DETAILED ACTION
This Final Office Action is in response to amendment filed on 10/12/2021.
Amended claims 1, 9, 17-20 filed on 10/12/2021 are being considered on the merits. Claims 1-20 remain pending in the application. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 08/27/2019 are accepted.

Response to Amendment 
The amendment filed 10/12/2021 has been entered. Claims 1, 9, 17-20 have been amended.  Claims 1-20 remain pending in the application. 
Applicant’s amendments to the Specification has overcome the specification objection previously set forth in the Non-Final Office Action mailed on 07/12/2021.
Claim amendment has overcome the claim objection previously set forth in the Non-Final Office Action mailed on 07/12/2021.
Claim amendments has overcome the USC 101 rejection previously set forth in the Non-Final Office Action mailed on 07/12/2021.

Response to Arguments 
Applicant stated “A closer reading of Baugher reveals however, that, to the extent that computers A and B generate any keys, they generate the keys, not based on the IP addresses as alleged, but based on a group key and a "shared secret" shared among computers A and B as members of a group of computers, e.g., conventional key sharing, not the combination of features claimed…With the pairwise key of Baugher clearly being generated, as described above, based on a collection of group shared keys, the Kab formula relied upon by the Office Action is merely used to generate variations of keys. Even this formula relies upon a shared value generated by one device and shared with other devices”.
Examiner respectfully disagrees. The Kab formula, in Col. 11 line 40-47 is used independently at the first group member device and second group member device to compute/calculate/generate authentication keys, where the Kab formula is a function of a group key, which was obtained, a priori, as disclosed in Col. 6 line 57-65, and illustrates in Figures 2A-B, where the group members during enrollment in Figure 2A obtain a group key, then during peer communication, the two communicating group member devices independently derive/generate authentication keys as illustrated in Figure 2B (210 and 218). While the above formula Kab=PRF(Kg|IPa|IPb) is a function of a group key that was obtained, a priori, on each enrolled group member device, however, the derivation of Kab is also a function of attributes/connection characteristics of the both communicating devices, i.e. their IP addresses as explicitly disclosed in Col. 8 line 9-21 and Col. 11 line 40-47, which reads on the pertinent claim limitation. Examiner submits that even if the formula is “merely used to generate variations of keys”, the formula for the key derivation/generation does not preclude the use of the above mentioned attributes/connection characteristics of the both communicating devices from being used to generate/derive/calculate the authentication keys on both devices for secure communication.
Applicant further stated “Not only does Kab rely upon the "shared secret" noted above, but the formula also relies upon a pseudorandom function. As would be appreciated by one having skill in the relevant art(s), by definition, the pseudorandom function of Baugher cannot be generated individually by routers 502A-B and then used to individually generate a pairwise keys, e.g., keys based on different randomly generated numbers could only rarely and randomly match. Thus, like the group keys and the shared secret discussed above, the PRF random function can only work for Baugher if it is generated and shared among routers for use. Assignee's representative submits that Antipa fails to cure the above noted deficiencies of Baugher.”
Examiner respectfully disagrees. Examiner asserts that Baugher teaches the authentication keys at the first and second group member devices are generated/derived independently on both devices, as illustrated in 2B (210 and 218) such that both derived/generated keys are the same, as disclosed in Col. 11 line 30-31 “For group member A to communicate with member B, both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”, therefore, if both devices derive the same key, then, by definition, the function “PRF”, acting on the same variables on both devices, must be the same negotiated, a priori, between the communicating devices as disclosed in Col. 11 line 58-64, such that when there is communication between the two devices, the key is derived as illustrated in Figure 2B.
	Applicant further stated “Although, based at least on the foregoing, Assignee's representative submits that Baugher and Antipa clearly fail to disclose or render obvious the combinations of claimed features discussed above, to further emphasize the distinguishing features discussed above, claims 1 and 9 are presently amended to additionally recite: "employing a second authentication key, generated by the second device based on the first connection characteristic and the second connection characteristic, wherein the second authentication key was generated by a process performed at the second device, and independent from the generation of the first authentication key," emphasis added. Based at least on these amendments, Assignee's representative submits that the applied references fail to disclose or render obvious the presently claimed combination of features recited in independent claims 1 and 9.”
	Examiner respectfully disagrees. As discussed above, Baugher, Figure 2B (210 and 218) and Col. 11 line 30-31, the generation/calculation of the authentication key is performed independently on the first group member device and second group member device, i.e. independently performing on the second device, the process of calculating/generating the session key used for decrypting the encrypted data received from the first device.
Applicant further stated “Based at least on these amendments, Assignee's representative submits that the applied reference fails to teach or disclose the presently claim 17. For example, Assignee's representative submits that Strayer and Al-Yousef fail to disclose "replicating the content in the first storage array device to a second storage array device via a second connection established between the first storage array device and the second storage array device, by employing a first authentication key based on a first connection characteristic of a first connection to the first storage array device and a second connection characteristic of the second storage array device, wherein the replicating the content to the second storage array device enables the second storage array device to authenticate the content by employing a second authentication key generated based on the first connection characteristic and the second connection characteristic, and wherein the second authentication key was generated by a process performed at the second device, and independent from the generation of the first authentication key” (emphasis added).”…Assignee's representative submits that, nowhere in the example included above, nor the entire Strayer reference, is a discussion of "enable[ing] the second storage array device to authenticate the content by employing a second authentication key generated [by the second storage array]," as claimed. The example above only arguably suggests conventionally decrypting content at a second device by a second key-e.g., no discussion is made of where and how the second key is generated. Al-Yousef fails to cure these deficiencies of Strayer.”
With respect to the above remarks, examiner asserts that Strayer teaches employing a first authentication key based on a first connection characteristic and enables the second storage array device to authenticate the content by employing a second authentication key generated based on the first connection characteristic and key based on attributes of the access policy 306, which defines access control attributes, associated with the first connection, where the policy includes [0020] only users with attributes (and respective cryptographic keys) that satisfy the policy are able to decrypt and access the information/content, which include attributes of nodes, e.g. 312 in Figure 3, that receive the encrypted content and able to decrypt the encrypted content, therefore, the used key, i.e. first key, by the node publisher 204 in Figure 3, i.e. first device, is based on the policy access information that dictates attributes (first connection characteristics) that enable the content to be received via the first connection, and attributes (second connection characteristics) that enable the content to be received via the second connection and accordingly being decrypted by a corresponding key at the receiving end, e.g. node 312, where the decrypting key, i.e. second authentication key, at the receiving end is also based on the originating policy in the first connection as disclosed in [0041] “Each node 312 that receives metadata ciphertext CT.sub.M attempts to decrypt CT.sub.M for indexing purposes. A node 312 is able to successfully decrypt only if the node 312 possess the attributes (and corresponding private key) that satisfies encryption policy POL 306.”, therefore, Strayer discloses the use of an encrypting key, first key, employed at the first node and corresponding decrypting key, second key, employed at the second node, which are generated and governed by access policy that define control attributes that governs the first connection and second connection as discussed above.
With respect the above claim amendments, “wherein the second authentication key was generated by a process performed at the second device, and independent from the generation of the first authentication key”, examiner agrees that Strayer in view of Al-Yousef do not explicitly disclose the currently amended limitation, therefore, the remarks/argument pertaining to Strayer in view of Al-Yousef for the above amendment is considered moot. However, Baugher illustrates in Figure 2B (210 and 218) the second device in the second group deriving/generating a session key, corresponding to the second authentication key, where the session key is derived/calculated/generated at the second device, independent from the derived key at the first device, where the independently derived key at the second device is used for decrypting encrypted data received at the second device from the first device as disclosed in Col. 11 line 40-47.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1,4-5, 8-10, 12, and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Baugher (US 7234058 B1), hereinafter Baugher in view of Antipa (US 20160352525 A1), hereinafter Antipa.

