DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Response to Amendment
This office action is in response to the amendment filed on 04/19/2022.
Claims 1-3 are amended.
Claims 1-3 are pending in the application. 
The objections to the drawings in figures 1-3 are withdrawn because the updated drawings on 04/19/2022 overcome the objections.
The 112(a) and 112(b) rejections against claims 1-3 are withdrawn because the amended claims overcome the rejections.
The notice of priority is maintained because no certified translation was found in the case files.

Response to Applicant’s Arguments
The Applicant’s Remarks filed on 04/19/2022
In the Remarks page 1, the Applicant indicated the official translation of the priority document was filed.  However, Examiner could not find any official translation document attached to the case.
In the office action dated 01/28/2022, claim 1 was rejected under 35 U.S.C. § 103 as being unpatentable over Rosati et al. (USPPN 20130046976 A 1, hereinafter Rosati '976) in view of Leicher et al. (USPPN 20110067095 A1, hereinafter Leicher '095) and further in view of Hito et al. (US 20110219427 Al, hereinafter Hito '927); claim 2 was rejected under 35 U.S.C. § 103 as being unpatentable over Rosati '976 in view of Leicher '095 and Hito '927 and further in view of Oberheide et al. (US 20150304110 Al, hereinafter Oberheide '110) and Gubbi (US 911907681, hereinafter Gubbi '681); and claim 3 was rejected under 35 U.S.C. § 103 as being unpatentable over Rosati '976 in view of Leicher '095 and Hito '927 and further in view of Benayed (US 20180343246 A1, hereinafter Benayed '246).	

	Starting near the middle of page 5 of the Remarks, the Applicant argues that “In rejecting the claimed limitations, the Examiner relied on a combination of Rosati '976 in view of Leicher '095 and Hito '927. 
Applicant respectfully disagrees. 
	For example, Applicant respectfully notes wherein a technical effect resulting from the distinguishing features is to authenticate the user while preventing the proxy authentication server or notification service providers from intercepting data or spoofing identities. 
	For example, the objective technical problem as claimed herein may thus be seen as how to authenticate the user while preventing the proxy authentication server or notification service providers from intercepting data or spoofing identities. 
	In Rosati '976, for example, Applicant respectfully notes wherein the proxy authentication server is a VPN gateway that simply passes messages between the mobile device assimilated to the calculator according to the invention, and the authentication server.”

	The Applicant’s argument is fully considered.  However, the Examiner respectfully disagrees because the Applicant’s argument is not persuasive.  Although the claim recites the proxy server, the claim does not claim any limitation performed by the proxy server that prevents the proxy server itself from intercepting data.  The Applicant’s argument is contradicting itself because using the proxy server to prevent itself from intercepting data or spoofing identities would be paradoxical.  As a result, the Applicant’s argument is not persuasive and the cited prior art teaches the limitations of the claimed invention.

	Near the bottom of page 5 of the Remarks, the Applicant argues “Applicant respectfully notes, for example, wherein one of ordinary skill in the art trying to solve the objective technical problem on the basis of Rosati '976 would not apply the teachings of Leicher '095 to Rosati '976, since the skilled in the art seeks precisely to avoid the use of such a protocol: "Pooled services dedicated to the authentication of users thanks to their mobile telephone exist. They can be used thanks to APIs (WebService or REST) or identity federation protocols such as OpenIDConnect or SAML. But these services need to know the identity of the users and have to manage and store the secrets exchanged with the telephones. The users are thus declared and known to a service external to the company. These services thus pose a problem of confidentiality and responsibility in the management of users" (e.g. see application as filed page 
4 lines 20 to 26)”.	The Applicant’s argument is fully considered.  However, the Examiner respectfully disagrees because the Applicant’s argument is not persuasive.  The Applicant uses a paragraph in the Applicant’s specification to indicate the motivation for not combining the prior art.  However, the prior does not disclose the teaching away from the combination. The Applicant also does not provide evidence to show that an ordinary skill would find the combination so insecure that it must not be used in the prior art’s teaching for security purposes. Furthermore, the instant claim recites “producing, by the proxy authentication server upon receipt of the challenging message 		a notification message comprising			the user identifier on the notification server “.  The claim clearly indicates that the proxy server knows the user identifier, which contradicts the Applicant’s argument that the proxy server do not know the user identity. As a result, the Applicant’s argument is not persuasive and an ordinary skill in the art would be motivated to combine the cited prior art, which teaches the limitations of the claimed invention.	The Applicant further argues near the top of page 6 of the Remarks, “In arguendo, even if one of ordinary skill in the art combined the teachings of Rosati '976 and Leicher '095, the skilled in the art would not achieve the claimed invention, since Leicher '095 discloses the use of a trusting platform module TPM implemented in the mobile device (eg. see Leicher '095 paragraph [00051) and of a privacy certification authority PCA (see paragraph [00151 of Leicher '095) to realize the authentication, elements which are not present in the invention.”