Notice of Pre-AIA  or AIA  Status
The present application, filed on or after June 28, 2018, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 01/07/2021 has been entered.
Claims 1-20 are pending and are being considered.
Claims 1, 12 and 19 have been amended.
 
Claim objections 
Claim 1, 12 and 19 are objected due to minor informalities. 
Claims 1, 12 and 19 line 14, 18 and 21“……encrypt packets to the remote device” should read as ““……encrypt packets for the remote device”.
Claims 1, 12 and 19 last two lines recites “remote device” should read as “remote network device”
Response to 103 
	Applicants arguments filled on 12/11/2020 have been fully considered and are moot in view of new grounds of rejection. The argument do not apply to the art being used currently. 
CLAIM INTERPRETATION

The following is a quotation of 35 U.S.C. 112(f):


The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 

As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 

(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 

Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 

Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, control device and local network device in claim 19 

Claim limitation(s) “control device” and “local network device” of claims 19 gives their broadest reasonable interpretation of the claim elements with a limited description in the specification. The examiner notes that these devices have physical structure see Fig 9 and text on para [0096-0097] of the spec. Accordingly claims 19 invoke 35 U.S.C. 112 (f) or sixth paragraph, but the corresponding structure is described.

Because these claim limitation(s) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.

If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

                                               Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 1-2, 4-13 and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al (hereinafter Lee) (US 20090215477) (i.e. provided in IDS) in view of Soppera (hereinafter Soppera) (US 9124565) and further in view of Iitsuka et al (hereinafter Iitsuka) (US 6463151).

Regarding claim 1 Lee teaches A method, comprising (Lee on [0009] teaches a method that facilitates securely accessing devices of a mobile infosphere is provided);
transmitting a first public encryption key from a local network device to a control device (Lee Fig 2 and text on [0066] teaches the security key generator 220 of mobile device 204  can create a public/private security key pair and request registration from the registry server 206. Upon receiving the parameters, the registration verifier 214 can ensure the association of the mobile infosphere device 204 with the mobile device 202. For example, the registration verifier 214 can transmit an SMS to the mobile device 202 to confirm association with the mobile infosphere device 204; the SMS can include data such as the public key, which the user of the mobile device 202 can verify against that of the mobile infosphere device 204. See on [0082] teaches The mobile infosphere file system 606 can obtain this request and contact a registry server to access information, such as an address and/or public key, to access the mobile infosphere device 604);
encrypting a first packet for a remote network device utilizing a first private encryption key correlated with the first public encryption key (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key and transmit the encrypted message to the registry server to initialize the mobile infosphere);
(Lee on [0066] teaches a public/private key renewal for refreshed security. See on [claim 12] refreshing the private and public keys (i.e. generates new public/private keys));
 transmitting the second public encryption key from the local network device to the control device (Lee on [claim 12] refreshing the private and public keys and transmitting the refreshed public key for association with the initialized mobile infosphere);
 (Lee on [0064-0066] teaches a public/private key renewal for refreshed security, the mobile infosphere device 204 can notify the registry server 206 via secure message encrypted with the private key of the device 204. Further on [0067] teaches the mobile device 202 can encrypt communications with its private key and the public key of the mobile infosphere device 204. See also [Claim 9 and 24] updating the public and private key);
wherein before the generating, the local network device uses the first private encryption key to encrypt packets to the remote network device (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key before refreshing or renewing public/private key (i.e. utilizing the first encryption key, since second key is yet to be generated)).
	Lee fails to explicitly teach receiving a first message from the remote network device at the local network device that the remote network device received the second public encryption key from the control device, wherein between the generating and the receiving, the local network device is in possession of the first public encryption key and the second public encryption key, uses the first private encryption key to encrypt packets to the remote network device, and does not yet use the second public encryption key to encrypt packets to the remote network device and wherein after receiving the first message from the remote network device that the remote network device received the second public 
receiving a first message from the remote network device at the local network device that the remote network device received the second public encryption key from the control device (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key. Further teaches receiving acknowledgement of the RFID reader system receiving the new ownership key);
and after receiving the first message from the remote network device that the remote network device received the second public encryption key, Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key. Further teaches receiving acknowledgement of the RFID reader system receiving the new ownership key);
wherein after receiving the first message from the remote network device that the remote network device received the second public encryption key, the local network device stops using the first private encryption key to encrypt packets to the remote device and transitions to the second private encryption key to encrypt packets for the remote device (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key; and means for replacing, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key with a new current read key (i.e. second private encryption key). RFID device receives acknowledgement that RFID system receives new ownership key (i.e. second public encryption key). See [claim 1, 28 and 30] discloses a current read key (i.e. first encryption key) for encrypting device data on the RFID device. Issuing a take ownership command for generating new ownership key and the RFID device is configured to replace, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key held on the RFID device with a new current read key, the new current read key (i.e. second private encryption key) being for encrypting the device data on the RFID device. See also on [Col 4 line 25-45] teaches RFID reader system is permitted to take ownership of the RFID device; and means for receiving from the authorization apparatus the new ownership key and an acknowledgement that may be communicated to the tag as evidence of authorization and using the new ownership key to authenticate, with the RFID device, a process of instructing the RFID device to change its current read key to a new read key for use by the RFID reader system (i.e. device stops using the previous read key for encrypting data after receiving acknowledgment of new ownership key)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