Regarding Claim 1 (Currently Amended), Baugher teaches a first device (Baugher Figure 2B (210) “First Group Member”, Figure 5A (502A Router), Col. 11 line 40-42 “router 502A is designated as group member A and router 502B is designated as group member B.”, router/group member A corresponds to first device), comprising:
a processor; and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations (Baugher Figure 9 Col. 19 line 50-54 “…generating pairwise cryptographic transforms based on group keys is provided by computer system 900 in response to processor 904 executing one or more sequences of one or more instructions contained in main memory 90”), comprising:
generating [a first authenticator based on] a first authentication key generated based on a first connection characteristic of the first device and a second connection characteristic of a second device (Baugher Figure 2B (212) describes encrypting packets using a derived data-security session key, Col. 11 line 30-31 “…a pairwise key for use in authenticating the group member to a peer group member is derived”, Figure 5A, Col. 11 line 40-47 “router 502A is designated as group member A (i.e. first device) and router 502B is designated as group member B (i.e. second device). For group member A to communicate with member B, both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”, where the derivation of the pairwise key Kab is based on IP addresses of first device A, i.e. first connection characteristic, and IP addresses of second device B, i.e. second connection characteristic, where the key, derived at the group member A, router 502A, corresponds to the first authentication key);
incorporating the [first authenticator into] first content for authentication by the
second device employing a second authentication key, generated by the second device
based on the first connection characteristic and the second connection characteristic (Baugher Figure 2B (216-218) where the second group member, i.e. second device, receiving the encrypted packet transmitted by the first group member, i.e. first device, and accordingly derive/generate data-security session key to authenticate the received encrypted packet, Figure 5A, Col. 11 line 40-47 “router 502A is designated as group member A (i.e. first device) and router 502B is designated as group member B (i.e. second device). For group member A to communicate with member B, both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”, where the derivation of the pairwise key Kab is based on IP addresses of first device A, i.e. first connection characteristic, and IP addresses of second device B, i.e. second connection characteristic, where the key, derived at the group member B, router 502B, corresponds to the second authentication key), 
wherein the second authentication key was generated by a process performed at the second device, and independent from generation of the first authentication key (Baugher illustrates in Figure 2B (210 and 218) the second device in the second group derive a session key, corresponding to the second authentication key, where the session key is derived/calculated/generated at the second device, independent from the derived key at the first device, where the independently derived key at the second device is used for decrypting encrypted data received at the second device from the first device, Col. 11 line 40-47 “both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”); and 
establishing, based on the first content, a connection with the second device (Baugher discloses in Figure 2B (220) describes the second group member, i.e. second device, decrypting and processing the incoming packets received from the first group member, i.e. first device, indicating establishing the connection based on received, decrypted and processed first, second packets).
While Baugher discloses the aforementioned limitations, where connection is established between two devices, where encryption and authentication/decrypting at the sending and receiving device, respectively, are performed by an authentication key that is derived independently on each device, where the authentication key is a function of first and second IP addresses of the first and second devices, respectively, where the first and second IP addresses correspond to first and second connection characteristics, respectively, however, Baugher does not explicitly disclose generating an authenticator, which is incorporated into the packet authenticated/verified. Emphasis in Italic.
Antipa discloses generating a first authenticator based on a first authentication key (Antipa Figure 3 (310) [0065-0068] describes computing/generating signature s computed based on previously generated session key, where s is part of the signature of the message/content, where the signature correspond to first authenticator)
incorporating the first authenticator into first content for authentication by the
second device employing a second authentication key, generated by the second device (Antipa Figure 3 [0068] describes generating signature from the message/content and sending the message/content and the signature to Bob, i.e. the second device, where the second device employs a locally generated/computed key Figure 3 (314) to authenticate/validate the signature as disclosed in [0078]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher to incorporate the teaching of Antipa to utilize the above feature, with the motivation of ensuing the validity of the received message, as recognized by (Antipa [0078]).

