Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawing Objection	
    The drawings are objected to because Figs.1 & 12 contain blank boxes and numbers. Applicant must supply a suitable legend/text/short description of each box. A proposed drawing correction or corrected drawings are required in reply to the Office action to avoid abandonment of the application. The objection to the drawings will not be held in abeyance. 

The following are direct quotations of 37 CFR 1.84(n), (o), repeated below:
(n)     Symbols. Graphical drawing symbols may be used for conventional elements   
when appropriate. The elements for which such symbols and   labeled representations are used must be adequately identified in the specification. Known devices should be illustrated by symbols which have a universally recognized conventional meaning and are generally accepted in the art. Other symbols which are not universally recognized may be used, subject to approval by the Office, if they are not likely to be confused with existing conventional symbols, and if they are readily identifiable.

Legends. Suitable descriptive legends may be used subject to approval by the Office, or may be required by the examiner where necessary for understanding of the drawing. They should contain as few words as possible.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 4 & 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
The term "client must request",  in claims 4 & 13 are relative/subjective terms which renders the claim indefinite.  The term " must”  is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention.  
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:


The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “ a computing system comprising one or more computing devices and configured to implement”, “a registration authority system configured to 
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)    Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or (b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims 1, 2, 5-6, 9-11, 14-15 & 17-19 are rejected under 35 USC 103 as being unpatentable over Leboeuf (US20170236343 as mentioned in IDS dated 7/28/2020) in view of Park (US20160087804 as mentioned in IDS dated 7/28/2020 )
Regarding claim 1, Leboeuf teaches:
 a computing system comprising one or more computing devices and configured to implement a communication infrastructure comprising: a vehicle integration platform comprising a plurality of application programming interfaces configured to facilitate message communication among clients; [0024] Vehicle electronics 28 also includes a number of vehicle user interfaces that provide vehicle occupants with a means of providing and/or receiving information, including microphone 32, pushbuttons(s) 34, audio system 36, and visual display 38. As used herein, the term `vehicle user interface` broadly includes any suitable form of electronic device, including both hardware and software components, which is located on the vehicle and enables a vehicle user to communicate with or through a component of the vehicle. Microphone 32 provides audio input to the telematics unit to enable the driver or other occupant to provide voice commands and carry out hands-free calling via the wireless carrier system 14. For this purpose, it can be connected to an on-board automated voice processing unit utilizing human-machine interface (HMI) technology known in the art. The pushbutton(s) 34 allow manual user input into the telematics unit 30 to initiate wireless telephone calls and provide other data, response, or control input. Separate pushbuttons can be used for initiating emergency calls versus regular service assistance calls to the call center 20. Audio system 36 provides audio output to a vehicle occupant and can be a dedicated, stand-alone system or part of the primary vehicle audio system. According to the particular embodiment shown here, audio system 36 is operatively coupled to both vehicle bus 44 and entertainment bus 46 and can provide AM, FM and satellite radio, CD, DVD and other multimedia functionality.]. 
to receive certificate signing requests from the clients. [0032] After generating or otherwise obtaining the wireless device private key and wireless device public key, the smart phone 57 can create a vehicle access certificate signing request which includes a request to access the vehicle 12.]
to generate client-specific credentials for establishing a predetermined time period of ability for client authentication within the vehicle integration platform; [0037] At step 210, the vehicle access certificate is signed at the computer 18 using a central facility private key. The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215]
a certificate authority system configured to process requests received from the clients via the system such that the client-specific credentials are established according to an approved hierarchy of licensing certificates; [0037] At step 210, the vehicle access certificate is signed at the computer 18 using a central facility private key. The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215.]
