Notice of Pre-AIA  or AIA  Status
The present application, filed on or after June 29, 2020, is being examined under the first inventor to file provisions of the AIA .
Specification 
The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. The Examiner’s suggest “Secure provisioning of keys utilizing combination of symmetric and asymmetric keys to protect secret data”

Detailed action 
Claims 2-7, 12 and 15-16 are pending and are being considered.
Claims 3, 4, 6, 12 and 15 have been amended.

Response to 103 
	Applicants arguments filled on 12/03/2021 have been fully considered and are not persuasive. 

Argument regarding independent claims 3 and 12:
In response to applicants argument on page 9 2nd last para. The applicant argues that the examiner relies on two different embodiment of Ashley for rejecting part of the claim. The examiner acknowledges applicants point of view but respectfully disagrees because Fig 4 of Ashley discloses a typical mechanism for establishing secure communication between client and server and Fig 5 of Ashley discloses an improved mechanism for establishing secure communication between client and server based an improved public-key-based GSS-API-compliant mechanism. The examiner notes that Fig 4 and Fig 5 of Ashley both corresponds to establishing secure communication between client and server. 
In response to applicants argument on page 9-10 of remarks that Ashley (i.e. primary reference) fails to teach the claim limitation “the device being configured for executing applications using the secret data….” The applicant argues that server (i.e. device) of Ashley does not execute an application using secret data. The examiner acknowledges applicants point of view but respectfully disagrees because Fig 5 and associated text on [0046] as previously cited in the office action teaches “the process commences with client 502 sending a request to server 504 to obtain the server's public key certificate (step 506), e.g., when the client attempts to bind to the server application” this portion of the Ashley clearly describes client device binding with server application by sending a request (i.e. which will cause the application to run in order to response to the request). See also Fig 4 and text on [0042-0043] teaches establishing a secure communication context between a client and a server. The process commences with client 402 sending a request to server 404 for the server's public key certificate (i.e. the process of establishing secure communication is itself sufficient to teach the above argued limitation because client request will cause the servers application to execute in order to response to the client request). The server processes the request and generates a response. See on [0044] teaches the request from client can be an authentication request (i.e. equivalent to secret data).
In response to applicant's argument on page 11 para 1-2 of remarks that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., provisioning key as part of asymmetric key pair) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).

