DETAILED ACTION
This Office Action is in response to the application 16/984,200 filed on 08/04/2020.
Claims 1-8 have been examined and are pending.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  This Action is made Non-FINAL.
Priority
The present application claim priority to Japan Patent Application No. 2019-165021, filed Sept. 11, 2019. 
Information Disclosure Statement
The information disclosure statements (IDS) submitted on 08/04/2020 and 03/24/2021 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements have been considered by the examiner.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 1 and 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. These claims recite “obtaining…the at least one long-term protected resource from the device.” The phrase lacks antecedent basis and the Specification (e.g., FIG .2 and pars. [0025], which has a “Communication Apparatus (User)”, “Communication Apparatus (Verifier), and “Communication Apparatus (Issuer)”) is unclear as to the identity of the specific “the device.” Correction is required. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically discloses as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 4, and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Stahl (“Stahl,” US 20160373418, published Dec. 22, 2016) in view of Benzler (“Benzler,” US 20020162000, published Oct. 31, 2002). 
Regarding claim 1, Stahl discloses: a non-transitory computer-readable storage medium storing a program that causes a processing included in a communication apparatus to execute a process, the process comprising (Stahl [0113]. Aspects of the disclosure [ ] can be implemented by computer program instructions, which instructions can be stored in a computer-readable memory, and also loaded onto a computer or other programmable data processing apparatus. Such computer program instructions can be provided to a processor of a general purpose computer [] such that the instructions, which execute via the processor of the computer and/or other programmable data processing apparatus.):  
issuing a credential that is used by a user of another communication apparatus (Stahl FIG. 3, [0069]. The method 300 is for securely providing a credential to a wireless device 60 [i.e., “cryptographic material that contributes in establishing an identity of a party to a communication,” see [0039]]. According to some aspects, the method 300 further comprises generating S311a a server nonce and/or the server nonce encrypted using the device public key.); 
storing identification information of the credential in association with a second key (Stahl [0072]. For example, the device identifier corresponds to the hash of the public key in RPK format. The server 70 holds in the memory unit 73 a list comprising for each wireless device, a device public key identified with a device identifier. [V]erifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server.) 
that is usable for decrypting information encrypted with a first key 10that is used by the another communication apparatus for encryption (Stahl[0070]-[0072]. [T]he DAI indicator [sent by the wireless device] comprises a digital signature computed based on the device private key. For example, verifying S313 the received authentication response comprises verifying the DAI indicator using the device public key, such as verifying a digital signature and/or a MAC. [T]he authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server. [Note that the digital signature can be generated from the server nonce, see [0048].]); and  
when signature information [attached to an inquiry message] (Stahl [0070]-[0072]. The method 300 comprises receiving S312 an authentication response from the wireless device 60. The authentication response comprises [a DAI, which comprises] a digital signature computed based on the device private key.) 
inquiring whether a credential identified by the identification information is valid is decryptable with the second key (Stahl [0072]-[0073]. For example, verifying S313 the received authentication response comprises verifying the DAI indicator [signature generated from the server nonce, see [0048]] using the device public key. [U]pon successful verification of the authentication response, generating S314 a server authentication and integrity, SAI, indicator based on the device public key. The SAI indicator permits the wireless device 60 to authenticate the server 70 and to verify the integrity of the credential message [i.e., as a part of mutual authentication between the wireless device and the server].),   
transmitting information representing whether the credential identified by the identification information is valid to the another 15communication apparatus (Stahl [0054], [0073]. According to some aspects, [the] server 70 carries out an authentication of the wireless device 60 based on the authentication response and the DAI indicator, and sends back to the wireless device 60 a validation confirmation if the server has successfully authenticated the wireless device 60 or a validation error otherwise. The method 300 comprises, upon successful verification of the authentication response, generating S314 a server authentication and integrity, SAI, indicator based on the device public key. The SAI indicator provides a proof of the server's possession of the device public key.).  
Stahl does not explicitly disclose: signature information attached to an inquiry message. 
