Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/23/2022 has been entered.

Response to Arguments
3.       Claims 1-16 are allowed. 
4.       The following are Examiner’s statement of reason for allowance. The following prior arts were yielded during the examination of claim set filed on May 23, 2022 that have subsequently been amended in Examiner’s Amendments above in response to office action mailed on 01/31/2022. They do not explicitly teach the applicant’s claimed invention, in view of the amended claims, but are in general realm of Applicant’s field of endeavor. 

Lie et al. (Pub. No.: US 2016/0254918 A1) teaches Method for exchanging encrypted sensitive secrete credit card payment information e.g. encrypted account number, encrypted token and encrypted key, between electronic device and a card network TSP for payment transaction application. Uses include but are not limited to a desktop computer, mobile telephones, smartphones, a personal digital assistant (PDA), a laptop computer, a tablet computer, a wearable device and smart watch.

Bannister et al. (Pub. No.: US 2020/0236093 A1) disclosed embodiments disclose techniques for extracting encryption keys to enable monitoring services. During operation, an encrypted connection is detected on a computing device. A monitoring service harvests an encryption key for this encrypted connection from the memory of a computing device and then forwards the encryption key to an intercepting agent in an intermediate computing environment that intercepts encrypted traffic that is sent between the computing device and a remote service via the encrypted connection.

Sokolov (US Patent 8,843,750 B1) provide the security module intercepts an encrypted symmetric session key selected by the local application for use in the communications session, decrypts it using the private key generated for the CA, re-encrypts using the public key of the remote server in the received certificate, and transmits the re-encrypted symmetric session key to the remote server. The security module monitors subsequent message exchanges between the local application and the remote.

Gremaud et al. (US 2020/0344075 A1) provides a hardware security module communicatively coupled to a device for the provision of a symmetric key for protecting secret data for the device, the device being configured for executing applications using the secret data, the hardware security module comprising one or more processing modules configured to: verify a device public key of an asymmetric key pair associated with the device using first and/or second certificates of the asymmetric key pair for the respective device; receive a provisioning key from a secure source, the secure source being communicatively coupled with the device and the hardware module; and responsive to successful verification of the first and/or second certificates, transmit the provisioning key encrypted with the device public key to the device for decryption, wherein the provisioning key enables the device to use a first secret seed received from the secure source to generate the symmetric key with a second secret seed stored or generated by the device.

Grandcolas et al. (Pub. No.: US 2012/0072714 A1) discloses the symmetric key-encrypted user's credentials and public key-encrypted symmetric key and replay prevention ID can be sent to the application server from the user's browser via a portal application. In such alternative aspect, the portal application encrypts and digitally signs the symmetric key-encrypted user's credentials and the public key-encrypted symmetric key and replay prevention ID within a single sign-on token and sends the token to the application server, which decrypts the single sign-on token and verifies that the token was received from the portal application as a trusted source.

However, none of the prior arts of record, either alone or in combination, discloses all the limitations of the independent claims 1 and 12 including at-least “… sending a device public key to the application owner, the device public key corresponding to a device private key stored on and specific to the remote device; after sending the device public key to the application owner, receiving an encrypted application key for an application associated with the application owner, the encrypted application key being encrypted with the device public key; and after receiving the encrypted application key, processing the received encrypted application key with a symmetric device key, wherein the symmetric device key is specific to and stored on the remote device”, as recited claim 1, “… the device public key corresponding to a device private key stored on and specific to the device; sending an encrypted application key associated with an application, the encrypted application key being encrypted with the device public key, to the key management system; receiving the sent encrypted application key from the key management system, wherein the sent encrypted application key has been processed by the key management system with a symmetric device key and includes an addition of, or an association with an application policy and identifier of the respective application by the key management system, wherein the symmetric signature device key is specific to and stored on the remote device; and sending the received processed encrypted application key to the remote device for installation”, as recited in claim 6 and “… a memory storing a private device key of a device public and private key pair and a symmetric device key; a communication interface to receive an encrypted application key of an application; and a processor configured to: receive the encrypted application key, process the received encrypted application key using the symmetric device key, and decrypt the processed encrypted application key using the private device key”, as recited in claim 8.
Therefore, the independent claims are allowable over the prior arts of record. The dependent claims are allowable by virtue of their dependence on the independent claims. 
Any comments considered necessary by Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.” One hundred 

Conclusion
5.       Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABIY GETACHEW whose telephone number is (571)272-6932. The examiner can normally be reached Mon.-Fri. 9:00 AM - 5:30 PM.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
A.G.
June 4, 2022
/ABIY GETACHEW/          Primary Examiner, Art Unit 2434