DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement

The information disclosure statement (IDS) submitted on 02/11/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Drawings

The drawings (Figures 1 and 2) are objected to as failing to comply with 37 CFR 1.84(p) (4) because there is no present reference character number for label “Secure Processor” in Figure 1 and no descriptive legend indicating what reference character 108 in Figure 1 represents in the drawings. This creates confusion as to what the reference characters represent without having to view the detail description in the specifications.
In Figure 2 because there are multiple reoccurring labels for different aspects of the drawings. The label “Transaction A1”, “Hash A” and “Hash B” represent reference character 208 and “Transaction AN”, “Transaction BN” and Transaction CN” are all represented by reference character 200. There should be one reference character number assigned to one aspect of the drawing and not one reference character number represent multiple different labels, this creates confusion as to what reference character 200 and 208 are really representing..
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Claim Objections

Claims 1- 5, 7, 9, 11, 12-24 and 26 are objected to because of the following informalities:

In regards to Claim 1, claim 1 has an unnecessary and additional numeric value of 1 that is directly to the left of the claim that should be omitted. Appropriate correction is required.

In regards to Claims 1, 12-22 and 26, the applicant recites the limitation in claim 1, claim 12-22, and claim 26 “at least a heuristic of trust”, but also recites in claim 1 line 1, claim 26 lines 1-2, “heuristic of trust” this becomes unclear and indefinite as to which heuristic of trust the applicant is referred to as it was already recited in the preamble of claim 1 and claim 26. It creates confusion as to if this measurement of determine of heuristic of trust if the same embodiment referred to in claims 1 and 26 or if it is a new embodiment of heuristic of trust corresponding to another component of the exchange between the evaluating and remote devices. The specification states in Par. (0027) “evaluating device 104 may be designed and configured to receive at least a communication from a first remote device 112, determine an identity of the first remote device 112 as a function of the at least a communication, calculate at least a heuristic of trust as a function of the at least a communication and the identity, and assign a first confidence level to the first remote device 112 as a function of the at least a heuristic of trust”. Therefore it will be broadly and reasonable interpreted that the a at least a heuristic of trust is corresponding to the same heuristic of trust recited in the preamble of claim 1 and that the heuristic of trust correlates to the evaluating device which is determining and calculating a specific confidence level in regard to the remote device. Examiner suggest removing “a” in front of heuristic trust to eliminate confusion. Appropriate correction is required.

In regards to Claims 1, 4, 5, 7, 9, 11, 14-20, 22-24 and 26, the applicant recites the limitation “a function” this becomes unclear because “a function” was already recited earlier in claims 1 and 26. This creates confusion as to which function of the Still viewing FIG. 3, determining identity of first remote device 112 may include fingerprinting the first remote device; this may be performed as a function” as well as in Par. (0029) “ fingerprint, and/or a physically unclonable function (PUF), or any other disorder-based security primitive, defined as a function”. Therefore it will broadly and reasonably interpreted that a function corresponds to the heuristic of trust recited earlier in claims 1 and 26 and that a function correlates to any form of hash function, identification fingerprints, PUF, identifier or signature corresponding to determining the heuristic of trust. Examiner suggest using the phrase “the” in front of function to eliminate confusion as well as further define “as a function”. Appropriate correction is required.

In regards to Claim 15, the applicant recites the limitation “a confidence level” on claim 15 line 2, this becomes unclear because a confidence was already recited in claim 1 line 1. This creates confusion as to what kind of confidence level the applicant is referring to as well as if this is a new embodiment of a confidence level or the same corresponding confidence level stated in claim 1. The applicant also does not follow the pattern of the correcting phrasing of “the” in front of confidence level shown n claim 15 line 4 and claim 24 line 1. The specifications state in Par. (0088) “At least heuristic of trust may output a confidence level as defined above as its output, and/or take at a confidence level as an input. Heuristics to infer trustworthiness of nodes and/or remote devices 108” and in Par. (0009) “Systems and methods as described herein may involve computation, calculation, assessment, assignment, or use of a confidence level associated with one or more processes, devices, or data, including without limitation one or more processes, appraisals, and/or cryptographic evaluators as described herein. Confidence level, as used herein, is an element of data expressing a degree to which the safety, security, or authenticity of a process, device, or datum may be relied upon. As used herein, a confidence level may include a numerical score;” Therefore it will be broadly and reasonably interpreted that a confidence level is in relation to the same recited limitation of claim 1 as well a corresponding to a confidence or trust related numerical score, rank, rating or output calculated by the evaluating device. Examiner suggest following the pattern of claims 15 and 24 and using the phrase “the” in front of confidence level. Appropriate correction is required.

In regards to Claim 19 and Claim 22, the applicant recites the limitation “first device” in claim 19 line 2 and claim 22 lines 2-4, this becomes unclear because in independent claim 1 the applicant refers to a first remote device. It creates confusion as to which component first device is referring to, is it the first remote device recited in claim 1 or is it a new embodiment of a first device in conjunction with the evaluating device. The specification state in (Par.(0097) “In an embodiment, and with continued reference to FIG. 3, calculating at least a heuristic of trust may include receiving, from a verified device, a datum identifying the first device, and calculating the at least a heuristic of trust as a function of the datum identifying the first device. Datum identifying first remote device 112 may include a digitally signed assertion generated by the verified remote device 128;”. Therefore it will be broadly and reasonably interpreted that 

In regards to Claim 23, the applicant recites in claim 23, “the at least a first confidence level”, this becomes unclear because in claim 1 the limitation “a first confidence level” is already recited and not the phrasing “the at least a first confidence level” is not defined a recited prior to claim 23. This creates confusion as to which first confidence level the applicant is referring to, if it is correlating to the first confidence level calculated by the evaluating device or a new embodiment and calculation of another first confidence level. The specifications state in Par. (0027) “determine an identity of the first remote device 112 as a function of the at least a communication, calculate at least a heuristic of trust as a function of the at least a communication and the identity, and assign a first confidence level to the first remote device 112 as a function of the at least a heuristic of trust.”. Therefore it will be broadly and reasonably interpreted that the first confidence level is corresponding to a calculated score determined by the evaluating device in regards to a remote device as well as it correlating to the already recited confidence level of claim 1. Examiner suggest removing the phrase “a” in front of first confidence level to eliminate confusion”. Appropriate correction is required.

