Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This Office Action is in response to the communication and claim amendment
filed on 10/07/2021; Claims 23-24 have been added; Claims  4 and 15  were cancelled; claims 1, 5, 12, and 16  have been amended; and claims 1 and 12 are independent claims.  Claims 1-3, 5-14, and 16-24 have been examined and are pending.  This Action is made FINAL.
Response to Arguments
The objection to the claim 1 is withdrawn as the abstract has been amended.
Claims 12-22 are interpreted under 35 U.S.C. 35 U.S.C. 112(f) are withdrawn as the claims have been amended.
Applicants’ arguments in the instant Amendment, filed on 10/07/2021, with respect to limitations listed below, have been fully considered but they are not persuasive.
a. Applicants argue: Yan does not disclose that a first device requests and receives a certificate of a second device from a certificate authority, that the first device also requests and receives trust score data from a trust management server, and that at least one control parameter for operation of the first device with the second device is configured based on the certificate and a first trust score generated by the first device (Applicant Remarks/Arguments, pages 9-12).
         The Examiner disagrees with the Applicants. The Examiner respectfully submits that Van discloses a portion of the aforementioned limitations as the following:
Yan discloses configuring, by the first device, at least one control parameter for operation of the first device with the second device based on the first trust score, wherein configuring adjusts a previous control parameter to restrict operation of the first device relative to the second device (Yan: par. 0052, receiving node 101 can then use this combined trust value to evaluate, for instance, whether or how to use the received content: par. 0065, On receiving the query, the node 101b  evaluates the trust certificate to determine whether the query is from a node that meets a trust value threshold predetermined by the node 101b.  If the trust value of the node 101a meets the threshold, the node 101b determines whether it has the content requested by the query.  If the trust value of the node 101a does not meet the threshold, the node 101b may assume that the node 101a is malicious and may not respond even.
Regarding to arguments to the amended limitations “a first device requests and receives a certificate of a second device from a certificate authority, that the first device also requests and receives trust score data from a trust management server, and that at least one control parameter for operation of the first device with the second device is configured based on the certificate” have been fully considered but are moot in view of the new ground(s) of rejection.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 09/27/2021 is being considered by the examiner.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 12-14, 16-22, and 24 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Regarding claims 12-14, 16-22, and 24; claims 12-14, 16-22, and 24 recite the limitation “A device configured with security and trust score determination on a network, the device comprising: a processor; and a storage …;” The specification does not explicitly define that the claimed ‘processor’ and ‘storage’ are only implemented in hardware. One of ordinary skill in the art would understand that a processor could be a ‘software processor’ (see the Authoritative Dictionary of IEEE, Seventh Edition, published in Dec. 2000, page 872) and a storage could be any medium in which data can be retained (see the Authoritative Dictionary of IEEE, Seventh Edition, published in Dec. 2000, page 1112).  As the body of the claim does not positively recite any hardware embodiment, the claim is directed to non-statutory subject matter. The nominal recitation of the machine/device in the preamble with an absence of a hardware element in the body of the claim fails to make the claim statutory under 35 USC 101.  See Am. Med. Sys., Inc v. Biolitec, Inc., 618 F.3d 1354, 1358 (Fed. Cir. 2010).  The Examiner respectfully suggests that the claim be further amended to positively recites at least one hardware element within the body of the claim to make the claim statutory subject matter under 35 U.S.C. 101.  
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

  Claims 1-3, 5-6, 9, 12-14, 16-18, 20, and 23-24are rejected under 35 U.S.C. 103 as being unpatentable over Yan (“Yan,” US 2011/0078775, Mar. 31, 2011) in view of Patel et al. (“Patel,” US 2013/0091352, published Apr. 11, 2013).
