DETAILED ACTION
Response to Amendment
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in reply to papers filed on 2022-01-12. Claims 1-5, 9-11, 13, 15-18 are pending, following Applicant's cancellation of claims 6-8, 12, 14, 19-20.  Claims 1, 9, 10, 16 is/are independent.
The objections to informalities in the claims are withdrawn in view of Applicant’s amendments.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).

Response to Arguments
Applicant's arguments have been fully considered but they are not persuasive.
With respect to claim(s) 1 (see page(s) 9 of Applicant’s Remarks), Applicant argues that the prior art of record (in particular, U.S. Publication 20170201383 to Kim (hereinafter "Kim '383")) does not disclose certain features of claim 1 (emphasis added):
determining, by the management device, whether the certificate is valid by comparing first hash data related to pre-stored certificate information with second hash data related to the certificate; and establishing a protected communication session with the device in response to the certificate being determined to be valid,
wherein based on at least a portion of the second device information being included in the device binding information, the device binding information is generated based on the second device information, and
first hash data matching the second hash data, the certificate is determined as valid.
However, Kim '383 teaches multifactor authentication of a certificate [Kim '383 ¶ 0019, 0043] (i) to validate that the certificate itself is known to the management system [Kim '383 ¶ 0087-0088, Fig. 6] and (ii) to verify that the end entity presenting the certificate is the subject of the certificate [Kim '383 ¶ 0036, 0074-0076, 0089-0092, Fig. 6].  Kim '383 teaches using for these purposes identifiers that are plain, hashed, encrypted, or otherwise obscured  [Kim '383 ¶ 0043-0044, 0046].  Kim '383 teaches binding device identifiers to the certificate, e.g. by cryptographic signatures over the certificate [Kim '383 ¶ 0029, 0100].  Finally, Kim '383 teaches establishing secure communications channels responsive to successful multi-factor authentication of the certificates and end entities [Kim '383 ¶ 0037, 0076, 0080-0081, Fig. 6].  Accordingly, Applicant's arguments are unpersuasive.
With respect to claim(s) 9 and 16 (see page(s) 9-10 of Applicant’s Remarks), Applicant argues that these claims overcome the rejections based on the features asserted with respect to claim 1.  However, Examiner notes that unlike claim 1, claim 9 lacks the feature of checking whether the certificate's device binding information generated from the first device information matches current device binding information generated from the currently received second device information.  Claim 16 likewise lacks this feature of claim 1.  Examiner notes that claim 9 also lacks claim 1's feature of establishing a communication session.  Accordingly, arguments based on these features will not be fully applicable to these claims.
Applicant’s arguments with respect to the remaining claim(s) is/are based on Applicant’s arguments with respect to claim(s) 1 and have been considered as detailed above.

Information Disclosure Statement PTO-1449
The Information Disclosure Statement(s) submitted by applicant on 2022-01-12 has/have been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.  Examiner notes that certain foreign language documents listed were not considered because contrary to 37 C.F.R. 1.98(a)(3) neither a concise explanation of the relevance nor an English language translation thereof was provided.  See MPEP 609.04(a).

Summary of Claim Rejections under 35 U.S.C.  § 102 and § 103
The following table summarizes the rejections set forth in detail below of the claims over the prior art.

Claim No.
Kim '383 
Kim '383 in view of Cohen '700 
Kim '383 in view of Cohen '700 in view of Brinskelle '448
1
[Wingdings font/0xFC]


2
[Wingdings font/0xFC]


3
[Wingdings font/0xFC]


4
[Wingdings font/0xFC]


5
[Wingdings font/0xFC]


9

[Wingdings font/0xFC]

10

[Wingdings font/0xFC]

11

[Wingdings font/0xFC]

13


[Wingdings font/0xFC]
15


[Wingdings font/0xFC]
16

[Wingdings font/0xFC]

17

[Wingdings font/0xFC]

18

[Wingdings font/0xFC]



