DETAILED ACTION
This Office Action is in response to the response filed 6/9/2021 for application 16/200,103.
Claims 1-6, 9-17, and 19-23 are currently pending; claims 1 and 12 have been amended; claims 7, 8, and 18 have been canceled; claims 21-23 have been added; 1 and 12 are independent claims; claims 1-6, 9-17, and 19-23 have been examined.  
Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  This Action is made FINAL.

Response to Arguments
In response to the filing and approval of a Terminal Disclaimer on 6/9/2021, the double patenting rejection has been withdrawn.
Applicants’ arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 6/9/2021, with respect to the rejections of claims 1-6, 9-17, and 19-23 have been fully considered but are not persuasive.
Applicant argues as follows:  Claim 1 has been amended to recite the following relevant part:  receiving, at the processing module, a first signature contribution request, wherein the first signature contribution request includes a payload; determining, by the processing module, based at least partially on an analysis of the payload, whether the first signature contribution request compares favorably to a functionality template; Importantly, a first signature contribution request includes a payload and the processing module determines whether the first signature contribution request compares favorably to 
Examiner respectfully disagrees.  The combination of Coan, Toomey, and Koike make obvious to invention claimed in claims 1 and 12.  Toomey in paragraph 0103 discloses when the timestamp of the first signature contribution request compares favorably to the timing template, determining, by the processing module, based at least partially on an analysis of the payload, whether the first signature contribution request compares favorably to a functionality template where based at least partially on an analysis of the payload encompasses matching of the user ID and where functionality template encompasses IP addresses and timing template encompasses if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted.
Applicant argues as follows:  In the event that the Office maintains the rejection of amended claims 1, 2, 21 or 23 under 35 U.S.C. §103, Applicant respectfully requests that the Office, in the interest of compact prosecution, identify on the record and with specificity sufficient to support a prima facie case of obviousness, where Nykanen teaches or discloses: the first signature contribution request includes a payload and the processing module; 2) determines whether the first signature contribution request compares favorably to a functionality template: and 3) based at least partially on an analysis of the payload.
Examiner respectfully disagrees.  The combination of Coan, Toomey, and Koike make obvious to invention claimed in claims 1 and 12.    Regarding claims 21 and 23, Bennett discloses, in paragraph 0072, wherein the analysis of the payload includes a comparison of the payload analysis to the functionality template.
Applicant argues as follows: Claim 8 has been cancelled, however new claim 22 recites the following: “[t]he method of claim 1, wherein the analysis of the payload results in a registry value for the payload”. Importantly, the Applicant’s claim 1 requires that the first signature contribution request includes a payload and that the processing module determines whether the first signature contribution request compares favorably to a functionality template based at least partially on an analysis of (that) payload.  On page 37 of the 3/9/21 OA, the Office acknowledges that none of Coan, Toomey or Koike disclose the recited features from above, and looks exclusively to Hove to disclose these features relating to the analysis of a payload resulting in a registry value and determining 
Examiner respectfully disagrees.  An update search was performed.  Applicant has cited Soin, in paragraph 0057, for teaching wherein the analysis of the payload results in a registry value for the payload.
Applicant argues as follows:  Claims 1, 3, 7, 9-12, 14, 18 and 19 have been rejected under 35 USC §112(b) or 35 USC §112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. The Applicant respectfully disagrees with this rejection and the reasoning thereof.  To satisfy the written description requirement of the first paragraph of 35 U.S.C. § 112, a disclosure need only describe a claimed invention in a manner sufficient to reasonably convey to those skilled in the relevant art that Applicant possessed the claimed invention. This possession may be shown in any number of ways and an Applicant need not describe every claim feature exactly. (MPEP §2163 (emphasis added)). Rather, all that is required is “reasonable clarity.” Also, original subject matter enjoys a “strong presumption” of compliance with the written description requirement. (MPEP §§ 2163 (I)(A), 2163(II)(A), 2163(II)(A)(3)(a)). The Office has accordingly, claims 1,3, 7, 9-12, 14, 18 and 19 under 35 USC §112(b).  On page 11 of the 3/9/21 OA the Office argues that “[t]he terms favorably 
Examiner respectfully disagrees.  Applicant’s argued “desired relationship” is itself indefinite “desired relationship” does not provide a clear and definite way of measurement and appears to be highly subjective.  From whose point of view is the relationship desired and how is it desired.  As to the claimed language, Examiner thinks a 
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 272 5368 to schedule an interview.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 3, 9-12, 14, and 19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  The claims recite favorably or unfavorably.  The terms favorably and unfavorably are indefinite as they do not provide a clear and definite way of measurement and appear to be highly subjective.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically discloses as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1, 2, 6, 9, 12, 17, and 20 are rejected under 35 U.S.C. 103le over Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010.