	Although the combination of Lee and Soppera teaches receiving an acknowledgment that the device has received ownership key and uses the new encryption key, but fails to explicitly teach wherein between the generating and the receiving, the local network device is in possession of the first public encryption key and the second public encryption key, uses the first private encryption key to encrypt packets to the remote network device, and does not yet use the second public encryption key to encrypt packets to the remote network device, However Iitsuka from analogous art teaches 
(Iitsuka on [Col 13 line 12-20] teaches generating a new key A2 to be used from time T3, and transfers the new generated key A2 to the sink device 102, the key distribution means 206 confirms through a predetermined transaction that distribution of the key to the sink device 102 is completed, and sends distribution completion information 206a to the change-over timing determination means 207. The change-over timing determination means 207 acquires the distribution completion information, and then instructs the encryption means 205 to change the key used up to then to new key A2 obtained from the key saving means 204 for encryption. See on [Col 16 line 26-39] teaches the sink device has simultaneously acquired keys A1 and A2 immediately after time T1 (i.e. the device has both the keys and only uses key A1 and not use key A2 until time T3 see Fig 4-5)).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Iitsuka into the combined teaching of Lee and Soppera by holding the new 
Encryption key for replacing the current encryption key until notification is received. One would be protect and securely transmit that data (Iitsuka on [Col 3 line 15-20]).