However, in an analogous art, Benzler discloses signature information attached to an inquiry message (Benzler [0027]. Everyone getting sight of the text has the opportunity to check its integrity and authenticity in the following way: the signature is transmitted by telephone, by fax or via the Internet, to an autonomous module which is set up apart and generally accessible, and in which the three interrelated numbers of the signature are analyzed. As the result of this examination [ ] the module transmits a message to the sender of the inquiry, either “signature valid” or “signature invalid”.).  
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Benzler with Stahl and to include: signature information attached to an inquiry message, to provide users with a means for inquiring whether an electronic signature with interrelated values are valid.  (See Benzler [0027].)
Regarding claim 3, Stahl and Benzler disclose the non-transitory computer-readable storage medium of claim 1. Stahl further discloses: 
wherein the [inquiry] message contains a first value that is different from one 30inquiry message to another (Stahl [0048]. The method 200 comprises generating S2 a device authentication and integrity, DAI, indicator. The DAI indicator refers herein to data that allows the server 70 to authenticate the wireless device 60 and to verify the integrity of the credential message. [T]he step of generating S2 the DAI indicator comprises generating S21 a digital signature over the server nonce using the device private key.  As used herein the term “nonce” refers to an arbitrary number used only once in a cryptographic communication.), 33Fujitsu Ref. No.: 19-00703 
other identification information and a second value is contained in decrypted data obtained by decrypting the signature information with the second key (Stahl [0051], [0071] – [0072]. For example, verifying S313 the received authentication response comprises verifying the DAI indicator using the device public key, such as verifying a digital signature and/or a MAC. The step of verifying S313 the received authentication response comprises identifying S313a the device public key corresponding to the device identifier which is the public key to be used in the verification of the DAI. According to Some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server. ) , and 
the program causing the communication apparatus to perform processes 5of: when the identification information contained in the inquiry message and the other identification information coincide and the second value and the first value coincide, determining that the signature information is decryptable using the second key (Stahl [0071] – [0072]. The method 300 comprises verifying S313 the received authentication response using the DAI indicator and the device public key. For example, verifying S313 the received authentication response comprises verifying the DAI indicator using the device public key, such as verifying a digital signature and/or a MAC. According to some aspects, the DAI indicator comprises a digital signature and/or a MAC, and verifying S313 the received authentication response comprises verifying S313 b the digital signature and/or the MAC using the device public key. The step of verifying S313 the received authentication response comprises identifying S313 a the device public key corresponding to the device identifier which is the public key to be used in the verification of the DAI. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server.); and 
10notifying the another communication apparatus of information in which information representing whether a credential identified by the identification information is valid and the first value are associated with each other (Stahl [0073], [0078]. The method 300 comprises, upon successful verification of the authentication response, generating S314 a server authentication and integrity, SAI, indicator based on the device public key. The method 300 comprises transmitting S315 a credential message to the wireless device 60. The credential message comprises the generated SAI indicator.). 
Benzler discloses an inquiry message (Benzler [0027]. Everyone getting sight of the text has the opportunity to check its integrity and authenticity in the following way: the signature is transmitted by telephone, by fax or via the Internet, to an autonomous module which is set up apart and generally accessible, and in which the three interrelated numbers of the signature are analyzed. As the result of this examination [ ] the module transmits a message to the sender of the inquiry, either “signature valid” or “signature invalid”.)
The motivation is the same as that of claim 1 above. 
Regarding claim 4, Stahl and Benzler disclose the non-transitory computer-readable storage medium of claim 1. Stahl further discloses wherein the communication apparatus does not notify the another communication apparatus of information representing whether a credential identified by the identification information is valid when the signature information is not decryptable with the second key associated with the identification 20information (Stahl [0071], [0073]. The method 300 comprises verifying S313 the received authentication response using the DAI indicator and the device public key. For example, verifying S313 the received authentication response comprises verifying the DAI indicator using the device public key, such as verifying a digital signature and/or a MAC. According to some aspects, the DAI indicator comprises a digital signature and/or a MAC, and verifying S313 the received authentication response comprises verifying S313 b the digital signature and/or the MAC using the device public key. The method 300 comprises, upon successful verification of the authentication response, generating S314 a server authentication and integrity, SAI, indicator based on the device public key. [Only successful verification may result in a transmission of SAI indicator message. See [0078]]. ).
