DETAILED ACTION
This Non-Final Office Action is in response to the request for continued examination filed on 08/10/2022.  	Claims 1-15 are being considered on the merits.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 08/10/2022 has been entered.
Response to Arguments
3.	Applicant's arguments filed 07/19/2022 have been fully considered but are moot in consideration of the newly cited reference below. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



4.	Claims 1-15 are rejected under 35 U.S.C. 103 as being unpatentable over US Pub No. US 2016/0378971 A1 to Dunstan, (hereinafter, “Dunstan”), as disclosed in IDS submitted on 10/19/2020, in view of US Pub. No. US 2009/0049307 A1 to Lin, (hereinafter, “Lin”) and in further view of US Patent No. US 6,473,825 B1 to Worley, (hereinafter, “Worley”).

As per claim 1, Dunstan teaches a system, comprising: 
a port controller to route custom communications to a peripheral over an operable connection between the system and the peripheral via a port (Dunstan, para. [0014] “Embodiments described herein authentication of a peripheral device supporting multiple protocols. The present techniques provide a solution to USB authentication, and more specifically a solution to the new protocols that are sharing a single connector. In embodiments, a peripheral device is authenticated using one input/output protocol, before allowing the multi-protocol connector to be reconfigured to support another protocol. In the case of a USB Type-C connector, the device may be authenticated using USB2, which is present on all devices including a Type-C connector. Moreover, a Type-C connector may also use USB PD to authenticate on simple devices such as power supplies. In embodiments, USB PD can be used when a device is directly connected to a host port. However, but when a device connected to a port expander such as a USB hub, USB PD communications to be translated into/out of the USB domain for purposes of authentication. USB3 may also be used to authenticate a peripheral device via a Type-C connector. The host can be simplified, as the host needs only support one methodology to authenticate a device regardless, of the protocol that is eventually run over the USB Type-C connector. Moreover, it simplifies device design as a common silicon can be used by many types of devices that support multiple protocols.”), where the custom communications are routed to the peripheral over the side-band channel of the operable connection between the system and the peripheral (Dunstan, para. [0030] “FIG. 2 is a schematic diagram of an exemplary multiple protocol connection that can support multiple protocols. A host device 202 is coupled with a peripheral device 204 via a multiple protocol connection 206. The multiple protocol connection includes a multiple-protocol 208 at the host 202, and a multiple protocol connector 210 at the peripheral device 204. Signals can be transmitted between the multi-protocol connector 208 and the multi-protocol connector 210 via various pinout and signal wires. For example, the multi-protocol connection includes a first and second transmit and receive signal lines…A communication channel (CC) 224 can be used for side band signaling. A secondary bus can also be used for sideband signaling. A Vbus 226 is to provide power to the cable bus. Finally, a ground 228 grounds the cable. Although the system 200 illustrates a straight multi-protocol connector to multi-protocol connector configuration, any other configuration can be used.”); and 
an application to establish a secure connection to the peripheral using the custom communications (Dunstan, para. [0043] “the host and the peripheral device authenticate one another. In this manner, both the host and the peripheral device can be assured of the other's identity. A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information, such as certificates authenticating the host and peripheral device. In embodiments, mutual authentication such as PKI is enabled in a first domain to enable the host, based on its policy, to admit or authenticate a device that operates in another domain. In embodiments, the peripheral device, based on its policy, can authenticate and communicate with the host.” And para. [0057] “FIG. 5. For example, a detection module 506 may be configured to detect the connection of a peripheral device to the host. The detection module may also determine the operable protocol of the peripheral device. An authentication module 508 may be configured to authenticate the device in a first protocol or domain. At block 510, a configuration module can reconfigure the peripheral device in the operable domain in response to a successful authentication and communication between the host and peripheral device may occur based on the host and device policies.”)
