DETAILED ACTION
Responsive to the Applicant reply filed on 02/09/2021, Applicant’s amendments to claims have been entered and respective arguments carefully considered and responded in following.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
The amendment filed 02/09/2021 has been entered. Claims 1, 8, 10, 12, 18 and 20 have been amended. Claims 1-20 remain pending in the application.

Response to Arguments
Applicants arguments, see amended claims 1, 12 and 20 and Applicant’s Remarks, Pages 6-9, regarding the newly added limitation “wherein the determining comprises comparing the unique identifier to stored information, or providing the unique identifier to a controller of the electronic device in the WLAN” were fully considered.
In response to applicant’s arguments regarding
“However, the security protocol (such as IPsec or GRE) verify the integrity or security of messages (such as packets), not the recited claim elements of determining whether the second electronic device is an instance of an authorized access point in a wireless local area network (WLAN).”

Examiner respectfully disagrees with the argument. Petry explicitly teaches, in para. 0015, that “The wireless access point may be used in a wireless local area network (WLAN) and may be compliant with 802.11”. Therefore, the arguments were not persuasive.


“However, what does authenticated mean in this regard? Table 1 includes a variety of subfields in a packet, including the IP protocol version. In the context of the disclosure in Petry et al., it does not make sense to interpret authentication of the IP protocol version or any of the other subfields as having anything to do with the recited determining operation. There are 8 other instances of the word authentication or authenticating in Petry et al. All concern the use of the aforementioned MAC hash. Therefore, in the disclosure of Petry et al., authentication is of messages, not the recited determination as to whether the second electronic device is an instance of an authorized access point in the WLAN.”

Examiner respectfully disagrees with the argument. The claim recites “a secure hash function to obtain a unique identifier”. Examiner may consider the MAC hash of the prior art as the secure hash function. In the art, hash function, for example, MAC hash algorithm, SHA-1 in the table 4, is used for file or data identifier. Hash function is used to identify files on peer-to-peer filesharing networks (See e.g., https://en.wikipedia.org/wiki/Cryptographic_hash_function, 3.5 File or data identifier). In addition, examiner further iterates that Petry also teaches “Packet processing may include decrypting an encrypted portion of a packet such as packet encapsulation format including several identifier such as TPID, VLAN identifier, WBID and other identical information such Destination Medium Access Layer Address (DMAC) and Source Medium Access Layer Address (SMAC) (the MACs correspond to the unique identifier including MAC address in para. 0059 of the current application). As stated in the previous OC, pp. 3, the information may be used to perform additional receive packet processing. Therefore, the arguments were not persuasive. However, the newly added features such as “comparing the unique identifier to stored information” or “providing the unique identifier to a controller of the electronic device” may distinguish the prior art. Upon further consideration, a new ground(s) of rejection is made in view of Morta (US 20160095037 A1). Morta teaches “the access point performs an authentication request to a WLAN authentication server as proxy for the user terminal”. Therefore, the obviousness was recognized and it was established by combining or modifying the teachings of the prior art to produce the claimed invention. Please refer to the 35 U.S.C. § 103 section below for the detailed rejection.


