DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 16 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 16 recites the limitation “the secret signing key" in the second line of the claim.  There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 3-5, 11-15, 19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Jeran et al. (U.S. Pub. No. 2016/0187827 A1) hereinafter referred to as “Jeran”.
Regarding Claim 1:
	Jeran discloses the following limitations:
	An anti-cloning system. comprising: a first device configured to be coupled to or receive a first embedded device having a first unique identify value (Abstract, installing a consumable product in the host device (an anti-cloning system. comprising: a first device) where the consumable product stores an identifier in memory (configured to be coupled to or receive a first embedded device having a first unique identify value)). The system of Jeran is directed towards a printer, i.e. the host device, which authenticates a printer cartridge, i.e. the consumable product, including determining whether the cartridge is a possible clone. Under the broadest reasonable interpretation, this consumable product is considered to be an embedded device as the print cartridge of Jeran is understood to be a device due to its computing capabilities (Par. [0014], the print cartridge (100) contains a digital signature (104) that is contained in memory (106)).  
	and a controller coupled to the first device (Par. [0025], In some examples, the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (and a controller coupled to the first device) (102), or combinations thereof). The system of Jeran includes a controller in the form of a third device which is connected to the printer and a remote server and teaches all combinations for distributing components of the determining system among the devices named.
	and having: a controller memory configured to store a public verification key (Par. [0039], the data structures shown stored in the memory resources (504) include a key (510) (and having: a controller memory configured to store a public verification key)). Jeran discloses that the controller, which contains components of the determining system, has a memory which stores a public verification key.
	and a controller processor coupled to the controller memory and configured to: (Par. [0047], In some examples, the processing resources (502) (controller processor) and the memory resources (504) are located within the same physical component, such as a server, or a network component (coupled to the controller memory and configured to)). The determining system of Jeran includes a processor and memory coupled to each other.
	verify the first unique identity value using the public verification key (Par. [0014], The digital signature (104) signs data stored on the cartridge, such signed data contains a unique identifier (108) (the first unique identity value) for that print cartridge (100); Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510)
(verify using the public verification key)). The printer cartridge of Jeran includes a digital signature which contains the first unique identifier. This signature, and thus the identifier, is verified with the aforementioned public key, and this is handled by the determining system on behalf of the printer.
	and allow or permit the first device to operate and use the first embedded device when the first unique identity value is verified (Par. [0031], on the other hand, if the digital signature appears genuine, the process continues with determining (212) whether the identifier in the signed data matches an identifier in the host device's non-authenticated identifiers list. If the identifier in the signed data fails to match any of the identifiers recorded in the host device's non-authenticated identifiers list (when the first unique identity value is verified), the consumable product is authenticated (214) (and allow or permit the first device to operate and use the first embedded device)). Jeran further verifies the identifier by checking if the identifier is present on a blacklist. After passing this check, the embedded device is authenticated, i.e. the first device is allowed to use the embedded device. 

