DETAILED ACTION
The following claims are pending in this office action: 23-24, 27-32 and 35-42
The following claims are amended: 23-24, 32, 37, and 40-41 
The following claims are new: -
The following claims are cancelled: 1-22, 25-26, and 33-34
Claims 23-24, 27-32, and 35-42 are rejected. This rejection is FINAL.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Previous Objections Withdrawn
The objections to specification are withdrawn based on the amendments. 
The obviousness-type double patenting rejections are withdrawn based on the amendments.  
RESPONSE TO ARGUMENTS
Applicant’s arguments filed in the amendment filed 03/02/2021 have been fully considered but are moot in view of new grounds of rejection.  
Applicant notes: “Claim 23 requires using an updated class diversifier value that is not included in a certificate signing request to obtain an updated device certificate.  Claims 32 and 40 require similar limitations”.  This additional limitation has been searched for and mapped Nochta (US Patent No. 7,974,415) in the § 103 rejection below.  Included is a class diversifier value and an updated class diversifier value that is not included in a certificate signing request to obtain an updated device certificate.    
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention 


Claims 23-24, 29-32 and 37-42 are rejected under 35 U.S.C. 103 as being unpatentable over Chu et al. (US Pub. 2017/0214662) (hereinafter “Chu”) in view of Fultz et al. (US Patent 7823192) (hereinafter “Fultz”) and in view of Nochta (US Patent No. 7,974,415) (hereinafter “Nochta”) 