Regarding claim 1, Coan discloses a method for execution by a processing module of one or more computing devices of a dispersed storage network (DSN), the method comprises: receiving, at the processing module, a first signature contribution request, wherein the first signature contribution request includes a payload (Coan, paragraph 0030, “As discussed in greater detail below, two threshold cryptosystems can be used.  First, each group uses an (f+1, CG) threshold digital signature scheme.  Each group controller knows one share of the private key, which it can use to generate partial signatures and proofs of correctness.” [i.e., dispersed storage network]; paragraph 0035, “In a typical threshold signature scheme, a private key is divided into n key shares, where each process knows one key share.  To sign a message, m, each process uses its key share to generate a partial signature on m. Any process that collects k partial signatures[i.e., signature contribution request] can then combine them to form a threshold signature on m. An important property provided by some threshold signature schemes, especially in malicious environments, is verifiable secret sharing: each process can use its key share to generate a proof of correctness, proving that the partial signature was properly generated using a share from the initial key split.”; paragraph 0052, “After submitting the request, the client waits for f+1 valid REKEY messages from the group controllers, indicating that they have accepted the operation.  The responses contain partial signatures that can be combined to generate proof that the operation was accepted.  In addition, if the operation was a join request, the responses contain key shares that can be combined to form the group encryption key.  The client retransmits its request if it does not receive the necessary replies within a timeout period.”; paragraph 0069, “Recall that a REQUEST message sent by client i for operation j contains an arrayOp proof, p, where p[i]=j-1.  More generally, p[k] contains the last accepted operation for client k at the time the REKEY messages [i.e., signature request] containing the partial signatures [i.e., payload is in some part of the REKEY message that is not the partial signature] combined to form p were generated.  Thus, proof p can be viewed as a snapshot of the state of f+1 group controllers, at least one of which is correct.  Therefore, a controller receiving a REQUEST message containing p knows that, if p[m]=n, then the operation (m, n) was legitimately accepted in the controller coordination protocol.  Further, since we force clients to use contiguous sequence numbers, all operations (m, n'), n'&lt;n, have been legitimately accepted (i.e., the proof is cumulative).”);
logging, by the processing module, the first signature contribution request (Coan, paragraph 0035, “In a typical threshold signature scheme, a private key is divided into n key shares, where each process knows one key share.  To sign a message, m, each process uses its key share to generate a partial signature on m. Any process that collects [i.e., logging] k partial signatures[i.e., signature request] can then combine them to form a threshold signature on m. An important property provided by some threshold signature schemes, especially in malicious environments, is verifiable secret sharing: each process can use its key share to generate a proof of correctness, proving that the partial signature was properly generated using a share from the initial key split.”);
wherein the logging includes a timestamp for the first signature contribution request (Coan, paragraph 0011, “when the client receives in a predetermined time [i.e. timestamp at least suggested] a predetermined number of the valid rekey messages having a same membership state, updating a shared key and a view number, otherwise rebroadcasting the message request; and, at each controller of the plurality of controllers, performing validation steps based on the message request from the client, when the validation steps are valid, broadcasting a valid proposal to the plurality of controllers, collecting the valid proposals broadcast from the plurality of controllers, when the predetermined number of valid proposals are collected” [i.e., logging]).
retrieving, by the processing module, a key share based on sharing function parameters and outputting a signature result (Coan, paragraph 0059,”A controller considers a PROPOSAL message as valid if it is properly signed and contains a partial signature with a valid correctness proof.”).
Coan does not explicitly disclose determining, by the processing module, whether the timestamp of the first signature contribution request compares favorably to a timing template; when the timestamp of the first signature contribution request does not compare favorably to the timing template, outputting, by the processing module, a first signature contribution request rejection message; when the timestamp of the first signature contribution request compares favorably to the timing template, determining, by the processing module, based at least partially on an analysis of the payload, whether the first signature contribution request compares favorably to a functionality template; when the first signature contribution request compares favorably to the functionality template, retrieving, by the processing module, a key share based on sharing function parameters and outputting a signature result; and when the first signature contribution request does not compare favorably to the functionality template, outputting, by the processing module, a second signature contribution request rejection message.
In particular, Coan does not explicitly disclose when the first signature contribution request compares favorably to the functionality template, retrieving, by the 
However, in an analogous art, Toomey discloses when the first signature contribution request compares favorably to the functionality template, retrieving, by the processing module, a key share based on sharing function parameters and outputting a signature result (Toomey, paragraph 0103, “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to use articulated reasoning with some rational underpinning to support a legal conclusion of obviousness.  More specifically, use of exemplary rationales that may support a conclusion of obviousness include: "Obvious to try" - choosing from a finite number of identified, predictable solutions, with a reasonable expectation of success; and/ or known work in one field of endeavor may prompt variations of it for use in either the same field or a different one based on design incentives or other market forces if the variations are predictable to one of ordinary skill in the art.
Toomey is concerned with a comparison between a signature contribution request and a timing  template and then comparing the signature contribution request to a functionality template..  The two comparing steps in Toomey are not the only way to validate a signature request.  Cases where a single validation step of comparing the signature request against a timing template are predictable to one of ordinary skill in the art.
