Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
The non-statutory double patenting rejection has been withdrawn in view of the approved Terminal Disclaimed.
The rejection under 35 USC 101 has been withdrawn in view of amendment in view of amendment to claim 22.
The rejection under 35 USC 112(d) has been withdrawn in view of amendment to claims 7 and 8.
Response to arguments regarding Claims Rejections under 35 USC § 103
Applicant's arguments filed on January 24, 2022 have been fully considered but they are not persuasive to overcome the prior arts in record and place the claims in a better condition for allowance for at least the following reasons.
In the response, the applicant argues that; Oguma fails to teach or suggest the three-component communication referenced by claim 2 and there is no teaching or suggestion that one having ordinary skill in the art would combine or modify Oguma's transaction with another device or system in the manner recited by claim 2. Oguma describes a CAN bus arrangement that includes a master ECU 110m and multiple general ECUs 100a, 100b, 100c. In Oguma, then, there is no "external system."  The applicant continues to further argue that, there is no disclosure of, and further no reason, that the master ECU would receive a write message including data to be 

The examiner disagrees with the applicant’s argument and analysis. Claims 2 is a system claim directed to comprise two elements -a primary memory device and a secondary memory device unlike the applicant’s assertion that it comprises three elements (a primary memory device, a secondary memory device and a first external system). However, in claim 2, the primary memory device is configured to perform operation of receiving, from the first external system, a first message (also as described in the applicant’s disclosure in Figure 1: 118 that is connected over Network 116) in addition to operations of verifying, generating and sending. 

Oguma discloses, the ECUS are communicating with external systems (See Figure $A and 4B where, the ECU is communicating with Certification Authority and Management Device; ¶0064: The management device transmits the public key of the ECU and a digest value of an authentic program to be mounted to the ECU to a certification authority (a root certificate authority) and requests creation of an electronic certificate (S304). The certification authority creates an electronic certificate corresponding to the received public 
Furthermore, the applicant's argument is presented against the references individually, by selectively attacking a single reference (Oguma) where the rejection is based on combinations of references (Smith in view of OGUMA in further view of Addepalli) presented in the Office Action as follows: OGUMA does not explicitly disclose the first system from which the first message is received and association of the first message payload data is from an external system. Addepalli, in analogous art however, discloses the first system from which the first message is received and association of the first message payload data is to an external system (Column 8: lines 3-30, lines 65-66, column 9: lines 1-4; Column 12: lines 38-43). The modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to establishing a particular connection between the media hub element of the vehicle and a media hub element provisioned in a residential environment, synchronizing selected content in the media hub element of the vehicle with a media hub element provisioned in a cloud network and to further include downloading particular content at the media hub element of the vehicle as suggested by Addepalli (Column 2: lines 55-67).
The examiner would like to further note that, the applicant’s disclosure is implementing the Primary or Secondary Memory Devices (described in applicant’s disclosure ¶0013 Securing memory arrangements that may be found in various forms of data processing systems (also referred to herein as processing systems). In some examples, the secure memory arrangements described herein are used in processing systems incorporated with various apparatuses such as, for example, appliances, vehicles, industrial equipment, 
Finally, Oguma uses public private key (Asymmetric key) configuration, electronic certificates, symmetric key and session key as well as mutual authentication as needed among ECU’s communication and with the external certification Authority and Management device. Similarly, the applicant is using public-private key initially and then symmetric key in the final operation as recited in claim 2, and therefore the applicant’s argument failed to make clear distinction between implementation of cryptographic keys in claim 2 and cryptographic keys Oguma.

Overall, the applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references. Therefore, the applicant’s argument are not persuasive to overcome the prior arts in record and place the claims in a better condition for allowance, the following rejections are maintained. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-4, 9-15, and 18-22 are rejected under 35 U.S.C. 103 as being unpatentable over OGUMA et. al. (Hereinafter referred to as OGUMA: US 20170111177 A1) Addepalli et al. (Hereinafter referred to as Addepalli; US. Pat. No.: US 9083581 B1).

As per claim 2:
OGUMA discloses a system comprising: a primary memory device in communication with at least one secondary memory device, the primary memory device configured to perform operations ([0011]: A master ECU and a general ECU, in which the master ECU and the general ECU perform mutual authentication using a public key encryption system) comprising:
receiving, from a first system, a first write message comprising first message payload data and first asymmetric cryptographic data ([0012]: The master ECU is provided with a private key 
verifying the first message payload data using the first asymmetric cryptographic data and a public cryptographic key associated with the first system ([0014]: The master ECU verifies, using the general ECU electronic certificate, the transmission data attached with the digital signature and transmitted from the general ECU and, at the same time, verifies whether the specified data included in the transmission data matches the specified data included in the general ECU electronic certificate);
generating first symmetric cryptographic data using the first message payload data and a first symmetric cryptographic key associated with a first secondary memory device ([0053] : The master ECU m generates a session key K using the encryption engine 121m (S103); the session key K is a random number; since one session key is shared in the vehicle system, generating a session key once during the mutual authentication process may suffice; [0056]: Using the encryption engine 121m, the master ECU m encrypts the session key K generated in step S103 with the public key (included in the electronic certificate) of the general ECU a to obtain an encrypted session key EK (S106); the master ECU m uses the encryption engine 121m to calculate a digest value D.sub.m of the program 111m (S107)); and