1.	 The session key (i.e. provisioning key) in Ashley is symmetric key, however private key (i.e. provisioning key) of Mersh is asymmetric key. Therefore a provisioning key cannot be symmetric and asymmetric at the same time. The examiner acknowledges applicants point of view but respectfully disagrees because first the claim does not require provisioning key to be symmetric or asymmetric. The claim recited “receiving ….a provisioning key”, “sending the provisioning key…..”, “decrypt the secret seed using provisioning key” etc. In words provisioning key is a key for decrypting the seed. As long as the session key of Ashley and private key of Mersh teaches the function performed by the provisioning then it would have been obvious for a person of ordinary skills in the art.
2.	Device identifier of Mersh can be a random number in view of para [0024] and can be a private key in view of [0037]. In any case whether the device identifier is a random number or possibly a public key, modifying the teaching of Mersh into the teaching of Ashley will be incompatible for a person of ordinary skill because Ashley’s public key is embedded in the certificate. The examiner acknowledges applicants point of view but respectfully disagrees because first the claim does not recite provisioning key to be symmetric or symmetric key therefore applicants argument is not persuasive. Second even if the provisioning key of the instant application was a symmetric key, the teaching of Mersh into the teaching of Ashley would still not be incompatible because Mershs device identifier is equal to first secret seed signed by private key. A person of ordinary skill will have verified first/second certificate and an encrypted provisioning key from Ashley, a person of ordinary skill need to sign the first secret using the provisioning key which is borrowed from Mersh without modifying the certificate of Ashley with the random number of Mersh. The examiner is not relying on Mersh to modify the certificate 
The applicant on page 12 first para of remarks argues that Mersh fails to teach the limitation “receiving at the second hardware module a provisioning key from a secure external source, the secure external source being communicatively coupled with the device and the second hardware module”. The examiner acknowledges applicants point of view but respectfully disagrees because Mersh on [0036] teaches receiving a second asymmetric encryption key pair and storing a private key (i.e. provisioning key) of the second key pair in the secure region of the memory of the device). See on [0065] teaches the secure region 16 of the memory includes a non-volatile portion 20, in which is stored a private key 24 of an asymmetric device encryption key pair unique to the device. See on [0022-0025] teaches secure data processing device that, in conjunction with a trusted certification authority (TCA), is capable of authentication as a device certified by the TCA. The TCA would typically be the manufacturer of the secure data processing device, or a third party that has contracted with the manufacturer to act on behalf of the manufacturer as a TCA. The TCA will use the stored public key for digitally signing the device identifier (i.e. indicating TCA will retrieve the stored private key from secure external source). Even if the processing device 10 performs the signing operation, but still the device will retrieve private key from secure portion of the memory which is external to the processor 10 (i.e. hardware module). 
The applicant on page 12 second para of remarks further argues that Mersh fails to teach the limitation “2sending a first secret seed signed by the provisioning key from the secure external source to the device”. The applicant argues that the device identifier (i.e. first secret) is not digitally signed with the stored private key (i.e. provisioning key). The examiner acknowledges applicants point of view but respectfully disagrees because Mersh on [0066] teaches the manufacturer stores the private key 24, public key 26 and device certificate 28 in the memory 14 at the time of manufacture of the device 10. See on [0072] teaches the manufacturer stores the device private key 24 in the secure region of the memory 14 of the device. See on [0075] teaches the device certificate is generated by digitally signing the device identifier using a private key of the manufacturer key pair (i.e. same key which is stored in the secure memory). further on [0025, 0031-0032 and 0052] teaches user of the device can authenticate the device as certified by the TCA by obtaining the device identifier (i.e. first secret seed) from the device and sending the device identifier to the TCA If the device identifier is the device identifier of a device certified by the TCA, the TCA will have generated a device certificate for the device by digitally signing the device identifier of the device using a private key (i.e. provisioning key) of an asymmetric TCA encryption key pair).
The applicant on page 12 second last para of remarks further argues that Mersh fails to teach “wherein the first secret seed is verified and decrypted using the decrypted provisioning key”. The examiner respectfully disagrees because Mersh on [0025] teaches verifying the device identifier is the device identifier of a device certified by the TCA by comparing it with the device identifier obtained from the device (i.e. verifying the first secret seed). See on [0054] teaches decrypting the encrypted version of the device identifier using the private key). The applicant further argues that Mersh fails to teach “decrypted provisioning key”. The examiner respectfully disagrees because encrypting and decrypting provisioning key is   already taught by Ashley. Therefore Mersh does not have to teach “decrypted provisioning key” as long as the private key in ‘unencrypted form’ is used for verifying the first secret as explained above. 
In response to applicant's argument on page 12 last para of remarks that interpretation given to Quinlan (i.e. third reference) is incompatible with respect to Ashley and Mersh, the test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference; nor is it that the claimed invention must be expressly suggested in any one or all of the references.  Rather, the test is what the combined teachings of the references would have suggested to those of ordinary skill in the art.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981).

In response to applicant's argument on page 13 first para of remarks that interpretation given to Quinlan (i.e. third reference) is incompatible with respect to Ashley and Mersh, because the role of server and device have been turned around in Quinlan, the test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference; nor is it that the claimed invention must be expressly suggested in any one or all of the references.  Rather, the test is what the combined teachings of the references would have suggested to those of ordinary skill in the art.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981).