Regarding claim 1, Yan discloses a method for device security and trust score determination, the method comprising:
requesting, by the first device, trust score data for the second device, wherein the first device requests trust score data from a trust score management server (Yan: abstract, A trust manager receives content from a transmitting node over an ad-hoc network.  The trust manager retrieves one or more trust values associated with the content, the transmitting node, or both, wherein the trust values are assigned by a trust server and further adjusted based on locally collected credibility information; par. 0051, the trust manager 109 retrieves the trust value (e.g., trust certificate) associated with the transmitting node 101 from the trust server 105 (step 403));
(Yan: abstract, A trust manager receives content from a transmitting node over an ad-hoc network.  The trust manager retrieves one or more trust values associated with the content, the transmitting node, or both, wherein the trust values are assigned by a trust server and further adjusted based on locally collected credibility information; par. 0051, the trust manager 109 retrieves the trust value (e.g., trust certificate) associated with the transmitting node 101 from the trust server 105 (step 403)); 
generating, by the first device, a first trust score for the second device (Yan: abstract, The trust manager then generates one or more combined trust values for the content, the transmitting node, or both from the trust values and the local evaluation; fig. 1; par. 0052, generation of an overall or combined trust value associated with the content and/or transmitting node 101 (step 407)); 
transmitting, by the first device, the first trust score for the second device to a trust score management server (Yan: abstract, The trust manager then generates one or more combined trust values for the content, the transmitting node, or both from the trust values and the local evaluation; fig. 1; par. 0030; par. 0049, The trust information distributor 313 can then report the results of the local evaluation, the observed communication flows, and/or the observed content recommendation flows to the trust server 105); and
configuring, by the first device, at least one control parameter for operation of the first device with the second device based on the first trust score, wherein configuring adjusts a previous control parameter to restrict operation of the first device relative to the second device (Yan: par. 0052, receiving node 101 can then use this combined trust value to evaluate, for instance, whether or how to use the received content: par. 0065, On receiving the query, the node 101b  evaluates the trust certificate to determine whether the query is from a node that meets a trust value threshold predetermined by the node 101b.  If the trust value of the node 101a meets the threshold, the node 101b determines whether it has the content requested by the query.  If the trust value of the node 101a does not meet the threshold, the node 101b may assume that the node 101a is malicious and may not respond even.
Yan discloses configuring, by the first device, at least one control parameter for operation of the first device with the second device based on the first trust score, wherein configuring adjusts a previous control parameter to restrict operation of the first device relative to the second device but does not explicitly disclose requesting, by a first device, a certificate of a second device, wherein the first device requests the certificate from a certificate authority; receiving, by the first device, the certificate from the certificate authority; and control parameter for operation of the first device with the second device based on the certificate.
However, in an analogous art, Patel discloses techniques to classify virtual private network traffic based on identity, wherein requesting, by a first device, a certificate of a second device , wherein the first device requests the certificate from a certificate authority (Patel: par. 0045, at a first network device, querying a certificate authority database to obtain a first digital certificate and a second digital certificate in order to establish a secure exchange between the first network device and a second network device; See also par. 0009); 
(Patel: par. 0045, at a first network device, querying a certificate authority database to obtain a first digital certificate and a second digital certificate in order to establish a secure exchange between the first network device and a second network device; See also par. 0009).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Patel with the method and system of Yan, wherein requesting, by a first device, a certificate of a second device, wherein the first device requests the certificate from a certificate authority and receiving, by the first device, the certificate from the certificate authority to provide users with means for The method ensures that the identity and policy certificates can be used during secure exchange communication between the network devices to classify message exchanged and make policy decisions in a reliable manner (Patel: abstract, pars. 0001, 0009, 0023).
Regarding claim 2, the combination of Yan and Patel discloses the method of claim 1. Yan further discloses wherein requesting is in response to the first device identifying the second device on a network (Yan: fig. 1, par. 0029, communication network 107). 
Regarding claim 3, the combination of Yan and Patel discloses the method of claim 1. Yan further discloses wherein the first device and the second device are each configured to provide at least one function and a data storage capability (Yan: abstract, pars. 0003-0004, fig. 1, par. 0029, plurality of nodes (e.g. nodes 101a-101n), fig. 8, par. 0080). 
Regarding claim 5, the combination of Yan and Patel discloses the method of claim 1. Yan further discloses wherein generating the first trust score includes the first device generating a trust score based on a certificate of the second device, and a trust score from a third device (Yan: fig. 1, par. 0029, plurality of nodes (e.g. nodes 101a-101n; par. 0033, … to generate and issue trust certificates (e.g., trust values) to the nodes 101.  This trust certificate is, for instance, a part of the credibility information used to generate the overall or combined trust value for the content and/or the nodes 101 that transmitted the content; Patel: pars. 0009, 0045).
