DETAILED ACTION

1.	 Pending claims for reconsideration are claims 2-21. Claim 2 and 16 have been amended. Claim 1 has been cancelled.

Response to Arguments

2.	Applicant's arguments filed 10/19/2021 have been fully considered but they are not persuasive. 

In the remarks, applicant argues in substance:

a.     	That-  The prior art does not teach, “receiving, from a user device, an 
authentication request according to a first security protocol; [and] receiving, from the user device, a request to access content secured according to a second security protocol, wherein the request comprises the device identifier and is encrypted using the shared key, and wherein the shared key is derived from the information related to the shared key”
In response to applicant’s argument- It is the combination of Poling, Cheng, and Dierks that teaches the claimed language, neither Poling, Cheng, nor Dierks alone. As stated in the below rejection the combined references teach receiving, from a user device in client system 200 of Poling, an authentication request 
Cheng was introduced and modified by merging the authentication and license issuance functions into a single DRM server, as disclosed by Cheng, in addition, using a “device identifier” to uniquely identify the client. One of ordinary skill would have been motivated to modify Poling in such a manner in order to practically consolidate services when owned/operated by the same entity (For example, if Amazon.com is both the identity provider and content license issuer versus when [TV subscription provider] is the identity provider and [TV channel 
Dierks was further introduced to teach using TLS v 1.2 (the successor to SSL) and thus teaches: wherein the authentication handshake comprises information related to a shared key (Dierks: pg. 33, handshake protocol overview step 2: exchange premaster secret); wherein the encrypted request is encrypted using the shared key derived from the information related to the shared key (Dierks: pg. 33, handshake protocol overview step 4 generate master secret from premaster secret; see pg. 24-25, section 6.3 for how record protocol utilizes master secret to generate encryption key; see pg. 20-22, section 6.2.3 for actual encryption of content, based on negotiated encryption algorithm, using the shared key) wherein the decrypting uses the shared key (See pg. 20-22, section 6.2.3 for decryption). One of ordinary skill would have been motivated to modify Poling, as modified by Cheng, in such a manner in order to secure the communication session using known and available communication standards. 

b.     	That- The motivation to combine the references is not supported
In response to applicant’s argument-  An invention that would have been obvious to a person of ordinary skill at the time of the invention is not patentable. See 35 U.S.C. 103 or pre-AIA  35 U.S.C. 103(a). As reiterated by the KSR, the framework for the objective analysis for determining obviousness under 35 U.S.C. 103 is stated in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966). Obviousness is a question of law based on underlying factual inquiries. The factual inquiries enunciated by the Court are as follows: (A) Determining the scope and content of the prior art; (B) Ascertaining the differences between the claimed invention and the prior art; and (C) Resolving the level of ordinary skill in the pertinent art. The examiner has illustrated these three steps in the below claim limitations of independent claims 2, 16, and further given rational in the above ‘response to argument 2a’.

Objections

3.	The drawings are objected under 37 CFR 1.83(a) for failing to depict all the claimed subject matter.  
"a) The drawing in a nonprovisional application must show every feature of the invention specified in the claims." 

In particular, many steps of the newly added claims do not exist in the drawings.

Claim 3's "using the shared key as an input to a key derivation function [..]"; Claim 7's "receive a security solution renewal message ...", "assigning, based on an occurrence of a security breach, a new device identifier associated with the user device"; 

All of claim 8's steps.

Claim 10's "facilitating access to the first content".

All of claim 11's steps.

All of claim 13's steps.

All of claim 15's steps.

All of claim 16, 17, 18.  

 Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.