Dunstan teaches all the limitations of claim 1 above, however fails to explicitly teach but Lin teaches:
and to receive a payload from the peripheral via the secure connection (Lin, [0042] “At the highest level, USB information packets consist of: [0043] A token packet (the header packet) [0044] An optional data packet (containing the actual data payload) and para. [0049] In order to do encryption properly at the USB hub level, the encryption protocol must understand what portions of the "data payload" portion of the USB information packet can be safely altered (encrypted), and which can't. Since this will vary from USB device to USB device, the hub encryption system must be sophisticated enough to recognize this fact, and alter the bits in the "data payload" that it encrypts according to the specific USB device that is hooked up to the hub.” and para. [0074] “If external USB device (440) is an external keyboard, then most of the keystrokes will be encrypted, but certain key control keystrokes, such as control-alt-delete or other system control keystrokes will remain intact. This way an external keyboard connected to external USB port (440) would be able to defeat any data loggers attached to a non-trusted host computer (such as a public access computer), but still be able to adequately control the host computer. When used in this manner, it may be advantageous to use the buttons shown in FIG. 6 (606), (607) and display (608) to be able to switch the encryption option on and off. Once contact has been established, the encryption function can manually be switched to "ON", and secure data then entered in an encrypted manner.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
The combination of Dunstan and Lin teaches all the limitations of claim 1 above, however fails to explicitly teach but Worley teaches:
a verification module to verify whether a side-band channel is available before using the side-band channel (Worley, col. 4 lines 51-67 and col. 5 lines 1-13 “Message formatting and sensitivity confirmation unit 54 also detects the token within the message to determine the originating address and provides a sideband signal indicating the sensitivity level of that originating address. In step S5, message formatting and sensitivity confirmation unit 54 confirms that the destination address has the proper sensitivity level to receive a message from the originating address, thus assuring that no error occurred in the address reformatting to the address map of the system of FIG. 1 that would compromise confidentiality. If the reformatted destination address is not authorized to receive a message of the indicated security level, then in step S6 message formatting and sensitivity level conformation unit 54 applies an error flag or message on line 55 to input/output unit 14, and the process ends in step S8. If the destination address is confirmed to have the proper sensitivity level, then message formatting and sensitivity level confirmation unit 54 stores the reformatted message and sideband signal in buffer 58. Output interface unit 60 then requests access to bus 18, and when that access is granted passes the message and sideband signal from buffer 58 to communication bus 18 in step S7. The process then ends in step S8 until receipt of the next message. Referring to FIGS. 1 and 2, if the message in buffer 58 is for a processor within data processing unit 10, then bus 18 applies the message from output interface 60 to that processor. If the message is for a destination beyond data processing unit 10, then bus 18 applies the message and sideband signal to bus arbiter and bridge circuit 28 for subsequent transmission.” And col. 5 lines 27-63 “Likewise, when gateway unit 16 receives a message on bus 18 for transmission on bus 15 to input/output unit 14, in Step S1 the message is received by destination address detector 62 which detects the message destination address. In step S2 destination address detector 62 determines whether the destination address is an address for which communication is to pass through gateway unit 16. If not, then in Step S3, the process ends. If the message is to pass through gateway unit 16, then the message is Stored in buffer 64, and in Step S4 message formatting and Sensitivity level confirmation unit 66 reformats the message as necessary, determines the originating address, and consults the corresponding one of the sensitivity level look-up tables 68 to confirm in step S5 that the destination address has the proper Sensitivity level to receive the message…If the message was from a component which communicates through control unit 12, then the message is accompanied by a Sideband Signal indicating the Sensitivity level of the originating address, and message formatting and Sensitivity level confirmation unit 66 confirms that the destination address has the proper Sensitivity level based on the Side band Signal, rather than on the originating address. If in Step S5 it is confirmed that the destination address has the proper Sensitivity level, then message formatting and Sensitivity confirmation unit 66 adds a token to the message to indicate the destination address, Stores the message in buffer 72 and requests access to buS 15. When that acceSS is granted, then in Step S7 the message is applied to buS 15 for passage to input/output unit 14.”);
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Worley’s secure communication into Lin’s multifunction computer security and Dunstan’s authentication of a multiple protocol connection, with a motivation for secure communication of sensitive or classified information (Worley, col. 1 lines 25-35). 
As per claim 2, the combination of Dunstan, Lin and Worley teach the system of claim 1, further comprising an interface module to translate communications between the port controller and the application (Dunstan, para. [0024] “The SoC 100 may also include a network interface controller (NIC) 128 may be configured to connect the SoC 100 through the bus 108, various layers of the PCB 102, and components of the PCB 102 to a network 130.” And para. [0027] “The system 180 includes a host device 142 and a peripheral device 144 coupled via a multiple protocol connection 148. A hub or port expander 146 is disposed between the host device 142 and the peripheral device 144 along the multiple protocol connection 148. The host device also includes a controller 150, and the hub/port expander 146 includes a proxy 152. The proxy entity is to translate authentication messages across various protocols and domains. Thus, the proxy entity can receive an authentication message from the peripheral device 144 or host 142 in a first protocol, and then translate the authentication message into a second protocol.”).
