Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action
This communication is in response to the application filed on 10/01/2018. In which Claims 1-20 are presented for examination.
Drawings
The applicant’s drawings submitted on 10/01/2018 are acceptable for examination purposes. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not 


Claims 1-7, 9-17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Narasimhan U.S. Publication No. 20130196708 A1, in view of Gamer US 20120284773 A1.
As to claim 1, Narasimhan discloses an access point (Narasimhan Fig. 3A) [Access point 320], comprising: an interface circuit that is configured to communicate with an electronic device and with other access points in a wireless local area network (WLAN), wherein the access point is configured to (Narasimhan Fig. 3B, Pa. [0128]) [As used herein, "wireless local area network" (WLAN) generally refers to a communications network links two or more devices using some wireless distribution method (for example, spread-spectrum or orthogonal frequency-division multiplexing radio)]: determine and store topography information specifying radio-frequency (RF)  (Narasimhan Fig. 3B, Pa. [0101]) [determination of the subset of wireless network devices to which the second level security keys will be pro-actively propagated can be made based on the mobility patterns of the wireless client and/or the radio frequency statistics] radio-frequency (RF)-neighbor access points for the access point and the other access points (Narasimhan Fig. 3B, Pa. [0099]) [each wireless network device may have a list of its closest neighbors. This list can be utilized to determine the subset of wireless network devices to which the second level security keys (e.g., PMK-R1s) for the wireless client will be pro-actively propagated] based on the communication between the access point and the other access points (Narasimhan Fig. 3B, Pa. [0095]) [Each wireless network device (e.g., wireless network device II 428) in the neighborhood of client 410 listens to connection requests, such as probe requests, association requests,
authentication requests, etc)]; when the access point associates with the electronic device, designate the access point as a master access point in the WLAN (Narasimhan Fig. 3B, Pa. [0027]) [WLAN] for the electronic device (Narasimhan Fig. 3B, Pa. [0071]) [Upon successful association between client 310 and access point 320, the supplicant's first level key holder (e.g., S0KH) on client 310 and the authenticator's first level key holder (e.g., R0KH) on access point 320)]; generate, based on a pre-shared key (PSK), a pairwise master key (PMK) associated with the access point and the electronic device (Narasimhan Fig. 3B, Pa. [0034]) [MSK 204 or PSK 206 is used to derive the first level pairwise master key (e.g., first level key 225 or PMK-R0 under IEEE 802.11r) on both the supplicant and authenticator] [0086] [The first level key holder 420 uses the information it has, including MSK or
PSK, to derive a first level security key (e.g., PMK-R0) and the second level security keys (e.g., PMK-R1) as shown by operation 465.)] [The first level key holder 420 uses the information it has, including MSK or PSK, to derive a first level security key (e.g., PMK-R0) and the second level security keys (e.g., PMK-R1) as shown by operation 465)]; using a four-way handshake with the electronic device, calculate a pairwise transient key (PTK) to enable secure communication with the electronic device (Narasimhan Fig. 3B, Pa. [0092]) [client 41 0 completes a 4-way handshake 480 with wireless network device I 418 to derive a derived key
(e.g., PTK) ... Thereafter, client 410 can use the derived security key to start secured data transmission with wireless network device 1418 as shown by operation 485)]; generate and distribute secondary PMKs to RF-neighbor access points of the access point based on the topography information (Narasimhan Fig. 3B, Pa. [0044]) [from the first level PMK (e.g., PMK-R0), a set of unique second level PMKs (e.g., PMK-R1s) is derived on the supplicant and the authenticator, whereas each second level PMK (e.g., PMK-R 1 under IEEE 802.11 r) corresponds to a second level key holder (such as an access point) in the network. The first level key holder (e.g., ROKH under IEEE 802.11 r) then distributes, through a mutually-authenticated and confidential