DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 12, 18, 21, 24, and 27 were amended; no claims are canceled; and claim 31 was added. Therefore, claims 1-31 are pending, and claims 1 and 28-30 are the independent claims.  
Response to Arguments
Applicant's arguments filed 12/22/21 have been fully considered but they are not persuasive. With regards to 35 USC 112 rejection the applicant argued on page 8-9 that the Office Action fails to identify the portion of the specification that shows that the process of creating the identifier generation key is essential. Examiner respectfully disagrees. Again claim “generating a data identifier for the data based at least in part on an identifier generation key”, but claim failed to disclose in the claim how an identifier generation key is created or generated.

With regards to claim 1, 28-30 the applicant argued on page 10-11 that disclosing by Macieira [0067] for such directory service is different than "generating a data identifier for the data based at least in part on an identifier generation key."  Examiner respectfully disagrees. First, cited limitation of the claim failed to define “an identifier generation key”, secondly, Macieira   [0058] clearly discloses, hashing of SOURCEs which interpreted as data identifier contains a signature block by a key of transmitting node. Thus, Macieira   .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 1, 28-30 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential steps, such omission amounting to a gap between the steps.  See MPEP § 2172.01.  The omitted steps are:  claims 1, 28-30 recites “generating a data identifier for the data based at least in part on an identifier generation key”, but identifier generation key is not defined how it was created.

Dependent claims 2-7, 9-27 do not cure the deficiencies, also rejected accordingly. 

Claim Interpretation

Claim 29 limitation “ means for generating data ..”, “ means for determining that the device ..“, “ means for generating a data identifier “,  “means for generating an encryption key…”, “means for encrypting the data”, “means for signing the data.. “ invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. A review of the specification shows that the following appears to be the corresponding structure described in the 
            If applicant wishes to provide further explanation or dispute the examiner’s interpretation of the corresponding structure, applicant must identify the corresponding structure with reference to the specification by page and line number, and to the drawing, if any, by reference characters in response to this Office action. 
            If applicant does not wish to have the claim limitation treated under 35 U.S.C. 112, sixth paragraph, applicant may amend the claim so that it will clearly not invoke 35 U.S.C. 112, sixth paragraph, or present a sufficient showing that the claim recites sufficient structure, material, or acts for performing the claimed function to preclude application of 35 U.S.C. 112, sixth paragraph.
           For more information, see Supplementary Examination Guidelines for Determining Compliance with 35 U.S.C. § 112 and for Treatment of Related Issues in Patent Applications, 76 FR 7162, 7167 (Feb. 9, 2011).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims  1-6, 10, 12-13, 17-18, 24-25, 28-31 are rejected under 35 U.S.C. 103 as being unpatentable over Macieira et al(US 20190044726 A1:IDS supplied) in view of Klein(US 9117095 B2).

With regards to claim 1, 28-30 Macieira discloses, A method for communication at a device, comprising: 
generating data at the device based at least in part on metadata associated with the device ([0053] FIG. 5 is a block diagram illustrating use of various data structures to implement data integrity mechanisms in an IoT network, according to an embodiment. Several sensors 500A-C may collect, sense, or otherwise obtain data ;[0055]; The aggregator 502 adds additional metadata to the aggregated message 506, which includes at least a signature of the aggregator 502.[0056]); 
determining that the device is to provide provenance information for the data generated at the device and to be stored in a storage, wherein the determining is based at least in part on a configuration profile ([0054] When a sensor 500A-C transmits data up the IoT network, the data in the corresponding message 504A-C may be signed by the sensor 500A-C. The signature may be a cryptographic signature. A message 504A-C includes a data field and a signature field. The data in the data field may be encrypted, but this is optional and may be used depending on the security requirements of the IoT network. The data field includes one or more [name:value] tuples.); 
generating a data identifier for the data based at least in part on an identifier generation key (FIG 5 and associated text; data identifier as “SOURCES”  [0058] keyed to a directory service that returns the SOURCES names values. ); and 
signing the data that includes the encrypted data and the data identifier using a signing key associated with the device ([0054] When a sensor 500A-C transmits data up the IoT network, the data in the corresponding message 504A-C may be signed by the sensor 500A-C. The signature may be a cryptographic signature. A message 504A-C includes a data field and a signature field. The data in the data field may be encrypted, but this is optional and may be used depending on the security requirements of the IoT network. The data field includes one or more [name:value] tuples.).