In regards to Claims 1-5, 12, and 26, the applicant recites the “the at least a communication” in claim 1-5, 12 and 26, this becomes unclear because “a communication” is already recited in claim 1 and 26. This creates confusion as to which communication that correlates to the function of the remote device the applicant is referring to. If it is a new communication paired with a function or the same corresponding communication already recited in claim 1.  The specification states in Par. (0072) “At step 305, evaluating device 104 receives at least a communication from first remote device 112. Evaluating device 104 may receive at least a communication in any suitable form, including without limitation as textual data conveyed via electronic communication. At least a communication may include at least a packet set transmitted over a network; at least a packet set may be transferred over the network according to transfer control protocol/internet protocol (TCP/IP), hyper-text transfer protocol (HTTP), file transfer protocol (FTP), HTTP secure (HTTPS) or the like. At least a packet set may have data organized in one or more fields as described in further detail below; such data may be used for device fingerprinting or other device identification procedures as described in further detail below”. Therefore it will be broadly and reasonably interpreted that a communication corresponds to any request, transmission of data, sender/ receiver pair of information between the remote device and evaluating device in any form such as a message or packet and correlates to the function of the first remote device already recited in claim 1. The Examiner suggests removing the phrase “a” in front of communication to eliminate confusion. Appropriate correction is required.

“a heuristic as a function” should read “a heuristic of trust as a function”. Appropriate correction is required.


Claim Rejections - 35 USC § 103


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



Claims 1-2, 4-5, 11-12, 14 and 26 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") in further view of Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin")
a method of determining a confidence level associated with a device using heuristics of trust, the method comprising: (Par. (0013) “The system includes a continuous authentication confidence module (CACM) configured to determine a confidence score corresponding to a likelihood that an authenticated user ("specific user") remains present during a session. The confidence score may be determined while the session is open based, at least in part, on an expectation of user presence over time.”; determine a confidence level (score) using heuristic of trust (likelihood that an authenticated user [..] presence over time), (Par. (0058) “the confidence score may be configured to decay at a rate related to context data, user history, user behavior, etc. In this example, a time varying decay rate may be determined based, at least in part, on context data, user history, user behavior, environmental factors, perceived risk and/or relative sensitivity of current user activity.”; confidence level with heuristic of trust(behavior, factors over time))
receiving, by an evaluating device, at least a communication from a first remote device; (Figure 1 labels 106a, 102; evaluating device (102) receiving communication from first remote device (106a)), (Par. (0024) “For example, when a communication session is established between user device 102 and, e.g., remote communication partner 106a via network 104, user device 102 may be configured to attest to the remote communication partner 106a”; communication between evaluating device (102) and first remote device (106a)). (Par. (0017) “Communication circuitry 152 is configured to communicate, wired and/or wirelessly, with user device 102”; first remote device (communication circuitry in remote device) sends communication to evaluating device (user device)) 
determining, by the evaluating device, an identity of the first remote device as a function of the at least a communication; (Par. (0046) “user devices including computing devices, physical environment, information captured from computing device sensors (or inferences drawn from that information), preferences, patterns of behavior, and/or any other information useful in identifying a specific user or predicting an activity of the specific user (collectively "context information").”; evaluating device (user device) determines an identity (identifying user))
calculating, by the evaluating device, at least a heuristic of trust as a function of the at least a communication and the identity; (Figure 2 labels 204, 206 and 208; evaluating device (user device) calculates (determines) confidence level (score)) (Par. (0049-0051) “ In some embodiments, parameters relating the magnitude of the initial confidence score to authentication method may be included in CACM data 136 [..]  ACSM 130 is configured to update the confidence score 134 based, at least in part, on one or more ACSM parameter(s) that may be included in CACM data 136. CACM data 136 may further include one or more configuration parameter(s) related to confidence factor(s) and/or operation of CACM 108. CACM data 136 may include characteristics and/or other parameters associated with confidence factor(s). Confidence factor(s) may include, but are not limited to, factor characteristics, including, but not limited to, power consumption, spoofing resistance, confidence gain and/or whether the factor is active and/or passive and a list of available confidence factors [..] ACSM parameters may include parameters relating an initial authentication method and an initial confidence score, parameters associated with adjusting the confidence score 134 based, at least in part, on the expectations of user presence over time.”; ASM in evaluating device (user device) calculates confidence level (score) based on heuristic of trust ((confidence factors over time), (Figure 1 label 146; identity (recognition module) factored in calculation of confidence level (score)), (Par. (0087) “For example, the user may authenticate by providing a password. In another example, the user may authenticate using a fingerprint. An initial confidence score may be determined”; as a function (fingerprint))
assigning, by the evaluating device, a first confidence level to the first remote device as a function of the at least a heuristic of trust; (Par. (0024) “CACM 108 may then be configured to determine the confidence score, as described herein and to provide the confidence score to the remote communication partner 106a.”; confidence level (score assigned (provided) to first remote device (remote communication partner))
However Sheller does not explicitly teach assigning, by the evaluating device, an access right as a function of the first confidence level.
Wherein Baldwin teaches and assigning, by the evaluating device, an access right as a function of the first confidence level. (Page 18 Col 13 lines 16-60: “the user can be granted one or more different levels of access (and in other situations denied at least one level of functionality or access) to the device based at least in part on the verification signature. [..] or fingerprint [..] the user can be provided access to at least a portion of the functionality and/or granted a level of access. For example, at least one of the one or more of the cues (e.g., disparity signature, a determination of a human pulse) can be compared to a model associated with an authorized user of the device to generate a confidence value (or other score) indicative of whether the current user user device (evaluating device) assigning (providing) access rights (grants access) as a function (fingerprint indicative) of the first confidence level ( to generate a confidence value or score))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Baldwin to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller because of the analogous concept of measuring trustworthiness with confidence level to determine the identity and reliability of devices on a network system. Baldwin includes a process of assigning access rights as a function by the evaluating device of a confidence level. This strengthens the integrity of the system as a whole by providing permissions and privileges to only credible and authorized users, by giving access rights to certain devices and lesser access rights to others trustworthy relationships can be more accurately determined. By linking confidence levels with access rights devices on a system accessing medical, financial or personal transactions can be protected and eliminate or lessen the probability of modification or compromise on the users profile or data. This creates a trustworthy system over time by correlating the high or low confidence level to the access rights deemed acceptable by the evaluating device.