.	The Applicant’s argument is fully considered.  However, the Examiner respectfully disagrees because the Applicant’s argument is not persuasive.  The claim does not recite any limitation that exclude the use of a trusting platform module TPM implemented in the mobile device and further providing evidence that why such exclusion is desirable, rather than arbitrarily. As a result, the Applicant’s argument is not persuasive and an ordinary skill in the art would be motivated to combine the cited prior art, which teaches the limitations of the claimed invention.	The Applicant further argues starting near the middle of page 6 of the Remarks, “Applicant respectfully notes wherein, for example, one of ordinary skill in the art trying to solve the objective technical problem on the basis of Rosati '976 would not apply the teachings of Hito '927 to Rosati '976 since the skilled in the art seeks precisely to avoid using mobile devices or mobile applications to authenticate users: "Telephones are not considered as secure because they can be stolen or used to the detriment of the legitimate user. Mobile applications are poorly secured; by the use of system certificates which may be corrupted, by copying data or cloning of the application on another telephone, etc." (eg. see originally filed application page 4 lines 10- 14).”.	The Applicant’s argument is fully considered.  However, the Examiner respectfully disagrees because the Applicant’s argument is not persuasive.  The Applicant contradicts themselves, because the instant claim recites a calculator that connects to a network (“producing by the calculator, upon receipt of the notification message ... sending, by the calculator, the challenge accepted message to the proxy authentication server”).  An ordinary skill in the art would find the calculator recited in the claim reasonably matching a description of a mobile device that is both portable and networked. As a result, the Applicant’s argument is not persuasive and an ordinary skill in the art would be motivated to combine the cited prior art, which teaches the limitations of the claimed invention.	Near the bottom of page 6 of the Remarks, the Applicant argues “the skilled in the art would not achieve the claimed invention since Hito '927 discloses the use of two user devices located nearby to authenticate the user (eg. see paragraph [0004) of Hito '927).”		The Applicant’s argument is fully considered.  However, the Examiner respectfully disagrees because the Applicant’s argument is not persuasive.  The proposed combination of Hito’s teaching in into the teaching of Rosati in view of Leicher is having the identifier of the user on the proxy authentication server and the identifier of the user on the notification server inside a challenge accepted message produce by a mobile device (see Hito ¶43).  The Examiner does not propose to incorporate every element disclosed by Hito into the teaching of Rosati in view of Leicher.  Since Rosati in view of Leicher teaches both the identifier of the user on the proxy authentication server and the identifier of the user on the notification server, it would be reasonable for an ordinary skill in the art to use Hito’s teaching to return both identifiers since they are both disclosed by Rosati in view of Leicher.  The Applicant is respectfully reminded that "The test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference.... Rather, the test is what the combined teachings of those references would have suggested to those of ordinary skill in the art." In re Keller, 642 F.2d 413, 425, 208 USPQ 871, 881 (CCPA 1981). See also In re Sneed, 710 F.2d 1544, 1550, 218 USPQ 385, 389 (Fed. Cir. 1983) ("[I]t is not necessary that the inventions of the references be physically combinable to render obvious the invention under review."); and In re Nievelt, 482 F.2d 965, 179 USPQ 224, 226 (CCPA 1973) ("Combining the teachings of references does not involve an ability to combine their specific structures.").  As a result, the Applicant’s argument is not persuasive and an ordinary skill in the art would be motivated to combine the cited prior art, which teaches the limitations of the claimed invention.		The Applicant argues near the bottom of page 6 of the Remarks, “Moreover, for example, Applicant respectfully notes wherein Hito '927 fails to disclose or suggest the use of a proxy authentication server, and more particularly of a proxy authentication server (as claimed herein), which is not simply a gateway”.  The limitation regarding proxy authentication server is already addressed above.	In conclusion, the Examiner respectfully asserts that the prior art teach all disputed limitations recited in the claimed invention.

Priority
Should applicant desire to obtain the benefit of foreign priority under 35 U.S.C. 119(a)-(d) prior to declaration of an interference, a certified English translation of the foreign application must be submitted in reply to this action.  37 CFR 41.154(b) and 41.202(e).
Failure to provide a certified translation may result in no benefit being accorded for the non-English application.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim 1 is rejected under 35 U.S.C. § 103 as being unpatentable over Rosati et al. (US 20130046976 A1, hereinafter Rosati) in view of Leicher et al. (US 20110067095 A1, hereinafter Leicher) and further in view of Hito et al. (US 20110219427 A1, hereinafter Hito).
