DETAILED ACTION
Examiner's Note:  The Examiner has pointed out particular references contained in the prior art of record within the body of this action for the convenience of the Applicant.  Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply.  Applicant, in preparing the response, should consider fully the entire reference as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s remarks filed on 04/21/2022 have been fully considered. 
Regarding claim[s] 26 – 49 under the anticipatory rejections, applicant’s remarks are not persuasive, therefore, see the examiner’s response to such remarks in the office action below. 
The examiner will answer all other remarks that do not concern the prior art rejections, if any, in the office action below. 
Applicant states on page[s] 9 of the remarks as filed: “(Figure 8, annotations added). This configuration is not disclosed or suggested by the cited Selander reference (the OSCORE draft IETF specification).

First, the Office Action is in error by alleging that the Selander teaches the use of two
OSCORE message instances, distinctly recited in the independent claims as “OSCORE message” and “OSCORE tunnel message”. The cited portion of Page 30, section 8.2 of Selander discusses encoding the OSCORE payload of a COSE object in a single message. There are not two messages involved in this section, and in fact, only a message in singular tense is mentioned: “The payload of the OSCORE message SHALL encode the ciphertext of the COSE object” (emphasis added).”

	In response the examiner isn’t persuaded, the examiner points to the prior art of Selander. Specifically, at Selander, page[s] 30, section 8.2 – Encoding of the OSCORE message Payload, the payload of the OSCORE message [i.e. applicant’s first OSCORE message] shall encode the ciphertext of the COSE object. Then at page 4, see figure 1, OSCORE request [i.e. applicant’s 2nd OSCORE message - OSCORE tunnel message]. 
	Putting it all together, the OSCORE request message encapsulates the OSCORE message, the OSCORE message payload is encoded with the cipher text of the COSE object, thus arriving applicant’s claimed invention as identified above by applicant. 
	***The examiner’s response above applies to the same or similar remarks made on page[s] 8, 9 of the remarks as filed. 

Applicant states on page[s] 9 and 10 of the remarks as filed: “Second, the Office Action is in error by alleging that Selander teaches the use of “tunneled communication.” In fact, Section 11 of Selander (Page 36) discusses some of the security considerations involved with the use of OSCORE, and noting that even though (D)TLS and OSCORE can be combined, “(D)TLS only protects data hop-by-hop. As a consequence, the intermediary nodes can read and modify information.” Further, Section 11 of Selander acknowledges that this approach may provide security to the payload, but not to the message header or metadata:

(D)TLS and OSCORE can be combined, thereby enabling end-to-end security of the message payload, in combination with hop-by-hop protection of the entire message, during transport between end-point and intermediary node. The message layer, however, cannot be protected end-to-end through intermediary devices since, even if the protocol itself isn’t translated, the parameters Type, Message ID, Token, and Token Length may be changed by a proxy (emphasis added). 

In contrast, the claimed use of a separate OSCORE tunnel message to encrypt the
entirety of another OSCORE message (e.g., shown in Figure 8), and the communication of this message in an end-to-end tunneled communication, allows the entirety of the original OSCORE message (including its headers) to be protected and remain confidential. This security benefit is discussed in paragraphs [0023] of the originally filed specification, explaining that “The advantage of an OSCORE tunnel versus OSCORE, by itself, is found in the end-to-end protection of the payload message. Further, the message routing headers are encapsulated as part of the tunnel payload to mitigate traffic analysis attacks by intermediaries.”

	In response the examiner isn’t persuaded, the examiner points to the prior art of Selander. Specifically, at page[s] 4, lines 5 – 7, OSCORE builds on CBOR object and encryption COSE [RFC 8152], providing end-to-end encryption [i.e. applicant’s “tunneled communication.”], integrity, replay protection and secure message binding].  
Where at page[s] 4, lines 24 – 26, and page[s] 5, lines 1 – 2, OSCORE can be combined with transport layer security………during transport between end-point and intermediary node.
	Also, see page 7, figure # 3, common – sender/recipient – client and common – recipient/sender – server.
Further in response to applicant's argument that the references fail to show certain features of applicant’s invention, it is noted that the features upon which applicant relies (i.e.,…… Further, the message routing headers are encapsulated as part of the tunnel payload to mitigate traffic analysis attacks by intermediaries.”) are not recited clearly in the rejected claim(s).  Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims.  See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
***The examiner’s response above applies to the same or similar remarks made on page[s] 9, 10 of the remarks as filed. 

