DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 12/01/2020.
In the instant Amendment, Claims 1, 11-12, 14-15 and 20 have been amended. Claims 5-8 and 19 have been cancelled without prejudice. Claims 21-25 have been added. Claims 1, 11 and 21 are independent claims.  Claims 1-4, 9-18 and 20-25 have been examined and are pending.  This Action is made FINAL.

Claim Objections
Claim 1 is objected to because of the following informalities:
Regarding claim 1, the acronym ‘ID’ are used without spelling out in full at its first occurrence in the claims.  Appropriate correction is required.  

	
Response to Arguments
The Examiner acknowledged the Applicant response to the lack of a Background. The Examiner will withdraw the specification objection.
Applicant’s arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 12/01/2020 with respect to the rejections of claims 1-4, 9-18 and 20-25 have been fully considered but are not persuasive.
As to independent claim 1, Applicants stated in arguments that Smetters and Krywaniuk at least fail to teach or suggest "a plurality of processing devices arranged as a trust family, each processing device storing authentication information comprising an internal token value and a single external token value corresponding to a single one of the other processing devices in the trust family, " (Applicant Arguments/Remarks, 12/01/2020, pages 11-12).
The Examiner disagrees with the Applicants. The Examiner respectfully Smetters does disclose the cited limitations. For example, a plurality of processing devices arranged as a trust family (Smetters: fig. 10 shows the trust group with plurality devices), each processing device storing authentication information comprising an internal token value and a single external token value corresponding to a single one of the other processing devices in the trust family (Smetters: par 0020; using location-limited channel physical token exchanges provides demonstrative identification when the physical tokens are exchanged between participants and inserted into a participating device; par 0022; copies the originator's pre-authentication information [i.e., external token] and location onto that participant's communication device. That participant then adds that participant's own pre authentication information [i.e., internal token]).
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (313) 446-6644 to schedule an interview.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 9 and 21-25 are rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. ("Smetters," US 20050100166, published on 05/12/2005) in view of Coffing et al. (“Coffing,” US 20090117883, published on 05/07/2009)


Regarding Claim 1; 
Smetters discloses an apparatus comprising: 
a plurality of processing devices arranged as a trust family (par 0042; fig.10; several devices would use one or more pre-authentication methods to establish mutual trust), 
each processing device storing authentication information comprising an internal token value and a single external token value corresponding to a single one of the other processing devices in the trust family (par 0020; using location-limited channel physical token exchanges provides demonstrative identification when the physical tokens are exchanged between participants and inserted into a participating device; par 0022; copies the originator's pre-authentication information [i.e., external token] and location onto that participant's communication device. That participant then adds that participant's own pre authentication information [i.e., internal token]); 
a host controller circuit configured to authenticate the trust family by providing a set of queries to the processing devices and receiving a set of responses from the processing devices (par 0128; figs.3 and 4; when executed by the processor, allows the communication device to establish secure communications with a second communication device of a second participant of the group based on the pre-authentication data; par 0100; where a group originator is selected from the participants in the group, the group originator collects pre authentication credential information, location information, secret information and/or signature information from the other participants in the group. the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group. the group originator and the other participants in the group are able to engage in point-to-point secure information exchanges as authorized group members), 
the set of responses generated using the external token values stored by the respective processing devices (par 100; fig.4; the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group).
Smetters discloses all the limitations as recited above, but do not explicitly discloses the internal token value comprising a unique ID value associated with the corresponding processing device, the external token value comprising a unique ID value for the single one of the other processing device in the trust family.
However, in an analogous art, Coffing discloses transaction system system/method that includes:
the internal token value comprising a unique ID value associated with the corresponding processing device, the external token value comprising a unique ID value for the single one of the other processing device in the trust family (Coffing: fig. 2, step 1 shows each device have preloaded token from the owe device and received token which received from another device; fig. 4, step 2 shows the user uploads received token ID to database for lookup which comprise device ID).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Coffing with the method/system of Smetters to include the internal token value comprising a unique ID value associated with the corresponding processing device, the external token value comprising a unique ID value for the single one of the other processing device in the trust family. One would have been motivated to send token device and a receiving token device, transmitting unique electronic transaction tokens between a consenting sending party and a consenting or optionally consenting receiving party wherein said transaction tokens may be used for single use, party approved after-contact, computer-network facilitated access to each other's profile (Coffing: abstract).