Regarding claim 6, the combination of Yan and Patel discloses the method of claim 1. Yan further discloses wherein transmitting the first trust score by the first device includes sharing the trust score value and identification of the second device with the server (Yan: par. 0049, It is noted that the trust server 105 is not subject to this limitation because the trust server 105 has knowledge of both the real identifiers and corresponding multiple anonymous identifiers associated with any particular node 101…. The trust information distributor 313 can then report the results of the local evaluation, the observed communication flows, and/or the observed content recommendation flows to the trust server 105)
Regarding claim 7, the combination of Yan and Patel discloses the method of claim 1. Yan further discloses wherein configuring includes determining that the first trust score is below a threshold of the first device for sharing data with other devices (Yan: pars. 0065, 0067,  the mode 101b may determine whether to forward the query by checking trust certificate associated with the querying node 101a to determine whether the node 101a is malicious.  If the trust value of the querying node 101a is below the predetermined threshold, the node 101b may not forward the query.  Otherwise, the node 101b adds its anonymous identifier and trust certificate to the query and forwards the query to the node 101c via a broadcast message (at 707)).
Regarding claim 9, the combination of Yan and Patel discloses the method of claim 1. Yan further discloses wherein one of an average of trust score calculations and weighted average of trust scores are performed to determine the first trust score for the second device (Yan: par. 0060, ...the algorithm considers each factor equally to generate a trust value.  In addition or alternatively, the algorithm may provide different weighting for each factor.).
Regarding claim 12, Yan discloses a device configured with security and trust score determination on a network, the device comprising:
a processor (Yan: fig. 2, par. 0040); and
a storage (Yan: fig. 2, par. 0040) including executable code which, when executed, cause processor to:
 request trust score data for a second device, wherein the first device requests trust score data from a trust score management server (Yan: abstract, A trust manager receives content from a transmitting node over an ad-hoc network.  The trust manager retrieves one or more trust values associated with the content, the transmitting node, or both, wherein the trust values are assigned by a trust server and further adjusted based on locally collected credibility information; par. 0051, the trust manager 109 retrieves the trust value (e.g., trust certificate) associated with the transmitting node 101 from the trust server 105 (step 403));
receive trust score data from the trust score management server (Yan: abstract, A trust manager receives content from a transmitting node over an ad-hoc network.  The trust manager retrieves one or more trust values associated with the content, the transmitting node, or both, wherein the trust values are assigned by a trust server and further adjusted based on locally collected credibility information; par. 0051, the trust manager 109 retrieves the trust value (e.g., trust certificate) associated with the transmitting node 101 from the trust server 105 (step 403)); 
generate a first trust score for the second device (Yan: abstract, The trust manager then generates one or more combined trust values for the content, the transmitting node, or both from the trust values and the local evaluation; fig. 1; par. 0052, generation of an overall or combined trust value associated with the content and/or transmitting node 101 (step 407)); 
transmit the first trust score for the second device to a trust score management server (Yan: abstract, The trust manager then generates one or more combined trust values for the content, the transmitting node, or both from the trust values and the local evaluation; fig. 1; par. 0030; par. 0049, The trust information distributor 313 can then report the results of the local evaluation, the observed communication flows, and/or the observed content recommendation flows to the trust server 105); and 
configure at least one control parameter for operation of the first device with the second device based at least in part on the first trust score wherein configuring adjusts a previous control parameter to restrict operation of the first device relative to the second (Yan: par. 0052, receiving node 101 can then use this combined trust value to evaluate, for instance, whether or how to use the received content: par. 0065, On receiving the query, the node 101b  evaluates the trust certificate to determine whether the query is from a node that meets a trust value threshold predetermined by the node 101b.  If the trust value of the node 101a meets the threshold, the node 101b determines whether it has the content requested by the query.  If the trust value of the node 101a does not meet the threshold, the node 101b may assume that the node 101a is malicious and may not respond even.
Yan discloses configure at least one control parameter for operation of the first device with the second device based at least in part on the first trust score wherein configuring adjusts a previous control parameter to restrict operation of the first device relative to the second device but does not explicitly disclose at least in part on independent of any certificate of the second device received from a certificate authority.
However, in an analogous art, Patel discloses techniques to classify virtual private network traffic based on identity, wherein control parameter for operation of the first device with the second device based at least in part on independent of any certificate of the second device received from a certificate authority (Patel: par. 0045, at a first network device, querying a certificate authority database to obtain a first digital certificate and a second digital certificate in order to establish a secure exchange between the first network device and a second network device; See also par. 0009).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Patel with the (Patel: abstract, pars. 0001, 0009, 0023).
Regarding claim 13, claim 13 is similar in scope to claim 2, and is therefore rejected under similar rationale.
Regarding claim 14, claim 14 is similar in scope to claim 3, and is therefore rejected under similar rationale.