Regarding claim 8, claim 8 is directed to a device corresponding to the non-transitory computer-readable storage medium of claim 1. Claim 8 is similar in scope to claim 1 and is therefore rejected under similar rationale. 
Claims 2, 5, 6 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over Stahl (“Stahl,” US 20160373418, published Dec. 22, 2016) in view of Benzler (“Benzler,” US 20020162000, published Oct. 31, 2002) and Wang (“Wang,” US 20190363889, filed Dec. 16, 2016). 
Regarding claim 2, Stahl discloses the non-transitory computer-readable storage medium of claim 1. Stahl further discloses
wherein other identification information is contained in decrypted data obtained 20by decrypting the signature information with the second key, and the communication program causes the [second] communication apparatus to perform a process of (Stahl [0071] – [0072]. The method 300 comprises verifying S313 the received authentication response using the DAI indicator [which includes a digital signature and/or MAC] and the device public key. The step of verifying S313 the received authentication response comprises identifying S313 a the device public key corresponding to the device identifier which is the public key to be used in the verification of the DAI. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server.): 
when the identification information contained in the [inquiry] message and the other identification information coincide, determining that the signature 25information is decryptable with the second key (Stahl  [0072]. The step of verifying S313 the received authentication response comprises identifying S313 a the device public key corresponding to the device identifier which is the public key to be used in the verification of the DAI. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server.)
Benzler further discloses inquiry message (Benzler [0027]. As the result of this examination [ ] the module transmits a message to the sender of the inquiry, either “signature valid” or “signature invalid”.). 
Stahl and Benzler do not explicitly disclose: the communication program causes the second communication apparatus to perform a process of. 
However, in an analogous art, Wang discloses the communication program causes the second communication apparatus to perform a process of (Wang FIG. 4, [0094]. Processing server may then send a verification request S412 to distributed verification network 450 , in which one or more of the nodes of distributed verification network 450 is asked to verify at least a portion of the interaction records in the electronic record ( and optionally signatures appended to any interaction records ) .). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Wang with the teachings of Stahl and Benzler to include: a second communication apparatus, to provide users with a means for utilizing a distributed network of validating nodes to verify digital signature associated with transactions. (See Wang [0094].)
Regarding claim 5, Sthal discloses A non-transitory computer-readable storage medium storing a program that causes a processor included in a communication apparatus to execute a process, the process comprising (Stahl [0113]. Aspects of the disclosure [ ] can be implemented by computer program instructions, which instructions can be stored in a computer-readable memory, and also loaded onto a computer or other programmable data processing apparatus. Such computer program instructions can be provided to a processor of a general purpose computer [] such that the instructions, which execute via the processor of the computer and/or other programmable data processing apparatus.): 25
acquiring a credential (Stahl FIG. 3, [0069]. The method 300 is for securely providing a credential to a wireless device 60 [i.e., “cryptographic material that contributes in establishing an identity of a party to a communication,” see [0039]]. According to some aspects, the method 300 further comprises generating S311a a server nonce and/or the server nonce encrypted using the device public key.)