connection, each second level PMK (e.g., PMK-R1) to its corresponding second level key holder)] [0098-0099] [the first level security key holder (e.g., R0KH) can pro-actively propagate the second level security keys (e.g., PMK-R1s) to other wireless network devices (e.g., R1KHs) based on a neighborhood list associated with the client...each wireless network device may have a list of its closest neighbors)], wherein each of the secondary PMKs are unique (Narasimhan Fig. 3B, Pa. [0106]) [Note that the second level security key is specific to each combination or pair of the client and the second level key holder)], and wherein the secondary PMKs facilitate fast basic service set (BSS) transitions with the electronic device when a handover occurs without using the four- way handshake to establish secure communication with the electronic device (Narasimhan Fig. 3B, Pa. [0017]) [Embodiments of the present disclosure relate to wireless mobile device handoffs in general, and fast BSS transition mechanisms in particular] [0088] [the first level key holder (e.g., R0KH) can proactively propagate 490 the second level keys (e.g., PMK-R1) to a subset of second level key holders (e.g., R1 KHs) prior to client 410 roams to any neighboring wireless network device ... Therefore, when client 410 eventually decides to initiate a BSS transition to a neighboring wireless network device (e.g., the other second level key holder), its second level security key (e.g., PMK-R1) for that particular second level key holder (not shown) and client 410 would have already been propagated and thus available to the other second level key holder of client 410. As such, the other second level key holder does not need to obtain second level key (e.g.,
PMK-R1) from firs.I level key holder 420 (e.g., R0KH) when client 410 initiates the BSS transition to the other second level key holder. Accordingly, the pro-active propagation of leveled security keys would reduce the lime it takes to complete the Fast BSS Transition (FT) protocol]; and in response to the association information: provide, instructions to delete the secondary PMKs at the RF-neighbor access points of the access point (Narasimhan Fig. 3B, Pa. [0089]) [the second level security key (e.g., PMK-R1) will be removed from the second level key holder 425 (e.g., R1KH) when client 410 initiates another IMDA, or based on when client 410 is no longer associated with the network. For example, client 410 may be regarded as no longer associated with the network when client 410 disassociates with, or de-authenticates from the network)]
It is noted that Narasimhan does not explicitly disclose receive association information from a second access point in the RF-neighbor access points of the access point that indicates that the electronic device has associated with the second access point; and provide additional secondary PMKs to RF-neighbor access points of the second access point.   
Gamer discloses receive association information from a second access point in the RF-neighbor access points of the access point that indicates that the electronic device has associated with the second access point (Gamer Pa. [0082]) [With this distribution strategy, a later handover procedure of the station to the new access node MAP4 can also be performed without additional communication with the MDC and the PMK-R0 key holder. However, following a successful handover procedure, the access node MAP1 as the PMK-R0 key holder must be notified)]; and provide additional secondary PMKs to RF-neighbor access points of the second access point (Gamer Pa. [0082]) [following a successful handover procedure, the access node MAP1 as the PMK-R0 key holder must be notified in order for it to be able to derive additional PMK-R0 keys and distribute them to additional access nodes that are adjacent to the new access node MAP4. In the above example, these are the access nodes MAP2 and MAPS)].   
Thus, Before the effective filing date of the claimed invention it would have been obvious to one of ordinary skill in the art, to modify the teaching of Narasimhan to transmit a second key for securing the connection between a terminal and the second access node through the data communications device via secured connections and through addressing using the address codes as disclosed by Gamer, to gain the advantage of  getting wireless connection more secure.