Regarding claim 16, claim 16 is similar in scope to claim 5, and is therefore rejected under similar rationale.
Regarding claim 17, claim 17 is similar in scope to claim 6, and is therefore rejected under similar rationale.
Regarding claim 18, claim 18 is similar in scope to claim 7, and is therefore rejected under similar rationale.
Regarding claim 20, claim 20 is similar in scope to claim 9, and is therefore rejected under similar rationale.
Regarding claim 23, the combination of Yan and Patel discloses the method of claim 1.  The combination of Yan and Patel discloses wherein the configuration of the at (Yan: abstract, par. 0052, Patel: pars. 0009, 0045).
Regarding claim 24, the combination of Yan and Patel discloses the device of claim 12.  The combination of Yan and Patel discloses further discloses wherein any certificate of the second device is determined independent of the first trust score (Yan: abstract, par. 0052, Patel: pars. 0009, 0045). 
  Claims 8, 11, 19, and 22 are rejected under 35 U.S.C. 103 as being unpatentable over Yan (“Yan,” US 2011/0078775, Mar. 31, 2011) in view of Patel et al. (“Patel,” US 2013/0091352, published Apr. 11, 2013), further in view of Amidon et al. (“Amidon,” US 2014/0250496, published Sep. 4, 2014).
Regarding claim 8, the combination of Yan and Patel discloses the method of claim 1. Yan does not explicitly discloses setting, by the first device, a data sharing restriction for the second device based on the trust score. 
However, in an analogous art, Amidon discloses methods, systems, and products for measuring trust scores of devices, wherein setting, by the first device, a data sharing restriction for the second device based on the trust score (Amidon: abstract; par. 0006, The calculated trust score is compared to the threshold trust score.  If the calculated trust score equals or exceeds the threshold trust score, then the function is executed.  If the calculated trust score is less than the threshold trust score, then the function is denied, figs. 1-2, pars. 0026-0027).
(abstract, par. 0029).
Regarding claim 11, the combination of Yan and Patel discloses the method of claim 1.  Yan does not explicitly disclose wherein the first device limits interaction with the second device for partial data sharing with the second device based on the trust score calculation. 
However, in an analogous art, Amidon discloses methods, systems, and products for measuring trust scores of devices, wherein the first device limits interaction with the second device for partial data sharing with the second device based on the trust score calculation (Amidon: abstract; par. 0006, The calculated trust score is compared to the threshold trust score.  If the calculated trust score equals or exceeds the threshold trust score, then the function is executed.  If the calculated trust score is less than the threshold trust score, then the function is denied, figs. 1-2, pars. 0026-0027).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Amidon with the method and system of Yan and Patel, wherein the first device limits interaction with the second device for partial data sharing with the second device based on the trust score calculation to provide users with means for specifying any number of default threshold trust scores for any condition or circumstance that occurs (abstract, par. 0029)
Regarding claim 19, claim 19 is similar in scope to claim 8, and is therefore rejected under similar rationale.
Regarding claim 22, claim 22 is similar in scope to claim 11, and is therefore rejected under similar rationale.
  Claims 10 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Yan (“Yan,” US 2011/0078775, Mar. 31, 2011) in view of Patel et al. (“Patel,” US 2013/0091352, published Apr. 11, 2013), further in view of Koripella et al. (“Koripella,” US 2017/0279773, filed Mar. 28, 2016). 
Regarding claim 10, the combination of Yan and Patel discloses the method of claim 1. Yan does not explicitly disclose wherein first device maintain a rule based trust score determination for calculation of trust score.
However, in an analogous art, Koripella discloses dynamic prioritization of network traffic based on reputation. In one embodiment, Koripella discloses that network device may store a set of rules that indicate a manner in which network traffic is to be prioritized based on reputation scores (Koripella: par. 0054).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Koripella with the method and system of Yan and Patel, wherein first device maintain a rule based trust score determination for calculation of trust score to provide users with means for The device improves changes in traffic flow reputation by adjusting allocated bandwidth, thus increasing efficiency and effectiveness of traffic processing and traffic transfer by (Koripella: abstract, pars. 0002, 0009, 0058).
Regarding claim 21, claim 21 is similar in scope to claim 10, and is therefore rejected under similar rationale.
Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Canh Le whose telephone number is 571-270-1380. The examiner can normally be reached on Monday to Friday 6:00AM to 3:30PM other Friday off.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Canh Le/
Examiner, Art Unit 2439
January 20th, 2022


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439