DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Office Action Summary
Claims 1-8 and 16-20 are pending in the instant application. Claims 9-15 and 21-32 are canceled.
Claims 1-8 and 16-20 are rejected under 35 USC § 103.
Instant office action is in response to applicant’s amendments/arguments filed 2/23/2023 with an RCE.  Applicant’s arguments have been considered but are moot based on new grounds of rejection found upon further search and consideration.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 3/22/2022 has been entered.
 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

Claims 1-8 rejected under 35 U.S.C. 103 as being unpatentable over Miyazaki et al. (US Pre-Grant Publication No: 2009/0129586 A1) hereinafter referred to as Miyazaki in view of Unagami et al. (US Pre-Grant Publication No: 2016/0149908 A1) hereinafter referred to as Unagami and further in view of Walters et al. (WO 2006/133545 A1) hereinafter referred to as Walters.

As per claim 1, Miyazaki teaches An apparatus, (Miyazaki, see abstract; figures 1 to 4) comprising: a secure circuit configured to:  store a plurality of keys usable to encrypt data communications between a plurality of devices over a network; (Miyazaki, figure 9, teaches a key information database)
store information that defines a set of usage criteria for the plurality of keys, wherein the set of usage criteria specifies that a first of the plurality of keys is dedicated to encrypting data being communicated from a first of the plurality of devices to a second of the plurality of devices; (Miyazaki, [0047] and [0071]; figures 1 to 4)
receive, from the first device, a request to encrypt a portion of a message with the first key, wherein the request indicates that the message is being sent from the first device to the second device; and (Miyazaki, [0047], [0051] and [0071])
encrypt the portion of the message with the first key in response to determining that the set of usage criteria permits encryption with the first key for a message being sent from the first device to the second device.  (Miyazaki, [0047], [0051] and [0071], teaches a cryptographic module selection portion)
However, Miyazaki does not explicitly teach store information that defines a set of usage criteria for the plurality of keys, wherein the set of usage criteria specifies that a first of the plurality of keys is dedicated to encrypting data being communicated from a first of the plurality of devices to a second of the plurality of devices; send a response indicating that another request from the first device has been denied in response to determining that the set of usage criteria does not permit encryption with the first key for a message being sent from the first device to another device.
However Unagami, [0144]-[0146] and figure 7, teaches a table with session keys, i.e. usage criteria, where a session key is shared between two devices and used for communication, and that session key cannot be used for another communication else an error is returned.
It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention to modify the invention of Miyazaki with the method of Unagami because returning an error when a session key cannot be used, is well known and helps determine the cause of why an interaction might/or might not be happening so issue may be corrected.
But Miyazaki in view of Unagami does not teach wherein the set of usage criteria is received from a hardware entity external to the secure circuit.
However Walters figure 3 and [0051], teaches set of keys and usage criteria being received from an external hardware circuit. 
It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention to modify the invention of Miyazaki with the method of Unagami because returning an error when a session key cannot be used, is well known and helps determine the cause of why an interaction might/or might not be happening so issue may be corrected.

As per claim 2, Miyazaki in view of Unagami and further in view of Walters teaches The apparatus of claim 1, further comprising: the plurality of devices, wherein the secure circuit is coupled to the first device; and wherein the secure circuit is configured to encrypt the portion of the message such that the encrypted portion is usable to establish that the message is sent by the first device.  (Miyazaki, [0047], [0051] and [0071], teaches a cryptographic module selection portion)

As per claim 3, Miyazaki in view of Unagami and further in view of Walters teaches The apparatus of claim 1, wherein the secure circuit is configured to: receive a portion of another message sent from a third of the plurality of devices, wherein the portion of the other message is encrypted by another secure circuit coupled to the third device; select, based on the set of usage criteria, a second key dedicated to decrypting data communications being sent from the third device to the first device; and decrypt the portion of the other message with the second key.  (Miyazaki, [0047], [0051] and [0071])

claim 9, Miyazaki in view of Unagami and further in view of Walters teaches The apparatus of claim 1, wherein the stored information specifies a tuple for each of the plurality of keys, wherein each tuple 1) includes an indication of whether that key is dedicated to encryption or decryption, and 2) identifies one or more of the plurality of devices associated with that key.  (Miyazaki, [0113], teaches public key encryption, so keys would be either for encrypting or decrypting)

As per claim 5, Miyazaki in view of Unagami and further in view of Walters teaches The apparatus of claim 1, wherein the set of usage criteria indicates that the first key is dedicated to encrypting data communications in one direction between the first and second devices but not in the other direction.  (Miyazaki, [0113], teaches public key encryption, so keys would be either for encrypting or decrypting and figure 9, teaches a key information database)

As per claim 6, Miyazaki in view of Unagami and further in view of Walters teaches The apparatus of claim 1, further comprising: a gateway configured to: facilitate communication over a wide area network; receive a set of replacement keys from an entity over the wide area network; and distribute ones of the replacement keys to the plurality of devices.  (Miyazaki, [0118], Teaches substituting digital signature)