	Regarding claim 1, Rosati teaches a method for authenticating a user with an authentication server, wherein the authentication server comprises:
		a first memory zone for storing a registration associating (Rosati ¶35, the authentication server 12 including a public key store 44 for storing a public key Ai associated with each user registered to access the private network)
			an user identifier on a proxy authentication server (¶36, the challenge may be sent using an email, short message service (SMS) message, peer-to-peer (P2P) message (e.g. PIN-based message) or any other form of communication;  fig. 8 elements 100, send challenge to VPN client; [Examiner remark: the email address of the user corresponds to the identifier of the user on the proxy authentication server; the email server corresponds to identifier of the user on the proxy authentication server]);
			a public key of a dual key (¶24, private/public key pair (a, A), authentication server 12 is also provisioned by the CA 16 to have a copy of the public key A associated with each mobile device 10 registered to access the private network; see also ¶35);	wherein the method allows an authentication of the user having a calculator comprising (¶24, The mobile device 10):		a second memory zone for storing a private key of the dual key (¶24, The mobile device 10 is provisioned with a private/public key pair (a, A), fig. 3 element 22);
		a third memory zone for storing the user identifier on a notification server (¶36, the challenge may be sent using an email; [Examiner remark: the email address of the user being used for receiving the challenge email corresponds to the identifier of the user on a notification server]);		a forth memory zone for storing the user identifier on the proxy authentication server (¶36, the challenge may be sent using an email, short message service (SMS) message, peer-to-peer (P2P) message (e.g. PIN-based message) or any other form of communication;  fig. 8 elements 100, send challenge to VPN client; [Examiner remark: the email address of the user corresponds to the identifier of the user on the proxy authentication server; the email server corresponds to the notification server]);	wherein the authentication takes place through the proxy authentication server comprising (fig. 8, element 6, VPN gateway, elements 100, 114, 124 and 126): 		the first memory zone for storing the registration associating (¶36, the challenge may be sent using an email; fig. 8 element 100, send challenge to VPN client; element 108, element 112 send response to VPN gateway):		the user identifier on the proxy authentication server (¶36 the challenge may be sent using an email; see fig. 8, element 100 where the VPN Gateway sends the challenge message; [Examiner remark: the email recipient address, which is used to identify the user on the receiving end of the challenge message corresponds to the identifier]); 		the user identifier on the notification server (¶36, the challenge may be sent using an email, short message service (SMS) message, peer-to-peer (P2P) message (e.g. PIN-based message) or any other form of communication;  fig. 8 elements 100, send challenge to VPN client; [Examiner remark: the email address of the user corresponds to the identifier of the user on the notification server; the email server corresponds to the notification server]);	the method comprising:		producing, by the authentication server (¶27 authentication server 12), a random variable and a challenging message comprising (¶27, initiates a challenge/response protocol and sends a cryptographic challenge; see also fig. 7-8; ¶27, the challenge may be a random number; see also ¶35; see also fig. 7-8):			an ([Examiner remark: the encryption of a random variable with the public key is disclosed by Leicher below];  ¶27, the challenge may be a random number; see also ¶35; see also fig. 7-8); 			the user identifier on the proxy authentication server (¶36 the challenge may be sent using an email; see fig. 8, element 100; [Examiner remark: the email address, which is used to identify the user on the receiving end of the challenge message corresponds to the identifier]); 	sending the challenging message, by the authentication server, to the proxy authentication server (¶36 the challenge may be sent using an email; see fig. 8, elements 98, 100 and 102; [Examiner remark: the email server associating with the email recipient address corresponds to the notification server]), and producing, by the proxy authentication server upon receipt of the challenging message (fig. 8, element 6, VPN gateway, elements 98 and 100):		a challenge token associated with the challenging message (¶27, the challenge may be a random number; see also ¶35; see also fig. 8, element 98, 100 send challenge to VPN client and element 102; [Examiner remark: the VPN gateway 6 sends the random number to the VPN client]);		a notification message comprising (¶36 the challenge may be sent using an email)			the user identifier on the notification server (¶36 the challenge may be sent using an email; [Examiner remark: the recipient email address corresponds to the identifier of the user on the notification server; the email server receiving the email corresponds to the notification server]);			a notification token (¶27, the challenge may be a random number), produced by the proxy authentication server (fig. 8, element 6, VPN gateway, elements 98 and 100), the notification token being associated, on the proxy authentication server, with the challenging message (¶27, the challenge may be a random number;  see also ¶35; see also fig. 8, elements 98, 100 and 102; [Examiner remark: the VPN gateway 6 sends the random number to the VPN client]);	sending the notification message, by the proxy authentication server, to the notification server (¶36 the challenge may be sent using an email; see also fig. 8; [Examiner remark: the recipient email address corresponds to the identifier of the user on the notification server; the email server receiving the email corresponds to the notification server]);	delivering the notification message by the notification server (see fig. 8 element 104, receive challenge; ¶36 the challenge may be sent using an email; [Examiner remark: the email server associating with the email address corresponds to the notification server]);	producing by the calculator, upon receipt of the notification message, a challenge accepted message (¶36, the challenge may be sent using an email, short message service (SMS) message, peer-to-peer (P2P) message (e.g. PIN-based message) or any other form of communication, whereupon selecting a link or option in the message, the UI 50 shown in FIG. 6 is displayed; see also fig. 8), the challenge accepted message comprising (fig. 8 element 108, generate response using challenge private key and PIN);		the notification token ([0028] To respond to the challenge received from the authentication server 12, … to sign the challenge, and returns a response at stage 6, the response including the signed challenge; see also fig. 8; [Examiner remark: the challenge includes the notification token.  