Regarding Claim 3:
	Jeran discloses Claim 1.	Jeran further discloses the following limitations:
	wherein the controller is a second device that is remote from the first device that is configured to be coupled to or receive the first embedded device (Par. [0025], in some examples, the printer (102) is in communication with a remote device, such as a remote server (117) (wherein the controller is a second device that is remote from the first device that is configured to be coupled to or receive the first embedded device)). Jeran teaches the printer, the first device, communicating with a remote device, and this applies to the third device as previously interpreted in Claim 1 due to Jeran disclosing all possible distributions of components.
Regarding Claim 4:
	Jeran discloses Claim 1.
	Jeran further discloses the following limitations:	
	wherein the controller processor is configured to: determine whether the first unique identity value is in a consumed devices list (Par. [0025], In some examples, the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (wherein the controller processor is configured to) (102), or combinations thereof; Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data with an identifier in the identifier list (determine whether the first unique identity value is in a consumed devices list)). Jeran teaches that the determining system may be distributed along various servers, and discloses all combinations thereof (Par. [0047], Thus, the determining system (500) may be implemented on a user device, on a server, on a collection of servers, or combinations thereof). Therefore, the determining system of Jeran teaches an arrangement in which the controller is a third device distinct from a remote server and the printer, and this remote server performs the identifier match in order for the controller to make the claimed determination. 
	that lists unique identity values of embedded devices that have been consumed (Par. [0018], The number of printers in which a print cartridge has been installed may be tracked via the identifier. If this number exceeds a predetermined threshold, this suggests that the identifier has been copied and the identifier may then be added to the listing engine list (that lists unique identity values of embedded devices that have been consumed)). The system of Jeran implements a blacklist which tracks identifiers of devices which are not to be authenticated. The blacklist is said to be updated whenever the number of times a device has been installed, i.e. consumed, exceeds a threshold so that the consumed device identifier is added. Therefore, the blacklist of Jeran constitutes a consumed devices list, as it lists devices which have been previously consumed.  
	and prevent operation or use of the first embedded device when the first unique identity value is on the consumed device list (Par. [0045], The authentication denier (526) represents programmed instructions that, when executed, cause the processing resources (502) to deny authentication if it is determined that the consumable product's identifier matches an identifier from the list of non-authenticated identifiers (and prevent operation or use of the first embedded device when the first unique identity value is on the consumed device list)). The system of Jeran then uses determination from the identifier match to deny authorization of disallowed devices, thereby preventing operation of the embedded device. 

Regarding Claim 5:
	Jeran discloses Claim 4.
	Jeran further discloses the following limitations:
	further comprising: a server configured to store a consumed devices list (Par. [0039], The data structures shown stored in the memory resources (504) include a key (510) and identifier list (518) (further comprising: a server configured to store a consumed devices list)). As argued previously in Claim 4, Jeran teaches all possible combinations of the authentication components being distributed among separate devices, wherein the controller is a third device which consults a remote server for identifier matching. Firstly, the memory resources, which stores the identifier list, are contained within the server as claimed.  
	and check the first unique identity value against the consumed devices list (Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data with an identifier in the identifier list (518) (and check the first unique identity value against the consumed devices list)). Next, the identifier matcher of Jeran is combined with the identifier list in the same server. 
	wherein to determine whether the first unique identify value is in the consumed devices list the controller processor is configured to: provide the first unique identity value to the server for verification (Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature (wherein to determine whether the first unique identify value is in the consumed devices list the controller processor is configured to: provide the first unique identity value to the server for verification) stored in the memory of the consumable product with the key (510)). Next, the controller includes the digital signature verifier component. That is, the identifier matcher of Jeran verifies the identifier found in the verified signed data, so this teaches that the identifier is provided to the server by the controller. 
	and obtain an indication that the first unique identity value is or is not verified (Par. [0044], If the identifier matcher (516) cannot match the identifier with one from the list, the consumable product is authenticated (and obtain an indication that the first unique identity value is or is not verified)). Finally, the identifier matcher determines authentication, i.e. an indication whether the identifier is verified or not, which the authentication denier of the controller uses. For these reasons, there is a teaching from Jeran for a server to perform the authentication components described while the controller exists as another device distinct from the printer and server.

Regarding Claim 11:
	Jeran discloses Claim 1.
	Jeran further discloses the following limitations:
	further comprising: a second device configured to be coupled to or receive a second embedded device having a second unique identity value (Par. [0018], the common location collects the non-authenticated identifiers (112) (having a second unique identity value) from the multiple reporting printers (further comprising: a second device configured to be coupled to or receive a second embedded device) to create the listing engine list (110) that reflects the activity of multiple printers). Jeran teaches that a plurality of printers, i.e. a second device, report a plurality of non-authenticated identifiers, i.e. a second identity value from a second embedded device, to the listing engine in order to create the identifier list. Since Jeran discloses that all possible combinations of components distributed among different devices (Par. [0025], the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (102), or combinations thereof), the combination of the remote device and listing engine of Jeran acting as the controller teaches the controller servicing a second device with its own second embedded device. 
	wherein the controller processor is configured to verify the second unique identity value using the public verification key (Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510) (wherein the controller processor is configured to verify the second unique identity value using the public verification key)). As argued previously in Claim 1, the controller only uses one public verification key.
	