In regards to Claim 2, the combination of Sheller and Baldwin teach the method of claim 1, Sheller further teaches the method of claim 1, wherein receiving the at least a communication further comprises receiving at least a packet set over a network. (Par. (0111) “For example, network 104 may comprise a packet switched network. User device 102 may be configured to communicate with network 104 and/or remote communication partner(s) 106a, . . . , 106n using a selected packet switched network communications protocol.”; evaluating device (user device) receiving communication with packet over a network)

In regards to Claim 4, the combination of Sheller and Baldwin teach the method of claim 1, Sheller further teaches the method of claim 1, wherein determining the identity of the first remote device further comprises fingerprinting the first remote device as a function of at least a field parameter of the at least a communication. (Par. (0040) “Sensor(s) 115a, . . . , 115m may be categorized as active and/or passive based, at least in part, on whether user participation may be necessary to capture the sensor input. For example, in order to capture a fingerprint, a user may be asked to sensor on evaluating device (user device) captures fingerprint (as a function)  of first remote device (remote communication partner)), (Par. (0087) “For example, the user may authenticate by providing a password. In another example, the user may authenticate using a fingerprint. An initial confidence score may be determined”; determining identity (authenticating) with fingerprint (as a function) to determine confidence level (score))


In regards to Claim 5, the combination of Sheller and Baldwin teach the method of claim 1, Sheller further teaches the method of claim 1, wherein determining the identity of the first remote device further comprises fingerprinting the first remote device as a function of at least a machine operation parameter described in the at least a communication. (Par. (0040) “For example, in order to capture a fingerprint, a user may be asked to place a finger on a fingerprint sensor sensing surface. If the user does not place his/her finger on the sensing surface, the fingerprint sensor may be unable to capture the fingerprint. Thus, a fingerprint sensor is an active sensor.”; fingerprinting first remote device (user) as a function based on active or passive sensors)), (Par. (0050) “ACSM 130 is configured to update the confidence score 134 based, at least in part, on one or more ACSM parameter(s) that may be included in CACM data 136. CACM data 136 may further include one or more configuration parameter(s) related to confidence factor(s) and/or operation of CACM 108. CACM data machine operation parameters (ACSM of evaluating device) with parameters of biometric sensor data (fingerprints))

In regards to Claim 11, the combination of Sheller and Baldwin teach the method of claim 1, Sheller further teaches the method of claim 1, wherein determining the identity of the first remote device further comprises determining the identity as a function of user profile data. (Par. (0077) “For example, specific user information may include a user preference setting and/or may be included in a user profile stored, e.g., in CACM data 136.”; first remote device (user information) comprises of user profile in CACM of evaluating device determining identity of first remote device), (Par. (0053) “CACM data 136 may include one or more user profiles that may include one or more configuration, ACSM and/or PSDM parameters specific to that user profile (e.g., that may be configured to optimize a particular user experience). For example, one user profile may correspond to the user travel so that electrical power may not be consistently available, thus, this profile may correspond to optimizing battery preservation. Continuing with this example, an authentication technique and presence factor selection may be configured to optimize”; determining identity (authentication) of first remote device (user) comprises of user profile data),

In regards to Claim 12, the combination of Sheller and Baldwin teach the method of claim 1, Sheller further teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises reconciling a first datum of at least a communication to at least a second datum of the at least a communication.  (Par. (0029) “Sensor template storage 117 may include user templates associated with the specific user's biometric data, e.g., the specific user's fingerprint, facial image, iris scan result,”; first datum (specific fingerprint) and second data (specific iris scan) of a communication), (Par. (0031) “the measurement uncertainty value is configured to indicate a confidence level in the human presence data.”; datum used to calculate (indicate) heuristic of trust (confidence level)), (Par. (0051) “an initial confidence score, parameters associated with adjusting the confidence score 134 based, at least in part, on the expectations of user presence over time,”; heuristic of trust (confidence score [..] over time), (Par. (0033) “the recognition module 146 may be configured to compare the user template to the detection output. In another example, recognition module 146 may be configured to compare the user template to the capture output. User presence data is related to a result of this comparison”; reconciling first datum to second datum (comparing outputs of datums (fingerprints, iris scans facial image))

In regards to Claim 14, the combination of Sheller and Baldwin teach the method of claim 1, Sheller further teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: determining a duration of past interaction; and calculating the at least a heuristic as a function of the duration of past interaction (Par. (0083) “based on human presence data, the magnitude(s) of the confidence value(s) may be based, at least in part, on a time duration since the last authentication. For example, relatively longer time intervals may correspond to relatively smaller confidence values.”; confidence levels (values) based on time duration of past interaction (last authentication)), (Par. (0051) “an initial confidence score, parameters associated with adjusting the confidence score 134 based, at least in part, on the expectations of user presence over time [..]adjusting confidence score based, at least in part, on presence data, durations of time intervals between updates,”; determined (calculated) heuristic of trust (confidence score over time) and confidence score based on duration of time)).


In regards to Claim 26, claim 26 is a system claim and recites similar limitations of the method of claim 1 and the teachings of Sheller and Baldwin address all the limitations discussed in Claim 1 and are thereby rejected under the same grounds.


Claim 3 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Melika et al. (U.S Pub. No. 20160350728, hereinafter referred to as "Melika")

In regards to Claim 3, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein receiving the at least a communication further comprises receiving a transaction recorded in a temporally sequential listing.
Wherein Melika teaches the method of claim 1, wherein receiving the at least a communication further comprises receiving a transaction recorded in a temporally sequential listing. (Par. (0019) “In another embodiment of encoding data to currency, a series of records correspond to digital wallets and the amounts in the digital wallets further has an encoded meaning”; temporally sequential (series) of records), (Par. (0054) “the paper title to a distributed consensus network maintaining a cryptographically verifiable ledger utilizing a proof-of-work process to enforce a chronological order amongst logistic transaction records in the cryptographically verifiable ledger. Information associated with the paper title includes; identification of the physical caretaker; identification of the non-monetary asset; and identification of the current owner of the non-monetary asset.”; receiving communication of transaction recorded in temporally sequential order (chronological order)), (Par. (0055) “ the web server associates in the database the receipt record with the encoded identifying information. In step 608, the web server receives a notification from the owner of the of the non-monetary asset to transfer the title to another party.”; receiving communication (receipt record and notification) of transaction (transfer of title)).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Melika to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote 
The motivation to combine these reference is by implementing a temporally sequential listing various records in transaction can be organized in a way that allows the user to verify and authenticate records that are signed in the correct order. This provides freedom and accessibility to the user without making the web browsing experience difficult by numerous security requirements. 

