Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
DETAILED ACTION
	This action is in response to applicant’s submittal made on 10/14/2019. Claims 1-20 are pending. 
Specification (Title)
The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1- 5 and 7-19 are rejected under 35 U.S.C. 103 as being unpatentable over Ramanujam (US Patent Publication No. 2019/0250616) in view of Markham (US Patent Publication No. 2017/0310674).

As to claims 1 and 15, Ramanujam teaches a system comprising a first computer including a first processor and a first memory, the first memory including instructions such that the first processor is programmed to: 
receive, from the server, a second digital document authorizing the specified access to the one or more vehicle systems (i.e., …teaches in par. 61 the following: “while sending the authorization message to the service center device 330, the computing device 310 may also instruct the autonomous vehicle 320 to provide limited access or control to enable performance of the service on the autonomous vehicle 520. For example, the autonomous vehicle 320 may be instructed to unlock the doors to allow the service provider access to inside the autonomous vehicle 320. In another example, the autonomous vehicle 320 may be instructed to open a fuel tank door or charging door so that the service provider can refuel or recharge the autonomous vehicle 320. In another example, the autonomous vehicle 320 may be instructed to allow the service provider to operate the autonomous vehicle 520 using a manual driving mode for purposes of driving to and from a service garage, etc. As a non-limiting example, the autonomous vehicle 320 may be driven within 50 yards with respect to an initial location after arriving at the service center 340.”),
and provide, to the remote device, the specified access to the one or more vehicle systems based on the first digital document and second digital document (i.e., …teaches in par. 61 the following: “while sending the authorization message to the service center device 330, the computing device 310 may also instruct the autonomous vehicle 320 to provide limited access or control to enable performance of the service on the autonomous vehicle 520. For example, the autonomous vehicle 320 may be instructed to unlock the doors to allow the service provider access to inside the autonomous vehicle 320. In another example, the autonomous vehicle 320 may be instructed to open a fuel tank door or charging door so that the service provider can refuel or recharge the autonomous vehicle 320. In another example, the autonomous vehicle 320 may be instructed to allow the service provider to 

Ramanujam does not expressly teach: 
receive, from a remote device, a first digital document including a digital signature from a server and specifying access to one or more vehicle systems for the remote device.
In this instance the examiner notes the teachings of prior art reference Markham.    
With regards to applicant’s claim limitation element of, “receive, from a remote device, a first digital document including a digital signature from a server and specifying access to one or more vehicle systems for the remote device”, teaches in par. 0059 the following: “A policy change authorization token may be noted. The vehicle manufacturer may create a token and digitally sign it. This token may flow from the vehicle manufacturer to the accessing entity manufacturer, into an accessing entity and finally into the security module. The security module may be able to verify the digital signature applied by the vehicle manufacturer. The above noted five entities may work together during the certification process and operation as noted herein.”. The examiner notes that Markham tells us that the token (i.e., a digital document) is signed. The examiner further notes that Markham tells us that the token is associated with data that specifies vehicle systems access. …Additionally, Markham teaches in  par. 0048 the following: ” The token carrying the policy may be assigned by the vehicle manufacturer. Other approaches may use a fixed policy or require the vehicle to connect back to the vehicle manufacturers via the Internet to complete an authentication and/or policy specification process. The result may be that vehicle 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature policy base access control. Utilizing policy base access control as taught by Markham above allows a system to provide comprehensive access control and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced system security. 

As to claims 2 and 16, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam expressly teach a system of claim 1, wherein the second digital document includes one or more third digital documents, the one or more third digital documents authorizing the specified access to vehicle systems of the one or more vehicle systems (i.e. ….teaches in par. 61 the following: “while sending the authorization message to the service center device 330, the computing device 310 may also instruct the autonomous vehicle 320 to provide limited access or control to enable performance of the service on the autonomous vehicle 520. For example, the autonomous vehicle 320 may be instructed to unlock the doors to allow the service provider access to inside the autonomous vehicle 320. In another example, the autonomous vehicle 320 may be instructed to open a fuel tank door or charging door so that the service provider can refuel or recharge the autonomous vehicle 320. In another example, the autonomous vehicle 320 may be instructed to allow the service provider to operate the autonomous vehicle 520 using a manual driving mode for purposes of driving to and from a service garage, etc. As a non-limiting example, the autonomous vehicle 320 may be driven within 50 yards with respect to an initial location after arriving at the service center 340.”).

As to claims 3 and 17, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam does not expressly teach a system of claim 2, wherein the first processor is further programmed to: install each of the one or more third digital documents in a respective vehicle system for which the respective third digital document authorizes the specified access.
In this instance the examiner notes the teachings of prior art reference Markham. 
Markham teaches in par. 0037 the following: “Vehicle manufacturer approved access rights for an authenticated device relative to the vehicle access port may be determined and enforced. For instance, a device may read all of the data but can only write to the body control modules that control a non-critical function such as air conditioning.”. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature policy base access control. Utilizing policy base access control as taught by Markham above allows a system to provide comprehensive access control and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced system security. 

