Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This is in response to Application #16/790,125 filed on 02/13/2020 in which Claims 1-20 are presented for examination.

Status of Claims
Claims 1-20 are pending, of which Claims 1-20 are rejected under 35 U.S.C. 103.

Applicant’s Most Recent Claim Set of 02/13/2020
Applicant’s most recent claim set of 02/13/2020 is considered to be the latest claim set under consideration by the examiner.

Claim Objections
Regarding Claim 19, this claim is objected to for lack of antecedent basis.  This claim recites the intended limitation “the one or more encrypted data” in Line 2.  There is no mention of “one or more encrypted data” before the appearance of the intended limitation “the one or more encrypted data” in Line 2.

Appropriate correction is required.

Prior Art Rejections - 35 USC § 102 and/or 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 4, 5, 8, 9, 12, 13, 16, 17, 19, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Payne et al. US Patent Application Publication #2012/0159591 in view of Lin et al. US Patent Application Publication #2010/0067691 and further in view of Yip et al. US Patent Application Publication #2002/0004901.

Regarding Claim 17, Payne et al. discloses:
A method comprising: generating, by a first computing device, an optically scannable visual representation, the visual representation including a graphical authentication identifier associated with the first computing device [(Payne et al. Par 34 Lines 1-3; Figure 3 Items 301,303,305) where Payne et al. teaches a first computing ;
causing, by the first computing device, a display of the generated optically scannable visual representation to enable an image capture device of a mobile (another) computing device to acquire the graphical authentication identifier by scanning the display of the visual representation [(Payne et al. Par 34 Lines 1-3; Par 35 Lines 11-21; Figure 5 Items 301, 303, 305) where Payne et al. teaches the first computing device displaying the generated optically scannable visual representation of a graphical authentication identifier associated with the first computing device so that it can be scanned by the image capture circuitry of a mobile computing device and the mobile computing device scanning the visual representation of the graphical authentication identifier displayed on the first computing device’s display screen in order to capture the image];
receiving, by the first computing device, a request of a second computing device (server) to access (and establish a connection with) the first computing device, the request including data encrypted, providing, by the first computing device, the second computing device (server) with access to the first computing device [(Payne et al. Par 37 Lines 1-10; Par 42 Lines 1-5; Figure 5) where Payne et al. teaches that the first computing device receives an encrypted request from the server to access, establish an connection with, and provide expected encrypted authentication data, for which the first computing device provides access to the server to do so.

Payne et al. does not appear to explicitly disclose:
a public portion of an encryption key
that the encrypted data is a client certificate
that the encryption key used in the encrypting of the client certificate is the public portion of an encryption key
that the access provided is based on decryption of the encrypted data using a private portion of the encryption key

However, Lin et al. discloses:
that an authentication identifier can be a public portion of an encryption key [(Lin et al. Par 141 Lines 12-14; Par 143 Lines 1-4) where Lin et al. teaches an Authentication Identifier that is the public portion of a public/private key pair].

Payne et al. and Lin et al. are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Payne et al. and the teachings of Lin et al. by providing an Authentication Identifier that is the public portion of a public/private key pair as taught by Lin et al. in the teaching described by Payne et al.
The motivation for doing so would be to increase the usability and flexibility of Payne et al. by providing an Authentication Identifier that is the public portion of a 

The combination of Payne et al. and Lin et al. does not appear to explicitly disclose:
that the encrypted data is a client certificate
that the encryption key used in the encrypting of the client certificate is the public portion of an encryption key
that the access provided is based on decryption of the encrypted data using a private portion of the encryption key

However, Yip et al. discloses:
that the encrypted data is a client certificate, that the encryption key used in the encrypting of the client certificate is the public portion of an encryption key, that the access provided is based on decryption of the encrypted data using a private portion of the encryption key [(Yip et al. Par 65 Lines 1-8; Par 66 Lines 1-9; Fig 6) where Yip et al. teaches the industry standard use and sharing of certificates to define public/private key pairs for authentication exchange, the use of the public portion of a public/private key pair to encrypt data or a client certificate, and the use of the private portion of a public/private key pair to decrypt data or a client certificate].