Regarding Claim 12:
	Jeran discloses Claim 1.
	Jeran further discloses the following limitations:
	wherein the first device is configured to be coupled to or receive a second embedded device having a second unique identity value (Par. [0013], In this example, the consumable product is a print cartridge (100) and the device is a printer (wherein the first device is configured to be coupled to or receive); Par. [0011], Print cartridges can be authenticated upon installation into the printer so that for example a warranty eligibility of the print cartridge can be determined. In an example, third party print cartridges may not fall under warranties offered by an original printer company (a second embedded device having a second unique identity value)). The system of Jeran is directed towards authenticating printer cartridges, and teaches the authentication of consumable products. Under the broadest reasonable interpretation, the claim only recites that the first device is “configured to be coupled to or receive a second embedded device”, but this does not necessarily imply that the first device must simultaneously connect to both embedded devices. For this reason, as the system of Jeran is directed towards authenticating genuine printer cartridges, i.e. first embedded device, and rejecting third party print cartridges, i.e. second embedded device, from their identifier, Jeran teaches the first device being configured to receive and verify a second embedded device. 
	wherein the controller processor is configured to verify the second unique identity value using the public verification key (Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510) (wherein the controller processor is configured to verify the second unique identity value using the public verification key)). As argued previously in Claim 1, the controller only uses one public verification key.

Regarding Claim 13:
	Jeran discloses the following limitations:
	An anti-cloning system, comprising: a server configured to verify unique identity values (Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data with an identifier in the identifier list (518) (An anti-cloning system, comprising: a server configured to verify unique identity values)). The authentication system of Jeran may take the form of multiple devices/servers (Par. [0047], Thus, the determining system (500) may be implemented on a user device, on a server, on a collection of servers, or combinations thereof), of which one server contains the identifier matcher component. 
	a device configured to be coupled to or receive an embedded device having a unique identity value (Abstract). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	and a controller coupled to the device and having: a controller memory configured to store a public verification key (Par. [0025], Par. [0039]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	and a controller processor coupled to the controller memory and configured to (Par. [0047]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	verify the unique identity value using the public verification key (Par. [0014], Par. [0042]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	and allow or permit the device to operate and use the embedded device when the unique identity value is verified (Par. [0031]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 

Regarding Claim 14:
	Jeran discloses Claim 13.
	Jeran further discloses the following limitations:
	wherein the controller processor is configured to: determine whether the unique identity value is in a consumed devices list that lists unique identity values of embedded devices that have been consumed (Par. [0025], Par. [0044], Par. [0018]). This limitation of the claim was previously argued to be taught by Jeran in Claim 4. That is, the controller determines whether the identity value is in the list by communicating with the server, the identifier matcher. 
	and prevent operation of the embedded device when the unique identity value is on the consumed device list (Par. [0045]). This limitation of the claim was previously argued to be taught by Jeran in Claim 4. 

Regarding Claim 15:

	Jeran further discloses the following limitations:
	wherein the server is configured to store the consumed devices list and check a unique identity value against the consumed devices list (Par. [0039], Par. [0044]). This limitation of the claim was previously argued to be taught by Jeran in Claim 5. 
	wherein to determine whether the unique identify value is in the consumed devices list the controller processor is configured to: provide the unique identity value to the server for verification (Par. [0042]). This limitation of the claim was previously argued to be taught by Jeran in Claim 5. 
	and obtain an indication that the unique identity value is or is not verified (Par. [0044]). This limitation of the claim was previously argued to be taught by Jeran in Claim 5. 