Response to Amendment
Status of the instant application:
Claim[s] 26 – 49 are pending in the instant application. 
Regarding claim[s] 26 – 49 under the anticipatory rejections, applicant’s claim amendments have been considered and are not persuasive. The examiner has addressed such claim amendments in the office action below. 
Claim Interpretation – 35 USC 112th 6th or F
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that use the word “means” or “step” but are nonetheless not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph because the claim limitation(s) recite(s) sufficient structure, materials, or acts to entirely perform the recited function.  
Such claim limitation(s) is/are: 
As per claim 26. A device, comprising:
communications circuitry;
processing circuitry; and
a memory device including instructions embodied thereon, wherein the instructions, which when executed by the processing circuitry, configure the processing circuitry “to perform operations comprising:
receiving, via the communications circuitry, an OSCORE (Object Security for Constrained RESTful Environments) message, wherein the OSCORE message
includes an encrypted COSE (Concise Binary Object Representation (CBOR)
Object Signing and Encryption) object payload; 
inserting the OSCORE message into an OSCORE tunnel message, wherein the OSCORE tunnel message is used to implement an end-to-end tunneled communication between the device and a destination device, wherein the OSCORE tunnel message is structured to include the OSCORE message within an envelope encrypted COSE object payload of the OSCORE tunnel message; and
transmitting, via the communications circuitry, the OSCORE tunnel
message to the destination device, the transmitting to provide the OSCORE message in the envelope encrypted COSE object payload of the OSCORE tunnel message.”
Because this/these claim limitation(s) is/are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are not being interpreted to cover only the corresponding structure, material, or acts described in the specification as performing the claimed function, and equivalents thereof.
If applicant intends to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to remove the structure, materials, or acts that performs the claimed function; or (2) present a sufficient showing that the claim limitation(s) does/do not recite sufficient structure, materials, or acts to perform the claimed function.
Appropriate action required. 
***The examiner notes to the applicant the following: Terms that represent only non-structural elements such as information, data or instructions [i.e. program or software instructions/commands..etc.], and software per se., would not serve as substitutes for “means,” because the terms do not serve as placeholders for structure or material. 
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 26 – 49 is/are rejected under 35 U.S.C. 102[a1] as being taught by [Applicant provided non – patent literature reference [NPL]]: Selander et al.: “Object Security for Constrained RESTful Environments (OSCORE)” [October 25, 2017], hereinafter Selander. 
As per claim 26.  Selander does teach a device [Selander, page[s] 1, section 1 – introduction, lines 28 – 31, constrained nodes, and page[s] 1, section #1 – introduction, lines 12 – 16, proxies/intermediaries], comprising: 
communications circuitry [Selander, page[s] 5, 1 – introduction, lines 1, data transport between end-points and intermediary nodes]; 
processing circuitry [Selander, page[s] 6, section 3.1 – Security context definition, lines 5 – 9 and page[s] 7, section 3.1 – Security context definition, lines 7 - 11, endpoints and clients and servers need to be able to retrieve/derive and use the correct security context to protect and verify messages]; and 
a memory device including instructions embodied thereon, wherein the instructions, which when executed by the processing circuitry [Selander, page[s] 4, section 1 – introduction, lines 22 – 26, memory requirements], configure the processing circuitry to perform operations comprising: 
receiving, via the communications circuitry, an OSCORE (Object Security for Constrained RESTful Environments) message, wherein the OSCORE message includes an encrypted COSE (Concise Binary Object Representation (CBOR) Object Signing and Encryption) object payload [Selander, page[s] 25, section 7.1 – Protecting the request, step #4, encrypting the COSE object using the sender key. Then compress the COSE object as specified in section 8]; 
inserting the OSCORE message into an OSCORE tunnel message, wherein the OSCORE tunnel message is used to implement an end-to-end [Selander, page[s] 4, lines 5 – 7, OSCORE builds on CBOR object and encryption COSE [RFC 8152], providing end-to-end encryption, integrity, replay protection and secure message binding] tunneled communication between the device and a destination device [page[s] 4, lines 24 – 26, and page[s] 5, lines 1 – 2, OSCORE can be combined with transport layer security………during transport between end-point and intermediary node], wherein the OSCORE tunnel message is structured to include the OSCORE message within an envelope encrypted COSE object payload of the OSCORE tunnel message [Selander, page[s] 30, section 8.2 – Encoding of the OSCORE message Payload, the payload of the OSCORE message [i.e. applicant’s OSCORE message] shall encode the ciphertext of the COSE object. Then at page 4, see figure 1, OSCORE request [i.e. applicant’s OSCORE tunnel message]]; and 
transmitting, via the communications circuitry, the OSCORE tunnel message to the destination device, the transmitting to provide the OSCORE message in the envelope encrypted COSE object payload [Selander, page[s] 12, section 4 – protected message fields, lines 3 – 4, The sending endpoint shall transfer Class E message fields in the ciphertext of the COSE object in the OSCORE message.] of the OSCORE tunnel message [page 4, see figure 1, OSCORE request [i.e. applicant’s OSCORE tunnel message]. Also, see page 7, figure # 3, common – sender/recipient – client and common – recipient/sender - server].
As per claim 27. Selander does teach the device of claim 26, wherein the OSCORE tunnel message is transmitted to the destination device using the tunneled communication over a network, and wherein the tunneled communication is provided via one or more intermediate devices [Selander, page[s] 4, section 4.2.3.1 – Max-age, lines 6 – 7, thru oscore unaware intermediary nodes to an endpoint [i.e. applicant’s destination device – intermediate devices]].
As per claim 28. Selander does teach the device of claim 27, wherein the device is a first proxy device, and wherein the destination device is a second proxy device [Selander, page[s] 5, section 1 – introduction, lines 5 – 9, CoAP-to CoAP forward proxies, HTTP [i.e. applicant’s device – first proxy device]-to-CoAP proxies [i.e. applicant’s destination device – second proxy device]].
As per claim 29. Selander, does teach the device of claim 26, the operations further comprising: translating the OSCORE message from a first format to a second format, wherein the first format is one of a HyperText Transport Protocol (HTTP) message format or a Constrained Application Protocol (COAP) message format, and the second format is the other of the HTTP message format or the COAP message format [Selander, page[s] 11, section 4 – Protected message fields, lines 7 – 15]; wherein 
the encrypted COSE object payload is included in the OSCORE message [Selander, page[s] 30, section 8.2 – Encoding of the OSCORE Payload, the payload of the oscore message shall encode the ciphertext of the COSE object] as provided in the one of the HTTP message format or the COAP message format used for the OSCORE message prior to the translating [Selander, page[s] 3, section 1 – introduction, lines 28 – 31, OSCORE messaging can be used anywhere CoAP or HTTP can be used].
As per claim 30. Selander, does teach the device of claim 26, wherein the encrypted COSE object payload comprises a COSE object including end-to-end headers and a CBOR object, and wherein the CBOR object is encrypted [Selander, page[s] 4, section 1 – introduction, lines 5 – 7, OSCORE builds on CBOR object Signing and Encryption [COSE], providing end-to-end encryption, integrity, replay protection, and secure message binding].
As per claim 31. Selander, does teach the device of claim 26, wherein the OSCORE message comprises one of: an OSCORE HyperText Transport Protocol (HTTP) message comprising a HTTP request, hop-by-hop headers, and the encrypted COSE object payload; or 
an OSCORE Constrained Application Protocol (COAP) message comprising a COAP header, hop-by-hop options, and the encrypted COSE object payload [Selander, page[s] 4, see Figure # 1, and section 1 – introduction, lines 24 – 26, OSCORE can be combined with transport layer security such as DTLS or TLS, thereby enabling end-to-end security, i.e. CoAP payload, options, code in combination with hop-by-hop protection of the Messaging layer].
As per claim 32. Selander, does teach the device of claim 26, wherein the envelope encrypted COSE object payload is decrypted into the OSCORE message upon being received at the destination device [Selander, page[s] 28, section 7.4 – verifying the response, step #7, decrypting the COSE object using the recipient key of the recipient end-point].
As per claim 33. Selander, does teach the device of claim 26, wherein the OSCORE message comprises a RESTful communication message provided between: the device operating as one of a client or a server, and the destination device operating as the other of the client or the server [Selander, page[s] 6, section 3 – The security context, lines 1 – 4, clients and server establish a shared security context for protecting messages between the clients [i.e. applicant’s the device] and servers [i.e. applicant’s server]. Also see figure # 3 on page[s] 7].
As per method claim[s] 34 that includes the same or similar claim limitations as device claim # 26, and is similarly rejected. 