Macieira does not but Klein  teaches,
generating an encryption key based at least in part on a key associated with an owner of the device ( FIG 2 28 and associated text; ,); encrypting the data using the encryption key (FIG 2 32 and associated text; ); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Macieira’s method with teaching of Klein  in order to increases in performance and decreases in price of personal computers is a dramatic increase in personal computer 

With regards to claim 2, Macieira further discloses, receiving a device configuration profile comprising a data generation policy, wherein the data is generated at the device based as least in part on the data generation policy ([0054] A message 504A-C includes a data field and a signature field. The data in the data field may be encrypted, but this is optional and may be used depending on the security requirements of the IoT network. FIG 5 and associated text ;).

With regards to claim 3, Macieira further discloses, wherein the data generation policy comprises a triggering condition for the device to obtain one or more data measurements used to generate the data ([0048-50] The networking components 322A-D may include rules or other configuration information to control how to respond to input data received from the sensors 312A-D. In addition to performing data operations to the input sensor data, the networking components 322A-D may also timestamp the information, perform logging actions, tag data with signatures or other identifiers, or the like. The networking components 322A-D may have synchronized clocks to provide accurate timing information.  ).

With regards to claim 4, Macieira further discloses, identifying one or more of: metadata, index data, a data type or a data label associated with the data (FIG 5 generating the data identifier based at least in part on one or more of: the metadata, the index data, the data type or the data label ((FIG 5 “lEVEL”)).

With regards to claim 5, Macieira further discloses,   computing a hash of one or more of: the identifier generation key, the  metadata, the index data, the data type or the data label associated with the data ([0058] Thus, a derivative of the sensed data (e.g., derivative data) may be included in the aggregated message 506, where a security policy and/or filtering function may remove or obfuscate sensed data to achieve a security or privacy objective. Derivative data may be a hashed, encrypted, bit-shifted, transformed, or otherwise altered value of the original data. For instance, using an exclusive OR function with a predetermined blinding_value, the original data is masked or obscured in a way that is reversable.); and generating the data identifier based at least in part on the computed hash ([0052] This visualization of the IoT network 300 illustrates how a hash tree, or Merkle tree, may be used to verify the data in the network 300. Data received from sensors 312A-D or from other peers in the network 300 may be validated to ensure that the data is received unaltered. Note: hash tree designate which node data coming from.).

With regards to claim 6, Macieira further discloses, generating the signing key based at least in part on a provisioned permanent key for the device ([0058] The hashes contained in the signature blocks may be signed (e.g., encrypted) using a key associated with the transmitting node. ).

generating the identifier generation key at the device based at least in part on a keyed-hash function ([0058] Individual data may be verified by the corresponding data source's hash signature, …Various cryptographic hash functions may be used, including but not limited to RSA, SHA-1, SHA-2, SHA-3, MD5, BLAKE, BLAKE2, or the like. The hashes contained in the signature blocks may be signed (e.g., encrypted) using a key associated with the transmitting node. ); and 
receiving a device configuration profile comprising a security policy ([0054]; The data in the data field may be encrypted, but this is optional and may be used depending on the security requirements of the IoT network. The data field includes one or more [name:value] tuples.), wherein generating the identifier generation key is based at least in part on the security policy , wherein the security policy comprising at least a service identifier, service type, service parameters and any combination thereof ([0058]; The hashes contained in the signature blocks may be signed (e.g., encrypted) using a key associated with the transmitting node. If the key is a symmetric key, then the key may be known by all IoT devices in a neighborhood or domain of the network. If the key is a PKI key, then the public key may be known by all IoT devices in a neighborhood or domain of the network..).