a security library accessible by each of the clients and by components of the vehicle integration platform, the security library configured to provide implementation logic for signing messages and implementation logic for validating messages sent throughout the vehicle integration platform. [0040] At step 225, the vehicle access certificate is authenticated at the vehicle 12 using a central facility public key. Prior to receiving the authenticated vehicle access certificate, the central facility private key can be stored at the vehicle 12. The central facility public key can be stored at the vehicle 12 at the time the vehicle is manufactured or these keys can be periodically provided to the vehicle 12 from the computer 18 or call center 20 via the wireless carrier system 14. When the vehicle 12 receives an authenticated vehicle access certificate, the vehicle 12 can access the central facility public key stored at the vehicle 12 and, using the hash function and the signature verification function, determine whether or not the computer 18 signed the certificate. If not authentic, the vehicle 12 may reject the certificate. However, when the vehicle 12 determines that the certificate is authentic, the vehicle 12 can generate a shared secret that will be cryptographically sent to the smart phone 57]
Although Lebeouf teach secure vehicular communications, he does not teach explicitly, however, Park teaches the registration authority system, [0039] In general, when a vehicle is manufactured by a vehicle manufacturer, the communication module 150 of the vehicle stores vehicle identification information such as a vehicle identification number (VIN) in a certain memory and manages the same. Also, when the vehicle is released from the manufacturer after the communication module 150 is installed therein, or when a vehicle system is first booted after replacement of the WAVE communication module 150 including a certificate management entity (CME) in a repair shop, the communication module 150 of the vehicle may cause the VIN to be transmitted to the vehicle management system 110 of the manufacturer, or the like, through V2X communication, or the like, in order to release or register the vehicle, thus allowing the VIN to be stored and managed in the vehicle management system 110. The vehicle management system 110 may register and manage the VIN, or the like, of each vehicle with the manufacturer, a repair shop, a vehicle registration office of a local government, and the like, and provide a certification result with respect to a certification or verification request of a certification agency.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf with the disclosure of Park. The motivation or suggestion would have been to implement a system that will provide a efficient techniques for a stable method that defines detailed items for issuing a CSR (certificate signing request) certificate and issuing a CSR certificate to a qualified subject.(para 0001-0005, Park)  
Regarding claim 2, Leboeuf teaches wherein the implementation logic for signing messages comprises logic configured to sign messages in accordance with the client-specific credentials generated by the system.  [0037] At step 210, the vehicle access certificate is signed at the computer 18 using a central facility private key. The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215]
Although Leboeuf teaches signing messages, he does not teach explicitly, however, Park teaches the registration authority system, [0039] In general, when a vehicle is manufactured by a vehicle manufacturer, the communication module 150 of the vehicle stores vehicle identification information such as a vehicle identification number (VIN) in a certain memory and manages the same. Also, when the vehicle is released from the manufacturer after the communication module 150 is installed therein, or when a vehicle system is first booted after replacement of the WAVE communication module 150 including a certificate management entity (CME) in a repair shop, the communication module 150 of the vehicle may cause the VIN to be transmitted to the vehicle management system 110 of the manufacturer, or the like, through V2X communication, or the like, in order to release or register the vehicle, thus allowing the VIN to be stored and managed in the vehicle management system 110. The vehicle management system 110 may register and manage the VIN, or the like, of each vehicle with the manufacturer, a repair shop, a vehicle registration office of a local government, and the like, and provide a certification result with respect to a certification or verification request of a certification agency.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf with the disclosure of Park. The motivation or suggestion would have been to implement a system that will provide a efficient techniques for a stable method that defines detailed items for issuing a CSR (certificate signing request) certificate and issuing a CSR certificate to a qualified subject.(para 0001-0005, Park)  
Regarding claim 5, Leboeuf teaches  wherein the system is configured to generate a license to operate certificate for each client that establishes a client-specific identity credential from a plurality of possible identity credential, [0043] At step 240, a command is generated at the smart phone 57 that controls one or more vehicle functions and transmitted to the vehicle 12 using short-range wireless communications techniques. Each time the smart phone 57 attempts to control the vehicle 12, the vehicle 12 can determine whether or not the command is valid using the shared secret. For example, if the smart phone 57 receives a command from a user via the smart phone display 59 to start the propulsion system, the smart phone 57 can encode this command as data in a message and send it to the vehicle 12 via BLE. The command is received by the vehicle telematics unit 30 of the vehicle 12 and authenticated by the vehicle 12 using the shared secret based on a variety of cryptographic techniques, such as a challenge/response mechanism, an embodiment of which is shown in FIG. 3. The authentication can be carried out by the vehicle telematics unit 30 or by one or more VSMs 42. When the vehicle 12 determines that the command is valid, it can then control the identified vehicle function(s).] 