In response to applicant's argument on page 13 second para of remarks that teaching of Ashley and Mersh are incompatible with those of Quinlan, because the role of server and device have been turned around in Quinlan, the test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference; nor is it that the claimed invention must be expressly suggested in any one or all of the references.  Rather, the test is what the combined teachings of the references would have suggested to those of ordinary skill in the art.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981). In this case the applicant argues that since a unique value to computing device 100 is a first secret seed, and server of Quinlan becomes the second hardware module, therefore the teaching would be incomputable. The examiner respectfully disagrees because each of the devices in Ashley, Mersh and Quinlan perform the functions recited in claims of instant application. It is not necessary for Ashley to call server a hardware module for receiving certificate as long the server is receiving the certificate as required by the claim, because hardware module of instant application and server of Ashley is just a device capable of receiving certificates. Similarly Quinlan’s server performs the same function as hardware module of instant application therefore server of Quinlan is equated with hardware module of instant application. 

Argument regarding claims 2, 6 and 16
In response to applicant's argument on page 14 of remarks that combination of four references Ashley, Mersh, Quinlan and Zhang to teach the claimed feature of claims 2, 6 and 16 would not be obvious for a person of ordinary skills in the art and that the examiner has combined an excessive number of references, reliance on a large number of references in a rejection does not, without more, weigh against the obviousness of the claimed invention.  See In re Gorman, 933 F.2d 982, 18 USPQ2d 1885 (Fed. Cir. 1991). 
Argument regarding claim 15
In response to applicants argument on page 15 para 1 of remarks that Ashley (i.e. primary reference) fails to teach the claim limitation “the device being configured for executing applications using the secret data….” The applicant argues that server (i.e. device) of Ashley does not execute an application using secret data. The examiner acknowledges applicants point of view but respectfully disagrees because Fig 5 and associated text on [0046] as previously cited in the office action teaches “the process commences with client 502 sending a request to server 504 to obtain the server's public key certificate (step 506), e.g., when the client attempts to bind to the server application” this portion of the Ashley clearly describes client device binding with server application by sending a request (i.e. which will cause the application to run in order to response to the request). See also Fig 4 and text on [0042-0043] teaches establishing a secure communication context between a client and a server. The process commences with client 402 sending a request to server 404 for the server's public key certificate (i.e. the process of establishing secure communication is itself sufficient to teach the above argued limitation because client request will cause the servers application to execute in order to response to the client request). The server processes the request and generates a response. See on he request from client can be an authentication request (i.e. equivalent to secret data).
In response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e., extract a public key of the asymmetric key pair for the device) are not recited in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
In response to applicant's argument on page 15 second last para of remarks that teaching of Ashley is incompatible with those of Quinlan, because the role of server and device have been turned around in Quinlan, the test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference; nor is it that the claimed invention must be expressly suggested in any one or all of the references.  Rather, the test is what the combined teachings of the references would have suggested to those of ordinary skill in the art.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981). In this case the applicant argues that since client side and server side are switched which leads into incompatibility. The examiner respectfully disagrees because each of the devices in Ashley and Quinlan perform the functions recited in claims of instant application. It is not necessary for Ashley to call server a hardware module for receiving certificate as long the server is receiving the certificate as required by the claim, because hardware module of instant application and server of Ashley is just a device capable of receiving certificates. Similarly Quinlan’s server performs the same function as hardware module of instant application therefore server of Quinlan is equated with hardware module of instant application. 
Therefore based on at least these reasons the previous rejection is maintained.

Claim Objections
s 3 objected to because of the following informalities:  
Claim 3 recites “and, if after verifying of the first and/or second certificates by the second hardware module, the method further comprising:” The examiner suggest to  clarify the steps performed after verifying the certificate are based on successful verification or unsuccessful verification of the certificate? The limitation should read as 
“and, [[if]] after verifying of the first and/or second certificates by the second hardware module, is successful .  Appropriate correction is required.

                                               Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3-5, 7 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Ashley et al (hereinafter Ashley) (US 20050154889) in view of Mersh (US 20180285602) and further in view of QUINLAN (US 20160308845).

