DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The present office action is responsive to communications received on 9/22/2021. Applicant added claims 16-20. Claims 1-20 are pending.

Response to Arguments
The arguments/remarks filed by the applicant on 9/22/2021 have been fully considered and are responded in the following.

Applicant's amendments to specification have overcome the objections previously set forth in the Non-Final Office Action mailed 6/25/2021. All previous specification objections have been withdrawn.

Applicant's amendments to claims have overcome the claim objections, 112(f) claim interpretation, 101 and 112 claim rejections previously set forth in the Non-Final Office Action mailed 6/25/2021. All previous claim objections, interpretation, 101 and 112 rejections have been withdrawn.

Applicant’s arguments, ‘claim 1 recites "receiving, at a trusted signing authority apparatus from an administration apparatus over a first communication link between the trusted signing authority apparatus and the administration apparatus, authorisation requests collected in a batch by the 

Applicant’s arguments, ‘With respect to independent claim 9, Guo and Edwards would not have led to the following subject matter of claim 9: "receive, at the device, the certificate encoding the authorisation and generated by a signing authority apparatus in response to the authorisation request forwarded by the administration device to the signing authority apparatus; and verify, at the device, whether the authorisation encoded in the certificate was requested by the device in the authorisation request." It does not appear that Guo and Edwards provide any teaching or hint that a device that requests an authorisation will verify whether the authorisation included in the certificate was requested by the device in the authorisation request.’, see p. 12, ¶4-5, filed 9/22/2021, with respect to the amended claims overcoming the cited prior art references of the rejection of claim 9 under 35 USC § 103 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn; however, upon further search and consideration, a new grounds of rejection – as necessitated by amendment – is made in view of cited prior art Larrick. Please refer to "Claim Rejections - 35 USC § 103" section below for detail analysis.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5, 13-17 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Guo (US 20110247055 A1) in view of Leggette (US 20130326215 A1) and Deakin (US 20160156477 A1).

Regarding claim 1, Guo teaches a method comprising:
receiving, at a trusted signing authority apparatus (FIG. 3 account authority server) from an administration apparatus (FIG. 3 secure server) over a first communication link between the trusted signing authority apparatus and the administration apparatus, authorisation requests; ([0034-0035] FIG. 3: the user requests access to the secure server in a request operation 302; redirects the user to the account authority service for authentication in a redirection operation 304. The account authority service receives the redirected request in a receiving operation 306.) Here Guo discloses that the secure server is in a trust relationship with the account authority server, upon which it depends for authentication of users and devices (¶33, suggesting multiple); and “first communication link” is between account authority server/secure server.
processing, at the trusted signing authority apparatus, the authorisation requests; ([0035-0036] A prompting operation 308 at the account authority service prompts the user for credentials. The user device receives the prompt at a receiving operation 310 and submits credentials in a sending operation 312. The user may submit his or her user credentials (e.g., username and password), which is typical. In an alternative scenario, the user device may also submit a device certificate (or device ID and device password). When the account authority service receives the credentials from the user device, it authenticates them and, if the credentials satisfy the secure server's security requirements (as determined in a decision operation 314).)
validating, at the trusted signing authority apparatus, respective authorisation request parameters of the authorisation requests; ([0033] the account authority service has knowledge of the security policies of the secure server and enforces said policies when it is asked to authenticate a user and/or device for access to the secure server. Depending upon whether the user provides both user credentials and device credentials, or just user credentials, the level of privilege authorized by the account authority service to the user for access to the secure server can vary. For example, authentication by both user credentials and device credentials may result in the account authority service granting a higher level of privilege to the user than for authentication by user credentials only.) Here user credentials and device credentials (analogous to claim limitation “authorisation request parameters”) are validated to determine level of privilege authorized by the account authority service to the user for access to the secure server.
generating, at the trusted signing authority apparatus, a certificate encoding an authorisation requested by a device of the multiple devices; and ([0036] when the account authority service receives the credentials from the user device, it authenticates them and, if the credentials satisfy the secure server's security requirements (as determined in a decision operation 314), the account authority service sends a security token to the user device in an operation 320. [0049] In one implementation, the The security token can also be a public/private key pair in a certificate format.)
transmitting, from the trusted signing authority apparatus, the generated certificate to the administration apparatus or the device over a second communication link. ([0036, 0039] the account authority service sends a security token to the user device in an operation 320. The user device receives the security token in receiving operation 322.) Here “second communication link” is between account authority server/user device.

