DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 07/12/2021 has been entered.
 Response to Amendment
This action is in response to the communications and remarks filed on 07/12/2021. Claims 1 and 9 have been amended. Claims 1-16 have been examined and are pending.
Response to Arguments
Applicant’s Amendments necessitated a new ground of rejection; accordingly, Applicant’s arguments with respect to amended claims 1 and 9  (Ptasinski et al. (US 20060039341 A1) in view of Forood et al (US 20170171204 A1) have been considered but are moot in view of the new ground of rejections of Ptasinski et al., hereinafter (“Ptasinski”), US PG Publication (US 2006/0039341 A1), in view of Britt, US PG Publication (2017/0019873 A1), applied below.
	
	
Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-2, 4-7, 9-10, and 12-15 are rejected under 35 U.S.C. 103 as being unpatentable over Ptasinski et al., hereinafter (“Ptasinski”), US PG Publication (US 2006/0039341 A1), in view of Britt, US PG Publication (2017/0019873 A1).
Regarding currently amended claims 1 and 9, Ptasinski teaches a connection establishing method for a mesh network, the mesh network includes a first transceiver 
configuring the second transceiver to receive the secure connection response signal, decrypt the secure connection response signal by a private key to generate a decryption message, and transmit an association request signal including the decryption message to the first transceiver; [Ptasinski, ¶0052: In Step 310, the collocated device 208 functioning as a configurator, may send an authentication response message to the client station 204  (receive the secure connection response signal). ¶0053: The key 1 message, associated with the step 318, may comprise a configurator key. In step 320, the client station 204 may communicate a key2 message to the collocated device 208 functioning as a configurator. The key2 message, associated with the step 320, may comprise a client key. ¶0054: In step 322, the collocated device 208 functioning as a configurator, may communicate a configuration message to the client Station 204. The configuration message, associated with the step 322, may comprise configuration information that may be utilized to authenticate a client Station 204. The configuration information communicated in the configuration message, associated with the Step 322, may be encrypted based on the configurator key and/or the client key. In Step 324, the client Station 204 may communicate a status message to the collocated device 208 functioning as a configurator (first transceiver). The status message 324 may be sent subsequent to decryption of at least a portion of the configuration message 322 (decrypt the secure connection response signal by a private key to generate a decryption message). The client station 204 may utilize the configurator key and/or the client key to decrypt at least a portion of the configuration message, associated with the step 322 that was previously encrypted by the collocated device 208 functioning as a configurator. ¶0055: Subsequent to configuration of the client station 204 (second transceiver), the collocated device 208 functioning as a configurator (first transceiver), may not be available to configure another client station 106 during the current configurator registration window time interval. Beacon frames may be transmitted by the collocated device 208 functioning as an AP, subsequent to the configuration of the client station 204. ¶0052: In Step 310, the collocated device 208 functioning as a configurator, may send an authentication response message (receive the secure connection response signal) to the client station 204. In step 312, the client station 204 (second transceiver) may send an association request message (transmit an association request signal), associated with the Step 312, to the collocated device 208 functioning as a configurator (first transceiver)]
configuring the first transceiver to receive the association request signal, and determine whether the decryption message matches with the authentication message; [Ptasinski , ¶0052: In step 314, the collocated device 208 functioning as a configurator (first transceiver), may send an association response message, associated with the step 314, to the client station 204.]