	Claims 6, 7, 10-13, and 16-18 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.  
Claim 6  "facilitating access to the content" is unsupported by the specification because it is a broader genus than the statement of "permitting/authorizing access to the content".  Thus the specification does not support all ways to facilitate access to the content, only facilitating via permitting/authorizing.  Applicant is encouraged to use the terminology from their own specification rather than use terminology of variant scope.
	Claim 7  "assigning, based on an occurrence of a security breach, a new device identifier associated with the user device" is unsupported.  Applicant's paragraph 0061 clearly states "the network device can assign a new device identifier to the first user device if the security solution renewal message was received because of a security breach".  Being that "based on an occurrence of a security breach" is not the same as nor of the same scope as "if the security solution renewal message was received because of a security breach" this limitation is not supported by applicant's original disclosure as filed.  In particular, the specification does not support all the ways to assign an new identifier based on a breach, but rather only supports assigning a new identifier if the renewal message was received because of a breach. 
Claim 10  "facilitating access to the first content" is unsupported.  See comments with respect to claim 6.  	
Claim 11 in its entirety is not disclosed by applicant's specification.  The only mention of two user devices in applicant's specification is with respect to Figure 3, where the two user devices use different "security protocols" to authenticate.  At no point does applicant's specification support those two different user devices then attempting to access content secured using an additional two separate security protocols.
Claim 12 is not disclosed by applicant's specification.  As indicated above, there is no "fourth protocol" anywhere in applicant's specification.
Claim 13 "assigning, based on an occurrence of a security breach, a new device identifier ...".  See comments with respect to claim 7.
Claim 16 the clause "wherein the request is encrypted [...] according to a second security protocol".  Nowhere does applicant disclose anything being encrypted "according to a security protocol".

Claim 17 "facilitating ...".  See comments with respect to claim 6.

Claim 18  "assigning, based on an occurrence of a security breach, a new device identifier ...".  See comments with respect to claim 7.






Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


5.	Claims 2-4, 8 are rejected under 35 U.S.C. 103 as being unpatentable over Patent No.: US 8,972,726 B1 to Poling, in view of Pub.No.: US 2010/0262831 A1 to Cheng et al(hereafter referenced as Cheng), in further view of NPL for TLS v 2 (https://tools.ietf.org/html/rfc5246)(hereafter referenced as Dierks).
Regarding claim 2, Poling discloses “a method (Poling: Fig 1) comprising: receiving, from a user device (client system 200), an authentication request according to a first security protocol (Poling: Fig 1, server 220 receives authentication request 252 from client system 200; col 7, lines 26-42 provides for various different authentication algorithms or “security protocols” for content of the authentication request;  Also, col 9, line 6 – col 10, line 42 provides the authentication request may be an encrypted authentication request according to a variety of encryption algorithms including AES;  Any of these authentication mechanisms or encryption protocols is equivalent to “a first security protocol”; see also col 10, line 60 – col 11, line 32); sending, to the user device, based on a determined authenticity of the authentication request according to the first security protocol, an authentication reply comprising an authentication token including a client identifier (Poling: col 12, lines 30-46 for verifying authenticity of the authentication request; col 12, lines 47-63 for sending authentication token to client;  The entire point of the token is to uniquely identify the client, see for example col 16, lines 39-44 “the client application identified by the authentication token” ) receiving, from the user device, a request to access content secured according to a second security protocol (Poling: col 16, lines 7-49 provides license server receives a request from client to access content; col 16, line 27-49 provides for a separate set of rules performed by license server to verify the authentication token is valid;  col 16, line 7-27 provides the actual content for consumption is encrypted;  Both the rules to verify authentication token validity and the encryption of the content provides the content is “secured according to a second security protocol”); wherein the request comprises the authentication token which uniquely identifies the client (Poling: col 16, lines 7-49 provides the request for content license includes the previously issued authentication token); is encrypted (Poling: col 17, lines 51-64 provides any communications (such as those between client and license server) may be encrypted using SSL encryption over HTTP); decrypting the request (Poling: col 17, lines 51-64 provides the license server would need to decrypt the SSL communications); and authenticating, based on the device identifier, the request (Poling: col 16, lines 28-48 provides license server authenticates client to ensure they are authorized to access requested content, all based on “the client application identified by the authentication token”). While 
Poling teaches “In some embodiments, it is contemplated that embodiments may be implemented using a single instance of computer system 600”, “In addition, functionality provided by the illustrated components may in some embodiments be combined in fewer components …”, and “Finally, structures and functionality presented as discrete components in the example configurations may be implemented as a combined structure or component.” 
 Poling fails to explicitly teach i) a server performing both authentication and content service; ii) the intricacies of using SSL, and thus fails to teach: wherein the authentication handshake comprises information related to a shared key;  wherein a “client identifier” is a “device identifier”; wherein the encrypted message is encrypted using the shared key, and wherein the shared key is derived from the information related to the shared key and decrypting the request uses the shared key. 
Cheng teaches a server performing both authentication and content service (Cheng: [0036] and [0041] provides the DRM server provides both authentication and license issuance) ; and wherein the client identifier is a device identifier (Cheng: [0034] in light of [0029]).  	
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Poling to merge the authentication and license issuance functions into a single DRM server, as disclosed by Cheng, in addition using a “device identifier” to uniquely identify the client. One of ordinary skill would have been motivated to modify Poling in such a manner in order to practically consolidate services when owned/operated by the same entity (For example, if Amazon.com is both the identity provider and content license issuer versus when [TV subscription provider] is the identity provider and [TV channel website] is the license issuer (i.e., logging into Verizon to get token to access content via CBS.com server). Such a system, Poling as modified by Cheng, would result in a single SSL session, for example, for both authentication handshaking and content delivery, but fails to explicitly teach:  wherein the authentication handshake comprises information related to a shared key; wherein the encrypted request is encrypted using the shared key derived from the information related to the shared key and wherein the decrypting uses the shared key.
However, Dierks teaches using TLS v 1.2 (the successor to SSL) and thus teaches: wherein the authentication handshake comprises information related to a shared key (Dierks: pg. 33, handshake protocol overview step 2: exchange premaster secret); wherein the encrypted request is encrypted using the shared key derived from the information related to the shared key (Dierks: pg. 33, handshake protocol overview step 4 generate master secret from premaster secret; see pg. 24-25, section 6.3 for how record protocol utilizes master secret to generate encryption key; see pg. 20-22, section 6.2.3 for actual encryption of content, based on negotiated encryption algorithm, using the shared key) wherein the decrypting uses the shared key (See pg. 20-22, section 6.2.3 for decryption).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Poling, as modified by Cheng, to use TLS  as an underlying protocol encapsulating the entire communication of Poling, as disclosed by Dierks. One of ordinary skill would have been motivated to modify Poling, as modified by Cheng, in such a manner in order to secure the communication session using known  and available communication standards. 
Regarding claim 3 in view of claim 2, the references combined disclose “further comprising using the shared key (using key shared between SIM and trusted management server Cheng[par.0024]) as an input to a key derivation function(key derivation input function KDF used to derive Ks NAF from Ks is based on HMAC-SHA 256, as specified by GBA. For the derivation of Ks. NAF Dev from Ks NAF, the same KDF can be used Cheng [par.0043]), “and wherein an output of the key derivation function is the information related to the shared key” (SAC-secure authenticated channel Cheng [Fig.3] creates output of key derivation between SIM and key derivation module Cheng [par.0044])
Regarding claim 4 in view of claim 2, the references combined disclose “wherein the authentication request indicates a device class of the user device” (first request comprises a device identifier Cheng [par.0007]), “and wherein the device identifier is based on at least one of a software version, a timestamp, a random number, a vendor identifier, or a device class identifier” (class device identifier Cheng [par.0007]).
Regarding claim 8 in view of claim 2, the references combined disclose “further comprising: receiving, from a security resource based on the request to access the content, a security challenge” (Server 225 uses a challenge/response Scheme with DRM device Cheng[par.0041]) ; “:sending, to the security resource, a security resource authentication request comprising a security resource identifier and the device identifier” (At step 405 a first request is sent from DRM Device 235 to a user identity module, i.e., *SIM215.. Cheng [par.0047]); “and receiving, based on the security resource authentication request, a security resource authentication result” (authentication the device Cheng [Fig.5/item 515]).

