DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Acknowledgements
This communication is in response to
Application claim amendments filed on 1/26/2021, and 
Authorization for the below examiner’s claim amendments was given by email by Mr. Richard Warther (Reg. No. 55,595) on 05/27/2021.

The amendments filed on 09/21/2020 have been entered.
The claims amendments overcome the objections and the USC 103 rejections previously set forth in the Office Action mailed on 07/20/2020.
Claim 1 is interpreted under USA 112(f), where the “key distribution center” is interpreted as a placeholder. The structure and function of the above placeholder is disclosed in the specification of the instant application as described in the Office Action mailed on 11/04/2020. The claim amendments obviate the remaining interpretations under USA 112(f) previously set forth in the Office Action mailed on 11/04/2020.

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Examiner’s Amendment
Note: Proposed amendments marked manually with underlining and 
Claims
1. (CURRENTLY AMENDED) A cross-domain information transfer system comprising: 
a key distribution center configured to generate a plurality of private encryption keys, and a respective signature key pair for an attribute from among a plurality of different attributes, wherein each attribute comprises a binary attribute,
each signature key pair and attribute associated with a given domain among a plurality of different domains, and each signature key pair comprising a secret signing key and a secret verifying key; 
a sender device, among a plurality of sender devices, comprising a processor and transceiver coupled thereto, and configured to receive a respective private encryption key and generate ciphertext from plaintext based upon the private encryption key, append a respective attribute for a given domain to the ciphertext, 
receive a respective secret signing key and generate ciphertext with a concealed attribute from the ciphertext with the appended attribute based upon the secret signing key, and broadcast the ciphertext with the concealed attribute through an untrusted network; and 

wherein the plurality of different domains have different security levels associated therewith,
each domain gateway device is not capable of determining the plaintext and comprising a processor and transceiver coupled thereto, and having a respective attribute associated therewith and configured to receive a respective secret verifying key, 
receive the ciphertext with the concealed attribute from the untrusted network, and use the secret verifying key to determine if the concealed attribute matches the attribute associated with the domain gateway device, and, when so, pass the ciphertext to at least one receiver device coupled with the domain gateway device, 
wherein the at least one receiver device comprises a processor and transceiver coupled thereto, and configured to decrypt the ciphertext into plaintext based upon the private encryption key.  

2. (CANCELLED).  
3. (CANCELLED). 
4. (CANCELLED).    

5. (ORIGINAL) The cross-domain information transfer system of claim 1 wherein each private encryption key is based upon an Advanced Encryption Standard (AES).  



7. (ORIGINAL) The cross-domain information transfer system of claim 1 wherein the sender device is configured to process information to generate multiple broadcasts to different domains.  

8. (CURRENTLY AMENDED) A cross-domain information transfer system comprising: 
a sender device, among a plurality of sender devices, comprising a processor and transceiver coupled thereto and configured to receive a respective private encryption key and generate ciphertext from plaintext based upon the private encryption key, 
append a respective attribute for a given domain among a plurality of different domains to the ciphertext, wherein each attribute comprises a binary attribute,
receive a respective secret signing key and generate ciphertext with a concealed attribute from the ciphertext with the appended attribute based upon the secret signing key, and broadcast the ciphertext with the concealed attribute; and a plurality of domain gateway devices, 
wherein the plurality of different domains have different security levels associated therewith, 
is not capable of determining the plaintext and comprising a 4First Named Inventor:processor and transceiver coupled thereto, and having a respective attribute associated therewith and configured to receive a respective secret verifying key associated with each domain, 
receive the ciphertext with the concealed attribute from the untrusted network, and use the secret verifying key to determine if the concealed attribute matches the attribute associated with the domain gateway device, and, when so, pass the ciphertext to at least one receiver device coupled with the domain gateway device, 
wherein the at least one receiver device comprises a processor and transceiver coupled thereto, and configured to decrypt the ciphertext into plaintext based upon the private encryption key.  

9. (CANCELLED).  
10. (CANCELLED).  
11. (CANCELLED).  

12. (ORIGINAL) The cross-domain information transfer system of claim 8 wherein each private encryption key is based upon an Advanced Encryption Standard (AES).  

