DETAILED ACTION

                                                Acknowledgements
This Office Action is in response to Applicant’s response/application filed on 03/25/2022.
The Examiner notes that citations to United States Patent Application Publication paragraphs are formatted as [####], #### representing the paragraph number.

                                     Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

                                                 Status of Claims
Claims 1, 9, and 17 have been amended.
No claims have been added or canceled.
Claims 1-20 are currently pending and have been examined.





                                   Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows:
1.	Determining the scope and contents of the prior art.
2.	Ascertaining the differences between the prior art and the claims at issue.
3.	Resolving the level of ordinary skill in the pertinent art.
4.	Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Dykeman (US 20130174223), in view of Huang (US 20150135274).
Regarding claim(s) 1, 9, and 17, Dykeman discloses:
          a processor; and 
          a memory comprising instructions stored thereon, which when executed by the processor,
           a non-transitory computer-readable storage medium is provided including instructions that, when executed by a processor, causes the processor to perform a method for geographically local license sharing, comprising:
           transmitting, from a media server, a shared secret to a licensed client, the licensed client broadcasting a wireless signal comprising a unique identifier associated with the licensed client (By disclosing, “A user device may periodically obtain access right information from a web server to enable access to a content asset” ([0012] of Dykeman); the access right includes “User profile information section 1110 may be used to identify the user. Section 1110 may include descriptive information 1120 about a user such as user ID number, name, gender, and age. The user ID number may be a unique number assigned to identify a user” ([0174], and Fig. 11 of Dykeman); and “Second control circuitry of the second user device may detect the first user device and in response, receive the temporary access right from the first user device and retrieve the recorded content asset from the web server” which infers that the first user device broadcasting a wireless signal so the second user device can detect the first user device ([0101] of Dykeman)) (Note: the “access right” in the prior art can be the “shared secret” of the claim. The “user ID” in the prior art can be the “unique identifier” of the claim); 
           wherein the licensed client comprises a verified device logged into by a user based on user credentials (This limitation has no patentable weight because 
it is nonfunctional descriptive material and are not functionally involved in the steps recited. The “transmitting” step would be performed the same regardless of whether the licensed client comprises a verified device logged into by a user based on user credentials. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994).  However, for purposes of compact prosecution, the examiner provides Achyuth (US 20200314167) which teaches this limitation in paragraph [0067], [0068], and [0072]. The Examiner suggests the Applicant to rewrite the limitation into a positive way to gain patentable weight.);
           receiving, at the media server, an access token and the unique identifier of the licensed client from an unlicensed client, the access token and the unique identifier received by the unlicensed client from the licensed client based on a proximity of the unlicensed client to the licensed client (By disclosing, “Second control circuitry of the second user device may detect the first user device and in response, receive the temporary access right from the first user device and retrieve the recorded content asset from the web server” ([0101] of Dykeman); “in order to access an encrypted content asset, processing circuitry 306 of a media equipment device may transmit an access right to a web server 430” ([0107] of Dykeman); “A DRM system may enable a user to temporarily assign or exchange a digital access right with another user within a physical or virtual proximity” ([0103] and Fig. 7 of Dykeman); and “User profile information section 1110 may be used to identify the user. Section 1110 may include descriptive information 1120 about a user such as user ID number, name, gender, and age. The user ID number may be a unique number assigned to identify a user” ([0174], and Fig. 11 of Dykeman)) (Note: the “temporary access right” in the prior art can be the “access token” of the claim); 
           wherein the unlicensed client comprises unverified devices not logged into by the user (This limitation has no patentable weight because 
it is nonfunctional descriptive material and are not functionally involved in the steps recited. The “receiving” step would be performed the same regardless of whether the unlicensed client comprises unverified devices logged into by the user. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994).  However, for purposes of compact prosecution, the examiner provides Achyuth (US 20200314167) which teaches this limitation in paragraph [0067], [0068], and [0072]. The Examiner suggests the Applicant to rewrite the limitation into a positive way to gain patentable weight.);
           validating, by the media server, the access token based on the unique identifier (By disclosing, “Second control circuitry of the second user device may detect the first user device and in response, receive the temporary access right from the first user device and retrieve the recorded content asset from the web server” ([0101] of Dykeman); “in order to access an encrypted content asset, processing circuitry 306 of a media equipment device may transmit an access right to a web server 430. At the web server, processing circuitry 306 may receive the transmitted access right and compare with a database of users and access rights stored in storage 308. In response to determining that the user corresponding to the transmitted access right is authorized to access the broadcast content asset, processing circuitry 306 of the web server 430 may transmit an encryption key to the media equipment device to enable the media equipment device to decrypt the encrypted content asset” ([0107] of Dykeman); “an access right may be required to view a content asset shown in the grid of FIG. 2. For example, a subscription is often required to view an on-demand asset 114” ([0042] of Dykeman); and “Subscription information may include an ID number of the user, an account number with a service provider, a duration of the subscription, and a hash code. The ID number may be used to verify the identity of the user” ([0108] of Dykeman)); and 
           enabling the unlicensed client to access media content of the media server upon validation of the access token (By disclosing, “Second control circuitry of the second user device may detect the first user device and in response, receive the temporary access right from the first user device and retrieve the recorded content asset from the web server” ([0101] of Dykeman); “in order to access an encrypted content asset, processing circuitry 306 of a media equipment device may transmit an access right to a web server 430. At the web server, processing circuitry 306 may receive the transmitted access right and compare with a database of users and access rights stored in storage 308. In response to determining that the user corresponding to the transmitted access right is authorized to access the broadcast content asset, processing circuitry 306 of the web server 430 may transmit an encryption key to the media equipment device to enable the media equipment device to decrypt the encrypted content asset” ([0107] of Dykeman)).  
           Dykeman does not expressly disclose:
          validating the access token based on the shared secret with the licensed client.
           However, Huang teaches:
           validating the access token based on the shared secret with the licensed client (By disclosing, “In 110, the server pre-allocates an exchange code [(shared secret)] in advance for a first client device” ([0019] of Huang); “The message requesting data exchange processing (the data exchange request) includes …, an authorization code [(access token)] created by the second user based on the exchange code transmitted by the first user's device, etc” ([0041] of Huang);
and “In 140, the server compares the authorization code in the received message requesting a data exchange submitted by the second user with the exchange code pre-allocated to the one or more first users having a location within the certain range of the second user location, and verifies validity of the authorization code matched with the exchange code” ([0058] and Fig. 1 of Huang)).
           Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of validating, by the media server, the access token based on the unique identifier, in view of Huang to include techniques of validating, by the media server, the access token based on the unique identifier and the shared secret with the licensed client.  Doing so would result in an improved invention because this would allow the server to ensure the access token received from the unlicensed client corresponds to the shared secret transmitted to the licensed client, such that the unlicensed client can access the available contents of the licensed client, thus improving the accuracy of the claimed invention.