“same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Payne et al. and Lin et al. and the teachings of Yip et al. by providing the industry standard use and sharing of certificates to define public/private key pairs for authentication exchange, the use of the public portion of a public/private key pair to encrypt data or a client certificate, and the use of the private portion of a public/private key pair to decrypt data or a client certificate as taught by Yip et al. in the teaching described by Payne et al. and Lin et al.
The motivation for doing so would be to increase the usability and flexibility of Payne et al. and Lin et al. by providing the industry standard use and sharing of certificates to define public/private key pairs for authentication exchange, the use of the public portion of a public/private key pair to encrypt data or a client certificate, and the use of the private portion of a public/private key pair to decrypt data or a client certificate as taught by Yip et al. in the teaching described by Payne et al. and Lin et al. so as to make use of industry standard ways to utilize both certificates and public/private key pairs.

Regarding Claim 1:
It is a method claim corresponding to the method claim of claim 17. Therefore, claim 1 is rejected with the same rationale as applied against claim 17 above.

Regarding Claim 4, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of Payne et al. and Lin et al., and Yip et al. discloses:
The method of claim 1, wherein displaying the generated visual representation comprises displaying an optically scannable visual representation. [(Payne et al. Par 34 Lines 1-3; Figure 5 Items 301,303,305) where Payne et al. teaches a first computing device generating an optically scannable visual representation of a graphical authentication identifier associated with the first computing device]

Regarding Claim 5, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of Payne et al. and Lin et al., and Yip et al. discloses:
The method of claim 1, wherein the establishment of the connection between the computing device and the server comprises: authenticating the computing device based on decrypting, by the computing device and based on a private portion of the encryption key, the received encrypted client certificate. [(Payne et al. Par 37 Lines 1-10; Par 42 Lines 1-5; Figure 5) where Payne et al. teaches that the first computing device receives an encrypted request from the server to access, establish an connection with, and provide expected encrypted authentication data, for which the first computing device provides access to the server to do so] [(Yip et al. Par 65 Lines 1-8; Par 66 Lines 1-9; Fig 6) where Yip et al. teaches the decrypting of an 

Regarding Claim 8, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of Payne et al. and Lin et al., and Yip et al. discloses:
The method of claim 1, wherein the encrypted client certificate is received, based on a request, by the computing device, to establish connection with the server [(Payne et al. Par 37 Lines 1-10; Par 42 Lines 1-5; Figure 5) where Payne et al. teaches that the first computing device receives an encrypted request from the server to access, establish an connection with, and provide expected encrypted authentication data, for which the first computing device provides access to the server to do so] [(Yip et al. Par 65 Lines 1-8; Par 66 Lines 1-9; Fig 6) where Yip et al. teaches the decrypting of an application or client certificate with a secret or private key for the establishment of a connection].

Regarding Claim 9:
It is a system claim corresponding to the method claim of claim 17. Therefore, claim 9 is rejected with the same rationale as applied against claim 17 above.  In addition Claim 9 discloses a memory and a processor coupled to the memory, which is taught by Payne et al. at Payne et al. Par 23 Lines 6-10.

Regarding Claim 12:


Regarding Claim 13:
It is a system claim corresponding to the method claim of claim 5. Therefore, claim 13 is rejected with the same rationale as applied against claim 5 above.  In

Regarding Claim 16:
It is a system claim corresponding to the method claim of claim 8. Therefore, claim 16 is rejected with the same rationale as applied against claim 8 above.  In

