DETAILED ACTION
This Office Action is in response to the amendment and communication filed on 03/16/2021.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
As per instant Amendment, submitted on 03/16/2021, claims 37-43 are newly added.
Claims 17-43 have been examined and are pending; claims 1, 32 and 37 are independent claims.  This Action is made FINAL.
Response to Arguments
As to the claim rejection to claims 32-36 , under 35 U.S.C. 101, the rejections have been withdrawn as the claim 32 has been amended
Applicant’s arguments with respect prior-art rejections to claims 17-32, filed on 03/16/2021, have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection.
A new reference Smith has been combined with the method/system of Holland and Moffat to provide a means for using any of multiple symmetric keys in secure encrypted data-sharing and secure communication. Please see the rejection section for detail.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 17-19, 21, 26-32, 34, 37, and 41-43 are rejected under 35 U.S.C. 103 as being unpatentable over Holland et al. (“Holland”, US 2017/0347264, filed on 05/27/2016, in view of Moffat (“Moffat”, US 2013/0318347, published on 11/28/2013), and further in view of Smith et al (“Smith”, US 2016/0105406, published on 04/14/2016).
As to claim 17, Holland discloses a method for secure data transmission between a first device and a second device, the method comprising (Holland: abstract):		establishing a secure communication channel between the first device and the second device (Holland: par. 107; a symmetric key implementation, each device 101 enters into a secure key exchange protocol to exchange a symmetric key; secure key provisioning protocol such as the Dynamic Symmetric Key Provisioning Protocol (DSKPP) may be used to exchange the keys over a secure communication channel; par. 131; once the key exchange is complete [e.g., prior to], each transmitting device encrypts and/or signs each transmission using the symmetric key before transmitting data to the receiving device);		in respective protected storage memory areas at the first device and at the second device (Holland: par. 133; the IoT service 120 includes an encryption engine which manages a set of "service session keys" and each IoT device 101 includes an encryption engine which manages a set of "device session keys"  for encrypting/decrypting communication between the IoT device 101 and IoT service; par. 58; includes a secure [e.g., protected] key store for storing encryption keys; par. 105; IoT service may include a secure storage for securely storing its own private key, the public keys of various IoT devices and IoT hubs);		wherein, for subsequent required data transmissions between when the second device and the first device (Holland: par. 131; once the key exchange is complete, each transmitting device encrypts and/or signs each transmission using the symmetric key before transmitting data to the receiving device):		(d) generating a data bunch at the second device and encrypting the data bunch with the selected symmetric encryption key (Holland: par. 106; when the IoT service 120 needs to transmit a command or data to an IoT device 101 (e.g., a command to unlock a door, a request to read a sensor, data to be processed/displayed by the IoT device, etc.) the security logic 1013 encrypts the data/command using the public key of the IoT device 101 to generate an encrypted IoT device packet);		(e) transmitting the encrypted data bunch from the second device to the first device (Holland: par. 106; then encrypts the IoT device packet using the public key; and transmits); and		(f) decrypting the encrypted data bunch at the first device using the selected symmetric encryption key (Holland: par. 111; using symmetric encryption, each device would encrypt and decrypt with the shared symmetric key; par. 132; encryption and decryption of data is performed between the IoT service 120 and each IoT device 101).		Holland does not explicitly disclose (a) prior to a first required data transmission between the first device and the second device, (b) transmitting a plurality of symmetric encryption keys from the first device to the second device under secure transmission conditions through the secure communication channel, and storing the plurality of symmetric encryption keys; wherein each of the symmetric encryption keys are at least initially available and valid for data encryption upon transmittal from the first device to the second device.		However, in an analogous art directed to exchanging symmetric cryptographic keys, Moffat teaches (a) prior to a first required data transmission between the first device and the second device (Moffat: pars 0060, 0120, 0396-0398, data-sharing relationship between the at least one user and the another user using keys for securely share a user's data);		(b) transmitting a plurality of symmetric encryption keys from the first device to the second device under secure transmission conditions through the secure communication channel, storing the plurality of symmetric encryption keys (Moffat: pars 0060, 0071, 0120, 0261-0263, uses multiple symmetric encryption keys per user in which each key is used to securely transmit and/or share data, transmitting and a storing the  multiple symmetric encryption keys in a key locker);		wherein each of the symmetric encryption keys are at least initially available and valid for data encryption upon transmittal from the first device to the second device (Moffat: pars 0060, 0376-0378, 0396-0398, 0403-0404, use of multiple encryption keys for communication between two devices wherein each key is unique and stored [i.e. valid] for specific communication).		Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Moffat with the method of Holland to provide a means for using multiple symmetric keys in secure encrypted data-sharing for selecting and using a specific unique key for specific period of time, and based on the content, event and/or product (Moffat: pars 0060, 0376-0378, 0396-0398, 0403-0404).