(Toomey, paragraph 0103, “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”);when the timestamp of the first signature contribution request does not compare favorably to the timing template, (Toomey, paragraph 0103, “If the user ID and client IP address of the request match  exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.” [i.e., otherwise encompasses when the timestamp of the first signature contribution request does not compare favorably to the timing template]);
when the timestamp of the first signature contribution request compares favorably to the timing template, determining, by the processing module, based at least partially on an analysis of the payload, whether the first signature contribution request compares favorably to a functionality template (Toomey, paragraph 0103, “If the user ID [i.e., based at least partially on an analysis of the payload encompasses matching of the user ID] and client IP address of the request match exactly based at least partially on an analysis of the payload, whether y those of an existing database record [i.e., functionality encompasses IP addresses], and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”);
when the first signature contribution request compares favorably to the functionality template, (Toomey, paragraph 0103, “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.” [i.e., otherwise encompasses when the first signature contribution request does not compare favorably to the functionality template]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Toomey  with the computer readable memory device/ method of Coan to include when the timestamp of the first signature contribution request compares favorably to the timing template, determining, by the processing module, whether the first signature contribution request compares favorably to a functionality template; when the first signature contribution request compares favorably to the functionality template, retrieving, by the processing module, a key share based on sharing function parameters and outputting a signature result; and when the first signature contribution request does not compare favorably to the functionality template.
One would have been motivated to provide users with the benefits of  trust based, fine grained rate limiting if network requests (Toomey: paragraph 0003).
Coan and Toomey disclose when the timestamp of the first signature contribution request does not compare favorably to the timing template; when the first signature contribution request does not compare favorably to the functionality template, but do not explicitly disclose when the timestamp of the first signature contribution request does not compare favorably to the timing template, outputting, by the processing module, a first signature contribution request rejection message; when the first signature contribution 
However, in an analogous art, Koike discloses when the timestamp of the first signature contribution request does not compare favorably to the timing template, outputting, by the processing module, a first signature contribution request rejection message; when the first signature contribution request does not compare favorably to the functionality template, outputting, by the processing module, a second signature contribution request rejection message (Koike, paragraph 0079, “When receiving the TICKET request from the terminal apparatus 10, the processing element 422 of the management apparatus 40 uses the public key KP in the storage device 44 to verify the validity of the signature information SG in the TICKET request.  When the signature information SG is valid, the processing element 422 transmits an inquiry request including the user identifier UID and the process identifier PID in the TICKET request to the registration apparatus 20 (SA12).  When the signature information SG is invalid, the processing element 422 transmits a notice indicating the rejection of the TICKET request to the user of the terminal apparatus 10 and ends the process (not shown).”). Broadly, Koike teaches that for each unfavorable comparison, a rejection message is sent.  Toomey discloses when the timestamp of the first signature contribution request does not compare favorably to the timing template by disclosing in paragraph 0103 “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”  

One would have been motivated to provide users with the benefits receiving notification of failed request (Koike paragraph 0079).
Regarding claim 2, Coan, Toomey, and Koike disclose the method of claim 1.  Coan discloses wherein the logging further includes at least one of extracting request information from the first signature contribution request, obtaining a user identifier (ID), obtaining a vault ID, obtaining a timestamp, aggregating the request information, the user ID, the vault ID, and the timestamp to produce logging information, and facilitating storing of the logging information (Coan, paragraph 0035, “To sign a message, m, each process uses its key share to generate a partial signature on m. Any process that collects k partial signatures can then combine them to form a threshold signature on m. An important property provided by some threshold signature schemes, especially in malicious environments, is verifiable secret sharing: each process can use its key share to generate a proof of correctness, proving that the partial signature was properly generated using a share from the initial key split.”).
Regarding claim 6, Coan, Toomey, and Koike disclose the method of claim 1.  Koike discloses further comprising:  outputting, by the processing module, the first signature contribution request rejection message to at least one of requester, a dispersed storage (DS) imaging unit, a DS processing unit, a DS unit, and a user device (Koike, paragraph 0079, “When receiving the TICKET request from the terminal apparatus 10, the processing element 422 of the management apparatus 40 uses the public key KP in the storage device 44 to verify the validity of the signature information SG in the TICKET request.  When the signature information SG is valid, the processing element 422 transmits an inquiry request including the user identifier UID and the process identifier PID in the TICKET request to the registration apparatus 20 (SA12).  When the signature information SG is invalid, the processing element 422 transmits a notice indicating the rejection of the TICKET request to the user of the terminal apparatus 10 and ends the process (not shown).”).  The rationale is the same as that of the claim from which this claim depends.
Regarding claim 9, Coan, Toomey, and Koike disclose the method of claim 1.  Coan discloses further comprising: generating, by the processing module, a signature, wherein the generating the signature is based on a key share result (Coan, paragraph 0052, “After submitting the request, the client waits for f+1 valid REKEY messages from the group controllers, indicating that they have accepted the operation.  The responses contain partial signatures that can be combined to generate proof that the operation was accepted.  In addition, if the operation was a join request, the responses contain key shares that can be combined to form the group encryption key.  The client retransmits its request if it does not receive the necessary replies within a timeout period.”).