in response to determining that the decryption message matches with the authentication message, configuring the first transceiver to generate an authorization response message and transmit an association response signal including the ¶0054: The status message, associated with the step 324, may indicate whether the client Station 204 was successfully configured during the packet exchange] and 
configuring the second transceiver to receive the association response signal and establish the secure connection with the second transceiver. [Ptasinski, ¶0054: If the client Station was successfully configured, the Status message, associated with the Step 324, may indicate success. The collocated device 208 functioning as a configurator, may store authentication information about the configured client 204 in persistent memory]
While Ptasinkski teaches a secure connection procedure [Ptasinski, ¶¶0076 and 0079: establish secure communications in an IEEE 802.11 WLAN]; however, Ptasinski fails to explicitly teach but Britt teaches performing a secure connection procedure by the first transceiver and the second transceiver, wherein the secure connection procedure includes: [Britt, ¶¶0045 and 0052: As shown in Fig. 2, an IoT device 101 comprises a communication protocol stack inclusive of Bluetooth LE radio and antenna 207 (the second transceiver) (with low power microcontroller 200). Fig. 3 shows an IoT hub 110 inclusive of wide area network (WAN) interface 302 and antenna 310 (the first transceiver) inclusive of also includes a memory 317 for storing hardware logic 301 to include secure key store for encryption keys for encrypting communication and generating/verifying ¶¶0057, 0075, 0127-0128, 0130 and 0210: In some cases, a continuous bi-directional stream, a simple request/response protocol where a IoT service 120 communicates periodically an SSL connection or other secure channel (the secure connection procedure) may be established over a Bluetooth Low Energy (BTLE) communication channel, between the IoT service 120 and the IoT device 101 with/without an IoT hub 110 to transmit an (unencrypted version of the) message via a communication channel; where the message communicated between IoT service 120 and IoT device 101 may comprises a command packet or configuration data.]
configuring the second transceiver to transmit a secure connection request signal to the first transceiver, wherein the secure connection request signal includes an identifier having one of a kind uniqueness; [Britt, See ¶¶0057, 0075, 0127-0128, 0130 and 0210. ¶¶0141-0155: The IoT service generates a message (the secure connection request signal) which contains the IoT service unique ID (an IoT serial number/timestamp, ID of factory key used to sign this unique ID, a class of unique ID, IoT’s service’s public key, and signature over unique ID), Factory Certificate (a time), IoT service session public key, and a IoT service session public key signature (an identifier having one of a kind uniqueness). ¶¶0212-0213: In Figs. 23A-C, at 2302 the IoT service creates a packet containing serial number and public key of the IoT, which at 2303 is signed using the factory private key and forwarded to the IoT device via the IoT hub at 2309. Examiner interprets the identifier of the IoT service to be a complex and one of a kind unique as givent the elements which it contains.]
obtain a public key corresponding to the identifier from a comparison table, and encrypt an authentication message with [[a]] the public key , wherein the comparison table defines a correspondence between the public key and the identifier; [Britt, ¶¶0094-0095: the low power microcontroller 200 of each IoT device 101 and the low power logic/microcontroller 301 of the IoT hub 110 include a secure key store (or in a subscriber identify module (SIM)) (a comparison table) for storing encryption keys used by the embodiments described below (see, e.g., FIGS. 10-15 and associated text).  ¶0096: A public key (obtain a public key) is provided to the IoT service 120 and when a new IoT device 101 is set up (the secure connection request signal), it's public key is provided to both the IoT hub 110 and the IoT service 120. ¶0106: Following provisioning IoT service 120 using SIM as a secure identifier (corresponding to the identifier), both the IoT hub 110 and IoT service 120 (first transceiver) security stores a copy of the IoT devices’ public key to be used when encrypting communication with the IoT device 101. ¶0125: As discussed in detail below, in one embodiment, to establish a secure communication session, the public/private session key pairs, 1650 and 1651, are used by each encryption engine, 1660 and 1661, respectively, to generate the same secret which is then used by the SKGMs 1640-1641 to generate a key stream to encrypt and decrypt communication between the IoT service 120 and the IoT device 101. ¶0130: In Fig. 16B, which does not require an IoT hub. Rather, in this embodiment, communication between the IoT device 101 and IoT service 120 occurs through the client device 611. A message to the IoT device 101 the client device 611 transmits an unencrypted version of the message to the IoT service 120 at 1611. The encryption engine 1660 encrypts the message using the secret or the derived key stream (encrypt an authentication message with [[a]] the public key) and transmits the encrypted message (a secure connection response signal) back to the client device 611 (second transceiver) at 1612. Examiner interprets the (secure) key store is based on well- known relational database, correlation databases, and/or linked tables that cross reference; therefore, the associated index identifies stored public keys stored within.] 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of an apparatus and method for securely tracking event attendees using IoT devices of Brit. The motivation is that by combining the features of key store that stores encryption keys along with the associated secure identifier when provisioning, would likely yield the ability to establish a secure channel/connection to be established through a series of key streams generated [Britt, ¶¶0125-0127].   