Regarding Claim 19:
	Jeran discloses the following limitations:
	A method of verifying an embedded device, comprising: determining, by a processor of a controller, that the embedded device has been inserted into a device (Par. [0025], the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (102) (controller), or combinations thereof; Par. [0041], The consumable product recognizer (506) represents programmed instructions that, when executed, cause the processing resources (502) to recognize that a consumable product is in a condition to be authenticated). The system of Jeran discloses all possible distributions of components of the determining system across the listed devices, where the “another device” is considered to be the controller. One component of the determining system detects the connection of a consumable product, i.e. embedded device. 
(Abstract). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	verifying, by the processor of the controller a digital signature on the unique identity value of the embedded device (Par. [0014], The digital signature (104) signs data stored on the cartridge, such signed data contains a unique identifier (108) (the unique identity value) for that print cartridge (100); Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510) (verifying, by the processor of the controller a digital signature on the unique identity value of the embedded device)). When it was previously argued in Claim 1 that Jeran teaches verification through a public verification key, this was used to verify a digital signature of the identifier of Jeran. 
	determining by the processor of the controller, whether the embedded device is on a consumed devices list or on an operating list (Par. [0025], Par. [0044], Par. [0018]). This limitation of the claim was previously argued to be taught by Jeran in Claim 4. 
	based on a connection between the controller or the device with a server (Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data with an identifier in the identifier list (518) (based on a connection between the controller or the device with a server)). Under the broadest reasonable interpretation, the claim limitation is interpreted to mean that the determination of the embedded device on a list uses a connection to a server in some manner. As the interpretation argued here is that the controller consults the identifier matcher server of Jeran to receive a determination, this meets the limitation of being based on a connection with a server. 
(Par. [0045]). This limitation of the claim was previously argued to be taught by Jeran in Claim 4. 
	and allowing or permitting, by the processor of the controller, the device to operate and use the embedded device when the unique identity value is verified and not on the consumed devices list (Par. [0031], on the other hand, if the digital signature appears genuine (when the unique identity value is verified), the process continues with determining (212) whether the identifier in the signed data matches an identifier in the host device's non-authenticated identifiers list. If the identifier in the signed data fails to match any of the identifiers recorded in the host device's non-authenticated identifiers list (and not on the consumed devices list), the consumable product is authenticated (214) (and allowing or permitting, by the processor of the controller, the device to operate and use the embedded device)). The verification of Jeran uses both the digital signature verification and checking for a match in the identifier list.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2, 6, 10, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Jeran, and further in view of Lim et al. (U.S. Pub. No. 2011/0154043 A1) hereinafter referred to as “Lim”.
Regarding Claim 2:
	Jeran discloses Claim 1.

	wherein the controller is included within the first device (Par. [0039], For example, the authentication system (500) may be incorporated into a printer (wherein the controller is included within the first device)). Jeran teaches including components of the determining (authentication) system within the printer itself, i.e. the controller is included within the first device.
	(taught by Lim below)

	Lim discloses the following limitation not taught by Jeran:
	wherein the first unique identity value is a media access control (MAC) address, a Bluetooth Low Energy (BLE) address or a serial number of the first embedded device (Par. [0032], a unique device identifier 502 related to object 104 and/or chip 106, such as a serial or ID number or code). Reference Jeran does not teach the unique identifier being a MAC address, BLE address, or a serial number of the embedded device. Reference Lim however teaches that the identity value may be a serial number of the object, i.e. the first embedded device, in its own authentication system for detecting cloned devices. Since the claim recites the word “or”, fulfilling one of the listed options meets the claim limitation under the broadest reasonable interpretation. 

	References Jeran and Lim are considered to be analogous art because they are directed towards anti-cloning systems. Thus, all of the features of the claimed invention were known in the prior art. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute the unique identifier of Jeran with the serial number of Lim in order to gain the predictable result of the applicant’s claimed invention. 


	Jeran discloses Claim 5.
	Jeran further discloses the following limitations:
	wherein the server includes: a server memory that is configured to (Par. [0047], the memory resources (504) are located within the same physical component, such as a server (wherein the server includes: a server memory that is configured to)). The server of Jeran is disclosed to include a memory.
	(taught by Lim below)
	and a server processor coupled to the server memory and configured to: (Par. [0047], the processing resources (502) and the memory resources (504) are located within the same physical component, such as a server). Likewise, the server of Jeran is taught to have a processor, and these are considered coupled as they are located within the server. 
	(taught by Lim below)