Regarding Claim 9;
Smetters in combination with Coffing disclose the apparatus of claim 1,
Smetters further discloses wherein the processing devices comprise data storage devices each having a data storage device controller circuit and a non-volatile memory (NVM) to store user data supplied by the host device (Smetters: par 0123; fig. 9; a communication device that can be used to set up secure communications in a network medium that is usable as either of the first or second devices. The communication device may be a personal computer, a laptop computer [] the communication device includes a processor, a memory, and an input/output interface [] the memory may include volatile memory and/or non-volatile memory, including one or more of random access memory (RAM), read only memory (ROM), Flash memory, a soft or a hard disk drive, an optical disk drive and/or the like).

Regarding Claim 21; 
Smetters discloses an apparatus comprising: 
a plurality of processing devices arranged as a trust family (par 0042; fig.10; several devices would use one or more pre-authentication methods to establish mutual trust), 
a host controller circuit configured to authenticate the trust family by providing a set of queries to the processing devices and receiving a set of responses from the processing devices (par 0128; figs.3 and 4; when executed by the processor, allows the communication device to establish secure communications with a second communication device of a second participant of the group based on the pre-authentication data; par 0100; where a group originator is selected from the participants in the group, the group originator collects pre authentication credential information, location information, secret information and/or signature information from the other participants in the group. the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group. the group originator and the other participants in the group are able to engage in point-to-point secure information exchanges as authorized group members), 
the set of responses generated using the external token values stored by the respective processing devices (par 100; fig.4; the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group).
Smetters discloses all the limitations as recited above, but do not explicitly discloses each processing device storing an internal token value comprising a unique identification (ID) value associated with the corresponding processing device, each processing device further storing an external token value comprising the ID value corresponding to at least one of the other processing devices in the trust family, each processing device storing the same number of external token values from among the plurality of processing devices.
However, in an analogous art, Coffing discloses transaction system system/method that includes:
each processing device storing an internal token value comprising a unique identification (ID) value associated with the corresponding processing device, each processing device further storing an external token value comprising the ID value corresponding to at least one of the other processing devices in the trust family (Coffing: fig. 2, step 1 shows each device have preloaded token from the owe device and received token which received from another device; fig. 4, step 2 shows the user uploads received token ID to database for lookup which comprise device ID), each processing device storing the same number of external token values from among the plurality of processing devices family (Coffing: par 0118; fig. 2; wherein two or more users wish to exchange tokens with each other. The devices may be put into a discovery mode to identify all of the other token devices in the space or communications channel, before beginning token transactions with each of the discovered devices).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Coffing with the method/system of Smetters to include each processing device storing an internal token value comprising a unique identification (ID) value associated with the corresponding processing device, each processing device further storing an external token value comprising the ID value corresponding to at least one of the other processing devices in the trust family, each processing device storing the same number of external token values from among the plurality of processing devices. One would have been motivated to send token device and a receiving token device, transmitting unique electronic transaction tokens between a consenting sending party and a consenting or optionally consenting receiving party wherein said transaction tokens may be used for single use, party approved after-contact, computer-network facilitated access to each other's profile (Coffing: abstract).