As per claim 23, Chu discloses a memory comprising a hardware unique key and a class key and configured to store instructions [and a class diversifier value, wherein the class diversifier value is a first public value]; and ([Chu, para. 0036; 0052] a memory storing computer-readable instructions on the security environment.  The CA private key [or CA secret key/class key] may be installed on the security environment.  A memory including a class diversifier value, wherein the class diversifier value is a first public value is taught in Nochta below)
a processor coupled to the memory, wherein the processor and the memory are configured to provide a secure execution environment, and wherein the instructions cause the processor to be, in the secure execution environment, configured to:  ([Chu, para. 0030; 0036] the device may include a secure environment.  The secure environment may include at least one processor configured to execute computer-readable instructions)
recover a certificate signing key based on the class key and the class diversifier value, wherein the certificate signing key is associated with a certificate authority; ([Chu, para. 0039] the secure environment stores a CA private key [a signing key] that performs a function identical to one issued by a CA.  Recovering a certificate signing key based on the class key and the class diversifier value is taught in Nochta below)
([Chu, para. 0052] the device public key and the device private key may be installed on the secure environment through a hardware security module [or a module that derives the key pair based on the hardware unique key])
generate a device certificate based on the device public key and the certificate signing key, wherein the device certificate is configured to be validated based on a public key associated with the certificate authority; ([Chu, para. 0041-0044] the CA agent in the secure environment generates a digital signature encrypted by using the CA private key [the certificate signing key].  The certificate generator may request the secure environment to provide the device public key into the certificate form [the device certificate based on the device public key].  The certificate generator may generate a final certificate based on attaching the digital signature provided by the CA agent to the certificate form.  The external client [the certificate authority] may verify the validity of the certificate by using the certificate public key)
Chu does not explicitly teach transmitting the device certificate to the certificate authority.  
However, Fultz teaches transmitting the device certificate to the certificate authority. ([Fultz, col. 7, ln. 46-48] the central authentication and validation authority sends the certificate to a certificate authority)  
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Chu with the teachings of Fultz to include the additional element of transmitting the device certificate to the certificate authority.  One of ordinary skill in the art would have been motivated to make this change because by sending the certificate to the certificate authority, the certificate authority can verify/confirm that the signature of the certificate is valid and not revoked (Fultz, col. 7, ln. 48-52).  
a class diversifier value, wherein the class diversifier value is a first public value, recovering a certificate signing key based on the class key and the class diversifier value, upon determining to update the certificate signing key and the device certificate, obtain an updated class diversifier value, wherein the updated class diversifier value is a second public value; recover an updated certificate signing key based on the updated class diversifier value and the class key, wherein the updated certificated signing key is associated with a second certificate authority, and wherein the updated class diversifier value is not included in a certificate signing request to obtain an updated device certificate; and generate the updated device certificate based on the updated certificate signing key and the device public key, wherein the updated device certificate is configured to be validated based on a second public key associated with the second certificate authority.  
However, Nochta teaches a memory including a class diversifier value, wherein the class diversifier value is a first public value ([Nochta, col. 4, ln. 61-63) a public integer value i+1).  [Col. 11, ln. 46-53] the system implements techniques described with a memory) 
recovering a certificate signing key based on the class key and the class diversifier value ([Nochta, col. 10, ln. 15-19) the signature private key [a certificate signing key]  may be used to sign a certificate.  [Col. 3, ln. 51-53] the signature private key Prk (i+1) is generated according to a public key cryptography method, based on the sequence [see col. 3, ln. 44-46] and the public integer value i+1 [see, col. 5, ln. 55-56])
upon determining to update the certificate signing key and the device certificate, ([Nochta, col. 5, ln. 13-15; 25-28] upon determining to update the signature public key by the update date, and thus upon determining to update the corresponding signature private key [see col. 3, ln. 48-50]) obtain an updated class diversifier value, wherein the updated class diversifier value is a second public value; ([Col. 5, ln. 25-28] an updated class diversifier value i+2.  [Col. 4, ln. 61-63] the index values of the sequence are public integers)
recover an updated certificate signing key based on the updated class diversifier value ([Nochta, col. 3, ln. 51-53] the signature private key Prk (i+2) [a updated certificate signing key] is generated [recovered] according to a public key cryptography method, based on the public integer value i+2 [see, col. 5, ln. 25-28]) and the class key, (Col. 3, ln. 44-46 the signature private key of the key pair is generated based on the sequence [see col. 3, ln. 44-46]) wherein the updated certificated signing key is associated with a second certificate authority, ([Col. 10, ln, 29-32]  the updated signature root/private keys [certificated signing key] of the sender may be spread to further receiving parties [a second certificate authority]. [Col. 10, ln, 14-19] the updated signature root/private key of the sender is associated with the receiver as the signature private key is used to provide a signed credential to the receiver, and so is associated with the receiver) wherein the updated class diversifier value is not included in a certificate signing request to obtain an updated device certificate; and ([Nochta, Col. 5, ln. 4-28] a updated data set DS(i+2) is subsequently sent to the receiver, which includes the updated device certificate (see Col. 10, ln. 11-12).  [Col. 10, ln. 12-14) the updated device certificate of Nochta includes an identity of a party, a public key issued to the party and a signature of the certificate authority.  The applicant defines the certificate signing request [CSR] as “data to be incorporated in the device certificate” except the signature of the device [Instant Application, para. 0050].  The only items incorporated in the device certificate of Nochta are 1) the identity of the party and 2) the public key issued to the party.  Thus, the new public integer value [the updated class diversifier value] is not included in the certificate signing request)
generate the updated device certificate based on the updated certificate signing key ([Nochta, col. 10, ln. 15-19) the signature private key [a certificate signing key]  may be used to sign a certificate.  [Col. 3, ln. 44-48] the signature private key Prk (i+2) [the updated certificate signing key] is generated according to a public key cryptography method) and the device public key, (Col. 1, ln. 42-43; data in an electronic format [the updated device certificate] may be encrypted using an encryption public key [the device public key]) wherein the updated device certificate is configured to be validated based on a second public key (Col. 9, ln. 22-30; an original value can be computed from the signature value by applying the signature public key [the second public key] to the signature.  A check may be done to compare the computed original value with a hash value stored in the dataset, and the test hash value stored in the data set) associated with the second certificate authority.  ([Col. 10, ln, 29-32] the updated signature public key [the second public key] of the sender may be spread to further receiving parties [a second certificate authority]. [Col. 10, ln, 14-19] the updated signature private key of the sender is associated with the receiver certificate authority as it is used to authenticate/validate the certificate sent to the receiver)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Chu and Fultz with the teachings of Nochta to include the additional elements of a memory including a class diversifier value, wherein the class diversifier value is a first public value, recovering a certificate signing key based on the class key and the class diversifier value, upon determining to update the certificate signing key and the device certificate, obtain an updated class diversifier value, wherein the updated class diversifier value is a second public value; recover an updated certificate signing key based on the updated class diversifier value and the class key, wherein the updated certificated signing key is associated with a second certificate authority, and wherein the updated class diversifier value is not included in a certificate signing request to obtain an updated device certificate; and generate the updated device certificate based on the updated certificate signing key and the device public key, wherein the updated device certificate is configured to be validated based on a second public key associated with the second certificate authority.  One of ordinary skill in the art would have been motivated to make this change because for a secure public key cryptography procedure, it is useful to use more than one pair of related keys as used pair of keys may, for example, fail to provide a specific security level after some time of usage (Nochta, col 3, ln. 55-59)