Regarding Claim 4 (Original), Baugher in view of Antipa teaches the first device of claim 1, wherein the second connection characteristic comprises a network address of the second device (Baugher Col. 11 line 30-31 “…a pairwise key for use in authenticating the group member to a peer group member is derived”, Figure 5A, Col. 11 line 40-47 “router 502A is designated as group member A (i.e. first device) and router 502B is designated as group member B (i.e. second device). For group member A to communicate with member B, both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”, where the derivation of the pairwise key Kab is based on IP addresses of first device A, i.e. first connection characteristic, and IP addresses of second device B, i.e. second connection characteristic).

Regarding Claim 5 (Original), Baugher in view of Antipa teaches the first device of claim 1, 
Baugher discloses the connection is established between two devices, where encryption and authentication at the sending and receiving device, respectively, are performed by an authentication key that is derived independently on each device, where the authentication key is a function of first and second IP addresses of the first and second devices, respectively, where the first and second IP addresses correspond to first and second connection characteristics, respectively, where the communication, Col. 6 line 61-64, in Figure 2B is a two party connection, where Col. 11 line 30-31 “…a pairwise key for use in authenticating the group member to a peer group member is derived”, where communication is a two way communication. However, Baugher does not explicitly disclose second authenticator, which is incorporated into second packet and authenticated/verified by the first authentication key.  Emphasis in Italic.
Antipa discloses wherein the operations further comprise authenticating, by employing the first authentication key, second content incorporating a second authenticator received via the connection, and wherein the second authenticator was incorporated into the second content by the second device employing the second authentication key (Antipa discloses the example of communication from Alic’s device, i.e. first device, to Bob’s device, second device, where the message along with a signature, corresponding to first content and first authenticator, is sent from Alice to Bob, where Bob authenticate using a generated key at Bob’s device, mapping and rationale/motivation is described in claim 1,
Antipa further discloses that the communication is two way communication that is Bob sends a message and signature, corresponding to second content and second authenticator, for Alice to authenticate using the key generated by Alice’s device, i.e. first key, [0061] “A digital signature protocol is required when one of the devices 12 sends a message, m, to one or more of the other devices, and the other devices need to be able to authenticate the message.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher to incorporate the teaching of Antipa to utilize the above feature, with the motivation of ensuing the validity of the received message, as recognized by (Antipa [0078]).

Regarding Claim 8 (Original), Baugher in view of Antipa teaches the first device of claim 1,
Baugher does not disclose the below limitation.
Antipa discloses wherein the incorporating the first authenticator into the first content is further for verification, by the second device employing the second authentication key that the first content was not modified after the first content was communicated by the first device (Antipa Figure 3 [0068] describes generating signature from the message/content and sending the message/content and the signature to Bob, i.e. the second device, where the second device employs a locally generated/computed key Figure 3 (314) to authenticate/validate the signature in order to verify that the message/content is valid, as disclosed in [0078], where the signature in Figure 310 is a signature of the message/content, therefore, verifying the signature at Bob’s device, to ensure that they are the same, if so, the message/content is not modified, otherwise, the message is not valid/modified, [0076] “Upon Bob receiving the message m, he may wish to verify the signature, and thereby confirm it has been sent by Alice, and that its contents have not been changed.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher to incorporate the teaching of Antipa to utilize the above feature, with the motivation of ensuing the validity of the received message, as recognized by (Antipa [0078]).

