DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Claims 1-22 are currently pending. Claims 1-13 and 15-20 are currently amended. Claims 21-22 are newly added.
Applicant’s amendments to the claims will overcome each and every claim objection and 101 rejection previously set forth in the Non-Final Office Action mailed 12/24/2021.
Response to Arguments
Applicant’s arguments with respect to claim(s) 1, 8 and 15 have been considered but are moot in view of new ground of rejection.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 4, 8-9, 11, 15-16 and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over REDDY et al. (US Pub No. 2018/0234388) in view of Medvinsky et al. (US Patent No. 8,364,964).
Regarding independent claim 1, Reddy teaches an apparatus comprising: a network interface; a circuitry configured to configured to: establish a first network connection with a first network device via the network interface (Reddy, page 5, paragraphs 0054-0055 and page 4, paragraph 0050; proxy device send client hello message to server device [root network); establish a second network connection with a second network device via the network interface (Reddy, page 5, paragraphs 0054-0052 and page 4, paragraph 0050; client device send hello message to proxy device); negotiate master & session keys (Reddy, page 5, paragraphs 0054-0060 and page 4, paragraphs 0050-0051); perform at least one of a first encryption operation or a first decryption operation using the first security key (Reddy, page 5, paragraphs 0059-0061 and page 2 paragraph 0027);  and perform at least one of a second encryption operation or a second decryption operation using the second security key (Reddy, page 2 paragraph 0027). 
Reddy does not explicitly teach receive a first public key from the first network device via the first network; generate a first security key based on the first public key and a private key; receive a second public key from the second network device via the second network connection; generate a second security key based on the second public key and the private key of the apparatus.
Medvinsky teaches receive a first public key from the first network device via the first network (Medvinsky, column 5, lines 18-18-20; receive public key of client devices); generate a first security key based on the first public key and a private key (Medvinsky, column 5, lines 33-335; unique symmetric key for client device based on public key of client device and private key of server); receive a second public key from the second network device via the second network connection (Medvinsky, column 5, lines 18-18-20; receive public key of client devices); generate a second security key based on the second public key and the private key of the apparatus (Medvinsky, column 5, lines 33-335; unique symmetric key for client device based on public key of client device and private key of server).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Medvinsky to use public keys of a client and a server private key to generate unique keys to provide the advantage of improving key generating (Medvinsky, column 5, lines 56-65). 
Regarding claim 2, Reddy in view of Medvinsky teaches the apparatus wherein: the circuitry is configured to execute the set of instructions to:  Application No.: 16/730,485 receive a first encrypted link layer frame encapsulating a first message from the first network device via the first network connection (Reddy, page 4, paragraph 0050, page 2, paragraph 0027 and page 8, paragraph 0094; encrypted traffic sent via secure session with client device and proxy device); extract the first message by decrypting the first encrypted link layer frame using the first security key (Reddy, page 4, paragraph 0050, page 2, paragraph 0027 and page 8, paragraph 0094;  decrypt encrypted traffic sent via secure session with client device and proxy device); encapsulate a second message in a second link layer frame; generate a second encrypted link layer frameReddy, page 4, paragraph 0050, page 2, paragraph 0027; re-encrypt traffic); and transmit the second encrypted link layer frame encapsulating the second message to the first network device via  he first network connection (Reddy, page 4, paragraph 0050, page 2, paragraph 0027; forward re-encrypted traffic).
Regarding claim 4, Reddy in view of Medvinsky teaches each and every claim limitation of claim1, however, Medvinsky teaches the apparatus wherein the circuitry is configured to: generate a third public key from the private key and based on  an Elliptic Curve Diffie-Hellman key exchange algorithm; and Page 3 of 12Application No.: 16/730,485 transmit the third public key to the first and second network devices via the respective first and second network connections (Medvinsky, column 5, lines 56- column 6 , line 34 and column7, lines 23-41).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Medvinsky to use public keys of a client and a server private key to generate unique keys to provide the advantage of improving key generating (Medvinsky, column 5, lines 56-65).  