Claim Rejections - 35 U.S.C. § 102
The following is a quotation of the appropriate paragraphs of AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim(s) 1-5 is/are rejected under 35 U.S.C. § 102   as being anticipated by U.S. Publication 20170201383 to Kim (hereinafter "Kim '383").  Kim '383 is prior art to the claims under 35 U.S.C. § 102(a)(1) and 35 U.S.C. § 102(a)(2).
Per claim 1 (independent):
Kim '383 discloses a device authentication method (end device 110 is authenticated via network [Kim '383 ¶ 0021, 0047, Fig. 1B]; uses multifactor authentication to authenticate certificate and to authenticate entity using it [Kim '383 ¶ 0019, 0043])
Kim '383 discloses connecting to a device through a network (device sends certificate including device identifiers [Kim '383 ¶ 0079-0086, Fig. 6]; device identifiers [Kim '383 ¶ 0022, 0029, 0036]; hashed device identifiers in certificate [Kim '383 ¶ 0089-0092, 0036, 0074-0076, Fig. 6])
Kim '383 discloses receiving, from the device, a certificate of the device comprising device binding information about the device (matches device identifiers in certificate against reference device identifiers received from device in protocol traffic [Kim '383 ¶ 0036, 0074-0076, Fig. 6]; matches hashed device identifiers in certificate against 
Kim '383 discloses the device binding information comprising first device information associated with the device binding information (matches device identifiers in certificate against reference device identifiers received from device in protocol traffic [Kim '383 ¶ 0036, 0074-0076, Fig. 6]; matches hashed device identifiers in certificate against reference hashed device identifiers received from device in protocol traffic [Kim '383 ¶ 0089-0092, 0036, 0074-0076, Fig. 6]; signature binds certificate to device [Kim '383 ¶ 0029, 0100])
Kim '383 discloses transmitting, to the device, a request message for requesting second device information about the device when a management device does not store the second device information in a storage of the management device (sends protocol messages to device and receives responses including device identifiers [Kim '383 ¶ 0036, 0074-0076, Fig. 6]; sends protocol messages to device and receives responses including hashed device identifiers [Kim '383 ¶ 0089-0092, 0036, 0074-0076, Fig. 6]; authentication request [Kim '383 ¶ 0038, 0079])
Kim '383 discloses receiving, from the device, the second device information in response to the request message (sends protocol messages to device and receives responses including device identifiers [Kim '383 ¶ 0036, 0074-0076, Fig. 6]; sends protocol messages to device and receives responses including hashed device identifiers [Kim '383 ¶ 0089-0092, 0036, 0074-0076, Fig. 6]; authentication request [Kim '383 ¶ 0038, 0079])
Kim '383 discloses determining, by the management device, whether device binding information included in the certificate is generated based on the second device information (matches device identifiers in certificate against reference device identifiers received from device in protocol traffic [Kim '383 ¶ 0036, 0074-0076, Fig. 6]; matches hashed device identifiers in certificate against reference hashed device identifiers received from device in protocol traffic [Kim '383 ¶ 0089-0092, 0036, 0074-0076, Fig. 6]; signature binds certificate to device [Kim '383 ¶ 0029, 0100])
Kim '383 discloses determining, by the management device, whether the certificate is valid by comparing first hash data related to pre-stored certificate information with second hash data related to the certificate (matches hashed device identifiers in certificate against reference hashed device identifiers from management database [Kim '383 ¶ 0087-0088, Fig. 6])
Kim '383 discloses establishing a protected communication session with the device in response to the certificate being determined to be valid (if certificate matches, establishes SSL/TLS session [Kim '383 ¶ 0037, 0076, 0080-0081, Fig. 6])
Kim '383 discloses based on at least a portion of the second device information being included in the device binding information, the device binding information is generated based on the second device information (uses multifactor authentication to authenticate certificate and to authenticate entity using it [Kim '383 ¶ 0019, 0043]; 
Kim '383 discloses based on the first hash data matching the second hash data, the certificate is determined as valid (uses multifactor authentication to authenticate certificate and to authenticate entity using it [Kim '383 ¶ 0019, 0043]; matches hashed device identifiers in certificate against reference hashed device identifiers from management database [Kim '383 ¶ 0087-0088, Fig. 6])
Per claim 2 (dependent on claim 1):
Kim '383 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference
Kim '383 discloses the first device information and the second device information represent identification information about the device for identifying the device from other devices (device sends certificate including device identifiers [Kim '383 ¶ 0079-0086, Fig. 6]; device identifiers [Kim '383 ¶ 0022, 0029, 0036]; matches device identifiers in certificate against reference device identifiers received from device in protocol traffic [Kim '383 ¶ 0036, 0074-0076, Fig. 6]; matches hashed device identifiers in certificate against reference hashed device identifiers received from device in protocol traffic [Kim '383 ¶ 0089-0092, 0036, 0074-0076, Fig. 6])
Per claim 3 (dependent on claim 2):
Kim '383 discloses the elements detailed in the rejection of claim 3 above, incorporated herein by reference
Kim '383 discloses the device binding information represents that the certificate has been issued for the device identified by the first device information (signature binds certificate to device [Kim '383 ¶ 0029, 0100]; device identifiers [Kim '383 ¶ 0022, 0029, 0036])
Per claim 4 (dependent on claim 3):
Kim '383 discloses the elements detailed in the rejection of claim 3 above, incorporated herein by reference
Kim '383 discloses the second device information comprises at least a part of a Medium Access Control (MAC) address of a communication interface included in the device (cert contains MAC address of device [Kim '383 ¶ 0022])
Per claim 5 (dependent on claim 4):
Kim '383 discloses the elements detailed in the rejection of claim 4 above, incorporated herein by reference
Kim '383 discloses the second device information comprises information about a component constituting the device (signature binds certificate to device [Kim '383 ¶ 0029, 0100]; device identifiers [Kim '383 ¶ 0022, 0029, 0036])