Conclusion: The combination of Petry and Morta discloses the aforementioned limitations of independent claims 1, 12 and 20, and render the claim limitations obvious before the effective filing date of the claimed invention.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 7, 8, 12-14, 17, 18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Petry et al. (US 20130329557 A1 hereinafter “Petry”) in view of Morta (US 20160095037 A1).
Regarding claim 1, (Currently Amended) The combination of Petry and Morta discloses an electronic device, comprising: 
an interface circuit configured to wirelessly communicate with a second electronic device, wherein the electronic device is configured to (Fig. 1, A wireless access point 100 [“electronic device”] having  116, 118 and  120 [“interface circuit”]): 
receive, at the interface circuit, a packet or frame associated with the second electronic device, wherein the packet or frame comprises an encrypted unique identifier of the second electronic device ([0002] Wireless access points, or enterprise access points (EAPs) [“electronic device”], provide wireless connections for transferring data to and receiving data from wirelessly connected equipment [“second electronic device”]; [0016] A wireless access point [“electronic device”] may receive packets [See more details ¶0020 regarding a receive path]. Packet processing may include, verifying the packet, identifying a header portion and a payload portion of a packet, decrypting an encrypted portion of a packet [“encrypted unique identifier”, See more details ¶0025-0026 regarding packet encapsulation and several identifiers in a table 1]; [0033] The security processing may include decrypting the payload portion of the packet, calculating message authentication code (MAC) hash, or both); 
decrypt the encrypted unique identifier using an encryption key or a secure hash function to obtain a unique identifier (Fig. 1, security coprocessor 106; [0016] decrypting an encrypted portion of a packet; [0033] security processing (908), the security processing may include decrypting the payload portion of the packet [corresponding the table 1 above, See ¶0025-0026], calculating message authentication code (MAC) hash, or both; [0231-0234] Public key encryption algorithm type allows a receiver to decrypt a message from a transmitter by knowing only part (the public or private part) of the key). 
Although, Petry teaches “storing specific information corresponding to the subfield”, Petry may not explicitly teach, but Morta, which is a same field of endeavor, discloses determine whether the second electronic device is an instance of an authorized access point in a wireless local area network (WLAN) based at least in part on the unique identifier, wherein the determining comprises comparing the unique identifier to stored information, or providing the unique identifier to a controller of the electronic device in the WLAN ([0103] The UE 100 [“second electronic device”] includes the WLAN MAC-ID [“unique identifier”] in a connection request and transmits it to the eNB 200 [“electronic device”]. The eNB 200, before performing offloading, transmits the WLAN MAC-ID received from the UE 100 to the AP 300 in the WLAN system. The WLAN MAC-ID is used for wireless authentication of the UE 100 in the AP 300 [“providing the unique identifier to a controller”]. Thus, when offloading is performed, wireless authentication between the UE 100 and the AP 300 can be completed promptly [“an instance of an authorized access point”]).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Petry with the teachings of Morta to provide the unique identifier to a controller of the electronic device in the WLAN. One of ordinary skill in the art would have been motivated to make this modification because a communication control method, an user terminal, a cellular base station, and an access point [or electronic device ] can be realize smooth offloading from the cellular base station to the access point (¶0012).

Regarding claim 2, (Original) the combination of Petry and Morta discloses the electronic device of claim 1, wherein the electronic device comprises an access point ([Petry: 0019] A wireless access point may include certain data paths for packets as the packets move through various components of the wireless access point).  

Regarding claim 3, (Original) the combination of Petry and Morta discloses the electronic device of claim 1, wherein the packet or frame comprises a management packet or frame ([Petry:0016] fragmenting the packet into smaller packets; [0023-0026] Packet Encapsulation Format).

Regarding claim 7, (Original) the combination of Petry and Morta discloses the electronic device of claim 1, wherein the encryption key or the secure hash function are shared by the electronic device and the second electronic device ([Petry: 0231-0234] Public key encryption algorithm type allows a receiver to decrypt a message from a transmitter by knowing only part (the public or private part) of the key).  

Regarding claim 8, (Currently Amended) the combination of Petry and Morta discloses the electronic device of claim 1, wherein, prior to receiving the packet or frame, the electronic device is configured to receive, at the interface circuit and associated with the controller, one or more of: the encryption key, the secure hashing function, the unique identifier of the second electronic device, or a unique identifier of the electronic device ([Petry: 0026] Table 1, the types of secure hash algorithm (SHA); [0031-0032] Table 2, flow descriptor, including MAC hash algorithm and encryption key. The flow descriptor provides the protocol context that the FAP 104 [“electronic device”] may use for processing the packet; [0237] a computer program product, may include a storage medium and computer readable instructions stored [“configured to receive hashing function or encryption key” prior to receiving the packet or frame] on the medium to perform operation).

Regarding claim 12, (Currently Amended) it is a non-transitory computer-readable storage medium claim that corresponds to claim 1. Therefore, the claim is rejected for at least the same reasons as the device of claim 1.

Regarding claim 13, (Original) it is a non-transitory computer-readable storage medium claim that corresponds to claim 2. Therefore, the claim is rejected for at least the same reasons as the device of claim 2.

Regarding claim 14, (Original) it is a non-transitory computer-readable storage medium claim that corresponds to claim 3. Therefore, the claim is rejected for at least the same reasons as the device of claim 3.

Regarding claim 17, (Original) it is a non-transitory computer-readable storage medium claim that corresponds to claim 7. Therefore, the claim is rejected for at least the same reasons as the device of claim 7.