6.	Claims 11 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Patent No.: US 8,972,726 B1 to Poling, in view of Pub.No.: US 2010/0262831 A1 to Cheng et al(hereafter referenced as Cheng), in further view of NPL for TLS v 2 (https://tools.ietf.org/html/rfc5246)(hereafter referenced as Dierks), in further view of Patent No.: US 8,842, 841 B2to Hook et al(hereafter referenced as Hook).
Regarding claim 11 in view of claim 9, the references combined disclose “further comprising: receiving, from the second user device, a second request to access second content secured according to a fourth security protocol” ( after first security protocol at [Cheng step 505] and second security protocol [Cheng step 515], third security protocol at [Cheng step 525], and fourth security protocol at [Cheng step 535), wherein the second request comprises the second device identifier “(send a second request to a trusted key management server in which the second request comprises a master key identifier-2nd device identifier Cheng[Fig.5/item 525-535]) “and wherein the second request is encrypted using the second shared key” (after Successful user authentication results in a key shared between the *SIM and a trusted key management server [par.0024] also see Cheng[Fig.5/item 535] in which a derived key may be used to authenticate and/or encrypt any DRM system protocol messages exchanged between the device 235, 305 and the DRM server 225 Cheng[par.0045]).
Poling ,Cheng, nor Dierks explicitly disclose “decrypting the second request using the second shared key; authenticating, based on the second device identifier, the second request; and facilitating access to the second content.”
However, Hook in an analogous art discloses “decrypting the second request using the second shared key” (The first user is able to decrypt the second encrypted key by using the associated key Hooks [Col.17/lines 23-25]); “authenticating, based on the second device identifier, the second request; and facilitating access to the second content.” (The Verification/authentication may make use of an authentication code or “authcode' Hook [Col.20/lines 51-52]). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol, Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request,  Deirks TLS v 1.2 (the successor to SSL) comprising a handshake protocol with Hooks cryptographic system that decrypts within a content distribution system (Col.99/line 35) and authenticates. One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process, Cheng also teaches an authentication process, but using a second protocol request, Deirks discloses a handshake authentication protocol, Hook illustrates a cryptographic system which decrypts and authenticates within a content distribution system, and all are from the same field of endeavor. 
Regarding claim 12 in view of claim 11, the references combined disclose “wherein the fourth security protocol comprises the third security protocol” (after first security protocol at [Cheng step 505] and second security protocol [Cheng step 525], proceed to third security protocol at [Cheng step 555] by use of a challenge/ response scheme to determine if derived key matches derived key of the DRM device). 