As per claim 3, the combination of Dunstan, Lin and Worley teach the system of claim 2, where the interface module comprises: 
an interface controller to store signals received from the port controller in a memory of the system and to control the interface controller to transmit signals based on data retrieved from the system memory (Dunstan, para. [0024] “The SoC 100 may also be coupled with a storage device 126. The storage device may be a component located on the PCB 102. Additionally, the storage device 126 can be a physical memory such as a hard drive, an optical drive, a thumb drive, an array of drives, or any combinations thereof. The storage device 126 may also include remote storage drives. The SoC 100 may also include a network interface controller (NIC) 128 may be configured to connect the SoC 100 through the bus 108, various layers of the PCB 102, and components of the PCB 102 to a network 130. The network 130 may be a wide area network (WAN), local area network (LAN), or the Internet, among others.” And para. [0027] “The system 180 includes a host device 142 and a peripheral device 144 coupled via a multiple protocol connection 148. A hub or port expander 146 is disposed between the host device 142 and the peripheral device 144 along the multiple protocol connection 148. The host device also includes a controller 150, and the hub/port expander 146 includes a proxy 152. The proxy entity is to translate authentication messages across various protocols and domains. Thus, the proxy entity can receive an authentication message from the peripheral device 144 or host 142 in a first protocol, and then translate the authentication message into a second protocol. In this manner, authentication between the host and the device can be performed across multiple protocols or domains.”); and 
a controller interface to serve as an application programming interface between the application and the interface controller by translating instructions retrieved from the application into commands that comply with a protocol associated with the custom communications, and to translate responses received from the peripheral to a format usable by the application (Dunstan, para. [0027] “The system 180 includes a host device 142 and a peripheral device 144 coupled via a multiple protocol connection 148. A hub or port expander 146 is disposed between the host device 142 and the peripheral device 144 along the multiple protocol connection 148. The host device also includes a controller 150, and the hub/port expander 146 includes a proxy 152. The proxy entity is to translate authentication messages across various protocols and domains. Thus, the proxy entity can receive an authentication message from the peripheral device 144 or host 142 in a first protocol, and then translate the authentication message into a second protocol. In this manner, authentication between the host and the device can be performed across multiple protocols or domains.”).
As per claim 4, the combination of Dunstan, Lin and Worley teach the system of claim 3, where the peripheral, the port controller, the interface controller, the controller interface, and the application are aware of the side-band channel and the custom communications (Dunstan, para. [0030] “FIG. 2 is a schematic diagram of an exemplary multiple protocol connection that can support multiple protocols. A host device 202 is coupled with a peripheral device 204 via a multiple protocol connection 206. The multiple protocol connection includes a multiple-protocol 208 at the host 202, and a multiple protocol connector 210 at the peripheral device 204. Signals can be transmitted between the multi-protocol connector 208 and the multi-protocol connector 210 via various pinout and signal wires. For example, the multi-protocol connection includes a first and second transmit and receive signal lines. Specifically, a first transmit (TX1) 212, a first receive (RX1), a second transmit (TX2), and a second receive (RX2) can be used to carry data between the host device 202 and the peripheral device 204. A positive data (D+) and a negative data (D-) pair 220 can also be used to transmit data between the host device 202 and the peripheral device 204. A secondary bus 1 (SBU1) and a secondary bus 2 (SBU2) 222 can be used to transfer audio signals. Additionally, the SUB1/SBU2 222 may be used by an alternate mode, such as Display Port, that uses them for configuration and management during the implementation of the alternate mode. A communication channel (CC) 224 can be used for side band signaling. A secondary bus can also be used for sideband signaling. A Vbus 226 is to provide power to the cable bus. Finally, a ground 228 grounds the cable. Although the system 200 illustrates a straight multi-protocol connector to multi-protocol connector configuration, any other configuration can be used.”).

As per claim 5, the combination of Dunstan, Lin and Worley teach the system of claim 1,where the port is a universal serial bus (USB) type C connection and where the side-band channel is a USB type C power delivery channel (Dunstan, para. [0014] “authentication of a peripheral device supporting multiple protocols…In the case of a USB Type-C connector, the device may be authenticated using USB2, which is present on all devices including a Type-C connector. Moreover, a Type-C connector may also use USB PD to authenticate on simple devices such as power supplies.” And para. [0022] “The USB package 120 may include a transmitter and receiver in order to transmit and receive USB data. The USB package 120 may also include components necessary to implement the USB Battery Charging Specification, USB On-the-Go Specification, and the USB Power Delivery Specification, and the USB Type-C Specification. The PCB 102 may also include components to implement the various USB Specifications.”).
