DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	Claims 1-23 are pending.

Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 8/17/21 has been entered.
 
Information Disclosure Statement
3.	The information disclosure statement (IDS) submitted on 8/17/21 was filed after the mailing date of the RCE on 8/17/21.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Allowable Subject Matter
4.	Claims 4,6,11, and 13 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
5.	Claims 1-3, 5, 7-10, 12, 14-23 is/are rejected under 35 U.S.C. 103 as being unpatentable over Passichenko [US 2016/0021192] in view of Peterson, et al. [US 20100076818].
Claim 1:	Passichenko teaches a data encryption and decryption system, comprising: 
a network connection apparatus, wherein the network connection apparatus comprises a network module [Passichenko: 0016-0017; various network connections], a main program module and a sub program module, the network module is connected to the internet and communicates with a server, the main program module is connected to the network module [Passichenko: 0046, 0049, 0065; social-networking system may include a variety of servers, sub-systems, programs, modules and various connections to networks including the Internet suggests network module connected to Internet with main and sub program modules and communication with a server], the sub program module is provided with a second private key [Passichenko: 0027; connection request 10 broadcast by device 2 may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key], the sub program module communicates through the main program module, the sub program module generates a first asymmetric key group [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys] **when the network connection apparatus needs the server to transmit confidential data or the sub program module of the network connected apparatus is started [** as rejected under a secondary reference, discussion below], the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0029], the first private key and the first public key are random each time [Passichenko: 0028, 0030], the sub program module generates a request message through the main program module, the request message comprises an encryption data, and the encryption data comprises the first public key and the second private key; and [Passichenko: 0019, 0028]
a server, wherein the server comprises a second public key, the second public key corresponds to the second private key, when the server receives the request message, the server checks the encryption data by using the second public key and obtains a sensitive data according to the request message after the encryption data is determined as valid [Passichenko: 0027, 0041], the server obtains the first public key from the request message and performs an encryption operation for the sensitive data and the first public key to generate a response message; [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys]
wherein the sub program module decrypts the response message by using the first private key to obtain the sensitive data. [Passichenko: 0029; a key (e.g., a public key or a private key) may refer to an encryption key used to encrypt information prior to sending the information or a decryption key used to decrypt information that is encrypted. In particular embodiments, devices 1 and 2 may exchange information using a public-key encryption protocol]
	Passichenko discloses the invention that include social-networking system may include a variety of servers, sub-systems, programs, modules suggest a network module for internet and server communication and including main and sub program modules [Passichenko: 0041, 0049, 0065]. However, Passichenko did not clearly include “when the network connection apparatus needs the server to transmit confidential data or the sub program module of the network connected apparatus is started”. Examiner note the new limitation recite a conditional term “or”, where the claim broadly allows to have one or the other and not both required limitations such as either the server transmit confidential data or the sub program module is started. The claim do not 
	Peterson, et al. teaches a system for vending digital content, and thus as the platform of the behavior tracking and user profiling system [Peterson: 0069] that may be maintained and updated using intelligent push technology over modern networks, like the Internet where such push technology may provide a one-to-one buying and selling experience for users, and to allow individual preferences to be collected and catered to without need of human intervention [Peterson: 0081]. Peterson includes a master application resides in a layered structure on the master server where within the master application is a communications layer which includes a telephone module, a private network module, and an Internet module  [Peterson: 0097]. Thus, Peterson similarly to Passichenko suggests a network module, a main program module and a sub program module, where the network module is connected to the internet and the main program module and which communicates with a server. According to Peterson, discusses the claimed “when the network connection apparatus needs the server to transmit confidential data” by multiply encrypted messages with strong encryption where each message is encrypted with a session key and then that key is encrypted with a public or private key before sending the message to or from the server [Peterson: 0204]. Additional examples of “the server to transmit confidential data”, is by the ZipLock system using a well-known, reliable encryption algorithms from RSA where the ZipLock server employs encrypted and transparent means to deliver keys only to Vbox client [Peterson: 0209]. Accordingly, motivation for the claimed “when the network connection apparatus needs the server to transmit confidential data or the sub program module of the network [Peterson: 0028, 0204].
  	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Peterson with Passichenko to teach “when the network connection apparatus needs the server to transmit confidential data or the sub program module of the network connected apparatus is started”, for the reason the server to transmit confidential data would provide trusted transactional interrelation and transaction security between various devices such as a server and a client per se.
Claim 2:  Passichenko: 0027-0028; discussing the data encryption and decryption system as claimed in claim 1, wherein the sub program module generates a data content according to the first public key, processes the data content by using the second private key, combines the processed date content and the first public key to generate the encryption data and transmits the encryption data to the main program module, and the main program module generates the request message comprising the encryption data to the server. [Passichenko: 0049]
Claim 3:  Passichenko: 0029; discussing the data encryption and decryption system as claimed in claim 2, wherein the sub program module performs an algorithmic operation for the first public key to obtain the data content, multiplies the data content and the second private key to generate a digital signature code, and combines the digital signature code and the first public key to generate the encryption data.
Claim 4:  Objected