	Lim discloses the following limitations not taught by Jeran: 
	store a secret signing key and the public verification key (Par. [0031], The certificate authority can be a manufacturer, fabricator, distributor or other entity related to chip 106 and/or object 104. A private verification key 510 (shown in FIG. 5) is held by the certificate authority and forms a verification key pair with public key 103 stored on device 102 (store a secret signing key and the public verification key)). 
	digitally sign the first unique identity value using the secret signing key (Par. [0031], At 402, a digest is created by a certificate authority (digitally sign the first unique identity value using the secret signing key)). Reference Jeran does not disclose the server being able to produce the digital signatures or store the signing key. That is, reference Jeran discloses authenticating digital signatures, but does not disclose their origin. Reference Lim however teaches that a certificate authority responsible for digital signatures, i.e. storing the secret signing key and digitally signing the identity values, may be any entity related to the authentication system, i.e. the server of Jeran. 

	References Jeran and Lim are considered to be analogous art because they are directed towards anti-cloning systems. Thus, all of the features of the claimed invention were known in the prior art. Therefore, it would have been obvious to combine the anti-cloning system of Jeran with the certificate authority of Lim, as the storage of the private key and act of producing digital signatures would not have produced changes in the respective functions of the server when the references are combined. 

Regarding Claim 10:
	Jeran discloses Claim 5.
	Jeran further discloses the following limitations:
	a server configured to: obtain the first unique identity value; compare the first unique identity value to a consumed devices list (Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data (a server configured to: obtain the first unique identity value) with an identifier in the identifier list (518) (compare the first unique identity value to a consumed devices list)). The identifier matcher of Jeran, which is interpreted to be the server, obtains the identity value from the signed data and then matches it with the identifier list, i.e. the consumed devices list. 
	indicate to the controller that the first embedded device is fraudulent when the first unique identity value is on the consumed devices list (Par. [0045], The authentication denier (526) represents programmed instructions that, when executed, cause the processing resources (502) to deny authentication if it is determined that the consumable product's identifier matches an identifier from the list of non-authenticated identifiers (indicate to the controller that the first embedded device is fraudulent when the first unique identity value is on the consumed devices list)). The result of the identifier matcher of Jeran determines that authentication is denied when the identifier is on the identifier list. 
	indicate to the controller that the first embedded device is verified when the first unique identity value is not on the consumed devices list (Par. [0045], The authenticator (522) represents programmed instructions that, when executed, cause the processing resources (502) to authenticate the consumable product in response to determining that the digital signature is genuine and that its associated identifier does not match an identifier in the identifier list (518) (indicate to the controller that the first embedded device is verified when the first unique identity value is not on the consumed devices list)). Similarly, the result of the identifier matcher of Jeran determines that authentication is valid when the identifier is not on the identifier list. 
	(taught by Lim below)

	Lim discloses the following limitation not taught by Jeran: 
	and add the first unique identity value to the consumed devices list when the first unique identity value is not on the consumed devices list (Par. [0006], adding the unique identifier to the unique identifier blacklist if the unique identifier is not found in the unique identifier blacklist). The system of Jeran does not disclose immediately adding the identity value to the identifier list, instead it recites meeting a threshold before this determination (Par. [0017], occurrence of a particular authenticated identifier exceeds a predetermined threshold). Reference Lim however teaches that the identifier may be added to the blacklist after the device has been authenticated to indicate it has been used. That is, Lim specifies the threshold such that the embedded device can only be used once.  

	References Jeran and Lim are considered to be analogous art because they are directed towards anti-cloning systems. Thus, all elements were known in the prior art. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute the step of adding the identifier of Jeran after meeting a threshold with the step of adding the identifier after authentication of Lim in order to gain the predictable result of the applicant’s claimed invention.

Regarding Claim 16:
	Jeran discloses Claim 13.
	Lim discloses the following limitation not taught by Jeran: 
	wherein the server is configured to digitally sign the unique identity value using the secret signing key (Par. [0031], At 402, a digest is created by a certificate authority (wherein the server is configured to digitally sign the unique identity value using the secret signing key)). This limitation of the claim was previously argued to be taught by Lim in Claim 6. As the combination of references is the same, the same reasons of motivation/combination of references in Claim 6 are used here. 