Regarding claim 18, (Currently Amended) it is a non-transitory computer-readable storage medium claim that corresponds to claim 8. Therefore, the claim is rejected for at least the same reasons as the device of claim 8.

Regarding claim 20, (Currently Amended) it is a method claim that corresponds to claim 1. Therefore, the claim is rejected for at least the same reasons as the device of claim 1.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 4, 5, 9, 10, 15 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Petry et al. (US 20130329557 A1) in view of Morta (US 20160095037 A1) as applied to claim 1, further in view of CHEN et al. (US 20160173470 A1 hereinafter “Chen”).
Regarding claim 4, (Original) the combination of Petry and Morta teaches all features of the method of claim 3 except “the encrypted unique identifier is included in a manufacturer-specific information element in the management packet or frame.”
[0040] the device ID of the communication circuitry 160 includes …, or manufacturer identification information  of the communication circuitry 160. the device ID is stored in an encrypted portion of the authentication file of the set of authentication information; [0038] The communication circuitry 160 includes a receiving circuit (not shown), a transmitting circuit (not shown), a baseband circuit (not shown), and the like, to enable wireless communication with the wireless stations 115 [“packet or frame having a manufacturer-specific information element”]).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Petry and Morta with the teachings of Chen to include the encrypted unique identifier that is included in a manufacturer-specific information element in the management packet or frame. One of ordinary skill in the art would have been motivated to make this modification because the device ID is stored in an encrypted portion of the authentication file of the set of authentication information (¶0040). The authentication file of the set of authentication information is predetermined and pre-recorded in the storage device by a manufacture of the wireless device (¶0089). Therefore, it may enhance information security by confidentiality from manufacture.

Regarding claim 5, (Original) the combination of Petry and Morta may not explicitly teach, but Chen, which is a same field of endeavor, discloses the electronic device of claim 1, wherein the unique identifier comprises one of: a media access control (MAC) address of the second electronic device, a Serial Number of the second electronic device, an association identifier (AID) of the second electronic device, channel information of the second electronic device, or a radio-frequency configuration of the second electronic device ([0040] the device ID of the communication circuitry 160 includes an International Mobile Equipment Identity (IMEI) number, a Media Access Control (MAC) address, a chip serial number, a chip model number, or manufacturer identification information of the communication circuitry 160).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Petry and Morta with the teachings of Chen to include an International Mobile Equipment Identity (IMEI) number, a Media Access Control (MAC) address, a chip serial number, a chip model number, or manufacturer identification information of the communication circuitry. One of ordinary skill in the art would have been motivated to make this modification because the device ID can be stored in an encrypted portion of the authentication file of the set of authentication information (¶0040). The authentication file of the set of authentication information is predetermined and pre-recorded in the storage device by a manufacture of the wireless device (¶0089). Therefore, it may enhance information security by confidentiality from manufacture.

Regarding claim 9, (Original) the combination of Petry and Morta may not explicitly teach, but Chen, which is a same field of endeavor, discloses the electronic device of claim 1, wherein, when the second electronic device is not the instance of the authorized access point, the electronic device is configured to perform a remedial action ([0053] the server 180 informs the authentication system 170 that the wireless device 120 is not authorized by sending an error message to the wireless device 120).
According to paragraph 0011 of the current application and claim 10 below, the remedial action is providing a message (such as an alert) to the controller and/or to one or more additional access points in the WLAN.
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Petry and Morta with the teachings of Chen to include a remedial action when the second electronic device is not the instance of the authorized access point. One of the error message indicates that the wireless device is not authorized (¶0075). Therefore, it may enhance information security by integrity, and availability.

Regarding claim 10, (Currently Amended) the combination of Petry and Morta may not explicitly teach, but Chen, which is a same field of endeavor, discloses the electronic device of claim 9, wherein the remedial action comprises one or more of: providing a message addressed to the controller; providing a second message addressed to one or more additional access points in the WLAN; providing a third message addressed to a third electronic device that is associated with the second electronic device; de-authenticating the third electronic device from the WLAN, so that an association between the third electronic device and the second electronic device is discontinued; changing a channel used by the electronic device in the WLAN; changing a service set identifier (SSID) of the electronic device; or preventing the third electronic device from associating with the second electronic device ([0053] the server 180 informs the authentication system 170 that the wireless device 120 is not authorized by sending an error message to the wireless device 120 [“providing a second message”]).

