Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

DETAILED ACTION
This is in response to Application #16/329,119 filed on 02/27/2019 in which Claims 1-32 are presented for examination.

Status of Claims
Claims 1-32 are pending, of which Claims 1-2, 5, 17-18, 21 are rejected under 35 U.S.C. 103.  Claims 3-4, 6-16, 19-20, 22-32 are objected to as being allowable as a whole under prior art if rewritten in independent form including all of the limitations of their base claim and any intervening claims as well as addressing any additional issues described below.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):


The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 

Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder 
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
For more information, see MPEP § 2173 et seq. and Supplementary Examination Guidelines for Determining Compliance With 35 U.S.C. 112 and for Treatment of Related Issues in Patent Applications, 76 FR 7162, 7167 (Feb. 9, 2011).

Note to Applicant:  If Applicant does not want to invoke 112(f) on these claims, then the examiner encourages the applicant to please schedule an interview with the examiner to get assistance on how to amend these claims to overcome the Claim Interpretation under 112(f).  It is possible to do so with very simple amendments.  The examiner is happy to assist.

Prior Art Rejections - 35 USC § 102 and/or 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claim(s) 1-2, 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Gilhuly et al. US Patent Application Publication No. 2004/0029562 in view of Manian et al. US Patent Application Publication No. 2013/0039360 and further in view of Miller et al. US Patent No. 10,003,466.

Regarding Claim 17, Gilhuly et al. discloses:
A data encryption and decryption system, comprising: a data encryption and decryption device,  [(Gilhuly et al. Par 14 Lines 1-11; Par 17 Lines 1-19) where Gilhuly et al. teaches a data encryption and decryption system for handling encrypted push communications from a host system or data encryption and decryption device that executes a redirector program to push encrypted communications to a mobile device, the mobile device also able to execute its own redirector program and in effect, also able to function similarly to the host system’s description including and following paragraph 14 and push encrypted communications from the mobile device to the host device, so basically when it comes to the pushing of encrypted communications from the host device and the decrypting of the pushed encryption communications by the mobile device, the roles can be entirely reversed] and used to:
establish a first secure sockets layer (SSL) connection with a mobile device [(Gilhuly et al. Par 17 Lines 7-12; Par 149 Lines 5-7; Par 151 Lines 13-15; Par 168 Lines 6-9) where Gilhuly et al. teaches the establishment of a secure sockets layer (SSL) connection between the host to the mobile, or the mobile to the host, as described above and taught in Paragraph 14, any of the roles of the host or the mobile can be reversed];
receive data transmitted from the mobile device [(Gilhuly et al. Par 20 Lines 5-10) where Gilhuly et al. teaches the reception of data at the host system transmitted by the mobile device, but since as described above in Paragraph 14, the roles of the host system and the mobile device can be reversed, also taught here is the reception of data at the mobile device transmitted by the host system].
generate a first symmetric key, encrypt the data using the first symmetric key, and generate first encrypted data [(Gilhuly et al. Par 148 Lines 3-7; Par 149 Lines 1-3; Par 150 Lines 1-5) where Gilhuly et al. teaches the generation of a symmetric key at the redirection host system that is utilized for encrypting the redirected data, then the actual encrypting of the redirected data with the symmetric key to generate encrypted redirected data]; and
transmit the first encrypted data and the first encrypted key to the mobile device [(Gilhuly et al. Par 149 Lines 3-7; Par 150 Lines 2-5) where Gilhuly et al. teaches the encryption of message data using the generated symmetric key and sending the encrypted data to the mobile device, as well as the encrypting and transmission of the generated symmetric key over a secure encrypted pipe using Internet Message Access Protocol (IMAP) over Secure Sockets Layer (SSL)].

Gilhuly et al. does not appear to explicitly disclose:
a cloud device; and a data encryption and decryption device, coupled to the cloud device;
encrypt the first symmetric key using a first public key, and generate a first encrypted key

However, Manian et al. discloses:
a cloud device; and a data encryption and decryption device, coupled to the cloud device; [(Manian et al. Par 29 Lines 13-18) where Manian et al. teaches a cloud device on the UC cloud side and a data encryption and decryption device of a mediation server, that is coupled to the UC cloud side device and encrypts and decrypts SRTP (Secure Real-time Transport Protocol) data in order to communicate with the US cloud side device].

