DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Remarks
This communication is in response to the amendments filed 8/18/2020. 

Status of Claims
Claims 1, 3-15, 17-22 are pending; of which claims 1, 3-15, 17-22 are allowed.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Dennis Haszko, Reg. No. 39,575 on 3/4/2021.
	
The application has been amended as follows:

Claim 1. (Currently Amended)
A method of secure authentication for aircraft data transmissions on an aircraft, said method comprising: 

performing using 
storing user permissions data and connection status data in an access control list used to define allowable data communications paths of said approved network; 
enabling communications of said aircraft communications system with a ground or other aircraft computing system subject to said access control list;
said step of performing using including 
said security aspects comprising said hardware-based module communicating with a user of said user device and said HSE 
wherein said UD performs 
transfer of aircraft position data for fleet tracking, individual aircraft tracking and air traffic control, 
transfer of aircraft health and performance data for maintenance support or preventive maintenance, 
transfer of navigation data to the aircraft, 
transfer of maintenance manuals to the aircraft, and 

wherein said data transfer function is enabled between the aircraft and the ground computing system and said data transfer function transfers data directly 
 
Claim 9. (Currently Amended)
A system for secure authentication of aircraft data transmissions on an aircraft, said system comprising: 
an aircraft system including 
a hardware-based security engine (HSE), said HSE having been manufactured in a secure environment and certified in said secure environment as part of an approved network, providing keys and passphrases for performing asynchronous authentication, validation and encryption of aircraft data transmissions within said [[an]] approved network consisting of a closed system, said security engine securing said closed system via credentials, 
one or more trusted processors for processing aircraft data, 
a communication mechanism for communicating with a ground or other aircraft computing system on said approved network and transmission of said aircraft data via said security engine to a user; 
a user device including said credentials embodied in hardware, wherein performing asynchronous authentication, validation, and encryption of data using said security engine includes identifying said user device (UD) using a hardware-based module provisioned with one or more security aspects for securing said closed system, 
said security aspects comprising said hardware-based module communicating with the user of said user device and said HSE;
wherein said user device performs 
transfer of aircraft position data for fleet tracking, individual aircraft tracking and air traffic control, 
transfer of aircraft health and performance data for maintenance support or preventive maintenance, 
transfer of navigation data to the aircraft, transfer of maintenance manuals to the aircraft, and 
transfer of software updates to modular aircraft components, avionics, or computerized aircraft equipment on the aircraft;
wherein said data transfer function is enabled between the aircraft and the ground computing system and said data transfer function transfers data directly 
an access control list for storing user permissions data and connection status data and having a list of authorized user devices and users, said list being used to define allowable data communications paths of said aircraft data on said approved network, said list being updatable by said security engine.  

Claim 15. (Currently Amended)
A system for secure authentication for aircraft data transmissions on an aircraft, said system comprising: 
a hardware-based security engine (HSE) located in an aircraft communications system, said HSE having been manufactured in a secure environment and certified in said secure environment as part of an approved network, said approved network consisting of a closed system; 
performing , and encryption of data using 
a means for storing user permissions data and connection status data in an access control list used to define allowable data communications paths of said approved network; 
a means for enabling communications of said aircraft communications system with a ground or other aircraft computing system subject to said access control list; 
wherein said means for performing authentication, validation, and encryption of data using 
said security aspects comprising said hardware-based module communicating with a user of said user device and said HSE 
wherein said user device performs 
transfer of aircraft position data for fleet tracking, individual aircraft tracking and air traffic control, 
transfer of aircraft health and performance data for maintenance support or preventive maintenance, 
transfer of navigation data to the aircraft, 
transfer of maintenance manuals to the aircraft, and 
transfer of software updates to modular aircraft components, avionics, or computerized aircraft equipment on the aircraft; and 
transfers data directly 

REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance:
None of the prior arts of record individually or in combination explicitly teach or fairly suggest each and every claimed limitation of the current invention as amended by the applicant, especially the combined limitations of “performing asynchronous authentication, validation and encryption of data using [a hardware-based security engine (HSE)]”, including “identifying a user device (UD) that incorporates credentials embodied in hardware using a hardware-based module”, said hardware-based module “communicating with a user of said UD and said HSE”, wherein the UD “performs a data transfer function”, wherein “said data transfer function transfers data directly between [an] aircraft and a second aircraft”, as in claim 1 as amended, as well as corresponding subject matter from claims 9 and 15.
The nearest prior art of record, Davis et al (PGPUB 2014/0075506) teaches performing asynchronous authentication, validation and encryption using an HSE located onboard an aircraft (e.g. paragraph 54-55, 78, 99), said HSE in communication with ground equipment (e.g. paragraph 67, 78).
However, Davis does not explicitly teach nor fairly suggest identifying a user device (UD) that incorporates credentials embodied in hardware using a hardware-based module, said hardware-based module communicating with a user of said UD and said HSE, wherein the UD performs a data transfer function, wherein said data transfer function transfers data directly between the aircraft and a second aircraft.

However, Walsh does not explicitly teach nor fairly suggest wherein the UD performs a data transfer function, wherein said data transfer function transfers data directly between the aircraft and a second aircraft.
Yerger et al (PGPUB 2014/0380433) teaches a UD configured to perform a data transfer function (paragraph 22-23, 26-28) selected from a group consisting of transfer of aircraft position data for fleet tracking (e.g. paragraph 28), transfer of aircraft health and performance data (e.g. paragraph 28), transfer of navigation data to the aircraft (e.g. paragraph 28), and transfer of software updates (e.g. paragraph 28).
However, Yerger does not explicitly teach nor fairly suggest wherein said data transfer function transfers data directly between the aircraft and a second aircraft.
Finally, Wheeler et al (PGPUB 2002/0023217) teaches an HSE having been manufactured in a secure environment and certified in said secure environment as part of an approved network (e.g. paragraph 106-109).
However, Wheeler does not explicitly teach nor fairly suggest identifying a user device (UD) that incorporates credentials embodied in hardware using a hardware-based module, said hardware-based module communicating with a user of said UD and said HSE, wherein the UD performs a data transfer function, wherein said data transfer function transfers data directly between the aircraft and a second aircraft.



	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814.  The examiner can normally be reached on 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.







/Kevin Bechtel/Primary Examiner, Art Unit 2491