Regarding independent claim 8, Reddy teaches a method comprising: establishing a first network connection with a first network device (Reddy, page 5, paragraphs 0054-0055 and page 4, paragraph 0050; proxy device send client hello message to server device [root network); establishing a second network connection with a second network device (Reddy, page 5, paragraphs 0054-0052 and page 4, paragraph 0050; client device send hello message to proxy device); negotiate master & session keys (Reddy, page 5, paragraphs 0054-0060 and page 4, paragraphs 0050-0051); performing at least one of a first encryption operation or a first decryption operation using the first security key (Reddy, page 5, paragraphs 0059-0061 and page 2 paragraph 0027);  and performing at least one of a second encryption operation or a second decryption operation using the second security key (Reddy, page 2 paragraph 0027). 
Reddy does not explicitly teach receiving a first public key from the first network device via the first network; generating a first security key based on the first public key and a private key; receiving a second public key from the second network device via the second network connection; generating a second security key based on the second public key and the private key of the apparatus.
Medvinsky teaches receiving a first public key from the first network device via the first network (Medvinsky, column 5, lines 18-18-20; receive public key of client devices); generating a first security key based on the first public key and a private key (Medvinsky, column 5, lines 33-335; unique symmetric key for client device based on public key of client device and private key of server); receiving a second public key from the second network device via the second network connection (Medvinsky, column 5, lines 18-18-20; receive public key of client devices); generating a second security key based on the second public key and the private key of the apparatus; (Medvinsky, column 5, lines 33-335; unique symmetric key for client device based on public key of client device and private key of server).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Medvinsky to use public keys of a client and a server private key to generate unique keys to provide the advantage of improving key generating (Medvinsky, column 5, lines 56-65). 
Regarding claim 9, Reddy in view of Medvinsky teaches the method further comprising receiving a first encrypted link layer frame encapsulating a first message from the first network device via the first network connection (Reddy, page 4, paragraph 0050, page 2, paragraph 0027 and page 8, paragraph 0094; encrypted traffic sent via secure session with client device and proxy device); extracting the first message by decrypting the first encrypted link layer frame using the first security key (Reddy, page 4, paragraph 0050, page 2, paragraph 0027 and page 8, paragraph 0094;  decrypt encrypted traffic sent via secure session with client device and proxy device); encapsulating a second message in a second link layer frame; generating a second encrypted link layer frameReddy, page 4, paragraph 0050, page 2, paragraph 0027; re-encrypt traffic); and transmitting the second encrypted link layer frame encapsulating the second message to the first network device via  he first network connection (Reddy, page 4, paragraph 0050, page 2, paragraph 0027; forward re-encrypted traffic).
Regarding claim 11, Reddy in view of Medvinsky teaches each and every claim limitation of claim 8, however, Medvinsky teaches the method further comprising generating a third public key from the private key and based on  an Elliptic Curve Diffie-Hellman key exchange algorithm; and Page 3 of 12Application No.: 16/730,485 transmitting the third public key to the first and second network devices via the respective first and second network connections (Medvinsky, column 5, lines 56- column 6 , line 34 and column7, lines 23-41).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Medvinsky to use public keys of a client and a server private key to generate unique keys to provide the advantage of improving key generating (Medvinsky, column 5, lines 56-65). 
Regarding independent claim 15, Reddy teaches a non-transitory computer-readable medium storing instructions that, when executed by a processor, causes the processor to: establish a first network connection with a first network device (Reddy, page 5, paragraphs 0054-0055 and page 4, paragraph 0050; proxy device send client hello message to server device [root network); establish a second network connection with a second network device (Reddy, page 5, paragraphs 0054-0052 and page 4, paragraph 0050; client device send hello message to proxy device); negotiate master & session keys (Reddy, page 5, paragraphs 0054-0060 and page 4, paragraphs 0050-0051); perform at least one of a first encryption operation or a first decryption operation using the first security key (Reddy, page 5, paragraphs 0059-0061 and page 2 paragraph 0027);  and perform at least one of a second encryption operation or a second decryption operation using the second security key (Reddy, page 2 paragraph 0027). 