As per claim 24, Chu in view of Fultz and Nochta teaches claim 23
Chu also teaches generate a certificate signing request based on the device public key and the device private key; ([Chu, para. 0086, Fig. 9] the SE gets a certificate signing request from the AP to apply a digital signature to a device key pair)
and generate the device certificate based on the certificate signing request and the certificate signing key. ([Chu, para. 0086, Fig. 9] the final certificate is generated based on the digital signature using the CA private key)

As per claim 29, Chu in view of Fultz and Nochta teaches claim 23
Chu also teaches wherein in a manner of recovering the certificate signing key, the instructions further cause the processor to be configured to recover the certificate signing key based on white box decryption.  ([Chu, para. 0037; para. 0038; para. 0039; Fig. 1) the CA secret is stored in the secure environment where the protection prevents external access to internal information, including by encryption vis-à-vis an encryption engine.  [Instant Application, para. 0045] White box techniques are “where the certificate signing key is stored in encoded form and only the secure environment is able to decrypt the stored cypher text to recover the confidential key material”.   The CA secret key is encrypted and stored in encoded form by being contained in the secure environment, and only the secure environment is able to generate the signature for the digital certificate)
	
As per claim 30, Chu in view of Fultz and Nochta teaches claim 23
Chu also teaches wherein in a manner of deriving the device key pair, the instructions further cause the processor to be configured to derive the device key pair based on white box decryption.  ([Chu, para. 0037; para. 0038; para. 0039; Fig. 1) software that generates the device private key is stored in the secure environment where the protection prevents external access to internal information, including by encryption vis-à-vis an encryption engine.  [Instant Application, para. 0045] White box techniques are “where the device private key is stored in encoded form and only the secure environment is able to decrypt the stored cypher text to recover the confidential key material”.   The device private key is encrypted and stored in encoded form by being contained in the secure environment and being generated by software, and only the secure environment is able to generate device private key)

As per claim 31, Chu in view of Fultz and Nochta teaches claim 23.
Chu also teaches wherein the apparatus is a mobile phone or a mobile computing device.  ([Chu, para. 0029) the device may be an electronic device configured to process data such as a mobile device)

As per claim 32, this claim recites a method comprising the steps disclosed in the apparatus of claim 23, has claim language that is identical or substantially similar to that of claim 23, and thus is rejected with the same rationale applied against claim 23. 

As per claim 37, the claim language is identical or substantially similar to that of claim 24. Therefore, it is rejected under the same rationale applied to claim 24. 

As per claim 38, the claim language is identical or substantially similar to that of claim 29. Therefore, it is rejected under the same rationale applied to claim 29. 

As per claim 39, the claim language is identical or substantially similar to that of claim 30. Therefore, it is rejected under the same rationale applied to claim 30. 

As per claim 40, this claim recites a computer program product comprising a non-transitory computer-readable medium storing executable instructions, wherein the computer executable instruction are executed by a processor causing the processor to perform the steps disclosed in the apparatus of claim 23, has claim language that is identical or substantially similar to that of claim 23, and thus is rejected with the same rationale applied against claim 23. 

As per claim 41, the claim language is identical or substantially similar to that of claim 24. Therefore, it is rejected under the same rationale applied to claim 24. 

As per claim 42, the claim language is identical or substantially similar to that of claim 24. Therefore, it is rejected under the same rationale applied to claim 29.