Claim 6:  Objected
Claim 7:  Passichenko: 0041; discussing the data encryption and decryption system as claimed in claim 1, wherein the main program module is a browser transmitted in a plain code format, and the sub program module is a plug-in.
Claim 8:	Passichenko teaches a data encryption and decryption method, comprising: 
	generating a first asymmetric key group by a sub program module of a main program module of a network connection apparatus [Passichenko: 0041, 0049, 0065; social-networking system may include a variety of servers, sub-systems, programs, modules broadly suggest main and sub program modules] ** when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started [** as rejected under a secondary reference, discussion below], wherein the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys], the first private key and the first public key are random each time [Passichenko: 0028, 0030], and the sub program module is provided with a second private key; [Passichenko: 0027, 0029; connection request broadcast by device may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key] 
generating an encryption data by the sub program module, and generating a request message comprising the encryption data to a server through the main program module, wherein the encryption data comprises the first public key and the second private key; [Passichenko: 0019, 0028]
checking the encryption data by using a second public key configured in the server and obtaining a sensitive data according to the request message after the encryption data is determined as valid through the server, wherein the second public key corresponds to the second private key; [Passichenko: 0027, 0035] 
obtaining the first public key from the request message by the server; [Passichenko: 0019, 0041]
encrypting the sensitive data and the first public key to generate a response message and transmitting the response message to the sub program module through the server; and [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys]
decrypting the response message by using the first private key to obtain the sensitive data through the sub program module. [Passichenko: 0029; a key (e.g., a public key or a private key) may refer to an encryption key used to encrypt information prior to sending the information or a decryption key used to decrypt information that is encrypted. In particular embodiments, devices 1 and 2 may exchange information using a public-key encryption protocol]
Passichenko discloses the invention that include social-networking system may include a variety of servers, sub-systems, programs, modules suggest a network module for internet and server communication and including main and sub program [Passichenko: 0041, 0049, 0065]. However, Passichenko did not clearly include “when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started”. Examiner note the new limitation recite a conditional term “or”, where the claim broadly allows to have one or the other and not both required limitations such as either the server transmit confidential data or the sub program module is started. The claim do not require both the server to transmit confidential data in addition to starting the sub program module.
	Peterson, et al. teaches a system for vending digital content, and thus as the platform of the behavior tracking and user profiling system [Peterson: 0069] that may be maintained and updated using intelligent push technology over modern networks, like the Internet where such push technology may provide a one-to-one buying and selling experience for users, and to allow individual preferences to be collected and catered to without need of human intervention [Peterson: 0081]. Peterson includes a master application resides in a layered structure on the master server where within the master application is a communications layer which includes a telephone module, a private network module, and an Internet module  [Peterson: 0097]. Thus, Peterson similarly to Passichenko suggests a network module, a main program module and a sub program module, where the network module is connected to the internet and the main program module and which communicates with a server. According to Peterson, discusses the claimed “when the network connection apparatus needing a server to transmit confidential data” by multiply encrypted messages with strong encryption where each message is encrypted with a session key and then that key is encrypted with a public or [Peterson: 0204]. Additional examples of “the server to transmit confidential data”, is by the ZipLock system using a well-known, reliable encryption algorithms from RSA where the ZipLock server employs encrypted and transparent means to deliver keys only to Vbox client [Peterson: 0209]. Accordingly, motivation for the claimed “when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started”, such the option of the server to transmit confidential data would provide trusted transactional interrelation and transaction security between various devices such as a server and a client per se [Peterson: 0028, 0204].
  	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Peterson with Passichenko to teach “when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started”, for the reason the server to transmit confidential data would provide trusted transactional interrelation and transaction security between various devices such as a server and a client per se.
Claim 9:  Passichenko: 0019, 0028; discussing the data encryption and decryption method as claimed in claim 8, wherein the step of generating the encryption data by the sub program module comprises: generating a data content according to the first public key, processing the data content by using the second private key, combining the processed date content and the first public key to generate the encryption data and transmitting the encryption data to the main program module through the sub program module. 

