber is registered as a publishing unit and the monitoring device (considered as the second communication subscriber recited in the preamble) is registered as a subscribing unit. Both the publishing unit and the subscribing units are registered with the publish/subscriber server. The limitation lacks clarity because, it fails to definitely identify or actively state that the monitoring device is different from the second communication subscriber either in function or configuration from the communication subscribers. The role of the monitoring device is not clear and no limitation 
In claim 19, a cryptographic key is negotiated between the first communication subscribers (registered as publishing unit) and the second communication subscriber (the monitoring device registered as a subscribing unit) which implies both the publishing unit and the subscribing unit are in possession of the negotiated cryptographic key. However, the same negotiated cryptographic key is automatically made available to the publish/subscribe server and then the same negotiated cryptographic key is transmitted back to the subscribing unit. The subscribing unit appears to have the cryptographic key twice and renders the claims limitations ambiguous and indefinite. Furthermore, it is not clear which key the subscriber unit is using to decrypt the encrypted communication connection. Is the decryption key, the negotiated cryptographic key or is the cryptographic key which is used to encrypt the communication connection? Therefore, claim 19 is rendered ambiguous and indefinite.
Claim 19 is directed to a method claim. However, there are no positively recited active steps recited in the body of the claim limitations and therefore claim 19 is rendered ambiguous and indefinite. 
Claims 19, 23, 30 and 31 are reciting “is used to” and therefore the claims are rendered ambiguous. Claim 19 recites “is used to encrypt” in line 1; Claim 23 recites “is used to check” in line; Claim 30 recites “is used to disclose” in line 3; and Claim 31 recites “is used to encrypt” in line 3. Generally the literal meaning of the phrase “is used to” indicate that a past repeated action or events which have been already occurred and no longer happening. The phrase renders the claims indefinite because it doesn’t recite a positively recited active action. 
Claim 21 appears to refer back to claim 20 by reciting the “the criterion” in an effort to further limit the features of claim 20. However, claim 21 appears to describe “a protocol” with the wherein clause to further describe the predefined criterion in claim 20 which doesn’t recite any particular defined protocol. Furthermore, claim 21 suggests incoherent lists as a protocol. For example, “a domain name system name used for the communication connection” is ambiguous. 

Claim 23: recites “an integrity key…is additionally made available to the publish/subscribe server”. The term “additionally” rendered the claim limitation ambiguous, because parts or entities in the “additionally” term are not well defined.

Claims 19, 21, 31 and 36 are rendered ambiguous and indefinite for having insufficient antecedent basis for the following limitations in the claims. Claim 19 recites the limitation “the encrypted communication connection” in line 14;  Claim 31 recites the limitation "the negotiated cryptographic key" in line 6; “the encrypted communication connection” in line 8; Claim 21 recites the limitation “a combination of said criteria” in line 3 and Claim 36 recites the limitation ”implement the method” in line 2.  There are insufficient antecedent basis for these limitations in the claims.

Claims 31 recites “monitoring device is designed to be registered”; “the communication subscriber is designed to be registered”; “the publisher/subscriber server is designed to transmit” all render claim 31 ambiguous and indefinite, because the claim term “is designed to be” suggests 

Claim 32 is directed to recite the system as claimed in claim 31, wherein the system is designed to carry out the method. Claim 32 is ambiguous and indefinite, because claim 31 has no clearly recited active steps or methods to be carried out.

Claim 36 is directed to a computer program product to implement the method as claimed in claim 19. However, there are no actively recited active method steps in claim 19 and therefore claim 36 is rendered ambiguous and indefinite (See claim 19).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 19-24, 26-28 and 30-36 are rejected under 35 U.S.C. 103 as being unpatentable over Trostle et al. (Hereinafter referred to as Trostle, US. Pub. No.: 20050097317) in view of Helland et al. (Hereinafter referred to as Helland; US. Pub. No.: 20050204139).

As per claim 19:
Trostle discloses a method for disclosing at least one cryptographic key which is used to encrypt at least one communication connection between a first communication subscriber and a second communication subscriber, wherein:
at least one of the communication subscribers is registered as a publishing unit with a publish/subscribe server and at least one monitoring device is registered as a subscribing unit (0028-0029: Registering the subscribers and the publishers with an event server. The event servers is responsible for registering the plurality of nodes, and for determining whether the nodes are authorized to produce certain events when the nodes are functioning as publishers, and whether the nodes are authorized to receive the certain events when the nodes are functioning as subscribers), and when subsequently negotiating a cryptographic key by means of the publishing unit when setting up a communication connection between the first and second communication subscribers one of the nodes (0054: Workstations/nodes 103, 105, 107, 109, of users A, B, C, D (publisher or subscriber) which initiates communication with the multicast group, may generate and supply a dynamic group key based on a symmetrical cryptographic algorithm to the KDC 111; 0055: If each of the members of the multicast group can be either a publisher or a subscriber, then an individual group member can employ different group session keys when it publishes a message);

the encrypted communication connection is decrypted by the subscribing unit using the cryptographic key (0066: decrypt information exchanged with decryption key).