Regarding claim 15, (Original) it is a non-transitory computer-readable storage medium claim that corresponds to claim 4. Therefore, the claim is rejected for at least the same reasons as the device of claim 4.

Regarding claim 19, (Original) it is a non-transitory computer-readable storage medium claim that corresponds to claim 9. Therefore, the claim is rejected for at least the same reasons as the device of claim 9.


Claims 6 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Petry et al. (US 20130329557 A1) in view of Morta (US 20160095037 A1) as applied to claim 1, further in view of Becker et al. (US 20200351101 A1 hereinafter “Becker”).
Regarding claim 6, (Original) the combination of Petry and Morta may not explicitly teach, but Becker, which is a same field of endeavor, discloses the electronic device of claim 1, wherein the second electronic device is an instance of an authorized access point when the unique identifier is associated with a manufacturer of the electronic device ([0030] a device manufacturer can place this information into a predetermined format that can be implemented into the manufacturing process. A hash value can then be produced based on this data, and that hash value can then be used to uniquely identify that particular device; [0057] As depicted in FIG. 5, once a device is in the field and communicating over the network (e.g., network node 106 [“electronic device”]), then the IoT devices (e.g., UE 102, 104, IoT 502, 504, etc. [“second electronic device”]) can then send back the hash value, associated with the device, which was collected at the certification start [“authorized”]).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by the combination of Petry and Morta with the teachings of Becker to include the second electronic device that is an instance of an authorized access point when the unique identifier is associated with a manufacturer of the electronic device. One of ordinary skill in the art would have been motivated to make this modification because an IoT device [or electronic device] can be identified and a device manufacturer can place this information into a predetermined format that can be implemented into the manufacturing process. A hash value can then be produced based on this data [or manufacturer information], and that hash value can then be used to uniquely identify that particular device (¶0030). Therefore, it may enhance information security by confidentiality from manufacture.

Regarding claim 16, (Original) it is a non-transitory computer-readable storage medium claim that corresponds to claim 6. Therefore, the claim is rejected for at least the same reasons as the device of claim 6.


Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Petry et al. (US 20130329557 A1) in view of Morta (US 20160095037 A1) as applied to claim 1, further in view of TALWAR et al. (US 20210282018 A1 hereinafter “Talwar”).
Regarding claim 11, (Original) the combination of Petry and Morta may not explicitly teach, but Talwar, which is a same field of endeavor, discloses the electronic device of claim 1, wherein the electronic device is configured to determine a location of the second electronic device; and wherein determining whether the second electronic device is the instance of an authorized access point is based at least in part on the location ([0042] the inclusion of the identity-and-authentication system 101, which interfaces with one or more telecommunication provider server systems 120 having access to an access point 107, which can include communication infrastructure through which the mobile device 102 accesses the data network 106, can allow for detecting the true geographic location of a mobile device (e.g., by pinging the mobile device 102 from a particular cell tower, by identifying the location of a router or an access point connecting the mobile device 102 to a network, etc.; [0063] This detection can include, for example, using an access point 107 of a data network managed by the telecommunication provider server system 120 to identify the location of the mobile device 102).
At the time of filing, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Petry and Morta with the teachings of Talwar to include the a device location, which is provided to the identification-and-authentication system by a telecommunication provider, can be validated in any suitable manner (¶0018). Therefore, it may enhance information security by integrity, and availability.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
• Kurihara (US 20190306338 A1): INFORMATION PROCESSING APPARATUS, METHOD OF CONTROLLING INFORMATION PROCESSING APPARATUS, AND PROGRAM: [0076] the mobile terminal 100 can request a response from a device having specific identification information, such as identification information about the manufacturer of the device, using a search command. For example, in a case in which a search command for searching for a device having the identifier of a specific manufacturer is transmitted, a device located on the LAN and having identification information indicating the manufacturer of the device can respond to the search command transmission source.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW SUH whose telephone number is (571)270-5524. The examiner can normally be reached 9:00 AM- 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/A.S./               Examiner, Art Unit 2493       

/CARL G COLIN/               Supervisory Patent Examiner, Art Unit 2493