Claim 11: Objected
Claim 12:  Passichenko: 0027, 0029; discussing the data encryption and decryption method as claimed in claim 10, wherein after the step of combining the digital signature code and the first public key further comprises multiplying the second private key and the digital signature code combined with the first public key to generate the encryption data.
Claim 13:  Objected
Claim 14:	Passichenko teaches a network connection apparatus, performing a data transmission through an internet and a server, and the networking connection apparatus comprising: 
a network module, connected to the internet and communicating with the server; [Passichenko: 0016-0017, 0046; network connection suggests network module]
a main program module, connected to the network module and transmitting messages through the internet; and  [Passichenko: 0016-0017, 0038; network connection suggests network module]
a sub program module, provided with a second private key, the sub program module communicating with the main program module [Passichenko: 0041, 0049, 0065; social-networking system may include a variety of servers, sub-systems, programs, modules broadly suggest main and sub program modules], and the sub program module generating a first asymmetric key group [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys] **when the network connection apparatus needing a server to transmit confidential data or the sub program module being is started [** as rejected under a secondary reference, discussion below], wherein the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0029], the first private key and the first public key are random each time [Passichenko: 0028, 0030], the sub program module generates a request message to the server [Passichenko: 0034; can also be third party] through the main program module, and the sub program module decrypts a response message generated by the server by using the first private key to obtain a sensitive data; [Passichenko: 0019, 0029] 
wherein the request message comprises an encryption data, the encryption data comprises the first public key and the second private key, the second private key corresponds to a second public key [Passichenko: 0027; connection request 10 broadcast by device 2 may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key], and the response message is generated after the server checks the encryption data by using the second public key [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys] and obtains the sensitive data according to the request message when the encryption data is determined as valid and the server then encrypts the sensitive data and the first public key obtained from the request message. [Passichenko: 0027, 0035] [** as rejected under a secondary reference, discussion below]
Passichenko discloses the invention that include social-networking system may include a variety of servers, sub-systems, programs, modules suggest a network module for internet and server communication and including main and sub program modules [Passichenko: 0041, 0049, 0065]. However, Passichenko did not clearly include “when the network connection apparatus needing a server to transmit confidential data or the sub program module being is started”. Examiner note the new limitation recite a conditional term “or”, where the claim broadly allows to have one or the other and not both required limitations such as either the server transmit confidential data or the sub program module is started. The claim do not require both the server to transmit confidential data in addition to starting the sub program module.
	Peterson, et al. teaches a system for vending digital content, and thus as the platform of the behavior tracking and user profiling system [Peterson: 0069] that may be maintained and updated using intelligent push technology over modern networks, like the Internet where such push technology may provide a one-to-one buying and selling experience for users, and to allow individual preferences to be collected and catered to without need of human intervention [Peterson: 0081]. Peterson includes a master application resides in a layered structure on the master server where within the master application is a communications layer which includes a telephone module, a private network module, and an Internet module  [Peterson: 0097]. Thus, Peterson similarly to Passichenko suggests a network module, a main program module and a sub program module, where the network module is connected to the internet and the main program [Peterson: 0204]. Additional examples of “the server to transmit confidential data”, is by the ZipLock system using a well-known, reliable encryption algorithms from RSA where the ZipLock server employs encrypted and transparent means to deliver keys only to Vbox client [Peterson: 0209]. Accordingly, motivation for the claimed “when the network connection apparatus needing a server to transmit confidential data or the sub program module being is started”, or the limitation of the server to transmit confidential data would provide trusted transactional interrelation and transaction security between various devices such as a server and a client per se [Peterson: 0028, 0204].
  	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Peterson with Passichenko to teach “when the network connection apparatus needing a server to transmit confidential data or the sub program module being is started”, for the reason the server to transmit confidential data would provide trusted transactional interrelation and transaction security between various devices such as a server and a client per se.
Claim 15:  Passichenko: 0027-0028; discussing the network connection apparatus as claimed in claim 14, wherein the sub program module generates a data content according to the first public key, processes the data content by using the second private key, combines the processed date content and the first public key to generate the 
Claim 16:  Passichenko: 0029; discussing the network connection apparatus as claimed in claim 15, wherein the sub program module performs an algorithmic operation for the first public key to obtain the data content, performing an algorithmic operation for the data content and the second private key to generate a digital signature code, and combines the digital signature code and the first public key to generate the encryption data.
Claim 17:  Passichenko: 0029; discussing the network connection apparatus as claimed in claim 16, wherein the sub program module combines the digital signature code and the first public key and multiplies the second private key and the digital signature code combined with the first public key, so as to generate the encryption data.
Claim 18:  Passichenko: 0041; discussing the network connection apparatus as claimed in claim 14, wherein the main program module is a browser transmitted in a plain code format, and the sub program module is a plug-in.