As per claim 6, the combination of Dunstan, Lin and Worley teach the system of claim 1, where the peripheral is a keyboard, and where the payload is a password encrypted by the keyboard for use by the application (Lin, para. [0056] “When (303) (USB device or peripheral) is used to generate secure passwords, the display portion of a device (FIG. 6 (608)) can display alphanumeric characters representative of one-time password data generated by the processor (613). The device's USB interface (FIG. 6 (602)) can allow the device to interface with the host computer, load password data into memory, and generate a one-time password. This can be used to help the computer log on to a secure computer over a network.” And para. [0074] “If external USB device (440) is an external keyboard, then most of the keystrokes will be encrypted.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
As per claim 7, the combination of Dunstan, Lin and Worley teach the system of claim 1, where the peripheral is a secure token, and where the payload is a value provided by the secure token (Lin, para. [0060] “Another USB peripheral that may be fixedly connected to a USB hub port according to one embodiment of the invention may be used to control access to computer networks. As used herein, fixedly may also include a device that is physically or electronically connected. It may be hard wired, soldered, or otherwise connected, substantially permanent connection, or other connection, but typical devices are specifically designed for removable operation. It may be removeably connected where a plug or other connection can be reused, or may include any other connection wherein a USB device may communicate with a computer. Here, the internal USB peripheral can function as part of a system for securing information obtained over a network. Such a system may include a token device adapted to be coupled to the computer. The token device typically includes a processor and a memory, where the processor adapted to run a data encryption/decryption algorithm… A challenge is then generated and transmitted to the token. The challenge can include a challenge puzzle, an encryption/decryption key ID, and a session ID code that determine which two particular symmetric shared keys are sent to the processor in the token device responsive to the query. The token performs a first round of encryption to produce an encrypted puzzle key from the two symmetric shared keys and performing a second round of encryption to generate a one-time password (OTP) from the encrypted puzzle key and the session ID code. The one-time password is transmitted to the server to compare the one-time password to a server-generated response to determine if the one-time password and the server-generated response match.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
As per claim 8, the combination of Dunstan, Lin and Worley teach the system of claim 1, wherein the verification module is to authenticate one of the application and the peripheral prior to the port controller routing communications between the application and the peripheral (Dunstan, para. [0039] “to implement authentication regardless of the type of device connected to the host, a proxy entity can be used to discover the capabilities of the device, and restrict communications with the host until authentication is verified and complete. In the case of a power supply or power adapter as the device coupled to the downstream port of a USB hub via a USB Type-C connector, the proxy entity can be used to convert from the power delivery domain to the USB domain in order to communicate back with the host to complete the authentication. Since USB PD is a local (port to port) connection, USB PD communications will arrive at the host for authentication. In embodiments, domain translations may be used to communicate with the host for authentication.”).

As per claim 9, Dunstan teaches a method, comprising: 
detecting, by an application, support for routing communications to peripherals via a custom communication protocol that operates over the side-band channel of an operable connection between a device on which the application is running and a peripheral connected to the device (Dunstan, para. [0043] “the host and the peripheral device authenticate one another. In this manner, both the host and the peripheral device can be assured of the other's identity. A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information, such as certificates authenticating the host and peripheral device. In embodiments, mutual authentication such as PKI is enabled in a first domain to enable the host, based on its policy, to admit or authenticate a device that operates in another domain. In embodiments, the peripheral device, based on its policy, can authenticate and communicate with the host.” And para. [0057] “FIG. 5. For example, a detection module 506 may be configured to detect the connection of a peripheral device to the host. The detection module may also determine the operable protocol of the peripheral device. An authentication module 508 may be configured to authenticate the device in a first protocol or domain. At block 510, a configuration module can reconfigure the peripheral device in the operable domain in response to a successful authentication and communication between the host and peripheral device may occur based on the host and device policies.”); 
receiving a signal from the peripheral connected to the device via the operable connection indicating that the peripheral is configured to communicate using the custom communication protocol (Dunstan, para. [0030] “FIG. 2 is a schematic diagram of an exemplary multiple protocol connection that can support multiple protocols. A host device 202 is coupled with a peripheral device 204 via a multiple protocol connection 206. The multiple protocol connection includes a multiple-protocol 208 at the host 202, and a multiple protocol connector 210 at the peripheral device 204. Signals can be transmitted between the multi-protocol connector 208 and the multi-protocol connector 210 via various pinout and signal wires. For example, the multi-protocol connection includes a first and second transmit and receive signal lines…A communication channel (CC) 224 can be used for side band signaling. A secondary bus can also be used for sideband signaling. A Vbus 226 is to provide power to the cable bus. Finally, a ground 228 grounds the cable. Although the system 200 illustrates a straight multi-protocol connector to multi-protocol connector configuration, any other configuration can be used.”);