Holland or Moffat does not explicitly disclose (c) selecting any one of said plurality of symmetric encryption keys at the second device that are available and valid for data encryption.		However, in an analogous art Smith teaches (c) selecting any one of said plurality of symmetric encryption keys at the second device that are available and valid for data encryption (Smith: pars 0004-0007, plurality of session keys are used in communication between two devices. A first device is configured to encrypt transmissions to the second device using one of the plurality of session keys).		Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Smith with the method of Holland and Moffat to provide a means for using any of multiple symmetric keys in secure encrypted data-sharing and secure communication (Smith: pars 0004-0007).
As to claim 18, the combination of Holland, Moffat, and Smith disclose the method of claim 17, Holland further discloses comprising the step of attributing an expiry time or date to each symmetric encryption key (Holland: par. 108; a new symmetric key is exchanged periodically between the devices 101 and the hub 110 and between the hub 110 and the IoT service 120; par. 139; exchanged session keys may be used for a specified period of time).
As to claim 19, the combination of Holland, Moffat, and Smith disclose the method of claim 18, Holland further discloses wherein the expiry time or date is provided individually for each symmetric encryption key, or the expiry time or date is assigned globally to the set of symmetric encryption keys (Holland: par. 139; the key exchange may be performed and the exchanged session keys may be used for a specified period of time (e.g., a day, a week, etc.)).
As to claim 21, the combination of Holland, Moffat, and Smith disclose the method of claim 17, Holland and Moffat further discloses wherein the second device transmits to the first device information identifying the selected symmetric encryption key (Holland: par. 118; used by the IoT hub 110 and/or IoT service 120 to identify or generate the public key (e.g., used as a pointer to the public key which is already stored in secure storage; par. 128; the key is securely transmitted to the IoT service which stores the key in its own secure keystore. Moffat: pars 0261, 0376-0377, user can define a distribution list in order to specify which specific key to be used out of the multiple encryption keys).
As to claim 26, the combination of Holland, Moffat, and Smith disclose the method of claim 17, Holland and Moffat further discloses wherein each symmetric encryption key is combined with a unique key identification code (Holland: par. 118; each IoT device may be packaged with a barcode or QR code uniquely identifying the IoT device; the barcode or QR code [e.g. unique identification code] comprises an encoded representation of the public key for the IoT device. Moffat: pars 0261-0263, key identifiers are associated with respective symmetric key in the key locker).
As to claim 27, the combination of Holland, Moffat, and Smith disclose the method of claim 17, Holland further discloses wherein each symmetric encryption key is combined with a random check key, which is uncorrelated with respect to the symmetric encryption key (Holland: par. 223; IoT device generates a random number and encrypts it using the session secret).
As to claim 28, the combination of Holland, Moffat, and Smith disclose the method of claim 27, Holland further discloses wherein the step of transmitting information identifying the selected symmetric encryption key comprises:	applying a cryptographic hash function to at least the random check key associated to the selected symmetric encryption key, said information containing the digest of the random check key (Holland: par. 223; generates a random number and encrypts it using the session secret; par. 276; keyed-hash message authentication code (HMAC)-SHA256 is used to generate the shared secret).
As to claim 29, the combination of Holland, Moffat, and Smith disclose the method of claim 28, Holland further discloses wherein the step of transmitting information identifying the selected symmetric encryption key comprises:	generating a stamp (Holland: par. 152; IoT service initially generates a message containing; a timestamp);	applying the cryptographic hash function to the random check key and the stamp concatenated thereto (Holland: par. 223; generates a random number and encrypts it using the session secret; par. 276; keyed-hash message authentication code (HMAC)-SHA256 is used to generate the shared secret); and	transmitting from the second device to the first device said information comprising at least the stamp and the digest of the random check key and the stamp concatenated thereto (Holland: par. 224; IoT device sends the encrypted packet to the IoT hub over the unencrypted channel; IoT hub forwards the encrypted packet to the IoT service; all subsequent messages are encrypted using the session secret).
