Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


DETAILED ACTION
2.         This action is in response to the Amendment filed May 4, 2022.

3.         Claims 16 and 23 have been amended and claim 24 has been canceled.

4.         Claims 16-23, 25, and 26 have been examined and are pending with this action.


Response to Arguments
5.	Applicant's arguments with respect to the rejection of claims 16-26, previously rejected under 35 U.S.C. 103 as being unpatentable over Castine (US 2015/0229509) in view of Huang (US 2016/0044035), have been fully considered.
Applicant(s) argues that Huang fails to cure the deficiencies of Castine by failing disclose or suggest a “portable remote support device is configured to request unique secure tokens from the cloud service… ” (as newly amended and recited in claims 16 and 23).  Applicant further adds that Huang fails to disclose how the secure tunnel is established and thereby fails to disclose that the secure tunnel is established using a unique secure token as recited and fails to disclose that the token is used for establishing a secure connection between a portable remote support device and a remote computer, via a cloud service.  Although the examiner does not acquiesce to the applicant’s arguments, a new secondary reference, Huang (US 2019/0372960), has been cited to better teach the amended limitations.
For these reason above and the rejections set forth below, claims 16-23, 25, and 26 have been rejected and remain pending.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

6.	Claims 16-26 is/are rejected under 35 U.S.C. 103 as being unpatentable over Castine (US 2015/0229509) in view of Huang (US 2019/0372960).
As per claim 16, Castine teaches a portable remote support device comprising a processing unit (see Castine, [0007]: “The first network interface may be capable of connecting to the network without manual configuration. The network interface may be a wireless interface. The wireless interface may be a mobile data interface, and/or may be a 3G, 4G, LTE, EDGE, GPRS, EV-DO, UMTS, or Wi-Fi interface”; and [0012]: “In another aspect, provided is a method of providing (300) remote support comprising the steps of: providing (303) a network device comprising a processor, an interface for emulating a human interface device, a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device”), 
a video capturing unit (see Castine, [0011]: “The network device may further include a video camera (285)”; and [0012]: “a video input, a data storage for storing data from a target device or transferring data to the target device”), 
at least one video input port and at least one output port (see Castine, [0012]: “a video input,… connecting (306) the network device to a target device having a video output at a first location; connecting (309) the network device to a computer network; linking (312) said network device to a control interface at a second location; relaying (315) video data from the target device video output to the control interface”; and [0026]: “More specifically, target computer 110's mouse and keyboard are disconnected from target computer 110, and cables from interface 140 are connected to target computer 110's mouse and keyboard port. Ideally, the human interface device ports are all USB ports”), 
said processing unit being configured to communicate video signals received via the video input port to the service via the network communication unit (see Castine, [0012]: “a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device; connecting (306) the network device to a target device having a video output at a first location; connecting (309) the network device to a computer network; linking (312) said network device to a control interface at a second location; relaying (315) video data from the target device video output to the control interface; and relaying (318) human interface device commands from the control interface to the target device”), and 
said processing unit being configured to emulate pointing device signals and/or keyboard signals received via the network communication unit on said at least one output port (see Castine, [0003]: “Remote control devices and methods are generally known. Keyboard-Video-Mouse ("KVM") switches provide a way to provide a target computer system emulated keyboard and mouse signals while receiving a video signal from the target computer system”; [0006]: “The interface for emulating a human interface device may include emulation of a keyboard or pointing device”; and [0025]: “The interface for emulating a human interface device may be a USB port, PS/2 mouse or keyboard port, or other similar interface”).
Although Castine further teach a network communication unit configured to communicate with a service (see Castine, [0005]: “The first network interface may be connected to a network 120”; and [0032]: “Network devices 130 and 230 may be part of a remote computer repair service in which the network device is transported to the target computer's location in response to a service request”), Castine does not explicitly teach that the service is a cloud service.
Huang teaches a cloud service (see Huang, FIG. 5A).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the system of Castine in view of Huang so that the service is a cloud service.  One would be motivated to do so because the advantages of cloud computing are well-known, routine, and conventional.
Although Castine explicitly teaches a portable device remote support device and establishing connection between the remote support device and a remote computer (see Castine, FIG. 1), Castine does not explicitly teach a support device configured to request unique secure tokens from the cloud service, to receive, unique secure tokens from the cloud service and via the network communication unit, which have been generated by the cloud service in response to a request from the portable remote support device, and to establish a secure connection between the device and a remote computer, via the cloud service and using the unique secure token.