Guo teaches processing the authorisation requests, but does not explicitly teach verifying, at the trusted signing authority apparatus, respective digital signatures applied to the authorisation requests. This aspect of the claim is identified as a difference.
However, Leggette in an analogous art explicitly teaches verifying, at the trusted signing authority apparatus, respective digital signatures applied to the authorisation requests. ([0282] the device 386 generates a certificate signing request 406 and outputs the certificate signing request 406 to the cloud system managing unit 382. The certificate signing request 406 includes one or more of a device identifier of device 386 (e.g., the UUID), the device 386 public key, the hash of the public key of the device 386, a signature over the certificate signing request 406, where the signature is generated utilizing the private key of the device 386. The cloud system managing unit 382 receives the certificate signing request 406, validates the certificate signing request 406, generates a signed certificate 408 when the certificate signing request 406 is validated, and outputs the signed certificate 408 to the device 386.)


Guo in view of Leggette teaches providing certificates encoding authorisations for multiple users and devices, but does not explicitly teach receiving, at a trusted signing authority apparatus from an administration apparatus, authorisation requests collected in a batch by the administration apparatus from respective multiple devices that are requesting authorisations to use services. This aspect of the claim is identified as a difference.
However, Deakin in an analogous art explicitly teaches receiving, at a trusted signing authority apparatus (CA) from an administration apparatus (processing manager), authorisation requests collected in a batch by the administration apparatus from respective multiple devices that are requesting authorisations to use services. ([0027] In the embodiment of security certificates, the processing manager may batch requests for certificate renewal from multiple systems together for renewal by a CA and distribute the renewed certificates back to those systems.)
(Deakin [0091, 0006]).

Regarding claim 2, Guo in view of Leggette and Deakin teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein an authorisation request parameter of the authorisation request parameters comprises an indication of an entitlement to use a service by a device of the multiple devices. ([Guo 0033] the account authority service has knowledge of the security policies of the secure server and enforces said policies when it is asked to authenticate a user and/or device for access to the secure server. Depending upon whether the user provides both user credentials and device credentials, or just user credentials, the level of privilege authorized by the account authority service to the user for access to the secure server can vary. For example, authentication by both user credentials and device credentials may result in the account authority service granting a higher level of privilege to the user than for authentication by user credentials only.) Here user credentials and device credentials (analogous to claim limitation “authorisation request parameters”) are indications to level of privilege authorized by the account authority service to the user for access to the secure server (analogous to claim limitation “entitlement to use a service by a device”).

Regarding claim 3, Guo in view of Leggette and Deakin teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein verifying the respective digital signatures comprises verifying a digital signature of an authorisation request applied to the authorisation request using a private key of a device public key pair. ([Leggette 0282] the device 386 generates a certificate signing request 406 and outputs the certificate signing request 406 to the cloud system managing unit 382. The certificate signing request 406 includes one or more of a device identifier of device 386 (e.g., the UUID), the device 386 public key, the hash of the public key of the device 386, a signature over the certificate signing request 406, where the signature is generated utilizing the private key of the device 386. The cloud system managing unit 382 receives the certificate signing request 406, validates the certificate signing request 406, generates a signed certificate 408 when the certificate signing request 406 is validated, and outputs the signed certificate 408 to the device 386.)

Regarding claim 4, Guo in view of Leggette and Deakin teaches all the features with respect to claim 1, as outlined above. The combination further teaches signing an identity certificate for a device. ([Guo 0030] FIG. 2: In a generation operation 212, the account authority service builds the device ID and public key into a device certificate and then signs the certificate using the account authority service's private key to bind the user device's public key to the device ID. In this manner, an entity wishing to confirm that the device ID belongs to the user device can then evaluate the certificate, using the account authority service's public key to verify its digital signature.)

Regarding claim 5, Guo in view of Leggette and Deakin teaches all the features with respect to claim 1, as outlined above. The combination further teaches collating, at the trusted signing authority apparatus, a set of generated certificates for transmission to the administration apparatus. ([Deakin 0027] In the embodiment of security certificates, the processing manager may batch requests for certificate renewal from multiple systems together for renewal by a CA and distribute the renewed certificates back to those systems.) Here the “transmission to administration apparatus” is obvious because processing manager then distributes the renewed certificates back to systems.

Regarding claim 16, Guo in view of Leggette and Deakin teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the administration apparatus is a mobile device. ([Guo 0054] The example hardware and operating environment of FIG. 6 for implementing the invention includes a computing device, such as general purpose computing device in the form of a gaming console or computer 20, a mobile telephone, a personal data assistant (PDA), a set top box, or other type of computing device.)