Regarding claim 9 (Currently Amended), Baugher teaches a method (Col. 3 line 56-57“A method and apparatus for generating pairwise crypto graphic transforms”), comprising: 
determining, by a first device comprising a processor, a first configuration setting of the first device and a second configuration setting of a second device; generating, by the first device, a first key based on at least one of the first configuration setting and the second configuration setting (Baugher Figure 2B (212) describes encrypting packets using a derived data-security session key, Col. 11 line 30-31 “…a pairwise key for use in authenticating the group member to a peer group member is derived”, Figure 5A, Col. 11 line 40-47 “router 502A is designated as group member A (i.e. first device) and router 502B is designated as group member B (i.e. second device). For group member A to communicate with member B, both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”, where the derivation of the pairwise key Kab is based on IP addresses of first device A, i.e. first configuration setting, and IP addresses of second device B, i.e. second configuration setting, where the key, derived at the group member A, router 502A, corresponds to the first key, where the configuration settings in the instant application in e.g. [0007] includes device address in a network protocol); and 
[verifying], by the first device employing the first key, that first content received via a connection was communicated by the second device employing a second key based on at least one of the first configuration setting and the second configuration setting (Baugher Figure 2B (212) describes encrypting packets using a derived data-security session key, Col. 11 line 30-31 “…a pairwise key for use in authenticating the group member to a peer group member is derived”, Figure 5A, Col. 11 line 40-47 describes the authentication keys are derived independently on each communicating group member, when the receiving group member, i.e. first device in communication with a peer group member, receiving a data packet, i.e. first content, from a sending group member, i.e. second device, the receiving group member is able to authenticate the received data packet utilizing the authentication key, i.e. first key, derived independently on the receiving group member, i.e. first device, where the authentication key is derived based on the IP addresses of the communicating group member),
, wherein the second key was generated by a process performed at the second device, and independent from the generating of the first key (Baugher illustrates in Figure 2B (210 and 218) the second device in the second group derive a session key, corresponding to the second authentication key, where the session key is derived/calculated/generated at the second device, independent from the derived key at the first device, where the independently derived key at the second device is used for decrypting encrypted data received at the second device from the first device, Col. 11 line 40-47 “both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”).
While the independently derived pairwise keys are utilized for authenticating data contents, i.e. encryption and decryption, which ensure that the encrypted content cannot be decrypted except by the assigned key, which pertains to both communicating devices, however, Baugher does not explicitly disclose verification, by means of signatures, that first content received via a connection was communicated by the second device.
Antipa discloses the verification, verifying that first content received via a connection was communicated by the second device (Antipa Figure 3 [0068] describes generating signature from the message/content and sending the message/content and the signature to Bob, where Bob’s device employs a locally generated/computed key Figure 3 (314) to authenticate/validate the signature as disclosed in [0078], therefore, the key performs verification that the incoming data/content is indeed sent by the sending device, i.e. Alice).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher to incorporate the teaching of Antipa to utilize the above feature, with the motivation of verifying the sending device and ensuing the validity of the received message, not modified, and received from the correct sender, as recognized by (Antipa [0078]).

Regarding Claim 10 (Original), Baugher in view of Antipa teaches the method of claim 9, further comprising:
communicating, by the first device employing the first key, second content to the second device via the connection [for verification] authentication, by the second device employing the second key, that the first device originated communication of the second content (Baugher Figure 2B, Col. 11 line 30-31, Figure 5A, Col. 11 line 40-47  discloses connection is established between two devices, where encryption and authentication at the sending and receiving devices, respectively, are performed by an authentication key that is derived independently on each device, where the authentication key is a function of first and second IP addresses of the first and second devices, respectively, where the first and second IP addresses correspond to first and second configuration settings, respectively, where the communication, Col. 6 line 61-64, in Figure 2B is a two party connection, where Col. 11 line 30-31 “…a pairwise key for use in authenticating the group member to a peer group member is derived”, where communication is a two way communication.).
Baugher does not disclose the verification as described in claim 9.
 Antipa discloses the verification, verifying that second content communicated to the second device (Antipa Figure 3 [0068] describes generating signature from the message/content and sending the message/content and the signature to Bob, where Bob’s device employs a locally generated/computed key Figure 3 (314) to authenticate/validate the signature as disclosed in [0078], therefore, the key performs verification that the incoming data/content is indeed sent by the sending device, i.e. Alice).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher to incorporate the teaching of Antipa to utilize the above feature, with the motivation of verifying the sending device and ensuing the validity of the received message, not modified, and received from the correct sender, as recognized by (Antipa [0078]).

Regarding Claim 12 (Original), Baugher in view of Antipa teaches the method of claim 10, wherein the second configuration setting comprises an address of the second device in a network protocol (Baugher Col. 11 line 30-31 “…a pairwise key for use in authenticating the group member to a peer group member is derived”, Figure 5A, Col. 11 line 40-47 “router 502A is designated as group member A (i.e. first device) and router 502B is designated as group member B (i.e. second device). For group member A to communicate with member B, both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”, where the derivation of the pairwise key Kab is based on IP addresses of first device A, i.e. first connection characteristic, and IP addresses of second device B, i.e. second connection characteristic).