Claim Rejections - 35 U.S.C. § 103
The following is a quotation of AIA  35 U.S.C. 103 that forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. § 103(a) are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 9-11, 16-18 is/are rejected under 35 U.S.C. § 103  as being unpatentable over Kim '383 in view of U.S. Publication 20170034700 to Cohen et al. (hereinafter "Cohen '700").  Cohen '700 is prior art to the claims under 35 U.S.C. § 102(a)(1) and 35 U.S.C. § 102(a)(2).
Per claim 9 (independent):
Kim '383 does not disclose a camera authentication method
However, Kim '383 discloses a end device authentication method (end device 110 is authenticated via network [Kim '383 ¶ 0021, 0047, Fig. 1B])
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Further:
Cohen '700 discloses a camera authentication method (authenticates camera [Cohen '700 ¶ 0014, 0077, Fig. 4])
It would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Kim '383 with the camera administration of Cohen '700 to arrive at an apparatus, method, and product including:
a camera authentication method
A person having ordinary skill in the art would have been motivated to combine them at least because applying the authentication techniques of Kim '383 to administer the cameras of Cohen '700 would extend the reach of Kim '383 to cover additional devices and activities while simultaneously improving the security of the cameras of Cohen '700.  A person having ordinary skill in the art would have been further motivated to combine them at least because Cohen '700 teaches [Cohen '700 ¶ 0034, 0030-0037, 0045-0048, 0014, 0077, Fig. 4] modifying a device authentication system [Kim '383 ¶ 0079-0086, Fig. 6] such as that of Kim '383 to arrive at the claimed invention; because doing so constitutes use of a known technique (camera administration [Cohen '700 ¶ 0034, 0030-0037, 0045-0048, 0014, 0077, Fig. 4]) to improve 
Per claim 10 (independent):
Kim '383 does not disclose a management device for a camera
However, Kim '383 discloses a management device for a end device (end device 110 is authenticated via network [Kim '383 ¶ 0021, 0047, Fig. 1B])
Kim '383 discloses a communication interface configured to communicate with the camera (sends protocol messages to device and receives responses including device identifiers [Kim '383 ¶ 0036, 0074-0076, Fig. 6])
Kim '383 discloses a storage configured to store device information about the camera (generates, stores, and checks certificate-identifying information and/or hashed end entity identifier [Kim '383 ¶ 0087-0088, 0091, 0047])
Kim '383 discloses a controller operatively coupled to the communication interface and the storage, and configured to connect to the camera through a network (processor(s), memory, computer readable media, storage, executable instructions, network interface [Kim '383 ¶ 0017, 0021])
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Further:
Cohen '700 discloses a management device for a camera (authenticates camera [Cohen '700 ¶ 0014, 0077, Fig. 4])
For the reasons detailed above with respect to claim 9, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Kim '383 with the camera administration of Cohen '700 to arrive at an apparatus, method, and product including:
a management device for a camera1
Per claim 11 (dependent on claim 10):
Kim '383 in view of Cohen '700 discloses the elements detailed in the rejection of claim 10 above, incorporated herein by reference
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 4 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 16 (independent):
Kim '383 does not disclose a camera
However, Kim '383 discloses a end device (end device 110 is authenticated via network [Kim '383 ¶ 0021, 0047, Fig. 1B])
Kim '383 discloses a communication interface configured to communicate with a management device (sends protocol messages to device and receives responses including device identifiers [Kim '383 ¶ 0036, 0074-0076, Fig. 6]; processor(s), memory, computer readable media, storage, executable instructions, network interface [Kim '383 ¶ 0017, 0021])
Kim '383 does not disclose an image sensor configured to capture image data
Kim '383 discloses a storage configured to store a certificate of the camera, and store a public key included in the certificate and a private key generated to have a cryptographic relation with the public key (generates, stores, and checks certificate-identifying information and/or hashed end entity identifier [Kim '383 ¶ 0087-0088, 0091, 0047]; processor(s), memory, computer readable media, storage, executable instructions, network interface [Kim '383 ¶ 0017, 0021])
Kim '383 discloses store a public key included in the certificate and a private key generated to have a cryptographic relation with the public key (certificate binds device public-key private-key pair [Kim '383 ¶ 0028-0029]; device sends device information not via certificate [Kim '383 ¶ 0080, 0079-0086, Fig. 6])
Kim '383 discloses a controller operatively coupled to the image sensor and the storage  (processor(s), memory, computer readable media, storage, executable instructions, network interface [Kim '383 ¶ 0017, 0021])
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Further:
Cohen '700 discloses a camera (authenticates camera [Cohen '700 ¶ 0014, 0077, Fig. 4])
Cohen '700 discloses an image sensor configured to capture image data (authenticates camera [Cohen '700 ¶ 0014, 0077, Fig. 4])
For the reasons detailed above with respect to claim 9, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Kim '383 with the camera administration of Cohen '700 to arrive at an apparatus, method, and product including:
a camera2
an image sensor configured to capture image data

