DETAILED ACTION

Claims 1-20 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Information Disclosure Statement
The Information Disclosure Statement(s) submitted by applicant on 07/13/2021 and 05/20/2020 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.

	Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims1, 2, 5-11, and 14-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hamlin et al. (US Patent Application No. 20200304543) (Hereinafter Hamlin) in view Hojsik et al. (US Patent Application No. 2018/0198628) (Hereinafter Hojsik).

As per claim 1, Hamlin discloses a method performed by an accessory device that is connected to a host computing device and that is capable of providing access to one or more computing resources to the host computing device (fig 1), the method comprising: 
receiving authentication information (fig 2, para 17, To authenticate the computing device, the operations may include performing an authentication process of credentials associated with the computing device) from the host computing device 
determining whether the authentication information is valid (208, fig 2, para 14,” If the authentication is successful, then the dock may provide the computing device that is connected to the dock with access to one or more resources based on the policy.  For example, the resources that are accessible via the dock may include (i) local resources, such as power, printer, input device, output device”, authentication successful interpreted as validated); 
in response to at least determining that the authentication information is valid, applying a first access policy that specifies whether or not the host computing device is to be provided access to each of the one or more computing resources valid (216, fig 2, para 14,” If the authentication is successful, then the dock may provide the computing device that is connected to the dock with access to one or more resources based on the policy.  For example, the resources that are accessible via the dock may include (i) local resources, such as power, printer, input device, output device”); and
in response to at least determining that the authentication information is not valid (para 37, if the dock  is unable to authenticate), applying a second access policy that specifies whether or not the host computing device is to be provided access to each of the one or more computing resources, the second access policy being different than the first access policy (para 37, For example, if the dock is unable to authenticate the data, then one of the device policies that denies access to one or more of the resources may be selected and applied).  Hamlin does not explicitly disclose determining whether the authentication information is valid. However the authentication includes validating 

As per claim 2, claim is rejected for the same reasons and motivation, as claim 1, above. In addition, Hojsik discloses  wherein the authentication information comprises a host certificate and wherein determining whether the authentication information is valid comprises: 
verifying a digital signature of the host certificate using a public key of a certificate authority that has been provisioned to the accessory device (fig 4, para 63, verifying the digital signature using the public key DevPK contained in or otherwise associated with the device certificate). 

As per claim 5, claim is rejected for the same reasons and motivation, as claim 1, above. In addition, Hojsik discloses wherein the accessory device comprises one of a docking station, a port replicator, a multimedia adapter, or a hub (fig 4, para 12, docking station). 

As per claim 6, claim is rejected for the same reasons and motivation, as claim 1, above. In addition, Hojsik discloses wherein the one or more computing resources comprise one or more of: a Universal Serial Bus (USB) port; an Ethernet port; a display port; or an audio port (fig 1, para 13, Ethernet port, device port). 

As per claim 7, claim is rejected for the same reasons and motivation, as claim 1, above. In addition, Hojsik discloses  , wherein the receiving, determining and applying steps are performed in response to determining that the accessory device has been configured to perform host authentication (fig 1, authentication device, para 14, user or host device authenticated based on detection). 

As per claim 8, claim is rejected for the same reasons and motivation, as claim 1, above. In addition, Hojsik discloses  wherein the one or more computing resources comprise multiple computing resources and wherein at least one of the first access policy and the second access policy specifies that the host computing device is to be provided access to some but not all of the multiple computing resources (fig 2 and 3,para 17, The operations may include determining that a second computing device is connected to the dock, performing a second authentication process of second credentials associated with the second computing device, determining that the second authentication process failed, and selecting one of a default policy, a last used policy, or a restricted access policy”).  

As per claim 9, claim is rejected for the same reasons and motivation, as claim 1, above. In addition, Hojsik discloses  wherein the one or more computing resources comprise multiple computing resources and wherein the first access policy specifies that the host computing device is to be provided access to a first set of the multiple computing resources and the second access policy specifies that the host computing device is to be provided access to a second set of the multiple computing resources, wherein the second set is a subset of the first set that is smaller than the first set (para 17, The operations may include determining that a second computing device is connected to the dock, performing a second authentication process of second credentials associated with the second computing device, determining that the second authentication process failed, and selecting one of a default policy, a last used policy, or a restricted access policy”, the default policy or the restricted access policy ). 