As a result, the signed challenge is interpreted as having the notification token]);	sending, by the calculator, the challenge accepted message to the proxy authentication server (¶36, selecting a link or option in the message; ¶41, response is then sent at 110 to the VPN client 20 on the computing device 4 to have the VPN client 20 send the response to the VPN gateway 6 at 112. The VPN gateway 6 then sends the response to the authentication server 12 at 114; see also fig. 8);	producing by the proxy authentication server (¶40, The authentication server 12 then sends the challenge to the VPN gateway 6 at 98 to have the VPN gateway 6 send the challenge to the VPN client 20 on the computing device 4 at 100, see also fig. 8 elements 98, 100, 102 and 104), a challenge message comprising (Rosati ¶40, the VPN gateway 6 send the challenge to the VPN client 20 on the computing device 4 at 100):		the ([Examiner note: the encryption of the random variable is discussed below by Leicher]; ¶40, generating a challenge at 96, e.g. by generating a random number; see also fig. 8); 	sending (¶40 the VPN gateway 6 send the challenge to the VPN client 20 on the computing device 4), by the proxy authentication server (¶40 the VPN gateway 6), the challenge message to the calculator (¶40, The authentication server 12 then sends the challenge to the VPN gateway 6 at 98 to have the VPN gateway 6 send the challenge to the VPN client 20 on the computing device 4; see also fig. 8);	producing by the calculator, upon receipt of the challenge message (¶40, the mobile device 10 receives the challenge at 104; see also fig. 7-8), of a response message comprising		a result of the  ([Examiner remark: the decryption of the encrypted random variable is discussed below by Leicher]; ¶41, generate a response at 108 using the challenge, the private key, the response may include a signature on the challenge, wherein the challenge is signed using the private key a and the PIN 30 and may include additional information such as a timestamp; see also fig. 8);	sending, by the calculator, the response message to the proxy authentication server (¶40, The response is then sent at 110 to the VPN client 20 on the computing device 4 to have the VPN client 20 send the response to the VPN gateway 6 at 112. The VPN gateway 6 then sends the response to the authentication server 12 at 114; see also fig. 7-8);	comparing by the authentication server [signed] ([Examiner remark: the decryption of the encrypted random variable is discussed below by Leicher]; ¶41, the response is verified at 118 by the cryptographic module 42 on the authentication server 12. For example, the signature on the challenge may be verified using a verification scheme that is complementary to the signing scheme used by the cryptographic module 18 on the mobile device 10; see also fig. 7-8).	Although Rosati teaches the aforementioned limitations of the claimed invention as disclosed above, Rosati discloses the process is performed using one round trip (Rosati fig. 8, element 102 send challenge, and element 116 receive response,

    PNG
    media_image1.png
    539
    770
    media_image1.png
    Greyscale
), Rosati does not explicitly disclose the process is carried out in two round trips as claimed.  Although Rosati teaches:	a challenging message comprising a random variable;	producing, by the authentication server, a random variable and a challenging message, Rosati does not explicitly disclose:	a challenging message comprising a random variable encrypted with the public key;	producing by the proxy authentication serve, a challenge message comprising 		the encrypted random variable comprised in the challenge accepted message;	decrypting by the calculator, the encrypted random variable using the private key;	producing by the calculator, upon receipt of the challenge message, of a response message comprising:		a result of the decrypting of the encrypted random variable. 	On the other hand, Leicher teaches authentication process using two round trips process (Leicher fig. 3,

    PNG
    media_image2.png
    536
    712
    media_image2.png
    Greyscale
;
Leicher fig. 3A element 310 corresponds to the proxy authentication server, sending a challenge in message 327; Leicher [0030] The TicketServer 305 runs as a service application on the client; The ticket server element 305 corresponds to the calculator provided a challenge accepted message 329.  The Ticket challenger sends a nonce in element 339, and the ticket server 305 responds in element 351);	producing, by the authentication server (Leicher ¶43, the identity provider encrypts the cookie), a challenging message comprising (Leicher ¶43, encrypts the cookie using a secret key and sends it to the TicketServer on the client side, protected by the public CSK, user may decrypt it and use it as an authentication token):		an encrypted random variable being the random variable encrypted with the public key (Leicher ¶43, encrypts the cookie using a secret key and sends it to the TicketServer on the client side, protected by the public CSK);	decrypting by the calculator, the encrypted random variable using the private key (Leicher ¶43, user may decrypt it and use it as an authentication token, the secret key which is used to encrypt the cookie. The secret key may be a symmetric or asymmetric key; see also ¶44; ¶34 FIGS. 3(a) and (b) represent the inner operations of the TTVerifier Thread 258 in Leicher FIG. 2);	producing by the calculator, upon receipt of the challenge message (Leicher ¶43, user may decrypt it and use it as an authentication token; ¶34 FIGS. 3(a) and (b) represent the inner operations of the TTVerifier Thread 258 in Leicher FIG. 2; ¶27, the provider.jsp webpage 245 which waits for the TTverifier 258 to finish and evaluate the result of the challenge provided in challenge answer message 254, TicketServer 250 uses TPM functionality to generate the appropriate answer including a ticket; for more information about the ticket, see also ¶18, ¶19, ¶49-¶53 of Leicher ), of a response message comprising:		a result of the decrypting of the encrypted random variable (Leicher ¶43, user may decrypt it and use it as an authentication token, the secret key which is used to encrypt the cookie. The secret key may be a symmetric or asymmetric key; Leicher ¶44, the cookie may then be decrypted when needed the decryption requires the user to authenticate for the CSK usage with the (local) CSK secret; Rosati ¶40, The response is then sent at 110 to the VPN client 20 on the computing device 4 to have the VPN client 20 send the response to the VPN gateway 6 at 112; Rosati ¶41, generate a response at 108 using the challenge, the private key; [Examiner note: Leicher disclose to decrypt the cookie when needed, Rosati teaches the challenge is sent back as a result, where the challenge is signed.  The challenge is a random number and encrypted in view of Leicher and Rosati (see discussion above).  The combination of Rosati in view of Leicher teaches the decryption of the encrypted random and provided back as a response]).	comparing by the authentication server the result of the decrypting with the random variable to determine a result of the authentication (Rosati teaches comparing by the authentication server a returned value from the calculator, while Leicher teaches the returned value is a decrypted value of an encrypted value, see Leicher ¶43, ¶44; as a result, the combination teaches the limitation).