	Claims 7, 8, 17, 18, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Jeran, and further in view of Lang et al. (U.S. Pub. No. 2016/0285950 A1) hereinafter referred to as “Lang”.
Regarding Claim 7:
	Jeran discloses Claim 1.
	Jeran further discloses the following limitation:
	(taught by Lang below)
	to a consumed devices list (Par. [0039], The data structures shown stored in the memory resources (504) include a key (510) and identifier list (518) (to a consumed devices list))

	Lang discloses the following limitation not taught by Jeran: 
	wherein the controller memory is configured to store an operating list of embedded devices that are to be used without being compared (Par. [0007], In this way, if an access control device or a server is offline, access can be allowed if the access authorization is designated as valid by reference to the positive/negative list or the whitelist (wherein the controller memory is configured to store an operating list of embedded devices that are to be used without being compared to a consumed devices list)). Reference Jeran does not disclose an operating list of embedded devices. Reference Lang however teaches that a whitelist, which is locally stored, may be used to authorize access when it is not possible to access a server due to the connection being offline. As the server of Jeran is responsible for storing a consumed devices list, this constitutes storing a list of devices to be used without being compared to a consumed devices list, i.e. they are to be used without comparing to the list stored in the server of Jeran. Lang further teaches that this system has the advantage of verifying identity in an offline mode while having “the advantage that a high flexibility and scaling is ensured” (Par. [0005]).

	References Jeran and Lang are considered to be analogous art because they relate to access control systems for devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the anti-cloning system of Jeran with the whitelist of Lang in order to gain the benefit of an offline mode of verifying identity in a way which is scalable and flexible. 


	Jeran discloses Claim 7.
	Jeran further discloses the following limitations:
	(taught by Lang below)
	and prevent or stop use of any embedded device on the operating list that matches an embedded device on the consumed devices list (Par. [0032], if the consumable product matches one of the identifiers, the non-authenticated consumable product is prevented from being used by the host device (and prevent or stop use of any embedded device on the operating list that matches an embedded device on the consumed devices list)). 

	Lang discloses the following limitation not taught by Jeran: 
	wherein the controller processor is configured to: send an alert when any of the embedded devices on the operating list match an embedded device on the consumed devices list (Par. [0012], Such notifications can be notifications about defined events or irregularities in the access control system, for example, about a blocked or defective access control device, about attempted fraud, vandalism or about the detection of invalid access authorizations (send an alert); Par. [0006], The recorded data of the access authorization are stored intermediately for a subsequent evaluation in the access control device and loaded onto the server when remaking the online connection (when any of the embedded devices on the operating list match an embedded device on the consumed devices list)). The system of Lang discloses that when an online connection is reestablished, a record of the previous authorizations, i.e. devices on the operating list, is sent to the server for updated verification. As argued previously in Claim 7, the combination of Jeran/Lang has a consumed devices list stored in the remote server. Therefore, this constitutes matching a device on the operating list with a device on the consumed devices list. Furthermore, the system of Lang issues notifications when denied authorization is detected, and the system of Jeran denies authorization when such a match occurs. Likewise, the system of Jeran prevents the usage of any device which matches one on the consumed devices list, so this includes devices on the operating list when combined with Lang, as Lang uses the server as final verification. For these reasons, the reasons for motivation/combination of references Jeran/Lang remain the same as argued in Claim 7. 

Regarding Claim 17:
	Jeran discloses Claim 13.
Lang discloses the following limitation not taught by Jeran: 
wherein the controller has a scanner or laser to read the unique identity value, wherein controller is configured to use the scanner or laser to scan or read the unique identity value (Par. [0013], an access control can be carried out by means of the data goggles, wherein for this purpose by means of the integrated camera (wherein the controller has a scanner or laser to read the unique identity value) access authorizations comprising a barcode (wherein controller is configured to use the scanner or laser to scan or read the unique identity value)). Reference Jeran does not teach a scanner or laser for reading identity values and instead uses an electrical connection to communicate the identity values. Reference Lang teaches that a reading device with an integrated camera, i.e. controller, to read barcode values, i.e. identity values. As this camera is used to read barcodes, this is considered a scanner under the broadest reasonable interpretation.