Regarding claim 3 Ashley teaches A method of providing a symmetric key for protecting secret data for a device (Ashley on [0008] teaches A method for establishing a secure context for communicating messages between a client and a server with public private key pair);
(Ashley Fig 4-5 and text on [0046] teaches server executing an application, the client (i.e. second hardware) binds the application. The client and server are communicatively coupled with each other);
receiving at the second hardware module first and/or second certificates for verifying a device public key of an asymmetric key pair associated with the device (Ashley on [0032] teaches  A CA creates a new digital certificate by embedding the requesting entity's public key along with other identifying information. Anyone who receives the digital certificate during a transaction or communication can then use the public key of the CA to verify the signed public key within the certificate (i.e. validating public key using received certificate). See Fig 4 and text on [0042-0043] teaches the certificate is received at client device (i.e. second hardware) from the server (i.e. device));
verifying the first and/or second certificates at the second hardware module (Ashley on [0042-0043] teaches the server processes the request and generates a response (step 408) that contains or accompanies a copy of the server's public key certificate that is returned to the requesting client. The client device (i.e. hardware module) validates the server's public key certificate);
and, if after verifying of the first and/or second certificates by the second hardware module, the method further comprising: sending the provisioning key encrypted with the device public key to the device, wherein the provisioning key is decrypted using a device private key of the asymmetric key pair (Ashley Fig 4 on [0043-0044] teaches the client validates the server's public key certificate and generates a session key (i.e. provisioning key), the client may encrypt the session key with the server's public key (i.e. encrypting using devices public key) that has been previously extracted from the server's public key certificate. The encrypted session key is placed in a message and sent to the server and the session key may be decrypted only by the server. See on [0028] teaches a private key is used to decrypt the message. See on [0050] teaches upon receiving the secure message from the client, the server decrypts the digital envelope with the server's private key).
Although Ashley teaches receiving provisioning key but fails to explicitly teach receiving at the second hardware module a provisioning key from a secure source, the secure source being communicatively coupled with the device and the second hardware module, receiving at the second hardware module a provisioning key from a secure source, sending a first secret seed signed by the provisioning key from the external source to the device, however Mersh from analogous art teaches receiving at the second hardware module a provisioning key from a secure external source, (Mersh on [0036] teaches receiving a second asymmetric encryption key pair and storing a private key (i.e. provisioning key) of the second key pair in the secure region of the memory of the device);
2sending a first secret seed signed by the provisioning key from the secure external source to the device (Mersh on [0025, 0031-0032 and 0052] teaches user of the device can authenticate the device as certified by the TCA by obtaining the device identifier (i.e. first secret seed) from the device and sending the device identifier to the TCA If the device identifier is the device identifier of a device certified by the TCA, the TCA will have generated a device certificate for the device by digitally signing the device identifier of the device using a private key (i.e. provisioning key) of an asymmetric TCA encryption key pair);
wherein the first secret seed is verified and decrypted using the decrypted provisioning key (Mersh on [0025] teaches verifying the device identifier is the device identifier of a device certified by the TCA by comparing it with the device identifier obtained from the device (i.e. verifying the first secret seed). See on [0054] teaches decrypting the encrypted version of the device identifier using the private key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Mersh into the teaching of Ashley by signing, verifying and decrypting first (Mersh on [0001]).
	The combination of Ashley and Mersh fails to explicitly teach the secure source being communicatively coupled with the device and the second hardware module, and computing the symmetric key using a secret key derivation function at the device with inputs to the secret key derivation function comprising the first secret seed, the device public key and a second secret seed, wherein the second secret seed is obtained, stored or generated in the device, however QUINLAN from analogous art teaches the secure external source being communicatively coupled with the device and the second hardware module (QUINLAN Fig 2 and text on [0034] teaches client computing device 100, the external device 140 (i.e. secure source) and server 160-164 (i.e. hardware module) are coupled via communication network);
and computing the symmetric key using a secret key derivation function at the device with inputs to the secret key derivation function comprising the first secret seed, the device public key and a second secret seed, wherein the second secret seed is obtained, stored or generated in the device (QUINLAN on [0013] teaches the computing device is arranged such that the first application derives the requested data access application key (i.e. symmetric key) as a function of at least the public key, a value that is unique to the computing device (i.e. first secret seed), a key associated with the user of the computing device (i.e. second secret seed)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of QUINLAN into the combined teaching of Ashley and Mersh by generating a key from first secret, second secret and public key as an input. One would be motivated to do so in order to enhance security of an application running on a device (QUINLAN on [0008]).