	It is obvious to a person of ordinary skill in the art before the effective filing date to incorporate the teachings of Leicher, which teaches two round trips of authentication and encrypting of the cookie by a challenger and decryption of the cookie by the user into the teaching of Rosati to result in the aforementioned limitations of the claimed invention ([Examiner remark: Leicher teaches the encryption of a random variable; Rosati teaches the random value is sent by the authentication server, then to the VPN gateway to the user]).	One of ordinary skilled would be motivated to do so as incorporating Leicher’s teaching would help enhanced security and safety of the system (Leicher ¶6). In addition, both of the references (Leicher and Rosati) teach features that are directed to analogous art and they are directed to the same field of endeavor, such as, using challenge and response for authentication and using random nonce and encryption/decryption in the process. This close relation between both of the references highly suggests an expectation of success when combined.	The combination Rosati in view of Leicher thus far teaches the limitations of the claimed invention (see discussion above).	The combination of Rosati in view of Leicher does not explicitly disclose:		:		the identifier of the user on the proxy authentication server;		the identifier of the user on the notification server 	associating by the proxy authentication server, upon receipt of the response message, the result of the decryption and of the challenge token;	interrogating by the authentication server of the proxy authentication server to obtain the content of the response message associated with the challenge token.	On the other hand, Hito teaches:	producing by the calculator, upon receipt of the notification message (Hito [0043] Once the authentication request is generated, the user will start the application on his mobile device and use device authentication 415 protocol to verify his/her identity with the authentication provider), a challenge accepted message (Hito [0046] The application will compose the string "DID| UN|AC"; Hito [0127] Instead of the Internet connections shown other communication channels or some combination thereof may be employed. For example, SMS, email; [Examiner note: the mobile device response email message containing the string "DID| UN|AC" corresponds to the message]; see ¶36-¶42 regarding “AC” string portion, Hito ¶47-¶48 for “DID” and “UN” portions):		the identifier of the user on the proxy authentication server (Hito [0127] Instead of the Internet connections shown other communication channels or some combination thereof may be employed. For example, SMS, email, or the like may be employed for one or more of the connections; [Examiner remark: when using email for responding to the challenge, the recipient email address corresponds to the identifier of the user on the proxy authentication server. Hito also teaches the response including several other user identifier on the proxy authentication server, the “UN” or user name field is used in ¶73 by the authentication provider to locate public key in the database, the “DID” or device ID is used in ¶73 by the authentication provider to verify the device]);		the identifier of the user on the notification server (Hito [0127] Instead of the Internet connections shown other communication channels or some combination thereof may be employed. For example, SMS, email, or the like may be employed for one or more of the connections; [Examiner remark: when using email for responding to the challenge, the response message sender email address corresponds to the identifier of the user on the notification server]);	associating by the proxy authentication server, upon receipt of the response message, the result of the decrypting and the challenge token (Hito [0076] Once the verification process 420 has been completed, the authentication process will send the status of the request to the client to provide notification of success or failure 425; [Examiner remark: Rosati in view of Leicher teaches the receiving of response message and the verification of the decrypted nonce.  Hito discloses the response to the challenge with the request ID (see the “AC” portion of the response message discussed above) and the use of request ID to retrieve the verification status.  Hito further teaches to use the request ID to return the result of the authentication.  That means the authentication provider disclosed by Hito associates the request ID with the authentication response data]);	interrogating by the authentication server of the proxy authentication server to obtain the result of the decrypting associated with the challenge token (Hito [0077] Async Model: The client will get the unique request ID, which it can use to poll the server application for the status of the pending request [Examiner remark, Hito teaches the client can use Async model or Sync model (see ¶78 of Hito).  With Async model, the client gets the unique request ID to poll for the status of a request.  As a result, a person of ordinary skill in the art can apply this teaching with the combination of Rosati in view of Leicher to result in the authentication server disclosed by Kolb in Fig. 8 of Kolb element 98 receiving the request ID taught by Hito to poll for the response versus waiting for the response message in Fig. 8 of Kolb, going from element 114 to element 116]).
	It is obvious to a person of ordinary skill in the art before the effective filing date to incorporate the teachings of Hito, which teaches authentication system which teaches an authentication system with challenge and response using either async or sync method for retrieving authentication status into the teaching of Rosati in view of Leicher to result in the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Hito’s teaching would help improve resource utilization (see ¶77-¶78 of Hito). In addition, both of the references (Hito and Rosati in view of Leicher) teach features that are directed to analogous art and they are directed to the same field of endeavor, such as, authentication and using an authentication provider. This close relation between both of the references highly suggests an expectation of success when combined.