With regards to claim 12, Macieira further discloses, signing a metadata transmission that includes the encrypted metadata and the second data identifier using the signing key and transmitting the data and the metadata transmission to the storage([0054] When a sensor 500A-C transmits data up the IoT network, the data 

With regards to claim 13, Macieira further discloses, wherein the data is associated with the metadata is based at least in part on the identifier generation key ([0058]; Individual data may be verified by the corresponding data source's hash signature, while aggregated data may be verified using the aggregator signature. Various cryptographic hash functions may be used, including but not limited to RSA, SHA-1, SHA-2, SHA-3, MD5, BLAKE, BLAKE2, or the like. The hashes contained in the signature blocks may be signed (e.g., encrypted) using a key associated with the transmitting node. If the key is a symmetric key, then the key may be known by all IoT devices in a neighborhood or domain of the network. If the key is a PKI key, then the public key may be known by all IoT devices in a neighborhood or domain of the network.  ).

With regards to claim 17, Examiner taking Official Notice that “performing a digital water marking procedure on the data based at least in part on encrypting the data using the encryption key” is well known in the art.

With regards to claim 18, Macieira further discloses,  identifying, at the device, a second data transmission associated with a first data transmission of the data, the second data transmission to be stored at the storage, wherein the second data transmission comprises a second encrypted data and second data identifier, the second data transmission signed using the signing key ([0052-0058] ); and receiving a request to verify that the second data transmission is associated with the first data transmission ([0052]; This visualization of the IoT network 300 illustrates how a hash tree, or Merkle tree, may be used to verify the data in the network 300. Data received from sensors 312A-D or from other peers in the network 300 may be validated to ensure that the data is received unaltered.  ).

With regards to claim 24, Macieira further discloses, wherein signing the data comprises generating the signing key based at least in part on a hash of the data and the data identifier (FIG 8 808-810 and associated text).

With regards to claim 25, Macieira further discloses, identifying, at the device, that the data and the data identifier is to be transmitted to a proxy device (FIG 7 and 706, 708 and associated text;) ; and transmitting the encrypted data and the data identifier to the proxy device (FIG 7 and 710 and associated text;[0052-58]).

With regards to claim 31, Macieira further discloses, wherein the apparatus comprises a wireless communication device (FIG 1and associated text; [0015] The network topology involved with IoT devices and networks may include any number of topologies or arrangements, such as a mesh network provided using Bluetooth low energy (BLE) links; a wireless local area network (WLAN) network used to communicate with IoT devices through IEEE 802.11 (Wi-Fi®) links, )

Claim 7-8, 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Macieira et al(US 20190044726 A1) in view of Klein(US 9117095 B2) and in view of Nissler et al(US 10311240 B1).

With regards to claim 7 Macieira in view of Klein do not Nissler teaches, wherein the signing key is a provisioned permanent key for the device (col 8 line 35-45; In one or more implementations, the computing device 102 may bind the encryption key to the 

With regards to claim 8 Macieira in view of Klein and Nissler teaches, wherein the identifier generation key is a private key stored at the device (col 10, line 10-30; In some aspects, the attestation response may be encrypted. As set forth in step 440 in FIG. 4, the computing device 102 generates an encryption key based on the PCA-brokered identifier and the locally stored identifier of the computing device 102. When the PCA-brokered identifier is provided as part of an encrypted attestation response, the computing device 102 may decrypt the attestation response using a private half of the endorsement key.).

With regards to claim 14, Macieira in view of Klein and Nissler teaches, computing a hash of one or more of: a master credential, the identifier generation key, or a data type; and generating the encryption key based at least in part on the computed hash (Nissler Col 10 line 10-30; In some aspects, the attestation response may be encrypted. As set forth in step 440 in FIG. 4, the computing device 102 generates an 

With regards to claim 15, Macieira further discloses, receiving a device configuration profile comprising a security policy, wherein the security policy is associated with the owner of the device; and generating the encryption key based at least in part on the security policy ([0054]; The data in the data field may be encrypted, but this is optional and may be used depending on the security requirements of the IoT network. The data field includes one or more [name:value] tuples.[0058]).

