Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments with respect to claims 1-2, 4-11 and 15 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 5-11 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Khan et al. (Hereinafter referred to as Khan, US. Pub. No.: US 20160344710 A1) over MAIWAND et al. (Hereinafter referred to as MAIWAND, US 20170352215 A1).

As per claim 1:
Khan discloses an electronic device (Figure 2: 100 Electronic Device) comprising:
a processor (Figure 2: 102);
at least one communication module configured to support wireless communication (Figure 2: Near Filed Communication Component 120; communication component 106); and
a security module having an applet installed therein so as to store and manage a shared key to be transmitted to a first electronic device and an authentication key used in authentication with a second electronic device (0041-0042:  secure element; securely load one or more Auth Keys 157a on CRS applet; An “Auth” key or an “authorization” key;  authentication component;  0044: secure element for providing shared secrets or shared keys; 0047:  securely pairing a secure element and a processor of an electronic device; 0056-0058);
wherein the processor is configured to:
receive a request for transmitting the authentication key to the first electronic device (0053; 0055: Auth Keys may be generated or otherwise accessed by processor);
transmit information for generating the shared key and a command to generate the shared key to the security module (0054, 0056: one or more shared secrets or shared keys);
control the security module so as to generate the shared key, based on the information for generating the shared key (0042; 0044: NFC controller module to establish  a securely encrypted channel provided with a set of shared secrets or shared keys); and
control the security module so as to transmit the generated shared key and information related to the generated shared key to the first electronic device (0042; 0044: NFC controller 

Khan does not explicitly disclose the security module of the device communicating first and second external device for authentication and the generated shared key is based on authentication key, wherein the information related to the shared key comprises information indicating an instruction to activate at least some of functions provided by the second external electronic device. MAIWAND, in analogous art however, discloses the security module of the device communicating the keys first and second external device ([0052]: Security management configuration for authentication and authorization can occur after determining the security level of the requested authentication service; security manager 508 resides on the Bluetooth host and communicates with L2CAP 512 and with link manager/controller 516 through host control interface (HCI) 514; a connect request from a portable device to a vehicle (and vice-versa) arrives at L2CAP 512, where the L2CAP 512 requests evaluation from security manager 508. Security manager 508 looks up the requested service in database 522 for security information, and looks for access authorizations and begins the necessary authentication and (if needed) encryption procedures with the link manager 516 through HCI 514); the generated shared key is based on authentication key, wherein the information related to the shared key comprises information indicating an instruction to activate at least some of functions provided by the second external electronic device ([0054]: An authentication key operate as a link key, used by one device to insure that the other device is who it claims to be; The link key can either be temporary, where it is used for one session only (i.e., devices not bonded), or semi-permanent in which it is stored 
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the claimed limitations of the generated shared 

As per claim 2:
Khan discloses wherein the information related to the shared key comprises information indicating generation based on the authentication key (0054: the Auth Keys leverage that key as shared by secure element; 0056).

As per claim 5:
Khan discloses wherein the processor is configured to transmit, to the security module, an encryption key for encryption of the shared key along with the information for generating the shared key (0040: configured to provide on-element confidential key generation; secure element 145. CASD 158 may be configured to include and/or may be configured to generate and/or otherwise include various security features, such as one or more of CASD-SK(ey) 158a, CASD-PK(ey) 158b, CASD-Cert. 158c, CASD-SCP Key 158d, and/or CA-SP K).

As per claim 6:
Khan discloses wherein the security module is configured to: receive information related to the applet for managing the shared key, which is installed in the security module of the first external electronic device; and determine whether or not to transmit the shared key to the first external electronic device, based on the received information related to the applet  (0039: a credential key of a credential applet (e.g., perso keys 153a) may be generated by financial institution subsystem 350 that may be responsible for such a credential and may be accessible by that financial institution subsystem; 0040: configured to generate and/or otherwise include various security features, such as one or more of CASD-SK(ey); CRS applet).