Regarding Claim 15 (Original), Baugher in view of Antipa teaches the method of claim 9, 
While the independently derived pairwise keys on are utilized for authenticating data contents, i.e. encryption and decryption, which ensure that the encrypted content cannot be decrypted except by the assigned key, which pertains to both communicating devices, however, Baugher does not explicitly disclose verification that first content received via a connection was communicated by the second device.
Antipa discloses wherein the verifying that the first content received via the connection was communicated by the second device comprises: identifying an authenticating portion of the first content; and employing the first key to verify the authenticating portion (Antipa Figure 3 [0068] describes generating signature from the message/content and sending the message/content and the signature to Bob, 
where Bob’s device employs a locally generated/computed key Figure 3 (314) to authenticate/validate the signature as disclosed in [0078], therefore, the key performs verification that the incoming data/content is indeed sent by the sending device, i.e. Alice, where Figure 3(314) illustrates the system identifying the signature portion and validating/verifying the signature portion using the generated key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher to incorporate the teaching of Antipa to utilize the above feature, with the motivation of verifying the sending device and ensuing the validity of the received message, not modified, and received from the correct sender, as recognized by (Antipa [0078]).
 
Regarding Claim 16 (Original), Baugher in view of Antipa teaches the method of claim 9, 
Baugher does not disclose the below limitation.
Antipa discloses further comprising, verifying, by the first device employing the first key, that the first content received via the connection was not modified after the first content was communicated by the second device (Antipa Figure 3 [0068] describes generating signature from the message/content and sending the message/content and the signature to Bob, i.e. the second device, where the second device employs a locally generated/computed key Figure 3 (314) to authenticate/validate the signature in order to verify that the message/content is valid, as disclosed in [0078], where the signature in Figure 310 is a signature of the message/content, therefore, verifying the signature at Bob’s device, to ensure that they are the same, if so, the message/content is not modified, otherwise, the message is not valid/modified).
Antipa to utilize the above feature, with the motivation of ensuing the validity of the received message, as recognized by (Antipa [0078]).

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Baugher in view of Antipa and further in view of Weis (US 20120117248 A1), hereinafter Weis.

Regarding Claim 2 (Original), Baugher in view of Antipa teaches the first device of claim 1, 
Baugher in view of Antipa discloses that the characteristic of the second device is an IP address of the second device to establish the connection, however, Baugher in view of Antipa do not disclose that the connection characteristic comprises a port.
 Weis discloses wherein the second connection characteristic comprises a characteristic of a port of the second device used for the establishing the connection (Weis [0069] “…dynamic TCP-AO session keys are derived as part of a session establishing process. The dynamic TCP-AO keys may be created from some of the data that is associated with the session. For example, the dynamic TCP-AO keys may be derived from information pertaining to the routers 102A, 102B such as port numbers, device serial numbers, initial sequence numbers, etc.”, [0070] “The particular session key may be used to encrypt messages that the routers 102A, 102B send to each other.”).
.

Claims 3 and 11 is rejected under 35 U.S.C. 103 as being unpatentable over Baugher in view of Antipa and further in view of Levin (US 10484348 B1), hereinafter Levin.

Regarding Claim 3 (Original), Baugher in view of Antipa teaches the first device of claim 1, 
Baugher in view of Antipa disclose the aforementioned limitations, where connection information/characteristics pertaining to the first and second device are used to generate authentication key, however, Baugher in view of Antipa do not disclose the concept of using hardware information/characteristics to generate the authentication key. Emphasis in bold-Italic.
Levin discloses wherein the second connection characteristic comprises hardware slot configuration information for a component of the second device used for the establishing the connection (Levin discloses generating encryption key based on two devices information including hardware specific value of a device, Col. 4 line 24-27, line 42-44 “…generate the encryption key as a combination of data unique to the network device 102 and security information received from one of the computing devices 110…the network device 102 in which the data value unique to the network device 102 is unique to a particular type or model of the network device 102”, Col. 5 line 8-12 “…the encryption key is strongly tied to the hardware of the network device 102, the encrypted files 108 can be decrypted only with access to the network device 102.”…where the hardware slot information corresponds to information pertaining to the hardware device 102 pertaining to model/type of the hardware device).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher in view of Antipa to incorporate the teaching of Levin to utilize the above feature, with the motivation of ensuing that the content is decrypted only with the particular hardware device, as recognized by (Levin Col. 5 line 8-12).

Regarding Claim 11 (Original), Baugher in view of Antipa teaches the method of claim 10, 
Baugher in view of Antipa disclose the aforementioned limitations, where connection information/characteristics pertaining to the first and second device are used to generate authentication key, however, Baugher in view of Antipa do not disclose the concept of using hardware information/characteristics to generate the authentication key. Emphasis in bold-Italic.
Levin discloses wherein the second configuration setting comprises a hardware characteristic of the second device (Levin discloses generating encryption key based on two devices information including hardware specific value of a device, Col. 4 line 24-27, line 42-44 “…generate the encryption key as a combination of data unique to the network device 102 and security information received from one of the computing devices 110…the network device 102 in which the data value unique to the network device 102 is unique to a particular type or model of the network device 102”, Col. 5 line 8-12 “…the encryption key is strongly tied to the hardware of the network device 102, the encrypted files 108 can be decrypted only with access to the network device 102.” where the hardware slot information corresponds to information pertaining to the hardware device 102 pertaining to model/type of the hardware device).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher in view of Antipa to incorporate the teaching of Levin to utilize the above feature, with the motivation of ensuing that the content is decrypted only with the particular hardware device, as recognized by (Levin Col. 5 line 8-12).