As to claim 30, the combination of Holland, Moffat, and Smith disclose the method of claim 29, Holland further discloses wherein the stamp is a time stamp (Holland: pars. 149, 152; IoT service initially generates a message containing; a timestamp).
As to claim 31, the combination of Holland, Moffat, and Smith disclose the method of claim 17, Holland further discloses wherein the first device is a server and the second device is a client, in data communication with said server (Holland: par. 43; a plurality of IoT devices 101-105 communicatively coupled over local communication channels to a central IoT hub [e.g., server]; par. 201; underlying principles of the invention may be implemented to establish a secure communications channel between any two devices including user client devices, servers).
As to claim 32, Holland discloses a system for secure data transmission, comprising:	a server and a plurality of clients linked via a secure communication channel, the server and the plurality of clients being electronic devices with respective storage memory (Holland: par. 34; a plurality of IoT devices 101-105 communicatively coupled over local communication channels 130 to a central IoT hub 110; par. 201; techniques are described with respect to an "IoT service" and an "IoT device," the underlying principles of the invention may be implemented to establish a secure communication channel between any two devices including user client devices, servers, and Internet services);	in a first protected storage memory area (Holland: par. 58; includes a secure key store for storing encryption keys; par. 133; the IoT service 120 includes an encryption engine which manages a set of "service session keys" and each IoT device 101 includes an encryption engine which manages a set of "device session keys"  for encrypting/decrypting communication between the IoT device 101 and IoT service);	wherein each of the clients are configured to store the plurality of symmetric encryption keys in a respective second protected storage memory area (Holland: par. 102; each IoT device 101 and the low power logic/microcontroller 301 of the IoT hub 110 include a secure key store for storing encryption keys;  par. 133; the IoT service 120 includes an encryption engine which manages a set of "service session keys" and each IoT device 101 includes an encryption engine which manages a set of "device session keys"  for encrypting / decrypting communication between the IoT device 101 and IoT service),(Holland: par. 131; once the key exchange is complete, each transmitting device encrypts and/or signs each transmission using the symmetric key before transmitting data to the receiving device),	generate a data bunch and encrypt the data bunch with the selected symmetric encryption key (Holland: par. 106; when the IoT service 120 needs to transmit a command or data to an IoT device 101 (e.g., a command to unlock a door, a request to read a sensor, data to be processed/displayed by the IoT device, etc.) the security logic 1013 encrypts the data/command using the public key of the IoT device 101 to generate an encrypted IoT device packet), and	transmit the encrypted data bunch to the server (Holland: par. 106; then encrypts the IoT device packet using the public key; and transmits to the IoT Hub);	wherein the server is further configured to decrypt the encrypted data bunch at using the selected symmetric encryption key (Holland: par. 108; messages from the service would then be decrypted and verified in the hub security module 1012 before being re-encrypted for transmission to the device).		Holland does not explicitly disclose wherein prior to a first required data transmission between the server and the clients, the server is configured to transmit a plurality of symmetric encryption keys to the clients under secure transmission conditions through the secure communication channel, the server is configured to transmit a plurality of symmetric encryption keys to the clients under secure transmission conditions through the secure communication channel, and store the plurality of symmetric encryption keys, each of the symmetric encryption keys being at least initially available and valid for data  (Moffat: pars 0060, 0120, 0396-0398, data-sharing relationship between the at least one user and the another user using keys for securely share a user's data),	the server is configured to transmit a plurality of symmetric encryption keys to the clients under secure transmission conditions through the secure communication channel, and store the plurality of symmetric encryption keys (Moffat: pars 0060, 0071, 0120, 0261-0263, uses multiple symmetric encryption keys per user in which each key is used to securely transmit and/or share data, transmitting and a storing the  multiple symmetric encryption keys in a key locker);
each of the symmetric encryption keys being at least initially available and valid for data encryption upon transmittal from the server to the respective clients (Moffat: pars 0060, 0376-0378, 0396-0398, 0403-0404, use of multiple encryption keys for communication between two devices wherein each key is unique and stored [i.e. valid] for specific communication).		Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Moffat with the method of Holland to provide a means for using multiple symmetric keys in secure encrypted data-sharing for selecting and using a specific unique key for specific period of time, and based on the content, event and/or product (Moffat: pars 0060, 0376-0378, 0396-0398, 0403-0404).
