DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 03/08/2022.
In the instant Amendment, claims 1, 11 and 21 have been amended. Claims 5-8 and 19 have been cancelled without prejudice.
Claims 1, 11 and 21 are independent claims.  
Claims 1-4, 9-18 and 20-25 have been examined and are pending. 
This Action is made FINAL.

	
Response to Arguments

Applicants’ arguments with respect to claims 1-4, 9-18 and 20-25 have been considered but are moot in view of the new ground(s) of rejection.  

The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (313) 446-6644 to schedule an interview.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-2, 4, 9, 11-12, 14, 16-17 and 20-25 are rejected under 35 U.S.C. 103 as being patentable over Mao et al. (“Mao,” US 20130007442, 01/03/2013) in view of Yeager et al. (“Yeager,” US 20030028585, published on 02/06/2003) and further in view of Smetters et al. ("Smetters," US 20050100166, published on 05/12/2005)

Regarding Claim 1;

Mao discloses an apparatus comprising: 
a plurality of processing devices arranged as a trust family (Mao: par 0031; fig. 1; a plurality of peer nodes on the overlay network to communicate with each other; par 0032; peer nodes can include any device adapted to communicate via the peer-to-peer overlay network),
each processing device storing authentication information comprising an internal token value and a single external token value corresponding to a single one of the other processing devices in the trust family (Mao: par 0033; figs. 2 and 4A; each peer node obtains a node certificate; par 0029; assign a peer-specific certificate to each group member; par 0047; send the respective peer-specific group certificate to each member peer node); 
the internal token value comprising a unique identification (ID) value associated with the corresponding processing device (Mao: par 0033; each peer node obtains a node certificate; par 0035; the node certificate includes the peer identity (Peer ID) for the peer node), 
the external token value comprising a unique ID value for the single one of the other processing devices in the trust family (Mao: par 0047; the peer-specific group certificate can include peer node A's identity Peer-A ID, and the receiving peer node's identity Peer-B ID);  
a host controller circuit coupled to each of the plurality of processing devices via an associated network interface (Mao: par 0031; figs. 1; a plurality of peer nodes on the overlay network to communicate with each other; par 0029; a group administrator, which may be the peer node created the group), 
the host controller circuit configured to distribute the respective external token values to the respective processing devices and to subsequently authenticate the processing devices in the trust family are present by providing a set of queries to the processing devices and receiving a set of responses from the processing devices via the associated network interface, the set of responses generated using the external token values stored by the respective processing devices (Mao: figs. 1 and 4B; par 0029; assign a peer-specific certificate to each group member; par 0047; send the respective peer-specific group certificate to each member peer node; par 0050; the validating peer node C can send a random challenge to the group member peer node B. Using its private key, the group member peer node B can sign the random challenge and send the signed random challenge to the validating peer node C. The validating peer node C can then use the peer-specific public key included in the peer-specific group certificate to validate the signed response; par 0054; If the validating peer node C successfully verifies that the group member peer node B is the rightful owner of the peer specific group certificate and that the certificate was rightfully issued by the group administrator peer node A, then the group member peer node B's group membership is verified, and the validating peer node C can grant access to the requested data object).
Mao discloses authenticate the processing devices in the trust family; the set of responses generated using the external token values stored by the respective processing devices as recited above, but do not explicitly disclose authenticate all of the processing devices; each external token value being different for each processing device; processing devices to account for all of the external token values. 
However, in an analogous art, Yeager discloses distributed trust system/method that includes:
authenticate all of the processing devices (Yeager: par 0110; unique peer identities may be established to enable authentication and the assignment of the peers' associated access policies within a peer group, e.g., authentication and authorization);
each external token value being different for each processing device (Yeager: par 0146; a peer A obtain a peer B's certificate and a peer C's certificate from a peer D. If peer A gives peer D a peer confidence .sub. recommender value of 2.5, and the certificate confidence values of peer B and peer C on peer D are 2.6 and 3.0 respectively);
processing devices to account for all of the external token values (Yeager: par 0146; a peer A obtain a peer B's certificate and a peer C's certificate from a peer D. If peer A gives peer D a peer confidence .sub. recommender value of 2.5, and the certificate confidence values of peer B and peer C on peer D are 2.6 and 3.0 respectively, then: cosigner peer confidence peer d = 2.6 + 3.0 2 = 2.8);
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Yeager with the method/system of Mao to include authenticate all of the processing devices; each external token value being different for each processing device; processing devices to account for all of the external token values. One would have been motivated to implement trust relationships between and among nodes on a network and to implement trust relationships (Yeager: abstract).
The combination of Mao and Yeager disclose each node certificate can include the node's identity and/or a user identity as recited above, but do not explicitly disclose token value comprising a unique identification value.
However, in an analogous art, Smetters discloses authenticating communications system/method that includes:
token value comprising a unique identification value (Smetters: par 0113; the location-limited physical token, and is stored by the current participant in the current participant's communication device. The current participant then generates a new secret value, which is stored in the current participant's communication device in association with the pre-authentication information the current participant has copied from the location-limited physical token channel). 
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smetters with the method/system of Mao and Yeager to include token value comprising a unique identification value. One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 2; 
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 1,
Mao discloses wherein the host controller circuit authenticates the trust family by generating a first query of the set of queries using a selected one of the external token values, forwarding the first query to each of the processing devices, and evaluating a corresponding response from each of the processing devices generated using the external token value stored by the associated processing device (Mao: par 0050; figs. 4B and 5B; the validating peer node C can send a random challenge to the group member peer node B. Using its private key, the group member peer node B can sign the random challenge and send the signed random challenge to the validating peer node C. The validating peer node C can then use the peer-specific public key included in the peer-specific group certificate to validate the signed response; par 0054; If the validating peer node C successfully verifies that the group member peer node B is the rightful owner of the peer specific group certificate and that the certificate was rightfully issued by the group administrator peer node A, then the group member peer node B's group membership is verified, and the validating peer node C can grant access to the requested data object).