Regarding Claim 19, most of the limitations of this claim have been noted in the rejection of Claim 17.  Applicant is directed to the rejection of Claim 17 above.  In addition, the combination of Payne et al. and Lin et al., and Yip et al. discloses:
The method of claim 17, wherein the second computing device is granted access to the first computing device based on determining that the one or more encrypted data is able to be decrypted using the private portion of the encryption key. [(Payne et al. Par 37 Lines 1-10; Par 42 Lines 1-5; Figure 5) where Payne et al. teaches that the first computing device receives an encrypted request from the server to access, establish an connection with, and provide expected encrypted authentication data, for which the first computing device provides access to the server to do so] [(Yip et al. Par 65 Lines 1-8; Par 66 Lines 1-9; Fig 6) where Yip et al. teaches the decrypting of 

Regarding Claim 20, most of the limitations of this claim have been noted in the rejection of Claim 17.  Applicant is directed to the rejection of Claim 17 above.  In addition, the combination of Payne et al. and Lin et al., and Yip et al. discloses:
The method of claim 17, wherein the second computing device is denied access to the first computing device based on determining that the received encrypted data is unable to be decrypted using the private portion of the encryption key [(Payne et al. Par 37 Lines 1-10; Par 42 Lines 1-5; Figure 5) where Payne et al. teaches that the first computing device receives an encrypted request from the server to access, establish an connection with, and provide expected encrypted authentication data, for which the first computing device provides access to the server to do so] [(Yip et al. Par 65 Lines 1-8; Par 66 Lines 1-9; Fig 6) where Yip et al. teaches the decrypting of an application or client certificate with a secret or private key for the establishment of a connection].


Claim(s) 2-3, 10-11, 18 are rejected under 35 U.S.C. 103 as being unpatentable over Payne et al. US Patent Application Publication #2012/0159591 in view of Lin et al. US Patent Application Publication #2010/0067691 and further in view of Yip et al. US Patent Application Publication #2002/0004901 and further in view of Trusted Computing Platform Alliance Main Specification Version 1.1b February 1, 2002.

Regarding Claim 2, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of Payne et al. and Lin et al., and Yip et al. discloses:
The method of claim 1,

The combination of Payne et al. and Lin et al., and Yip et al. does not appear to explicitly disclose:
wherein the encryption key is a hardware secured encryption key associated with the computing device.

However, Trusted Computing Platform Alliance Main Specification Version 1.1b discloses:
wherein the encryption key is a hardware secured encryption key associated with the computing device [(Trusted Computing Platform Alliance Main Specification Version 1.1b Section 4.6 Lines 1-4; Section 8.10.7 Subsection Actions Item 3 Lines 1-2; Section 9.2 Lines 1-7) where Trusted Computing Platform Alliance Main Specification Version 1.1b teaches an encryption key of a TPM Endorsement Key Pair that is hardware secured by the TPM silicon chip and is associated with a specific computing device].

“same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Payne et al., Lin et al., and Yip et al. and the teachings of Trusted Computing Platform Alliance Main Specification Version 1.1b by providing the use of an industry standard Trusted Platform Module silicon chip for the hardware securing of an encryption key as taught by Trusted Computing Platform Alliance Main Specification Version 1.1b in the teaching described by Payne et al., Lin et al., and Yip et al.
The motivation for doing so would be to increase the usability and flexibility of Payne et al., Lin et al., and Yip et al. by providing the use of an industry standard Trusted Platform Module silicon chip for the hardware securing of an encryption key as taught by Trusted Computing Platform Alliance Main Specification Version 1.1b in the teaching described by Payne et al., Lin et al., and Yip et al. so as to utilize a common industry standard way of securing encryption keys with physical hardware.

As to Claim 3, this claim is rejected for the same reasons as Claim 2 above.  In addition, the combination of Payne et al., Lin et al., and Yip et al. and Trusted Computing Platform Alliance Main Specification Version 1.1b discloses:
The method of claim 1, wherein the encryption key comprises a Trusted Platform Module (TPM) endorsement key, and the public portion of the encryption key comprises a TPM public endorsement key (EK) [(Trusted Computing Platform Alliance Main Specification Version 1.1b Section 4.6 Lines 1-4; Section 8.10.7 Subsection Actions Item 3 Lines 1-2; Section 9.2 Lines 1-7) where Trusted Computing Platform Alliance Main Specification Version 1.1b teaches an encryption key of a TPM Endorsement Key Pair that is hardware secured by the TPM silicon chip and has a public portion of the TPM Endorsement Key Pair labeled PUBEK, an acronym for the public portion of the TPM Endorsement Key].