	References Jeran and Lang are considered to be analogous art because they relate to access control systems for devices. Thus, all features of the claimed invention were known in the prior art. 

Regarding Claim 18:
	Jeran discloses Claim 17.
	Lang discloses the following limitations not taught by Jeran: 
	wherein the embedded device is a non-electrical device (Par. [0004], The customer medium can, for example, be designed as an RFID tag, RFID card or as a paper ticket with machine-readable information (wherein the embedded device is a non-electrical device)). Lang teaches that the device to be authenticated may be a paper ticket, i.e. a non-electrical device. 
	and the unique identity value is a serial number or a bar code (Par. [0013], wherein for this purpose by means of the integrated camera access authorizations comprising a barcode (and the unique identity value is a serial number or a bar code)). Lang teaches that the identity value is a barcode. 
	wherein the serial number or the bar code is verified against an algorithm, a black list or an operating list (Par. [0027], access can be allowed if the access authorization is designated as valid by reference to the positive/negative list or the whitelist (wherein the serial number or the bar code is verified against an algorithm, a black list or an operating list)). Lang further teaches checking the identifier from the barcode against a whitelist, i.e. an operating list. The reasons for motivation/combination of references remain the same as in Claim 17. 

Regarding Claim 20:
	Jeran discloses Claim 19.

	wherein determining whether the embedded device is on a consumed devices list or on an operating list includes: comparing the unique identity value to unique identity values on the consumed devices list when the controller or the device is connected to the server (Par. [0025], Par. [0044], Par. [0018]). This limitation of the claim was previously argued to be taught by Jeran in Claim 4. 
	(taught by Lang below)
	(taught by Lang below)
	and when the number of unique identity values on the operating list is less than a threshold amount (Par. [0020], However, in examples where the listing engine non-authenticated identifier list (110) exceeds the amount of memory available in the printer (102), the printer (102) may download just a portion of the listing engine non-authenticated identifier list (and when the number of unique identity values on the operating list is less than a threshold amount)). Reference Jeran teaches that locally stored identifier lists, such as the whitelist of Lang, have a size limit, i.e. threshold, due to the memory of the device. Therefore, the combination of the combination of Jeran with Lang teaches the operating list having a threshold of identifier values for which another identifier cannot be added due to memory constraints. 

	Lang discloses the following limitations not taught by Jeran: 
	and adding the unique identity value to the operating list (Par. [0007], Furthermore, a positive/negative list or a so-called whitelist can be stored in a storage medium or in a database of the at least one access control device, by means of which the validity state of an access authorization is determined by means of the ID of the access authorization which is updated by at least one server at regular intervals or by a corresponding control of the access control device (and adding the unique identity value to the operating list)). Reference Jeran does not disclose an operating list. Reference Lang teaches the user operating the controller locally updating a whitelist, i.e. the operating list, and updating includes adding identity values. Reference Lang further teaches that this has the benefit of allowing operation when the server is offline (Par. [0007], in this way, if an access control device or a server is offline, access can be allowed if the access authorization is designated as valid by reference to the positive/negative list or the whitelist). Lang further teaches that this system has the advantage of verifying identity in an offline mode while having “the advantage that a high flexibility and scaling is ensured” (Par. [0005]).
	when the controller or the device is disconnected from the server (Par. [0007], In this way, if an access control device or a server is offline (when the controller or the device is disconnected from the server), access can be allowed if the access authorization is designated as valid by reference to the positive/negative list or the whitelist (when the controller or the device is disconnected from the server)). As the user updating the whitelist through the controller does not require a connection to the server and the benefit argued previously was to allow authentication while offline, Lang teaches adding entries to the operating list in the event of a disconnection. 

	References Jeran and Lang are considered to be analogous art because they relate to access control systems for devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the anti-cloning system of Jeran with the whitelist of Lang in order to gain the benefit of an offline mode of verifying identity in a way which is scalable and flexible. 

	Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Jeran/Lang, and further in view of Balasubramanian et al. (U.S. Pub. No. 2009/0245176 A1) hereinafter referred to as “Balasubramanian”.