Regarding claims 2 and 10, the combination of Ptasinski and Britt teach claim 1 as described above.
Ptasinski teaches wherein the authentication message is a random message. [Ptasinski, ¶0076: The encrypted passphrase field 786 may be randomly generated at the AP 102 and transmitted to the client 104 in an encrypted format]


Ptasinski teaches wherein the secure connection procedure further includes: configuring the first transceiver to broadcast a beacon signal including a protection flag message; [Ptasinski , ¶0048: at a time instant subsequent to the opening of the configurator (the first transceiver to broadcast) timing window in step 304, the collocated device 208 functioning as an AP, may transmit IEEE 802.11 beacon frames (a beacon signal) comprising authentication enablement information, in accordance with an embodiment of the invention. the authentication enablement information may comprise a flag field (including a protection flag message). ¶0059: As shown in Fig. 1 Subsequent to the button activation to open the client timing window, client station 204 waits to receive a beacon frame (a beacon signal) associated with step 305.] configuring the second transceiver to receive the beacon signal; [Ptasinski , ¶¶0045-0046 and 0048: FIG. 3 is a diagram illustrating exemplary message exchanges based on a configuration protocol and initiated at the configurator, in accordance with an embodiment of the invention.  Activating the collocated device 208 to function as a configuration comprises entering an SSID and/or passphrase and generates configuration information designated to configure client stations 204; through receipt of beacon frames comprising authentication enablement information] and configuring the second transceiver to determine whether to perform the secure connection procedure according to the protection flag message, wherein the second transceiver is further configured to determine whether to incorporate the identifier into the security ¶0048: In one embodiment of the invention, the authentication enablement information may comprise a flag field, window open, which may be set to a Boolean value to indicate whether the configurator timing window is open or closed. A logical value window open=TRUE, or a numerical value window open=1 may indicate that the configurator timing window is open, for example. A logical value window open=FALSE, or a numerical value window open=0 may indicate that the configurator timing window is closed, for example. The authentication enablement information may comprise a flag field, recently cfg, which may be set to a Boolean value to indicate whether the collocated device 208 functioning as a configurator, is ready to configure a client station 204.]
Regarding claims 5 and 13, the combination of Ptasinski and Britt teach claim 1 as described above.
Ptasinski teaches wherein the secure connection procedure further includes: configuring a timer of the second transceiver to start counting after the second transceiver transmits the secure connection request signal, wherein in response to determining that the secure connection response signal is not received within a first time period, the secure connection procedure is terminated. [Ptasinski, ¶0048: at a time instant subsequent to the opening of the configurator (the first transceiver to broadcast) timing window in step 304, the collocated device 208 functioning as an AP, may transmit IEEE 802.11 beacon frames (a beacon signal) comprising authentication enablement information, in accordance with an embodiment of the invention. The authentication enablement information may comprise a flag field (including a protection flag message). ¶0058: The configurator timing window is closed after a time interval corresponding to a configurator timing window open duration lapses or ends. ¶0059: As shown in Fig. 1 Subsequent to the button activation to open the client timing window (configuring a timer of the second transceiver to start counting after the second transceiver transmits the secure connection request signal), client station 204 waits to receive a beacon frame associated with step 305. ¶0055: Subsequent to configuration of the client station 204, the collocated device 208 functioning as a configurator, may not be available to configure another client station 106 during the current configurator registration window time interval. These beacon frames may comprise information that indicates that the configurator timing window is closed. ¶0078: If client does not (not received) receive protocol packet type info or is unable to decrypt the configuration information, client may communicate a configuration protocol packet type status message indicate a failure of exchange messages. So configuration protocol packet type status may be communicated by configurator or client 204 at anytime to terminate the exchange of messages (determining that the secure connection response signal is not received within a first time period, the secure connection procedure is terminated)]

Regarding claims 6 and 14, the combination of Ptasinski and Britt teach claim 1 as described above.