Regarding Claim 10:
It is a system claim corresponding to the method claim of claim 2. Therefore, claim 10 is rejected with the same rationale as applied against claim 2 above.  In

Regarding Claim 11:
It is a system claim corresponding to the method claim of claim 3. Therefore, claim 11 is rejected with the same rationale as applied against claim 3 above.  In

Regarding Claim 18:
It is a method claim corresponding to the method claim of claim 3. Therefore, claim 18 is rejected with the same rationale as applied against claim 3 above.


Claim(s) 6-7, 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Payne et al. US Patent Application Publication #2012/0159591 in view of Lin et al. US Patent Application Publication #2010/0067691 and further in view of Yip et al. US Patent Application Publication #2002/0004901 and further in view of Schrader et al. US Patent #10,324,706.

Regarding Claim 6, most of the limitations of this claim have been noted in the rejection of Claim 1.  Applicant is directed to the rejection of Claim 1 above.  In addition, the combination of Payne et al. and Lin et al., and Yip et al. discloses:
The method of claim 1,

The combination of Payne et al. and Lin et al., and Yip et al. does not appear to explicitly disclose:
wherein the establishment of the connection enables a network boot program (NBP) executing on the computing device to stream provisioning software from the server.

However, Schrader et al. discloses:
wherein the establishment of the connection enables a network boot program (NBP) executing on the computing device to stream provisioning software from the server [(Schrader et al. Column 21 Lines 26-35) where Schrader et al. teaches that the establishment of the connection initiates a network boot loader environment that communicates with a server computer over a network to receive or .

Payne et al., Lin et al., and Yip et al. and Schrader et al. are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “information security”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Payne et al., Lin et al., and Yip et al. and the teachings of Schrader et al. by providing the establishment of a connection that initiates a network boot loader environment that communicates with a server computer over a network to receive or stream provisioning software or code for compiling executable instructions for operating the computer system as taught by Schrader et al. in the teaching described by Payne et al., Lin et al., and Yip et al.
The motivation for doing so would be to increase the usability and flexibility of Payne et al., Lin et al., and Yip et al. by providing the establishment of a connection that initiates a network boot loader environment that communicates with a server computer over a network to receive or stream provisioning software or code for compiling executable instructions for operating the computer system as taught by Schrader et al. in the teaching described by Payne et al., Lin et al., and Yip et al. so as to provide the option of utilizing different versions of boot or startup software on the computing device.


The method of claim 1, wherein the public portion of the encryption key included in the generated visual representation is retrieved by a network boot program (NBP) executing on the computing device [(Payne et al. Par 34 Lines 1-3; Figure 3 Items 301,303,305) where Payne et al. teaches a first computing device generating an optically scannable visual representation of a graphical authentication identifier associated with the first computing device] [(Lin et al. Par 141 Lines 12-14; Par 143 Lines 1-4) where Lin et al. teaches an Authentication Identifier that is the public portion of a public/private key pair] [(Schrader et al. Column 21 Lines 26-35) where Schrader et al. teaches that the establishment of the connection initiates a network boot loader environment that communicates with a server computer over a network to receive or stream provisioning software or code for compiling executable instructions for operating the computer system].

Regarding Claim 14:
It is a system claim corresponding to the method claim of claim 6. Therefore, claim 14 is rejected with the same rationale as applied against claim 6 above.

Regarding Claim 15:
It is a system claim corresponding to the method claim of claim 7. Therefore, claim 15 is rejected with the same rationale as applied against claim 7 above.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Westra et al - US_20170257345: Westra et al teaches secure tunneling with authentication for mobile devices.
Belfield et al - US_10013558: Belfield et al teaches the secure updating of software applications on target systems or devices.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789.  The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM Eastern Time.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571) 272- 8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2498