Motivation is same as of claim 2.
Regarding claims 6, 14 & 19, Leboeuf teaches wherein the implementation logic for signing messages comprises logic configured to generate a signed message including a plurality of message bytes and an appended plurality of signature bytes.  [Para 0010: The system…public key. The vehicle access certificate signing request includes the wireless device public key, which can be bound to the identity of the wireless device when authenticated by the central facility via a digital signature created using a central facility private key thereby creating an authenticated vehicle access certificate (message). It is obvious from the cited teaching that digital signature will have plurality of message as well as signatures bytes].
Regarding claim 9, Leboeuf teaches:
a computer-implemented method for facilitating secure communications between a client and a vehicle integration platform, the method comprising: generating, by a computing system comprising one or more computing devices, a certificate signing request; providing, by the computing system, the certificate signing request to a public key infrastructure (PKI) provider; [0003] According to an embodiment of the invention, there is provided a method of regulating access to a vehicle from a wireless device communicating using short-range wireless communications. The method includes transmitting a vehicle access certificate signing request from the wireless device to a central facility (the PKI provider), wherein the vehicle access certificate signing request includes a wireless device public key; receiving an authenticated vehicle access certificate from the central facility in response to the vehicle access certificate signing request, 
receiving, by the computing system, time-limited client-specific credentials based on a licensing certificate from the PKI provider; accessing, by the computing system, [0037] At step 210, the vehicle access certificate is signed at the computer 18 using a central facility private key. The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215]
 a security library configured to provide implementation logic for signing messages and implementation logic for validating messages sent throughout the vehicle integration platform, [0040] At step 225, the vehicle access certificate is authenticated at the vehicle 12 using a central facility public key. Prior to receiving the authenticated vehicle access certificate, the central facility private key can be stored at the vehicle 12. The central facility public key can be stored at the vehicle 12 at the time the vehicle is manufactured or these keys can be periodically provided to the vehicle 12 from the computer 18 or call center 20 via the wireless carrier system 14. When the vehicle 12 receives an authenticated vehicle access certificate, the vehicle 12 can access the central facility public key stored at the vehicle 12 and, using the hash function and the signature verification function, determine whether or not the computer 18 signed the certificate. If not authentic, the vehicle 12 may reject the certificate. However, when the vehicle 12 determines that the certificate is authentic, the vehicle 12 can generate a shared secret that will be cryptographically sent to the smart phone 57]
wherein the vehicle integration platform is configured to provide an infrastructure for the client to communicate regarding a service of the vehicle integration platform; [0016] Telematics unit 30 can be an OEM-installed (embedded) or aftermarket device that is installed in the vehicle and that enables wireless voice and/or data communication over wireless carrier system 14 and via wireless networking. This enables the vehicle to communicate with call center 20, other telematics-enabled vehicles, or some other entity or device. The telematics unit preferably uses radio transmissions to establish a communications channel (a voice channel and/or a data channel) with wireless carrier system 14 so that voice and/or data transmissions can be sent and received over the channel. By providing both voice and data communication, telematics unit 30 enables the vehicle to offer a number of different services including those related to navigation, telephony, emergency assistance, diagnostics, infotainment, etc.]
