DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Claims 1-11 and 13-21 are pending. Claim 12 is canceled. Claims 1, 10 and 16 are currently amended. Claim 21 is newly added. 
Applicant’s amendments to the claims will overcome each and every 101 rejection previously set forth in the Non-Final Office Action mailed 09/16/2021.

Response to Arguments
Applicant’s arguments with respect to claim(s) 1, 10 and 16 are moot in view of new ground of rejection. However, Applicant's arguments on pages 9-10, regarding the dependent claims have been fully considered but they are not persuasive. 
Applicant argues on pages 9-10 “For example, claim 2, for example, recites that "the initiating the storage of the public key of the given source user device is performed in response to a user of the given source user device requesting to access at least a given one of the one or more target user devices." Applicant respectfully submits that none of the recited commands are requesting access to a target user device. Further, it has not been shown that such  
commands trigger (as required by the "in response to" limitation) "the storage of the public key of the given source user device." the examiner respectfully disagrees for the following reasons below:
Chiu discloses sending a command/message from the user terminal/client to add a slave node. Once the slave node is added, the slave node and master node can communicate jobs (Chiu, pages 2-3, paragraphs 0032 and 0039). Therefore, the command to add slave node is equivalent to a request to access. 
Applicant argues on page 10 “In addition, claim 3, for example, recites that "the initiating the storage of the public key of the given source user device is performed in response to one or more of the target user devices being identified in the data record." Applicant respectfully submits that the referenced commands "add and/or remove a slave node" or update the slave file involve adding an IP address or hostname to the slaves file 164. Applicant respectfully submits that these commands do not suggest initiating the key storage "in response to" "the target user devices being identified in the data record," as recited in claim 3.” the examiner respectfully disagrees for the following reasons below:
Chiu discloses sending a command/message from the user terminal/client to add a slave node. Once the slave node is added, the slave node and master node can communicate jobs. The nodes identification (IP address or host name) are stored in slave files (Chiu, pages 2-3, paragraphs 0032 and 0039) which is equivalent to the argued limitations. 
Applicant argues on page 10 “Applicant respectfully submits that the "fingerprint of the access public key" is a fingerprint associated with the source device, and not a "fingerprint of at least one key of the at least one target user device," as claimed. Par. 0012 recites that the "access 
Roberts discloses a key-based access authentication system storing fingerprints of the access public keys. The fingerprints are used to determine whether access is valid (Robert, page 2, paragraph 0029 and page 5, paragraphs 0059 & 0063) which is equivalent to the argued limitations. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-6, 9-11, 13, 15-18 and 20-21 are rejected under 35 U.S.C. 103 as being unpatentable over Chiu et al. (US Pub No. 2010/0306286) in view of Taraci (US Patent No. 8,649,519).
Regarding independent claim 1, Chiu teaches a method, comprising: maintaining a data record identifying one or more target user devices that a given source user device is authorized to access (Chiu, page 3, paragraphs 0039-0040; network file system [data record] include slave and exclude files with list of valid nodes); and initiating, by the at least one server device, storage of a public key of the given source user device in a file of at least one of the one or more target user devices, wherein the given source user device accesses the at least one 10target user device using a secure remote connection protocol based at least in part on the public key of the given source user device stored in the file of the at least one target user device (Chiu, page 3, paragraph 0037; master node public key is received by the slave node; authorization key file stores  list a public keys that are allowed to access the node), wherein the method is performed by at least one processing device comprising a processor coupled to a memory (Chiu, page 4, paragraph 0045).
Chiu does not explicitly teach maintaining, by at least one server device, a data record identifying one or more target user devices that a given source user device is authorized to access, wherein the at least one server device is distinct from the one or more target user devices and the given source user device; and 10initiating, by the at least one server device. 