7.	Claims 5-7 are rejected under 35 U.S.C. 103 as being unpatentable over Patent No.: US 8,972,726 B1 to Poling, in view of Pub.No.: US 2010/0262831 A1 to Cheng et al (hereafter referenced as Cheng), in further view of in further view of NPL for TLS v 2 (https://tools.ietf.org/html/rfc5246)(hereafter referenced as Dierks) , in further view of Pub.No.: US 2019/0190718A1 to Wease et al (hereafter referenced as Wease).
Regarding claim 5 in view of claim 2, neither Poling, Cheng, nor Dierks explicitly disclose “further comprising: receiving, from the user device an identity renewal request comprising the device identifier, wherein the identity renewal request is encrypted using the shared key; negotiating a new shared key with the user device; associating the new shared key with the device identifier; and sending, to the user device, the device identifier and information related to the new shared key.” 
However, Wease in an analogous art discloses “further comprising: receiving, from the user device(receiving from the user computing device Wease[Fig.1/item130]) an identity renewal request(renewal request Wease[Fig.3/item 220])comprising the device identifier (inclusive of digital passport object identifier [Fig.3/item224]), “wherein the identity renewal request is encrypted(encrypted package comprising renewal request  Wease [Fig.2/item 210]) using the shared key (using public key Wease [Fig.2/item 130]/private key Wease [Fig.2/item 234] data]) ; “negotiating a new shared key with the user device; associating the new shared key with the device identifier; and sending, to the user device, the device identifier and information related to the new shared key.” (the renewal request is encrypted using a first portion of an asymmetric key, such that the renewal request may be decrypted using a second portion of the asymmetric key stored by the identity verification computing device Wease [par.0031])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol, Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request, Deirks TLS v 1.2 (the successor to SSL) comprising a handshake protocol with Wease’s verification identity system comprising a renewal request module incorporated in an encryption process to further allow for additional security within a security protocol.  One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process, Cheng also teaches an authentication process, but using a  second protocol request, Hook illustrates a cryptographic system which decrypts and authenticates within a content distribution system, Wease discloses a verification system comprising a renewal request module which is utilized in a security authorization protocol request to further the enforcement of authentication and verification within a security protocol, and all are from the same field of endeavor. 
Regarding claim 6 in view of claim 2, the references combined disclose “further comprising: facilitating access to the content; and negotiating the shared key using a Diffie-Hellman key exchange” (using public key Wease [Fig.2/item 130]/private key Wease [Fig.2/item 234] data]).
Regarding claim 7 in view of claim 2, neither Poling, Cheng, nor Dierks explicitly disclose “further comprising: receiving a security solution renewal message, wherein the security solution renewal message comprises the device identifier; and assigning, based on an occurrence of a security breach, a new device identifier associated with the user device.”
However, Wease in an analogous art discloses ““further comprising: receiving a security solution renewal message”(renewal request [Fig.3/item 220]), wherein the security solution renewal message comprises the device identifier (renewal message comprising digital passport object identifier Wease[Fig.3/item 224]) ; “and assigning, based on an occurrence of a security breach(Determining a verification score based on the trusted biometric data Wease [Fig.6/item 606]), a new device identifier associated with the user device”(based on verification score, renewal package is generated Wease[Fig.6/item 608])  with new cryptographic signature to the renewal package Wease[Fig.6/item 610]) .
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol, Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request, Deirks TLS v 1.2 (the successor to SSL) comprising a handshake protocol  with Wease’s verification identity system comprising a renewal request module incorporated in an encryption process to further allow for additional security within a security protocol.  One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process, Cheng also teaches an authentication process, but using a  second protocol request, Deirks discloses a handshake authentication protocol , Wease discloses a verification system comprising a renewal request module which is utilized in a security authorization protocol request to further the enforcement of authentication and verification within a security protocol, and all are from the same field of endeavor. 
8.	Claims 9, 10, 14-17, and 20-21 are rejected under 35 U.S.C. 103 as being unpatentable over Patent No.: US 8,972,726 B1 to Poling, in view of Pub.No.: US 2010/0262831 A1 to Cheng et al(hereafter referenced as Cheng).