As per claim 7:
Khan discloses wherein the security module is configured to: identify whether or not an applet identification included in the information related to the applet is the same as an identifier corresponding to the shared key (0048:  global identifiers (“GIDs”) and/or one or more unique identifiers (“UIDs”); 0053: Auth Keys may be generated by processor 102 on device 100 using any suitable identifier of processor 102 (e.g., a UID or GID of step 502) and on any suitable identifier of secure element 145 (e.g., SEID 158f or SCP transport key 156a of step 508); 059); and
determine whether or not to transmit the shared key to the first external electronic device, based on whether or not the applet identification is the same as the identifier corresponding to the shared key (0048:  global identifiers (“GIDs”) and/or one or more 

As per claim 8:
Khan discloses wherein the information related to the applet comprises at least one of an address at which the applet is stored, an applet identification, a model identifier of the first external electronic device, data indicating whether or not to activate the applet, a priority assigned to each applet, or applet-specific data (0036: associated with at least one of its own credential applications or credential applets (e.g., a Java card applet instances) , a credential applet may have its own keys (e.g., perso keys) and where a credential applet may need to be activated to enable its associated commerce credential for use by NFC device module; 0039).

As per claim 9:
Khan discloses wherein the authentication key is one of either a master key or a key generated based on the master key, and  wherein if the authentication key is the key generated based on the master key, the security module is configured to generate a token indicating that the shared key is generated based on the authentication key and transmit the token and information related to the shared key to the first external electronic device (0041:  secure 

As per claim 10:
Khan discloses wherein the electronic device is configured to transmit the shared key and the information related to the shared key to the first external electronic device using the communication module (0044: provided with a set of shared secrets or shared keys (e.g., Auth Keys) that may be leveraged for enabling a securely encrypted channel).

As per claim 11:
Khan discloses an electronic device that receives a shared key from a first electronic device (Figure 2: 100 Electronic Device), the electronic device comprising:
a processor (Figure 2: 102); 
at least one communication module configured to support wireless communication (Figure 2: Near Filed Communication Component 120; communication component 106); and
a security module configured to manage information related to an applet that manages an authentication key used in authentication of a second electronic device and store an applet identification (AID) list and the applet (0021: keys of a contactless registry services (“CRS”) applet ; 0041-0042:  secure element; securely load one or more Auth Keys 157a on CRS applet; An “Auth” key or an “authorization” key;  authentication component;  CRS applet ;  0044: secure element for providing shared secrets or shared keys; 0047:  securely pairing a secure element and a processor of an electronic device; 0056-0058),

receive a signal requesting the information related to the applet from the first electronic device (0053; 0055: Auth Keys may be generated or otherwise accessed by processor);
transmit the information related to the applet to the first electronic device (0054, 0056: one or more shared secrets or shared keys);
receive the shared key and information related to the shared key from the first electronic device (0042; 0044: NFC controller module to establish  a securely encrypted channel provided with a set of shared secrets or shared keys (e.g., Auth Keys); and
install the received shared key and the information related to the shared key in the security module (0042; 0044: controller module  manages to establish   a securely encrypted channel provided with a set of shared secrets or shared keys (e.g., Auth Keys).

Khan does not explicitly disclose the security module of the device communicating first and second external device for authentication and wherein the shared key is generated by the first external electronic device based on the authentication key, wherein the information related to the shared key comprises information indicating an instruction to activate at least some of functions provided by the second external electronic device. MAIWAND, in analogous art however, discloses the security module of the device communicating the keys first and second external device ([0052]: Security management configuration for authentication and authorization can occur after determining the security level of the requested authentication service; security manager 508 resides on the Bluetooth host and communicates with L2CAP 512 and with link manager/controller 516 through host control interface (HCI) 514; a connect request from a 
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the claimed limitations of the generated shared key disclosed by Khan to include the security module of the device communicating first and second external device for authentication and wherein the shared key is generated by the first external electronic device based on the authentication key, wherein the information related to the shared key comprises information indicating an instruction to activate at least some of functions provided by the second external electronic device. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to provide dynamic user access, among a plurality of users via secure communications while providing a positive user experience for access through passive keyless entry (PKE) and other similar devices and customizable vehicle access and function control as suggested by MAIWAND (0006-0008).

As per claim 15:
.

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Khan et al. (Hereinafter referred to as Khan, US. Pub. No.: US 20160344710 A1) over MAIWAND et al. (Hereinafter referred to as MAIWAND, US 20170352215 A1) in further view of MAHAFFEYet al. (Hereinafter referred to as MAHAFFEY, US 20140282877 A1).