Gilhuly et al. and Manian et al. are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gilhuly et al. and the teachings of Manian et al. by providing a cloud device on the UC cloud side and a data encryption and decryption device of a mediation server, that is coupled to the UC cloud side device and encrypts and decrypts SRTP (Secure Real-time Transport Protocol) data in order to communicate with the US cloud side device as taught by Manian et al. in the teaching described by Gilhuly et al..
The motivation for doing so would be to increase the usability and flexibility of Gilhuly et al. by providing a cloud device on the UC cloud side and a data encryption and decryption device of a mediation server, that is coupled to the UC cloud side device and encrypts and decrypts SRTP (Secure Real-time Transport Protocol) data in order to communicate with the US cloud side device as taught by Manian et al. in the teaching described by Gilhuly et al. so as to provide secure protected encrypted communications with a cloud device.

The combination of Gilhuly et al. and Manian et al. does not appear to explicitly disclose:
encrypt the first symmetric key using a first public key, and generate a first encrypted key

However, Miller et al. discloses:
encrypt the first symmetric key using a first public key, and generate a first encrypted key  [(Miller et al. Column 18 Lines 53-54) where Miller et al. teaches the encryption of a symmetric key using a public key, resulting in the generation of an encrypted key].

Gilhuly et al., Manian et al., and Miller et al. are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gilhuly et al. and Manian et al. and the teachings of Miller et al. by providing the encryption of a symmetric key using a public key, resulting in the generation of an encrypted key as taught by Miller et al. in the teaching described by Gilhuly et al. and Manian et al.
The motivation for doing so would be to increase the usability and flexibility of Gilhuly et al. and Manian et al. by providing the encryption of a symmetric key using a public key, resulting in the generation of an encrypted key as taught by Miller et al. in the teaching described by Gilhuly et al. and Manian et al. so as to provide an additional method of encrypting a symmetric key.

Regarding Claim 18, most of the limitations of this claim have been noted in the rejection of Claim 17.  Applicant is directed to the rejection of Claim 17 above.  In addition, the combination of Gilhuly et al., Manian et al., and Miller et al. discloses:
The data encryption and decryption system as claimed in claim 17, wherein after the mobile device receives the first encrypted data and the first encrypted key, the mobile device uploads the first encrypted data and the first encrypted key to the cloud device [(Gilhuly et al. Par 149 Lines 3-7; Par 150 Lines 2-5) where Gilhuly et al. teaches the encryption of message data using the generated symmetric key and sending the encrypted data to the mobile device, as well as the encrypting and transmission of the generated symmetric key over a secure encrypted pipe using Internet Message Access Protocol (IMAP) over Secure Sockets Layer (SSL) and since according to paragraph 14 of Gilhuly et al. described above, the roles of the host system and the mobile device can be entirely reversed,  the combination of Gilhuly et al. and Manian et al. teaches that the mobile device uploads the encrypted data and the encrypted key to the cloud device].

Regarding Claim 1:
It is a method claim corresponding to the system claim of claim 17.  Therefore, claim 1 is rejected with the same rationale as applied against claim 17 above.

Regarding Claim 2:
It is a method claim corresponding to the system claim of claim 18.  Therefore, claim 2 is rejected with the same rationale as applied against claim 18 above.

Claim(s) 5, 21 are rejected under 35 U.S.C. 103 as being unpatentable over Gilhuly et al. US Patent Application Publication No. 2004/0029562 in view of Manian et al. US Patent Application Publication No. 2013/0039360 and further in view of Miller et al. US Patent No. 10,003,466 and further in view of Walker et al. US Patent Application Publication No. 2008/0084578.