Huang teaches a support device configured to request unique secure tokens from the cloud service (see Huang, [0010]: “the internal cloud computing host platform may receive the domain pass-through authentication request”), to receive, unique secure tokens from the cloud service and via the network communication unit (see Huang, [0005]: “The internal cloud computing host platform may send, to the user device and while the second network connection is established, the secure token”), which have been generated by the cloud service in response to a request from the portable remote support device (see Huang, [0005]: “The internal cloud computing host platform may generate a secure token including the encrypted user identity, wherein generating the secure token comprises signing the secure token with a private key corresponding to the authentication agent”), and to establish a secure connection between the device and a remote computer, via the cloud service and using the unique secure token (see Huang, [0005]: “The internal cloud computing host platform may send, to the user device and while the second network connection is established, the secure token, wherein sending the secure token to the user device allows the user device to perform domain pass-through authentication with the external cloud computing platform and to access protected resources on the external cloud computing platform”).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the system of Castine in view of Huang by implementing wherein the portable remote support device is configured to request unique secure tokens from the cloud service, to receive, unique secure tokens from the cloud service and via the network communication unit, unique secure tokens which have been generated by the cloud service in response to a request from the portable remote support device, and to establish a secure connection between the remote support device and a remote computer, via the cloud service and using the unique secure token.  One would be motivated to do so because employment of tokens for secure communications is well-known, routine, and conventional.
As per claim 17, which depends on claim 16, Castine further teaches wherein the portable remote support device further comprises a display adapted to display a status of the remote support device (see Castine, [0028]: “The video display signal generated by target computer 110 is then received over video port 134. This video signal is transmitted by network device 130 over network interface 170 to control interface 127. A user at control interface 127 views the video display signal generated by target computer 110”).
As per claim 18, which depends on claim 17, Castine does not explicitly teach wherein the display is further adapted to display unique secure tokens.
Huang teach wherein the display is further adapted to display unique secure tokens (see Huang, [0041]: “The server 206, in some embodiments, uses a remote presentation protocol or other program to send data to a thin-client or remote-display application executing on the client to present display output generated by an application executing on the server 206”).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the system of Castine in view of Huang so that the display is further adapted to display unique secure tokens.  One would be motivated to do so because such implementation provides the user/administrator with additional information.
As per claim 19, which depends on claim 16, Castine teaches further comprising a battery adapted for powering the remote support device in use for a predetermined duration (Inherency - Castine teaches a mobile computing device).
As per claim 20, which depends on claim 16, Although Castine explicitly teaches a portable device remote support device Castine does not explicitly teach a device adapted to connect to a virtual private network (VPN).
Huang teaches a device adapted to connect to a virtual private network (VPN) (see Huang, [0049]: “Physical devices 306 may include, for example, a network interface card, a video card, a keyboard, a mouse, an input device, a monitor, a display device, speakers, an optical drive, a storage device, a universal serial bus connection, a printer, a scanner, a network element (e.g., router, firewall, network address translator, load balancer, virtual private network (VPN) gateway, Dynamic Host Configuration Protocol (DHCP) router, etc.), or any device connected to or communicating with virtualization server 301”).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the system of Castine in view of Huang so that the portable remote support device is adapted to connect to a virtual private network (VPN).  One would be motivated to do so because VPN’s are one known method of securing connections.
As per claim 21, which depends on claim 16, Castine further teaches wherein the network communication unit is adapted to provide a network connection via satellite and/or via a mobile network (see Castine, [0007]: “The first network interface may be capable of connecting to the network without manual configuration. The network interface may be a wireless interface. The wireless interface may be a mobile data interface, and/or may be a 3G, 4G, LTE, EDGE, GPRS, EV-DO, UMTS, or Wi-Fi interface”).
As per claim 22, which depends on claim 16, Castine teaches further comprising a serial port for connecting to equipment via a serial console (see Castine, [0025]: “The interface for emulating a human interface device may be a USB port, PS/2 mouse or keyboard port, or other similar interface”).
As per claim 23, Castine teaches a method for remote supporting computer equipment, the method comprising the steps of: 