Trostle does not explicitly disclose the negotiated cryptographic key is automatically made available to the publish/subscribe server by the publishing unit. Helland, in analogous art however, discloses the negotiated cryptographic key is automatically made available to the publish/subscribe server by the publishing unit (0037: Distributed Handshake: Fan-out tree of intermediaries that act on behalf of the Publisher to perform the handshake with a subset of the subscribers; 0146: distributed handshake" and/or "shared session key" employed, for example, for scalability and/or performance (e.g., to lessen the load on the publisher (initiator)); 0156-0158).  Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the method disclosed by Trostle to include the negotiated cryptographic key is automatically made available to the publish/subscribe server by the publishing unit. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to provide cryptographic key negotiation and delegation protocols to provide scalable, adaptable, robust and enhanced security and privacy in a publisher subscriber service of Trostle as suggested by Helland (0003; 0006-0009).


Helland discloses wherein the negotiated cryptographic key is provided by the publishing unit only for a communication connection which satisfies at least one predefined criterion (0150; 0153: satisfy two criterion: delegated handshake and off-loaded session key).

As per claim 21:
Helland discloses wherein a protocol used for the communication connection, an address of a communication partner, a domain name system name used for the communication connection, a port number used or a combination of said criteria is used as the criterion (0149: 0156: a handshake process with trusted agents with their digital certification).

As per claim 22:
Trostle discloses wherein the negotiated cryptographic key is provided only for a communication connection starting from the publishing unit or arriving at the publishing unit (0053; 0055: in a publisher subscriber service or configuration, a communication connection or message from is direction, which is from the publisher to the subscriber).

As per claim 23:
Helland discloses wherein an integrity key which is used to check the integrity of the communication connection is additionally made available to the publish/subscribe server (In 0094: creating and use of digital certificate to validate and authenticate established key exchanges and integrity of communication connection).

As per claim 24:
Helland discloses wherein the negotiated cryptographic key is immediately transmitted to the subscribing unit after setting up the communication connection (0146; 1057: unique session key is shared or exchanged through trusted agent and session key is available immediately during the established session).

As per claim 26:
Trostle discloses wherein a commitment value of the at least one cryptographic key is provided or transmitted (0075: initialization or wrap token). 

As per claim 27:
Helland discloses wherein the cryptographic key is provided in a manner encrypted with a transport key which differs from the cryptographic key (0060: 0146 public private key to encrypt session key).  

As per claim 28:
Helland discloses wherein the transport key is a public key of the monitoring unit or a group key (0060: 0146 public private key to encrypt session key).  

As per claim 30:


As per claim 31;
Claim 31 is directed to a system for disclosing at least one cryptographic key which is used to encrypt at least one communication connection between a first communication subscriber and a second communication subscriber, claim 31 having substantially similar claimed features as recited in corresponding limitation features as recited in claim 19 and therefore claim 31 is rejected with the same rationale given above to reject claim 19.

As per claim 32:
Claim 32 is directed to the system as claimed in claim 31, wherein the system is designed to carry out the method and therefore claim 32 is rejected with the same rationale given above to reject claim 31. 

As per claim 33:
Trostle discloses, wherein the at least one communication subscriber, the monitoring unit and the publish/subscribe server are designed to carry out topic- based publish/subscribe 

As per claim 34:
Trostle discloses wherein the monitoring device is arranged inside the communication connection (See Figure 4: P407 publisher and S405 subscribers in 413; Figure 7: 703 and 715 subscribers).

As per claim 35:
Trostle discloses wherein a connection device is arranged inside the communication connection and the monitoring device is in the form of a unit physically separate from the connection device and is connected to the connection device (Figure 7: 701a an evert servers and 701b a directory server).

As per claim 36:
Claim 36 is directed to a computer program product, comprising a computer readable hardware storage device having computer readable program code stored therein, said program code executable by a processor of a computer system to implement the method, as claimed in claim 19. Claim 36 is having substantially similar claimed features as recited in 19 and therefore claim 36 is rejected with the same rationale given above to reject claim 19.

Allowable Subject Matter
Claims 25 and 29 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and all of the above 112 (b) rejection is overcome. 
The following is a statement of reasons for the indication of allowable subject matter:  The pertinent prior arts of record, either taken alone or in combination neither anticipates nor renders obvious the following subject matter of claim 25 and 29:
In claim 25: Wherein the negotiated cryptographic key is transmitted to the subscribing unit only after expiry of a predefined period after setting up the communication connection.
In claim 29: Wherein the transport key is transmitted to the communication subscriber as a publishing unit via a publish/subscribe server after the communication subscriber has been registered as a second subscribing unit and at least one monitoring device has been registered as a second publishing unit with the publish/subscribe server for distributing the transport keys.


BRI (Broadest Reasonable Interpretation)
The above claims under examination have been given their BRI consistent with the applicant’s disclosure as it would be interpreted by one of ordinary skill in the art and the following claim words or terms or phrases or languages have been given to them the following reasonable BRI considerations in view of the applicant’s disclosure in order to construe boundary and scope of the claimed limitations without bringing limitations from the applicant’s into the claims. Accordingly, the examiner gave the following BRI considerations during examination :
Publish/subscribe server considered as Publish and Subscriber server

“is used to” indicate that a past repeated action or events which have been already  occurred and no longer happening. 
“is designed to be” suggests a past intention or plan, but the planned action or the intended implementation has not happened yet. 

Conclusion
The prior arts made of record and not relied upon are considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior arts.

Contact In formation
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784.  The examiner can normally be reached on 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/TECHANE GERGISO/Primary Examiner, Art Unit 2494