Regarding claim 17, Guo in view of Leggette and Deakin teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein an authorisation request parameter of a first authorisation request of the authorisation requests indicates a service requested by a first device of the devices. ([Guo 0021] When the user wishes to initiate access to an account network resource, such as the e-commerce server 110, the user's browser can navigate to the e-commerce server 110, which redirects the user's browser to the account authority service 104. The user device 102 can provide user credentials and the device certificate to the account authority service 104 in a request for a security token to access the e-commerce server 110. the account authority service 104 evaluates the user credentials, the device certificate, and the security policy of the e-commerce server 110 to determine whether to provide the user device 102 with a security token for access to the e-

Regarding claims 13-15 and 19-20, the scope of the claims are similar to that of claims 1, 3, 5 and 16-17, respectively.  Accordingly, the claims are rejected using a similar rationale.

Claims 6-8 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Guo (US 20110247055 A1) in view of Deakin (US 20160156477 A1).

Regarding claim 6, Guo in view of Deakin teaches an administration device comprising:
a processor; and ([Guo FIG. 6] processing unit 21)
a non-transitory storage medium storing instructions executable on the processor to: ([Guo FIG. 6] system memory 22)
receive an authorisation request from a first device; ([Guo 0034] FIG. 3: the user requests access to the secure server in a request operation 302; redirects the user to the account authority service for authentication in a redirection operation 304.)
collate the authorisation request from the first device with multiple other authorisation requests from respective other devices to form a set of authorisation requests of a plurality of devices; and ([Deakin 0027] In the embodiment of security certificates, the processing manager may batch requests for certificate renewal from multiple systems together for renewal by a CA and distribute the renewed certificates back to those systems.)
transmit the set of authorisation requests to a trusted signing authority apparatus. ([Deakin 0027] In the embodiment of security certificates, the processing manager may batch requests for for renewal by a CA and distribute the renewed certificates back to those systems.)

Regarding claim 7, Guo in view of Deakin teaches all the features with respect to claim 6, as outlined above. The combination further teaches wherein the administration device is provisioned with authorisation to read from and write to a security policy of a device. ([Guo 0004] an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. [0013] the account authority service establishes and maintains these trust relationships with account network resources based on a combination of contractual agreements, such as terms of use, security policies, and cryptographic keys that protect the communications between the account authority service and each account network resource.) Here Guo discloses account authority service with “authorisation read” in ¶4 and “authorisation write” in ¶13.

Regarding claim 8, Guo in view of Deakin teaches all the features with respect to claim 6, as outlined above. The combination further teaches receive a certificate encoding an authorisation from the trusted signing authority apparatus, the certificate generated by the trusted signing authority apparatus responsive to the authorisation request from the first device; and transmit the certificate to the first device of the plurality of devices. ([Deakin 0027] In the embodiment of security certificates, the processing manager may batch requests for certificate renewal from multiple systems together for renewal by a CA and distribute the renewed certificates back to those systems.) Here the “receive from trusted signing authority apparatus” is obvious because processing manager then distributes the renewed certificates back to systems.

Regarding claim 18, Guo in view of Deakin teaches all the features with respect to claim 6, as outlined above. The combination further teaches wherein the administration apparatus is a mobile device. ([Guo 0054] The example hardware and operating environment of FIG. 6 for implementing the invention includes a computing device, such as general purpose computing device in the form of a gaming console or computer 20, a mobile telephone, a personal data assistant (PDA), a set top box, or other type of computing device.)

Claims 9 and 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Guo (US 20110247055 A1) in view of Larrick (WO 2017053835 A1).

Regarding claim 9, Guo teaches a device comprising:
a processor; and (FIG. 6: processing unit 21)
a non-transitory storage medium storing instructions executable on the processor to: (FIG. 6: system memory 22)
generate an authorisation request for a certificate encoding an authorisation; ([0034] FIG. 3: the user requests access to the secure server in a request operation 302.)
transmit the authorisation request to an administration device (FIG. 3 secure server); ([0034-0035] FIG. 3: redirects the user to the account authority service for authentication in a redirection operation 304. The account authority service receives the redirected request in a receiving operation 306.)
receive, at the device, the certificate encoding the authorisation and generated by a signing authority apparatus in response to the authorisation request forwarded by the administration device (FIG. 3 secure server) to the signing authority apparatus (FIG. 3 account authority server). ([0036, 0039] the account authority service sends a security token to the user device in an operation 320. The user device receives the security token in receiving operation 322. [0049] In one implementation, the user device 402 may also request that the remote user device 412 send its security token (received from the account authority service 404 so that the user device 402 can be assured of the identity of the remote user device 412. The security token can also be a public/private key pair in a certificate format.)