providing a portable remote support device (see Castine, [0007]: “The first network interface may be capable of connecting to the network without manual configuration. The network interface may be a wireless interface. The wireless interface may be a mobile data interface, and/or may be a 3G, 4G, LTE, EDGE, GPRS, EV-DO, UMTS, or Wi-Fi interface”; and [0012]: “In another aspect, provided is a method of providing (300) remote support comprising the steps of: providing (303) a network device comprising a processor, an interface for emulating a human interface device, a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device”) comprising: 
a processing unit (see Castine, [0012]: “In another aspect, provided is a method of providing (300) remote support comprising the steps of: providing (303) a network device comprising a processor, an interface for emulating a human interface device, a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device”); 
a video capturing unit (see Castine, [0011]: “The network device may further include a video camera (285)”; and [0012]: “a video input, a data storage for storing data from a target device or transferring data to the target device”); 
at least one video input port and at least one output port (see Castine, [0012]: “a video input,… connecting (306) the network device to a target device having a video output at a first location; connecting (309) the network device to a computer network; linking (312) said network device to a control interface at a second location; relaying (315) video data from the target device video output to the control interface”; and [0026]: “More specifically, target computer 110's mouse and keyboard are disconnected from target computer 110, and cables from interface 140 are connected to target computer 110's mouse and keyboard port. Ideally, the human interface device ports are all USB ports”); 
said processing unit being configured to communicate video signals received via the video input port to the service via the network communication unit (see Castine, [0012]: “a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device; connecting (306) the network device to a target device having a video output at a first location; connecting (309) the network device to a computer network; linking (312) said network device to a control interface at a second location; relaying (315) video data from the target device video output to the control interface; and relaying (318) human interface device commands from the control interface to the target device”); and 
said processing unit being configured to emulate pointing device signals and/or keyboard signals received via the network communication unit on said at least one output port (see Castine, [0003]: “Remote control devices and methods are generally known. Keyboard-Video-Mouse ("KVM") switches provide a way to provide a target computer system emulated keyboard and mouse signals while receiving a video signal from the target computer system”; [0006]: “The interface for emulating a human interface device may include emulation of a keyboard or pointing device”; and [0025]: “The interface for emulating a human interface device may be a USB port, PS/2 mouse or keyboard port, or other similar interface”); and 
connecting the at least one output port of the remote support device to a pointing device input port and/or a keyboard input port of the computer equipment (see Castine, [0012]: “a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device; connecting (306) the network device to a target device having a video output at a first location; connecting (309) the network device to a computer network; linking (312) said network device to a control interface at a second location; relaying (315) video data from the target device video output to the control interface; and relaying (318) human interface device commands from the control interface to the target device”), 
connecting a video output port of the computer equipment to the video input port of the remote support device (see Castine, [0012]: “a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device; connecting (306) the network device to a target device having a video output at a first location; connecting (309) the network device to a computer network; linking (312) said network device to a control interface at a second location; relaying (315) video data from the target device video output to the control interface; and relaying (318) human interface device commands from the control interface to the target device”), 
connecting, by the network communication unit, the portable remote support device to a service (see Castine, [0005]: “The first network interface may be connected to a network 120”; and [0032]: “Network devices 130 and 230 may be part of a remote computer repair service in which the network device is transported to the target computer's location in response to a service request”), 
capturing by the video capturing unit of the portable remote support device a video output of the computer equipment and transmitting said captured video output to the remote computer via the established secure connection (see Castine, [0012]: “a video input, a data storage for storing data from a target device or transferring data to the target device, a first network interface, in which the network device is configured to provide control of the target device, through the interface for emulating a human interface device; connecting (306) the network device to a target device having a video output at a first location; connecting (309) the network device to a computer network; linking (312) said network device to a control interface at a second location; relaying (315) video data from the target device video output to the control interface; and relaying (318) human interface device commands from the control interface to the target device”), and 