and  transmitting, by the computing system, a signed message that includes a signature generated in accordance with the implementation logic for signing messages and the time-limited client-specific credentials to the vehicle integration platform.  [0037] At step 210, the vehicle access certificate is signed at the computer 18 using a central facility private key. The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate (client-specific credential) is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215]
Although, Leboeuf teaches vehicle integration platform, he does not teach explicitly, however, Park teaches a service coordinated by an entity hosting vehicle platform [0017] The certificate issuing system may further include a registration authority (RA) server (hosting entity) operated in a registration agency for relaying certificate registration, wherein the RA server includes a certificate processor configured to transmit the vehicle identification information transmitted by the communication module of the vehicle to the CA server and to transmit the CSR certificate issued by the CA server to the communication module of the vehicle, and the certificate issuer and the error transmitter are included in a certificate authority (CA) server of a certification agency for generating, issuing, and managing a certificate.] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf with the disclosure of Park. The motivation or suggestion would have been to implement a system that will provide a efficient techniques for a stable method that defines detailed items for issuing a CSR (certificate signing request) certificate and issuing a CSR certificate to a qualified subject.(para 0001-0005, Park)  
Regarding claim 10, Leboeuf teaches wherein the implementation logic for signing messages comprises logic configured to sign messages in accordance with the time- limited client-specific credentials received from the PKI provider.[0037] At step 210, the vehicle access certificate is signed at the computer 18 using a central facility private key (PKI provider). The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215]
Regarding claim 11, Leboeuf teaches generating, by the computing system, a provisioning process request; providing, by the computing system, the provisioning process request to the PKI provider; and receiving, by the computing system, a license to operate certificate from the PKI provider.  [0037] At step 210, the vehicle access certificate is signed at the computer 18 using a central facility private key (PKI provider). The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215.[0043] At step 240, .. The command is received by the vehicle telematics unit 30 of the vehicle 12 and authenticated by the vehicle 12 using the shared secret based on a variety of cryptographic techniques, such as a challenge/response mechanism, an embodiment of which is shown in FIG. 3. The authentication can be carried out by the vehicle telematics unit 30 or by one or more VSMs 42. When the vehicle 12 determines that the command is valid, it can then control the identified vehicle function(s).] 
Regarding claim 15, this claim is interpreted to be same as claim 9 and rejected for the same reasons as set forth for claim 9. 
Regarding claim 17, Leboeuf teaches wherein the client comprises a system client associated with the entity.  [0037] At step 210, the vehicle (client) access certificate is signed at the computer 18 using a central facility private key. The computer 18 includes a root certificate representing a cryptographic key pair belonging to the central facility; a central facility private key and a central facility public key. After determining the permissions the smart phone 57 is entitled to, the computer 18 can encode a time window during which the certificate is valid and then authenticate the vehicle access certificate signing request using the signature verification algorithm and the central facility private key. When the authenticated vehicle access certificate is received, its contents can be verified using the central facility public key. The method 200 proceeds to step 215]
Regarding claim 18, Leboeuf teaches receiving a provisioning process request from the client; generating a license to operate certificate when an identity associated with the client is authenticated; and providing the license to operate certificate to the client. [0043] At step 240, a command is generated at the smart phone 57 that controls one or more vehicle functions and transmitted to the vehicle 12 using short-range wireless communications techniques. Each time the smart phone 57 attempts to control the vehicle 12, the vehicle 12 can determine whether or not the command is valid using the shared secret. For example, if the smart phone 57 receives a command from a user via the smart phone display 59 to start the propulsion system, the smart phone 57 can encode this command as data in a message and send it to the vehicle 12 via BLE. The command is received by the vehicle telematics unit 30 of the vehicle 12 and authenticated by the vehicle 12 using the shared secret based on a variety of cryptographic techniques, such as a challenge/response mechanism, an embodiment of which is shown in FIG. 3. The authentication can be carried out by the vehicle telematics unit 30 or by one or more VSMs 42. When the vehicle 12 determines that the command is valid, it can then control the identified vehicle function(s).] 