any one of said plurality of symmetric encryption keys at the second protected storage memory area that are available and valid for data encryption.		However, in an analogous art Smith teaches select any one of said plurality of symmetric encryption keys at the second protected storage memory area that are available and valid for data encryption (Smith: pars 0004-0007, plurality of session keys are used in communication between two devices. A first device is configured to encrypt transmissions to the second device using one of the plurality of session keys).		Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Smith with the method of Holland and Moffat to provide a means for using any of multiple symmetric keys in secure encrypted data-sharing and secure communication (Smith: pars 0004-0007).
As to claim 34, the combination of Holland, Moffat, and Smith disclose the system of claim 32, Holland and Moffat further disclose wherein the client transmits to the server information identifying the selected symmetric encryption key (Holland: par. 118; used by the IoT hub 110 and/or IoT service 120 to identify or generate the public key (e.g., used as a pointer to the public key which is already stored in secure storage; par. 128; the key is securely transmitted to the IoT service which stores the key in its own secure keystore. Moffat: pars 0261, 0376-0377, user can define a distribution list in order to specify which specific key to be used out of the multiple encryption keys).
As to claim 37, Holland discloses a method for secure data transmission between a first device and a second device (Holland: par. 34; a plurality of IoT devices 101-105 communicatively coupled over local communication channels 130 to a central IoT hub 110; par. 201; techniques are described with respect to an "IoT service" and an "IoT device," the underlying principles of the invention may be implemented to establish a secure communication channel between any two devices including user client devices, servers, and Internet services), the method comprising:
for subsequent required data transmissions between the second device and the first device (Holland: par. 131; once the key exchange is complete, each transmitting device encrypts and/or signs each transmission using the symmetric key before transmitting data to the receiving device):
generating a data bunch at the second device and encrypting the data bunch with the selected symmetric encryption key (e.g., a command to unlock a door, a request to read a sensor, data to be processed/displayed by the IoT device, etc.) the security logic 1013 encrypts the data/command using the public key of the IoT device 101 to generate an encrypted IoT device packet); and
transmitting from the second device to the first device the encrypted data bunch and information identifying the selected symmetric encryption key (Holland: par. 106; then encrypts the IoT device packet using the public key; and transmits.
Holland does not explicitly disclose receiving, at the second device, a plurality of symmetric encryption keys from the first device, and storing the plurality of symmetric encryption keys in a protected storage memory area, wherein each of the symmetric encryption keys are at least initially available and valid for data encryption upon transmittal from the first device to the second device. 		However, in an analogous art directed to exchanging symmetric cryptographic  (Moffat: pars 0060, 0071, 0120, 0261-0263, 0396-0398, data-sharing relationship between the at least one user and the another user using keys for securely share a user's data. Uses multiple symmetric encryption keys per user in which each key is used to securely transmit and/or share data, transmitting and a storing the  multiple symmetric encryption keys in a key locker);
wherein each of the symmetric encryption keys are at least initially available and valid for data encryption upon transmittal from the first device to the second device (Moffat: pars 0060, 0376-0378, 0396-0398, 0403-0404, use of multiple encryption keys for communication between two devices wherein each key is unique and stored [i.e. valid] for specific communication).		Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Moffat with the method of Holland to provide a means for using multiple symmetric keys in secure encrypted data-sharing for selecting and using a specific unique key for specific period of time, and based on the content, event and/or product (Moffat: pars 0060, 0376-0378, 0396-0398, 0403-0404).
Holland or Moffat does not explicitly disclose selecting any one of said plurality of symmetric encryption keys at the second device that are available and valid for data encryption.		However, in an analogous art Smith teaches selecting any one of said plurality of symmetric encryption keys at the second device that are available and valid for data  (Smith: pars 0004-0007, plurality of session keys are used in communication between two devices. A first device is configured to encrypt transmissions to the second device using one of the plurality of session keys).		Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Smith with the method of Holland and Moffat to provide a means for using any of multiple symmetric keys in secure encrypted data-sharing and secure communication (Smith: pars 0004-0007).