As to claims 4 and 18, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam does not expressly teach a system of claim 3, wherein the second digital document includes a script to install at least one of the one or more third digital documents in the respective vehicle system; and the first processor is further programmed to: execute the script.
In this instance the examiner notes the teachings of prior art reference Markham. 

With regards to applicant’s claim limitation element of, “and the first processor is further programmed to: execute the script”, teaches in par. 0049 the following: “security policy in the vehicle”. The examiner notes that it the security policy will be installed on the vehicle by way of software.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature policy distribution. Utilizing policy distribution as taught by Markham above allows a system to provide comprehensive software control and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced system maintainability. 

As to claims 5 and 19, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam expressly teach a system of claim 1, wherein the specified access to the one or more vehicle systems is based on a user identifier (i.e., …teaches in par. 0044 the following: “Third parties may either access the modules using authentication credentials that provide on-going access to the module or the third party access may be based on a per transaction access where the third party pays for specific transactions that are provided and consumed.”).

As to claim 7, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam expressly teach a system of claim 1, wherein the first processor is further programmed to: transmit a request to the server prior to receiving the second 
the request including identifiers for the one or more vehicle systems and data from the first digital document (i.e., …teaches in par. 0055 the following: “The notification may indicate the particular service that is to be performed on the autonomous vehicle 320, as well as the service center 340 that has been selected to perform the service. In other words, the notification may be a request for the user to approve performance of the service at the selected service center 340”).

As to claim 8, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam expressly teach a system of claim 7, wherein the first processor is further programmed to: authenticate the second digital document based in part on the second digital document including data from the request to the server (i.e., …teaches in par. 0061 the following: “while sending the authorization message to the service center device 330, the computing device 310 may also instruct the autonomous vehicle 320 to provide limited access or control to enable performance of the service on the autonomous vehicle 520.”. The examiner notes that the instruct command (i.e., second digital document) is verified because it will be associated with a particular vehicle and particular vehicle system corresponding to the service request.).

As to claim 9, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam expressly teach a system of claim 1, further comprising the server including a second processor and a second memory, the second memory including instructions such that the second processor is programmed to: 


Ramanujam does not expressly teach:
generate the first digital document specifying the access to the one or more vehicle systems for the remote device and including the digital signature from the server; 
and transmit the first digital document to the remote device.
In this instance the examiner notes the teachings of prior art reference Markham.    
With regards to applicant’s claim limitation element of, “generate the first digital document specifying the access to the one or more vehicle systems for the remote device and including the digital signature from the server and transmit the first digital document to the remote device”, teaches in par. 0059 the following: “A policy change authorization token may be noted. The vehicle manufacturer may create a token and digitally sign it. This token may flow from the vehicle manufacturer to the accessing entity manufacturer, into an accessing entity and finally into the security module. The security module may be able to verify the digital signature applied by the vehicle manufacturer. The above noted five entities may work together during the certification process and operation as noted herein.”. The examiner notes that the Markham tells us that the token (i.e., a digital document) is signed. The examiner further notes that Markham tells us that the token is associated with data that specifies vehicle systems the vehicle system. Additionally, Markham teaches in par. 0048 the following: “ The token carrying the policy may be assigned by the vehicle manufacturer. Other approaches may use a 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature policy base access control. Utilizing policy base access control as taught by Markham above allows a system to provide comprehensive access control and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced system security. 

As to claim 10, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam expressly teach a system of claim 9, wherein the second processor is further programmed to: specify the access to the one or more vehicle systems based on at least one of a user identifier and a remote device identifier included in the message (i.e., …teaches in par. 0060 the following: “The autonomous vehicle's user may send, via the computing device 310, an authorization message to the service center device 330 to authorize the service center 340 to perform services on the autonomous vehicle 320.”. The examiner notes that the service center and devices associated with the service center will have identifiers.).

As to claim 11, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam does not expressly teach a system of claim 9, wherein the second processor is further programmed to: generate the first digital document based on determining that a user identifier in the message is included in a list of authorized user identifiers.

Markham teaches in par. 0047 the following: “The present approach may use a term “accessing entity” 73 to denote the device, application, tool service or function requesting access to a vehicle network 74. Authorized commands and data may flow between accessing entity 73 and vehicle network 74 along connection 79. The approach may allow a vehicle manufacturer to certify devices, applications and functions that communicate with the vehicle. The certification may result in a token and associated public key technology which is used to authenticate at symbol 77, via a connection 78, accessing entity 73, and determine the access rights (authorization policy) to be enforced relative to accessing entity 73. Security module (policy enforcement engine) 71 may connected to vehicle network 74 via a port 81.”. The examiner contends that the accessing entity will be associated with security credentials.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature access control authentication. Utilizing access control authentication as taught by Markham above allows a system to provide comprehensive system security and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced security. 

As to claim 12, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam does not expressly teach a system of claim 9, wherein the second processor is further programmed to: generate the first digital document based on determining that a remote device identifier in the message is included in a list of authorized remote devices.
In this instance the examiner notes the teachings of prior art reference Markham.    
Markham teaches in par. 0047 the following: “The present approach may use a term “accessing entity” 73 to denote the device, application, tool service or function requesting access to a vehicle 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature policy base access control. Utilizing policy base access control as taught by Markham above allows a system to provide comprehensive access control and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced system security. 