Kim '383 in view of Cohen '700 discloses the elements detailed in the rejection of claim 16 above, incorporated herein by reference
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 2 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Per claim 18 (dependent on claim 17):
Kim '383 in view of Cohen '700 discloses the elements detailed in the rejection of claim 17 above, incorporated herein by reference
The remaining limitations of the claim(s) correspond(s) to features of claim(s) 4 and the claim(s) is/are rejected for the reasons detailed with respect to those claims.
Claim(s) 13, 15 is/are rejected under 35 U.S.C. § 103  as being unpatentable over Kim '383 in view of Cohen '700 in view of U.S. Patent 10511448 to Brinskelle (hereinafter "Brinskelle '448").  Brinskelle '448 is prior art to the claims under 35 U.S.C. § 102(a)(2).
Per claim 13 (dependent on claim 12):
Kim '383 in view of Cohen '700 discloses the elements detailed in the rejection of claim 12 above, incorporated herein by reference
Kim '383 does not disclose the certificate is expressed in a form of X.509v3, and wherein the device binding information is included in a SubjectPublickeyInfo field or an extension field
However, Kim '383 discloses the certificate is expressed in a form of X.509, and wherein the device binding information is included in a field (X.509 cert includes "the public key of the end entity, a distinguished name associated with the end entity, a subject alternative name associated with end entity (e.g., including cryptographically-obscured identifiers), a set of attributes providing other information about the entity, and/or other information" [Kim '383 ¶ 0022-0025, 0028-0029, 0059, 0063])
Further:
Brinskelle '448 discloses the certificate is expressed in a form of X.509v3, and wherein the device binding information is included in a SubjectPublickeyInfo field or an extension field (stores binding info for node to be authenticated in SubjectPublickeyInfo field of X.509v3 certificate [Brinskelle '448 c. 4 l. 5-16, c. 3 l. 41-53, c. 7 l. 30-47])
It would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Kim '383 with the X.509v3 fields of Brinskelle '448 to arrive at an apparatus, method, and product including:
the certificate is expressed in a form of X.509v3, and wherein the device binding information is included in a SubjectPublickeyInfo field or an extension field
A person having ordinary skill in the art would have been motivated to combine them at least because applying the authentication techniques of Kim '383 to administer the X.509v3 fields of Brinskelle '448 would implement the authentication schema of Kim '383 using robust, secure, and widely adopted X.509v3 certificates.  A person having ordinary skill in the art would 
Per claim 15 (dependent on claim 13):
Kim '383 in view of Cohen '700 in view of Brinskelle '448 discloses the elements detailed in the rejection of claim 13 above, incorporated herein by reference
Kim '383 discloses the controller is further configured to control the communication interface establish the protected communication session via SSL (Secure Socket Layer) protocols in response to validating the certificate (if certificate matches, establishes SSL/TLS session [Kim '383 ¶ 0037, 0076, 0080-0081, Fig. 6])

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THEODORE C PARSONS whose telephone number is (571)270-1475.  The examiner can normally be reached on MTWRF 7:30-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on (571) 272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/THEODORE C PARSONS/Primary Examiner, Art Unit 2494                                                                                                                                                                                                        





    
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 For the same reasons, it would have been obvious to have modified the end device Kim '383 to include the camera of Cohen '700 throughout the claim mutatis mutandis.  The tedious repetition of replacing device with camera in each limitation of the claim is omitted for brevity.
        2 For the same reasons, it would have been obvious to have modified the end device Kim '383 to include the camera and image sensor of Cohen '700 throughout the claim mutatis mutandis.  The tedious repetition of replacing device with camera or image sensor in each limitation of the claim is omitted for brevity.