4 the combination of Ashley, Mersh and QUINLAN teaches all the limitations of claim 3 above, Ashley further teaches further comprising, signing the provisioning key with a provisioning sign key at the secure source (Ashley on [0035] teaches the entire certificate is signed with CA private key 214 (i.e. provisioning signing key in instant case) the certificate includes the public key of the user, the name associated with the user, and other attribute. See on [0043] teaches the encrypted session key (i.e. provisioning key) is then placed into a message that is digitally signed with the client's private key);
sending the signed provisioning key to the second hardware module using a second hardware module key (Ashley on [0035-0037] teaches and user 202 may then present digital certificate 216 . An entity that receives digital certificate 216 from user 202 may verify the signature of the CA by using CA public key 212. The entity that receives certificate 304 may be an application, a system, a subsystem);
 at the second hardware module, extracting the signed provisioning key and encrypting the signed provisioning key with the device public key (Ashley on [0043] teaches client then securely sends the session key to the server (step 414). For example, the client may encrypt the session key with the server's public key that has been previously extracted from the server's public key certificate. The encrypted session key is then placed into a message that is digitally signed with the client's private key. See on [0052] teaches the client uses the transport key to decrypt the appropriate portion of the message and to extract the session key);
 at the device, decrypting the provisioning key with device private key of the asymmetric key pair (Ashley on [0042-0043] teaches encrypted session key is placed in a message and sent to the server and the session key may be decrypted only by the server. See on [0028] teaches a private key is used to decrypt the message. See on [0050] teaches upon receiving the secure message from the client, the server decrypts the digital envelope with the server's private key))
(Ashley on [0029] teaches A signer uses its private key to sign data, and a receiver uses the public key of the signer to verify the signature. See on [0043] teaches the server is able to verify the digital signature on the message with the client's public key to ensure that the message has been created and signed by the client, and the session key may be decrypted only by the server).
Regarding claim 5 the combination of Ashley, Mersh and QUINLAN teaches all the limitations of claim 3 above, Mersh further teaches wherein the first secret seed is a unique identifier for the device (Mersh on [0025] teaches firs secret seed as unique identifier of the device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Mersh into the teaching of Ashley by signing, verifying and decrypting first secret using a key. One would be motivated to do so in order to performing authentication for a device (Mersh on [0001]).
QUINLAN further teaches and the second secret seed is a secret global key unique to the device and optionally generated within a trusted module within the device (QUINLAN on [0013] teaches a key associated with the user of the computing device (i.e. second secret seed)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of QUINLAN into the combined teaching of Ashley and Mersh by generating a key from first secret, second secret and public key as an input. One would be motivated to do so in order to enhance security of an application running on a device (QUINLAN on [0008]).