Claims 27-28 and 35-36 are rejected under 35 U.S.C. 103 as being unpatentable over Chu in view of Fultz, in view of Nochta, as applied to claim 23 above and further in view of Pinkas (US Patent No. 6,968,060) (hereinafter “Pinkas”).  

As per claim 27 Chu in view of Fultz and Nochta teaches claim 23.
Chu in view of Fultz and Nochta does not teach wherein the memory further comprises a device diversifier value, and wherein the instructions further cause the processor to be configured to derive the device key pair based on the hardware unique key and the device diversifier value.  
However, Pinkas teaches wherein the memory further comprises a device diversifier value, and wherein the instructions further cause the processor to be configured to derive the device key pair based on the hardware unique key and the device diversifier value.  ([Pinkas, col. 2, ln. 40-44; col. 8, ln. 17-19; col. 6, ln. 25-27] for a set of embedded systems, a mother public key and a mother private key pair [the device key pair] are associated with the identity of an authorized operator [diversifier value].  The public key and the diversified private key of the key pair are also derived based on the serial number of the embedded system [the hardware unique key]
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Chu with the teachings of Pinkas to include the additional element of wherein the memory further comprises a device diversifier value, and wherein the instructions further cause the processor to be configured to derive the device key pair based on the hardware unique key and the device diversifier value.  One of ordinary skill in the art would have been motivated to make this change because by using the device diversifier value, it is possible to ensure that the request is only useable for the usages indicated by the request, i.e. the public/private key can only be used for PKI infrastructure (Pinkas, col 1, ln. 63 - col 2, ln. 2)

As per claim 28 Chu in view of Fultz and Nochta teaches claim 23.
Chu in view of Fultz and Nochta does not teach update the device diversifier value; derive an updated device key pair based on the hardware unique key and an updated device diversifier value, wherein the updated device key pair comprises an updated device public key and an updated device private key; and generate an updated device certificate based on the updated device public key and the certificate signing key.
However, Pinkas teaches update the device diversifier value; ([Pinkas, col. 6, ln. 10-14] the identifier can be one in a range of constituted by a start-of-range, and an end of range)
derive an updated device key pair based on the hardware unique key and an updated device diversifier value, wherein the updated device key pair comprises an updated device public key and an updated device private key; ([Pinkas, col. 2, ln. 40-44; col. 8, ln. 17-19; col. 6, ln. 25-27] for a set of embedded systems, a mother public key and a mother private key pair [the device key pair] are associated with the identity of an authorized operator [the diversifier value].  The public key and the diversified private key of the key pair are also derived based on the serial number of the embedded system [the hardware unique key].  The updated identifier picked from the range of identifiers provides an updated device key pair, but the hardware unique key does not change as it is based on the serial number of the embedded system)
and generate an updated device certificate based on the updated device public key and the certificate signing key.  ([Pinkas, col 4, ln. 55-57; col 10, ln. 36-41] the certificate generates is associated with a public key value.  The public value is derived based on the authorized operator.  As it is not necessary to know in advance which CA will be chosen by the operator, the certificate signing key and verification can remain the same despite that the certificate has been updated with a new operator as long as the identity of the operator is within the range of identifiers)
At the time of filing it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Chu with the teachings of Pinkas to include the additional elements of update the device diversifier value; derive an updated device key pair based on the hardware unique key and an updated device diversifier value, wherein the updated device key pair comprises an updated device public key and an updated device private key; and generate an updated device certificate based on the updated device public key and the certificate signing key.  One of ordinary skill in the art would have been motivated to make this change because by using the public device diversifier value, it is not necessary to know which CA will be chosen by the device in advance and will simplify the management of a large number of embedded systems (Pinkas, col 10, ln. 41-44)

As per claim 35, the claim language is identical or substantially similar to that of claim 27. Therefore, it is rejected under the same rationale applied to claim 27. 

. 
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHE LIU whose telephone number is (571) 272-3634.  The examiner can normally be reached on Monday - Friday: 8:30 AM to 5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-
/Z.L./Examiner, Art Unit 2493                                                                                                                                                                                                        
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493