Regarding Claim 4; 
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 2, 
Mao further discloses wherein the first query comprises a challenge value, each of the processing devices performs a cryptographic function to combine the challenge value with the external token value stored by the associated processing device to generate an output value and provides a response to the host controller circuit comprising the output value (Mao: par 0047; figs. 1 and 4B; the group administrator peer node can generate a peer-specific group certificate for each member of the group, and can send the respective peer-specific group certificate to each member peer node; par 0050; the validating peer node C can send a random challenge to the group member peer node B. Using its private key, the group member peer node B can sign the random challenge and send the signed random challenge to the validating peer node C. The validating peer node C can then use the peer-specific public key included in the peer-specific group certificate to validate the signed response; par 0054; If the validating peer node C successfully verifies that the group member peer node B is the rightful owner of the peer specific group certificate and that the certificate was rightfully issued by the group administrator peer node A, then the group member peer node B's group membership is verified, and the validating peer node C can grant access to the requested data object), and wherein the host controller circuit evaluates each of the output values received from the processing device (Mao: par 0066; If the validating peer node successfully verifies that the group member peer node B is the rightful owner of the peer specific ode certificate (New Node Cert-B) and that the certificate was rightfully issued by the trusted authority, then the group member peer node B's group membership is verified, and the  validating peer node C can grant access to the requested data object).  