Regarding claim 7 the combination of Ashley, Mersh and QUINLAN teaches all the limitations of claim 3 above, Mersh further teaches wherein the device is a System of Chip (SoC) comprising a trusted module for the generation and/or storage of one or more encryption key and/or secret seeds for one or Mersh on [0062] teaches device as an integrated circuit having memory for storing keys);
 and wherein the first and/or second hardware modules are hardware security modules in a manufacturing facility or environment (Mersh on [0002] teaches an original equipment manufacturer (OEM) to use a contract manufacturer (CM) to manufacture items of electronic equipment that include a data processing device),
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Mersh into the teaching of Ashley by signing, verifying and decrypting first secret using a key. One would be motivated to do so in order to performing authentication for a device (Mersh on [0001]).
Regarding claim 12 Ashley teaches A device configured for executing applications using secret data (Ashley Fig 4-5 and text on [0008 and 0046] teaches server executing an application for establishing a secure context for communicating messages between a client and a server with public private key pair);
the device being communicatively coupled to at least one hardware security module (Ashley Fig 4-5 and text on [0046] teaches server executing an application, the client (i.e. second hardware) binds the application. The client and server are communicatively coupled with each other);
the device comprising a memory unit, one or more transceiver units and one or more processing units, the one or more processing units being configured to (Ashley on [0020-0021] teaches the system may have one or more processors, such as an Intel.RTM. Pentium.RTM.-based processor and a digital signal processor (DSP), and one or more types of volatile and non-volatile memory, and input/output adapter 128, which supports various I/O devices);
receive from a second hardware module a provisioning key encrypted with a device public key of an asymmetric key pair that has been verified using first and/or second certificates (Ashley on [0032] teaches use the public key of the CA to verify the signed public key within the certificate (i.e. validating public key using received certificate). See Fig 4 and text on [0042-0043] teaches the certificate is received at client device (i.e. second hardware) from the server (i.e. device). See on [0043] teaches the client then securely sends the session key (i.e. provisioning key) to the server (step 414). For example, the client may encrypt the session key with the server's public key that has been previously extracted from the server's public key certificate);
 wherein the provisioning key is decrypted using a device private key of the asymmetric key pair associated with the device and (Ashley Fig 4 on [0043-0044] teaches the client validates the server's public key certificate and generates a session key (i.e. provisioning key), the client may encrypt the session key with the server's public key (i.e. encrypting using devices public key) that has been previously extracted from the server's public key certificate. The encrypted session key is placed in a message and sent to the server and the session key may be decrypted only by the server. See on [0028] teaches a private key is used to decrypt the message. See on [0050] teaches upon receiving the secure message from the client, the server decrypts the digital envelope with the server's private key).
Ashley fails to explicitly teach receive from a secure external source, a first secret seed signed by the provisioning key, wherein the first secret seed is verified and decrypted using the decrypted provisioning keys; and compute a symmetric encryption key or keys using a secret key derivation function with inputs to the secret key derivation function comprising the first secret seed, the device public key and a second secret seed; wherein the second secret seed is obtained, stored or generated in the device, however Mersh from analogous art teaches receive from a secure external source, a first secret seed signed by the provisioning key, wherein the first secret seed is verified and decrypted using the decrypted provisioning keys; (Mersh on [0025, 0031-0032 and 0052] teaches user of the device can authenticate the device as certified by the TCA by obtaining the device identifier (i.e. first secret seed) from the device and sending the device identifier to the TCA If the device identifier is the device identifier of a device certified by the TCA, the TCA will have generated a device certificate for the device by digitally signing the device identifier of the device using a private key (i.e. provisioning key) of an asymmetric TCA encryption key pair. Further teaches verifying the device identifier is the device identifier of a device certified by the TCA by comparing it with the device identifier obtained from the device (i.e. verifying the first secret seed). See on [0054] teaches decrypting the encrypted version of the device identifier using the private key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Mersh into the teaching of Ashley by signing, verifying and decrypting first secret using a key. One would be motivated to do so in order to performing authentication for a device (Mersh on [0001]).
The combination fails to explicitly teach and compute a symmetric encryption key or keys using a secret key derivation function with inputs to the secret key derivation function comprising the first secret seed, the device public key and a second secret seed; wherein the second secret seed is obtained, stored or generated in the device, however QUINLAN from analogous art teaches and compute one or more symmetric encryption  keys using a secret key derivation function with inputs to the secret key derivation function comprising the first secret seed, the device public key and a second secret seed; wherein the second secret seed is obtained, stored or generated in the device (QUINLAN on [0013] teaches the computing device is arranged such that the first application derives the requested data access application key (i.e. symmetric key) as a function of at least the public key, a value that is unique to the computing device (i.e. first secret seed), a key associated with the user of the computing device (i.e. second secret seed)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of QUINLAN into the combined teaching of Ashley and Mersh by generating a QUINLAN on [0008]).