emulating on the at least one output port of the portable remote support device pointing device movements and/or keyboard keystrokes, in response to input to the remote computer (see Castine, [0003]: “Remote control devices and methods are generally known. Keyboard-Video-Mouse ("KVM") switches provide a way to provide a target computer system emulated keyboard and mouse signals while receiving a video signal from the target computer system”; [0006]: “The interface for emulating a human interface device may include emulation of a keyboard or pointing device”; and [0025]: “The interface for emulating a human interface device may be a USB port, PS/2 mouse or keyboard port, or other similar interface”).
Although Castine further teach a network communication unit configured to communicate with a service (see Castine, [0005]: “The first network interface may be connected to a network 120”; and [0032]: “Network devices 130 and 230 may be part of a remote computer repair service in which the network device is transported to the target computer's location in response to a service request”), Castine does not explicitly teach that the service is a cloud service.
Huang teaches a cloud service (see Huang, FIG 5A).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the system of Castine in view of Huang so that the service is a cloud service.  One would be motivated to do so because the advantages of cloud computing are well-known, routine, and conventional.
Although Castine explicitly teaches a portable remote support device, Castine does not explicitly teach a device requesting a unique secure token from the cloud service (see Huang, [0010]: “the internal cloud computing host platform may receive the domain pass-through authentication request”), the cloud service generating a unique secure token in response to the request form the device (see Huang, [0005]: “The internal cloud computing host platform may generate a secure token including the encrypted user identity, wherein generating the secure token comprises signing the secure token with a private key corresponding to the authentication agent”), sharing the unique secure token among the portable remote support device and the cloud service by the cloud service communicating the generated unique secure token to the portable remote support device, via the network communication unit (see Huang, [0005]: “The internal cloud computing host platform may send, to the user device and while the second network connection is established, the secure token”), and establishing a secure connection between a remote computer and the portable remote support device, via the cloud service, using the unique secure token (see Huang, [0005]: “The internal cloud computing host platform may send, to the user device and while the second network connection is established, the secure token, wherein sending the secure token to the user device allows the user device to perform domain pass-through authentication with the external cloud computing platform and to access protected resources on the external cloud computing platform”). 
Huang teaches a device requesting a unique secure token from the cloud service, the cloud service generating a unique secure token in response to the request form the device, sharing the unique secure token among the portable remote support device and the cloud service by the cloud service communicating the generated unique secure token to the portable remote support device, via the network communication unit, and establishing a secure connection between a remote computer and the portable remote support device, via the cloud service, using the unique secure token.
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the system of Castine in view of Huang by implementing the portable remote support device requesting a unique secure token from the cloud service, the cloud service generating a unique secure token in response to the request from the portable remote support device, sharing the unique secure token among the portable remote support device and the cloud service by the cloud service communicating the generated unique secure token to the portable remote support device, via the network communication unit, establishing a secure connection between a remote computer and the portable remote support device, via the cloud service, using the unique secure token.  One would be motivated to do so because employment of tokens for secure communications is well-known, routine, and conventional.
As per claim 25, which depends on claim 23, Huang further teaches wherein the remote supporting device further comprises a display, and wherein the method further comprises the step of displaying the unique secure token on the display (see claim 18 rejection above).
As per claim 26, which depends on claim 23, Castine does not explicitly teach wherein a unique secure token is generated for each support session performed using the portable remote support device.
Huang teaches wherein a unique secure token is generated for each support session performed using the portable remote support device (see Huang, [0120]: “the internal cloud computing host platform 503 may generate a one-time use token”).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the system of Castine in view of Huang so that a unique secure token is generated for each support session performed using the portable remote support device.  One would be motivated to do so because employment of tokens for secure communications is well-known, routine, and conventional.


Conclusion
7.         For the reasons above, claims 16-23, 25, and 26 have been rejected and remain pending.

8.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

9.       Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL Y WON whose telephone number is (571)272-3993.  The examiner can normally be reached on Wk.1: M-F: 8-5 PST & Wk.2: M-Th: 8-7 PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  Please note, the examiner generally will not hold interviews after a Final Office Action has been issued.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on 571-272-7304.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


MICHAEL WON
Primary Examiner
Art Unit 2449



/Michael Won/
Primary Examiner, Art Unit 2449
May 12, 2022