Regarding Claim 22;
Smetters in combination with Coffing disclose the apparatus of claim 21, 
(Smetters: par 0022; participant connects the location-limited physical token channel to that participant's communication device and copies the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre authentication information and the location of that participant's communication device on the network onto the location-limited physical token channel; par 0023; that participant then passes the location-limited physical token channel to the next participant. That next participant also copies the originator's pre-authentication information [] this continues until the last participant passes the location-limited physical token channel back to the group originator); 

Regarding Claim 23;
Smetters in combination with Coffing the apparatus of claim 21, 
Smetters further disclose wherein each of the processing devices stores exactly one external token value from one other of the processing devices in the trust family (Smetters: par 0022; fig.10; participant connects the location-limited physical token channel to that participant's communication device and copies the originator's pre-authentication information and location onto that participant's communication device; par 0023; that next participant also copies the originator's pre-authentication information [] this continues until the last participant).  
Regarding Claim 24;
Smetters in combination with Coffing the apparatus of claim 21,
 Smetters further disclose wherein the external token values are assigned using a circular association among the plurality of processing devices (Smetters: par 0022; fig.10; participant connects the location-limited physical token channel to that participant's communication device and copies the originator's pre-authentication information and location onto that participant's communication device; par 0023; that next participant also copies the originator's pre-authentication information [] this continues until the last participant passes the location-limited physical token channel back to the group originator).  
 
Regarding Claim 25;
Smetters in combination with Coffing the apparatus of claim 21, 
Smetters further discloses wherein all members of the trust family are determined to be authentic and present by the host controller circuit responsive to receipt of responses from all of the processing devices generated responsive to the respective external tokens stored by each of the processing devices (Smetters: par 0042; fig.11; several devices would use one or more pre-authentication methods to establish mutual trust; par 0128; when executed by the processor, allows the communication device to establish secure communications; par 0100; where a group originator is selected from the participants in the group, the group originator collects pre authentication credential information [] the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group. the group originator and the other participants in the group are able to engage in point-to-point secure information exchanges as authorized group members). 
 
Claims 2-3 are rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. (US 20050100166) in view of Coffing et al. (US 20090117883) and further in view of Tharappel et al. (“Tharappel,” US 20150186636, published 07/02/2015)
Regarding Claim 2;
Smetters in combination with Coffing disclose the apparatus of claim 1, 
Smetters further discloses wherein the host controller circuit authenticates the trust family by generating a first query of the set of queries using a selected one of the external token values, forwarding the first query to each of the processing devices (Smetters: par 0100; figs.3 and 4; the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group).
Smetters in combination with Coffing disclose all the limitations as recited above, but do not explicitly disclose evaluating a corresponding response from 
However, in an analogous art, Tharappel discloses authentication across a trust group system/method that includes:
evaluating a corresponding response from each of the processing devices generated using the external token value stored by the associated processing device (Tharappel: par 0035; user biometric input is the biometric characteristic; par 0045; credentials include biometric information indicative of biometric input from a user [] the biometric information can include data representing user-specific attributes of the particular biometric characteristic; par 0077; where the wearable device receives biometric input data. a determination is made as to whether a biometric authentication has been successful. Generally, a comparison may be made between the biometric input data and biometric credentials previously enrolled on wearable device. If the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tharappel with the method/system of Smetters and Coffing to include evaluating a corresponding response from each of the processing devices generated using the external token value stored by the associated processing device. One would have been motivated to determine whether the smart device is included in a trust group of one or more smart devices, and send a communication to unlock the smart (Tharappel: abstract).