Regarding claim 12, Coan discloses a  computer readable memory device comprises: at least one memory section that stores operational instructions that, when executed by a processing module of a computing device (Coan, paragraph 0108,”The invention can be implemented as computer software or a computer readable program for operating on a computer.  The computer program can be stored on computer readable medium.  Various aspects of the present disclosure may be embodied as a program, software, or computer instructions embodied in a computer or machine usable or readable medium, which causes the computer or machine to perform the steps of the method when executed on the computer, processor, and/or machine”);
of a dispersed storage network (DSN), causes the one computing devices to: receive a first signature contribution request, wherein the first signature contribution request includes a payload (Coan, paragraph 0030, “As discussed in greater detail below, two threshold cryptosystems can be used.  First, each group uses an (f+1, CG) threshold digital signature scheme.  Each group controller knows one share of the private key, which it can use to generate partial signatures and proofs of correctness.” [i.e., dispersed storage network]; paragraph 0035, “In a typical threshold signature scheme, a private key is divided into n key shares, where each process knows one key share.  To sign a message, m, each process uses its key share to generate a partial signature on m. Any process that collects k partial signatures[i.e., signature contribution request] can then combine them to form a threshold signature on m. An important property provided by some threshold signature schemes, especially in malicious environments, is verifiable secret sharing: each process can use its key share to generate a proof of correctness, proving that the partial signature was properly generated using a share from the initial key split.”; paragraph 0052, “After submitting the request, the client waits for f+1 valid REKEY messages from the group controllers, indicating that they have accepted the operation.  The responses contain partial signatures that can be combined to generate proof that the operation was accepted.  In addition, if the operation was a join request, the responses contain key shares that can be combined to form the group encryption key.  The client retransmits its request if it does not receive the necessary replies within a timeout period.”; paragraph 0069, “Recall that a REQUEST message sent by client i for operation j contains an arrayOp proof, p, where p[i]=j-1.  More generally, p[k] contains the last accepted operation for client k at the time the REKEY messages [i.e., signature request] containing the partial signatures [i.e., payload is in some part of the REKEY message that is not the partial signature] combined to form p were generated.  Thus, proof p can be viewed as a snapshot of the state of f+1 group controllers, at least one of which is correct.  Therefore, a controller receiving a REQUEST message containing p knows that, if p[m]=n, then the operation (m, n) was legitimately accepted in the controller coordination protocol.  Further, since we force clients to use contiguous sequence numbers, all operations (m, n'), n'&lt;n, have been legitimately accepted (i.e., the proof is cumulative).”);
log the first signature contribution request in a log, (Coan, paragraph 0035, “In a typical threshold signature scheme, a private key is divided into n key shares, where each process knows one key share.  To sign a message, m, each process uses its key share to generate a partial signature on m. Any process that collects [i.e., logging] k partial signatures[i.e., signature request] can then combine them to form a threshold signature on m. An important property provided by some threshold signature schemes, especially in malicious environments, is verifiable secret sharing: each process can use its key share to generate a proof of correctness, proving that the partial signature was properly generated using a share from the initial key split.”);
wherein the log includes a timestamp for the first signature contribution request; (Coan, paragraph 0011, “when the client receives in a predetermined time [i.e. timestamp at least suggested] a predetermined number of the valid rekey messages having a same membership state, updating a shared key and a view number, otherwise rebroadcasting the message request; and, at each controller of the plurality of controllers, performing validation steps based on the message request from the client, when the validation steps are valid, broadcasting a valid proposal to the plurality of controllers, collecting the valid proposals broadcast from the plurality of controllers, when the predetermined number of valid proposals are collected” [i.e., logging].’
Coan does not explicitly disclose determine whether the timestamp of the first signature contribution request compares favorably to a timing template; when the timestamp of the first signature contribution request does not compare favorably to the timing template, outputting a first signature contribution request rejection message; when the timestamp of the first signature contribution request compares favorably to the timing template, determine whether the first signature contribution request compares favorably to a functionality template; when the first signature contribution request compares favorably to the functionality template, retrieve a key share based on sharing function parameters and outputting a signature result; and when the first signature contribution request does not compare favorably to the functionality template, output a second signature contribution request rejection message.

However, in an analogous art, Toomey discloses when the first signature contribution request compares favorably to the functionality template, retrieving, by the processing module, a key share based on sharing function parameters and outputting a signature result (Toomey, paragraph 0103, “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to use articulated reasoning with some rational underpinning to support a legal conclusion of obviousness.  More specifically, use of exemplary rationales that may support a conclusion of obviousness include: "Obvious to try" - choosing from a finite number of identified, predictable solutions, with a reasonable expectation of success; and/ or known work in one field of endeavor may prompt variations of it for use in either the same field or a different one based on design incentives or other market forces if the variations are predictable to one of ordinary skill in the art.