establish a secure connection to the peripheral using the custom communication protocol  (Dunstan, para. [0027] “The system 180 includes a host device 142 and a peripheral device 144 coupled via a multiple protocol connection 148. A hub or port expander 146 is disposed between the host device 142 and the peripheral device 144 along the multiple protocol connection 148. The host device also includes a controller 150, and the hub/port expander 146 includes a proxy 152. The proxy entity is to translate authentication messages across various protocols and domains. Thus, the proxy entity can receive an authentication message from the peripheral device 144 or host 142 in a first protocol, and then translate the authentication message into a second protocol. In this manner, authentication between the host and the device can be performed across multiple protocols or domains.” And para. [0057] “FIG. 5. For example, a detection module 506 may be configured to detect the connection of a peripheral device to the host. The detection module may also determine the operable protocol of the peripheral device. An authentication module 508 may be configured to authenticate the device in a first protocol or domain. At block 510, a configuration module can reconfigure the peripheral device in the operable domain in response to a successful authentication and communication between the host and peripheral device may occur based on the host and device policies.”); and 
Dunstan teaches all the limitations of claim 9 above, however fails to explicitly teach but Lin teaches:
receive an encrypted payload from the peripheral via the secure connection (Lin, [0042] “At the highest level, USB information packets consist of: [0043] A token packet (the header packet) [0044] An optional data packet (containing the actual data payload) and para. [0049] In order to do encryption properly at the USB hub level, the encryption protocol must understand what portions of the "data payload" portion of the USB information packet can be safely altered (encrypted), and which can't. Since this will vary from USB device to USB device, the hub encryption system must be sophisticated enough to recognize this fact, and alter the bits in the "data payload" that it encrypts according to the specific USB device that is hooked up to the hub.” and para. [0074] “If external USB device (440) is an external keyboard, then most of the keystrokes will be encrypted, but certain key control keystrokes, such as control-alt-delete or other system control keystrokes will remain intact. This way an external keyboard connected to external USB port (440) would be able to defeat any data loggers attached to a non-trusted host computer (such as a public access computer), but still be able to adequately control the host computer. When used in this manner, it may be advantageous to use the buttons shown in FIG. 6 (606), (607) and display (608) to be able to switch the encryption option on and off. Once contact has been established, the encryption function can manually be switched to "ON", and secure data then entered in an encrypted manner.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
The combination of Dunstan and Lin teaches all the limitations of claim 9 above, however fails to explicitly teach but Worley teaches:
verifying whether a side-band channel is available before using the side-band channel (Worley, col. 4 lines 51-67 and col. 5 lines 1-13 “Message formatting and sensitivity confirmation unit 54 also detects the token within the message to determine the originating address and provides a sideband signal indicating the sensitivity level of that originating address. In step S5, message formatting and sensitivity confirmation unit 54 confirms that the destination address has the proper sensitivity level to receive a message from the originating address, thus assuring that no error occurred in the address reformatting to the address map of the system of FIG. 1 that would compromise confidentiality. If the reformatted destination address is not authorized to receive a message of the indicated security level, then in step S6 message formatting and sensitivity level conformation unit 54 applies an error flag or message on line 55 to input/output unit 14, and the process ends in step S8. If the destination address is confirmed to have the proper sensitivity level, then message formatting and sensitivity level confirmation unit 54 stores the reformatted message and sideband signal in buffer 58. Output interface unit 60 then requests access to bus 18, and when that access is granted passes the message and sideband signal from buffer 58 to communication bus 18 in step S7. The process then ends in step S8 until receipt of the next message. Referring to FIGS. 1 and 2, if the message in buffer 58 is for a processor within data processing unit 10, then bus 18 applies the message from output interface 60 to that processor. If the message is for a destination beyond data processing unit 10, then bus 18 applies the message and sideband signal to bus arbiter and bridge circuit 28 for subsequent transmission.” And col. 5 lines 27-63 “Likewise, when gateway unit 16 receives a message on bus 18 for transmission on bus 15 to input/output unit 14, in Step S1 the message is received by destination address detector 62 which detects the message destination address. In step S2 destination address detector 62 determines whether the destination address is an address for which communication is to pass through gateway unit 16. If not, then in Step S3, the process ends. If the message is to pass through gateway unit 16, then the message is Stored in buffer 64, and in Step S4 message formatting and Sensitivity level confirmation unit 66 reformats the message as necessary, determines the originating address, and consults the corresponding one of the sensitivity level look-up tables 68 to confirm in step S5 that the destination address has the proper Sensitivity level to receive the message…If the message was from a component which communicates through control unit 12, then the message is accompanied by a Sideband Signal indicating the Sensitivity level of the originating address, and message formatting and Sensitivity level confirmation unit 66 confirms that the destination address has the proper Sensitivity level based on the Side band Signal, rather than on the originating address. If in Step S5 it is confirmed that the destination address has the proper Sensitivity level, then message formatting and Sensitivity confirmation unit 66 adds a token to the message to indicate the destination address, Stores the message in buffer 72 and requests access to buS 15. When that acceSS is granted, then in Step S7 the message is applied to buS 15 for passage to input/output unit 14.”);