Regarding claim(s) 2, 10, and 18, Dykeman discloses:
          wherein the shared secret comprises an encrypted key (By disclosing, “The digital access right may include metadata, an encryption key…” ([0106] of Dykeman)).  


Regarding claim(s) 3, 11, and 19, Dykeman discloses:
          wherein the wireless signal comprises a Bluetooth signal (By disclosing, “Detecting circuitry 307, by using wireless detection techniques, may also be capable of detecting and/or identifying a user or users based on recognition and/or identification of a user device (e.g., a mobile device, such as an RFID device or mobile phone). Detecting circuitry 307 may recognize and identify such a device using any suitable means, for example, radio-frequency identification, Bluetooth…” ([0059], Fig. 3 of Dykeman)).  

Regarding claim(s) 4 and 12, Dykeman discloses:
         receiving the access token based on a configured timeout (By disclosing, “A temporary access right that has been temporarily assigned, transferred or exchanged from a first user to a second user may include temporary duration information” ([0177] of Dykeman); and “Temporary duration information may include a timestamp, datestamp or time duration. The timestamp and/or datestamp may indicate when the temporary access right may expire” ([0178] of Dykeman)).  

Regarding claim(s) 5 and 13, Dykeman does not disclose:
          wherein the access token is encrypted based on the shared secret.
          However, Huang teaches:
          wherein the access token is encrypted based on the shared secret (By disclosing, “For example, the second user directly takes the exchange code transmitted by the first user's device as an authorization code, creates the authorization code by employing another predetermined rule such as encrypting/decoding the exchange code, or adding another identifier to exchange code” ([0042] of Huang)).
         Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Dykeman in view of Huang to include techniques of wherein the access token is encrypted based on the shared secret. Doing so would result in an improved invention because this would leverage the advantages of encryption (e.g. higher security, cost efficient, etc.). 

Regarding claim(s) 6 and 14, Dykeman discloses:
          wherein the access token allows access to encrypted payloads of premium content (By disclosing, “Second control circuitry of the second user device may detect the first user device and in response, receive the temporary access right from the first user device and retrieve the recorded content asset from the web server” ([0101] of Dykeman); and “In some implementations, a content asset requiring authorization from a content provider may restrict access to the content asset by, for example, encrypting the content asset. For example, in order to access an encrypted content asset, processing circuitry 306 of a media equipment device may transmit an access right to a web server 430. At the web server, processing circuitry 306 may receive the transmitted access right and compare with a database of users and access rights stored in storage 308. In response to determining that the user corresponding to the transmitted access right is authorized to access the broadcast content asset, processing circuitry 306 of the web server 430 may transmit an encryption key to the media equipment device to enable the media equipment device to decrypt the encrypted content asset” ([0107] of Dykeman)).  