Toomey is concerned with a comparison between a signature contribution request and a timing  template and then comparing the signature contribution request to a functionality template..  The two comparing steps in Toomey are not the only way to validate a signature request.  Cases where a single validation step of comparing the 
Additionally, Toomey discloses determining, by the processing module, whether the timestamp of the first signature contribution request compares favorably to a timing template (Toomey, paragraph 0103, “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”);when the timestamp of the first signature contribution request does not compare favorably to the timing template, (Toomey, paragraph 0103, “If the user ID and client IP address of the request match  exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.” [i.e., otherwise encompasses when the timestamp of the first signature contribution request does not compare favorably to the timing template]);
when the timestamp of the first signature contribution request compares favorably to the timing template, determining, by the processing module, based at least partially on an analysis of the payload, whether the first signature contribution request compares favorably to a functionality template (Toomey, paragraph 0103, “If the user ID [i.e., based at least partially on an analysis of the payload encompasses matching of the user ID] and client IP address of the request match exactly based at least partially on an analysis of the payload, whether y those of an existing database record [i.e., functionality encompasses IP addresses], and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”);
(Toomey, paragraph 0103, “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.” [i.e., otherwise encompasses when the first signature contribution request does not compare favorably to the functionality template]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Toomey  with the computer readable memory device/ method of Coan to include when the timestamp of the first signature contribution request compares favorably to the timing template, determining, by the processing module, whether the first signature contribution request compares favorably to a functionality template; when the first signature contribution request compares favorably to the functionality template, retrieving, by the processing module, a key share based on sharing function parameters and outputting a signature result; and when the first signature contribution request does not compare favorably to the functionality template.
One would have been motivated to provide users with the benefits of  trust based, fine grained rate limiting if network requests (Toomey: paragraph 0003).
Coan and Toomey disclose when the timestamp of the first signature contribution request does not compare favorably to the timing template; when the first signature contribution request does not compare favorably to the functionality template, but do not explicitly disclose when the timestamp of the first signature contribution request does not compare favorably to the timing template, outputting, by the processing module, a first 
However, in an analogous art, Koike discloses when the timestamp of the first signature contribution request does not compare favorably to the timing template, outputting, by the processing module, a first signature contribution request rejection message; when the first signature contribution request does not compare favorably to the functionality template, outputting, by the processing module, a second signature contribution request rejection message (Koike, paragraph 0079, “When receiving the TICKET request from the terminal apparatus 10, the processing element 422 of the management apparatus 40 uses the public key KP in the storage device 44 to verify the validity of the signature information SG in the TICKET request.  When the signature information SG is valid, the processing element 422 transmits an inquiry request including the user identifier UID and the process identifier PID in the TICKET request to the registration apparatus 20 (SA12).  When the signature information SG is invalid, the processing element 422 transmits a notice indicating the rejection of the TICKET request to the user of the terminal apparatus 10 and ends the process (not shown).”).  Broadly, Koike teaches that for each unfavorable comparison, a rejection message is sent.  Toomey discloses when the timestamp of the first signature contribution request does not compare favorably to the timing template by disclosing in paragraph 0103 “If the user ID and client IP address of the request match exactly those of an existing database record, and if the timestamps from the database record pass the configurable timestamp bounds checks, the request is trusted; otherwise, it is not.”

One would have been motivated to provide users with the benefits receiving notification of failed request (Koike paragraph 0079).
Regarding claim 17, Coan, Toomey, and Koike disclose the computer readable memory device of claim 12.  Koike discloses wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the computing device to: output the signature contribution request rejection message to at least one of requester, a dispersed storage (DS) imaging unit, a DS processing unit, a DS unit, and a user device (Koike, paragraph 0079, “When receiving the TICKET request from the terminal apparatus 10, the processing element 422 of the management apparatus 40 uses the public key KP in the storage device 44 to verify the validity of the signature information SG in the TICKET request.  When the signature information SG is valid, the processing element 422 transmits an inquiry request including the user identifier UID and the process identifier PID in the TICKET request to the registration apparatus 20 (SA12).  When the signature information SG is invalid, the processing element 422 transmits a notice indicating the rejection of the TICKET request to the user of the terminal apparatus 10 and ends the process (not shown).”).  The rationale is the same as that of the claim from which this claim depends.
Regarding claim 20, Coan, Toomey, and Koike disclose the computer readable memory device of claim 12.  Coan discloses wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the computing device to: generate a signature, wherein the signature is based at least partially on a key share result (Coan, paragraph 0052, “After submitting the request, the client waits for f+1 valid REKEY messages from the group controllers, indicating that they have accepted the operation.  The responses contain partial signatures that can be combined to generate proof that the operation was accepted.  In addition, if the operation was a join request, the responses contain key shares that can be combined to form the group encryption key.  The client retransmits its request if it does not receive the necessary replies within a timeout period.”).
 
Claims 3, 4, 14, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010, and further in view of Meylan (US20090168723), filed November 24, 2008..
Regarding claim 3, Coan, Toomey, and Koike disclose the method of claim 1.