Claims 6 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Baugher in view of Antipa and further in view of Nix (US 20190097794 A1), hereinafter Nix.

Regarding Claim 6 (Original), Baugher in view of Antipa teaches the first device of claim 1, wherein the operations further comprise: 
Baugher discloses the derivation of authentication keys based on connection characteristics, e.g. IP addresses, which would indicate that the change in the IP 
Nix discloses detecting a change in at least one of the first connection characteristic or the second connection characteristic, resulting in a modified connection characteristic; and changing the first authentication key based on the modified connection characteristic, resulting in a changed first authentication key (Nix discloses [0166] The set of cryptographic parameters 126 illustrated in FIG. 1i for a module 101 and the subset of cryptographic parameters 126a may be different than conventional technology, since the module 101 can select appropriate parameters or values for deriving its own module public key 111 and module private key 112, as well as changing the parameters or values over time for the generation of subsequent or new module public keys 111 and module private keys 112.” [0167] In this case, after an extended period such as years, a preferred set of cryptographic parameters 126 could change, such as movement to longer private key lengths 126e, or the use of a new set of ECC standard curves 138. In this case, when a new module public key 111 is required, possibly due to the expiration of a prior module public key 111, module 101 could receive a new set of cryptographic parameters 126 and send a subset of the cryptographic parameters 126a before deriving a new module private key 112 and a new module public key 111 using the subset of cryptographic parameters 126a and a set of cryptographic algorithms 141”).


Regarding Claim 13 (Original), Baugher in view of Antipa teaches the method of claim 9, further comprising:
Baugher discloses the derivation of authentication keys based on connection characteristics, e.g. IP addresses, which would indicate that the change in the IP address would result into change in the authentication keys, however, Baugher in view of Antipa do not disclose modification in the configuration setting which changes the authentication key.
 Nix discloses detecting, by the first device, a change in at least one of the first configuration setting or the second configuration setting, resulting in a modified configuration setting; and regenerating, by the first device, the first key based on the modified configuration setting, resulting in a changed first key (Nix discloses [0166] The set of cryptographic parameters 126 illustrated in FIG. 1i for a module 101 and the subset of cryptographic parameters 126a may be different than conventional technology, since the module 101 can select appropriate parameters or values for deriving its own module public key 111 and module private key 112, as well as changing the parameters or values over time for the generation of subsequent or new module public keys 111 and module private keys 112.” [0167] In this case, after an extended period such as years, a preferred set of cryptographic parameters 126 could change, such as movement to longer private key lengths 126e, or the use of a new set of ECC standard curves 138. In this case, when a new module public key 111 is required, possibly due to the expiration of a prior module public key 111, module 101 could receive a new set of cryptographic parameters 126 and send a subset of the cryptographic parameters 126a before deriving a new module private key 112 and a new module public key 111 using the subset of cryptographic parameters 126a and a set of cryptographic algorithms 141”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher in view of Antipa to incorporate the teaching of Nix to utilize the above feature, with the motivation of e.g. renewing expired key, as recognized by (Nix [0167]).

Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Baugher in view of Antipa and Nix and further in view of Eigner (US 20180276408 A1), hereinafter Eigner.

Regarding Claim 7 (Original), Baugher in view of Antipa and Nix teaches the first device of claim 6, 
Baugher in view of Antipa and Nix disclose the above limitations, including changing the change of the parameters which result into change of encryption key. However, Baugher in view of Antipa and Nix do not disclose generating an alert/notification to the above change.
notifying the second device regarding at least one of the modified connection characteristic or the changed first authentication key (Eigner discloses in [0200-0201] varying parameters and sending an alert/notification for regenerating encryption key after changing parameters as illustrated in Figure 11).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher in view of Antipa and Nix to incorporate the teaching of Eigner to utilize the above feature, with the motivation of mitigating security breach, as recognized by (Eigner [0199-0201]).

Regarding Claim 14 (Original), Baugher in view of Antipa and Nix teaches the method of claim 13, 
Baugher in view of Antipa and Nix disclose the above limitations, including changing the change of the parameters which result into change of encryption key. However, Baugher in view of Antipa and Nix do not disclose generating an alert/notification to the above change.
Eigner discloses wherein the detecting the change comprises receiving an indication of a changed second configuration setting from the second device (Eigner discloses in [0200-0201] varying parameters and sending an alert/notification for regenerating encryption key after changing parameters as illustrated in Figure 11).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Baugher in view of Antipa and Nix .