	The combination of Jeran/Lang discloses Claim 7.
	Lang further discloses the following limitation:
	wherein the controller processor is configured to: determine that there is no connection between the controller and the server (Par. [0015], The recorded data of the access authorization are stored intermediately for a subsequent evaluation in the access control device and loaded onto the server when remaking the online connection). Reference Lang teaches different authentication methods depending on whether there is a connection to a server or not. Since the system of Lang must choose an authentication scheme, the system of Lang teaches determining a lack of connection between the controller and server.
	(taught by Balasubramanian below)
	(taught by Balasubramanian below)
	(taught by Balasubramanian below)

	Balasubramanian discloses the following limitations not taught by the combination of Jeran/Lang:
	determine a duration of time since the operating list was checked against the consumed devices list (Par. [0146], time duration can be determined from a timer initialized upon entry of the access point in the black list (determine a duration of time since the operating list was checked against the consumed devices list)). The combination of references Jeran/Lang does not disclose a time threshold. Reference Balasubramanian however discloses time expiration of blacklists and whitelists. Here, Balasubramanian discloses determining the time duration since an entry is populated in a blacklist, but this action is also understood to be done for whitelists as well (Par. [0096], the list maintainer 308 can leverage the list entry timer 310 to remove list entries. In this regard, after a period of time, entries can be removed from the blacklist and/or whitelist such that the communications apparatus 300 re-evaluates the access point or group of access points corresponding to the entry). The whitelist of Lang updates, which includes adding entries, by checking against the consumed devices list of Jeran in the combination of Lang/Jeran. Therefore, reference Balasubramanian teaches calculating a duration of time since the operating list was checked against the consumed devices list, since the addition of entries to the whitelist suggests an update/check. Furthermore, Balasubramanian teaches a time duration calculated using the difference between Tnow and Tlast (Par. [0094], Tnow is the current time, Tlast is the last time of encounter by the communications apparatus). Balasubramanian teaches that this deletion has the advantage of keeping the entries in the whitelist up to date (Par. [0094], the lists can have maximum sizes such that the list maintainer 308 can insert entries into the list and expunge some list entries to make room for new entries where necessary (e.g., in view of the maximum size)). 
	prevent use of the first embedded device when the duration of time is greater than or equal to a threshold amount of time (Par. [0146], a deletion threshold can be compared to the time duration to determine when to delete the access point from the list, as described). References Jeran and Lang were combined in a manner such that a whitelist is used for authentication in the lack of a connection to the server. Reference Balasubramanian teaches that whitelist entries may be deleted in the event that the entry timer expires, i.e. the duration of time exceeds the threshold specified by the entry timer. Therefore, since the whitelist is responsible for authorizing devices, the removal of this entry teaches preventing use of the embedded device when the threshold is exceeded. 
(Par. [0082], whitelist of suitable access points (and allow use of the first embedded device); Par. [0146], a deletion threshold can be compared to the time duration to determine when to delete the access point from the list, as described (when the duration of time is less than the threshold amount of time)). Alternatively, the entry remains in the whitelist, so the device is allowed as according to the whitelist of Lang. 

	The combination of references Jeran/Lang and reference Balasubramanian are considered analogous art because they relate to the field of access control of devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the anti-cloning system of Jeran/Lang with the whitelist expiration of Balasubramanian in order to gain the benefit of keeping the whitelist up to date in light of size constraints of the whitelist.  

Related Art
	The following prior art made of record and cited on PTO-892, but not relied upon, is considered pertinent to applicant’s disclosure: 
Jeran et al. (U. S. Pub. No. 2016/0173284 A1) – Includes anti-cloning system which authenticates using remaining life value of the consumable product
NPL – “Multiple Printer Cartridge Systems” – Includes information regarding printers using multiple cartridges and replacing printer cartridges which is relevant to Claim 12 in the context of Jeran

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ETHAN V VO whose telephone number is (571)272-2505. The examiner can normally be reached M-F 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571)272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/E.V.V./Examiner, Art Unit 2431              
                                                                                                                                                                                          /LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431