Claims 6 and 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Kruys et al. (U.S Pub. No. 20090031123, hereinafter referred to as "Kruys")

In regards to Claim 6, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein determining the identity of the first remote device further comprises determining a geographic location of the first remote device.
Wherein Kruys teaches the method of claim 1, wherein determining the identity of the first remote device further comprises determining a geographic location of the first remote device (Par. (0044) “In summary, the various embodiments of the invention provide secure remote configuration of a device based on location information of the device to comply with regulatory constraints of the location of use of the device. Location information of a device is obtained when the device is sold, delivered, or activated. A device identity of the device and its location are linked in a location database either in a remote storage 200 or an external storage, such as a memory card 225 or an optical disk 245. The device obtains a location specific S-CF from various storage devices, such as the remote storages 200, using the device identity. The device, subsequently validates the S-CF against an authorized entity, such as a manufacturer, to ensure that configuration of the device is controlled by the authorized entity that is responsible for ensuring that the device operates within regulatory constraints of the location of use of the device”; determining identity of device based on location information.))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kruys to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote 
The motivation to combine these reference is because by using a geographic location to determine the identity of a remote device the system is not only protected from unauthorized user trying to attempt access but also it creates clarity and provides assurances to the user who is evaluating the remote device based on trust. By determining the location of a remote device the system will be able to verify the recorded location and log past interactions to determine if the remote device is communicating from a trustworthy location. 

In regards to Claim 7, the combination of Sheller and Baldwin do not explicitly teach the method of claim 6, wherein determining the geographic location of the first remote device further comprises: identifying an internet protocol address of the first 
Wherein Kruys teaches the method of claim 6, wherein determining the geographic location of the first remote device further comprises: identifying an internet protocol address of the first remote device; and determining the geographic location as a function of internet protocol address (Par. (0041) “At step 525, the S-CF is provided to the device. For example, the remote storage 200 sends the S-CF to the wireless device 100 using a known data transfer protocol, such as Hypertext Transfer Protocol (HTTP) or File Transfer Protocol (FTP).”; wireless devices is sent S_CF (signed configuration file) through internet protocol ( HTTP or FTP) to determine identity of device based on location)), (Par. (0026) “For example, the device identity may comprise a model number and an Internet Protocol (IP) address because a model number can provide a device type and the IP address can provide location information. “; identity od device based on internet protocol address corresponding to geographic location ( location information))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kruys to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the 
The motivation to combine these references is because by using IP address and geographic locations coupled with evaluating a device for trustworthiness it will not only ensure security and protection from harm on a system but allow maximum accessibility and freedom for users in a network to communicate without preliminary or discouraging security requirements. This in return leads to efficient and effective use on a network by giving the user control to determine confidence or trust or remote devices.

Claim 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller"), Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") and Kruys et al. (U.S Pub. No. 20090031123, hereinafter referred to as "Kruys") in further view of Coode et al. (U.S Pub. No. 20180248704, hereinafter referred to as "Coode")

In regards to Claim 8, the combination of Sheller, Baldwin and Kruys do not explicitly teach the method of claim 6, wherein determining the geographic location of the first remote device further comprises determining proximity to a device having a recorded location.
Wherein Coode teaches the method of claim 6, wherein determining the geographic location of the first remote device further comprises determining proximity to a device having a recorded location. (Par. (0065) “the application 134 can be configured to record an initial location of the user and lock 18, e.g. by tracking the GPS location of the wireless mobile device 16, starting when the lock 18 was opened, and by continuously comparing updated GPS locations of the wireless mobile device 16, at least until the lock 18 is locked again. [..] the wireless mobile device 16 to determine proximity to the lock controller 14 and the associated lock 18.”; recorded GPS location is used to determine proximity of other device (wireless mobile device determining proximity to a device)), (Par. (0058) “The wireless mobile device 16 may further include a locating device 137 and an imaging device 138. The locating device 137 may include a global positioning system (GPS) device or radio frequency locating device, Wi-Fi positioning system (WPS), or other locating device,. [..] The imaging device 138 may include a camera, which can be used to capture an image of the physical resource 20, primary lock 18A, secondary lock 18B”; wireless device corresponding to a device having a recorded location (imagining device with lock))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Coode to the determining a confidence level associated with a device using a heuristic of trust by receiving communications 
The motivation to combine these references is by determining a remote device using a geographic location and proximity indicators it can protect the system for potential compromise and interference by evaluating the location and time latency in regards to the proximity of the remote device and monitor how it changes for inconsistencies. This establishes trustworthiness for devices in a close proximity and allows for the verification and evaluation process to be effective and efficiently thorough. 



Claims 9 and 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Guo et al. (U.S Pub. No. 20090300744, hereinafter referred to as "Guo")

In regards to Claim 9, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein determining the identity of the first remote device further comprises: receiving a secure proof from the first remote device; and determining the identity of the first remote device as a function of the secure proof.
Wherein Guo teaches the method of claim 1, wherein determining the identity of the first remote device further comprises: receiving a secure proof from the first remote device; (Par. (0049) “the user device 402 may also request that the remote user device 412 send its security token (received from the account authority service 404 so that the user device 402 can be assured of the identity of the remote user device 412. The security token can also be a public/private key pair in a certificate format and the device 402 would go through a similar process of verifying the signature and obtaining the proof”; determining identity of remote device by receiving secure proof (security token)), (Par. (0014) “Security tokens, for example, provide evidence of the identity of one or more entities (e.g., a user and/or a device) using a unique secret.”; secure proof (security token with secret)), (Par. (0037) “the user device 402 goes through a network challenge and response handshake with the remote user device”; receiving secure proof (challenge and response) from remote device))
and determining the identity of the first remote device as a function of the secure proof. (Par. (0049) “so that the user device 402 can be assured of the identity of the remote user device 412. “; determine the identity (assured the identity of remote device))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Guo to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the identity and reliability of remote devices on a network system. Guo includes a method of determining an identity of a remote device by receiving a secure proof from the remote device. This implements a secret that cannot be recreated or reproduced by possible attackers but contains enough information such as a challenge/response or token   that is enough for the evaluating device to verify or authenticate the remote device. This not only ensures secure connection between the remote and evaluating device but prevents possible compromise or modification from unauthorized users trying to impersonate the emote device using many forms of malware attacks. 
The motivation for combining these references is by receiving a secure proof from the remote device the system can measure a confidence level and establish trustworthiness more efficiently and effectively by implementing the use of a secure 

In regards to Claim 10, the combination of Sheller and Baldwin do not explicitly teach the method of claim 9, wherein the secure proof is by a secure computing module of first remote device.
Wherein Guo teaches the method of claim 9, wherein the secure proof is by a secure computing module of first remote device (Par. (0021) “The user device 102 can provide user credentials and the device certificate to the account authority service 104 in a request for a security token”; computing module (account authority server) with secure proof (security token with secret)), (Figure 3 label “account authority service” and 320”; secure proof (security token with secret) is by computing module (account authority service)), (Par. (0060) “In an example implementation, an account authority service module and other modules”; computing module)
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Guo to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the identity and reliability of remote devices on a network system. Guo includes a method of having the 
The motivation to combine these reference is because by the secure proof coming from a computing module of a remote device it protections the authentication process by making it difficult for unauthorized users to determine the outputs or secret contained in the security proof. This discourages attackers from cyber-crimes and promotes the freedom and maximum accessibility of users in a network y permitting their free flow of exchange and use of web browsing components and ensures a trust-based system of communication.