Coan, Toomey, and Koike do not explicitly disclose wherein the determining whether the timestamp of the first signature contribution request compares favorably to a timing template is based at least in part on a difference between the timestamp associated 
However, in an analogous art, Meylan discloses wherein the determining whether the timestamp of the first signature contribution request compares favorably to a timing template is based at least in part on a difference between the timestamp associated with the first signature contribution request and a timestamp associated with a second signature contribution request (Meylan, paragraph 0097, “FIG. 12 shows a design of an apparatus 1200 for sending packets in a wireless communication system.  Apparatus 1200 includes a module 1212 to receive a first packet with a first sequence number, a module 1214 to process the first packet for transmission to a receiving entity, a module 1216 to receive a second packet with a second sequence number earlier than the first sequence number, with the second packet being received out of order with respect to the first packet, and a module 1218 to process the second packet for transmission to the receiving entity, with the second packet being processed as if it is later than the first packet.” [i.e., first signature contribution request compares favorably to a timing template because both first and second packets are processed]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Meylan with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the determining whether the timestamp of the first signature contribution request compares favorably to a timing template is based at least in part on a difference between the timestamp associated with the first signature contribution request and a timestamp associated with a second signature contribution request.
Meylan: paragraph 0007).
Regarding claim 4, Coan, Toomey, Koike and Meylan discloses the method of claim 2.  Meylan discloses wherein the timestamp associated with the second signature contribution request is earlier in time than the first signature contribution request (Meylan, paragraph 0097, “FIG. 12 shows a design of an apparatus 1200 for sending packets in a wireless communication system.  Apparatus 1200 includes a module 1212 to receive a first packet with a first sequence number, a module 1214 to process the first packet for transmission to a receiving entity, a module 1216 to receive a second packet with a second sequence number earlier than the first sequence number, with the second packet being received out of order with respect to the first packet, and a module 1218 to process the second packet for transmission to the receiving entity, with the second packet being processed as if it is later than the first packet.” [i.e., the timestamp associated with the second signature contribution request is earlier in time than the first signature contribution request encompasses received earlier than first packet])
Regarding claim 14, Coan, Toomey, and Koike disclose the computer readable memory device of claim 12.
Coan, Toomey, and Koike do not explicitly disclose wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the computing device to: determine whether the timestamp of the first signature contribution request compares favorably to a timing template based at least in part on a difference between the timestamp associated with the 
However, in an analogous art, Meylan discloses wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the computing device to: determine whether the timestamp of the first signature contribution request compares favorably to a timing template based at least in part on a difference between the timestamp associated with the first signature contribution request and a timestamp associated with a second signature contribution request (Meylan, paragraph 0097, “FIG. 12 shows a design of an apparatus 1200 for sending packets in a wireless communication system.  Apparatus 1200 includes a module 1212 to receive a first packet with a first sequence number, a module 1214 to process the first packet for transmission to a receiving entity, a module 1216 to receive a second packet with a second sequence number earlier than the first sequence number, with the second packet being received out of order with respect to the first packet, and a module 1218 to process the second packet for transmission to the receiving entity, with the second packet being processed as if it is later than the first packet.” [i.e., first signature contribution request compares favorably to a timing template because both first and second packets are processed]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Meylan with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the computing device to: determine 
One would have been motivated to provide users with the benefits maintaining synchronization (Meylan: paragraph 0007).
Regarding claim 15, Coan, Toomey, Koike and Meylan discloses the computer readable memory device of claim 14.  Meylan discloses  wherein the timestamp associated with the second signature contribution request is earlier in time than the first signature contribution request (Meylan, paragraph 0097, “FIG. 12 shows a design of an apparatus 1200 for sending packets in a wireless communication system.  Apparatus 1200 includes a module 1212 to receive a first packet with a first sequence number, a module 1214 to process the first packet for transmission to a receiving entity, a module 1216 to receive a second packet with a second sequence number earlier than the first sequence number, with the second packet being received out of order with respect to the first packet, and a module 1218 to process the second packet for transmission to the receiving entity, with the second packet being processed as if it is later than the first packet.” [i.e., the timestamp associated with the second signature contribution request is earlier in time than the first signature contribution request encompasses received earlier than first packet]).
Claims  5 and 16 are rejected under 35 U.S.C. 103Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010, and further in view of Sawicki (US20080320097), filed June 20, 2008..
Regarding claim 5, Coan, Toomey, and Koike disclose the method of claim 1.
Coan, Toomey, and Koike do not explicitly disclose wherein the first signature contribution request rejection message includes at least one of at least a portion of a logging information, the timestamp associated with the first signature contribution request and an error code.
However, in an analogous art, Sawicki discloses wherein the first signature contribution request rejection message includes at least one of at least a portion of a logging information, the timestamp associated with the first signature contribution request and an error code (Sawicki, paragraph 0125, “Note that last modification time recovery wouldn't make sense if local time would be used on every machine.  Instead every WRITE and WRITE_MIRRORED request carry a requesting node generated timestamp in the packet payload and this timestamp is assigned to the metadata for the file/directory on every node.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sawicki with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the first signature contribution request rejection message includes at least one of at least a portion of a logging information, the timestamp associated with the first signature contribution request and an error code.
One would have been motivated to provide users with the benefits a method for distributing files within a network (Sawicki: paragraph 0003).
Regarding claim 16, Coan, Toomey, and Koike disclose the computer readable memory device of claim 12.