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Rosati in view of Leicher and Hito and further in view of Oberheide et al. (US 20150304110 A1, hereinafter Oberheide) and Gubbi (US 9119076 B1, hereinafter Gubbi) .	Regarding claim 2, Rosati in view of Leicher and Hito teaches the method according to claim 1 (see discussion above), wherein the dual key (Rosati ¶24 mobile device 10 is provisioned with a private/public key pair), the user identifier on the proxy authentication server (Rosati ¶38, challenge is signed using the private key a and the PIN 30, ¶41 generate a response at 108 using the challenge, the private key a, and the PIN , response is received by the authentication server 12 at 116, and the response is verified), and the user identifier on the notification server are produced during an enrollment of the calculator (Rosati ¶36, the challenge may be sent using an email; [Examiner remark: the recipient email address of the email corresponds to the user identifier on the notification server]), wherein, the user comprises the calculator (Rosati [0041] The mobile device) and a secure terminal connected to the authentication server, (Rosati ¶35, registered to access the private network 2 using a VPN client 20), and wherein said enrollment comprises:	the user registers himself, with the calculator, on the notification server and obtains the user identifier on the notification server (Rosati ¶36, the challenge may be sent using an email; [Examiner remark: the recipient email address corresponds to the user identifier on the notification server, the email address’ server corresponds to the notification server]);	Rosati in view of Leicher and Hito does not explicitly disclose all of the following limitations that Oberheide teaches:	the user using the ([Examiner remark, the crossed over text is disclosed by Gubbi below]; Oberheide ¶53, the primary device 130 provides an enrollment request to the service provider 120);	producing, by the authentication server upon receipt of an enrollment request message (Oberheide fig. 7, the service provider 120), of the following elements:		the dual key associated with the user (Oberheide Fig. 9A, S920; Oberheide ¶77 the service provider 120 generates a key pair that includes the public key and the private key; see also ¶61; [Examiner remark: S910 of fig. 9  follows step S760 of fig. 7]);		an enrollment initiation message sent to the proxy authentication server (Oberheide ¶53, the service provider 120 provides an enrollment request to the authentication service 110, fig. 7 element S720);	implementing, by the proxy authentication server upon receipt of the enrollment initiation message (Oberheide fig. 7, Authentication service 110, S730; ¶54  responsive to the enrollment request at the process S720),		creation of the registration associating (Oberheide ¶54, The activation code is associated with the enrollment request):			a user identifier on the proxy authentication server (Oberheide ¶53 The enrollment request provided by the service provider 120 specifies the user identifier);			an enrollment token (Oberheide ¶54 an activation code);		producing of an initiated enrollment message comprising (Oberheide ¶54, the authentication service provides an activation code to the service provider 120)			the user identifier on the proxy authentication server (Oberheide ¶75, the authentication service provides the synchronization request to the service provider 120 along with the user identifier corresponding to the activation code of the process S750 of FIG. 7; [Examiner remark: Oberheide discloses the user id can also be provided to the service provider corresponding to the activation code, which is also disclosed in ¶54 by Oberheide to provide the activation code to the service provider.  As a result, it would be obvious to an ordinary skilled to implement one way or another according to the teaching of Oberheide to send the user identifier along with the activation code, or send it later]);			the enrollment token (Oberheide ¶54 an activation code);`		sending the initiated enrollment message in response to the enrollment initiation message to the authentication server (Oberheide ¶54, the authentication service provides an activation code to the service provider 120);	implementing, by the authentication server upon receipt of an enrollment initiation message (Oberheide Fig. 7, Service provider 120, S740 after S730),		producing of an enrollment acceptance message comprising (Oberheide Fig. 7, S740; ¶55, the service provider 120 provides the activation code to the primary device 130):			at least the private key of the dual key (Oberheide [0079] At the process S940, the service provider 120 provides the private key to the authentication device 140; see also ¶61);			the enrollment token (Oberheide Fig. 7, S740; ¶55, the service provider 120 provides the activation code to the primary device 130);		sending the enrollment acceptance message in response to the enrollment request message to the ([Examiner remark, the crossed over text is disclosed by Gubbi below]; Oberheide Fig. 7, S740; ¶55, the service provider 120 provides the activation code to the primary device 130);	implementing by the ([Examiner remark, the crossed over text is disclosed by Gubbi below]; Oberheide ¶55, At the process S740, the service provider 120 provides the activation code to the primary device 130, the primary device displays the activation code):		displaying, on a screen of the secure terminal, content of the enrollment acceptance message (Oberheide ¶55, the primary device displays the activation code);	acquiring, by the calculator, data displayed on the screen of the  (Oberheide ¶55, the authentication device 140 obtains the activation code by capturing an image of the activation code by using an image capture device of the authentication device. For example, the primary device can display the activation code as a QR code that is captured by a camera of the authentication device);	implementing, by the calculator further to the acquisition of the data (Oberheide fig. 7 Auth Device 140; Oberheide fig. 7, S750; ¶57, At the process S750, the authentication device has received the activation code, and provides an activation request to the authentication service 110),		creation of the registration associating (Oberheide fig. 9A, S950, store private key; Oberheide [0080] At process S950, the authentication device 140 stores the private key received from the service provider 120. In some implementations, the authentication device stores the private key received from the service provider 120 in association with the user identifier of the enrollment request provided to the authentication service 110 at the process S720 of FIG. 7of Oberheide):			the private key of the dual key (Oberheide ¶80, stores the private key in association with the user identifier of the enrollment request; see also ¶61);			the user identifier on the notification server 	(Oberheide ¶29 an email address or username may be used as a user identifier within the authentication service and the service provider; Oberheide ¶80, stores the private key in association with the user identifier of the enrollment request).	