Claims 13, 15 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Borean et al. (U.S Pub. No. 20150120679, hereinafter referred to as "Borean")

In regards to Claim 13, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least a heuristic of trust further comprises reconciling a first geographic location determination with at least a second geographic determination.
Wherein Borean teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises reconciling a first geographic location determination with at least a second geographic determination. (Figure 3 label 310, 312; calculating confidence level and reconciling (comparing) geographical location (additional information with heuristic of trust (trustworthy information), (Par. (0029) “The comparison module 212 that compares the additional information with trustworthy information from a database is compared to verify an accuracy of the additional information. The comparison of the one or more entities may be based on a calculation formula [..] optimal match [..] The optimal match includes the data obtained from a comparison between one or more heterogeneous entities. The optimal match may include a comparison of context sensitive elements such as name, location information, [..] The comparison may be between the heterogeneous entity 108A and the heterogeneous entity 108N”; reconciling (comparison) between first geographical location (entity 108 with location information) and second geographic location (entity 108N with location information))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Borean to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote 
The motivation to combine these reference because by reconciling a first geographic location to determine a second one it creates a location-based identification system that determines confidence level and trustworthiness based on the position. This provides a secure and protected environment that lessens the likelihood of unnecessary risk or vulnerability by constantly factoring in the confidence level and trust in conjunction with geographic locations. This in return leads to the strengthening in integrity of the network and allows the evaluating device to determine trustworthy devices in proximity. 

In regards to Claim 15, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: determining a confidence level of at least a second device associated with the first remote device through transactions; and calculating the at least a heuristic of trust as a function of the confidence level of the at least a second device.
Wherein Borean teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: determining a confidence level of at least a second device associated with the first remote device through transactions (Par. (0012) “identifying the individual from the one or more identities and the associated data based on the confidence level and the accuracy”; determining (identifying) one or more identities with confidence level), (Par. (0022) “hen additional information associated with one or more identities is obtained. A confidence level is obtained for the additional information. Based on the confidence level, an individual is identified from one or more entities and associated data”; first and second device (entities) associated with confidence levels), (Figure 1 labels 108A and 108N; first and second devices (entities) and second confidence level with second device (entity 108N)) (Par. (0030) “The optimal match includes the data obtained from a comparison between one or more heterogeneous entities. The optimal match may include a comparison of context sensitive elements such as name, location information, relationships, behavior's, transactions, interaction”; through transactions) (Par. (0032) “The data may include additional information such as location distance from geo-location tagged information, etc., time distance from references tagged in information, tweet text, transactional confidence level through transactions) 
and calculating the at least a heuristic of trust as a function of the confidence level of the at least a second device (Par.  (0028) “The confidence level identifying module 210 that calculates a confidence level for the additional information. In one embodiment, the confidence level is derived based on at least one of (i) a quality, or (ii) an origin of the associated data. For example, the confidence level may be determined to calculate data quality for an entity A and a second entity B”; first and second confidence levels calculated (entity A and second entity B), , (Par. (0025) “The additional information with trustworthy information”; heuristic of trust (trustworthy information))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Borean to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the identity and reliability of remote devices on a network system. Borean includes a process of calculating trust by determining a confidence level of a second device associated with a first remote device and implementing a method of calculating that trust on the second remote device. This reduces the chances of the system being 
The motivation to combine these references is because by having a second device linked with a confidence level associated with the first, versatility in the network is created and in return allows users to better determine trustworthiness based on behaviors of multiple devices. 

In regards to Claim 18, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: evaluating a degree of stake in at least a transaction to which the first device is a party; and calculating the at least a heuristic of trust as a function of the degree of stake.
Wherein Borean teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: evaluating a degree of stake in at least a transaction to which the first device is a party; (Par. (0032) “The data may include additional information such as location distance from geo-location tagged information, etc., time distance from references tagged in information, tweet text, transactional information from references in tweet text such as purchases, deliveries, returns, etc., a transaction), (Par. (0033) “In one embodiment, matching an internal customer's name that has a high degree of trust to a name from a Twitter.RTM. user yields a lower match confidence because Twitter.RTM. as a data source has less trust worthy data and the name is not verified as a known name.”; degree of stake is a party (customer name with high degree of trust vs user low match confidence), (Par. (0051) “In example embodiment, information from a tweets may include transaction information like "Bought a Dishwasher" and "Delivery", time information like tweet times, and "Delivery on Monday", location information like Reno WH store in Estero Fla., and interaction information like "Entered store in Estero Fla.". This additional information may be possible to match the John Smith Twitter.RTM. user to an internal customer record with a very high degree of confidence because the probability that two John Smith customers would have purchased a dishwasher on the same day from the same store with delivery on the same day would be less or not possible.”; determining degree of stake of a party (customers with purchase of high degree of confidence))
and calculating the at least a heuristic of trust as a function of the degree of stake. (Par. (0033-0035) “the entity matching server 110 further include a weight assigning module that assigns a weight for the additional information to derive the confidence level.  [..]  The trust measure may be expressed as a weighted-sums formula where each trust dimension is given a weight and the sum of the weights is 100 so the result can be expressed as a percentage. In one example embodiment, the trust measure of a user's location data can be calculated as: Location trust=70%*Quality calculating heuristic of trust because of degree of stake (additional information that includes higher or lower degree of trust and confidence of transaction))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Borean to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the identity and reliability of remote devices on a network system. Borean implements a process of calculating trust by evaluating a degree of stake of a transaction of a first device as a party and calculating trust as a function of the degree of stake. This becomes significant for devices exchanging values or financial transactions where large sums of money are involved. By equating a degree of stake in the process, larger transactions can be evaluated by a device to having low confidence and provide clarity and accurate calculations of trust in a system.
The motivation to combine these references is by implementing a degree of stake on a first remote device the evaluating device can assign high or low confidence . 