With regards to claim 16, Macieira in view of Klein and Nissler teaches,, wherein at least one of the master credential or the identifier generation key are private credentials associated with the key associated with the owner of the device (Nissler Col 10 line 10-30; In some aspects, the attestation response may be encrypted. As set forth in step 440 in FIG. 4, the computing device 102 generates an encryption key based on the PCA-brokered identifier and the locally stored identifier of the computing device 102. When the PCA-brokered identifier is provided as part of an encrypted attestation response, the 

Claim 9, 11 are rejected under 35 U.S.C. 103 as being unpatentable over Macieira et al(US 20190044726 A1) in view of Klein(US 9117095 B2) and in view of SONG et al(US 20210243028 A1).

With regards to claim 9, Macieira in view of Klein do not SONG teaches,  wherein the encryption key is a one-time key associated with the owner of the device ((SONG [0014] generate the first one-time private key and the second one-time private key in a pair when the one-time private key issue request information is received from the user terminal; ). It would have been obvious to one of ordinary skill in the art before the effective 

With regards to claim 11, Macieira discloses, generating a second data identifier for metadata associated with the data based at least in part on the identifier generation key (FIG 5 and associated text;  data identifier as “Level” or “STATUS” or “VALUE” [0058] hashing of sensor data that include “Level” or “STATUS” or “VALUE” Note: it’s a repeated step after first data identifier); and encrypting the metadata using the encryption key ([0054] When a sensor 500A-C transmits data up the IoT network, the data in the corresponding message 504A-C may be signed by the sensor 500A-C. The signature may be a cryptographic signature. A message 504A-C includes a data field and a signature field. The data in the data field may be encrypted, but this is optional and may be used depending on the security requirements of the IoT network. The data field includes one or more [name:value] tuples)
Macieira in view of Klein do not SONG teaches, 
generating a second one-time encryption key based at least in part on the key associated with the owner of the device; (SONG [0014] generate the first one-time private key and the second one-time private key in a pair when the one-time private key issue request information is received from the user terminal; ). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Macieira in view of Klein’s method with teaching of SONG  in order to secure/reliable the information (SONG [0012])

Claim 19, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Macieira et al(US 20190044726 A1) in view of Klein(US 9117095 B2) and in view of Westland et al(US 20200127834 A1).

Wit6h regards to claim 19, Macieira in view of Klein do not Westland teaches, performing a zero knowledge proof (ZKP) procedure in response to receiving the request , wherein the ZKP procedure based at least in part on the identifier generation key ([0011]; Further, a token commitment that may be used to represent the asset on the ZKP-enabled DLN may be generated based on the asset token and may also include a public identifier (e.g., a public key on the ZKP-enabled DLN) of the owner of the asset to encode ownership information of the asset. For example, a token commitment for the drugs may be generated based on an asset token that identifies the drugs (e.g., drug names, brand of the drug, dosages, quantity, etc.) and/or a public key on the ZKP-enabled DLN of the pharmacy.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Macieira in view of Klein’s method with teaching of Westland in order to secure the transaction by concealing private data  (Westland [0002])

With regards to claim 20, Macieira in view of Klein and Westland discloses, wherein the identifier generation key remains 2 private based at least in part on performing the ZKP procedure ([0028-29] In some implementations, the encryption of the transaction data using the SEK and/or the asymmetric encryption key pair at least substantially prevents all participants of the ZKP-enabled DLN 100 (except for the transacting parties) .

Claim 21, 22 are rejected under 35 U.S.C. 103 as being unpatentable over Macieira et al(US 20190044726 A1) in view of Klein(US 9117095 B2) and in view of CHAN (US 20200186360 A1).

With regards to claim 21, Macieira in view of Klein do not CHAN teaches, identifying a device temporary private key associated with the device; and signing the data using the device temporary private key (FIG 4 and associated text). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to modify Macieira in view of Klein’s method with teaching of CHAN in order to secure the transaction (CHAN Abstract)

With regards to claim 22-23, Macieira in view of Klein and CHAN teaches, wherein the device temporary private key is based at least in part on a temporary device identification associated with the device; wherein the temporary device identification is based at least in part on a public key associated with the device ([0107] At operation 506, the validating node evaluates the source of the data. More particularly, the locking script executed by the validating node causes the node to .

Allowable Subject Matter

Claims 26-27 are would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 1-571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.