Regarding claim 12 Lee teaches A non-transitory computer readable medium containing instructions that, in response to being executed by one or more processors, cause a local network device to perform operations, the operations comprising (Lee on [0056 and 0127-0129] teaches memory storing the instruction to executed by computer);
(Lee Fig 2 and text on [0066] teaches the security key generator 220 of mobile device 204  can create a public/private security key pair and request registration from the registry server 206. Upon receiving the parameters, the registration verifier 214 can ensure the association of the mobile infosphere device 204 with the mobile device 202. For example, the registration verifier 214 can transmit an SMS to the mobile device 202 to confirm association with the mobile infosphere device 204; the SMS can include data such as the public key, which the user of the mobile device 202 can verify against that of the mobile infosphere device 204. See on [0082] teaches The mobile infosphere file system 606 can obtain this request and contact a registry server to access information, such as an address and/or public key, to access the mobile infosphere device 604);
 encrypt a first packet for a remote network device utilizing a first private encryption key correlated with the first public encryption key (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key and transmit the encrypted message to the registry server to initialize the mobile infosphere);
generate a second public encryption key and a second private encryption key (Lee on [0066] teaches a public/private key renewal for refreshed security. See on [claim 12] refreshing the private and public keys (i.e. generates new public/private keys)); 
transmit the second public encryption key from the local network device to the control device (Lee on [claim 12] refreshing the private and public keys and transmitting the refreshed public key for association with the initialized mobile infosphere);
(Lee on [0064-0066] teaches a public/private key renewal for refreshed security, the mobile infosphere device 204 can notify the registry server 206 via secure message encrypted with the private key of the device 204. Further on [0067] teaches the mobile device 202 can encrypt communications with its private key and the public key of the mobile infosphere device 204. See also [Claim 9 and 24] updating the public and private key).
wherein before the generating, the local network device uses the first private encryption key to encrypt packets to the remote network device (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key before refreshing or renewing public/private key (i.e. utilizing the first encryption key, since second key is yet to be generated)).
	Lee fails to explicitly teach receiving a first message from the remote network device at the local network device that the remote network device received the second public encryption key from the control device, wherein between the generating and the receiving, the local network device is in possession of the first public encryption key and the second public encryption key, uses the first private encryption key to encrypt packets to the remote network device, and does not yet use the second public encryption key to encrypt packets to the remote network device and wherein after receiving the first message from the remote network device that the remote network device received the second public encryption key, the local network device stops using the first private encryption key to encrypt packets to the remote device and transitions to the second private encryption key to encrypt packets for the remote device, However Soppera from analogous art teaches 
receiving a first message from the remote network device at the local network device that the remote network device received the second public encryption key from the control device (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key);
and after receiving the first message from the remote network device that the remote network device received the second public encryption key, Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key);
wherein after receiving the first message from the remote network device that the remote network device received the second public encryption key, the local network device stops using the first private encryption key to encrypt packets to the remote device and transitions to the second private encryption key to encrypt packets for the remote device (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key; and means for replacing, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key with a new current read key (i.e. second private encryption key). RFID device receives acknowledgement that RFID system receives new ownership key (i.e. second public encryption key). See [claim 1, 28 and 30] discloses a current read key (i.e. first encryption key) for encrypting device data on the RFID device. Issuing a take ownership command for generating new ownership key and the RFID device is configured to replace, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key held on the RFID device with a new current read key, the new current read key (i.e. second private encryption key) being for encrypting the device data on the RFID device. See also on [Col 4 line 25-45] teaches RFID reader system is permitted to take ownership of the RFID device; and means for receiving from the authorization apparatus the new ownership key and an acknowledgement that may be communicated to the tag as evidence of authorization and using the new ownership key to authenticate, with the RFID device, a process of instructing the RFID device to change its current read key to a new read key for use by the RFID reader system (i.e. device stops using the previous read key for encrypting data after receiving acknowledgment of new ownership key)).
 into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

	Although the combination of Lee and Soppera teaches receiving an acknowledgment that the device has received ownership key and uses the new encryption key, but fails to explicitly teach wherein between the generating and the receiving, the local network device is in possession of the first public encryption key and the second public encryption key, uses the first private encryption key to encrypt packets to the remote network device, and does not yet use the second public encryption key to encrypt packets to the remote network device, However Iitsuka from analogous art teaches 
wherein between the generating and the receiving, the local network device is in possession of the first public encryption key and the second public encryption key, uses the first private encryption key to encrypt packets to the remote network device, and does not yet use the second public encryption key to encrypt packets to the remote network device (Iitsuka on [Col 13 line 12-20] teaches generating a new key A2 to be used from time T3, and transfers the new generated key A2 to the sink device 102, the key distribution means 206 confirms through a predetermined transaction that distribution of the key to the sink device 102 is completed, and sends distribution completion information 206a to the change-over timing determination means 207. The change-over timing determination means 207 acquires the distribution completion information, and then instructs the encryption means 205 to change the key used up to then to new key A2 obtained from the key saving means 204 for encryption. See on [Col 16 line 26-39] teaches the sink device has simultaneously acquired keys A1 and A2 immediately after time T1 (i.e. the device has both the keys and only uses key A1 and not use key A2 until time T3 see Fig 4-5)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Iitsuka into the combined teaching of Lee and Soppera by holding the new 
Encryption key for replacing the current encryption key until notification is received. One would be protect and securely transmit that data (Iitsuka on [Col 3 line 15-20]).