Claim 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Sharifi Mehr et al. (U.S No. 9749305, hereinafter referred to as "Sharifi Mehr")


In regards to Claim 16, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: determining a most recent time of past interaction; and calculating the at least a heuristic of trust as a function of the most recent time of past interaction.
Wherein Sharifi Mehr teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: determining a most recent time of past interaction; (Page 17 Col. 12 lines 19-27.   “The observed instances column 506 may include a tally for each time a user-agent/cipher suite pairing is observed within one or more request logs. The tally may be cumulative over the entire analytical period ”; logs of the most recent time of past interactions (analytical period user agent is observed)
and calculating the at least a heuristic of trust as a function of the most recent time of past interaction. (Page 17 Col 12 lines 37-67 “Once the network security service has determined the number of observed instances for each user-agent/cipher suite pairing, the network security service may determine a confidence score for each user-agent/cipher suite pairing. For instance, in some embodiments, a higher confidence score may be assigned to a user-agent/cipher suite pairing that has been observed a substantial amount of times over a particular period [..] this column may be utilized to calculate the confidence score (e.g., communications .”; recent time of interaction (determine number of observed instance user agent over amount of time over a particular period), calculated confidence score (heuristic of trust), (Page 15 Col. 8 lines 35-45 “a confidence score which may be indicative as to whether the user-agent/cipher suite pairing may be trusted”; heuristic of trust (confidence score with trust))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Sharifi Mehr to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness 
The motivation to combine these references is because by implementing a recent time or history log as a factor in calculating trust it provides effective and efficient analysis to securely protect the network from harmful activity and be aware as well as instances with high confidence levels that are welcomed. This in return leads to maximum accessibility of users and permitting freedom of control and privacy for users in a permit trust-based system. 

Claim 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Pakhchanian et al. (RU No. 0002571396, hereinafter referred to as "Pakhchanian")

In regards to Claim 17, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least heuristic of trust further 
Wherein Pakhchanian teaches the method of claim 1, wherein calculating the at least heuristic of trust further comprises: determining a degree of obscurity of the first remote device; (Par. (46) “After the data collected by the remote verification devices (104) is”; first remote device), (Par. (46) “ After each verification step (at step 320), the obtained confidence levels and the number of valid uncertainly recognized characters can be analyzed in order to determine whether the document verification process is completed.”; determining degree of obscurity ( number of uncertain characters))
and calculating the at least a heuristic as a function of the degree of obscurity. (Par. (46) “f the value of the confidence level exceeds the selected threshold value, then the hypothesis is confirmed (i.e., it is considered true, and the uncertainly recognized symbol is verified); if the confidence level is less than the selected threshold value, but higher than the selected minimum confidence value (for example, 0% when measuring the confidence level in percent)”; calculating (measuring) confidence score based on degree of obscurity ( uncertainly recognized characters/symbols)), (Par. (53)  “The recognized character set that is contained in the document is returned to the server (102). In a project, each document has a unique identifier called a “global unique identifier” (GUID). [..] Each element of the array (620) in the array corresponding to the document can contain the ordinal number of the corresponding character in the document (character identifier, ID), the characteristics of the font of this character,”; as a function (symbol/character identifier or ID))

The motivation to combine these references is because by determining early on any obscurities or possible issues in the network it can lead to a more effective evaluation or remote devices unhindered or interrupted by issues that can interrupt the evaluation process. This in return leads to users in network being ensured with proper security measures by factoring in the calculation any/ all obscurities that could cause harm to their interactions/ transaction while browsing the web.  

Claim 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Kortina et al. (U.S Pub. No. 20110137789, hereinafter referred to as "Kortina")

In regards to Claim 19, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: identifying a plurality of transactions performed by first device; deriving an average transaction amount of the plurality of transactions; and calculating the at least a heuristic of trust as a function of the average transaction amount.
Wherein Kortina teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: identifying a plurality of transactions performed by first device;  (Par. (0021) “FIG. 9a illustrates one example embodiment of a system for analyzing fraud and/or evaluate trustworthiness of a given transaction, or group of transactions, based on the financial trust graph.”; calculating heuristic of trust  ( evaluating trustworthiness) by identifying plurality of transactions (group of transactions), (Par. (0042) “user interface for conducting transactions within the system, such as those described previously. When a user, e.g., user A is logged into the system and is viewing a profile page 165 of another user, e.g., user B, user A sees some basic information and a list of actions within the trust based financial system. The basic information includes identifying the user profile”; identifying transactions of first device (User A))
deriving an average transaction amount of the plurality of transactions; (Par. (0121) “a method for calculation  [..] other data points such as the average dollar amount of each transaction”; deriving or calculating average transaction amount (average dollar amount of each transaction))
and calculating the at least a heuristic of trust as a function of the average transaction amount (Par. (0121) “users could also be components of calculating the trust score.”; calculating heretic of trust (trust score), Par. (0159) “a process for conducting trust based transactions based on identification and analysis of trusted relationships through the disclosed principles herein”; heuristic of trust (trust score with analysis (over time) of trusted relationships) as a function (identification))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Kortina to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the identity and reliability of remote devices on a network system. Kortina includes a method of identifying a plurality of transactions and deriving an average of the amount of transactions as well as calculating trust based on that average. This allows the system to assign higher or lower confidence levels to certain transactions based on the average transaction amount. This in return provides clarity to the user on devices when 
The motivation to combine these references is because it provides and effective and efficient process in the evaluating device to assign confidence levels based on the average amount. This proves useful for transactions for users browsing the web and allows devices freedom and control of their own privacy while still being able to identify levels of trust in transactions as well as helps the evaluation process use transactions as a form of comparison in return protecting the integrity of the network from harm. 