As to claims 11 & 20, claims 11 & 20 recite the claimed that contain respectively similar limitations as claim 1; therefore, they are rejected under the same rationale.

As to claim 2, Narasimhan discloses wherein the communication between the access point and the other access points (Narasimhan Fig. 3B, Pa. [0022]) [only the first level key holder (and not the second level key holder) will send the second level keys to the second level key holders (e.g., access points in the network)) (Para[0071]; the authenticator's first level keyholder (e.g., R0KH) on access point 320)] include wired communication, wireless communication or both (Narasimhan Fig. 3B, Pa. [0126]) [the term "interconnect" or used descriptively as "interconnected" is generally defined as a communication pathway established over an information-carrying medium. The "interconnect" may be a wired interconnect, wherein the medium is a physical medium (e.g., electrical wire, optical fiber, cable, bus traces, etc.), a wireless interconnect (e.g., air in combination with wireless signaling technology) or a combination of these technologies.)]

As to claim 12, claim 12 recites the claimed that contain similar limitations as claims 2; therefore, it is rejected under the same rationale.

As to claim 3, Narasimhan discloses wherein the PSK includes Extensible Authentication Protocol (EAP) parameters; and RUC0100-USwherein the access point obtains the EAP parameters from a server when authenticating the electronic device in the WLAN Narasimhan Fig. 3B, Pa. [0033]) [Authentication server 200) when authenticating the electronic device in the WLAN (Para (0031]; The first level security key holder 220 interacts with the IEEE 802.1X authenticator 200 to receive MSK 204 or PSK 206, which results from an Extensible Authentication Protocol (EAP) authentication.)]

As to claim 13, claim 13 recites the claimed that contain similar limitations as claims 3; therefore, it is rejected under the same rationale.

As to claim 4, Narasimhan discloses wherein the PMK is generated using a secure hashing function based on the PSK (Narasimhan Fig. 3B, Pa. [0043])  [the input used to derive the first level security key can be a fixed string input to a one-way hash function, such as a KDF-384 hash function.)]
 
As to claim 14, claim 14 recites the claimed that contain similar limitations as claims 4; therefore, it is rejected under the same rationale.

As to claim 5, Narasimhan discloses wherein the four-way handshake is compatible with an IEEE 802.11i standard and the fast basic service set (BSS) transitions is compatible with an IEEE 802.1 lr standard (Narasimhan Fig. 3B, Pa. [0003]) [The 4-way handshake is used by an IEEE 802.1X supplicant and an authenticator to derive Pairwise Transient Keys (PTKs) which are used for encrypting data frames. PMK Caching ... the 4-way handshake.) is compatible with an IEEE 802.11i standard (Para[0003]; the current IEEE 802.11i standard (Medium Access Control Security Enhancements) provides pre-authentication and Pairwise Master Key (PMK) caching.) and the fast basic service set (BSS) transilions(Para(0030]; Fig. 2 illustrates an exemplary hierarchical security key management scheme used in fast BSS transition.) is compatible with an IEEE 802.11 r standard.(Para[0034]; first level key 225 or PMK-R0 under IEEE 802.11r)]

As to claim 15, claim 15 recites the claimed that contain similar limitations as claims 5; therefore, it is rejected under the same rationale.

As to claim 6, Narasimhan discloses wherein the RF-neighbor access points of a given access point, which is one of the other access points and the access point (Narasimhan Fig. 3B, Pa. [0029]) [access points 130a, 130b, ... 130n, etc.)], are nearest RF neighbors of the given access point (Narasimhan Fig. 3B, Pa. [0099]) [each wireless network device may have a list of its closest neighbors.)]

As to claim 16, claim 16 recites the claimed that contain similar limitations as claims 6; therefore, it is rejected under the same rationale.

As to claim 7, Narasimhan discloses wherein, when distributing the secondary PMKs, the access point includes information that indicates the access point is the master access point in the WLAN (Narasimhan Fig. 3B, Pa. [00927) [WLAN]  for the electronic device (Narasimhan Fig. 3B, Pa. [0022]) [propagation of the one or more security keys is initiated by the first level key holder. Specifically, only the first level key holder (and not the second level key holder) will send the second level keys to the second level key holders (e.g., access points in the network).].  

As to claim 17, claim 17 recites the claimed that contain similar limitations as claims 7; therefore, it is rejected under the same rationale.