Taraci teaches maintaining, by at least one server device, a data record identifying one or more target user devices that a given source user device is authorized to access, wherein the at least one server device is distinct from the one or more target user devices and the given Taraci, Figure 4, column 2, lines 20-24 and column 8, lines 36-55; intermediate device [server] stores an authorized list of cryptographic public keys for source device and sink device).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Chiu with the teachings of Taraci for an intermediate device to store cryptographic public key information for sink and source devices to provide the advantage of securely storing information used for devices to communicate (Taraci, column 1, lines 59-60).
Regarding claim 2, Chiu in view of Taraci teaches the method wherein the initiating the storage of the public key of the given source user device is performed in response to a user of the given source user device requesting to access at least a given one of the one or more target user devices (Chiu, page 2, paragraph 0032; user terminal receives command).
Regarding claim 3, Chiu in view of Taraci teaches the method wherein the initiating the storage of the public key of the given 20source user device is performed in response to one or more of the target user devices being identified in the data record (Chiu, page 2, paragraph 0032 and page 3, paragraphs 0039-0040; add/remove salve node included in slave and exclude files).
Regarding claim 4, Chiu in view of Taraci teaches the method wherein the initiating the storage of the public key of the given source user device is performed using the secure remote connection protocol (Chiu, page 3, paragraph 0037; SSH).
claim 5, Chiu in view of Taraci teaches the method wherein a private key of the given source user device is stored as an Identity File in a configuration file of the secure remote connection protocol on the given source user device (Chiu, page 3, paragraph 0038).
Regarding claim 6, Chiu in view of Taraci teaches the method wherein the configuration file of the secure remote connection protocol on the given source user device further comprises a network address and a user identifier for the one or more target user devices that the given source user device is authorized to access (Chiu, page 3, paragraphs 0038-0039; sshconfig file specifying hostname ad username).
Regarding claim 9, Chiu in view of Taraci teaches the method further comprising removing the authorization of the given source 15user device to access a given target user device by initiating a deletion of the public key of the given source user device in the data record for the given target user device and in the file of the given target user device (Chiu, page 3, paragraph 0040; remove slave node).
Regarding claim 21, Chiu in view of Taraci teaches the method wherein the data record maps a user of the given source user device to the one or more target user devices. (Chiu, page 3, paragraphs  0037 & 0039).
Regarding independent claim 10, Chiu teaches an apparatus comprising: 20at least one processing device comprising a processor coupled to a memory (Chiu, page 4, paragraph 0045); the at least one processing device being configured to implement the following steps: maintaining a data record identifying one or more target user devices that a given source user device is authorized to access (Chiu, page 3, paragraphs 0039-0040; network file system [data record] include slave and exclude files with list of valid nodes); and initiating, by the at least one Chiu, page 3, paragraph 0037; master node public key is received by the slave node; authorization key file stores  list a public keys that are allowed to access the node).
Chiu does not explicitly teach maintaining, by at least one server device, a data record identifying one or more target user devices that a given source user device is authorized to access, wherein the at least one server device is distinct from the one or more target user devices and the given source user device; and 10initiating, by the at least one server device. 
Taraci teaches maintaining, by at least one server device, a data record identifying one or more target user devices that a given source user device is authorized to access, wherein the at least one server device is distinct from the one or more target user devices and the given source user device (Taraci, Figure 4, column 2, lines 20-24 and column 8, lines 36-55; intermediate device [server] stores an authorized list of cryptographic public keys for source device and sink device).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Chiu with the teachings of Taraci for an intermediate device to store cryptographic public key information for sink and source devices to provide the advantage of securely storing information used for devices to communicate (Taraci, column 1, lines 59-60).
claim 11, Chiu in view of Taraci teaches the apparatus wherein the initiating the storage of the public key of the given 30source user device is performed in response to one or more of: (i) a user of the given source user 23119640.01 device requesting to access at least a given one of the one or more target user devices, (Chiu, page 2, paragraph 0032; user terminal receives command) and (ii) one or more of the target user devices being identified in the data record (Chiu, page 2, paragraph 0032 and page 3, paragraphs 0039-0040; add/remove salve node included in slave and exclude files).
