Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communications received 1/17/2020. Claims 1-18 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/11/2020 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform 
“a communication component configured to send the network access instruction to the network access management client and send the network  access authentication request to the authentication server” in claim 15.
“the communication component is configured to receive a network access authentication request “ in  claim 16.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Objection
Claim 7 is objected to because the claim recites “retrieving the user name and dynamic password ... in response to a user copying the user name and the dynamic password from the local-end page ...”  instead of “retrieving the user name and dynamic the user copying the user name and the dynamic password from the local-end page ...”  Correction is requested.

Claim Rejections - 35 USC § 112

The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claim 15 is rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention: 
Because the claim recites a limitation being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, that limitation is being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. A review of the specifications show paragraph [224] disclose the structure associated with “a communication component”:

[224] The communication component in FIG. 8b, FIG. 9b, and FIG. 10b may be configured to facilitate wired or wireless communication between a device to which the communication component belongs and other devices. The device to which the communication component belongs can access a wireless network based on a communication standard, such as WiFi, 2G, or 3G, or a combination thereof. In one exemplary embodiment, the communication component receives a broadcast signal or broadcast-related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component further includes a near field communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on radio frequency identification (RFID) technology, Infrared Data Association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology, and other
technologies.

However, the written description fails to describe “a communication component” as defined in the specifications, “configured to send the network access instruction to the network access management client and send the network  access authentication request to the authentication server”, i.e a communication component such as NFC, BT, RFID included in the terminal device (Fig. 8b, 9b)  sending instruction to the network access management client (an application in the terminal device, see Fig. 1) and also sending authentication request to an authentication server external to the terminal device. 
Correction or clarification is kindly requested.





The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:



Claim 15 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 15 is directed to a terminal device comprising: a memory, a processor, and a communication component, and additionally recites a wherein clause about a communication component. It is unclear whether the wherein clause is further limiting the scope of the terminal device, because it is unclear whether “a communication component” in the wherein clause is limiting further the first instance of “a communication component “ in the claim. 
Additionally, “the network access instructions”, “the network access management client”, “the network access authentication request”, and “the authentication server” lack antecedent basis and render the claim indefinite.
Claim 15 has unclear scope and is not being rejected by prior art at this time.
Claims 8-13 and 16-18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential elements, such omission amounting to a gap between the elements.  See MPEP § 2172.01.  The omitted elements are the encrypting of the user name. The steps recited “receiving ... a user name and a dynamic password; decrypting the user name ...” omit the step reciting the user name is an encrypted device ID. Correction or clarification is kindly requested.

Claims 8-13 and 16-18 are also rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
The claims recite “decrypting the user name ...”; “... a device ID of the terminal device that is decrypted from the user name”; “performing legitimacy verification ... according to ..., the device ID ...”; it is unclear whether the user name is decrypted twice, and what is the relationship between the device ID and the user name, which are both decrypted. 
Additionally, claim 10 recites two instances of “a device ID” , the first in claim 8, the second at line 3 of claim 10; the subsequent recitation in claim 10 of “the device ID” is therefore indefinite.
Claim 17 recites “the network access management client”, which lack antecedent basis and renders the claim indefinite.
Claim 18 recites NAS without defining the acronym, it is unclear what NAS refers to. Correction is requested. 
Additionally, claims 17-18 recites “the system of claim 14”, which lacks antecedent basis and renders the claim indefinite. 
Correction or clarification is kindly requested.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 6 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over “Authorization Mechanism for MQTT-based Internet of Things”, by Niruntasukrat et al., 2016, IEEE, 6 pages, hereinafter Niruntasukrat, in view of US 20180310142 to Samdani et al., hereinafter Samdani.