Regarding claim 9, Poling discloses “a method (Poling: Fig 1) comprising: receiving, from a user device (client system 200), a first authentication request according to a first security protocol (Poling: Fig 1, server 220 receives authentication request 252 from client system 200; col 7, lines 26-42 provides for various different authentication algorithms or “security protocols” for content of the authentication request;  Also, col 9, line 6 – col 10, line 42 provides the authentication request may be an encrypted authentication request according to a variety of encryption algorithms including AES;  Any of these authentication mechanisms or encryption protocols is equivalent to “a first security protocol”; see also col 10, line 60 – col 11, line 32); “wherein the first request comprises the first device identifier, and wherein the first request is encrypted using the first shared key” (Create a new entry in an encryption key map including the Selected encryption key and the unique identifier of the DRM client Poling[Fig.3/item 310])
Poling does not explicitly disclose “receiving, from a second user device , a second authentication request according to a second security protocol ; sending, to the first user device, based on a determined authenticity of the first authentication request according to the first security protocol, a first device identifier and information related to a first shared key ; sending, to the second user device, based on a determined authenticity of the second authentication request according to the second security protocol, a second device identifier and information related to a second shared key; and receiving, from the first user device, a first request to access first content secured according to a third security protocol.
However, Cheng in an analogous art teaches “receiving, from a second user device (DRM Device Fig.1/item 115]) , “a second authentication request according to a second security protocol” (Receive a request from DRM device Cheng [Fig.5/item 505] in which a second request is sent to a trusted key device from the DRM device Cheng [Fig.5/item 515]); “sending, to the first user device(send a first request to SIM of user device Cheng [Fig.4/item 405]), “based on a determined authenticity of the first authentication request according to the first security protocol” (At step 405 a first request is sent from DRM Device 235 to a user identity module, i.e., *SIM215. The first request contains a network application function identifier of DRM Server 225 and a device identifier of DRM Device 235), “a first device identifier(the first request comprises at least a master key identifier, a device identifier Cheng [par.0008])  and information related to a first shared key” (after Successful user authentication results in a key derived/shared between the *SIM and a trusted key management server Cheng [par.0024] also see Cheng [Fig.5/item 535); “sending, to the second user device”(DRM device Cheng [Fig.1]), based on a determined authenticity of the second authentication request according to the second security protocol” (DRM device is authenticated in a DRM-specific way, a second request is sent to a trusted key according to  management server protocol Cheng[par.0008]), “a second device identifier and information related to a second shared key” (second request comprises at least the master key identifier, the device identifier, and the random number Cheng [par.0007]); and receiving, from the first user device (receive first request from DRM device Cheng [Fig.5/item 505]), a first request to access first content secured according to a third security protocol”( after first security protocol at [Cheng step 505] and second security protocol [Cheng step 525], proceed to third security protocol at [Cheng step 555] by use of a challenge/ response scheme to determine if derived key matches derived key of the DRM device).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol with Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request using a shared key. One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process and Cheng also teaches an authentication process, but using a second protocol request and shared key process. Both Poling and Cheng are from the same field of endeavor. 
Regarding claim 10 in view of claim 9, the references combined disclose “ further comprising: decrypting the first request using the first shared key” (decrypt the encrypted response including the type of authentication Credentials with the encryption key Poling [Fig.2/item 206]); “authenticating, based on the first device identifier, “the first request; and facilitating access to the first content” (the authentication server may use the identifier to look-up an encryption key that matches the encryption key embedded in the DRM client access request  Poling[Col.40/lines 41-43]).