As to claims 41-43, the claim limitations are similar to the claims 27-29, respectively, and are rejected for the same reason set forth for claims 27-29.
Claims 20, 22, 23, 33, 35, and 38-40 are rejected under 35 U.S.C. 103 as being unpatentable over Holland et al. (“Holland”, US 2017/0347264, filed on 05/27/2016, in view of Moffat (“Moffat”, US 2013/0318347, published on 111/28/2013), further in view of Smith et al (“Smith”, US 2016/0105406, published on 04/14/2016) and Nix (“Nix”, US 2015/0095648, published on 04/02/2015).
As to claim 20, the combination of Holland, Moffat, and Smith disclose the method of claim 18. Holland, Moffat, or Smith does not explicitly disclose wherein the step of selecting one of said symmetric encryption keys comprises: checking if the selected symmetric encryption key has expired, and if the selected symmetric encryption key has expired, discarding the selected symmetric encryption key and selecting another symmetric encryption key.	However, in an analogous art, Nix teaches explicitly disclose wherein the step of  (Nix: par.100; symmetric key may also include an expiration time, such that symmetric key may only be used by module during a limited period of time, such symmetric key remaining only valid for a day, or a week, or during a session; derive a second symmetric key after the expiration time of the first symmetric key had transpired) .	Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Nix with the method of Holland, Moffat, Smith to include; if the selected symmetric encryption key has expired, discarding the selected symmetric encryption key and selecting another symmetric encryption key; to provide users with a means for renewing expiring keys (Nix: par: 100).
As to claim 22, the combination of Holland, Moffat, and Smith disclose the method of claim 21, in an analogous art, Nix teaches wherein the information identifying the selected symmetric encryption key neither contains the selected symmetric encryption key nor information derived by a digest of the selected symmetric encryption key (Nix: par. 267; module could transmit a value such as a random number in the first set of module encrypted data, and both module and server could use the value and device shared secret key to derive the symmetric key).	Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Nix with the method of Holland, Moffat, Smith to include; information identifying the selected (Nix: par: 267).
As to claim 23, the combination of Holland, Moffat, and Smith disclose the method of claim 17, in an analogous art, Nix teaches further comprising the step of checking if the selected symmetric encryption key is still valid before transmitting the encrypted data bunch (Nix: par.100; symmetric key may also include an expiration time, such that symmetric key may only be used by module during a limited period of time, such symmetric key remaining only valid for a day, or a week, or during a session; par. 316; determining if new keys are required could include … expiration of a time-to-live value that module or server specified for a module public key).	Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Nix with the method of Holland, Moffat, Smith to include; checking if the selected symmetric encryption key is still valid before transmitting; to provide users with a means for renewing expiring keys (Nix: par: 316).
As to claim 33, the combination of Holland, Moffat, and Smith disclose the system of claim 32, Holland further teaches wherein an expiry time or date is attributed to each symmetric encryption key (Holland: par. 108; a new symmetric key is exchanged periodically between the devices 101 and the hub 110 and between the hub 110 and the IoT service 120; par. 139; exchanged session keys may be used for a specified period of time), and wherein each of the clients is configured, for subsequent required data transmissions between the respective client and the server (Holland: par. 139; the key exchange may be performed and the exchanged session keys may be used for a specified period of time (e.g., a day, a week, etc.)).
Holland, Moffat, or Smith does not explicitly disclose to: check if the selected symmetric encryption key has expired, and if the selected symmetric encryption key has expired, discard the selected symmetric encryption key and select another symmetric encryption key
However, in an analogous art, Nix teaches check if the selected symmetric encryption key has expired, and if the selected symmetric encryption key has expired, discard the selected symmetric encryption key and select another symmetric encryption key (Nix: par.100; symmetric key may also include an expiration time, such that symmetric key may only be used by module during a limited period of time, such symmetric key remaining only valid for a day, or a week, or during a session; derive a second symmetric key after the expiration time of the first symmetric key had transpired) .	Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Nix with the method of Holland, Moffat, Smith to include; if the selected symmetric encryption key has expired, discarding the selected symmetric encryption key and selecting another symmetric encryption key; to provide users with a means for renewing expiring keys (Nix: par: 100).
As to claim 35, the claim limitation is similar to claim limitation of claim 23, and rejected for the same reason set forth above for claim 23.