13. (ORIGINAL) The cross-domain information transfer system of claim 8 wherein each signature key pair is based upon an Elliptic Curve Digital Signature Algorithm (ECDSA).  

14. (ORIGINAL) The cross-domain information transfer system of claim 8 wherein the sender device is configured to process information to generate multiple broadcasts to different domains.  

15. (CURRENTLY AMENDED) A method of cross-domain information transfer comprising: 
operate a sender device, among a plurality of sender devices, comprising a processor and transceiver coupled thereto to receive a respective private encryption key and generate ciphertext from plaintext based upon the private encryption key, 
append a respective attribute for a given domain among a plurality of different domains to the ciphertext, wherein each attribute comprises a binary attribute,
receive a respective secret signing key and generate ciphertext with a concealed attribute from the ciphertext with the appended attribute based upon the secret signing key, and 
broadcast the ciphertext with the concealed attribute; and operate a plurality of domain gateway devices, wherein the plurality of different domains have different security levels associated therewith, 
each domain gateway device is not capable of determining the plaintext and Docket No. RF-1114 (50777) comprising a processor and transceiver coupled thereto, and having a respective attribute associated therewith, 
wherein operating each domain gateway device comprises receiving a respective secret verifying key, 

using the secret verifying key to determine when the concealed attribute matches the attribute associated with the domain gateway device, and, when so, pass the ciphertext to at least one receiver device coupled with the domain gateway device, wherein the at least one receiver device comprises a processor and transceiver coupled thereto, and configured to decrypt the ciphertext into plaintext based upon the private encryption key.  

16. (CANCELLED).  
17. (CANCELLED).  
18. (CANCELLED).

19. (ORIGINAL) The method of claim 15 wherein each private encryption key is based upon an Advanced Encryption Standard (AES).  

20. (ORIGINAL) The method of claim 15 wherein each signature key pair is based upon an Elliptic Curve Digital Signature Algorithm (ECDSA).  

21. (ORIGINAL) The method of claim 15 wherein operating the sender device comprises processing information to generate multiple broadcasts to different domains.


Allowable Subject Matter
Above Claims 1, 5-8, 12-15 and 19-21 are allowed.
The following is a statement of reasons for indication of allowable subject matter.
Cited and relevant prior art of record:
Sakata (US 20200228346 A1),
Audebert et. al. (US 20030005317 A1),
Das et. al. (US 20120331300 A1),
Anezaki et. al. (US 20150172493 A1), and
Young et. al. (US 20100011337 A1).

Sakata discloses a system for determining encryption key and generating signature key pair, where encrypted firmware is generated and sent from a PC, where the encrypted firmware is combined with an encrypted hash, where the combination is transmitted to a receiver in a network, where the data is being decrypted. Audebert discloses the concept of plurality of private keys and different domains, Audebert further discloses an attribute, e.g. a device name, associated with a domain, where Audebert discloses that receiving parties validate the digital certificates, where the digital certificate validation by the receiving party includes comparing the respective reference attributes. Das discloses transmitting to various gateways, and in the instance that a digital signature is valid, and a timestamp difference is less than a threshold, a connection manager on Remote Desktop Gateway can validate a package and initiate a connection sequence. Anezaki discloses gateways which have different security levels set according to places where they are disposed. Young discloses metadata used to 
While Sakata-Audebert-Das-Anezaki-Young disclose the aforementioned concepts, however, none of the above prior arts, individually or in combination, discloses all limitations in the manner recited in the independent claims. Specifically, none of the above prior art discloses the concept of the binary attribute concealed and combined with ciphertext in the manner described where the private key and signature key are used, where domain gateway devices, which are not able to determine the plaintext, determine with their respective secret verifying keys whether their corresponding attribute is a match and accordingly pass the ciphertext to a receiver associated with the domain gateway device. Therefore, the above limitations in conjunction with the remaining limitations of the independent claims render the above independent claims allowable.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705.  The examiner can normally be reached on Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/BASSAM A NOAMAN/Examiner, Art Unit 2497                                                                                                                                                                                                        /ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497