Regarding claim 14 in view of claim 9, the references combined disclose “wherein the first authentication request indicates a first device class of the first user device” (first request comprises a device identifier Cheng [par.0007]), “and wherein the second authentication request indicates a second device class of the second user device” (class device identifier Cheng[par.0007]).
Regarding claim 15 in view of claim 9, the references combined disclose “further comprising: receiving, from a security resource based on the first request to access the first content, a security challenge” (Server 225 uses a challenge/response Scheme with DRM device Cheng[par.0041]); “sending, to the security resource, a security resource authentication request comprising a security resource identifier and the first device identifier” (At step 405 a first request is sent from DRM Device 235 to a user identity module, i.e., *SIM215.. Cheng [par.0047]); “and receiving, based on the security resource authentication request, a security resource authentication result” (authentication the device Cheng [Fig.5/item 515]).
Regarding claim 16, Poling discloses “a method comprising: receiving, from a user device(receiving from a computer system 600), “a request to access content secured according to a first security protocol” (Poling: Fig 1, server 220 receives authentication request 252 from client system 200; col 7, lines 26-42 provides for various different authentication algorithms or “security protocols” for content of the authentication request;  Also, col 9, line 6 – col 10, line 42 provides the authentication request may be an encrypted authentication request according to a variety of encryption algorithms including AES;  Any of these authentication mechanisms or encryption protocols is equivalent to “a first security protocol”; see also col 10, line 60 – col 11, line 32).
Poling does not explicitly disclose “wherein the request comprises a device identifier, and wherein the request is encrypted using a shared key according to a second security protocol”
However, Cheng in an analogous art discloses “wherein the request comprises a device identifier” (send a second request to a trusted key management server in which the second request comprises a master key identifier [Fig.5/item 525-535]) , “and is encrypted using a shared key according to a second security protocol” (after Successful user authentication results in a key shared between the *SIM and a trusted key management server [par.0024] also see Cheng[Fig.5/item 535] in which a derived key may be used to authenticate and/or encrypt any DRM system protocol messages exchanged between the device 235, 305 and the DRM server 225 Cheng[par.0045]), receiving, from a security resource, based on the request to access the content, a security challenge” (Server 225 uses a challenge/response Scheme with DRM device Cheng[par.0041]); “sending, to the security resource based on the security challenge, a security resource authentication request comprising a security resource identifier and the device identifier” (At step 405 a first request is sent from DRM Device 235 to a user identity module, i.e., *SIM215.. Cheng [par.0047]); “and receiving, based on the security resource authentication request, a security resource authentication result.” (authentication the device Cheng [Fig.5/item 515]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol with Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request. One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process and Cheng also teaches an authentication process, but using a  second protocol request. Both Poling and Cheng are from the same field of endeavor. 
 Regarding claim 17 in view of claim 16, the references combined disclose “further comprising facilitating, based on the security resource authentication result, access to the content.”(access the content [Fig.4/item 406]).
Regarding claim 20 in view of claim 16, the references combined disclose “further comprising: receiving, from the user device(send a first request to SIM of to be received by the user device Cheng [Fig.4/item 455], an authentication request according to the second security protocol(second request to a trusted key management server [Fig.5/item 525]”; “and sending, to the user device based on a determined authenticity of the authentication request according to the second security protocol” (DRM device is authenticated in a DRM-specific way, a second request is sent to a trusted key according to  management server protocol Cheng[par.0008]), “the device identifier and information related to the shared key.” (second request comprises at least the master key identifier, the device identifier, and the random number Cheng [par.0007]
Regarding claim 21 in view of claim 20, the references combined disclose “further comprising: decrypting the authentication request using the shared key (decrypt the encrypted response including the type of authentication Credentials with the encryption key Poling [Fig.2/item 206];”and authenticating, based on the device identifier, the request” (the authentication server may use the identifier to look-up an encryption key that matches the encryption key embedded in the DRM client access request  Poling[Col.40/lines 41-43]). 