Coan, Toomey, and Koike do not explicitly discloses wherein the first signature contribution request rejection message includes at least one of at least a portion of a logging information, the timestamp associated with the first signature contribution request and an error code
However, in an analogous art, Sawicki discloses wherein the first signature contribution request rejection message includes at least one of at least a portion of a logging information, the timestamp associated with the first signature contribution request and an error code (Sawicki, paragraph 0125, “Note that last modification time recovery wouldn't make sense if local time would be used on every machine.  Instead every WRITE and WRITE_MIRRORED request carry a requesting node generated timestamp in the packet payload and this timestamp is assigned to the metadata for the file/directory on every node.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sawicki with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the first signature contribution request rejection message includes at least one of at least a portion of a logging information, the timestamp associated with the first signature contribution request and an error code.
One would have been motivated to provide users with the benefits a method for distributing files within a network (Sawicki: paragraph 0003).

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010, and further in view of Vogel (US6816900), filed April 4, 2000.
Regarding claim 10, Coan, Toomey, and Koike disclose the method of claim 1.
Coan, Toomey, and Koike do not explicitly disclose wherein the determining, that the first signature contribution request compares favorably to the functionality template is based on the processing module determining that the payload is not a certificate authority certificate.
However, in an analogous art, Vogel discloses wherein the determining, that the first signature contribution request compares favorably to the functionality template is based on the processing module determining that the payload is not a certificate authority certificate (Vogel, col. 7, lines 31-37, “Signed message 212 includes a new root certificate 216 for each new root certificate that is to be added to root store 112 of a client computer 104 of FIG. 1.  If a root certificate is to be removed from root store 112, or the usage restrictions of a root certificate are to be changed, then the root certificate may optionally be excluded from message 212.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Vogel with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the determining, that the first signature contribution request compares favorably to 
One would have been motivated to provide users with the benefits of updating trusted root certificates on a client computer (Vogel: col. 1, lines 11-14).
Claims  11 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010, and further in view of Maria (US6092110), filed October 23, 1997.
Regarding claim 11, Coan, Toomey, and Koike disclose the method of claim 1.
Coan, Toomey, and Koike do not explicitly disclose wherein the determining, that the first signature contribution request compares favorably to the functionality template is based on an internet protocol (IP) address associated with a requester of the first signature contribution request not comparing unfavorably to an unfavorable IP address list.
However, in an analogous art, Maria discloses wherein the determining, that the first signature contribution request compares favorably to the functionality template is based on an internet protocol (IP) address associated with a requester of the first signature contribution request not comparing unfavorably to an unfavorable IP address list (Maria, col. 1, lines 20-35, “Data packet filters are currently available which filter out data packets from certain Internet sites.  On the commercial side, these filters are often implemented as part of a router or "firewall." On the individual side, these filters are implemented as programs which run on a personal computer and operate in conjunction with individual browser software.  Both the commercial and individual filters operate by storing lists of prohibited source addresses, such as Internet Protocol (IP) addresses, and filtering out any data packets received from a site with a prohibited source IP address.”)’
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Maria with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the determining, that the first signature contribution request compares favorably to the functionality template is based on an internet protocol (IP) address associated with a requester of the first signature contribution request not comparing unfavorably to an unfavorable IP address list.
One would have been motivated to provide users with the benefits of periodically updating the list of source addresses to ensure the list is kept current (Maria: col. 1, lines 5-10).
Regarding claim 19, Coan, Toomey, and Koike disclose the computer readable memory device of claim 12.
Coan, Toomey, and Koike do not explicitly disclose wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the  computing device to: determine that the first signature contribution request compares favorably to the functionality template based on at least one of: a determination that a registry value of the payload does not conflict with a current registry value; a determination that the payload is not a certificate authority 

However, in an analogous art, Maria discloses wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the  computing device to: determine that the first signature contribution request compares favorably to the functionality template based on at least one of: a determination that a registry value of the payload does not conflict with a current registry value; a determination that the payload is not a certificate authority certificate and an internet protocol (IP) address associated with a requester of the first signature contribution request not comparing unfavorably to an unfavorable IP address list  (Maria, col. 1, lines 20-35, “Data packet filters are currently available which filter out data packets from certain Internet sites.  On the commercial side, these filters are often implemented as part of a router or "firewall." On the individual side, these filters are implemented as programs which run on a personal computer and operate in conjunction with individual browser software.  Both the commercial and individual filters operate by storing lists of prohibited source addresses, such as Internet Protocol (IP) addresses, and filtering out any data packets received from a site with a prohibited source IP address.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Maria with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the  computing device to: determine that the first signature contribution request compares favorably to the functionality template  .
One would have been motivated to provide users with the benefits of periodically updating the list of source addresses to ensure the list is kept current (Maria: col. 1, lines 5-10).
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010, and further in view of Clark (US20080313228), filed August 29, 2007..
Regarding claim 13, Coan, Toomey, and Koike disclose the computer readable memory device of claim 12.
Coan, Toomey, and Koike do not explicitly disclose wherein the at least one memory section further stores operational instructions that, when executed by the processing module further causes the computing device to at least one of: extract request information from the first signature contribution request for the log; obtain a user identifier (ID) for the log; obtain a vault ID for the log; obtain a timestamp for the log; facilitate storing of a logging information; and aggregate the request information for the log with the user ID, the vault ID, and the timestamp to produce logging information.