Regarding claim 2 and 13 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 1 and 12 respectively, Lee further teaches further comprising: receiving a third public encryption key from the control device, the third public encryption key correlated with a third private encryption key, and wherein encrypting the first packet includes utilizing both the first private encryption key and the third public encryption key (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key and transmit the encrypted message to the registry server to initialize the mobile infosphere. See on [0066] teaches a public/private key renewal for refreshed security. See on [claim 12] refreshing the private and public keys (i.e. generates new public/private keys)).
Soppera teaches receiving a fourth public encryption key from the control device to eventually replace the third public encryption key, the fourth public encryption key correlated with a fourth private encryption key (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key; and means for replacing, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key. See also on [Col 4 line 25-45] teaches RFID reader system is permitted to take ownership of the RFID device; and means for receiving from the authorization apparatus the new ownership key and an acknowledgement that may be communicated to the tag as evidence of authorization and using the new ownership key to authenticate, with the RFID device, a process of instructing the RFID device to change its current read key to a new read key for use by the RFID reader system (i.e. device stops using the previous read key for encrypting data after receiving acknowledgment of new ownership key));
 transmitting a second message to the remote network device that the local network device received the fourth public encryption key and encrypting a third packet (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

Regarding claim 4 and 15 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 2 and 13 respectively, Lee further teaches Lee on [0064-0066] teaches a public/private key renewal for refreshed security, the mobile infosphere device 204 can notify the registry server 206 via secure message encrypted with the private key of the device 204. Further on [0067] teaches the mobile device 202 can encrypt communications with its private key and the public key of the mobile infosphere device 204).
 teaches wherein the first message is received after transmitting the second message (Soppera [Col 3 line 40-55] teaches receiving a take ownership command from the RFID reader system. receiving acknowledgement of the RFID reader system receiving the new ownership key; and in response to receiving the acknowledgement of the RFID reader system receiving the new ownership key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

Regarding claim 5 and 16 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 2 and 13 respectively, Soppera further teaches wherein transmitting the second message includes transmitting an acknowledgment packet to the remote network device in response to receiving the fourth public encryption key from the control device (Soppera [Col 3 line 40-55] teaches receiving a take ownership command from the RFID reader system. receiving acknowledgement of the RFID reader system receiving the new ownership key; and in response to receiving the acknowledgement of the RFID reader system receiving the new ownership key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

6 and 17 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 1 and 12 respectively, Lee further teaches further comprising: receiving a third public encryption key from the control device, the third public encryption key correlated with a third private encryption key; wherein encrypting the first packet includes utilizing both the first private encryption key and the third public encryption key; and wherein encrypting the second packet includes utilizing both the second private encryption key and the third public encryption key (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key and transmit the encrypted message to the registry server to initialize the mobile infosphere. See on [0066 and claim12] teaches refreshing the private and public keys and transmitting the refreshed public key for association with the initialized mobile infosphere).
Regarding claim 7 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 1 above, Soppera further teaches wherein receiving the first message includes receiving an acknowledgment packet (Soppera [Col 3 line 40-55] teaches receiving a take ownership command from the RFID reader system. receiving acknowledgement of the RFID reader system receiving the new ownership key; and in response to receiving the acknowledgement of the RFID reader system receiving the new ownership key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