Guo teaches generating/transmitting authorisation request, receiving certificate in response to the authorisation request, but does not explicitly teach verify, at the device, whether the authorisation encoded in the certificate was requested by the device in the authorisation request. This aspect of the claim is identified as a difference.
However, Larrick in an analogous art explicitly teaches verify, at the device, whether the authorisation encoded in the certificate was requested by the device in the authorisation request. ([0049-0050] At block 430, the client device 110a determines the validity of the received certificate based on the certificate information. To determine the validity of the certificate, the client device 110a extracts information from the certificate, such as an identity of the certificate authority that issued the certificate, an expiration date or time of the certificate, one or more signatures affixed to the certificate, one or more "stapled" online certificate status protocol responses, etc. Still other information may be extracted from the certificate in different examples. After extracting information from the certificate, the client device 110a may use the extracted information to determine the validity of the certificate.) Reference Guo discloses that “an entity wishing to confirm that the device ID belongs to the user device can then evaluate the certificate” (¶30), as well as “a security token supports an API that allows a computing device to interrogate it (e.g., to determine whether the security token includes a username device ID)” (¶14). In summary, reference Larrick discloses device verifying the received certificate by extracting information from the certificate, reference Guo discloses the extracting information being device ID/identity of the requester. Therefore, the combination discloses the entire limitation.
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “trusted device-specific authentication” concept of Guo, and the “validity of received certificate” approach of Larrick. One of ordinary skill in the art would have been motivated to perform such a modification for the client device to select an appropriate next step depending on the validity of the certificate. The client device verifies that the certificate is valid before accepting the certificate. If the certificate is invalid or if the client device is unable to determine the validity of the certificate, the client device can reject the certificate or request certificate information to ensure security (Larrick [0029, 0055-0057]).

Regarding claim 11, Guo in view of Larrick teaches all the features with respect to claim 9, as outlined above. The combination further teaches determine that the device has been successfully provisioned with the authorisation to use a service in response to verifying that the authorisation encoded in the certificate was requested by the device in the authorisation request. ([Larrick 0049, 0055, 0058] At block 430, the client device 110a determines the validity of the received certificate based on the certificate information. At block 440, the client device 110a selects an appropriate next step depending on the validity of the certificate. If the certificate is valid, the method 400 proceeds to block 450. At block 450, the client device 110a accepts the certificate and responds to the content server 120a to establish the secure communications channel.)

Regarding claim 12, Guo in view of Larrick teaches all the features with respect to claim 11, as outlined above. The combination further teaches wherein the authorisation to use the service comprises an authorisation to use a service of a printer. ([Guo 0004] an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access.) The network resource can be the peripheral output devices, such as printers as mentioned in ¶57 of Guo.

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Guo (US 20110247055 A1) in view of Larrick (WO 2017053835 A1) and Leggette (US 20130326215 A1).

Regarding claim 10, Guo in view of Larrick teaches all the features with respect to claim 9, as outlined above. Guo in view of Larrick and Leggette further teaches apply a digital signature to the authorisation request using a private key of a device public key pair. ([Leggette 0282] the device 386 generates a certificate signing request 406 and outputs the certificate signing request 406 to the cloud system managing unit 382. The certificate signing request 406 includes one or more of a device identifier of device 386 (e.g., the UUID), the device 386 public key, the hash of the public key of the device 386, a signature over the certificate signing request 406, where the signature is generated utilizing the private key of the device 386. The cloud system managing unit 382 receives the certificate signing request 406, validates the certificate signing request 406, generates a signed certificate 408 when the certificate signing request 406 is validated, and outputs the signed certificate 408 to the device 386.)

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20170214759 A1, "Optimizer module in high load client/server systems", by Timiskov, teaches a method performed by an optimizer module that functions as a proxy between a server that provides access to a resource and a number of clients, for optimizing the performance of the server, comprising: receiving, at the optimizer module, requests for accessing the resource from a number of clients; buffering the received requests during a buffering interval; creating a number of bulk requests by combining multiple buffered requests into each bulk request; after the buffering interval, sending the bulk requests to the server; for each bulk request, receiving a bulk response that includes multiple responses corresponding to the multiple requests; parsing each bulk response to extract the multiple responses; and sending each of the responses to the corresponding client.
US 9223789 B1, "Range retrievals from archived data objects according to a predefined hash tree schema", by Seigle, teaches that interface module batch processes some or all incoming requests from one client or multiple different clients. For example, interface module may wait until a certain number of requests has been received before processing (e.g., authentication, authorization, accounting and the like) the requests. Such a batch processing of incoming requests may be used to gain efficiency.
US 20210152372 A1, "Achieving certificate pinning security in reduced trust networks", by Hunt, teaches that after having generated a secured response, the origin server sends the secured response towards the client, by sending the secured response to the intermediary. The intermediary, in turn, can forward this response to the client. If the 

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a).   Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAN YANG whose telephone number is (408)918-7638.  The examiner can normally be reached on Monday to Friday, 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.





/H.Y./Examiner, Art Unit 2493

/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493