Regarding Claim 9; 
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 1, 
Smetters discloses wherein the processing devices comprise data storage devices each having a data storage device controller circuit and a non-volatile memory (NVM) to store user data supplied by the host device (Smetters: par 0123; figs. 9 and 10; a communication device that can be used to set up secure communications in a network medium that is usable as either of the first or second devices. The communication device may be a personal computer […] the processor may be a microprocessor […] the memory includes non-volatile memory).
One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 11; 
Mao discloses a method comprising: 
forming a trust family comprising a plurality of processing devices coupled to a host controller circuit via a network interface by generating an internal token value for each processing device and distributing, by the host controller circuit via the network interface (Mao: par 0031; fig. 1; a plurality of peer nodes on the overlay network to communicate with each other; par 0032; peer nodes can include any device adapted to communicate via the peer-to-peer overlay network; par 0033; each peer node obtains a node certificate. Each node certificate can include the respective peer node's identity and/or a user identity; par 0057; the peer node B can obtain a node certificate Node Cert-B; par 0047; the group administrator peer node can generate a peer-specific group certificate for each member of the group, and can send the respective peer-specific group certificate to each member peer node [] the peer-specific group certificate can include peer node A's identity Peer-A ID, and the receiving peer node's identity Peer-B ID [] peer node B can receive and store the peer-specific group certificate),
the internal token values as external token values among the respective processing devices so that each of the processing devices stores less than all of the external token values among the plurality of processing devices (Mao: par 0033; figs. 2 and 4A; each peer node obtains a node certificate; par 0029; assign a peer-specific certificate to each group member; par 0047; send the respective peer-specific group certificate to each member peer node); and
authenticating the trust family as being complete via a determination that all of the processing devices are present by using the host controller circuit to issue a series of queries to the respective processing devices regarding the external token values stored thereby and to receive a corresponding series of responses from the respective processing devices to account for each of the external token values in turn (Mao: figs. 1 and 4B; par 0029; assign a peer-specific certificate to each group member; par 0047; send the respective peer-specific group certificate to each member peer node; par 0050; the validating peer node C can send a random challenge to the group member peer node B. Using its private key, the group member peer node B can sign the random challenge and send the signed random challenge to the validating peer node C. The validating peer node C can then use the peer-specific public key included in the peer-specific group certificate to validate the signed response; par 0054; If the validating peer node C successfully verifies that the group member peer node B is the rightful owner of the peer specific group certificate and that the certificate was rightfully issued by the group administrator peer node A, then the group member peer node B's group membership is verified, and the validating peer node C can grant access to the requested data object).
Mao discloses authenticating the trust family as recited above, but do not explicitly disclose being complete via a determination that all of the processing devices are present; match the external token values to the respective processing devices.
However, in an analogous art, Yeager discloses distributed trust system/method that includes:
being complete via a determination that all of the processing devices are present (Yeager: par 0052; each peer belong to one or more peer groups. Each peer group formed or joined based upon a particular area of interest, which may be represented by a particular keyword […] determine peer confidences relative to the area of interest for the providing peers using the codat confidences in codat relevant to the area of interest received from the peers; par 0110; unique peer identities may be established to enable authentication and the assignment of the peers' associated access policies within a peer group, e.g., authentication and authorization);
match the external token values to the respective processing devices (Yeager: par 0123; for a peer group, a peer may include one or more tables for matches to the keyword "signed certificates").
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Yeager with the method/system of Mao to include being complete via a determination that all of the processing devices are present; match the external token values to the respective processing devices. One would have been motivated to implement trust relationships between and among nodes on a network and to implement trust relationships (Yeager: abstract).
The combination of Mao and Yeager disclose certificate as recited above, but do not explicitly disclose token. 
However, in an analogous art, Smetters discloses authenticating communications system/method that includes:
token value (Smetters: par 0113; the location-limited physical token, and is stored by the current participant in the current participant's communication device. The current participant then generates a new secret value, which is stored in the current participant's communication device in association with the pre-authentication information the current participant has copied from the location-limited physical token channel). 
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smetters with the method/system of Mao and Yeager to include token value. One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 12; 
The combination of Mao, Yeager and Smetters disclose the method of claim 11, 
Smetters further discloses wherein the host controller circuit generates a separate query for each of the external token values in turn and supplies each of the separate queries to each of the processing devices via the network interface (Smetters: par 0022; to establish secure communications between a group of participants loads the originator's pre-authentication information and the originator's location on the network or other device used to provide these secure communications onto the location-limited physical token channel; par 0100; where a group originator is selected from the participants in the group, the group originator collects pre authentication credential information, location information, secret information and/or signature information from the other participants in the group. the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group. the group originator and the other participants in the group are able to engage in point-to-point secure information exchanges as authorized group members), and wherein in response to each separate query the receiving processing device returns a value based on the associated internal token value associated with the receiving processing device and a single external token value for a different one of the processing devices stored by the receiving processing device (Smetters: par 0020; using location-limited channel physical token exchanges provides demonstrative identification when the physical tokens are exchanged between participants and inserted into a participating device; par 0022; copies the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre authentication information; par 0023; that participant then passes the location-limited physical token channel to the next participant. That next participant also copies the originator's pre-authentication information and location from the location-limited physical token channel onto that next participant's communication device and copies that next participant's pre-authentication information and location onto the location-limited physical token channel. The next participant then passes the location-limited physical token channel to yet another participant. This continues until the last participant passes the location-limited physical token channel back to the group originator). 
One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 14; 
The combination of Mao, Yeager and Smetters disclose the method of claim 11, 
Smetters further discloses wherein each processing device stores only a single external token value as the internal token value of just one other processing device within the trust family (Smetters: par 0020; using location-limited channel physical token exchanges provides demonstrative identification when the physical tokens are exchanged between participants and inserted into a participating device; par 0022; that participant connects the location-limited physical token channel to that participant's communication device and copies the originator's pre-authentication information and location onto that participant's communication device).
One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 16; 
The combination of Mao, Yeager and Smetters disclose the method of claim 11, 
Mao further discloses wherein the authenticating step establishes trust among the trust family without communications with a remote server via a network (Mao: par 0005; peer nodes typically make a portion of their resources, such as processing power, disk storage or network bandwidth, directly available to other network participants, without the need for central coordination by servers or stable hosts).