Regarding Claim 3;
Smetters in combination with Coffing and Tharappel disclose the apparatus of claim 2, 
Smetters further discloses wherein the first query comprises a copy of the selected external token value (Smetters: par 0100; figs.3 and 4; the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group).
Smetters in combination with Coffing disclose all the limitations as recited above, but do not explicitly disclose each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation.
However, in an analogous art, Tharappel discloses authentication across a trust group system/method that includes:
each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing (Tharappel: par 0077; where the wearable device receives biometric input data. a determination is made as to whether a biometric authentication has been successful. Generally, a comparison may be made between the biometric input data and biometric credentials previously enrolled on wearable device. If the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated. Otherwise, the biometric authentication fails; par 0078; if the biometric authentication is not successful, appropriate action may be taken. For example, an authentication result (e.g., `failed`) may be sent to the smart device to which it is currently connected).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tharappel with the method/system of Smetters and Coffing to include each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation. One would have been motivated to determine whether the smart device is included in a trust group of one or more smart devices, and send a communication to unlock the smart device when the input data is successfully authenticated and when the trust group includes the smart device (Tharappel: abstract).
Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. (US 20050100166) in view of Coffing et al. (US 20090117883) and Tharappel et al. (US 20150186636) and further in view of Dawson et al. (“Dawson,” US 20160226833, published on 08/04/2016)
Regarding Claim 4;
Smetters in combination with Coffing and Tharappel disclose the apparatus of claim 2, 
Smetters further discloses wherein the first query comprises a challenge value (Smetters: par 0100; figs.3 and 4; the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant; par 0096; the set of information includes at least one or more of the originator's pre-authentication information, the originator's location, a current secret, one or more signatures or the like).
Smetters  in combination with Coffing disclose all the limitations as recited above, but do not explicitly disclose each of the processing devices performs a cryptographic function to combine the challenge value with the external token value stored by the associated processing device to 30generate an output value and provides a response to the host controller circuit comprising the output value, and wherein the host controller circuit evaluates each of the output values received from the processing device. 
However, in an analogous art, Tharappel discloses authentication across a trust group system/method that includes:
 (Tharappel: par 0077; where the wearable device receives biometric input data. a determination is made as to whether a biometric authentication has been successful. Generally, a comparison may be made between the biometric input data and biometric credentials previously enrolled on wearable device. If the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated. Otherwise, the biometric authentication fails; par 0078; if the biometric authentication is not successful, appropriate action may be taken. For example, an authentication result (e.g., `failed`) may be sent to the smart device to which it is currently connected), and wherein the host controller circuit evaluates each of the output values received from the processing device (Tharappel: par 0077; a determination is made as to whether a biometric authentication has been successful [] if the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated).
  Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tharappel with the method/system of Smetters and Coffing to include each of the processing devices performs a cryptographic function to combine the challenge value with the external token value stored by the associated processing device to 30generate an output value and provides a response to the host controller (Tharappel: abstract).
Smetters in combination with Coffing and Tharappel disclose all the limitations as recited above, but do not explicitly disclose combine the challenge value with the external token value.
However, in an analogous art, Dawson discloses authentication service system/method that includes: 
combine the challenge value with the external token value (Dawson: par 0037; the user credential information can be any of a password, a challenge phrase, a challenge phrase hash, or a combination of any of those).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Dawson with the method/system of Smetters, Coffing and Tharappel to include combine the challenge value with the external token value. One would have been motivated to include an onboard database that stores user credential information and a portable encryption and authentication service module that allows to make a secure communication channel with the host device (Dawson: abstract).


Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. (US 20050100166) in view of Coffing et al. (US 20090117883) and further in view of Struik et al. (“Struik,” US 20030235309, published on 12/25/2003)

Regarding Claim 10;
Smetters in combination with Coffing disclose the apparatus of claim 1,
Smetters in combination with Coffing disclose all the limitations as recited above, but do not explicitly disclose wherein the trust family comprises a first trust family, the apparatus comprising a plurality of additional trust families nominally identical to the first trust family, and wherein the apparatus further comprises a top level controller circuit that authenticates each of the first trust family and the additional trust families first trust family and the additional trust families.  
However, in an analogous art, Struik discloses local area network system/method that includes:
 wherein the trust family comprises a first trust family (Struik: par 0045; fig. 2; if the device A only trusts devices A, B, C then TrustSet(A):=[A, B, C] that is Group 1), the apparatus comprising a plurality of additional trust families nominally identical to the first trust family (Struik: par 0045; fig. 3; if device A desires to communicate to Group 2 members, the device A generates a new group key to form a new group, Group 3, and device A distributes this new group key to the members of Group 2', that is device D. Therefore, the groups then under the control of the security manager of device A will then be Group 1, Group 2, as mentioned above, and Group 3), and wherein the apparatus further comprises a top level controller circuit that authenticates each of the first trust family and the additional trust families first trust family and the additional trust families (Struik: par 0045; figs. 1 and 3; if device A desires to communicate to Group 2 members, the device A generates a new group key to form a new group, Group 3, and device A distributes this new group key to the members of Group 2', that is device D. Therefore, the groups then under the control of the security manager of device A will then be Group 1, Group 2, as mentioned above, and Group 3).
 Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Struik with the method/system of Smetters and Coffing to include wherein the trust family comprises a first trust family, the apparatus comprising a plurality of additional trust families nominally identical to the first trust family, and wherein the apparatus further comprises a top level controller circuit that authenticates each of the first trust family and the additional trust families first trust family and the additional trust families.  One would have been motivated to a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network (Struik: abstract).