Claim 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Guttmann et al. (U.S Pub. No. 20180336509, hereinafter referred to as "Guttmann")

In regards to Claim 20, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: determining a second confidence level in the identity of the first remote device; and calculating the at least a heuristic as a function of the second confidence level.
Wherein Guttmann teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises: determining a second confidence level in the identity of the first remote device; (Par. (0239) “obtaining a second group of confidence levels associated with a second assignment of labels to data-points, determining (generating reading obtaining) second confidence level) of identity of first remote device (external device)),
and calculating the at least a heuristic as a function of the second confidence level.  (Par. (0226) “assigning confidence levels to the assigned labels (Step 1440) may comprise calculating confidence levels corresponding to the labels”; calculating confidence levels), (Par. (0239) “obtaining a second group of confidence levels associated with a second assignment of labels to data-points [..] output confidence levels corresponding to the labels”; second confidence level (second group of confidence levels) being calculated (outputted)), (Par. (0200) “the properties of a machine learning training task may include identifiers of a dataset of datasets 610 and/or an annotation of annotations 620 and/or a view of views”; as a function (data set or data points having ID or identifier)), 

The motivation to combine these references is because by factoring a second confidence level in the calculation the network system as a whole can have a means of comparison to devices an assign higher and lower confidence levels. This provides parity to the system and allows the evaluating device to better determine and analyze devices that are trustworthy and remote devices that pose as a risk with low confidence levels. This in return prevents the system from harmful activities and attacks and provides assurance to users conducting various financial transactions that their communication is secure and protected. 

21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Eksten et al. (U.S Pub. No. 20180157825, hereinafter referred to as "Eksten ")

In regards to Claim 21, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein calculating the at least a heuristic of trust further comprises performing a trusted time evaluation of at least an action performed by the at least a cryptographic evaluating device.
Wherein Eksten teaches the method of claim 1, wherein calculating the at least a heuristic of trust further comprises performing a trusted time evaluation of at least an action performed by the at least a cryptographic evaluating device. (Par. (0084) “The trust level module 41 may calculate a level of trust for a component 24 for a new function or purpose. The trust level module 41 may calculate a new level of trust for a component 24 for the new function based on already calculated trust levels associated with the component 24 for different functions purposes”; evaluating device (trust level module) calculating heuristic of trust of component 24), ( Par. (0123) “A digital signature 2250b may include data blocks representing one or more fields of information regarding component 24b. For example, digital signature 2250b may include one or more of the following fields: digital certificates 2420, timestamp (including date) 2430, trust level 2440, function or purpose”; time evaluation (time stamp with signature) corresponding to component 24 evaluation on evaluating device (trust level module))

The motivation to combine these references is because by implementing a time evaluation or timestamp with a signature it will provide a secure and verified line of communication that can determine and identify the rightful remote devices to the corresponding access and level of communication. This establishes trust and prevents compromise from remote devices that do not correlate to the correct timestamp. In return maintaining the integrity of the network as a whole.
Claim 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin hereinafter referred to as "Baldwin") in further view of Dave et al. (U.S Pub. No. 20200067944, hereinafter referred to as "Dave ")

In regards to Claim 22, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, calculating the at least a heuristic of trust further comprises: receiving, from a verified device, a datum identifying the first device; and calculating the at least a heuristic of trust as a function of the datum identifying the first device.
Wherein Dave teaches the method of claim 1, calculating the at least a heuristic of trust further comprises: receiving, from a verified device, a datum identifying the first device; (Par. (0030) “Device configurations and methods discussed herein allow for a trust level to be provided for nodes and devices of a network in addition to device issued certificates [..] only the highly secured devices would be able to maintain high trust scores.”; verified device (secured device with high trust scores)), (Par. (0047) “When requests by the second device match an expected requirement, the first device may view the interaction positively leading to a higher trust score calculation [..] For devices associated with a location, when a new device is present on the network a first device associated with the location may notify and/or receive a notification from the second device. Based on the identification information received from the second device”; verified device (second device with high trust score) receiving datum (identification) identifying first device))
and calculating the at least a heuristic of trust as a function of the datum identifying the first device (Par. (0047) “Based on the identification information calculating (determining) heuristic of trust (trust score) as a function (identification) identifying first device),
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Dave to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the identity and reliability of remote devices on a network system. Dave includes a method of receiving a datum identifying a first device by a verified device, this creates trustworthiness and reliability on a network by allowing a verified high confidence level of a device receiving datum identifying another remote device. This prevents impersonation, compromise and modification from unauthorized devices because of the verified and high level of confidence receiving and determining the rightful identity of a remote device.
The motivation to combine these references is because by receiving and calculating datum by a verified high confidence level device correlating to the identity of a remote device it allows the evaluation of trust towards devices to be even more effective and efficient because of the high threshold and extremely high confidence level of verified devices. This in return protects and secure the network by having a trusted . 

Claim 23 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Appel et al. (U.S Pub. No. 20110241899, hereinafter referred to as "Appel")

In regards to Claim 23, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein: the at least a heuristic further comprises a plurality of heuristics; and assigning the at least a first confidence level further comprises: aggregating the plurality of heuristics; and assigning the at least a first confidence level as a function of the aggregated plurality of heuristics.
Wherein Appel teaches the method of claim 1, wherein:  the at least a heuristic further comprises a plurality of heuristics; and (Par. (FIG. 4 is a portion of a spreadsheet showing a number of heuristics applied to sets of passages through gantries for a number of vehicles”; plurality of heuristics (number of heuristics))
assigning the at least a first confidence level further comprises: (Par. (0025) “FIG. 1 is a confidence level. Confidence levels are described and shown below. Depending on how the road user charging system 100 is implemented, the gantries 110 may calculate a confidence level, or another element, such as the back office 170, may calculate the confidence level.”; confidence levels), (Par. (0030) “where each passage has an associated confidence level.”; assigning of confidence level)
aggregating the plurality of heuristics; and (Par. (0039) “It should be noted that multiple heuristics may be combined: for example, a score for heuristic 420-1 could be added to the score for heuristic 420-1 and the result divided by two.”; aggregating (combining) plurality of heuristics (multiple heuristics) 
assigning the at least a first confidence level as a function of the aggregated plurality of heuristics. (Par. (0031) “Each passage through a gantry is associated with a corresponding confidence level, CL1, CL2, or CL3. The confidence levels in this example are a determination by a gantry as to the probability that the ANPR determination for the vehicle is correct.”; plurality of heuristics corresponding to gantries assigning confidence levels), (Par. (0040) “Referring now to FIG. 5, this figure shows a portion of a spreadsheet showing a single of heuristic (heuristic 420-1 above) applied to sets of passages through gantries for a number of vehicles, where each passage has an associated confidence level, and where a ranking has been performed based on scores”; assigning confidence level to heuristics), (Par. (0039) “It should be noted that multiple heuristics may be combined: for example, a score for heuristic 420-1 could be added to the score for heuristic 420-1 and the result divided by two.”; plurality of heuristics (multiple heuristics may combined), (Par. (0019) “The application of the one or more heuristics results in one more scores. The scores are then compared, generally by ranking the scores, to determine which users (e.g., identified by vehicle identifications”; as a function (identification in correlation to heuristics and confidence scores))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Appel to the determining a confidence 
The motivation to combine these reference is because by grouping or aggregating heuristics and assigning confidence levels to the plurality of heuristics it provides means of comparison and allows devices in interactions to identify lower or high aggregated heuristics with confidence levels to prevent interaction/ transaction with susceptible remote devices and thus protecting and securing their confidential data on the network.  