to be used for applying for use of the service from a first communication apparatus configured to acquire a second key that is capable of decrypting information encrypted by the communication apparatus using a first key (Stahl [0051], [0071] – [0072]. For example, verifying S313 the received authentication response [from the wireless device] comprises verifying the DAI indicator using the device public key, such as verifying a digital signature and/or a MAC. The step of verifying S313 the received authentication response comprises identifying S313a the device public key corresponding to the device identifier which is the public key to be used in the verification of the DAI. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server. [Note that in par. [0048], the digital signature can be generated from the server nonce using the device private key.]); 
Stahl [0070]-[0072]. The method 300 comprises receiving S312 an authentication response from the wireless device 60. The authentication response comprises a device authentication and integrity, DAI, indicator.  DAI indicator comprises a digital signature computed based on the device private key, and/or a message authentication code, MAC.  For example, verifying S313 the received authentication response comprises verifying the DAI indicator using the device public key, such as verifying a digital signature and/or a MAC. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server. [Note that the digital signature can be generated from the server nonce, see [0048].]); and 
5when a notification message that gives notice of the validity of a credential identified by the identification information is received, transmitting the notification message to the [second] communication apparatus (Stahl [0054], [0073]. According to some aspects, [the] server 70 carries out an authentication of the wireless device 60 based on the authentication response and the DAI indicator, and sends back to the wireless device 60 a validation confirmation if the server has successfully authenticated the wireless device 60 or a validation error otherwise. The method 300 comprises, upon successful verification of the authentication response, generating S314 a server authentication and integrity, SAI, indicator based on the device public key. The SAI indicator provides a proof of the server's possession of the device public key.).

However, in an analogous art, Benzler discloses when an inquiry message that contains identification information of the credential and inquires the validity of the credential is received (Benzler [0026] – [0027]. The first number K of the tripartite electronic signature I is a token characterizing the signer of the text which may be deduced for instance from his/her name. The second number, the seal S, guarantees the integrity of the text. S is calculated from all the characters of the text and their disposition, by means of a one-way algorithm, which is generally accessible. The third number U is called signature proof and identifies the signer. As the result of this examination [ ] the module transmits a message to the sender of the inquiry, either “signature valid” or “signature invalid”. ). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Benzler with Stahl and to include: signature information attached to an inquiry message, to provide users with a means for inquiring whether an electronic signature with interrelated values are valid.  (See Benzler [0027].)
Stahl and Benzler do not explicitly disclose: transmitting the credential to a second communication apparatus that 30provides the service; 34Fujitsu Ref. No.: 19-00703 transmitting the notification message to the second communication apparatus. 
However, in an analogous art, Wang discloses transmitting the credential to a second communication apparatus that 30provides the service (Wang [0090]-[0091]. Once the cryptogram is received by access device 403 in S408, access device 430 or a resource provider computer coupled to access device 430 may generate an authorization request message comprising the cryptogram and clear text data. Access device 430 may send the authorization request message to processing server computer 440 for processing in S409.); 34Fujitsu Ref. No.: 19-00703 
transmitting the notification message to the second communication apparatus (Wang [0098], [0100]. Authorizing computer 460 may send the result of authorization ( e.g. approval or decline ) in an authorization response message to processing server computer 440 in S415. According to one embodiment, the authorization response message may be forwarded to access device 430 in S416a. The access device 430 may then display and / or or transmit the authorization response message to endpoint device 410 in S417a. Application server 420 may also update the state of the limited - use parameters associated with the LUK . Application server 420 may then submit an updated LUK and / or limited - use parameters and authorization result to endpoint device 410 in an authorization response message S417b.). 
Therefore, it would have been obvious to one of ordinary skill in the art on or before the effective filing date of the claimed invention to combine the teachings of Wang with the teachings of Stahl and Benzler to include: transmitting the notification message to the second communication apparatus, to provide users with a means for providing and updating limited use passwords (LUKs) for user devices. (See Wang [0100].)