Regarding Claim 17; 
The combination of Mao, Yeager and Smetters disclose the method of claim 11, 
Smetters further discloses detecting a stranger device that does not belong to the trust family during the authenticating step (Smetters: par 0137; fig. 11; the point-to-point exchange protocol, the group originator arranges for further secure communication between members of the group; par 138; because the parties were not able to gain physical possession of the location-limited physical token channel, the group originator  does not recognize the parties as legitimate participants in the group communication), performing a separate authentication of the stranger device using a remote server to add the stranger device to the trust family (Smetters: par 0139; managing the joining and leaving of participants may be relatively easy. a joining participant uses the location-limited physical token channel to pre-authenticate itself to the group originator, and receives the group key over a secured wireless link from the group originator).
One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 20; 
The combination of Mao, Yeager and Smetters disclose the method of claim 11, 
Smetters further discloses wherein the processing devices comprise data storage devices each having a data storage device controller circuit and a non- volatile memory (NVM) to store user data supplied by the host device (Smetters: par 0123; fig. 9; a communication device that can be used to set up secure communications in a network medium that is usable as either of the first or second devices. The communication device may be a personal computer, a laptop computer [] the communication device includes a processor, a memory, and an input/output interface [] the memory may include volatile memory and/or non-volatile memory, including one or more of random access memory (RAM), read only memory (ROM), Flash memory, a soft or a hard disk drive, an optical disk drive and/or the like), and wherein each selected storage device further comprises a keystore that stores the internal token value associated with the selected data storage device and a single external token value associated with another selected data storage device within the trust family (Smetters: par 0022; fig.10; participant connects the location-limited physical token channel to that participant's communication device and copies the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre authentication information and the location of that participant's communication device on the network onto the location-limited physical token channel; par 0023; that participant then passes the location-limited physical token channel to the next participant. That next participant also copies the originator's pre-authentication information [] this continues until the last participant passes the location-limited physical token channel back to the group originator; par 0085; large storage capability of these location-limited physical token channels and their widespread compatibility with conventional data processing devices makes such location-limited physical token channels useful for exchanging pre-authentication information and/or location information).  
One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).
  