Claims 17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Strayer et. al. (US 20160014095 A1), hereinafter Strayer, in view of Al-Yousef (US 20200265146 A1), hereinafter Al-Yousef, and further in view of Baugher. 

Regarding Claim 17 (Currently Amended), Strayer teaches a non-transitory machine-readable (Strayer Abstract “Systems and techniques for policy-based access control in content networks”, [0065] “the hardware includes configurable execution units (e.g., transistors, circuits, etc.) and a machine-readable medium 822 containing instructions 824, where the instructions 824 configure the execution units to perform a specific operation when in operation”), comprising: 
storing, via a first connection, content in a first storage array device (Strayer discloses in [0036] Figure 3 illustrates node 204, first storage array device, receiving content P 308, metadata 304 and policy defining access control attributes, which governs the access, i.e. connection, where the receiving of the content by the node 204 is indicated by an arrow, corresponding to the first connection, where the publisher node corresponding to the first device processing the received content, which indicates storing the content for processing disclosed in [0037], Figure 6 [0054] “…node B 604 sends 610 [CID, CT.sub.P, CT.sub.M, . . . ] (e.g., CID, content ciphertext, and all encrypted metadata ciphertexts associated with the content ciphertext) to node A 602 (i.e. first storage array device)”, [0055] “Upon receiving a [CID, CT.sub.P, CT.sub.M, . . . ] (i.e. content), node A 602 stores 612 [CID, CT.sub.P, CT.sub.M, . . . ] to its registrar(s).”); and
[replicating] sending the content in the first storage array device to a second storage array device via a second connection established between the first storage array device and the second storage array device (Strayer [0039-40] Figure 3 illustrates sending the encrypted content (310 and 314) to e.g. node 206, corresponding to the a second storage array device via a second connection, Figure 6 further illustrates sending the content via a second connection [0055] “node A 602 sends 614 [CT.sub.M, . . . ] (e.g., all encrypted metadata ciphertexts associated with the content ciphertext) to a plurality of nodes in community 1 616 (i.e. second storage array device).”), by employing a first authentication key based on a first connection characteristic of a first connection to the first storage array device and a second connection characteristic of the second storage array device (Strayer [0039-40] Figure 3 illustrates sending the encrypted content (310 and 314) to e.g. node 206, corresponding to the a second storage array device via a second connection, similarly, Figure 6 [0055] illustrates sending encrypted content to second nodes (i.e. second storage array device),
Where the received content by node 204 is encrypted with the key based on received access policy attributes 306 in Figure 3 [0036-0037] “The publisher node 204 encrypts the content P 308 with POL 306 to create encrypted content E.sub.POL(P).”, where the access policy attributes, that enable users of other nodes to establish the connection and decrypt and access the information [0020] “Only users with attributes (and respective cryptographic keys) that satisfy the policy are able to decrypt and access the information.”, which include the nodes 312 in Figure 3, which indicates that the key, i.e. first authentication key, encrypting the content is based on attributes that correspond to the first connection characteristics associated with the received access policy attributes 306, and attributes that would enable the second node to authenticate the encrypted content with the encryption key and perform the decryption, corresponding to the second connection characteristics, [0041] “Each node 312 that receives metadata ciphertext CT.sub.M attempts to decrypt CT.sub.M for indexing purposes. A node 312 is able to successfully decrypt only if the node 312 possess the attributes (and corresponding private key) that satisfies encryption policy POL 306.”), 
wherein the [replicating] the content to the second storage array device enables
the second storage array device to authenticate the content by employing a second authentication key generated based on the first connection characteristic and the second connection characteristic (Strayer [0020] “Only users with attributes (and respective cryptographic keys) that satisfy the policy are able to decrypt (i.e. authenticate) and access the information.”, which include the nodes 312 in Figure 3, which indicates that the key, i.e. second authentication key, decrypting the content is based on attributes that correspond to the second connection characteristics associated with the received access policy attributes, and policy attributes 306 that was originally obtained by the publisher node 204 in Figure 3, corresponding to the first connection characteristics, [0041] “Each node 312 that receives metadata ciphertext CT.sub.M attempts to decrypt CT.sub.M for indexing purposes. A node 312 is able to successfully decrypt only if the node 312 possess the attributes (and corresponding private key) that satisfies encryption policy POL 306.”).
While Strayer discloses the aforementioned limitations, where the publisher 204 in Figure 3 obtains contents, processing the contents and then sending contents to other nodes, Figure 6 and [0055] discloses storing 612 the content and then sending them to other nodes 616, however, Strayer does not explicitly disclose that the content are replicated/copied.
Al-Yousef discloses replicating the content in a second device (Al-Yousef [0093] “[0093] A second feature, combinable with any of the previous or following features, where periodically replicating the RTU data includes one or more of : replicating the RTU data to an encrypted storage device in the RTU; replicating the RTU data to an encrypted storage device in a different RTU; and replicating the RTU data to an array of encrypted data storage allocated on the SCADA network.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Strayer to incorporate the teaching of Al-Yousef to utilize the above feature, with the motivation of ensuring full restoration of the RTU data, as recognized by (Al-Yousef [0031]).
attributes (and respective cryptographic keys) that satisfy the policy are able to decrypt and access the information/content, which include attributes of nodes, e.g. 312 in Figure 3, that receive the encrypted content and able to decrypt the encrypted content, therefore, the used key, i.e. first key, by the node publisher, i.e. first device, is based on the policy access information that dictates attributes (first connection characteristics) that enable the content to be received via the first connection, and attributes (second connection characteristics) that enable the content to be received via the second connection. However, Strayer in view of Al-Yousef do not explicitly disclose the below limitation.
Baugher discloses and wherein the second authentication key was generated by a process performed at the second device, and independent from generation of the first authentication key (Baugher illustrates in Figure 2B (210 and 218) a second device in a second group derive a session key, corresponding to the second authentication key, where the session key is derived/calculated/generated at the second device, independent from the derived key at the first device, where the independently derived key at the second device is used for decrypting encrypted data received at the second device from the first device, Col. 11 line 40-47 “both A and B generate a pairwise key designated Kab. Both A and B must be able to compute the same key value independently…the computation is: Kab=PRF(Kg|IPa|IPb) wherein PRF is a pseudorandom function, and IPa and IPb are the IP addresses of A and B, respectively.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Strayer in view of Al-Yousef to incorporate the teaching of Baugher to utilize the above feature, with the motivation of generating cryptographic keys without exchanging negotiation messages among the two nodes and without expensive asymmetric cryptographic computation approaches., as recognized by (Baugher Abstract).