Regarding claim 13, Chiu teaches the apparatus wherein a private key of the given source user device is stored as an Identity File in a configuration file of the secure remote connection protocol on the given source user device (Chiu, page 3, paragraph 0038), wherein the configuration file of the secure remote connection protocol on the given source user device further comprises a network address and a user identifier for the one or more target user devices that the given source user device is authorized to access (Chiu, page 3, paragraphs 0038-0039; sshconfig file specifying hostname ad username).
Regarding claim 15, Chiu in view of Taraci teaches the apparatus further comprising removing the authorization of the given source 15user device to access a given target user device by initiating a deletion of the public key of the given source user device in the data record for the given target user device and in the file of the given target user device (Chiu, page 3, paragraph 0040; remove slave node).
Regarding independent claim 16, Chiu teaches a non-transitory processor-readable storage medium having stored therein program code 25of one or more software programs, wherein the program code when executed by at least one processing device causes the at least Chiu, page 4, paragraphs 0045-0047) to perform the following steps: maintaining a data record identifying one or more target user devices that a given source user device is authorized to access (Chiu, page 3, paragraphs 0039-0040; network file system [data record] include slave and exclude files with list of valid nodes); and initiating, by the at least one server device, storage of a public key of the given source user device in a file of at least one of the one or more target user devices, wherein the given source user device accesses the at least one 10target user device using a secure remote connection protocol based at least in part on the public key of the given source user device stored in the file of the at least one target user device (Chiu, page 3, paragraph 0037; master node public key is received by the slave node; authorization key file stores  list a public keys that are allowed to access the node).
Chiu does not explicitly teach maintaining, by at least one server device, a data record identifying one or more target user devices that a given source user device is authorized to access, wherein the at least one server device is distinct from the one or more target user devices and the given source user device; and 10initiating, by the at least one server device. 
Taraci teaches maintaining, by at least one server device, a data record identifying one or more target user devices that a given source user device is authorized to access, wherein the at least one server device is distinct from the one or more target user devices and the given source user device (Taraci, Figure 4, column 2, lines 20-24 and column 8, lines 36-55; intermediate device [server] stores an authorized list of cryptographic public keys for source device and sink device).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Chiu with the teachings of Taraci for an Taraci, column 1, lines 59-60).
Regarding claim 17, Chiu in view of Taraci teaches the non-transitory processor-readable storage medium wherein the initiating the storage of the public key of the given 30source user device is performed in response to one or more of: (i) a user of the given source user 23119640.01 device requesting to access at least a given one of the one or more target user devices, (Chiu, page 2, paragraph 0032; user terminal receives command) and (ii) one or more of the target user devices being identified in the data record (Chiu, page 2, paragraph 0032 and page 3, paragraphs 0039-0040; add/remove salve node included in slave and exclude files).
Regarding claim 18, Chiu in view of Taraci teaches the non-transitory processor-readable storage medium wherein a private key of the given source user device is stored as an Identity File in a configuration file of the secure remote connection protocol on the given source user device (Chiu, page 3, paragraph 0038), wherein the configuration file of the secure remote connection protocol on the given source user device further comprises a network address and a user identifier for the one or more target user devices that the given source user device is authorized to access (Chiu, page 3, paragraphs 0038-0039; sshconfig file specifying hostname ad username).
Regarding claim 20, Chiu in view of Taraci teaches the non-transitory processor-readable storage medium further comprising removing the authorization of the given source 15user device to access a given target user device by initiating a deletion of the public key of the Chiu, page 3, paragraph 0040; remove slave node).

Claims  7, 14 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Chiu et al. (US Pub No. 2010/0306286) in view of Taraci (US Patent No. 8,649,519) as applied to claims 1-6, 9-13, 15-18 and 20-21 above, and in further view of Robert et al. (US Pub No. 2007/0234054).
Regarding claim 7, Chiu in view of Taraci teaches each and every claim limitation of claim 1. 