Regarding claim 8 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 7 above, Lee further teaches  further comprising transmitting a request from the local network (Lee on [0009-0010, 0016-0018, 0067] teaches decrypting the payload using a first public key from the registry server and a private key related to a second public key transmitted in the registration request and encrypting the payload with the private key and the first public key).
Regarding claim 9 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 8 above, Iitsuka further teaches wherein transmitting the request is not performed until at least a distribution time has elapsed after transmitting the second public encryption key from the local network device to the control device, the distribution time including a periodic time duration of when the control device distributes one or more encryption keys to one or more network devices (Iitsuka on [Col 12 line 60-67] teaches the copy management information becomes necessary in requesting transfer of a new key to be changed in a predetermined period of time. See on [Col 13 line 25-40] teaches the generated key A2 is sent to the key saving means 204. In addition, the key distribution means 206 confirms through a predetermined transaction that distribution of the key to the sink device 102 is completed, and sends distribution completion information 206a to the change-over timing determination means 207. The change-over timing determination means 207 acquires the distribution completion information).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Iitsuka into the combined teaching of Lee and Soppera by holding the new 
Encryption key for replacing the current encryption key until predetermined time is elapsed. One would be protect and securely transmit that data (Iitsuka on [Col 3 line 15-20]).

Regarding claim 10 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 7 above, Soppera further teaches wherein the first message is sent in response to the remote (Soppera [Col 3 line 40-55] teaches receiving a take ownership command from the RFID reader system. receiving acknowledgement of the RFID reader system receiving the new ownership key; and in response to receiving the acknowledgement of the RFID reader system receiving the new ownership key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

Regarding claim 11 and 18 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 1 and 12 above respectively, Soppera further teaches further comprising continuing to encrypt packets utilizing the first private encryption key until receiving the first message from the remote network device that the remote network device received the second public encryption key  (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key; and means for replacing, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key with a new current read key (i.e. second private encryption key). RFID device receives acknowledgement that RFID system receives new ownership key (i.e. second public encryption key). See [claim 1, 28 and 30] discloses a current read key (i.e. first encryption key) for encrypting device data on the RFID device. Issuing a take ownership command for generating new ownership key and the RFID device is configured to replace, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key held on the RFID device with a new current read key, the new current read key (i.e. second private encryption key) being for encrypting the device data on the RFID device. See also on [Col 4 line 25-45] teaches RFID reader system is permitted to take ownership of the RFID device; and means for receiving from the authorization apparatus the new ownership key and an acknowledgement that may be communicated to the tag as evidence of authorization and using the new ownership key to authenticate, with the RFID device, a process of instructing the RFID device to change its current read key to a new read key for use by the RFID reader system (i.e. device stops using the previous read key for encrypting data after receiving acknowledgment of new ownership key)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