Regarding Claim 21;
Mao discloses an apparatus comprising: 
a plurality of processing devices arranged as a trust family (Mao: par 0031; fig. 1; a plurality of peer nodes on the overlay network to communicate with each other; par 0032; peer nodes can include any device adapted to communicate via the peer-to-peer overlay network), 
each processing device storing an internal token value comprising a unique identification (ID) value associated with the corresponding processing device, each processing device further storing an external token value comprising the ID value corresponding to at least one of the other processing devices in the trust family (Mao: par 0033; figs. 2 and 4A; each peer node obtains a node certificate. Each node certificate can include the respective peer node's identity and/or a user identity; par 0057; the peer node B can obtain a node certificate Node Cert-B; par 0047; the group administrator peer node can generate a peer-specific group certificate for each member of the group, and can send the respective peer-specific group certificate to each member peer node [] the peer-specific group certificate can include peer node A's identity Peer-A ID, and the receiving peer node's identity Peer-B ID [] peer node B can receive and store the peer-specific group certificate),
each processing device storing a different combination of the same number of external token values from among the plurality of processing devices (Mao: par 0057; the peer node B can obtain a node certificate Node Cert-B; par 0047; the group administrator peer node can generate a peer-specific group certificate for each member of the group, and can send the respective peer-specific group certificate to each member peer node [] peer node B can receive and store the peer-specific group certificate); and 
a host controller circuit coupled to each of the plurality of processing devices via a network interface (Mao: par 0031; figs. 1; a plurality of peer nodes on the overlay network to communicate with each other; par 0029; a group administrator, which may be the peer node created the group), 
the host controller circuit configured to assign and transfer the external token values to the respective processing devices and to subsequently authenticate the trust family as complete by accounting for each of the external token values from among the processing devices by providing a set of queries to the processing devices via the network interface and receiving a set of responses from the processing devices via the network interface, the set of responses generated using the external token values stored by the respective processing devices (Mao: par 0047; figs. 1 and 4B; the group administrator peer node can generate a peer-specific group certificate for each member of the group, and can send the respective peer-specific group certificate to each member peer node; par 0050; the validating peer node C can send a random challenge to the group member peer node B. Using its private key, the group member peer node B can sign the random challenge and send the signed random challenge to the validating peer node C. The validating peer node C can then use the peer-specific public key included in the peer-specific group certificate to validate the signed response; par 0054; If the validating peer node C successfully verifies that the group member peer node B is the rightful owner of the peer specific group certificate and that the certificate was rightfully issued by the group administrator peer node A, then the group member peer node B's group membership is verified, and the validating peer node C can grant access to the requested data object).
Mao discloses to subsequently authenticate the trust family as recited above, but do not explicitly disclose as complete by accounting for each of the external token values from among the processing devices. 
However, in an analogous art, Yeager discloses distributed trust system/method that includes:
as complete by accounting for each of the external token values from among the processing devices (Yeager: par 0110; unique peer identities may be established to enable authentication and the assignment of the peers; par 0146; a peer A obtain a peer B's certificate and a peer C's certificate from a peer D. If peer A gives peer D a peer confidence .sub. recommender value of 2.5, and the certificate confidence values of peer B and peer C on peer D are 2.6 and 3.0 respectively, then: cosigner peer confidence peer d = 2.6 + 3.0 2 = 2.8). 
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Yeager with the method/system of Mao to include as complete by accounting for each of the external token values from among the processing devices. One would have been motivated to implement trust relationships between and among nodes on a network and to implement trust relationships (Yeager: abstract).
The combination of Mao and Yeager disclose each node certificate can include the node's identity and/or a user identity as recited above, but do not explicitly disclose token value comprising a unique identification value.
However, in an analogous art, Smetters discloses authenticating communications system/method that includes:
token value comprising a unique identification value (Smetters: par 0113; the location-limited physical token, and is stored by the current participant in the current participant's communication device. The current participant then generates a new secret value, which is stored in the current participant's communication device in association with the pre-authentication information the current participant has copied from the location-limited physical token channel). 
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smetters with the method/system of Mao and Yeager to include token value comprising a unique identification value. One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 22; 
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 21, 
Mao discloses wherein each of the processing devices stores less than the total number of available external token values available from among the plurality of processing devices (Mao: par 0033; figs. 2 and 4A; each peer node obtains a node certificate; par 0029; assign a peer-specific certificate to each group member; par 0047; send the respective peer-specific group certificate to each member peer node);

Regarding Claim 23; 
The combination of Mao, Yeager and Everhart disclose the apparatus of claim 21, 
Mao further discloses wherein each of the processing devices stores exactly one external token value from one other of the processing devices in the trust family (Mao: par 0057; the peer node B can obtain a node certificate Node Cert-B; par 0047; the group administrator peer node can generate a peer-specific group certificate for each member of the group, and can send the respective peer-specific group certificate to each member peer node [] peer node B can receive and store the peer-specific group certificate).  

Regarding Claim 24; 	
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 21, 
Smetters discloses wherein the external token values are assigned using a circular association among the plurality of processing devices (Smetters: par 0113; fig. 10; the location-limited physical token, and is stored by the current participant in the current participant's communication device. The current participant then generates a new secret value, which is stored in the current participant's communication device in association with the pre-authentication information the current participant has copied from the location-limited physical token channel; par 0132; one participant acts as the group originator. The first participant to copy pre-authentication information and/or location information onto the location-limited physical token channel becomes the group originator. The group originator then passes the location-limited physical token channel to a first one of various legitimate participants). 
One would have been motivated to copy the originator's pre-authentication information and location onto that participant's communication device. That participant then adds that participant's own pre-authentication information and network location onto the location-limited physical token channel (Smetters: abstract).