 Regarding claim 1, Niruntasukrat discloses:
A network access authentication method, comprising: acquiring, according to a network access instruction of a terminal device, a device ID of the terminal device (p.3, right column, 1) and 2) request and obtain device ID from AuthServer) and a user name (p.4, under C, table III: create username from device ID and timestamp), and wherein the device ID is generated by an authentication server for the terminal device (p.3, right column, 2) ); encrypting the device ID and a time value within a current time step using a seed key agreed upon with the authentication server, so as to obtain a dynamic password (p.4, under C, table III and paragraph below table III: create dynamic password by encrypting access token and username, the latter obtained from device ID and timestamp; as known in the art a key agreement is needed between the parties in communication, in order to verify the dynamic ; and providing the user name and the dynamic password to the terminal device, so that the terminal device generates a network access authentication request and sends the network access authentication request to the authentication server for network access authentication (p.4, under C username and password used for client authentication).
Niruntasukrat does not explicitly teach wherein the user name is obtained by encrypting the device ID.
In an analogous art, Samdani discloses enrolling a client device and generating a username by encrypting the device identifier ([0029][0066] and providing it to the client device ([0031][0032]). Therefore, Samdani disclose the limitation. It would have been obvious to a skilled artisan before the application was effectively filed to encrypt the device ID in Niruntasukrat as taught by Samdani and generate the claimed username because it would ensure confidentiality of the device id during the authentication request.

Regarding claim 2, Niruntasukrat in view of Samdani discloses the method according to claim 1, wherein the providing the user name and the dynamic password to the terminal device comprises filling the user name and the dynamic password in a network access information page provided by the terminal device (Samdani [0035] client uses web application to obtain enrollment data or  enrollment token  including username, password and other information ([0019])).

Regarding claim 6, Niruntasukrat in view of Samdani discloses the method according to claim 1 further comprising: generating a network access authentication request according to the user name and the dynamic password, and sending the network access authentication request to the authentication server, so that the authentication server performs network access authentication on the terminal device (Niruntasukrat p.4, under C, on right: client sends authentication request to broker with username and password; as known in the art, authentication of the credentials is performed).   
Regarding claim 14, the claim recites substantially the same content as claim 1 and is rejected by the rationales used to reject claim 1.

Claims 8 and 16-17  are rejected under 35 USC 103 as being unpatentable over Niruntasukrat, further in view of US 20180255004 to Lanka et al., hereinafter Lanka, and further in view of US 7360096 to Bracewell et al., hereinafter Bracewell.

Regarding claim 8, Niruntasukrat discloses: 
A network access authentication method, comprising: receiving a network access authentication request sent by a terminal device, wherein the network access authentication request comprises a user name and a dynamic password (p. 4, under C, on right: authentication request with username and password, both time dependent); 
Niruntasukrat is not concerned with the verification of credentials; in an analogous art, Lanka discloses creating at a server an encrypted authentication token decrypting the user name according to a set decryption algorithm; performing creditability verification on the terminal device according to a device ID of the terminal device that is decrypted from the user name ; and performing legitimacy verification on the terminal device according to a creditability verification result, the device ID as taught by Lanka because it would “ensure that the request comes from a user/device that is authorized to receive the user information” (Lanka [0046]). Niruntasukrat in view of Lanka does not disclose performing legitimacy verification according to the dynamic password in the network access authentication request.
 Niruntasukrat discloses the dynamic password is hashed data (HMAC-SHA1(Access_Token&Username); it is well known in the art that verification of hashed data means recalculating the hash and comparing it with the value from the request, as taught by Bracewell.   Bracewell in an analogous art discloses  a server generating a digital signature from a unique identifier and user credentials (col. 4:57-67) comprising username and password (col. 17:2-10) , encrypting the digital signature, and providing it to the user device (5:1-11), the user device sends a request for resource to the server including the encrypted information, the server generates a validation digital signature, the dynamic password in the network access authentication request. It would have been obvious to a skilled artisan before the application was effectively filed to also perform legitimacy verification of the password as taught by Bracewell because it would ensure the password was not tampered with.
Regarding claim 16, the claim recites substantially the same content as claim 8 and is rejected by the rationales used to reject claim 8.
Regarding claim 17, Niruntasukrat in view of Lanka and Bracewell discloses the system according to claim 14, wherein the network access management client is installed on the terminal device (Niruntasukrat, p1, under II, on right: any application in the client device).