Regarding claim(s) 7 and 15, Dykeman does not disclose:
          decrypting the access token to confirm the shared secret with the licensed client.
          However, Huang teaches:
          decrypting the access token to confirm the shared secret with the licensed client (By disclosing, “For example, the second user directly takes the exchange code transmitted by the first user's device as an authorization code, creates the authorization code by employing another predetermined rule such as encrypting/decoding the exchange code, or adding another identifier to exchange code. For example, an app on the first user's device encrypts the exchange code, and the server decrypts the encrypted exchange code” ([0042] of Huang)).
            Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Dykeman in view of Huang to include techniques of decrypting the access token to confirm the shared secret with the licensed client. Doing so would result in an improved invention because this would leverage the advantages of encryption (e.g. higher security, cost efficient, etc.).

Regarding claim(s) 8, 16, and 20, Dykeman does not disclose:
          wherein the access token comprises a one time passcode (OTP) or a JSON Web Token (JWT).  
           However, Huang teaches:
           wherein the access token comprises a one time passcode (OTP) or a JSON Web Token (JWT) (By disclosing, “As soon as the second user takes the obtained exchange code and transmits the exchange code as an authorization code to the server” which infers that the exchange code and the authorization code can be the same ([0070] of Huang); and “In some embodiments, the exchange code is a one-time password”  ([0021] of Huang)).  
             Therefore, it would have been obvious to one of ordinary skill in the art at the effective filing date of the present application to modify the method of Dykeman in view of Huang to include techniques of wherein the access token comprises a one time passcode (OTP). Doing so would result in an improved invention because this would leverage the advantages of using one-time password (e.g. safe from replay attacks, etc.).

Response to Arguments
Applicant' s arguments with respect to the 35 U.S.C. § 103 rejection have been fully considered but they are not persuasive. 
          The Applicant argues that the added limitations are discloses by the presented prior art. The Examiner, respectfully disagrees. The Examiner notes that the limitation “wherein the licensed client comprises a verified device logged into by a user based on user credentials” has no patentable weight because 
it is nonfunctional descriptive material and are not functionally involved in the steps recited. The “transmitting” step would be performed the same regardless of whether the licensed client comprises a verified device logged into by a user based on user credentials. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994).  Similarly, the limitation “wherein the unlicensed client comprises unverified devices not logged into by the user” has no patentable weight because it is nonfunctional descriptive material and are not functionally involved in the steps recited. The “receiving” step would be performed the same regardless of whether the unlicensed client comprises unverified devices not logged into by the user. Thus, this descriptive material will not distinguish the claimed invention from the prior art in terms of patentability, see In re Gulack, 703 F.2d 1381, 1385, 217 USPQ 401, 404 (Fed. Cir. 1983); In re Lowry, 32 F.3d 1579, 32 USPQ2d 1031 (Fed. Cir. 1994).  Therefore, the 35 U.S.C. § 103 rejection will be maintained. (However, for purposes of compact prosecution, the examiner provides Achyuth (US 20200314167) which teaches these limitations in paragraph [0067], [0068], and [0072].)



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 20200304307 to Fujimaki for disclosing a token management apparatus includes a reception unit that receives, from a first user who has an access token for accessing a service providing server that provides a service, a permission condition for permitting a second user for a conditional use of an access token of the first user, the second user being differential from the first user and not having the access token; and an issuance unit that issues a conditional access token that permits the conditional use of the service within a range of the permission condition, to the second user in a case where the second user requests the conditional use of the access token of the first user, and the request for the conditional use satisfies the permission condition.
US 20170279798 to Reynolds for disclosing authorizing a client device to access a secure resource hosted on a web server, the present methods and systems may provide executable instructions including a challenge token to the client device, which, in turn, may cause the client device to provide executable instructions, including the challenge token, to a mobile client device via a persona area network. The executable instructions provided to the mobile client device may request the mobile client device to return a verification token. The mobile client device may compare the provided challenge token to a challenge token stored locally. If the challenge tokens match, the mobile client device may provide a verification token to the client device via the personal area network, which may in turn provide the verification token to the web server. The web server may compare the verification token provided by the client device to a verification token provided by the present methods and systems. If the verification tokens match, the web server may authorize the access to the secure resource.
US 20200314167 to Achyuth for disclosing transmitting, from an authorized device of a logged-in client, a token to an unauthorized device of an unlogged-in client to allow the unauthorized client to access a file from a storage control server. 

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUAN ZHANG whose telephone number is (571)272-4642. The examiner can normally be reached Mon - Fri 10 AM-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel can be reached on 5712701492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DUAN ZHANG/Examiner, Art Unit 3685                                                                                                                                                                                                        
/NEHA PATEL/Supervisory Patent Examiner, Art Unit 3685