Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

Priority
Acknowledgment is made of applicant's claim for foreign priority based on an application No. 1872786 filed in France on 12/12/18

Information Disclosure Statement
The examiner reviewed IDS document(s) on 7/13/20, carefully considering the art cited within the document(s).
Claim Amendments
The amendments to claims received on 5/29/20 have been entered. 

Specification
 (j) DETAILED DESCRIPTION OF THE INVENTION: See MPEP § 608.01(g). A description of the preferred embodiment(s) of the invention as required in 37 CFR 1.71. The description should be as short and specific as is necessary to describe the invention adequately and accurately. Where elements or groups of elements, compounds, and processes, which are conventional and generally widely known in the field of the invention described, and their exact nature or type is not necessary for an understanding and use of the invention by a person skilled in the art, they should not be 

The specification is objected to because various paragraphs being difficult to understand.  Specifically, the last sentence in para 6 (lines 9-10) is incomplete, para 48 and 58 are missing text, and the last sentence of para 54 has grammatical issues. 
Additionally, the Abstract includes unnecessary “Figure 2” included under the summary of the invention.


Claims 1-9 have been examined.

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):

(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 

Claims 1-9 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

Claim 1 seems to be missing limitations.  Specifically, the claim language recite 
“the authentication data being encrypted using asymmetric encryption, a public key being known to the authentication server, a private key being known only to the mobile terminal, the private key being associated with the public key” 
and there is no correlation between the public/private key and the rest of the claim limitations.  It appears that the claim should read 
“the authentication data being encrypted using asymmetric encryptionwith a public key being known to the authentication server, a private key being known only to the mobile terminal, the private key being associated with the public key” 
or, more preferably:
“the authentication data being encrypted using  a public key  known to the authentication server associated with  a private key  known only to the mobile terminal” 
given the fact that the use of asymmetric encryption requires the use of a key of a  public/private key pair.
Furthermore, claim 1 requires “the initiating of the session is carried out by implementing at least one of the following steps”.  This suggests that any one of the recited steps would satisfy claim 1 but the steps include elements that are directly related to each other by the virtue of having these elements (with the proper antecedent basis) in essentially each of the limitations of claim 1.  Thus, the metes and bounds are not entirely clear.  The examiner suggests removing the “one of” preceding “the following steps”.
Lastly, the preamble of claim 1 define the claims to be directed towards “a method for initiating a secure session on a computer terminal connected to an authentication 
There is an issue with claim 7.  The last two limitations are separated by comma.  Thus, it is not clear whether it is one of the required steps or an additional one to the “at last one of the following steps”.
Appropriate correction/clarification is required.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.

1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1 and 4 are rejected under 35 U.S.C. 103 as being unpatentable over Fowler (USPUB 20050278538) in view of Tsong (USPN 11066164)
As per claim 1, Fowler teaches transmitting, by the authentication server, of a downward notification to a on (implicit since the client authenticated as indicated in para 24 and 42).
Fowler does not teach the terminal being the mobile terminal.  However, Official Notice it taken that mobile terminals have been old and well known in the art of computing before the effective filling date of the invention and including such terminal into Fowler’s invention would have been obvious to a skilled artisan given the benefit of flexibility.
Furthermore, Fowler’s communication between the authentication server and the mobile device utilizing a real time notification server.  However, such solution if not inherent (in one interpretation) would have been an old and well known in the art of computing (in another interpretation).  This is because given no specific limiting definition of the real time notification server, a set of the procedures implemented on the server machine that enable network communication (in addition to the authentication) could be interpreted as limiting this particular label.  Furthermore, a skilled in the art would readily appreciate that [Official Notice is taken] having real time notification devices would have been old and well known in the art of 
Given the fact that the invention is used by users, the notification server would meet the limitation of the public notification server.
Fowler does not clearly teach the private key being known only to the mobile terminal; however, such solution would it would have been known to one of ordinary skill in the art before the effective filling date of the invention as illustrated by Tsong (see col. 4 lines 43-45: public key may be accessible by other devices/services, while the private key is known only to the client device) and obvious to incorporate into Folwer’s invention given the benefit of security.
Claims 3 and 5 are rejected under 35 U.S.C. 103 as being unpatentable over Fowler (USPUB 20050278538) in view of Tsong (USPN 11066164) and further in view of McDowell-White (USPUB 20140157430).
Fowler as modified teaches the intermediate server as discussed above.
As per claim 3, Fowler does not expressly teach a specific protocol (e.g. XMPP) and, as a result, fail to teach the intermediate server being an XMPP server.  However, any particular communication/server, including XMPP server in device communication would have been obvious variant in the art of network before the effective filing date as illustrated by McDowell-White (authentication server 36 in a communication with the XMPP relay server 38 handling the communication from XMPP networks 22 for devices 10 and 14, para Fig. 1, 3 and 5, e.g. para 17-19) 
As per claim 4, while the session index used in the challenge response authentication meets the limitation of one time password.  Although Fowler does not expressly suggests the authentication data comprising a user identifier, it is noted that the user identifier as used in the claim merely equates to a nonfunctional descriptive material, not functionally involved in the required steps.  Including any particular element (e.g. a user identifier) in the authentication data would not affect the invention as claimed; thus would not distinguish the claimed invention from the prior art in the terms of patentability.  Thus, this descriptive material does not distinguish the claimed invention from the prior art in the terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401,404 (Fed.Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994), while extending Fowler’s teaching to include various particular elements (e.g. a user identifier) in the authentication data would have been obvious old and well known in the art before the effective filling date (e.g. McDowell-White’s para 18: confirming the received user ID information) offering the predictable benefit of customization.
Claims 6-9 are rejected under 35 U.S.C. 103 as being unpatentable over Fowler (USPUB 20050278538) in view of Tsong (USPN 11066164) and further in view of Ferlitsch (USPUB 20150339665)
NOTE: for the purpose of the expedited prosecution, claim 6 is addressed in view of various interpretation of the claimed limitations.

Fowler does not, but in the related art, Ferlitsch teaches the keys being produced during an enrollment phase (client generates a public/private key and registers itself and its public key with the server, para 7).  It would have been obvious to one of ordinary skill in the art before the effective filling date of the invention to include known solutions as taught by Ferlitsch given the benefit of customization, key distribution and security.
Furthermore, in addition to the specification and the claims not limiting the definition of the “enrolment” phase, in alternative interpretation, the examiner asserts that the limitation could be treated as inherent: the process of producing the public key pair that is then used in a communication (enrolling/authenticating) with the server could reasonably meet the first step of the enrolment as also noted by applicant’s claim 7.  
Also, a skilled in the art would readily appreciate that there are only a finite number of solutions as pertaining to timing of the terminal involved in enrollment phases, producing the keys before or during the enrollment phases to be obvious variant offering the predictable benefit of customization.
As per claim 7, given the fact that permits implementation of only one of claim 7 steps (the enrollment phase is carried out by implementing at least one of 
As per claims 8-9, it is noted that these claims are part of the optional (“at least one of the”) steps that were not selected by the examiner.  Thus, they are rejected based on the rejection of claim 7.
Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Peter Poltorak whose telephone number is (571) 272-3840.  The examiner can normally be reached Monday through Thursday from 9:00 a.m. to 5:00 p.m. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/PIOTR POLTORAK/           Primary Examiner, Art Unit 2433