Claims 2, 6 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Ashley et al (hereinafter Ashley) (US 20050154889) in view of Mersh (US 20180285602) in view of QUINLAN (US 20160308845) and further in view of Zhang et al (hereinafter Zhang) (US 7735126).

Regarding claims 6 and 16 the combination of Ashley, Mersh and QUINLAN teaches all the limitations of claim 3 and 12 respectively, Ashley further teaches wherein the first and second certificates for the device public key are obtained by the second hardware module using a method of providing an asymmetric key pair for protecting secret data for the device (Ashley See Fig 4 and text on [0042-0043] teaches the certificate is received at client device (i.e. second hardware) from the server (i.e. device) for establishing a secure context for communicating messages between a client and a server with public private key pair);
the method of providing an asymmetric key pair comprising: generating an asymmetric key pair for the device the key pair comprising a device public key and a device private key (Ashley on [0025] teaches asymmetric cryptographic system, generating a private key corresponds to exactly one public key);
digitally signing the device public key at the device to generate a first certificate (Mersh on [0073] teaches a device public key is sent to a secure signature system 54, a device certificate 58 is generated by digitally signing the device public key);
Mersh further teaches sending the first certificate to the first hardware module; verifying the first certificate at the first hardware module (Mersh on [0038] teaches obtaining the device certificate; and authenticating the device by verifying the device certificate using the device identifier and the public key of the first key pair. See on [0075] teaches the computer causing the device programmer to obtain the device certificate from the non-secure region of the memory of the device).
	Although Ashley teaches generating a new certificate by signing public key, but the combination fails to explicitly teach digitally signing the device public key at the first hardware module to generate a second certificate; sending the second certificate to the device; verifying the second certificate at the device; and responsive to the verification being successful, making available the first and second certificates for storage and/or further usage, however Zhang from analogous art teaches 
the device further being 3communicatively coupled to a first hardware module (Zhang on Fig 1 teaches multiple hardware module connected with each other);
responsive to the verification being successful, digitally signing the device public key at the first hardware module to generate a second certificate; sending the second certificate to the device; verifying the second certificate at the device; and responsive to the verification being successful, making available the first and second certificates for storage and/or further usage (Zhang on [Col 5 line 30-60] teaches The first certificate is sent from the mobile user to the WLAN (e.g., an Access Point (AP) or other entity), e.g., when the mobile user moves into an area under WLAN coverage, and verifies the authenticity of the first certificate using the public key. Upon verification, the WLAN computes a session key for the mobile user that is encrypted with the public key and sends the session key and the second certificate to the mobile user. Upon receiving the session key and the second certificate, the mobile user verifies that the second certificate is valid using the public key).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Zhang into the combined teaching of Ashley, Mersh and QUINLAN by generating a second certificate based on validation of certificate. One would be motivated to do so in (Zhang on [Col 1 line 15-18]).
Regarding claim 2 the combination of Ashley, Mersh, QUINLAN and Zhang teaches all the limitations of claim 6 above, Zhang further teaches wherein the first certificate is signed by a device sign key, and the second certificate is signed by a first hardware module sign key, for respective authentication; and optionally wherein the first and second certificates are stored in a memory of the device or sent to a key management system for further storage and usage (Zhang on [Col 5 line 30-60] teaches the first certificate is signed with a private key of WLAN. The second certificate is signed with the private key of cellular network).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Zhang into the combined teaching of Ashley, Mersh and QUINLAN by generating a second certificate based on validation of certificate. One would be motivated to do so in order to perform certificate based Authentication Authorization and Accounting (AAA) scheme for loose coupling interworking between two different access networks (Zhang on [Col 1 line 15-18]).