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Worley’s secure communication into Lin’s multifunction computer security and Dunstan’s authentication of a multiple protocol connection, with a motivation for secure communication of sensitive or classified information (Worley, col. 1 lines 25-35). 
As per claim 10, the combination of Dunstan, Lin and Worley teach the method of claim 9, where the operable connection is a universal serial bus (USB) type C connection, and where the side-band channel is a power delivery channel of the USB type C connection (Dunstan, para. [0014] “authentication of a peripheral device supporting multiple protocols…In the case of a USB Type-C connector, the device may be authenticated using USB2, which is present on all devices including a Type-C connector. Moreover, a Type-C connector may also use USB PD to authenticate on simple devices such as power supplies.” And para. [0022] “The USB package 120 may include a transmitter and receiver in order to transmit and receive USB data. The USB package 120 may also include components necessary to implement the USB Battery Charging Specification, USB On-the-Go Specification, and the USB Power Delivery Specification, and the USB Type-C Specification. The PCB 102 may also include components to implement the various USB Specifications.”).
As per claim 11, the combination of Dunstan, Lin and Worley teach the method of claim 9, comprising: upon detecting the peripheral being attached to the device via the operable connection, challenging the peripheral via the side-band channel to provide the signal indicating that the peripheral is configured to communicate using the custom communication protocol (Lin, para. [0060] “Another USB peripheral that may be fixedly connected to a USB hub port according to one embodiment of the invention may be used to control access to computer networks… the internal USB peripheral can function as part of a system for securing information obtained over a network. Such a system may include a token device adapted to be coupled to the computer. The token device typically includes a processor and a memory, where the processor adapted to run a data encryption/decryption algorithm. The memory can be used for storing shared symmetric keys that eliminate a need for key exchanges between parties in a secure network session. If a client requests access to a server, then a query is sent to the server. A challenge is then generated and transmitted to the token. The challenge can include a challenge puzzle, an encryption/decryption key ID, and a session ID code that determine which two particular symmetric shared keys are sent to the processor in the token device responsive to the query. The token performs a first round of encryption to produce an encrypted puzzle key from the two symmetric shared keys and performing a second round of encryption to generate a one-time password (OTP) from the encrypted puzzle key and the session ID code. The one-time password is transmitted to the server to compare the one-time password to a server-generated response to determine if the one-time password and the server-generated response match. If the one-time password and the server-generated response match, then the client is granted access to the network.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
As per claim 12, Dunstan teaches a device, comprising: 
a connector to establish an operable connection to a system, where the operable connection includes the side-band channel capable of supporting custom communications between the device and the system (Dunstan, para. [0030] “FIG. 2 is a schematic diagram of an exemplary multiple protocol connection that can support multiple protocols. A host device 202 is coupled with a peripheral device 204 via a multiple protocol connection 206. The multiple protocol connection includes a multiple-protocol 208 at the host 202, and a multiple protocol connector 210 at the peripheral device 204. Signals can be transmitted between the multi-protocol connector 208 and the multi-protocol connector 210 via various pinout and signal wires. For example, the multi-protocol connection includes a first and second transmit and receive signal lines…A communication channel (CC) 224 can be used for side band signaling. A secondary bus can also be used for sideband signaling. A Vbus 226 is to provide power to the cable bus. Finally, a ground 228 grounds the cable. Although the system 200 illustrates a straight multi-protocol connector to multi-protocol connector configuration, any other configuration can be used.”);
a security module to establish a secure connection to an application operating on the system using the custom communications (Dunstan, para. [0043] “the host and the peripheral device authenticate one another. In this manner, both the host and the peripheral device can be assured of the other's identity. A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information, such as certificates authenticating the host and peripheral device. In embodiments, mutual authentication such as PKI is enabled in a first domain to enable the host, based on its policy, to admit or authenticate a device that operates in another domain. In embodiments, the peripheral device, based on its policy, can authenticate and communicate with the host.” And para. [0057] “FIG. 5. For example, a detection module 506 may be configured to detect the connection of a peripheral device to the host. The detection module may also determine the operable protocol of the peripheral device. An authentication module 508 may be configured to authenticate the device in a first protocol or domain. At block 510, a configuration module can reconfigure the peripheral device in the operable domain in response to a successful authentication and communication between the host and peripheral device may occur based on the host and device policies.”); and 