Claims 11-14, 17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. (US 20050100166) in view of Tharappel et al. (“Tharappel,” US 20150186636, published 07/02/2015)
Regarding Claim 11;
Smetters discloses a method comprising: 
forming a trust family comprising a plurality of processing devices and a host controller circuit by generating an internal token value for each processing device and distributing the internal token values as external token values among the respective processing devices so that each of the processing devices stores less than all of the external token values among the plurality of processing devices (par 0042; several devices would use one or more pre-authentication methods to establish mutual trust; par 0100; where a group originator is selected from the participants in the group, the group originator collects pre authentication credential information, location information, secret information and/or signature information from the other participants in the group. the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group. the group originator and the other participants in the group are able to engage in point-to-point secure information exchanges as authorized group members; par 0022; copies the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre authentication information; par 0023; this continues until the last participant passes the location-limited physical token channel back to the group originator); and 
authenticating the trust family by using the host controller circuit to generate a query, to forward the query to each of the processing devices (par 0128; figs.3 and 4; when executed by the processor, allows the communication device to establish secure communications with a second communication device of a second participant of the group based on the pre-authentication data; par 0100; where a group originator is selected from the participants in the group, the group originator collects pre authentication credential information, location information, secret information and/or signature information from the other participants in the group. the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group. the group originator and the other participants in the group are able to engage in point-to-point secure information exchanges as authorized group members).
Smetters disclose all the limitations as recited above, but do not explicitly disclose to evaluate a response supplied to the host controller circuit by each processing device in response to the query, each response generated by the associated processing device using the external token value stored by the associated processing device.  
However, in an analogous art, Tharappel discloses authentication across a trust group system/method that includes:
(Tharappel: par 0045; credentials include biometric information indicative of biometric input from a user [] the biometric information can include data representing user-specific attributes of the particular biometric characteristic; par 0077; where the wearable device receives biometric input data. a determination is made as to whether a biometric authentication has been successful. Generally, a comparison may be made between the biometric input data and biometric credentials previously enrolled on wearable device. If the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated).
 Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tharappel with the method/system of Smetters to include to evaluate a response supplied to the host controller circuit by each processing device in response to the query, each response generated by the associated processing device using the external token value stored by the associated processing device. One would have been motivated to determine whether the smart device is included in a trust group of one or more smart devices, and send a communication to unlock the smart device when the input data is successfully authenticated and when the trust group includes the smart device (Tharappel: abstract).
Regarding Claim 12;
Smetters in combination with Tharappel disclose the method of claim 11, 
Smetters further discloses wherein the host controller circuit generates a separate query for each of the external token values in turn and supplies each of the separate queries to each of the processing devices (Smetters: par 0100; where a group originator is selected from the participants in the group, the group originator collects pre authentication credential information, location information, secret information and/or signature information from the other participants in the group. the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group. the group originator and the other participants in the group are able to engage in point-to-point secure information exchanges as authorized group members), and wherein in response to each separate query the receiving processing device returns a value based on the associated internal token value associated with the receiving processing device and a single external token value for a different one of the processing devices stored by the receiving processing device (Smetters: par 0020; using location-limited channel physical token exchanges provides demonstrative identification when the physical tokens are exchanged between participants and inserted into a participating device; par 0022; copies the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre authentication information; par 0023; that participant then passes the location-limited physical token channel to the next participant. That next participant also copies the originator's pre-authentication information and location from the location-limited physical token channel onto that next participant's communication device and copies that next participant's pre-authentication information and location onto the location-limited physical token channel. The next participant then passes the location-limited physical token channel to yet another participant. This continues until the last participant passes the location-limited physical token channel back to the group originator). 
  