Regarding Claim 25; 
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 21, 
Mao further discloses wherein all members of the trust family are determined to be authentic and present by the host controller circuit responsive to receipt of responses from all of the processing devices generated responsive to the respective external tokens stored by each of the processing devices (Mao: par 0050; figs. 4B and 5B; the validating peer node C can send a random challenge to the group member peer node B. Using its private key, the group member peer node B can sign the random challenge and send the signed random challenge to the validating peer node C. The validating peer node C can then use the peer-specific public key included in the peer-specific group certificate to validate the signed response; par 0054; If the validating peer node C successfully verifies that the group member peer node B is the rightful owner of the peer specific group certificate and that the certificate was rightfully issued by the group administrator peer node A, then the group member peer node B's group membership is verified, and the validating peer node C can grant access to the requested data object).

Claims 3 and 13 are rejected under 35 U.S.C. 103 as being patentable over Mao et al. (US 20130007442) in view of Yeager et al. (US 20030028585) and Smetters et al. (US 20050100166) and further in view of Tharappel et al. (“Tharappel,” US 20150186636, published 07/02/2015)
Regarding Claim 3; 
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 2,
 The combination of Mao and Yeager disclose all the limitations as recited above, but do not explicitly disclose wherein the first query comprises a copy of the selected external token value, each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation.  
However, in an analogous art, Tharappel discloses authentication across a trust group system/method that includes:
wherein the first query comprises a copy of the selected external token value, each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation (Tharappel: par 0077; where the wearable device receives biometric input data. a determination is made as to whether a biometric authentication has been successful. Generally, a comparison may be made between the biometric input data and biometric credentials previously enrolled on wearable device. If the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated. Otherwise, the biometric authentication fails; par 0078; if the biometric authentication is not successful, appropriate action may be taken. For example, an authentication result (e.g., `failed`) may be sent to the smart device to which it is currently connected).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tharappel with the method/system of Mao, Yeager and Smetters to include wherein the first query comprises a copy of the selected external token value, each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation. One would have been motivated to determine whether the smart device is included in a trust group of one or more smart devices, and send a communication to unlock the smart device when the input data is successfully authenticated and when the trust group includes the smart device (Tharappel: abstract).

Regarding Claim13; 
The combination of Mao, Yeager and Smetters disclose the method of claim 11, 
Smetters further discloses wherein the query comprises a copy of a selected external token value (Smetters: par 0100; figs.3 and 4; the group originator distributes the collected pre-authentication credential information, as well as any other information collected from each participant, to each other participant to enable point-to-point secure communications between the participants of the group). 
Smetters discloses all the limitations as recited above, but do not explicitly disclose each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation.
However, in an analogous art, Tharappel discloses authentication across a trust group system/method that includes:
each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation (Tharappel: par 0077; where the wearable device receives biometric input data. a determination is made as to whether a biometric authentication has been successful. Generally, a comparison may be made between the biometric input data and biometric credentials previously enrolled on wearable device. If the biometric input data corresponds to the biometric credentials, then the biometric input data is authenticated. Otherwise, the biometric authentication fails; par 0078; if the biometric authentication is not successful, appropriate action may be taken. For example, an authentication result (e.g., `failed`) may be sent to the smart device to which it is currently connected).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Tharappel with the method/system of Mao, Yeage and Smetters to include each of the processing devices performs a comparison operation to compare the copy of the selected external token value received from the host controller circuit to the external token value stored by the associated processing device and provides a response to the host controller circuit comprising a result of the comparison operation. One would have been motivated to determine whether the smart device is included in a trust group of one or more smart devices, and send a communication to unlock the smart device when the input data is successfully authenticated and when the trust group includes the smart device (Tharappel: abstract).

Claim 10 is rejected under 35 U.S.C. 103 as being patentable over Mao et al. (US 20130007442) in view of Yeager et al. (US 20030028585) and Smetters et al. (US 20050100166) and further in view of Struik et al. (“Struik,” US 20030235309, published on 12/25/2003)