Claims 3 & 16 are rejected under 35 USC 103 as being unpatentable over Leboeuf  in view of Park and Zhang (US20200213287)
Regarding claims 3 & 16, although Lebeouf and Park teach autonomous vehicles, they do not teach explicitly, however, Zhang teaches wherein the clients comprise a plurality of autonomous vehicles respectively associated with one or more vendors and one or more system clients associated with an entity.  [0051] Software update subsystem 134 may facilitate secure updates or fix of software. For example, if a security bug is found in a deployed software, software update subsystem 134 may update the software over-the-air (OTA) without calling back the vehicles. In some cases, vehicle vendors may have a software update system for ECUs. In some embodiments, if the vehicle does not support the OTA update, an OTA software update client of software update subsystem 134 can download the software update to the ADC or a gateway and then pass the software update to the ECUs for software update on the ECUs.] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Zhang. The motivation or suggestion would have been to implement a system that will provide efficient techniques to authenticate each ECU (electronic control unit) when the vehicle is powered up. (para 0001-0004, Zhang)  

Claims 4, 13 & 20 are rejected under 35 USC 103 as being unpatentable over Leboeuf  in view of Park and Johnston (US20160212129)
Regarding  claims 4, although Lebeouf and Park teach client-specific credential and the registration system, they do not teach explicitly, however, Johnston teaches wherein the client-specific credentials are configured to expire after the predetermined time period such that each client must request renewed credentials from the system. [ 0158] In embodiments in which the credentials (such as a user ID and/or password) are automatically generated, the automatically generated credentials may be renewed periodically or on demand. The period between renewal of the credentials may be adapted according to a user security policy or to a third party service security policy. The automatically generated credentials may be different from credentials used when accessing the services by other means (for example, standard web access from a PC, tablet, or smartphone etc. using a web browser, i.e. without using a specific application). The sophistication and/or complexity of the automatically generated credentials may be adapted according to a user security policy or to a third party service security policy. For example, the minimum length of the password may be set in accordance with the user security policy or the third party service security policy. The user ID and or password may also be required to comprise a mix of two or more of: lowercase letters, uppercase letters, punctuation marks or symbols, and numbers.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Johnston. The motivation or suggestion would have been to implement a system that will provide efficient techniques to allow only authorized access to remotely stored data with high reliability.  (para 0001-0007, Johnston)  
Regarding claim 13,. although, Leboeuf & Park teach  PKI provider in para 0037 as illustrated above, they do not teach explicitly, however, Johnston teaches wherein the time-limited client-specific credentials are configured to expire after a predetermined time period such that the client must request renewed credentials from third party. [ 0158] In embodiments in which the credentials (such as a user ID and/or password) are automatically generated, the automatically generated credentials may be renewed periodically or on demand. The period between renewal of the credentials may be adapted according to a user security policy or to a third party service security policy. ….. The sophistication and/or complexity of the automatically generated credentials may be adapted according to a user security policy or to a third party service security policy.]
 Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Johnston. The motivation or suggestion would have been to implement a system that will provide efficient techniques to allow only authorized access to remotely stored data with high reliability.  (para 0001-0007, Johnston)  
Regarding claim 20,. although, Leboeuf & Park teach  PKI provider in para 0037 as illustrated above, they do not teach explicitly, however, Johnston teaches wherein the time- limited client-specific credentials are configured to expire after a predetermined time period such that renewed credentials are generated periodically upon request by the client. [0158] In embodiments in which the credentials (such as a user ID and/or password) are automatically generated, the automatically generated credentials may be renewed periodically or on demand. The period between renewal of the credentials may be adapted according to a user security policy or to a third party service security policy. The automatically generated credentials may be different from credentials used when accessing the services by other means (for example, standard web access from a PC, tablet, or smartphone etc. using a web browser, i.e. without using a specific application).]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Johnston. The motivation or suggestion would have been to implement a system that will provide efficient techniques to allow only authorized access to remotely stored data with high reliability.  (para 0001-0007, Johnston)  

Claim 7-8 are rejected under 35 USC 103 as being unpatentable over Lebeouf  in view of Park and Chalikouras (US 20100131642)
