DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 04/02/2021. Claims 1-10 are pending in this examination.
 In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.   This examination is in response to US Patent Application No. 17/220,958.

Claim Objections
The independent claims 1, 9, and 10 are objected for the following reason: 
It is unclear how the first communication device receives its certificate? Examiner assumes that the first communication device receives the certificate from the relay device.
It is unclear that if the first communication device sends its certificate directly to the Third device or the request goes through the relay device? Examiner assumes that the request goes through the relay agent.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-2, and 7-10 are rejected under 35 U.S.C. 102(a) (1) as being anticipated by MATSUYAMA SHINAKO (EP1381201A2) (was submitted in IDS 11/02/2022).
Regarding claim 1, MATSUYAMA discloses  5receiving a certification of a first communication device from a second communication device which issues the certification to the first communication device[¶78, When the attribute authority AA issues the attribute certificate AC L for permitting to issue the attribute certificate AC P to the portable unit 30, the home gateway 20 holds the attribute certificate AC L, and issues the attribute certificate AC P to the portable unit 30 according to the attribute certificate AC L], and [¶77, The target units 10 1 and 10 2 receive the attribute certificate AC P sent from the portable unit 30 when the portable unit 30 accesses the target units 10 1 and 10 2, through the home gateway 20], and [¶195,  in step S52, the portable unit 30 1 sends and presents either of the attribute certificates AC P1 and AC P1' held by the portable unit 30 1 to the home gateway 20 1. More specifically, in the remote access system, when an access is made to either or both of the target units 10 1 and 10 2, the portable unit 30 1 sends and presents the attribute certificate AC P1 to the home gateway 20 1]; and 
receiving, from the second communication device, policy information which indicates whether the certificate is permitted to be sent [¶50, Attribute certificates have the format shown in Fig. 3 and Fig. 4., Proxy info: Entity to which attribute certificate can be issued; AC target: describes servers/service for which attribute certificate is issued], and [¶78]; and
 10when the first communication device requests that the certificate be sent to the third communication device, determining whether the certificate is permitted to be sent to the third communication device, the third communication device requesting the first communication device to send the certificate[¶101,  the attribute certificate AC P in which information indicating that an access to the target units 10 1 and 10 2 serving as resources( Third communication device) is permitted is described as privilege given to the portable unit 30, and information of the home gateway 20 is described as proxy information can be issued from the home gateway 20 to the portable unit 30.… ], and [¶195,  in step S52, the portable unit 301 sends and presents either of the attribute certificates ACP1 and ACP1 ' held by the portable unit 301 to the home gateway 201 . More specifically, in the remote access system, when an access is made to either or both of the target units 101 and 102, the portable unit 301 sends and presents the attribute certificate ACP1 to the home gateway 201], and [ ¶197, in step S53, the home gateway 20 1 verifies the proxy information included in the attribute certificate AC p1' presented by the portable unit 30 1. When the home gateway 20 1 understands that a unit to be accessed is the target unit 10 3 belonging to the second home network, which is different from the first home network under the control of the home gateway 20 1, the home gateway 20 1 sends and presents the two attribute certificates AC p1' and AC H to the home gateway 20 2, which controls the second home network.]; and
 when determining that the certificate is permitted to be sent to the third 15communication device, sending, to the third communication device, the certificate[ ¶101, the attribute certificate AC P in which information indicating that an access to the target units 10 1 and 10 2 serving as resources( Third communication device) is permitted is described as privilege given to the portable unit 30, and information of the home gateway 20 is described as proxy information can be issued from the home gateway 20 to the portable unit 30.…], and [ ¶197,   in step S53, the home gateway 20 1 verifies the proxy information included in the attribute certificate AC p1' presented by the portable unit 30 1. When the home gateway 20 1 understands that a unit to be accessed is the target unit 10 3 belonging to the second home network, which is different from the first home network under the control of the home gateway 20 1, the home gateway 20 1 sends and presents the two attribute certificates AC p1' and AC H to the home gateway 20 2, which controls the second home network.].
Regarding claim 2, MATSUYAMA discloses wherein 20the first communication device is used by a user, the second communication device is used by an issuer, and the third communication device is used by a first verifier [¶74, the remote access system uses such a privilege proxy function. As shown in Fig. 6, the remote access system conceptually includes, as entities, a certification authority CA which issues the above-described public-key certificate, an attribute authority AA(issuer) which issues the above-described attribute certificate, target units 10 1 and 10 2 to be accessed(Third communication device), a home gateway 20 serving as an interface(relay device) for mutually connecting a home network which the target units 10 1 and 10 2 belong to and another network, and a portable unit 30 which the user carries to access the target units 10 1 and 10 2.], and [¶199, in the remote access system, in step S55, the target unit 10 3 receives the two attribute certificates AC P1' and AC H sent from the home gateway 20 2, and verifies the contents of the attribute certificates AC P1' and AC H, such as the above-described proxy information and attributes].
Regarding claim 7, MATSUYAMA discloses, wherein the policy information includes information regarding a verifier to which the certificate is permitted to be sent[¶101, in the remote access system, the attribute certificate AC P in which information indicating that an access to the target units 10 1 and 10 2 serving as resources is permitted is described as privilege given to the portable unit 30, and information of the home gateway 20 is described as proxy information can be issued from the home gateway 20 to the portable unit 30. With this, in the remote access system, when the target unit 10 1 or 10 2 receives the attribute certificate AC P through the home gateway 20, it verifies the target specified in the proxy information and also verifies that the attribute certificate AC P has been sent from the home gateway 20], and [see FIG 4 and corresponding text for more detail].