		producing an enrollment finalization message comprising (Oberheide Fig. 7, Activate S750, Activation code, Oberheide ¶57, provides an activation request to the authentication service 110):			the enrollment token (Oberheide ¶57. the activation request specifies the activation code and address information of the authentication device 140);			the user identifier on the notification server (Oberheide ¶29, an email address or username may be used as a user identifier within the authentication service and the service provider, registering additionally includes providing communication addressing such as a phone number; ¶31 The authentication request can alternatively be sent in an SMS message, MMS message, email, in-app messaging protocol, or any suitable communication channel ¶57, address information of the authentication device; [Examiner note: Oberheide discloses the communication address, and further discloses email as communication channel.  Oberheide further teaches sending address information; As a result, Oberheide teaches an email address corresponds to the identifier on the notification server]);		sending the enrollment finalization message to the proxy authentication server (Oberheide Fig. 7, Activate S750, Activation code, Oberheide ¶57, provides an activation request to the authentication service 110);	implementing, by the proxy authentication server following the receipt of the enrollment finalization message (Oberheide fig. 7 Authentication service 110, Generate enrollment record S760),		when the registration corresponds to the enrollment token of the enrollment finalization message then (Oberheide ¶58, At the process S760, responsive to the activation request of the process S750, the authentication service generates an enrollment record, the authentication service determines that the activation code received from the authentication device 140 at the process S150 matches the activation code provided to the service provider 120 at the process S730):			associating the user identifier on the notification server with the corresponding registration that corresponds to the enrollment token of the enrollment finalization message (Oberheide ¶59, associates the address information received at the process S150 with the user identifier and the service provider account information corresponding to the activation code);	It is obvious to a person of ordinary skill in the art before the effective filing date to incorporate the teachings of Oberheide, which teaches a system enabling registration of subscribers into the teaching of Rosati in view of Leicher, Hito to result in the aforementioned limitations of the claimed invention.	One of ordinary skilled would be motivated to do so as incorporating Oberheide‘s teaching would provide a convenient mechanism for authentication/authorization to a service provider while preserving security considerations such as integrity, confidentiality, and optionally availability (see Oberheide ¶18). In addition, both of the references (Oberheide and Rosati in view of Leicher, Hito) teach features that are directed to analogous art and they are directed to the same field of endeavor, such as, authentication and registration. This close relation between both of the references highly suggests an expectation of success when combined.	Rosati in view of Leicher, Hito and Oberheide does not explicitly disclose:	the user using the secure terminal to authenticate himself on the authentication server and to send an enrollment request message to the authentication server;	producing a finalized enrollment message comprising:		the user identifier on the proxy authentication server of the registration that corresponds to the enrollment token of the enrollment finalization message;	sending the finalized enrollment message in response to the enrollment finalization message to the calculator;	implementing, by the calculator upon receipt of the finalized enrollment message,		association with the registration corresponding to the enrollment finalization message of the user identifier on the proxy authentication server;	deleting the enrollment token.	On the other hand, Gubbi teaches:	the user using the secure terminal to authenticate himself on the authentication server and to send an enrollment request message to the authentication server (Gubbi col. 3 lines 35-67, the user will confirm that he has access to the website by logging in. The user may enter a user name or corporate ID number, as well as a password that has previously been registered with the secure network service. For example, the user may be required to enter the same information used to access the corporate email server or network storage. In block 205, the secure network service will authenticate the user by confirming the entered user name and password. The secure network service will confirm whether the user is authorized to register his mobile communication device with the secure network service in block 207);	producing a finalized enrollment message comprising (Gubbi col. 4 lines 4-12, in block 215, the user may receive a notification, email or SMS confirming successful registration; Gubbi fig. 2
    PNG
    media_image3.png
    799
    361
    media_image3.png
    Greyscale
):		user identifier on the proxy authentication server of the registration that corresponds to the enrollment token of the enrollment finalization message (Gubbi col. 4, lines 4-12, the recipient email address or SMS phone number correspond to the identifier; [Examiner remark: the user identifier is corresponds to the registration; and Oberheide teaches the enrollment token in ¶53 and ¶54 above, which also corresponds to the registration.  The combination of Gubbi and Oberheide teaches the limitation]);	sending the finalized enrollment message in response to the enrollment finalization message to the calculator (Gubbi col. 4 lines 4-12, in block 215, the user may receive a notification, email or SMS confirming successful registration);	implementing, by the calculator upon receipt of the finalized enrollment message (Gubbi col. 4 lines 4-12, the user submits this information to the secure network service in block 213, in block 215, the user may receive a notification, email or SMS confirming successful registration),		association with the registration corresponding to the enrollment finalization message of the user identifier on the proxy authentication server (Gubbi col. 4 lines 4-12, the user submits this information to the secure network service in block 213, in block 215, the user may receive a notification, email or SMS confirming successful registration);	deleting the enrollment token (Gubbi Abstract, The server provides a OTP when the user calls or sends a SMS message request from the authorized mobile phone to the server. Once a OTP is provided to the authorized mobile phone, the OTP will also be discarded once the server is notified that the OTP has been used; Oberheide Fig. 7, S740; ¶55, the service provider 120 provides the activation code to the primary device 130; [Examiner remark: an ordinary skilled in the art would find it obvious to use Gubbi teaching to of discarding the activation code disclosed by Oberheide after the registration is complete]).	It is obvious to a person of ordinary skill in the art before the effective filing date to incorporate the teachings of Gubbi, which teaches device registration with final confirmation message and discarding of OTP once it is used into the teaching of Rosati in view of Leicher, Hito and Oberheide to result in the limitations of the claimed invention.	One of ordinary skilled would be motivated to do so as incorporating Gubbi teaching would help ensure a secure environment and improve usability. In addition, both of the references (Gubbi and Rosati in view of Leicher, Hito and Oberheide) teach features that are directed to analogous art and they are directed to the same field of endeavor, such as, user and device registration. This close relation between both of the references highly suggests an expectation of success when combined.
Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Rosati in view of Leicher and Hito and further in view of Wu; Zining (US 10929572 B2, hereinafter Wu). 	Regarding claim 3, Rosati in view of Leicher and Hito teaches the method according to claim 1 (see discussion above).	Although the combination of Rosati, Leicher and Hito teaches the second memory zone, the third memory zone and the fourth memory zone, the combination does not explicitly disclose wherein access to the second memory zone, the third memory zone and the fourth memory zone of the calculator is locked by a security mechanism local to the calculator.	On the other hand, Wu teaches wherein access to a memory zone of the calculator is locked by a security mechanism local to the calculator (Wu fig. 2, element 220 and fig. 3 and fig. 5; Wu col. 5 lines 15-37, a desktop computer, a laptop computer, a server, a drive docking station, or any of other computing devices that is configured to allow a storage device (such as the storage device 220) to secure thereto; Wu col. 5 lines 57-67; col. 6 lines 1-3, The controller 260 of the storage device 220 receives the unencrypted data from the station 212, encrypts the data to form encrypted data, and passes the encrypted data to the storage medium 250 for storing the encrypted data; Wu col. 6 lines 38-47, the controller 260 of the storage device 220 includes encryption, decryption, and authentication functions. In some cases, the security module 262 of the controller 260 of the storage device 220 may include an encryption module for encrypting the clear text into encrypted text, and a decryption module for decrypting the decrypted text. Also, the controller 260 may include an authenticator for performing authentication of data. For example, the authenticator may check a password inputted by a user of the storage device 220 to ensure that the user is a trusted user; col. 9 lines 35-58, the key management module 378 may also obtain a second form of identification (such as a password, a voice, a retina feature, etc.) from a user of the station 312 for registration with the storage device 320; col. 11 lines 7-37, the storage device 320 processes the encrypted data and passes the data in encrypted form to the storage medium 350 for storage; Wu col. 15 lines 28-32, the storage device 320 may store multiple identifications (such as passwords) associated with multiple “trusted” users. In such cases, the key management module 378 may use the stored identifications (such as passwords) to authenticate different users).	It is obvious to a person of ordinary skill in the art before the effective filing date to incorporate the teachings of Wu, which teaches a secured storage area that stores plural pieces of user’s authentication data into the teaching of Rosati in view of Leicher and Hito to result in the aforementioned limitations of the claimed invention.
	One of ordinary skilled would be motivated to do so as incorporating Wu‘s teaching would help enhance security of stored data (see Wu col. 12 lines 41-53). In addition, both of the references (Wu and Rosati in view of Leicher, and Hito) teach features that are directed to analogous art and they are directed to the same field of endeavor, such as, authentication. This close relation between both of the references highly suggests an expectation of success when combined.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 10270774 B1 - transmitting, by the restricted access system and to a credential management system, a request to authenticate the user; receiving, by the restricted access system and from the credential management system, a token indicating that the credential management system authenticated the user based on the user interacting with a representation of the challenge data that was provided to the client device.  Polling, by the restricted access system, the credential management system, wherein receiving the token comprises receiving, in response to the polling, the credential management system.
US 20180324173 A1 - verify a unique user identification credential for a requesting user of a first client in response to receiving request for access to a microservice process from the user via the first client; create a client identification token in response to verifying a unique user identification credential for the user, and a session identification token for the request; pass the session identification token to the requesting client mapped to the client identification token; enable requested access by the first client to the requested microservice process in association with the session identification token in a session that is persisted to a session repository identified by the session identification token; and cause the requesting client to replicate the persisted session in association with the session identification token.
US 20180041467 A1 - cloud gate terminates the application-specific user session, kills the user's host SSO cookie.
US 20180063564 A1 - registering a new subscriber, the subscription service is used to create an identity for a new subscriber, the subscriber's user ID can be retrieved.
US 20140096220 A1 - the authentication module polls the authentication server for an authentication token.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Vy Huy Ho whose telephone number is (571) 272-3261.  The examiner can normally be reached on Monday - Friday 7:30 am-5:30 pm.
	Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
	Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/V.H.H/
Examiner, Art Unit 2197


/IZUNNA OKEKE/Primary Examiner, Art Unit 2497