Regarding claim 19 Lee teaches A system, comprising (Lee on [0005] teaches Wireless communication systems);
a control device, the control device configured to receive and periodically distribute public encryption keys (Lee Fig 2 and text on [0063] teaches a registry server 206 (i.e. control device). See on [0067-0068] teaches mobile infosphere device 204 can receive public/private keys from the registry server 206. See on [0076] teaches the registry server return public key to the mobile device (i.e. server distributes public keys));
 a remote network device in communication with the control device (Lee fig 2 and text on [0063-0065] teaches a wireless communications environment 200 that facilitates communication between a mobile device 202 and a mobile infosphere 204, or one or more devices in the infosphere 204, via a registry server 206. See on [0054-0055] teaches The components can communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets);
and a local network device in communication with the control device and in communication with the remote network device, the local network device configured to perform operations comprising (Lee fig 2 and text on [0063-0065] teaches a wireless communications environment 200 that facilitates communication between a mobile device 202 and a mobile infosphere 204, or one or more devices in the infosphere 204, via a registry server 206);
transmit a first public encryption key to the control device (Lee Fig 2 and text on [0066] teaches the security key generator 220 of mobile device 204  can create a public/private security key pair and request registration from the registry server 206. Upon receiving the parameters, the registration verifier 214 can ensure the association of the mobile infosphere device 204 with the mobile device 202. For example, the registration verifier 214 can transmit an SMS to the mobile device 202 to confirm association with the mobile infosphere device 204; the SMS can include data such as the public key, which the user of the mobile device 202 can verify against that of the mobile infosphere device 204. See on [0082] teaches The mobile infosphere file system 606 can obtain this request and contact a registry server to access information, such as an address and/or public key, to access the mobile infosphere device 604);
 encrypt a first packet for the remote network device utilizing a first private encryption key correlated with the first public encryption key (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key and transmit the encrypted message to the registry server to initialize the mobile infosphere);
 send the first packet to the remote network device (Lee on [0054] teaches The components can communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from one component interacting with another component in a local system. see on [0123] teaches One possible communication between a client 1810 and a server 1830 may be in the form of a data packet transmitted between two or more computer processes);
 generate a second public encryption key and a second private encryption key (Lee on [0066] teaches a public/private key renewal for refreshed security. See on [claim 12] refreshing the private and public keys);
 transmit the second public encryption key to the control device (Lee on [claim 12] refreshing the private and public keys and transmitting the refreshed public key for association with the initialized mobile infosphere);
(Lee on [0064-0066] teaches a public/private key renewal for refreshed security, the mobile infosphere device 204 can notify the registry server 206 via secure message encrypted with the private key of the device 204. Further on [0067] teaches the mobile device 202 can encrypt communications with its private key and the public key of the mobile infosphere device 204. See also [Claim 9 and 24] updating the public and private key);
wherein before the generating, the local network device uses the first private encryption key to encrypt packets to the remote network device (Lee on [0010- 0014, 0064 and 0066] teaches encrypting message using private key having a related public key before refreshing or renewing public/private key (i.e. utilizing the first encryption key, since second key is yet to be generated)).
	Lee fails to explicitly teach receiving a first message from the remote network device at the local network device that the remote network device received the second public encryption key from the control device, wherein between the generating and the receiving, the local network device is in possession of the first public encryption key and the second public encryption key, uses the first private encryption key to encrypt packets to the remote network device, and does not yet use the second public 
receiving a first message from the remote network device at the local network device that the remote network device received the second public encryption key from the control device (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key);
and after receiving the first message from the remote network device that the remote network device received the second public encryption key, Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key);
wherein after receiving the first message from the remote network device that the remote network device received the second public encryption key, the local network device stops using the first private encryption key to encrypt packets to the remote device and transitions to the second private encryption key to encrypt packets for the remote device (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key; and means for replacing, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key with a new current read key (i.e. second private encryption key). RFID device receives acknowledgement that RFID system receives new ownership key (i.e. second public encryption key). See [claim 1, 28 and 30] discloses a current read key (i.e. first encryption key) for encrypting device data on the RFID device. Issuing a take ownership command for generating new ownership key and the RFID device is configured to replace, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key held on the RFID device with a new current read key, the new current read key (i.e. second private encryption key) being for encrypting the device data on the RFID device. See also on [Col 4 line 25-45] teaches RFID reader system is permitted to take ownership of the RFID device; and means for receiving from the authorization apparatus the new ownership key and an acknowledgement that may be communicated to the tag as evidence of authorization and using the new ownership key to authenticate, with the RFID device, a process of instructing the RFID device to change its current read key to a new read key for use by the RFID reader system (i.e. device stops using the previous read key for encrypting data after receiving acknowledgment of new ownership key)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