Dunstan teaches all the limitations of claim 12 above, however fails to explicitly teach but Lin teaches:
a payload module to deliver a payload to the application using the secure connection (Lin, [0042] “At the highest level, USB information packets consist of: [0043] A token packet (the header packet) [0044] An optional data packet (containing the actual data payload) and para. [0049] In order to do encryption properly at the USB hub level, the encryption protocol must understand what portions of the "data payload" portion of the USB information packet can be safely altered (encrypted), and which can't. Since this will vary from USB device to USB device, the hub encryption system must be sophisticated enough to recognize this fact, and alter the bits in the "data payload" that it encrypts according to the specific USB device that is hooked up to the hub.” and para. [0074] “If external USB device (440) is an external keyboard, then most of the keystrokes will be encrypted, but certain key control keystrokes, such as control-alt-delete or other system control keystrokes will remain intact. This way an external keyboard connected to external USB port (440) would be able to defeat any data loggers attached to a non-trusted host computer (such as a public access computer), but still be able to adequately control the host computer. When used in this manner, it may be advantageous to use the buttons shown in FIG. 6 (606), (607) and display (608) to be able to switch the encryption option on and off. Once contact has been established, the encryption function can manually be switched to "ON", and secure data then entered in an encrypted manner.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
The combination of Dunstan and Lin teaches all the limitations of claim 12 above, however fails to explicitly teach but Worley teaches:
a verification module to verify whether a side-band channel is available before using the side-band channel (Worley, col. 4 lines 51-67 and col. 5 lines 1-13 “Message formatting and sensitivity confirmation unit 54 also detects the token within the message to determine the originating address and provides a sideband signal indicating the sensitivity level of that originating address. In step S5, message formatting and sensitivity confirmation unit 54 confirms that the destination address has the proper sensitivity level to receive a message from the originating address, thus assuring that no error occurred in the address reformatting to the address map of the system of FIG. 1 that would compromise confidentiality. If the reformatted destination address is not authorized to receive a message of the indicated security level, then in step S6 message formatting and sensitivity level conformation unit 54 applies an error flag or message on line 55 to input/output unit 14, and the process ends in step S8. If the destination address is confirmed to have the proper sensitivity level, then message formatting and sensitivity level confirmation unit 54 stores the reformatted message and sideband signal in buffer 58. Output interface unit 60 then requests access to bus 18, and when that access is granted passes the message and sideband signal from buffer 58 to communication bus 18 in step S7. The process then ends in step S8 until receipt of the next message. Referring to FIGS. 1 and 2, if the message in buffer 58 is for a processor within data processing unit 10, then bus 18 applies the message from output interface 60 to that processor. If the message is for a destination beyond data processing unit 10, then bus 18 applies the message and sideband signal to bus arbiter and bridge circuit 28 for subsequent transmission.” And col. 5 lines 27-63 “Likewise, when gateway unit 16 receives a message on bus 18 for transmission on bus 15 to input/output unit 14, in Step S1 the message is received by destination address detector 62 which detects the message destination address. In step S2 destination address detector 62 determines whether the destination address is an address for which communication is to pass through gateway unit 16. If not, then in Step S3, the process ends. If the message is to pass through gateway unit 16, then the message is Stored in buffer 64, and in Step S4 message formatting and Sensitivity level confirmation unit 66 reformats the message as necessary, determines the originating address, and consults the corresponding one of the sensitivity level look-up tables 68 to confirm in step S5 that the destination address has the proper Sensitivity level to receive the message…If the message was from a component which communicates through control unit 12, then the message is accompanied by a Sideband Signal indicating the Sensitivity level of the originating address, and message formatting and Sensitivity level confirmation unit 66 confirms that the destination address has the proper Sensitivity level based on the Side band Signal, rather than on the originating address. If in Step S5 it is confirmed that the destination address has the proper Sensitivity level, then message formatting and Sensitivity confirmation unit 66 adds a token to the message to indicate the destination address, Stores the message in buffer 72 and requests access to buS 15. When that acceSS is granted, then in Step S7 the message is applied to buS 15 for passage to input/output unit 14.”);
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Worley’s secure communication into Lin’s multifunction computer security and Dunstan’s authentication of a multiple protocol connection, with a motivation for secure communication of sensitive or classified information (Worley, col. 1 lines 25-35). 