As per claim 4:
Khan and MAIWAND do not explicitly disclose wherein the information for generating the shared key, which is input, comprises an available usage time of the second external electronic device and geofencing limitation data of the second external electronic device. MAHAFFEY, in analogous art however, discloses wherein the information for generating the shared key, which is input, comprises an available usage time of the second external electronic device and geofencing limitation data of the second external electronic device (0056:  the proximity based control system 202 can change a level of authentication based on a geo-location of the target device 200. 0033: whether the first device is a key device 210, and if so, whether it triggers proximity login for an unlimited period of time, or for a limited period of time; 0188 0202).


Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Khan et al. (Hereinafter referred to as Khan, US. Pub. No.: US 20160344710 A1) over over MAIWAND et al. (Hereinafter referred to as MAIWAND, US 20170352215 A1) in further view of Cooper et al. (Hereinafter referred to as Cooper US 20150148989 A1).

As per claim 12:
Khan and MAIWAND in combination, as indicated above, disclose receive information from the first external electronic device; identify an applet identification for management of the shared key and transmit a command to install the applet to the security module.
Khan and MAIWAND do not explicitly disclose the information received from the external device is information on the vehicle. Cooper, in analogous art however, discloses the information received from the external device is information on the vehicle (0049:  The mobile computing device communicates the exchanged digital key to the vehicle when one or .

Allowable Subject Matter
Claims 13 and 14 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is a statement of reasons for the indication of allowable subject matter: After consideration and search, the pertinent prior arts of record cited in PTO-892, either taken alone or in combination neither anticipates nor renders obvious the claimed allowable subject matter:
As per claim 13: wherein the security module is configured to: if there is a plurality of applets installed in the security module, deactivate the remaining applets, excluding applets for 
As per claim 14: wherein the security module comprises a proximity vehicle key system environment (PVKSE) configured to manage information related to the applet, and wherein the PVKSE is stored in an issued security domain of the security module, and the applet is stored in a supplementary security domain.

BRI (Broadest Reasonable Interpretation)
The above claims under examination have been given their BRI consistent with the applicant’s disclosure as they would be interpreted by one of ordinary skill in the art at the time of filing the invention and the following claim words or terms or phrases or languages have been given to them, as follows, reasonable BRI considerations and context in view of the applicant’s disclosure in order to construe and appraise boundary and scope of the claimed limitations. For example, for the following claim words or terms or phrases or languages, the examiner recites BRI considerations from the applicant’s disclosure as follows:

Authentication key and Shared Key:
[0062] The security module 330 may store an authentication key used for authentication of the second external electronic device (e.g., a second external electronic device 1401 in FIG. 14), and may manage the stored authentication key. Authentication of the second external electronic device 1401 may indicate an operation of identifying whether or not 
[0063]: The security module 330 may generate a shared key to be transmitted to the first external electronic device 400 and manage the generated shared key under the control of the processor 310. The shared key transmitted to the first external electronic device 400 may be used in the authentication of the second external device (e.g., the second external device 1401 in FIG. 14), and the first external electronic device 400 that stores the shared key may perform valid authentication with the second external device 1401 using the shared key.
[0069]: The key managing applet 331 may identify the type of the authentication key stored in the security module 330. The type of the authentication key may include a master key or a primary shared key generated based on the master key. For example, the master key may refer to a key provided by the manufacturer of the second external electronic device 1401 at the time of producing the second external electronic device 1401. For example, the primary shared key may refer to a shared key generated based on the master key.
[0070]: The key managing applet 331 331 may generate a primary shared key in response to identifying that the authentication key stored in the security module 330 is a master key.
[0071]: The key managing applet 331 may generate a token for generating a secondary shared key in response to identifying that the authentication key stored in the security module 330 is a primary shared key generated based on the master key. 

[0073]: The information related to the shared key may include information indicating that the shared key is generated based on the authentication key stored in the electronic device 300. The second external electronic device 1401 may receive the information related to the shared key from the first external electronic device 400, and may verify whether or not the shared key is valid based on the information indicating generation based on the authentication key stored in the electronic device 300.
[0113]: The authentication key may be one of either a master key or a key generated based on the master key, and if the authentication key is the key generated based on the master key, the security module 330 may be configured to generate a token indicating that the shared key is generated based on the authentication key and transmit the token and information related to the shared key to the first external electronic device 400.
[0237]: The authentication key may be one of either a master key or a key generated based on the master key, and if the authentication key is the key generated based on the 

Conclusion
The prior arts made of record and not relied upon are considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior arts.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 


Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784.  The examiner can normally be reached on 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/TECHANE GERGISO/             Primary Examiner, Art Unit 2494