	Although the combination of Lee and Soppera teaches receiving an acknowledgment that the device has received ownership key and uses the new encryption key, but fails to explicitly teach wherein between the generating and the receiving, the local network device is in possession of the first public encryption key and the second public encryption key, uses the first private encryption key to encrypt packets to the remote network device, and does not yet use the second public encryption key to encrypt packets to the remote network device, However Iitsuka from analogous art teaches 
(Iitsuka on [Col 13 line 12-20] teaches generating a new key A2 to be used from time T3, and transfers the new generated key A2 to the sink device 102, the key distribution means 206 confirms through a predetermined transaction that distribution of the key to the sink device 102 is completed, and sends distribution completion information 206a to the change-over timing determination means 207. The change-over timing determination means 207 acquires the distribution completion information, and then instructs the encryption means 205 to change the key used up to then to new key A2 obtained from the key saving means 204 for encryption. See on [Col 16 line 26-39] teaches the sink device has simultaneously acquired keys A1 and A2 immediately after time T1 (i.e. the device has both the keys and only uses key A1 and not use key A2 until time T3 see Fig 4-5)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Iitsuka into the combined teaching of Lee and Soppera by holding the new 
Encryption key for replacing the current encryption key until notification is received. One would be protect and securely transmit that data (Iitsuka on [Col 3 line 15-20]).
Regarding claim 20 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 19 above, Soppera further teaches the remote network device receives the second public encryption key during a periodic distribution of public encryption keys, the periodic distribution including the second public encryption key (Soppera on [Col 2 line 40-67] teaches receiving, from the RFID reader system, a change read key command and an indication that the RFID reader system holds the current ownership key; and means for replacing, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key with a new current read key (i.e. second private encryption key). RFID device receives acknowledgement that RFID system receives new ownership key (i.e. second public encryption key). See [claim 1, 28 and 30] discloses a current read key (i.e. first encryption key) for encrypting device data on the RFID device. Issuing a take ownership command for generating new ownership key and the RFID device is configured to replace, responsive to receiving the change read key command and the indication that the RFID reader system holds the current ownership key, the current read key held on the RFID device with a new current read key, the new current read key (i.e. second private encryption key) being for encrypting the device data on the RFID device. See also on [Col 4 line 25-45] teaches RFID reader system is permitted to take ownership of the RFID device; and means for receiving from the authorization apparatus the new ownership key and an acknowledgement that may be communicated to the tag as evidence of authorization and using the new ownership key to authenticate, with the RFID device, a process of instructing the RFID device to change its current read key to a new read key for use by the RFID reader system (i.e. device stops using the previous read key for encrypting data after receiving acknowledgment of new ownership key)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Soppera into the teaching of Lee by receiving a notification or message that public key is received and replacing the first key with new key for encrypting data. One would be motivated to do so in order to protect data from unauthorized access and enhance data security (Soppera [Col 2 line 15-35]).

Claims 3 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Lee et al (hereinafter Lee) (US 20090215477) (i.e. provided in IDS) in view of Soppera (hereinafter Soppera) (US 9124565) in view . 

Regarding claim 3 and 14 the combination of Lee, Soppera and Iitsuka teaches all the limitations of claim 2 and 13 respectively, Lee further teaches a payload included the third packet encrypted utilizing the first private encryption key and the fourth public encryption key (Lee on [0009 and 0012-0013] teaches encrypting the payload with the private key and the first public key included in message).
The combination of Lee, Soppera and Iitsuka fails to explicitly teach wherein the second message includes a header that at least identifies the first private encryption key and the fourth public encryption key, however Sohn from analogous art teaches wherein the second message includes a header that at least identifies the first private encryption key and the fourth public encryption key (Sohn on [0022, 0041 and 0080] teaches The decryption processing unit may also identify the public key from the message header, and the decryption processing unit may obtain the private key using the public key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Sohn into the combined teaching of Lee, Soppera and Iitsuka by having message header identifying public and private key. One would be motivated to do so in order to deliver data through communication channels and ensure confidentiality of the data (Sohn on [0005]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Hori et al (US 20070076886) technique for periodically update a key used to encrypt communication data. This conventional technique relates to an encryption key updating method in an encrypted communication network in a system including an encryption key server which orders update of an encryption key in order to raise the communication safety and a plurality of clients which receive an order from the encryption key server. In this conventional technique, the encryption key server repeats transmission of encryption key update data to each client and reception of an ACK (ACKnowledgement) signal which shows that the encryption key update data has been received, from each client, successively. When receiving encryption key update data and returning an ACK signal, each client stores the new encryption key. And in this conventional technique, each client continues use of an old encryption key, receives an update permission from the encryption key server which receives a predetermined ACK signal from the clients by broadcast communication, and changes over an encryption key used by each client from an old encryption key to a new encryption key all at once.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522.  The examiner can normally be reached on 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/MOEEN KHAN/Examiner, Art Unit 2436                                                                                                                                                                                                        
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436