Regarding claim 6, Stahl, Benzler and Wang disclose the non-transitory computer readable medium of claim 5. Stahl further discloses 
Stahl [0054], [0073]. According to some aspects, [the] server 70 carries out an authentication of the wireless device 60 based on the authentication response and the DAI indicator, and sends back to the wireless device 60 a validation confirmation if the server has successfully authenticated the wireless device 60 or a validation error otherwise. The method 300 comprises, upon successful verification of the authentication response [comprising the DAI], generating S314 a server authentication and integrity, SAI, indicator based on the device public key. The SAI indicator provides a proof of the server's possession of the device public key.), 
determining whether first identification information that identifies a credential of which the validity has been provided by the notification message and second identification information that identifies a credential of which the 15validity has been inquired by the [inquiry] message (Stahl FIG.3, [0080], [0092]. For example, the server generates a digital signature, as SAI indicator, of a concatenation of a server nonce, a device nonce, a device public key and a server public key, and sends the digital signature in the credential message. The processor 61 is configured to verify the received credential message using the device public key. Hence, according to some aspects, the processor 61 comprises a verifier 65 configured to verify the received credential message using the device public key. For example, processor 61 is configured to verify by authenticating a sender of the credential message, i.e. the server 70, and/or by verifying integrity of the credential message, i.e. verifying that the credential message has not been tampered with.);
Stahl FIG. 3, [0072]. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server.). 
Benzler further discloses inquiry message (Benzler [0027]. As the result of this examination [ ] the module transmits a message to the sender of the inquiry, either “signature valid” or “signature invalid”.). 
Wang further discloses transmitting the notification message to the second communication apparatus (Wang FIG. 4, [0100]. According to one embodiment, the authorization response message may be forwarded to access device 430 in S416 a. In another embodiment, the authorization response message may be sent to application server 420 in S416 b. Application server 420 may then submit an updated LUK and/or limited-use parameters and authorization result to endpoint device 410 in an authorization response message S417 b. Endpoint device 410 may then display the authorization result to user 401 and replenish the LUK and limited-use parameters stored on the device.).
The motivation is the same as that of claim 5 above. 
Regarding claim 7, Stahl, Benzler and Wang and disclose the non-transitory computer readable medium of claim 6. Stahl further discloses wherein the inquiry message contains a first value that is different from one inquiry message to another, the program causing the communication apparatus to perform processes 25of  (Stahl [0048]. The method 200 comprises generating S2 a device authentication and integrity, DAI, indicator. The DAI indicator refers herein to data that allows the server 70 to authenticate the wireless device 60 and to verify the integrity of the credential message. According to some aspects, the DAI indicator comprises a digital signature computed based on the device private key, and/or a message authentication code computed based on the device public key. According to some aspects, the authentication request comprises a server nonce; and the step of generating S2 the DAI indicator comprises generating S21 a digital signature over the server nonce using the device private key and/or a message authentication code over the server nonce using the device public key.  As used herein the term “nonce” refers to an arbitrary number used only once in a cryptographic communication.): 
when the notification message is received from the first communication apparatus, further determining whether the first value and a second value contained in the notification message coincide (Stahl FIG.3, [0069], [0072]. According to some aspects, the method 300 further comprises generating S311a a server nonce and/or the server nonce encrypted using the device public key or a key derived from the public key. The authentication request comprises the server nonce and/or the encrypted server nonce. The step of verifying S313 the received authentication response comprises identifying S313 a the device public key corresponding to the device identifier which is the public key to be used in the verification of the DAI. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server.); and 35Fujitsu Ref. No.: 19-00703 
Stahl FIG. 3, [0072]. According to some aspects, the authentication response comprises a decrypted version of server nonce, and verifying S313 the received authentication response comprises verifying that the decrypted version of server nonce matches the server nonce generated by the server.). 
Wang further discloses transmitting the notification message to the second communication apparatus (Wang FIG. 4, [0100]. According to one embodiment, the authorization response message may be forwarded to access device 430 in S416 a. In another embodiment, the authorization response message may be sent to application server 420 in S416 b. Application server 420 may then submit an updated LUK and/or limited-use parameters and authorization result to endpoint device 410 in an authorization response message S417 b. Endpoint device 410 may then display the authorization result to user 401 and replenish the LUK and limited-use parameters stored on the device.).
The motivation is the same as that of claim 6 above. 




Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD LONG whose telephone number is (571)272-8961.  The examiner can normally be reached on Monday to Friday, 9 AM - 6  PM EST (Alternate Fridays).
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/EDWARD LONG/
Examiner, Art Unit 2439


/LUU T PHAM/            Supervisory Patent Examiner, Art Unit 2439