Regarding Claim 21, most of the limitations of this claim have been noted in the rejection of Claim 17.  Applicant is directed to the rejection of Claim 17 above.  In addition, the combination of Gilhuly et al., Manian et al., and Miller et al. discloses:
The data encryption and decryption system as claimed in claim 17, wherein the data encryption and decryption device establishes the first SSL connection with the mobile device [(Gilhuly et al. Par 149 Lines 3-7; Par 150 Lines 2-5) where Gilhuly et al. teaches the encryption of message data by the a host system or data encryption and decryption device using the generated symmetric key and sending the encrypted data to the mobile device, as well as the encrypting and transmission of the generated symmetric key over a secure encrypted pipe using Internet Message Access Protocol (IMAP) over Secure Sockets Layer (SSL)]

The combination of Gilhuly et al., Manian et al., and Miller et al. does not appear to explicitly disclose:
the first SSL connection with the mobile device through Bluetooth transmission

However, Walker et al. discloses:
the first SSL connection with the mobile device through Bluetooth transmission  [(Walker et al. Par 123 Lines 1-6) where Walker et al. teaches a mobile device communicating via SSL protocol with other devices over a Bluetooth wireless connection].

Gilhuly et al., Manian et al., Miller et al., and Walker et al. are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gilhuly et al., Manian et al., Miller et al. and the teachings of Walker et al. by providing a mobile device communicating via SSL protocol with other devices over a Bluetooth wireless connection as taught by Walker et al. in the teaching described by Gilhuly et al., Manian et al., Miller et al.
The motivation for doing so would be to increase the usability and flexibility of Gilhuly et al., Manian et al., Miller et al. by providing a mobile device communicating via SSL protocol with other devices over a Bluetooth wireless connection as taught by Walker et al. in the teaching described by Gilhuly et al., Manian et al., Miller et al. so as to provide an additional communications medium for communication.

Regarding Claim 5:
It is a method claim corresponding to the system claim of claim 21.  Therefore, claim 5 is rejected with the same rationale as applied against claim 21 above.

Allowable Subject Matter
Claims 3-4, 6-16, 19-20, 22-32 are objected to as being dependent upon a rejected base claim, but would be allowable as a whole under prior art if rewritten in independent form including all of the limitations of their base claim and any intervening claims as well as addressing any additional issues described above.

The following is a statement of reasons for the indication of allowable subject matter.  The examiner has found that the prior art of record does not teach, suggest, or render obvious:
receiving, by the data encryption and decryption device, the first encrypted data and the first encrypted key transmitted from the mobile device; decrypting the first encrypted key using a first private key to obtain the first symmetric key; decrypting the first encrypted data using the first symmetric key to obtain the data; and transmitting the data to the mobile device, wherein before establishing the first SSL connection with the mobile device, the method further comprises: performing a device matching process, wherein the device matching process comprises: installing, by the data encryption and decryption device, a second public key generated by a key storage device in advance; generating the first public key and the first private key; using the second public key to encrypt the first private key, and generating a second encrypted key; and transmitting the second encrypted key and an international mobile equipment identity (IMEI) corresponding to the data encryption and decryption device to a cloud device, and storing the second encrypted key and the IMEI into the cloud device; the cloud device transmits the second encrypted key and the IMEI to the key storage device, the data encryption and decryption device further executes the following operations: receiving the first encrypted data and the first encrypted key transmitted from the mobile device; decrypting the first encrypted key using a first private key to obtain the first symmetric key; decrypting the first encrypted data using the first symmetric key to obtain the data; and transmitting the data to the mobile device, a key storage device, coupled to the cloud device; wherein before the data encryption and decryption device establishes the first SSL connection with the mobile device, the data encryption and decryption device performs a device matching process, wherein the device matching process comprises: the data encryption and decryption device installs a second public key, the first public key and the first private key; the data encryption and decryption device uses the second public key to encrypt the first private key, and generates a second encrypted key; the data encryption and decryption device transmits the second encrypted key and an international mobile equipment identity (IMEI) corresponding to the data encryption and decryption device to the cloud device, and stores the second encrypted key and the IMEI into the cloud device; and the cloud device transmits the second encrypted key and the IMEI to the key storage device.

As recited in dependent Claims 3-4, 6-16, 19-20, 22-32 when also incorporating all of the limitations of the base claim and any intervening claims as well as addressing any additional issues described above.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Bachman et al - US_5907621: Bachman et al. teaches session management utilizing secure sockets layer or SSL communications protocol.
Dowling - US_20020052965: Dowling teaches negotiated wireless peripheral security systems utilizing secure sockets layer or SSL communications protocol.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789.  The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM Eastern Time.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571) 272- 8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2498