Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION

Claims 1-19 are pending in this office action.

Priority
Receipt is acknowledged of papers submitted under 35 U.S.C. 119(a)-(d), which papers have been placed of record in the file.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on June 18, 2020, is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-19 are rejected under 35 U.S.C. 103 as being unpatentable over Adrangi et al. (U.S. Patent Pub. No. 2017/0063999) in view of Rooyakkers (U.S. Patent Pub. No. 2017/0147807).

Regarding claim 1, Adrangi et al. teaches an electronic operating device arranged to protect communication between a consumer application and a network-connected consumer device, the operating device comprising: a communication interface arranged to digitally communicate with a network controller over a digital network, said network controller being arranged to digitally communicate with the operating device and the network-connected consumer device over the digital network (fig. 9, ref. num 920), a memory storing computer program instructions and a processor circuit connected to the memory for executing the computer program instructions, the computer program instructions comprising a consumer application part, and a protective part (fig. 9, ref. num 904), wherein the consumer application part is arranged to generate a command message for the network-connected device, and to forward the command message to the protective part of the computer program instructions (paragraph 0061), the protective part is arranged to protect the command message by signing the command message with a private key obtained from a key storage of the operating device, and to send the protected command message to the network controller, the network controller being arranged to forward the protected command message to the network-connected consumer device (paragraph 0058 and 0088).
Adrangi et al. does not teach verifying the protection of the command message.
Rooyakkers et al. teaches verifying the protection of the command message (paragraph 0068 and 0074).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine stuff, as taught by Rooyakkers et al., with the method of Adrangi et al.  It would have been obvious for such modifications because without proper verification anyone can send any type of message from one device to another.  Verification ensures only authorized messages make it to their intended targets.

Regarding claim 2, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the protective part comprises a first protective part, and a second protective part, wherein the consumer application part is arranged to forward the command message to the first protective part, the first protective part being arranged to forward the command message to the second protective part, the second protective part being arranged to sign the command message with the private key, wherein the second protective part is arranged to retrieve at least part of the program instructions of the first protective part, compute a hash function over the retrieved program instructions, obtain a pre-determined hash, verify that the computed hash equals the obtained hash before signing the command message (see paragraph 0076 of Rooyakkers et al.).

Regarding claim 3, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the first protective part has been randomized so that different operating devices implementing the same functions of the operating device have different hashes (see paragraph 0070 of Rooyakkers et al.).
claim 4, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the protective part comprises a first protective part, and a second protective part, the operating device comprising a key storage, the key storage storing the private key in multiple parts, the second part having access to the key storage, wherein at least two parts of the private key are encrypted with a different storage key, and/or the order of the multiple parts has been scrambled (see paragraph 0056 of Rooyakkers et al.).

Regarding claim 5, Adrangi et al. teaches wherein a storage key depends at least in part on a device metric of the operating device (paragraph 0060).

Regarding claim 6, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the protective part comprises a first protective part, and a second protective part, said first protective part being configured to run in a user mode and the second protective part being configured to run in a privileged mode (see paragraph 0068 of Rooyakkers et al.).

Regarding claim 7, Adrangi et al. teaches wherein the digital network is configured so that all messages of the operating device and of the network-connected consumer device pass through the network controller (fig. 1, ref. num 102).

Regarding claim 8, Adrangi et al. teaches wherein the protective part is arranged to encrypt the command message, said encrypting being arranged for decryption by the network controller (paragraph 0046).
claim 9, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the protective part is arranged to generate a transaction random, and to send the transaction random associated with the protected command message to the network controller (see paragraph 0070 of Rooyakkers et al.).

Regarding claim 10, Adrangi et al. teaches wherein the first protective part is configured to display a private desktop to a user of the operating device (paragraph 0061).

Regarding claim 11, Adrangi et al. as modified by Rooyakkers et al. teaches a network controller for use with an operating device as in claim 1, the network controller comprises: a communication interface for digital communication with the operating device and the network-connected consumer device (see fig. 9, ref. num 920 of Adrangi et al.), a processor circuit configured to receive the protected command message over the communication device (see fig. 9, ref. num 902 of Adrangi et al.), verify the protection of the protected command message and to forward the command message to the network-connected device (see paragraph 0068 and 0074 of Rooyakkers et al.).

Regarding claim 12, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the processor circuit of the network controller is configured to obtain from the protected command message the command message, protect the command message to obtain a second protected command message by encrypting the second command message with a public key of the selected network-connected device and/or signing the command message with a private key of 

Regarding claim 13, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the network-connected device is configured to generate a further message, and to send the further message to the network controller, wherein the network controller comprises a storage arranged to store a traffic profile of the network-connected device, and wherein the processor circuit of the network controller is configured to determine that the further message satisfies the traffic profile, and if so forward the further message (see paragraph 0064 of Rooyakkers et al.).

Regarding claim 14, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the traffic profile comprises rules for messages generated by the network-connected consumer device, said rules being based upon one or more of data format, allowable port usage, data/exchange intervals, horizontal communications, required interaction prior to conducting a TCP/IP exchange (see paragraph 0057 of Rooyakkers et al.).

claim 15, Adrangi et al. as modified by Rooyakkers et al. teaches wherein the network controller is arranged with a configuration password, the processor circuit of the network controller being configured to generate a random string, replace the configuration password with the random string, encrypt the random string, and send the encrypted random string to another device (see paragraph 0056 of Rooyakkers et al.).

Regarding claim 16, Adrangi et al. as modified by Rooyakkers et al. teaches wherein a transaction random is received associated with the protected command message, the processor circuit of the network controller being configured to verify if a transaction random storage comprises the received transaction random, and if so to block the command message, and if not, add the transaction random to the transaction random storage (see paragraph 0070 of Rooyakkers et al.).

Regarding claims 17 and 19, Adrangi et al. teaches a protection method arranged to protect communication between a consumer application and a network-connected consumer device, the protection method comprising: arranging digital communication with a network controller over a digital network, said network controller being arranged to digitally communicate over a digital network with an operating device running the consumer application and with the network-connected consumer device (fig. 9, ref. num 920), providing computer program instructions comprising a consumer application part, and a protective part (fig. 9, ref. num 924), generating a command message for the network-connected device, and to forward the command message to the protective part of the computer program instructions (paragraph 0061), protecting the command message by signing the command message with a private key, and sending the protected command 
Adrangi et al. does not teach verifying the protection of the command message.
Rooyakkers et al. teaches verifying the protection of the protected command message and forwarding the protected command message to the network-connected consumer device (paragraph 0068 and 0074).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine stuff, as taught by Rooyakkers et al., with the method of Adrangi et al.  It would have been obvious for such modifications because without proper verification anyone can send any type of message from one device to another.  Verification ensures only authorized messages make it to their intended targets.

Regarding claim 18, Adrangi et al. teaches a network method for use with an operating device, the network method comprises: arranging digital communication with the operating device and a network-connected consumer device (fig. 2 and fig. 9, ref. num 920), receiving a protected command message from the operating device (paragraph 0061).
Adrangi et al. does not teach verifying the protection of the command message.
Rooyakkers et al. teaches verifying the protection of the protected command message and forwarding the command message to the network-connected device (paragraph 0068 and 0074).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine stuff, as taught by Rooyakkers et al., with the method of Adrangi et al.  It would have been obvious for such modifications because without proper verification anyone can send any type of message from one device to another.  Verification ensures only authorized messages make it to their intended targets.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRANDON HOFFMAN whose telephone number is (571)272-3863.  The examiner can normally be reached on Monday-Friday 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/BRANDON HOFFMAN/Primary Examiner, Art Unit 2433