As to claim 13, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam does not expressly teach a system of claim 9, wherein the second processor is further programmed to: upon receiving the message from the first processor, confirm that the message includes the first digital document; 
and based on the confirmation, generate the second digital document.
In this instance the examiner notes the teachings of prior art reference Markham.    
With regards to applicant’s claim limitation element of, “wherein the second processor is further programmed to: upon receiving the message from the first processor, confirm that the message includes the first digital document”, Markham teaches in par. 0072 the following: “The accessing entity and associated authorization token may be verified by the vehicle without the need for the vehicle or accessing entity to connect to a network. The public key material and a corresponding public key 
With regards to applicant’s claim limitation element of, “and based on the confirmation, generate the second digital document”, teaches in par. 0047 the following: “Authorized commands and data may flow between accessing entity 73 and vehicle network 74 along connection 79. The approach may allow a vehicle manufacturer to certify devices, applications and functions that communicate with the vehicle. The certification may result in a token and associated public key technology which is used to authenticate at symbol 77, via a connection 78, accessing entity 73,”. Further teaches in par. 0079 the following: “… The authorization token may be only in effect while the accessing entity linked to the authorization token is connected to the vehicle access port”.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature of message acknowledgment. Utilizing message acknowledgment as taught by Markham above allows a system to provide comprehensive communication security and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced communication. 

As to claim 14, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically Ramanujam does not expressly teach a system of claim 9, wherein the second processor is further programmed to: generate a challenge response to a challenge number from one of the one or more vehicle systems in the message; and include the challenge response in the second digital document.
In this instance the examiner notes the teachings of prior art reference Markham.    

With regards to applicant’s claim limitation element of, “and include the challenge response in the second digital document”, Markham teaches in par. 0059 the following: “The security module may use the public key of the accessing entity to encrypt the random number. Public key cryptography may ensure that only the accessing entity holding the private key corresponding to the public key extracted from the X.509 certificate can decrypt the message and recover the original random number. The message containing the encrypted random number may then be sent across the vehicle access port to the accessing entity.”.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam with the teachings of Markham by including the feature policy base access control. Utilizing policy base access control as taught by Markham above allows a system to provide comprehensive access control and therefore provides the motivation in this instance to combine the references. The examiner contends that by combining the references, Ramanujam's system will obtain the capability to provide enhanced system security. 

Claims 6 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ramanujam in view of Markham as applied to claims 1 and 15 above and further in view Seaman et al. (US Patent Publication No. 2019/0066401 and Seaman hereinafter).

As to claim 6, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically neither reference expressly teach a system of claim 1, wherein the second digital document is encrypted based on a server private key; 
and the first processor is further programmed to: decrypt the second digital document based on a server public key.
In this instance the examiner notes the teachings of prior art reference Seaman.
With regards to applicant’s claim limitation element of, “wherein the second digital document is encrypted based on a server private key”, Seaman teaches in par. 43 the following: “For example, an encryption key can be used to encrypt information that is transmitted from a vehicle to a vehicle receiving station, or from a vehicle receiving station to a vehicle. Encryption keys can include public/private keys, where a public key can be used to encrypt information, and the encrypted information can be decrypted using the private key of the public-private key pair. Alternatively, information can be encrypted using a private key, and the encrypted information can be decrypted using the corresponding public key of the public-private key pair.”.  
With regards to applicant’s claim limitation element of, “and the first processor is further programmed to: decrypt the second digital document based on a server public key”, Seaman teaches in par. 43 the following: “For example, an encryption key can be used to encrypt information that is transmitted from a vehicle to a vehicle receiving station, or from a vehicle receiving station to a vehicle. Encryption keys can include public/private keys, where a public key can be used to encrypt information, and the encrypted information can be decrypted using the private key of the public-private key pair. Alternatively, information can be encrypted using a private key, and the encrypted information can be decrypted using the corresponding public key of the public-private key pair.”.  


As to claim 20, the system of Ramanujam and Markham as applied to claims 1 and 15 teaches a vehicle access control, specifically neither reference expressly teach a method of claim 15, wherein the second digital document is encrypted based on a server private key, further comprising: decrypting the second digital document based on a server public key.
In this instance the examiner notes the teachings of prior art reference Seaman.
Seaman teaches in par. 43 the following: “For example, an encryption key can be used to encrypt information that is transmitted from a vehicle to a vehicle receiving station, or from a vehicle receiving station to a vehicle. Encryption keys can include public/private keys, where a public key can be used to encrypt information, and the encrypted information can be decrypted using the private key of the public-private key pair. Alternatively, information can be encrypted using a private key, and the encrypted information can be decrypted using the corresponding public key of the public-private key pair.”.  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ramanujam and Markham with the teachings of Seaman by including the feature secure message exchange. Utilizing secure message exchange as taught by Seaman above allows a system to provide comprehensive data security and therefore provides the 
Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRYAN F WRIGHT whose telephone number is (571)270-3826.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/BRYAN F WRIGHT/Examiner, Art Unit 2497