Regarding claim 7,  although Lebeouf and Park teach vehicle integration platform, they do not teach explicitly, however, Chalikours teaches a message transport framework within the vehicle integration platform that is configured to propagate messages that are validated according to the implementation logic for validating messages and for dropping messages that are not validated.  [0081] If a message is read from the vehicle bus gateway 206 (determined at step 630), the message is extracted (in step 632) and processed by the filter module 512 to determine if it is to be selected and retained for further processing. A filtered message is tested to determine its validity in a validate checksum step 634. Invalid messages are deleted at step 634 while valid messages are tested to determine whether the value in the message has changed since a message relating to the same parameter (e.g. radio volume) has changed since the value was last tested; this requires that the vehicle content module 102 tests the received value in step 636 to a stored value in a variable array (not shown) maintained within the software of the vehicle content module 102. If the message contains a changed parameter value, the new value is stored in software memory and transmitted to the communications gateway 208 in step 638. Following step 638, the vehicle content module 102 returns to the read position location step in 622 in the operational loop. 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Chalikouras. The motivation or suggestion would have been to implement a system that will provide efficient techniques to provide real-time data on content use.(para 0001-0005, Chalikouras)  
Regarding claim 8, although Lebeouf and Park teach message transport framework, they do not teach explicitly, however, Chalikours teaches wherein the message transport framework is configured to generate a log of any message that is not validated and dropped by the message transport framework. [0081] If a message is read from the vehicle bus gateway 206 (determined at step 630), the message is extracted (in step 632) and processed by the filter module 512 to determine if it is to be selected and retained for further processing. A filtered message is tested to determine its validity in a validate checksum step 634. Invalid messages are deleted at step 634 while valid messages are tested to determine whether the value in the message has changed since a message relating to the same parameter (e.g. radio volume) has changed since the value was last tested; this requires that the vehicle content module 102 tests the received value in step 636 to a stored value in a variable array (not shown) maintained within the software of the vehicle content module 102. If the message contains a changed parameter value, the new value is stored in software memory and transmitted to the communications gateway 208 in step 638. Following step 638, the vehicle content module 102 returns to the read position location step in 622 in the operational loop.]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Chalikouras. The motivation or suggestion would have been to implement a system that will provide efficient techniques to provide real-time data on content use.(para 0001-0005, Chalikouras)  

Claim 12 is rejected under 35 USC 103 as being unpatentable over Lebpeuf  in view of Park, Zhang (US20200213287) and Johnston (US20160212129)
Regarding claim 12, although Lebeouf and Park teach vehicle integration platform, they do not teach explicitly, however, Zhang teaches the clients comprising a plurality of autonomous vehicles respectively associated with one or more vendors and one or more system clients associated with the entity. [0051] Software update subsystem 134 may facilitate secure updates or fix of software. For example, if a security bug is found in a deployed software, software update subsystem 134 may update the software over-the-air (OTA) without calling back the vehicles. In some cases, vehicle vendors may have a software update system for ECUs. In some embodiments, if the vehicle does not support the OTA update, an OTA software update client of software update subsystem 134 can download the software update to the ADC or a gateway and then pass the software update to the ECUs for software update on the ECUs.] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Zhang. The motivation or suggestion would have been to implement a system that will provide efficient techniques to authenticate each ECU (electronic control unit) when the vehicle is powered up. (para 0001-0004, Zhang)  
Although Lebeouf,  Park and Zhang teach autonomous vehicles, they do not teach explicitly, however, Johnston teaches wherein the vehicle integration platform comprises a plurality of application programming interfaces configured to facilitate message communication among clients, [0290] The following Usage APIs are defined: [0291] loginPartition(id, pin) (Number. HexString) [0292] logins to a given partition [0293] logoutPartition( ) [0294] logout from the currently logged in partition [0295] encryptData(data, iv) (HexString, HexString) [0296] encrypts data using a 3DES-2 CBC encryption with the given IV and the currently selected partition key [0297] decryptData(data, iv) (HexString, HexString) [0298] decrypts data using a 3DES-2 CBC encryption with the given IV and the currently selected partition key [0299] getSecureTimeNonce( ) [0300] returns an 8 bytes nonce to be passed to the server to provide the next Secure Time [0301] getSharingCode(secureTime, encryptedPublicKey, validityMinutes) (HexString, HexString, Number) [0302] get a sharing code for another device. Returns an Array of two elements, a blob to be passed to the remote device and the generated 8 digits code, for example. The blob contains the timestamp of the end of the validity period of the sharing code concatenated with the sharing code concatenated with the partition key and encrypted by the remote device Public Key using PKCS #1 padding. In other embodiments, the code can be of any length and/or cane be alpha numeric. [0303] useSharingCode(secureTime, blob, accessCode) (HexString, HexString, String) [0304] use a sharing code obtained from a remote device. If the blob, access code and time validity are approved by the application, files can be encrypted and decrypted with the extracted partition key using the partition Id 0xff until the user logs out or the Secure Element is powered off. ]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Leboeuf and Park with the disclosure of Johnston. The motivation or suggestion would have been to implement a system that will provide efficient techniques to allow only authorized access to remotely stored data with high reliability.  (para 0001-0007, Johnston)  

	Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER KHAN whose telephone number is (571)272-8574.  The examiner can normally be reached on Monday-Friday-8:00am - 5:00pm (EST).If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SHER A KHAN/Primary Examiner, Art Unit 2497