[Ptasinski, ¶0048: at a time instant subsequent to the opening of the configurator (the first transceiver to broadcast) timing window in step 304, the collocated device 208 functioning as an AP, may transmit IEEE 802.11 beacon frames (a beacon signal) comprising authentication enablement information, in accordance with an embodiment of the invention. The authentication enablement information may comprise a flag field (including a protection flag message). ¶0059: As shown in Fig. 1 Subsequent to the button activation to open the client timing window (configuring a timer of the second transceiver to start counting after the second transceiver transmits the secure connection request signal), client station 204 waits to receive a beacon frame associated with step 305. ¶0055: Subsequent to configuration of the client station 204, the collocated device 208 functioning as a configurator, may not be available to configure another client station 106 during the current configurator registration window time interval. These beacon frames may comprise information that indicates that the configurator timing window is closed. ¶0078: If client does not receive (not received) protocol packet type info or is unable to decrypt the configuration information, client may communicate a configuration protocol packet type status message indicate a failure of exchange messages. So configuration protocol packet type status may be communicated by configurator or client 204 at anytime to terminate the exchange of messages (determining that the secure connection response signal is not received within a second time period, the secure connection procedure is terminated). Examiner interprets that a second period will be a subsequent iterations of these exchanges, see ¶¶0042-0043 and 0046].

Regarding claim 7, the combination of Ptasinski and Britt teach claim 6 as described above.
Ptasinski teaches wherein the secure connection procedure further includes: configuring the timer of the first transceiver to start counting after the second transceiver transmits the association request signal, wherein in response to determining that the association response signal is not received within a third time period, the secure connection procedure is terminated. [Ptasinski, ¶0048: at a time instant subsequent to the opening of the configurator (the first transceiver to broadcast) timing window in step 304, the collocated device 208 functioning as an AP, may transmit IEEE 802.11 beacon frames comprising authentication enablement information, in accordance with an embodiment of the invention. The authentication enablement information may comprise a flag field. ¶0059: As shown in Fig. 1 Subsequent to the button activation to open the client timing window (to start counting after the second transceiver transmits the association request signal, wherein in response to determining that the association response signal), client station 204 waits to receive a beacon frame associated with step 305. ¶0055: Subsequent to configuration of the client station 204, the collocated device 208 functioning as a configurator, may not be available to configure another client station 106 during the current configurator registration window time interval. These beacon frames may comprise information that indicates that the configurator timing window is closed. ¶0078: If client does not receive (not received) protocol packet type info or is unable to decrypt the configuration information, client may communicate a configuration protocol packet type status message indicate a failure of exchange messages. So configuration protocol packet type status may be communicated by configurator or client 204 at anytime to terminate the exchange of messages (wherein in response to determining that the association response signal is not received within a third time period, the secure connection procedure is terminated. Examiner interprets that a third period will be a subsequent iterations of these exchanges; as such if there is no receipt of a protocol packet at anytime during the exchange, terminates. See also ¶¶0042-0043 and 0046].

Regarding claim 15, the combination of Ptasinski and Britt teach claim 14 as described above.