24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller") and Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") in further view of Vickery et al. (U.S Pub. No. 20190109871, hereinafter referred to as "Vickery")

In regards to Claim 24, the combination of Sheller and Baldwin do not explicitly teach the method of claim 1, wherein assigning the confidence level further comprises: retrieving a second confidence level associated with the first remote device; and assigning the first confidence level as a function of the second confidence level.
Wherein Vickery teaches the method of claim 1, wherein assigning the confidence level further comprises: retrieving a second confidence level associated with the first remote device; (Par. (0016) “The method may further include receiving, for a domain, trust scores provided by a first set of users of the plurality of users, where a trust score provided by a user of the first set of users is indicative of a level of trust in the domain for the user. The method may further include computing a trust score for each user of a second set of users of the plurality of users and calculating an overall trust score”; second confidence level ( plurality of trust scores, first and second set), (Par. (0059) “For example, a first trust score for the domain may be 2, a second trust score for the domain may be 4, and a third trust score for the domain may be 3”; second confidence level (second trust score)) , (Par. (0073) “calculate an overall trust score for a domain based upon cluster trust scores according to certain embodiments. The processing depicted in FIG. 10 may be implemented in software (e.g., code, instructions, program) executed by one or more processing units second confidence level (second trust score) in remote device (processor))
and assigning the first confidence level as a function of the second confidence level. (Par. (0090) “First cluster 1310 also includes three users [..] Accordingly, to keep the proportion of specified trust scores, a first unspecified trust score may be replaced with a 2”; assigning first confidence level (first trust score) with second confidence level (second trust score),  (Par. (0095) “create and store information in SNS data store 1530 about the user, often referred to as a user profile. The user profile may include the user's identification information,”; as a function (user with identification information))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Vickery to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote device, calculating a confidence level and assigning a confidence level to the remote device by the evaluating device teachings of Sheller and a process of assigning access rights as a function by the evaluating device of a confidence level teachings of Baldwin because of the analogous concept of measuring trustworthiness and determining the identity and reliability of remote devices on a network system. Vickery includes a method of retrieving a second confidence level associated with a remote device and assigning a first confidence level as a second confidence level. This creates parity and protects the integrity of the network as a whole. By assigning a first confidence level to a second confidence level as a function a trusted identity is established and can be 
The motivation to combine these references is because by having multiple confidence levels the system can establish trust in transactions of financial, medical or personal interactions where identifying trusted device with high confidence levels are needed. This in return protects the network system from harm and from susceptible confidence levels that could lead to risk and vulnerability. 


Claim 25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Sheller et al. (U.S Pub. No. 20140366111, hereinafter referred to as "Sheller"), Baldwin et al. (U.S No. 9607138, hereinafter referred to as "Baldwin") and Appel et al. (U.S Pub. No. 20110241899, hereinafter referred to as "Appel") in further view of Saboori et al. (U.S Pub. No. 20140359281, hereinafter referred to as "Saboori")

In regards to Claim 25, the combination of Sheller, Baldwin, and Appel do not explicitly teach the method of claim 23, wherein retrieving the second confidence level further comprises: evaluating an assertion, in a temporally sequential listing of assertions, assigning the second confidence level to the first remote device.
Wherein Saboori teaches the method of claim 23, wherein retrieving the second confidence level further comprises: (Par. (0047) “the evaluation by clients second confidence level (trust level) is retrieved (identify))
evaluating an assertion, in a temporally sequential listing of assertions, (Par. (0027) “a sequence of certificate authorities 108 back to a root certificate authority may be evaluated; e.g., if any of the certificate authorities 108 in the sequence by which a certificate 106 was issued has been compromised,”; evaluating an assertion (signed certificate) in temporally sequential listings of assertions (sequence of certificate authorities)), (Par. (0029) “a signature of the first certificate 106”; assertion (signature with certificate)
assigning the second confidence level to the first remote device. (Par. (0031) “upon receiving a certificate 106 for a domain 110, a client 102 may ascribe to the certificate 106 and the domain 110 a trust level proportional to a certificate authority trust level 212 of the certificate authority 108 apparently issuing the certificate 106”; assigning confidence level (trust level) to first remote device (client)), (Par. (0036) “a device having a processor (e.g., a server providing a certificate authority trust service 202 on behalf of a set of clients 102”; first remote device (client correlating to device with processor)), (Figure 3 label 316; assigning (distributing) confidence levels (trust sets with trust levels)) to first remote device (clients with device processors))
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Saboori to the determining a confidence level associated with a device using a heuristic of trust by receiving communications from a remote device to an evaluating device, determining the identity of the remote 
The motivation to combine these reference is because by evaluating assertions in a temporal sequential listings it not only makes the assertions cryptographically secure but makes the evaluation process more effective and efficient by organizing the digitally signed assertions in a way that the order correlates to rightful assigning of confidence levels, assuring users in communication that the signed and protected transactions would not be compromised and trust can be established towards identifying remotes devices in network as a whole. 




Relevant Prior Art

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

Baalke; Uriah (U.S Pub. No. 20180329418 “METHODS FOR AUTONOMOUSLY NAVIGATING ACROSS UNCONTROLLED AND CONTROLLED INTERSECTIONS”. Considered this reference because it addressed multiple confidence levels that were calculated and measured in a remote device. 

Kaehler; Adrian (U.S Pub. No. 20180034642) “SECURE EXCHANGE OF CRYPTOGRAPHICALLY SIGNED RECORDS”. Considered this application because it relates the signed assertions portion of the claims that discusses a signature corresponding to a user remote device.

Camenisch; Jan (U.S Pub.  No. 20090271618) “ATTESTATION OF COMPUTING PLATFORMS”. Considered this application because it addressed trusted platform modules and establishing trust through a verification process using hash from configured measurements and algorithms much like the hash’s used in Figure 2 of the instant application.


Conclusion


Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN A HUSSEIN whose telephone number is (571)272-3554. The examiner can normally be reached on 7:30am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/HASSAN A HUSSEIN/ 
Examiner, Art Unit 2497
/ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497