Reddy does not explicitly teach receive a first public key from the first network device via the first network; generate a first security key based on the first public key and a private key; receive a second public key from the second network device via the second network connection; generate a second security key based on the second public key and the private key of the apparatus.
Medvinsky teaches receive a first public key from the first network device via the first network (Medvinsky, column 5, lines 18-18-20; receive public key of client devices); generate a first security key based on the first public key and a private key (Medvinsky, column 5, lines 33-335; unique symmetric key for client device based on public key of client device and private key of server); receive a second public key from the second network device via the second network connection (Medvinsky, column 5, lines 18-18-20; receive public key of client devices); generate a second security key based on the second public key and the private key of the apparatus (Medvinsky, column 5, lines 33-335; unique symmetric key for client device based on public key of client device and private key of server).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Medvinsky to use public keys of a client and a server private key to generate unique keys to provide the advantage of improving key generating (Medvinsky, column 5, lines 56-65). 
Regarding claim 16, Reddy in view of Medvinsky teaches the non-transitory computer-readable medium , further comprising instructions that, when executed by the processor, causes the processor to: receive a first encrypted link layer frame encapsulating a first message from the first network device via the first network connection (Reddy, page 4, paragraph 0050, page 2, paragraph 0027 and page 8, paragraph 0094; encrypted traffic sent via secure session with client device and proxy device); extract the first message by decrypting the first encrypted link layer frame using the first security key (Reddy, page 4, paragraph 0050, page 2, paragraph 0027 and page 8, paragraph 0094;  decrypt encrypted traffic sent via secure session with client device and proxy device); encapsulate a second message in a second link layer frame; generate a second encrypted link layer frameReddy, page 4, paragraph 0050, page 2, paragraph 0027; re-encrypt traffic); and transmit the second encrypted link layer frame encapsulating the second message to the first network device via  he first network connection (Reddy, page 4, paragraph 0050, page 2, paragraph 0027; forward re-encrypted traffic).
Regarding claim 21, Reddy in view of Medvinsky teaches the apparatus wherein the first and second network connections are wireless direct network connections; Application No.: 16/730,485 wherein the network interface is a wireless network interface; and wherein the circuitry is configured to execute the set of instructions to establish the first and second network connections by a beacon via the wireless network interface (Reddy, page 5, paragraphs 0054-0060 and page 4, paragraphs 0050-0051).
Regarding claim 22, Reddy in view of Medvinsky teaches the apparatus wherein the beacon includes a parameter; and wherein the first and second public keys are generated based on the parameter (Reddy, page 5, paragraphs 0054-0060 and page 4, paragraphs 0050-0051).


Claims 5-7, 12-14 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over REDDY et al. (US Pub No. 2018/0234388) in view of Medvinsky et al. (US Patent No. 8,364,964), as applied to claims 1-2, 4, 8-9, 11, 15-16 and 21-22 above, and in further view of  Bagchi et al. (US Patent No. 8,811,188).
Regarding claim 5, Reddy in view of Medvinsky teaches each and every claim limitation of claim 1. 
Reddy in view of Medvinsky does not explicitly teach the apparatus wherein the first and second network connections are part of a multi-hop mesh network.
Bagchi teaches wherein the first and second network connections are part of a multi-hop mesh network (Bagchi, Figure 25, column 29, lines 37-60; base station can communicate with different control nodes).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy in view of Medvinsky with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 6, Reddy in view of Medvinsky teaches each and every claim limitation of claim 2. 
Reddy in view of Medvinsky does not explicitly teach the apparatus wherein the first message includes a first sensor data.
 Bagchi teaches wherein the first message includes a first sensor data (Bagchi, Figure 25, column 29, lines 37-60 and column 25, lines 9-38).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 7, Reddy in view of Medvinsky and in further view of Bagchi teaches each and every claim limitation of claim 6, however, Bagchi teaches the apparatus, wherein the sensor data are from a sensor device including a humidity sensor, a temperature sensor, acceleration sensor, light sensor, sound sensor, current sensor, global positioning system sensor, voltage sensor, or a combination thereof device (Bagchi, column 51, lines 2-11).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy in view of Medvinsky with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 12, Reddy in view of Medvinsky teaches each and every claim limitation of claim 8. 