As to claim 9, Narasimhan discloses wherein, when the access point receives one of a disassociate message from the electronic device (Narasimhan Fig. 3B, Pa. [0089) [client 41 0 may be regarded as no longer associated with the network when client 41 0 disassociates with, or de-authenticates from the network)] and a time-out message from the controller (Narasimhan Fig. 3B, Pa. [0089) [on expiry of the second level security key's lifetime ... the lifetime of the first level security key (e.g., PMK-R0), the second level security key (e.g., PMK-R1 ), the derived security key (e.g., PTK) are the same as the lifetime of the PSK or MSK ... or when client 410 is associated with a longer period of inactivity than a predetermined threshold length)], the access point deletes the PMK (Narasimhan Fig. 3B, Pa. [0071) [first level key holder (R0KH) will delete existing first
level and second level security keys)] and provides instructions to delete the secondary PMKs at the RF-neighbor access points of the access point (Narasimhan Fig. 3B, Pa. [0089) [the second level security key (e.g., PMK-R1) will be removed from the second level key holder 425 (e.g., R1KH) when client410 initiates another IMDA, or based on when client 410 is no longer associated with the network.)]

As to claim 19, claim 19 recites the claimed that contain similar limitations as claims 9; therefore, it is rejected under the same rationale.

As to claim 10, Narasimhan discloses wherein the access point further comprises: a processor, coupled to the interface circuit and memory, configured to execute a program module; and the memory, coupled to the processor, configured to store the program module, wherein the program module includes instructions for at least some of the operations performed by the access point (Narasimhan Fig. 3B, Pa. [0109) [a processor 730 capable of processing computing instructions, and a memory 7 40 capable of storing instructions and data. Moreover, network device 700 further includes a receiving mechanism 750, a transmitting mechanism 760, an assigning mechanism 770, and a detecting mechanism 780, all of which are coupled to processor 730 and memory 740 in network device 700.)]



s 8 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Narasimhan U.S. Publication No. 20130196708 A1, in view of Gamer US 20120284773 A1, in further view of Aragon U.S. Publication No. 20080096575 A1.

As to claim 8,  the combination of Narasimhan and Gamer does not explicitly disclose wherein, when a number of electronic devices associated with the access point exceeds a threshold value and a number of electronic devices associated with the second access point is less than the threshold value, the access point designates, after receiving the association information, the second access point as the master access point in the WLAN for the electronic device.
However, Aragon discloses wherein, when a number of electronic devices associated with the access point exceeds a threshold value (Aragon Pa. [0030]) [An overloaded AP may have more clients than a specified threshold) and a number of electronic devices associated with the second access point(Para [0029); Fig. 2 depicts a diagram 200 of an example of a system balancing loads for two APs. Fig. 2 includes AP 202, AP 203, local load 204, neighbor load 206)] and a number of electronic devices associated with the second access point (Aragon Pa. [0038]) [the AP should decline association requests from clients and the controller should activate the AP's steering function.)] is less than the threshold value (Aragon Pa. [0034]) [In the example of Fig. 2, the neighbor designation engine 208 may identify neighbors to an AP that may be suitable for associating with the client.; 6The neighbor designation engine 208 identifies the AP 203 as a neighbor of the AP 202 that may be able to associate a new client)], the access point designates, after receiving the association information, the second access point as the master access point in the WLAN for the electronic device (Aragon Pa. [0035]) [the load distribution engine 210 may actively balance loads across adjacent APs by disassociating clients from currently relatively heavily loaded APs and re-associating the clients with a relatively lightly loaded adjacent AP.)]
Thus, Before the effective filing date of the claimed invention it would have been obvious to one of ordinary skill in the art, to modify the teaching of Narasimhan and Gamer to associate clients with APs in an advantageous manner may involve local balancing of clients across APs as disclosed by Aragon, to gain the advantage of  getting wireless connection more secure.

As to claim 18, claim 18 recites the claimed that contain similar limitations as claims 8; therefore, it is rejected under the same rationale.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EVANS DESROSIERS whose telephone number is (571)270-5438.  The examiner can normally be reached on Monday -Thursday 7:00 am - 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B. Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/EVANS DESROSIERS/Primary Examiner, Art Unit 2491