OGUMA does not explicitly disclose the first system from which the first message is  received and association of the first message payload data is to an external system. Addepalli, in analogous art however, discloses the first system from which the first message is received and association of the first message payload data is to an external system ([Column 8: lines 3-30]: Provided for agent identity management that is flexible, secure, and allows network access to be switched dynamically for different agents; authenticating an agent to onboard unit (OBU) 30 of vehicle 4, provisioning an identity profile associated with the agent, and provisioning one or more virtual subscriber identity modules (VSIMs) associated with the agent; a particular transaction is authorized when the transaction is associated with the agent requiring remote network access to external devices, the selection of network credentials, such as VSIMs, WiFi, etc., associated with the particular agent, which may be determined by evaluating the agent, the transaction, and a current geographical location of the vehicle; [Column 8: lines 65-66, column 9: lines 1-4]: In-vehicle mobile devices 18a-b, and mobile devices external to vehicle 4, may communicate with OBU 30 of communication system 10 through any wired or wireless communication link and may be configured as a personal area network (PAN) or a wireless personal area network (WPAN) or any other appropriate architecture or system that facilitates communications in a network 
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the claimed limitations of the first message payload data disclosed by OGUMA to include the first system from which the first message received and association of the first message payload data is to an external system. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to establishing a particular connection between the media hub element of the vehicle and a media hub element provisioned in a residential environment, synchronizing selected content in the media hub element of the vehicle with a media hub element provisioned in a cloud network and to further include downloading particular content at the media hub element of the vehicle as suggested by Addepalli (Column 2: lines 55-67).

As per claim 3:
Addepalli discloses wherein the primary memory device is further configured to perform operations comprising: sending a symmetric cryptographic key request to an external database; 

As per claim 4:
Claim 4 is directed to the system of claim 2, wherein the primary memory device is further configured to perform operations comprising: receiving, from a second external system, a second message comprising second message payload data, second asymmetric cryptographic data, and an indication of a second secondary memory device; verifying the second message payload data using the second asymmetric cryptographic data and a public cryptographic key associated with the second external system; generating second symmetric cryptographic data using the second message payload data and a second symmetric cryptographic key associated with the second secondary memory device; and sending the second message payload data and the second symmetric cryptographic data to the second secondary memory device.
Limitation features of claim 4 are substantially similar in structure and content to corresponding limitations of claim 2, except each and every elements identified as first in claim 

As per claim 9:
OGUMA discloses the first secondary memory device, wherein the secondary memory device is configured to perform operations comprising:
receiving the first message payload data and the first symmetric cryptographic data ([0049]: ECU to exchange a session key (a common key) by distributing a same session key to all general ECUs; 0060);
verifying the first message payload data using the first symmetric cryptographic data and a copy of the first symmetric cryptographic key stored at the first secondary memory device ([0047]: verified using a digest value; [0053]); and
writing at least a portion of the first message payload data to the first secondary memory device ([0066-0068]: saves an electronic certificate 131 of the replacement ECU in a storage medium 200 (a flash memory, a CD-ROM, or the like) that is a separate medium to the ECU).

As per claim 10:

generating outgoing symmetric cryptographic data ([0053]: The master ECU m generates a session key K using the encryption engine 121m);
generating an outgoing message comprising outgoing message payload data, the outgoing symmetric cryptographic data ([0054]: ECU m receives a message with a digital signature from the general ECU)), [an indication of the first external system discloses by Addepalli as suggested in claim 2: [Column 8: lines 65-66, column 9: lines 1-4]); and
sending the outgoing message to the primary memory device ([0059]: safe communication is performed using the session key between the master ECU m and the general ECU a.);

As per claim 11:
OGUMA discloses the first secondary memory device, wherein the first secondary memory device is configured to perform operations comprising:
receiving a provisioning signal indicating a provisioning of the first symmetric cryptographic key ([0016]: The session key is to be used after mutual authentication is completed as a common key for communication between the master ECU and the general ECU); and
sending the first symmetric cryptographic key to the primary memory device ([0016]:  a session key and transmits the transmission data to the general ECU. When transmitting the session key, the session key is favorably transmitted encrypted so that only the general ECU that is a transmission destination can read the session key).

As per claim 12:
Addepalli disclose wherein the provisioning signal indicates that power has been provided to the system (Column 33: lines 30-34:  When an agent attempts to gain access to OBU 30, flow moves to step 1002 and an agent is detected, providing power to OBU 30).