As per method claim[s] 35 that includes the same or similar claim limitations as device claim # 27, and is similarly rejected.

As per method claim[s] 36 that includes the same or similar claim limitations as device claim # 28, and is similarly rejected.

As per method claim[s] 37 that includes the same or similar claim limitations as device claim # 29, and is similarly rejected.

As per method claim[s] 38 that includes the same or similar claim limitations as device claim # 30, and is similarly rejected.

As per method claim[s] 39 that includes the same or similar claim limitations as device claim # 31, and is similarly rejected.

As per method claim[s] 40 that includes the same or similar claim limitations as device claim # 32, and is similarly rejected.

As per method claim[s] 41 that includes the same or similar claim limitations as device claim # 33, and is similarly rejected.

As per non – transitory machine – readable storage medium claim[s] 42 that includes the same or similar claim limitations as device claim[s] 26, and is similarly rejected. 
***The examiner notes that the recited “non-transitory machine-readable storage medium including instructions,” is taught by the prior art of OSCORE, at page[s] 1, section 1 – introduction, lines 28 – 31, one of ordinary skilled in the art would know that a node and server would have a general purpose processor and memory mediums for at least the functioning/operation of itself in the prior art.  
As per non – transitory machine – readable storage medium claim[s] 43 that includes the same or similar claim limitations as device claim[s] 27, and is similarly rejected.

As per non – transitory machine – readable storage medium claim[s] 44 that includes the same or similar claim limitations as device claim[s] 28, and is similarly rejected.

As per non – transitory machine – readable storage medium claim[s] 45 that includes the same or similar claim limitations as device claim[s] 29, and is similarly rejected.

As per non – transitory machine – readable storage medium claim[s] 46 that includes the same or similar claim limitations as device claim[s] 30, and is similarly rejected.

As per non – transitory machine – readable storage medium claim[s] 47 that includes the same or similar claim limitations as device claim[s] 31, and is similarly rejected.

As per non – transitory machine – readable storage medium claim[s] 48 that includes the same or similar claim limitations as device claim[s] 32, and is similarly rejected.

As per non – transitory machine – readable storage medium claim[s] 49 that includes the same or similar claim limitations as device claim[s] 33, and is similarly rejected.
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/          Primary Examiner, Art Unit 2434