DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Luo, publication number: US 2019/0281455 in view of Ko, patent number: US 10 346 614.

As per claim 1, Luo teaches a method comprising:
coupling a trust hub device to an interconnectivity device, the interconnectivity device configured as an Internet of Things (IoT) or Operational Technology (OT) device having a controller and a sensor (Gateway and sensors, Fig, 8, [0071-0073]);
transferring data from the sensor to the trust hub device (Connection, Fig. 8, 813, [0072]); and


Luo does not teach attesting, by the trust hub device to a remote entity associated with the interconnectivity device, a provenance of the data from the sensor.

In an analogous art, Ko teaches attesting, by the trust hub device to a remote entity associated with the interconnectivity device, a provenance of the data from the sensor (Encrypting data from IoT devices, col. 2, lines 52-60).

Therefore, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify Luo’s IoT system to include a way to ensure data is protected as described in Ko’s IoT system for the advantages of preventing interfering with the transmitted data. 

As per claim 2, the combination teaches wherein the trust hub device comprises a data storage device comprising a controller and a non-volatile memory (NVM) (Luo: memory, [0027]).

As per claim 3, the combination teaches wherein the data storage device is characterized as a network capable data storage device configured to communicate 

As per claim 4, the combination teaches wherein the trust hub device is configured to register the interconnectivity device with a remote registration entity and store local security information in a local keystore, the local security information subsequently used to locally authenticate the interconnectivity device without further communications with the remote registration entity (Luo: certificates 128, [0027]).

As per claim 5, the combination teaches wherein the trust hub device is configured to perform a remote authentication of the trust hub device with a secure server across an external network, and to perform a remote authentication of the interconnectivity device via
a local connection between the trust hub device and the interconnectivity device without accessing the external network (Luo: validating gateway, [0051], Ko: validating IoT, col. 5, lines 61 – col. 6, line 6).

As per claim 6, the combination teaches wherein the trust hub device is further configured to collect the transferred data from the interconnectivity device, generate associated attestation information associated with the transferred data, and concurrently 

As per claim 7, the combination teaches wherein the authentication information includes a datecode value associated with a time at which the data was collected or transferred by the interconnectivity device to the trust hub device (Ko: Nonce, col. 9, lines 62- col. 10, line 5).

As per claim 8, the combination teaches wherein the authentication information includes an output cryptographic value generated using a cryptographic function in relation to the transferred data (Ko: 110, Fig. 1, col. 6, lines 7 - 17).

As per claim 9, the combination teaches wherein the data transferred from the interconnectivity device to the trust hub device includes personally identifying information associated with a user of the interconnectivity device, and the trust hub device removes the personally identifying information prior to transfer of remaining portions of the data to the remote entity (Ko: filtering, col. 6, line 30 -44).



As per claim 11, the combination teaches wherein the data transferred from the interconnectivity device to the trust hub device comprises data that are collected in a memory of the interconnectivity device, and the method further comprises transferring the data responsive to a request issued by the trust hub device (Luo: request, [0052]).

As per claim 12, Luo teaches a system comprising: an interconnectivity device comprising a controller and a sensor, the interconnectivity device characterized as an Internet of Things (IoT) device or Operational Technology (OT) device (Gateway and sensors, Fig, 8, [0071-0073]); and 
a trust hub device coupled to the interconnectivity device and comprising a controller and a non-volatile memory (NVM), the controller configured to receive data generated by the sensor of the interconnectivity device (memory, Fig. 8, 813), 

Luo does not teach generate attestation information that verifies a provenance of the data, and transfer the data and the attestation information to a remote entity via an external network.

Therefore, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify Luo’s IoT system to include a way to ensure data is protected as described in Ko’s IoT system for the advantages of preventing interfering with the transmitted data.

As per claim 13, the combination teaches further comprising a firewall interposed between the trust hub device and the external network (Ko: preventing access, col. 7, lines 15 - 24).

As per claim 14, the combination teaches wherein the trust hub device is configured to register the interconnectivity device with a remote registration entity and store local security information in a local keystore, the local security information subsequently used to locally authenticate the interconnectivity device without further communications with the remote registration entity (Luo: certificates 128, [0027]).



As per claim 16, the combination teaches wherein the attestation information comprises a unique identification (ID) value associated with the interconnectivity device, a date/time stamp value indicative of a time at which the data was generated by the interconnectivity device, and a cryptographic hash value generated by applying a cryptographic hash function to the data (Ko: Nonce, col. 9, lines 62- col. 10, line 5, Luo: Device ID, [0047], hash [0085]).

As per claim 17, the combination teaches wherein the interconnectivity device comprises a selected one of a baby monitor, a medical device, a home appliance, an automotive sensor, a voice activated consumer interface, a smart light bulb, a valve, a thermostat, or a security camera (Ko: Device 102, Fig. 1).

As per claim 18, Luo teaches a trust hub device, comprising: 

a backend interposed between the data storage device and an internal network connection configured to connect with one or more local Internet of Things (loT) devices (gateway connecting with IoT, Fig. 4, 446, [0043]), 
the storage device controller configured to enroll the one or more IoT devices (certificates 128, [0027]), accumulate data from the one or more IoT devices via the backend (GET, [0052]), 

Luo does not teach a firewall interposed between the data storage device and an external network connection configured to connect with one or more remote servers;
generate attestation information associated with the data, and transfer the data and the attestation information via the firewall to a requesting entity, the attestation information verifying a provenance of the data as being supplied by the one or more loT devices.

In an analogous art, Ko teaches a firewall interposed between the data storage device and an external network connection configured to connect with one or more remote servers (preventing access, col. 4, lines 40 -55, col. 7, lines 15 - 24);


Therefore, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify Luo’s IoT system to include a way to ensure data is protected as described in Ko’s IoT system for the advantages of preventing interfering with the transmitted data. 

As per claim 19, the combination teaches characterized as a solid-state drive (SSD), the NVM comprising flash memory (memory, [0027]). 

As per claim 20, the combination teaches characterized as a hard disc drive (HDD) or a hybrid data storage device (HDSD), the NVM comprising rotatable data recording media (Luo: memory, [0027]).
Conclusion









Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLUGBENGA O IDOWU whose telephone number is (571)270-1450.  The examiner can normally be reached on Monday-Friday 8am - 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on 5712723804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  






/OLUGBENGA O IDOWU/Primary Examiner, Art Unit 2494