As per claim 10, Hamlin discloses a method performed by an accessory device, comprising:
 receiving a host access policy management command and authentication information from a host computing device that is connected to the accessory device (fig 2, para 20, policy enforcement module  may be executed by the controller to authenticate the computing device), the host access policy management command indicating that a host access policy be set on, modified on, or removed from the accessory device  (para 44, the stored policies are old and the policy server is accessible, then the dock may send a request to the policy server to send updated policies), the host access policy specifying whether a host computing device that is 
determining whether the authentication information is valid (208, fig 2, para 14,” If the authentication is successful, then the dock may provide the computing device that is connected to the dock with access to one or more resources based on the policy.  For example, the resources that are accessible via the dock may include (i) local resources, such as power, printer, input device, output device”, authentication successful interpreted as validated); 
in response to at least determining that the authentication information is valid, executing the host access policy management command (216, fig 2, para 14,” If the authentication is successful, then the dock may provide the computing device that is connected to the dock with access to one or more resources based on the policy.  For example, the resources that are accessible via the dock may include (i) local resources, such as power, printer, input device, output device”); and 
in response to at least determining that the authentication information is not valid, denying execution of the host access policy management command (para 37, For example, if the dock is unable to authenticate the data, then one of the device policies that denies access to one or more of the resources may be selected and applied).  Hamlin does not explicitly disclose determining whether the authentication information is valid. However the authentication includes validating information such as credential, certificate, keys, signature etc. For example, Hojsik discloses validation and verification 

As per claim 11, claim is rejected for the same reasons as claims 10, and 2, above. 

As per claim 14, claim is rejected for the same reasons as claim 10, above. In addition, Hamlin discloses wherein the authentication information comprises an identifier of the accessory device and wherein determining whether the authentication information is valid comprises: comparing the identifier of the accessory device included in the authentication information to an identifier of the accessory device that is stored on the accessory device and is not programmatically queryable by any external device (para 19, the dock  may include firmware  that includes a policy enforcement module, one or more device policies, one or more user policies, and one or more configurations.). 

As per claim 15, claim is rejected for the same reasons as claims 10, and 5, above. 

As per claim 16, claim is rejected for the same reasons as claims 10, and 6, above. 

As per claim 17, claim is rejected for the same reasons and motivation as claim 10, above. In addition, Hamlin discloses wherein the host access policy comprises a first host access policy that is applied by the accessory device for authenticated host computing devices and a second host access policy that is applied by the accessory device for non-authenticated host computing devices (para 17, determining that a 
second computing device is connected to the dock, performing a second authentication process of second credentials associated with the second computing device, determining that the second authentication process failed, and selecting one of a default policy, a last used policy, or a restricted access policy). 

As per claim 18, claim is rejected for the same reasons as claims 10, and 8, above. 

As per claim 19, claim is rejected for the same reasons as claims 10, and 9, above. 

As per claim 20, claim is rejected for the same reasons and motivation as claim 10, above. In addition, Hamlin discloses sending authentication information to the accessory device that is sufficient to enable the accessory device to authenticate the host computing device (para 28, The dock  may receive the response  and replace at 
the host access policy specifying whether a host computing device that is subsequently connected to the accessory device should be provided with access to each of one or more computing resources accessible to the accessory device (fig 1-2, para 32, selected policy by selecting a particular configuration of the configurations 118 (e.g., specified by the particular policy) and configuring the dock 104 accordingly to provide (and/or restrict) access to one or more of the resources).

Claim 3 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Hamlin et al. (US Patent Application No. 20200304543) (Hereinafter Hamlin) in view Hojsik et al. (US Patent Application No. 2018/0198628) (Hereinafter Hojsik) in further view of Kumar et al. (US Patent Application No. 20180198764) (Hereinafter Kumar) .

As per claims 3 and 12,  Hamlin in view of Hojsik does not disclose wherein the host certificate contains a public key, wherein the authentication information further comprises a digitally-signed nonce, and wherein determining whether the authentication information is valid further comprises: 
. 

Claims 4 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Hamlin et al. (US Patent Application No. 20200304543) (Hereinafter Hamlin) in view of  Hojsik et al. (US Patent Application No. 2018/0198628) (Hereinafter Hojsik) in further view of Lee et al. (US Patent Application No. 20160365984) (Hereinafter Lee).

As per claims 4 and 13, Hamlin in view of Hojsik does not disclose wherein the host certificate contains an Extended Key Usage (EKU) value and wherein determining whether the authentication information is valid further comprises: comparing the EKU value contained in the host certificate to an EKU value that is stored on the accessory device. However lee discloses comparing the EKU value contained in the host certificate to an EKU value that is stored on the accessory device (para 53, analyzing the EKU in the SP certificate, and responds to this verification, broadly reads on comparing ). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Hamlin and 

Conclusion

Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and 





/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493