Regarding Claim 19 (Currently Amended), Strayer in view of Al-Yousef and Baugher teaches the non-transitory machine-readable 
wherein the operations further comprise, [receiving an indication that the content was replicated by] the first storage array device by employing the first authentication key and was authenticated by the second storage array device by employing the second authentication key (Strayer discloses storing and then sending the content from the publisher 204 in Figure 3 to the nodes 312 and 206, employing encryption key and then authenticated by the nodes employing a second key at these nodes to perform decryption, Al-Yousef discloses the concept of replicating data in storage devices as described in claim 17, please see rationale and motivation).
Strayer does not disclose the below limitations. Emphasis in Italic.
Al-Yousef discloses receiving an indication that the content was replicated by the first storage array device (Al-Yousef [0031] “To ensure full restoration of the RTU data after an erase procedure, the data at the RTU can be periodically replicated locally onto an encrypted data storage or onto an encrypted data storage in another RTU in the field.”, where restoration includes data replication operation to another remote storage device/unit RTU, where notification is received to indicate completion of restoration).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Strayer to incorporate the teaching of Al-Yousef to utilize the above feature, with the motivation of ensure full restoration of the RTU data, as recognized by (Al-Yousef [0031]).

Regarding Claim 20 (Currently Amended), Strayer in view of Al-Yousef and Baugher teaches the non-transitory machine-readable (Strayer discloses plurality of attributes that can be utilized [0028] “The Encrypt algorithm 118 will encrypt M 120 and produce a ciphertext CT 124 such that only a user that possesses a set of attributes that satisfies the access structure /policy A 122 will be able to decrypt the message M 120.”, [0029] further describes two attributes “The subscriber is able to decrypt the ciphertext because the subscriber's attribute set S satisfies the access structure /policy A 122.”, where one of the set policy attributes correspond to the third connection characteristics).

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Strayer in view of Al-Yousef, Baugher and further in view of Antipa (US 20160352525 A1), hereinafter Antipa.

Regarding Claim 18 (Currently Amended), Strayer in view of Al-Yousef and Baugher teaches The non-transitory machine-readable 
Strayer teaches using authentication key, i.e. second authentication key, at the nodes 312 in Figure 3, corresponding to the second storage device, for decrypting the received encrypted content from the publisher node 204 in Figure 3, to ensure that the encrypted content is authenticated and verified, Al-Yousef discloses the concept of replicating data in storage devices as described in claim 17, please see rationale and motivation, however, Strayer in view of Al-Yousef and Baugher do not explicitly disclose that verification includes ensuring that the content is not modified. Emphasis in Italic-bold.
Antipa discloses wherein the replicating the content to the second storage array device further enables the second storage array device to verify, by employing the second authentication key, that the content was not modified during the replicating of the content (Antipa Figure 3 [0068] describes generating signature from the message/content and sending the message/content and the signature to Bob, i.e. the second device, where the second device employs a locally generated/computed key Figure 3 (314) to authenticate/validate the signature in order to verify that the message/content is valid, as disclosed in [0078], where the signature in Figure 310 is a signature of the message/content, therefore, verifying the signature at Bob’s device, to ensure that they are the same, if so, the message/content is not modified, otherwise, the message is not valid/modified, [0076] “Upon Bob receiving the message m, he may wish to verify the signature, and thereby confirm it has been sent by Alice, and that its contents have not been changed.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Strayer to incorporate the teaching of Antipa to utilize the above feature, with the motivation of ensuing the validity of the received message, as recognized by (Antipa [0078]).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BASSAM A NOAMAN/Examiner, Art Unit 2497 
/ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497