Regarding Claim 10; 
The combination of Mao, Yeager and Smetters disclose the apparatus of claim 1, 
The combination of Mao, Yeager and Smetters all the limitations as recited above, but do not explicitly disclose wherein the trust family comprises a first trust family, the apparatus comprising a plurality of additional trust families nominally identical to the first trust family, and wherein the apparatus further comprises a top level controller circuit that authenticates each of the first trust family and the additional trust families first trust family and the additional trust families.  
However, in an analogous art, Struik discloses local area network system/method that includes:
 wherein the trust family comprises a first trust family (Struik: par 0045; fig. 2; if the device A only trusts devices A, B, C then TrustSet(A):=[A, B, C] that is Group 1), the apparatus comprising a plurality of additional trust families nominally identical to the first trust family (Struik: par 0045; fig. 3; if device A desires to communicate to Group 2 members, the device A generates a new group key to form a new group, Group 3, and device A distributes this new group key to the members of Group 2', that is device D. Therefore, the groups then under the control of the security manager of device A will then be Group 1, Group 2, as mentioned above, and Group 3), and wherein the apparatus further comprises a top level controller circuit that authenticates each of the first trust family and the additional trust families first trust family and the additional trust families (Struik: par 0045; figs. 1 and 3; if device A desires to communicate to Group 2 members, the device A generates a new group key to form a new group, Group 3, and device A distributes this new group key to the members of Group 2', that is device D. Therefore, the groups then under the control of the security manager of device A will then be Group 1, Group 2, as mentioned above, and Group 3).
 Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Struik with the method/system of Mao, Yeager and Smetters to include wherein the trust family comprises a first trust family, the apparatus comprising a plurality of additional trust families nominally identical to the first trust family, and wherein the apparatus further comprises a top level controller circuit that authenticates each of the first trust family and the additional trust families first trust family and the additional trust families.  One would have been motivated to a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network (Struik: abstract).
Claim 15 is rejected under 35 U.S.C. 103 as being patentable over Mao et al. (US 20130007442) in view of Yeager et al. (US 20030028585) and Smetters et al. (US 20050100166) and further in view of Zhao et al. (“Zhao,” US 20170289943, published on 10/05/2017)
Regarding Claim 15; 
The combination of Mao, Yeager and Smetters disclose the method of claim 14, 
The combination of Mao, Yeager and Smetters disclose all the limitations as recited above, but do not explicitly disclose wherein the external token values are assigned among the processing devices within the trust family on a random basis.  
However, in an analogous art, Zhao discloses devices in secure domain group system/method that includes:
wherein the external token values are assigned among the processing devices within the trust family on a random basis (Zhao: par 0063; fig. 1A; generates a randomly generated nonce r, and a fresh random key material to be used for E's limited-use credentials. DR creates a token a for E that encrypts k1 with protocol session data and current timestamp as authenticated tag, using ek, the key derived from K.sub.RE and protocol instance data, including identities and random number).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Zhao with the method/system of Mao, Yeager and Smetters to include wherein the external token values are assigned among the processing devices within the trust family on a random basis. One would have been motivated to enrollment request is sent to a delegated registrar device to initiate a trust-establishment procedure with the DR device to establish initial connectivity and an initial symmetric key to be shared between the DR and the endpoint device (Zhao: abstract).

Claim 18 is rejected under 35 U.S.C. 103 as being patentable over Mao et al. (US 20130007442) in view of Yeager et al. (US 20030028585) and Smetters et al. (US 20050100166) and further in view of Bhaya et al. (“Bhaya,” US 20180247654, filed on 04/30/2018)

Regarding Claim 18;
The combination of Mao, Yeager and Smetters disclose the method of claim 11, 
The combination of Mao, Yeager and Smetters disclose all the limitations as recited above, but do not explicitly disclose applying a selected hash function to a unique identification (ID) value associated with the each processing device to form the associated internal token value.  
However, in an analogous art, Bhaya discloses device identifier system/method that includes:
applying a selected hash function to a unique identification (ID) value associated with the each processing device to form the associated internal token value (Bhaya: par 0018; the data processing system can generate virtual identifiers (or virtual tokens), representing the client computing device; par 0068; the virtual identifier can include a combination of various data associated with the client computing device. For example, the virtual identifier can include a hash function of one or more of a device ID).
 Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Bhaya with the method/system of Smetters, Yeager and Tharappel to include wherein the internal token value for each selected 5processing device comprises applying a selected hash function to a unique identification (ID) value associated with the selected processing device. One would have been motivated to include the link generation component to generate, a virtual identifier for the client device and link the virtual identifier to the device identifier (Bhaya: par 0003).



Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAO WANG whose telephone number is (313)446-6644.  The examiner can normally be reached on Monday-Friday 7:30-4:30PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham  can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/C.W./Examiner, Art Unit 2439                                                                                                                                                                                                        

/JAHANGIR KABIR/Primary Examiner, Art Unit 2439