As per claims 13-15 and 18-21:
Claims 13-15 and 18-21 are directed to a method having substantially similar claimed limitation features to their corresponding limitation in respective claims 1-4 and 9-10 and therefore, claims 13-15 and 18-21 are rejected with the same rationale given above to reject corresponding limitation in respective claims 1-4 and 9-10.

As per claim 22:
Claim 22 is directed to a non-transitory computer-readable medium comprising instructions thereon that, when executed by a computing device comprising one or more processors, cause the computing device to perform operations having substantially similar claimed limitation features to their corresponding limitation in claim 2 and therefore, claim 22 is rejected with the same rationale given above to reject corresponding limitation in claim 2.

Claims 5-8 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over OGUMA et. al. (Hereinafter referred to as OGUMA: US 20170111177 A1) Addepalli et al. .

As per claim 5:
OGUMA and Addepalli do not explicitly disclose wherein the primary memory device is further configured to perform operations comprising: receiving from the first secondary memory device an output message directed to the first external system, the output message comprising output message payload data and output symmetric cryptographic data; and verifying the output message payload data using the output symmetric cryptographic data and the first symmetric cryptographic key associated with the first secondary memory device. 
UJIIE, in analogous art however, discloses wherein the primary memory device is further configured to perform operations comprising: receiving from the first secondary memory device an output message directed to the first external system, the output message comprising output message payload data and output symmetric cryptographic data ([0087]: The shared key list storing unit 410 stores a shared key list that is a list correlating shared keys shared beforehand for use in transmission of session keys among the ECUs, with the CAN-IDs. One shared key is designated for each CAN-ID. The correlation between a certain CAN-ID and shared key in the shared key list indicates the correlation between the ECU transmitting the frame including that CAN-ID, and the shared key. Besides designating a shared key for each CAN-ID, one shared key may be designated for all ECUs. Alternatively, in a case where the bus 200 is of a configuration where multiple sub-nets are connected by a gateway, the bus 200 may designate one shared key for each sub-net (each set of ECUs connected to a sub-net); [0079]: The frame analyzing unit 402 


As per claim 6:
UJIIE discloses wherein the primary memory device is further configured to perform operations comprising: generating asymmetric output cryptographic data using the output message payload data and a private cryptographic key associated with the primary memory device; and sending the output message payload data and the asymmetric output cryptographic data to the first external system ([0216]: The shared keys shared between the master ECU (key managing device) and other multiple ECUs (keys shared before transmission of session keys) shown in the above-described embodiments may be shared keys in a shared key encryption system (secret keys), or alternatively may be a key pair (public key and secret key) in a public key 

As per claim 7:
UJIIE discloses wherein the primary memory device includes one or more processors executing instructions retained in the primary memory device to perform one or more of the operations ([0096; 010]; Figure 7: MAC Processing Unit 107; Decryption Processing Unit 105].

As per claim 8:
UJIIE discloses wherein the primary memory device is in communication with at least the first secondary memory device through a bus, and wherein the first secondary memory device forms a portion of a control system in an automobile ([0061]: The onboard network system 10 has multiple devices that communicate by frames via a bus following the CAN protocol, and uses a key management method. Specifically, the onboard network system 10 is configured including a bus 200, the master ECU (key management device) 400, and nodes like ECUs connected to the 

As per claims 16-17:
Claims 16-17 are directed to a method having substantially similar claimed limitation features to their corresponding limitation in respective claims 5-6 and therefore, claims 16-17 are rejected with the same rationale given above to reject corresponding limitation in respective claims 16-17.

BRI (Broadest Reasonable Interpretation)
The above claims under examination have been given their BRI consistent with the applicant’s disclosure as they would be interpreted by one of ordinary skill in the art at the time of filing the invention and the following claim words or terms or phrases or languages have been given to them, as follows, reasonable BRI considerations and context in view of the applicant’s disclosure in order to construe and appraise boundary and scope of the claimed limitations. For example, for the following claim words or terms or phrases or languages, the examiner recites BRI considerations from the applicant’s disclosure as follows:

Primary or Secondary Memory Device:	[0013: Securing memory arrangements that may be found in various forms of data processing systems (also referred to herein as processing systems). In some examples, the secure memory arrangements described herein are used in processing systems incorporated with various apparatuses such as, for example, appliances, vehicles, 

Computer-Readable Medium:	[0077: While the computer readable medium 722 is illustrated in an example to be a single medium, the term “computer readable medium” may include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more instructions 724. The term “computer readable medium” shall also be taken to include any tangible medium that is capable of storing, encoding or carrying instructions for execution by the machine and that cause the machine to perform any one or more of the methodologies of the present disclosure or that is capable of storing, encoding or carrying data structures utilized by or associated with such instructions. The term “computer readable medium” shall accordingly be taken to include, but not be limited to, solid-state memories, and optical and magnetic media].


Conclusion
The prior arts made of record and not relied upon are considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior arts.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784. The examiner can normally be reached 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/TECHANE GERGISO/Primary Examiner, Art Unit 2494