Claims 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ashley et al (hereinafter Ashley) (US 20050154889) in view of QUINLAN (US 20160308845).

Regarding claim 15 Ashley teaches A key management system communicatively connected to a device for managing encryption keys to protect secret data associated with the device, the device being configured for executing applications using the secret data (Ashley Fig 4-5 and text on [0008 and 0046] teaches server executing an application for establishing a secure context for communicating messages between a client and a server with public private key pair);
 (Ashley on [0020-0021] teaches the system may have one or more processors, such as an Intel.RTM. Pentium.RTM.-based processor and a digital signal processor (DSP), and one or more types of volatile and non-volatile memory, and input/output adapter 128, which supports various I/O devices); 
5access digital certificates with an asymmetric key pair for the device, and extract the a public key of the symmetric key pair (Ashley on [0032] teaches receives the digital certificate during a transaction or communication and use the public key of the CA to verify the signed public key within the certificate. See on [0035] teaches obtain digital certificate by generating a request for certificate 208 containing user public key 204 and sends the request to certifying authority 210, which is in possession of CA public key 212 and CA private key 214 (asymmetric key pair));
store or provide for further use the asymmetric and symmetric keys for the device (Ashley on [0029] teaches data can be signed by computing a digital signature from the data using the private key of the signer. A signer uses its private key to sign data, and a receiver uses the public key of the signer to verify the signature (i.e. further use of asymmetric key). See on [0050-0051] teaches a secret key referred as session key (i.e. symmetric key in instant case). Further teaches the server then securely sends the session key to the client (step 522). The transmission of the session key from the server to the client is secured in some manner through encryption using the transport key. For example, the server may place the session key into a session token that the server encrypts with the transport key; the server may then place the encrypted session token into a message that the server seals with the client's public key and then encrypts the resulting envelope with the transport key. Alternatively, the server may use the transport key to encrypt the session key individually before placing the encrypted session key into a message to be sent to the client (i.e. further use of symmetric key));
(Ashley on [0049] teaches The client then securely sends the transport key and the authentication token to the server. The transmission of the transport key and the authentication token from the client to the server is secured in some manner through encryption using the server's public key. For example, the transport key and the authentication token may be encrypted using the server's public key to form a digital envelope on the message that is sent to the server. Alternatively, the transport key and the authentication token may be encrypted individually for inclusion in a message to the server (i.e. keys for accessing secure data). See on [0046] teaches server executing an application, the client (i.e. second hardware) binds the application. The client and server are communicatively coupled with each other).
	Ashley fails to explicitly teach obtain a first secret seed from a secure source external to the device, and the key management system obtain a second secret seed associated with the device implement a key derivation function to generate a symmetric key for the device, however Quinlan from analogous art teaches obtain a first secret seed from a secure source external to the device (QUINLAN on [0050] teaches the first application 114 is activated 325 with the enterprise with which the user is associated. This may be achieved by the first application 114 transmitting 325 an authorization message includes a value (i.e. first seed) which is unique to the device 100);
and the key management system obtain a second secret seed associated with the device implement a key derivation function to generate a symmetric key for the device (QUINLAN on [0013] teaches the computing device is arranged such that the first application derives the requested data access application key (i.e. symmetric key) as a function of at least the public key, a value that is unique to the computing device (i.e. first secret seed), a key associated with the user of the computing device (i.e. second secret seed)).
 into the teaching of Ashley by generating a key from first secret, second secret and public key as an input. One would be motivated to do so in order to enhance security of an application running on a device (QUINLAN on [0008]).

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522.  The examiner can normally be reached on 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MOEEN KHAN/Examiner, Art Unit 2436                                                                                                                                                                                                        
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436