Ptasinski teaches wherein the timer of the first transceiver is configured to start counting after the second transceiver transmits the association request signal, and in response to determining that the secure connection response signal is not received within a third time period, the secure connection procedure is terminated.  [Ptasinski, ¶0048: at a time instant subsequent to the opening of the configurator (the first transceiver to broadcast) timing window in step 304, the collocated device 208 functioning as an AP, may transmit IEEE 802.11 beacon frames comprising authentication enablement information, in accordance with an embodiment of the invention. The authentication enablement information may comprise a flag field. ¶0059: As shown in Fig. 1 Subsequent to the button activation to open the client timing window (wherein the timer of the first transceiver is configured to start counting after the second transceiver transmits the association request signal), client station 204 waits to receive a beacon frame associated with step 305. ¶0055: Subsequent to configuration of the client station 204 (the second transceiver), the collocated device 208 functioning as a configurator, may not be available to configure another client station 106 during the current configurator registration window time interval. These beacon frames may comprise information that indicates that the configurator timing window is closed. ¶0078: If client does not receive (not received) protocol packet type info or is unable to decrypt the configuration information, client may communicate a configuration protocol packet type status message indicate a failure of exchange messages. So configuration protocol packet type status may be communicated by configurator or client 204 at anytime to terminate the exchange of messages (in response to determining that the secure connection response signal is not received within a third time period, the secure connection procedure is terminated ). Examiner interprets that a third period will be a subsequent iterations of these exchanges; as such if there is no receipt of a protocol packet at anytime during the exchange, terminates. See also ¶¶0042-0043 and 0046].


Claims 3 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Ptasinski et al., hereinafter (“Ptasinski”), US PG Publication (US 20060039341 A1), in view of Britt, US PG Publication (2017/0019873 A1), in view of Shiffert et al., hereinafter (“Shiffert”), US PG Publication (20160203522A1).
Regarding claims 3 and 11, the combination of Ptasinski and Britt teach claim 1 as described above.
However, the combination of Ptasinski and Britt fail to explicitly teach but Shiffert teaches wherein the authentication message is a sequence of messages generated by a sequence algorithm, which includes an MD5 message digest algorithm and a secure hash algorithm (SHA). [Shiffert US20160203522A1, ¶0184: In some embodiments, the content server 166 may store a private key in memory and share a public key (e.g., RSA signature keys) with the mobile computing devices 170, which may store the content server's public key in memory. Before transmitting resources for a content item, the content server 166 may calculate a hash of the resources (e.g., SHA-256 or MD5) and encrypt the resources with the private key. The receiving device may decrypt the resources and authenticate the information with the public key.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of Ptasinski and Britt before him or her by including the teachings of peer-to-peer geotargeting content with ad-hoc mesh networks of Shiffert. The motivation is that it would be obvious to try determination may include comparing a hash value calculated by a content server 166 by inputting the resources into a hashing function, using SHA .   
Claims 8 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Ptasinski et al., hereinafter (“Ptasinski”), US PG Publication (US 20060039341 A1), in view of Britt, US PG Publication (2017/0019873 A1), in view of Cam-Winget et al., hereinafter (“Cam-Winget”), US PG Publication (2007/0206537 A1).
Regarding claims 8 and 16, the combination of Ptasinski and Britt teach claim 1 as described above.
However, the combination of Ptasinski and Britt fail to explicitly teach but Cam-Winget teaches wherein the first transceiver is a root access point or an extender access point in a self-organization network, and the transceiver is an extender access point or a user device in the self-organization network. [Cam-Winget 20070206537 A1, ¶0004: As shown in FIG. 6, the exemplary wireless mesh network 600 includes of two types of mesh points: a root access point (root AP, RAP) 603 (root access point), shown here on the roof of a building. ¶¶0074 and 0076: A mesh AP 605, 607, 609 has a backhaul wireless interface to connect to other mesh points, shown here as an 802.11a 5 GHz radio interface. A mesh AP 605, 607, 609 (a user device in the self-organization network) has a second wireless interface, shown here as an 802.11b,g 2.4 GHz radio interface to connect with client stations, acting as an AP for the client stations. They can be completely wireless supporting clients, communicating to other mesh APs and root APs to access an external network. A mesh AP typically includes at least two radio transceivers that can operate simultaneously, as described above.]
, ¶¶0074 and 0076].   
	Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Kailash et al. (US 20100024006 A1) discloses HTTP authentication and authorization management.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAKINAH W TAYLOR whose telephone number is (571)270-0682.  The examiner can normally be reached on Monday-Friday, 9:45-5:45.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ELENI SHIFERAW can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/Sakinah White Taylor/Examiner, Art Unit 2497