Claim 18 is rejected under 35 USC 103 as being unpatentable over Niruntasukrat, Lanka, Bracewell, and further in view of US 20160087954 to Zhang, hereinafter Zhang.
Regarding claim 18, Niruntasukrat in view of Lanka and Bracewell discloses the system according to claim 14, but does not teach the rest of the claim;
Zhang in an analogous art, discloses  the system further comprises: a NAS device and a Radius server, wherein the terminal device is connected to the Radius server via the NAS device, and the Radius server is connected to the authentication server (Fig. 1, client device connected to the network controller (NAS), which is connected to Radius server, the Radius server itself in communication with a remote  . It would have been obvious to a skilled artisan before the application was effectively filed to include the terminal device and authentication server in a system comprising the RADIUS and NAS as taught by Zhang, in order to stage the authentication request from the client at the network controller and verifies the status of the authentication (Zhang [0038]).

Allowable Subject Matter
Claims 3-5, 7 and  9-13 recite allowable matter.
Claim 3 recites the method according to claim 1, wherein the seed key is maintained and managed by an independent encryption tool, and the encrypting the device ID and a time value within a current time step using a seed key comprises: sending the device ID and the time value within the current time step to the encryption tool, so that the encryption tool encrypts the device ID and the time value within the current time step using the seed key and outputs the dynamic password.  
Neither  Niruntasukrat or any other prior art of the record  alone  or in combination with other prior arts of the records disclose all the limitations in claim 3; therefore, claim 3 is allowable. Claims 4-5 dependent from claim 3 are equally found allowable.

Claim 7 recites the method according to claim 1, wherein the providing the user name and the dynamic password to the terminal device comprises: putting the user name and the dynamic password in a local-end page; presenting the local-end page to a user according to an access request of the user; and retrieving the user name and 
Claim 9 recites  the method according to claim 8, wherein the performing creditability verification on the terminal device comprises: searching, in response to the device ID being successfully decrypted from the user name, a registered device list according to the device ID, wherein the registered device list stores device IDs of registered devices; querying a device status list in response to the device ID being found in the registered device list, wherein the device status list stores statuses of the registered devices; and , determining, in response to the device status list indicating the terminal device is in a normal state, that the terminal device passes the creditability verification.  
Claim 10 recites the method according to claim 8, wherein the user name further includes a user ID corresponding to the terminal device, and before the performing creditability verification on the terminal device according to a device ID that is decrypted from the user name, the method further comprises: performing, according to the user ID and user information corresponding to the pre-registered terminal device, identity authentication on a user to which the terminal device belongs; and   executing, in response to the user passing the identity authentication, the operation of performing creditability verification on the terminal device according to the device ID.  
Claim 11 recites the method according to claim 8, wherein the performing legitimacy verification on the terminal device according to a creditability verification result, the device ID, and the dynamic password in the network access authentication 
Claim 13 recites the method according to claim 8, wherein before the receiving a network access authentication request sent by a terminal device, the method further comprises: receiving a registration request sent by the network access management client, wherein the registration request carries hardware information of the terminal device; generating the device ID for the terminal device according to the hardware information; encrypting the device ID to generate the user name; encrypting the seed key using the user name and the device ID to obtain an encrypted seed key; and sending the user name, the device ID, and the encrypted seed key to the network access management client.  
Neither Niruntasukrat or any other prior art of the record  alone  or in combination with other prior arts of the records disclose all the limitations in claims 7, 9-11 and 13; therefore, claims 7, 9-11 and 13 are allowable. Claims 12 dependent from claim 11 is equally found allowable.
Claims 3-5, 7 and 9-13 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Loladia et al 20180278607 discloses a  client sending a registration reuest to a server with the client device serial number, the server assigns a device id to the client device and maintains in a registry device id, serial number, metadata ... 
Gupta et al 20130227661  disclose a user device generating a dynamic password, and sends the dynamic password, device id, application id to an authentication server for authentication.
Streete et al 10785219 disclose generating at manufacture time a credential set for a device based on the device id, provide the credential set to the user device for updating; a database stores the device model number, serial number ... mapped to username and password.
Slupesky et al 20180330368 disclose a server registering a device id, and providing a passcode to the device for use in authentication.
Yin et al 20180255456 disclose a device sending a request with MDN, certificate and first token, the server generates a device id and second token
McGuire et al 9594922 disclose an  encryption key that is time-dependent, used to issue tokens for authentication
Lisboa 9084071 maintaining a  mobile device registration status, and the association of the device identofoer and device registration status.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.