Claim 19:	Passichenko teaches a data encryption and decryption method of a network connection apparatus, performing a data transmission through an internet and a server, and the data encryption and decryption method of the networking connection apparatus comprising: 
generating a first asymmetric key group by a sub program module of a main program module of the network connection apparatus [Passichenko: 0041, 0049, 0065; social-networking system may include a variety of servers, sub-systems, programs, modules suggest sub program module] ** when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started [** as rejected under a secondary reference, discussion below], wherein the first asymmetric key group comprises a first private key and a first public key [Passichenko: 0023; “asymmetric key group” can be in the form of public/private encryption keys], the first private key and the first public key are random each time [Passichenko: 0028, 0030], the sub program module is provided with a second private key, and the sub program module communicates through the main program module; [Passichenko: 0027; connection request 10 broadcast by device 2 may include a social-networking identifier for the second user that is encrypted with the second user's private key or with another user's public key] 
generating an encryption data by the sub program module, and generating and transmitting a request message comprising the encryption data to the server through the main program module, wherein the encryption data comprises the first public key and the second private key; and [Passichenko: 0019, 0028]
encrypting a response message from the server by using the first private key through the sub program module, wherein the response message is generated after the server [Passichenko: 0034; can also be third party] checks the encryption data by using the second public key and obtains the sensitive data according to the request message [Passichenko: 0030-0031, 0049; challenge-response authentication process includes encryption and decryption operations using private and public keys] when the encryption data is determined as valid and the server then encrypts the sensitive data and the first public key obtained from the request message; [Passichenko: 0027, 0035] 
wherein the second public key corresponds to the second private key. [Passichenko: 0030] [** as rejected under a secondary reference, discussion below]
	Passichenko discloses the invention that include social-networking system may include a variety of servers, sub-systems, programs, modules suggest a network module for internet and server communication and including main and sub program modules [Passichenko: 0041, 0049, 0065]. However, Passichenko did not clearly include “when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started”. Examiner note the new limitation recite a conditional term “or”, where the claim broadly allows to have one or the other and not both required limitations such as either the server transmit confidential data or the sub program module is started. The claim do not require both the server to transmit confidential data in addition to starting the sub program module.
	Peterson, et al. teaches a system for vending digital content, and thus as the platform of the behavior tracking and user profiling system [Peterson: 0069] that may be maintained and updated using intelligent push technology over modern networks, like the Internet where such push technology may provide a one-to-one buying and selling experience for users, and to allow individual preferences to be collected and catered to without need of human intervention [Peterson: 0081]. Peterson includes a master application resides in a layered structure on the master server where within the master application is a communications layer which includes a telephone module, a private network module, and an Internet module  [Peterson: 0097]. Thus, Peterson similarly to Passichenko suggests a network module, a main program module and a sub program module, where the network module is connected to the internet and the main program [Peterson: 0204]. Additional examples of “the server to transmit confidential data”, is by the ZipLock system using a well-known, reliable encryption algorithms from RSA where the ZipLock server employs encrypted and transparent means to deliver keys only to Vbox client [Peterson: 0209]. Accordingly, motivation for the claimed “when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started”, or the limitation of the server to transmit confidential data would provide trusted transactional interrelation and transaction security between various devices such as a server and a client per se [Peterson: 0028, 0204].
  	Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Peterson with Passichenko to teach “when the network connection apparatus needing a server to transmit confidential data or the sub program module of the network connected apparatus is started”, for the reason the server to transmit confidential data would provide trusted transactional interrelation and transaction security between various devices such as a server and a client per se.
Claim 20:  Passichenko: 0027; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 19, wherein the step of generating the encryption data by the sub program module comprises: generating a 
Claim 21:  Passichenko: 0029; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 20, wherein the step of generating the data content according to the first public key, processing the data content by using the second private key, combining the processed date content and the first public key to generate the encryption data comprises: performing an algorithmic operation for the first public key to obtain the data content, performing an algorithmic operation for the data content and the second private key to generate a digital signature code, and combining the digital signature code and the first public key to generate the encryption data.
Claim 22:  Passichenko: 0029; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 21, wherein after the step of combining the digital signature code and the first public key further comprises multiplying the second private key and the digital signature key combined with the first public key to generate the encryption data.
Claim 23:  Passichenko: 0041; discussing the data encryption and decryption method of the networking connection apparatus as claimed in claim 19, wherein the main program module is a browser transmitted in a plain code format, and the sub program module is a plug-in.

Response to Arguments
6.	Applicant’s arguments with respect to claim(s) 1-23 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
	Claims 1-7 has overcome the rejection under 35 U.S.C. 101, necessitated by the current amendment.
	The arguments/traversals are moot as they are directed toward new limitations of the current amendment, which is rejected under a 103 rejection in view of Peterson.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

LEYNNA T TRUVAN
Examiner
Art Unit 2435



/L.TT/Examiner, Art Unit 2435 

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435