As per claim 7, Miyazaki in view of Unagami and further in view of Walters teaches The apparatus of claim 6, wherein the gateway is configured to: issue a request for the set of replacement keys in response to an indication that one of the plurality of devices has been replaced with a new device.  (Miyazaki, [0118], teaches substituting digital signature and figure 9, teaches a key information database)

As per claim 8, Miyazaki in view of Unagami and further in view of Walters teaches The apparatus of claim 1, further comprising: the plurality of devices, wherein plurality of devices includes electronic control units (ECUs) configured to control operations of a vehicle; and wherein the secure circuit is configured to encrypt portions of messages associated with operations controlled by the first device. (Miyazaki, [0045], [0049], [0059] and [0071]; figures 1 to 3)

Claims 16-20 rejected under 35 U.S.C. 103 as being unpatentable over Miyazaki in view of Walters.

As per claim 16, Miyazaki teaches An apparatus, comprising: a first network node configured to communicate a message over a network to a second network node; (Miyazaki, figure 9, teaches a key information database and [0047], teaches communicating between devices)
and a secure circuit coupled to the first network node, wherein the secure circuit: store an encryption key and a policy defining one or more usage criteria for the encryption key; (Miyazaki, [0047] and [0071]; figures 1 to 4)
receive a request from the first network node to encrypt a portion of the message; and (Miyazaki, [0047], [0051] and [0071])
encrypt the portion with the encryption key in response to determining that the policy permits encryption of the portion with the encryption key.  (Miyazaki, [0047], [0051] and [0071], teaches a cryptographic module selection portion)
But Miyazaki does not teach receive, from a hardware entity external to the secure circuit,  store the encryption key and the policy; where the request indicates that the message is being sent from the first network node to the second network node;
However Walters figure 3 and [0051], teaches set of keys and usage criteria being received from an external hardware circuit.
It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention to modify the invention of Miyazaki with the method of Walters because returning an error when a session key cannot be used, is well known and helps determine the cause of why an interaction might/or might not be happening so issue may be corrected.

claim 17, Miyazaki in view of Walters teaches The apparatus of claim 16, wherein the request indicates that the second network node is a destination of the message; and wherein the secure circuit is configured to determine whether the policy permits encryption with the encryption key when the second network node is indicated as the destination of the message.  (Miyazaki, figure 2, [0042] and [0051])

As per claim 18, Miyazaki in view of Walters teaches The apparatus of claim 17, wherein the request further indicates that a third network node is another destination of the message; and wherein the secure circuit is configured to determine whether the policy permits encryption with the encryption key when the second network node and the third network node are indicated as destinations of the message.  (Miyazaki, figure 2, [0042] and [0051])

As per claim 19, Miyazaki in view of Walters teaches The apparatus of claim 17, wherein the policy identifies the second network node as a permissible destination by referencing a media access control (MAC) address of the second network node.  (Miyazaki, figure 1, [0059])

As per claim 20, Miyazaki in view of Walters teaches The apparatus of claim 16, wherein the policy indicates that encryption is permissible with the encryption key, but not decryption with the encryption key. (Miyazaki, [1113], public keys are used to encrypt data but are not used to decrypt data as the private key is needed to decrypt data)

Other Related Art
Coopala et al. (2018/0295112) teaches “A method for use in a system operating in accordance with a Controller Area Network (CAN) protocol, the system including a plurality of devices coupled to a 
Ujie et al. (2016/0315766) teaches “Provided is a key management method to secure security in an onboard network system having multiple electronic control units storing a shared key. In the key management method of the onboard network system including multiple electronic units ( ECUs) that perform communication by frames via a bus, a master ECU stores a shared key to be mutually shared with one or more ECUs. Each of the ECUs acquire a session key by communication with the master ECU based on the stored shared key, and after this acquisition, executes encryption processing regarding a frame transmitted or received via the bus, using this session key. In a case where a vehicle in which the onboard network system is installed is in a particular state, the master ECU executes inspection of a security state of the shared key stored by the ECU or the like.”
Shields et al. (2018/0083785) teaches “One aspect of the disclosure provides a method for secure communication. The method can include storing, at a first node of a first security group of one or more security groups, a parameter data set containing a plurality of values, the first security group having a first plurality of nodes each having a synchronized data set, the synchronized data set having at least a first seed value. The method can include selecting, using the first seed value, one or more of the plurality of values in the parameter data set to form a first parameter subset. The method can include generating a first cipher key using the first parameter subset at the first node. The method can include encrypting user data at the first node using the first cipher key. The method can include generating a first signature based on the user data. The method can include transmitting, from the first node to a second node of the first security group, a start frame including the parameter data set, the encrypted 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMON P KANAAN whose telephone number is (571)270-3906.  The examiner can normally be reached on M-F (7AM-4PM).

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SIMON P KANAAN/Primary Examiner, Art Unit 2492