Regarding Claim 13;
Smetters in combination with Tharappel disclose the method of claim 11, 
Smetters further discloses wherein the query comprises a copy of a selected external token value (Smetters: par 0100; figs.3 and 4; the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group). 
Smetters Coffing discloses all the limitations as recited above, but do not explicitly disclose each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation.

each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation (Tharappel: par 0077; where the wearable device receives biometric input data. a determination is made as to whether a biometric authentication has been successful. Generally, a comparison may be made between the biometric input data and biometric credentials previously enrolled on wearable device. If the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated. Otherwise, the biometric authentication fails; par 0078; if the biometric authentication is not successful, appropriate action may be taken. For example, an authentication result (e.g., `failed`) may be sent to the smart device to which it is currently connected).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tharappel with the method/system of Smetters to include each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison (Tharappel: abstract).

Regarding Claim 14;
Smetters in combination with Tharappel disclose the method of claim 11,
Smetters further discloses wherein each processing device stores only a single external token value as the internal token value of just one other processing device within the trust family (Smetters: par 0020; using location-limited channel physical token exchanges provides demonstrative identification when the physical tokens are exchanged between participants and inserted into a participating device; par 0022; that participant connects the location-limited physical token channel to that participant's communication device and copies the originator's pre-authentication information and location onto that participant's communication device).

Regarding Claim 17; 
Smetters in combination with Tharappel disclose the method of claim 11. 
Smetters further discloses detecting a stranger device that does not belong to the trust family during the authenticating step (Smetters: par 0137; fig. 11; the point-to-point exchange protocol, the group originator arranges for further secure communication between members of the group; par 138; because the parties were not able to gain physical possession of the location-limited physical token channel, the group originator  does not recognize the parties as legitimate participants in the group communication), performing a separate authentication of the stranger device using a remote server to add the stranger device to the trust family (Smetters: par 0139; managing the joining and leaving of participants may be relatively easy. a joining participant uses the location-limited physical token channel to pre-authenticate itself to the group originator, and receives the group key over a secured wireless link from the group originator).

Regarding Claim 20;
Smetters in combination with Tharappel disclose the method of claim 11, 
Smetters further discloses wherein the processing devices comprise data storage devices each having a data storage device controller circuit and a non- volatile memory (NVM) to store user data supplied by the host device (Smetters: par 0123; fig. 9; a communication device that can be used to set up secure communications in a network medium that is usable as either of the first or second devices. The communication device may be a personal computer, a laptop computer [] the communication device includes a processor, a memory, and an input/output interface [] the memory may include volatile memory and/or non-volatile memory, including one or more of random access memory (RAM), read only memory (ROM), Flash memory, a soft or a hard disk drive, an optical disk drive and/or the like), and wherein each selected storage device further  (Smetters: par 0022; fig.10; participant connects the location-limited physical token channel to that participant's communication device and copies the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre authentication information and the location of that participant's communication device on the network onto the location-limited physical token channel; par 0023; that participant then passes the location-limited physical token channel to the next participant. That next participant also copies the originator's pre-authentication information [] this continues until the last participant passes the location-limited physical token channel back to the group originator; par 0085; large storage capability of these location-limited physical token channels and their widespread compatibility with conventional data processing devices makes such location-limited physical token channels useful for exchanging pre-authentication information and/or location information).  
  



Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. (US 20050100166) in view of Tharappel et al. (US 20150186636) and further in view  of Zhao et al. (“Zhao,” US 20170289943, published on 10/05/2017)

Regarding Claim 15;
Smetters in combination with Tharappel disclose the method of claim 14, 
Smetters in combination with Tharappel disclose all the limitations as recited above, but do not explicitly disclose wherein the external token values are assigned among the processing devices within the trust family on a random basis.  
However, in an analogous art, Zhao discloses devices in secure domain group system/method that includes:
wherein the external token values are assigned among the processing devices within the trust family on a random basis (Zhao: par 0063; generates a randomly generated nonce r, and a fresh random key material to be used for E's limited-use credentials. DR creates a token a for E that encrypts k1 with protocol session data and current timestamp as authenticated tag, using ek, the key derived from K.sub.RE and protocol instance data, including identities and random number).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Zhao with the method/system of Smetters and Tharappel to include wherein the external token values are assigned among the processing devices within the trust  One would have been motivated to enrollment request is sent to a delegated registrar device to initiate a trust-establishment procedure with the DR device to establish initial connectivity and an initial symmetric key to be shared between the DR and the endpoint device (Zhao: abstract).

Claims 16 is rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. (US 20050100166) in view of Tharappel et al. (US 20150186636) and further in view of Ito et al. (“Ito,” US 20050165727, published 12/16/2003)

Regarding Claim 16; 
Smetters in combination with Tharappel disclose the method of claim 11, 
Smetters in combination with Tharappel disclose all the limitations as recited above, but do not explicitly disclose wherein the authenticating step establishes trust among the trust family without communications between the host controller circuit or the processing devices with a remote server via a network.
However, in an analogous art, Ito discloses removable recording medium system/method that includes:
wherein the authenticating step establishes trust among the trust family without communications between the host controller circuit or the processing devices with a remote server via a network (Ito: par 0065; fig. 2; when the PC is powered on, it is checked whether the PC is connected to a removable HDD. If the outcome is YES, the process proceeds in which the PC requests the removable HDD to send the authentication number of the removable HDD. Upon receiving the authentication number from the removable HDD, the PC checks the received authentication number against the authentication number stored in the memory to determine whether the authentication number has been obtained).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Ito with the method/system of Smetters and Tharappel to include wherein the authenticating step establishes trust among the trust family without communications between the host controller circuit or the processing devices with a remote server via a network. One would have been motivated to a one-to-many authentication method for enabling the use of the removable HDD 4 in a plurality of PCs can be considered (Ito: par 0012).

Claims  18 are rejected under 35 U.S.C. 103 as being unpatentable over Smetters et al. (US 20050100166) in view of Tharappel et al. (US 20150186636) and further in view of Bhaya et al. (“Bhaya,” US 20180247654, filed on 04/30/2018)

Regarding Claim 18;
Smetters in combination with Tharappel disclose the method of claim 11, 
Smetters in combination with Tharappel disclose all the limitations as recited above, but do not explicitly disclose applying a selected hash function to a unique identification (ID) value associated with the each processing device to form the associated internal token value.  

applying a selected hash function to a unique identification (ID) value associated with the each processing device to form the associated internal token value (Bhaya: par 0018; the data processing system can generate virtual identifiers (or virtual tokens), representing the client computing device; par 0068; the virtual identifier can include a combination of various data associated with the client computing device. For example, the virtual identifier can include a hash function of one or more of a device ID).
 Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bhaya with the method/system of Smetters and Tharappel to include wherein the internal token value for each selected 5processing device comprises applying a selected hash function to a unique identification (ID) value associated with the selected processing device. One would have been motivated to include the link generation component to generate, a virtual identifier for the client device and link the virtual identifier to the device identifier (Bhaya: par 0003).



	
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAO WANG whose telephone number is (313)446-6644.  The examiner can normally be reached on Monday-Friday 7:30-4:30PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/C.W./Examiner, Art Unit 2439 



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439