As per claim 13, the combination of Dunstan, Lin and Worley teach the device of claim 12, where the connector is a universal serial bus (USB) type C connector and where the side-band channel is a USB type C power delivery channel (Dunstan, para. [0014] “authentication of a peripheral device supporting multiple protocols…In the case of a USB Type-C connector, the device may be authenticated using USB2, which is present on all devices including a Type-C connector. Moreover, a Type-C connector may also use USB PD to authenticate on simple devices such as power supplies.” And para. [0022] “The USB package 120 may include a transmitter and receiver in order to transmit and receive USB data. The USB package 120 may also include components necessary to implement the USB Battery Charging Specification, USB On-the-Go Specification, and the USB Power Delivery Specification, and the USB Type-C Specification. The PCB 102 may also include components to implement the various USB Specifications.”).
As per claim 14, the combination of Dunstan, Lin and Worley teach the device of claim 12, where the security module establishes the secure connection by exchanging security keys with the application (Lin, para. [0055] “When used in a PKI exchange function, the device may perform a method for exchanging dynamic encryption keys. Many different such methods exist, but the invention is unique in that it can perform such methods with a single device. One such method may include all or some of these steps, though the invention is not limited to any particular method: (a) coupling a token device to an originator computer and coupling another token device to a recipient computer, coupling the originator computer and recipient computer a network; (b) transmitting a challenge generated by the originator computer to the token device coupled to the originator computer; (c) generating a puzzle key responsive to receipt of the challenge; (d) generating a dynamic file key based upon the puzzle key and input code; (e) encrypting a data file with the dynamic file key; (t) appending decryption information to the encrypted data file; (g) appending key exchange information to the encrypted data file to generate a key exchange package; (h) transmitting the key exchange package to the recipient computer; (i) decomposing the key exchange package to obtain the key exchange information; g) transmitting the key exchange information to a server; (k) generating a key exchange challenge responsive to receipt of the key exchange information by the server; (1) transmitting the key exchange challenge to the token device coupled to recipient computer and generating an encryption key; (m) generating an encrypted dynamic file key based upon the dynamic file key and encryption key; (n) transmitting the encrypted dynamic file key to the token device coupled to the recipient computer; and (o) generating the dynamic file key based upon the key exchange challenge and the encrypted dynamic file key.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
As per claim 15, the combination of Dunstan, Lin and Worley teach the device of claim 12, where the device is a keyboard and where the payload is an encrypted password (Lin, para. [0056] “When (303) (USB device or peripheral) is used to generate secure passwords, the display portion of a device (FIG. 6 (608)) can display alphanumeric characters representative of one-time password data generated by the processor (613). The device's USB interface (FIG. 6 (602)) can allow the device to interface with the host computer, load password data into memory, and generate a one-time password. This can be used to help the computer log on to a secure computer over a network.” And para. [0074] “If external USB device (440) is an external keyboard, then most of the keystrokes will be encrypted.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lin’s multifunction computer security into Dunstan’s authentication of a multiple protocol connection, with a motivation to communicate through the internet in a secure manner and to maintain security while using peripherals hooked up to either an insecure host computer or other insecure peripherals (Lin, para. [0018]). 
Conclusion
5.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 6735660 B1 – Sideband signal transmission
US 20180007032 A1 – Theft protection system

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZOHA P TAFAGHODI whose telephone number is (571)272-5199.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ZOHA PIYADEHGHIBI TAFAGHODI/               Examiner, Art Unit 2437