(Clark, paragraph 0011, “According to a related methodology, while operating with or without a persistent network connection, the controller can receive alteration commands from a user.  The alterations and related information such as user identity, user location, user permissions, and the like, can be recorded in the controller's local memory.  The information can be recorded by the logging component if requested by a user, if the local memory reaches a predetermined capacity (e.g., 60%, 70%), or if a predetermined event (e.g., pre-defined thresholds, manipulation of sensitive data, alterations made without supervision) is detected.  Periodically the controller can be brought into communication with an aggregation component to transfer the logged information to the aggregation component, which can receive logged information from a plurality of controllers.  The logged information can comprise a plurality of log entries which can include such information as a timestamp, which can be used to synchronize the log entries and create an aggregate log.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Clark with the computer readable memory device/ method of Coan, Toomey, and Koike to include 
One would have been motivated to provide users with the benefits of logging changes to a controller (Clark: paragraph 0007).

Claims 21 and 23 are rejected under 35 U.S.C. 103 as being unpatentable over Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010, and further in view of Bennett (US20080019352), filed July 20, 2006.
Regarding claim 21, Coan, Toomey, and Koike disclose the method of claim 1.
Coan, Toomey, and Koike do not explicitly disclose wherein the analysis of the payload includes a comparison of the payload analysis to the functionality template.
However, in an analogous art, Bennett discloses wherein the analysis of the payload includes a comparison of the payload analysis to the functionality template (Bennett, paragraph 0072, “The verification manager 417 ensures that header, payload content analysis for virus contents and application of service modules are performed non-repetitively, by just one intermediate network node in the digital communication infrastructure, such as the node 407, which participates in the routing of packets.  This is achieved by tagging the processed packets, which indicates the nodes about the process that are performed previously.  The tagging is done by inserting a comparison table version code that incorporates information regarding trigger templates that is applied to the packet with the service functionality applied to the packet by previous nodes.  The verification manager 417 searches each packet header on arrival of the packet, for a comparison table version code.  On the contrary, if the comparison table version code does exist, then the verification manager 417 decodes the code to determine the payload analysis and application of service functionalities that is performed before.”).

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bennett with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the analysis of the payload includes a comparison of the payload analysis to the functionality template.
One would have been motivated to provide users with the benefits of a virus-processing infrastructure where switching nodes detect and trigger processing of packets that contain virus codes (Bennett: paragraph 0033).
Regarding claim 23, Coan, Toomey, and Koike disclose the computer readable memory device of claim 12.
Coan, Toomey, and Koike do not explicitly disclose wherein the analysis of the payload includes a comparison of the payload analysis to the functionality template.
(Bennett, paragraph 0072, “The verification manager 417 ensures that header, payload content analysis for virus contents and application of service modules are performed non-repetitively, by just one intermediate network node in the digital communication infrastructure, such as the node 407, which participates in the routing of packets.  This is achieved by tagging the processed packets, which indicates the nodes about the process that are performed previously.  The tagging is done by inserting a comparison table version code that incorporates information regarding trigger templates that is applied to the packet with the service functionality applied to the packet by previous nodes.  The verification manager 417 searches each packet header on arrival of the packet, for a comparison table version code.  On the contrary, if the comparison table version code does exist, then the verification manager 417 decodes the code to determine the payload analysis and application of service functionalities that is performed before.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Bennett with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the analysis of the payload includes a comparison of the payload analysis to the functionality template.
One would have been motivated to provide users with the benefits of a virus-processing infrastructure where switching nodes detect and trigger processing of packets that contain virus codes (Bennett: paragraph 0033).

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Coan (US20100180116), filed November 3, 2009, Toomey (US20050108551), filed January 15, 2004, and Koike (US20110118861), filed November 16 2010, and further in view of Soin (US20070101392), filed June 7, 2006.
Regarding claim 22, Coan, Toomey, and Koike disclose the method of claim 1.
Coan, Toomey, and Koike do not explicitly disclose wherein the analysis of the payload results in a registry value for the payload.
However, in an analogous art, Soin discloses wherein the analysis of the payload results in a registry value for the payload (Soin, paragraph 0057, “If the timestamp in the message payload is newer than the timestamp value that is stored in the registry 330, the user agent determines which actuator was pressed and launches the application that is associated with that actuator.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Soin with the computer readable memory device/ method of Coan, Toomey, and Koike to include wherein the analysis of the payload results in a registry value for the payload.
One would have been motivated to provide users with the benefits of launching a computing device into a special computing experience upon detection of a special actuation mechanism coupled to the computing device (Soin: paragraph 0005).

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WALTER J MALINOWSKI whose telephone number is (571)272-5368.  The examiner can normally be reached on 8-6:30 MTWH.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 5712705002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications 






/W.J.M/Examiner, Art Unit 2439                                                                                                                                                                                                        
/KARI L SCHMIDT/Primary Examiner, Art Unit 2439