As to claims 38-40, .
Claims 24, 25 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Holland et al. (“Holland”, US 2017/0347264, filed on 05/27/2016, in view of Moffat (“Moffat”, US 2013/0318347, published on 111/28/2013), further in view of Smith et al (“Smith”, US 2016/0105406, published on 04/14/2016), Nix (“Nix”, US 2015/0095648, published on 04/02/2015) and May (“May”, US 2010/0313022), published on 12/09/2010).
As to claim 24, the combination of Holland, Moffat, Smith , and Nix disclose the method of claim 23, Nix further teaches checking at the first device if the selected symmetric encryption key is valid and transmitting from the first device to the second device (Nix: par. 104; receiving device can verify the validity of the public keys; par. 193; if  expiration time for a previous symmetric key has transpired, then module  may preferably include a symmetric key within message, where the symmetric key would be encrypted using an asymmetric ciphering algorithm with the module private key):	a valid-key message if the selected symmetric encryption key is still valid (Nix: 316; determining if … expiration of a time-to-live value that module or server specified for a module public key; par. 317; if module determines that new keys are not required; wait for a specified interval before taking further action, such as sending a message).	Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of Nix with the method of Holland, Moffat, and Smith to include; checking if the selected symmetric encryption key is still valid before transmitting a valid-key message if the selected symmetric encryption key is still valid; to provide users with a means for renewing expiring keys (Nix: par: 317).	Holland, Moffat, Smith, and Nix fail to explicitly disclose wherein the step of checking if (May: par. 10; determining, at the server system, that the encryption key is expired):	transmitting, from the second device to the first device, information suitable for the first device to identify the symmetric encryption key selected by the second device (May: par. 46; one or more keys provided to the client device could be generated within the server system, and then transmitted to a desktop computer for example, within the enterprise network);	an invalid-key message if the selected symmetric encryption key is invalid; wherein if a valid-key message is received by the second device, the step of transmitting the encrypted data bunch is performed (May: par. 10; client device may authenticate said notification data received from the server system on the basis of the stored authentication data and the relationship between the notification data and the authentication data); and	wherein if an invalid-key message is received by the second device, the step of transmitting the encrypted data bunch is not performed (May: par. 10; in response to determining that the encryption key is expired, transmitting said notification data [e.g., invalid-key message] to the wireless client device to notify the wireless client device that the at least one service has been terminated; ceasing to provide the at least one service to the wireless client device).	Therefore, it would have been obvious to one of ordinary skill in the art at or before the effective filing date of the claimed invention to combine the teachings of May with the method of Holland, Moffat, Smith, and Nix to include; if the selected symmetric encryption key is still valid: transmitting, from the second device to the first device, information suitable for the first device to identify the symmetric encryption key selected by the second device; an invalid-key message if the selected symmetric encryption key is invalid; transmitting the encrypted data bunch is performed; and if an invalid-key message is received by the second device, the step of transmitting the encrypted data bunch is not performed; to provide users with a means for renewing expiring keys (May: par: 10).
As to claim 25, the combination of Holland, Moffat, Smith, Nix, and May disclose the method of claim 24. Holland further discloses or a secure communications channel is established between the first device and the second device and a new plurality of symmetric encryption keys is transmitted from the first device to the second device (Holland: par. 107; a symmetric key implementation, each device 101 enters into a secure key exchange protocol to exchange a symmetric key; secure key provisioning protocol such as the Dynamic Symmetric Key Provisioning Protocol (DSKPP) may be used to exchange the keys over a secure communication channel; par. 108; once the symmetric keys have been exchanged, they may be used by each device 101 and the IoT hub 110 to encrypt communications).	Nix further teaches wherein, if an invalid-key message is received, a different symmetric (Nix: par. 193; if  expiration time for a previous symmetric key has transpired, then module  may preferably include a symmetric key within message, where the symmetric key would be encrypted using an asymmetric ciphering algorithm with the module private key; securely send the symmetric key 127 to server, which could then utilize symmetric key 127 in a symmetric ciphering algorithms at later steps).
As to claim 36, the claim limitation is similar to claim limitation of claim 24, and rejected for the same reason set forth above for claim 24.
Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/JAHANGIR KABIR/             Primary Examiner, Art Unit 2439