Chiu in view of Taraci does not explicitly teach the method wherein the data record further comprises a fingerprint of at least one key of the at least one target user device, and further comprising comparing a fingerprint of the at least one key returned by the at least one target user device upon the given source user device accessing the at least one target user device to the fingerprint of the at least one key of the at least one target user device obtained from the data record.
Robert teaches wherein the data record further comprises a fingerprint of at least one key of the at least one target user device (Robert, page 2, paragraph 0029 and page 5, paragraphs 0059 & 0063; stores fingerprint of access public key), and further comprising comparing a fingerprint of the at least one key returned by the at least one target user device upon the given source user device accessing the at least one target user device to the fingerprint of the at least one key of the at least one target user device obtained from the data Robert, page 2, paragraph 0029 and page 5, paragraphs 0059 & 0063; checking fingerprint access public key to values stored).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Chiu in view of Taraci with the teachings of Robert to use fingerprints of public keys to provide the advantage of decreasing the amount of capacity needed to store public keys (Robert, page 5, paragraph 0059).
Regarding claim 14, Chiu in view of Taraci teaches each and every claim limitation of claim 10. 
Chiu in view of Taraci does not explicitly teach the apparatus wherein the data record further comprises a fingerprint of at least one key of the at least one target user device, and further comprising comparing a fingerprint of the at least one key returned by the at least one target user device upon the given source user device accessing the at least one target user device to the fingerprint of the at least one key of the at least one target user device obtained from the data record.
Robert teaches wherein the data record further comprises a fingerprint of at least one key of the at least one target user device (Robert, page 2, paragraph 0029 and page 5, paragraphs 0059 & 0063; stores fingerprint of access public key), and further comprising comparing a fingerprint of the at least one key returned by the at least one target user device upon the given source user device accessing the at least one target user device to the fingerprint of the at least one key of the at least one target user device obtained from the data record (Robert, page 2, paragraph 0029 and page 5, paragraphs 0059 & 0063; checking fingerprint access public key to values stored).
Robert, page 5, paragraph 0059).
Regarding claim 19, Chiu in view of Taraci teaches each and every claim limitation of claim 16. 
Chiu in view of Taraci does not explicitly teach the non-transitory processor-readable storage medium wherein the data record further comprises a fingerprint of at least one key of the at least one target user device, and further comprising comparing a fingerprint of the at least one key returned by the at least one target user device upon the given source user device accessing the at least one target user device to the fingerprint of the at least one key of the at least one target user device obtained from the data record.
Robert teaches wherein the data record further comprises a fingerprint of at least one key of the at least one target user device (Robert, page 2, paragraph 0029 and page 5, paragraphs 0059 & 0063; stores fingerprint of access public key), and further comprising comparing a fingerprint of the at least one key returned by the at least one target user device upon the given source user device accessing the at least one target user device to the fingerprint of the at least one key of the at least one target user device obtained from the data record (Robert, page 2, paragraph 0029 and page 5, paragraphs 0059 & 0063; checking fingerprint access public key to values stored).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Chiu in view of Taraci with the teachings of Robert Robert, page 5, paragraph 0059).

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Chiu et al. (US Pub No. 2010/0306286) in view of Taraci (US Patent No. 8,649,519) as applied to claims 1-6, 9-11, 13, 15-18 and 20-21 above, and in further view of NIRWAL (US Pub No. 2018/0145955).
Regarding claim 8, Chiu in view of Taraci teaches each and every claim limitation of claim 1. 
Chiu in view of Taraci does not explicitly teach the method further comprising authenticating the given source user device using a single sign-on service.
NIRWAL teaches authenticating the given source user device using a single sign-on service (NIRWAL, page 11, paragraph 0075).
	It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Chiu in view of Taraci with the teachings of NIRWAL to use SSO to provide the advantage of the device being accessible yet protected (NIRWAL, page 11, paragraph 0075).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357.  The examiner can normally be reached on M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access 






/SHAQUEAL D WADE-WRIGHT/Examiner, Art Unit 2437