Regarding claim 8, MATSUYAMA discloses, wherein the policy information includes information regarding a verifier to which the certificate is not permitted to be sent [See FIG.4  , ¶59,  Audit identity:  used by server/service administrator to inspect owner of attribute certificate to detect(specify) fraudulent actions], and [¶57,  In the attribute field, for example, authentication information (Service Authentication Information) related to service, used when the verifier of an attribute certificate authenticates the owner of the attribute certificate, access permission information (Access Identity) of the owner of the attribute certificate, used by the verifier of the attribute certificate, information (Charging Identity) used for specifying the owner of the attribute certificate, for accounting, information (Group) indicating a belonging relation of the owner of the attribute certificate, to a group, information (Role) indicating the role assigned to the owner of the attribute certificate, and information (Clearance) related to the use permission of private information, given to the owner of the attribute certificate are written].
Regarding claims 9, and 10, these claims are interpreted and rejected for the same rational set forth in claim1.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 3-6 are rejected under 35 U.S.C. 103 as being unpatentable over (EP1381201A2) issued to MATSUYAMA SHINAKO (was submitted in IDS 11/02/2022). and in view of US Patent No. (US2002/0026427) issued to Kon (was submitted in IDS 11/02/2022).
Regarding claim 3, MATSUYAMA does not explicitly disclose, however, Kon discloses wherein the certificate is encrypted by the issuer, and an encryption key used for the encryption is transmitted to the user and also stored in the user.  
[ See FIGS. 3 and 4 and corresponding text for more details, ¶196, When a user uses the public key certificate, the user verifies the digital signature of the public key certificate using the public key of the certificate authority the user has. If the verification of the digital signature is successfully passed, the user extracts the public key from the public key certificate. Therefore, all users, who want to use the public key certificate, need to have the common public key of the certificate authority].
Regarding claim 4, MATSUYAMA does not explicitly disclose, however, Kon discloses   wherein the encryption key is sent by the user to the first verifier not via a relay device.  
[ See FIGS. 3 and 4 and corresponding text for more details, ¶196, When a user uses the public key certificate, the user verifies the digital signature of the public key certificate using the public key of the certificate authority the user has. If the verification of the digital signature is successfully passed, the user extracts the public key from the public key certificate. Therefore, all users, who want to use the public key certificate, need to have the common public key of the certificate authority].
Regarding claim 5,  MATSUYAMA discloses  , wherein when requested from the user to transfer the encryption key to the first verifier, determining whether or not the certificate is permitted to be sent to the 10first verifier  [¶101, in the remote access system, the attribute certificate AC P in which information indicating that an access to the target units 10 1 and 10 2 serving as resources is permitted is described as privilege given to the portable unit 30, and information of the home gateway 20 is described as proxy information can be issued from the home gateway 20 to the portable unit 30. With this, in the remote access system, when the target unit 10 1 or 10 2 receives the attribute certificate AC P through the home gateway 20, it verifies the target specified in the proxy information and also verifies that the attribute certificate AC P has been sent from the home gateway 20], and [see FIG 4 and corresponding text for more detail].
MATSUYAMA does not explicitly disclose, however, Kon discloses and transferring the encryption key sent by the user to the first verifier when determining that the certificate is permitted to be sent [¶163, Authentication and transmission of encrypted data are also performed in a similar manner between a service provider (SP) 204 serving as a settling institution and a user device B 206. That is, the service provider (SP) 204 authenticates the user B on the basis of an identification certificate of the user B and transmits data (such as a content or electronic settlement data) after encrypting the data using a public key certificate of the user B].
Regarding claim 6, MATSUYAMA does not explicitly disclose, however, Kon discloses, wherein the first verifier uses the encryption key to combine the certificate that is encrypted, and authenticates the user [¶163, Authentication and transmission of encrypted data are also performed in a similar manner between a service provider (SP) 204 serving as a settling institution and a user device B 206. That is, the service provider (SP) 204 authenticates the user B on the basis of an identification certificate of the user B and transmits data (such as a content or electronic settlement data) after encrypting the data using a public key certificate of the user B].
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
KR(20200128918A[The certificate issuing unit 113 transmits the first certificate to the relay server 130 and controls the relay server 130 to transmit the first certificate to the user terminal 150; The certificate issuing unit 113 transmits the first certificate to the relay server 130 and controls the relay server 130 to transmit the first certificate to the user terminal 150].
JP(2022020143A[ the relay device 300 relays communication related to the certificate between the user 100, the issuer 200, and the verifier 400. For example, the relay device 300 stores (manages) the certificate issued to the user 100, and sends the certificate to the verifier 400 in response to the request of the user 100. At this time, the relay device 300 controls not to transmit the certificate to an undesired party of the issuer 200].
WO2012005555A2 [ METHOD FOR CREATING/ISSUING ELECTRONIC DOCUMENT DISTRIBUTION CERTIFICATE, METHOD FOR VERIFYING ELECTRONIC DOCUMENT DISTRIBUTION CERTIFICATE, AND SYSTEM FOR DISTRIBUTING ELECTRONIC DOCUMENT, distribution relay server, certificate].
GOTO(US2008/0244716)[ TELECOMMUNICATION SYSTEM, TELECOMMUNICATION METHOD, TERMINAL THEREOF, AND REMOTE ACCESS SERVER THEREOF, The relay device sends certification information].
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/Examiner, Art Unit 2496