Reddy in view of Medvinsky does not explicitly teach the method wherein the first and second network connections are part of a multi-hop mesh network.
Bagchi teaches wherein the first and second network connections are part of a multi-hop mesh network (Bagchi, Figure 25, column 29, lines 37-60; base station can communicate with different control nodes).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy in view of Medvinsky with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 13, Reddy in view of Medvinsky teaches each and every claim limitation of claim 9. 
Reddy in view of Medvinsky does not explicitly teach the method wherein the first message includes a first sensor data.
 Bagchi teaches wherein the first message includes a first sensor data (Bagchi, Figure 25, column 29, lines 37-60 and column 25, lines 9-38).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 14, Reddy in view of Medvinsky and in further view of Bagchi teaches each and every claim limitation of claim 13, however, Bagchi teaches the method, wherein the sensor data are from a sensor device including a humidity sensor, a temperature sensor, acceleration sensor, light sensor, sound sensor, current sensor, global positioning system sensor, voltage sensor, or a combination thereof device (Bagchi, column 51, lines 2-11).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy in view of Medvinsky with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 18, Reddy in view of Medvinsky teaches each and every claim limitation of claim 15. 
Reddy in view of Medvinsky does not explicitly teach the non-transitory computer-readable medium wherein the first message includes a first sensor data.
 Bagchi teaches wherein the first message includes a first sensor data (Bagchi, Figure 25, column 29, lines 37-60 and column 25, lines 9-38).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 19, Reddy in view of Medvinsky and in further view of Bagchi teaches each and every claim limitation of claim 18, however, Bagchi teaches the non-transitory computer-readable medium, wherein the sensor data are from a sensor device including a humidity sensor, a temperature sensor, acceleration sensor, light sensor, sound sensor, current sensor, global positioning system sensor, voltage sensor, or a combination thereof device (Bagchi, column 51, lines 2-11).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy in view of Medvinsky with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 
Regarding claim 20, Reddy in view of Medvinsky teaches each and every claim limitation of claim 15. 
Reddy in view of Medvinsky does not explicitly teach the non-transitory computer-readable medium wherein the first and second network connections are part of a multi-hop mesh network.
Bagchi teaches wherein the first and second network connections are part of a multi-hop mesh network (Bagchi, Figure 25, column 29, lines 37-60; base station can communicate with different control nodes).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Reddy in view of Medvinsky with the teachings of Bagchi to include a multi-hop sensor network to provide the advantage of scalable & energy-efficient secure communication/key management on sensors (Bagchi, column 25, lines 9-18). 

Allowable Subject Matter
Claims 3, 10 and 17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Examiner’s Statement for Indicating Allowable Subject Matter
The following is a statement of reasons for the indication of allowable subject matter:  The prior art WEI (US Pub No. 2019/0268764) discloses receiving, by an intermediate device, a first data transmission message sent by a first device and carrying first data, where the first data is target data encrypted by using a first encryption key; performing, by the intermediate device based on a first decryption key agreed upon between the intermediate device and the first device, decryption processing on the first data to obtain the target data, and performing preset data processing on the target data; performing, by the intermediate device based on a second encryption key agreed upon between the intermediate device and a second device, encryption processing on the target data that undergoes data processing, to obtain second data; and sending, by the intermediate device, a second data transmission message carrying the second data to the second device. (WEI, Abstract), however, the prior art taken alone or in combination does not teach or suggest “encapsulate the first message in a third link layer frame; generate a third encrypted link layer frame by encrypting the third link layer frame using the second security key; transmit the third encrypted link layer frame encapsulating the first message to the second network device via the second network connection; receive a fourth encrypted link layer frame encapsulating the second message from the second network device via the second network connection; and extract the second message by decrypting fourth encrypted link layer frame using the second security key”, in combination with the remaining claim limitations.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAQUEAL D WADE whose telephone number is (571)270-0357. The examiner can normally be reached M-F 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SHAQUEAL D WADE-WRIGHT/             Examiner, Art Unit 2437