9.	Claims 13,  and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Patent No.: US 8,972,726 B1 to Poling, in view of Pub.No.: US 2010/0262831 A1 to Cheng et al(hereafter referenced as Cheng), in further view of Pub.No.: US 2019/0190718A1 to Wease et al(hereafter referenced as Wease).
Regarding claim 13 in view of claim 9, neither Polling nor Cheng explicitly disclose “further comprising: receiving, from the first user device, a security solution renewal message, wherein the security solution renewal message comprises the first device identifier; and assigning, based on an occurrence of a security breach, a new device identifier associated with the first user device.”
However, Wease in an analogous art discloses “further comprising: receiving, from the first user device (receiving from the user computing device Wease [Fig.1/item130]) a security solution renewal message (renewal request Wease [Fig.3/item 220]) wherein the security solution renewal message comprises the first device identifier and assigning, based on an occurrence of a security breach, a new device identifier associated with the first user device.” (the renewal request is encrypted using a first portion of an asymmetric key, such that the renewal request may be decrypted using a second portion of the asymmetric key stored by the identity verification computing device Wease [par.0031])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol, Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request, Hooks cryptographic system that decrypts within a content distribution system(Col.99/line-35) for authentication with Wease’s verification identity system comprising a renewal request module incorporated in an encryption process to further allow for additional security within a security protocol.  One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process, Cheng also teaches an authentication process, but using a  second protocol request, Hook illustrates a cryptographic system which decrypts and authenticates within a content distribution system, Wease discloses a verification system comprising a renewal request module which is utilized in a security authorization protocol request to further the enforcement of authentication and verification within a security protocol, and all are from the same field of endeavor. 
Regarding claim 18 in view of claim 16, neither Poling nor Cheng explicitly disclose “further comprising: receiving a security solution renewal message, wherein the security solution renewal message comprises the device identifier; and  assigning, based on an occurrence of a security breach, a new device identifier associated with the user device.”
However, Wease in an analogous art discloses ““further comprising: receiving a security solution renewal message”(renewal request [Fig.3/item 220]), wherein the security solution renewal message comprises the device identifier (renewal message comprising digital passport object identifier Wease[Fig.3/item 224]) ; “and assigning, based on an occurrence of a security breach(Determining a verification score based on the trusted biometric data Wease [Fig.6/item 606]), a new device identifier associated with the user device”(based on verification score, renewal package is generated Wease[Fig.6/item 608])  with new cryptographic signature to the renewal package Wease[Fig.6/item 610]) .
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol, Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request, Hooks cryptographic system that decrypts within a content distribution system(Col.99/line 35) for authentication with Wease’s verification identity system comprising a renewal request module incorporated in an encryption process to further allow for additional security within a security protocol.  One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process, Cheng also teaches an authentication process, but using a  second protocol request, Hook illustrates a cryptographic system which decrypts and authenticates within a content distribution system, Wease discloses a verification system comprising a renewal request module which is utilized in a security authorization protocol request to further the enforcement of authentication and verification within a security protocol, and all are from the same field of endeavor. 
Regarding claim 19 in view of claim 16, neither Poling nor Cheng explicitly disclose “further comprising: receiving, from the user device, an identity renewal request comprising the device identifier, wherein the identity renewal request is encrypted using a shared key; negotiating a new shared key with the user device; associating the new shared key with the device identifier; and sending, to the user device, the device identifier and information related to the new shared key.
However, Wease in an analogous art discloses “further comprising: receiving, from the user device(receiving from the user computing device Wease[Fig.1/item130]) an identity renewal request(renewal request Wease[Fig.3/item 220])comprising the device identifier (inclusive of digital passport object identifier [Fig.3/item224]), “wherein the identity renewal request is encrypted(encrypted package comprising renewal request  Wease [Fig.2/item 210]) using the shared key (using public key Wease [Fig.2/item 130]/private key Wease [Fig.2/item 234] data]) ; “negotiating a new shared key with the user device; associating the new shared key with the device identifier; and sending, to the user device, the device identifier and information related to the new shared key.” (the renewal request is encrypted using a first portion of an asymmetric key, such that the renewal request may be decrypted using a second portion of the asymmetric key stored by the identity verification computing device Wease [par.0031])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Polings DRM using a secure end to protocol, Cheng’s Method for providing a secure link to a user in a DRM in which a second request and master key identifier are utilized within an authentication request, Hooks cryptographic system that decrypts within a content distribution system(Col.99/line 35) for authentication with Wease’s verification identity system comprising a renewal request module incorporated in an encryption process to further allow for additional security within a security protocol.  One of ordinary skill would have been motivated to combine because Poling teaches a security protocol within a DRM comprising an authentication process, Cheng also teaches an authentication process, but using a  second protocol request, Hook illustrates a cryptographic system which decrypts and authenticates within a content distribution system, Wease discloses a verification system comprising a renewal request module which is utilized in a security authorization protocol request to further the enforcement of authentication and verification within a security protocol, and all are from the same field of endeavor. 

Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL D ANDERSON whose telephone number is (571)270-5159. The examiner can normally be reached Mon-Fri 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/MICHAEL D ANDERSON/Examiner, Art Unit 2433               

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433