Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION

Status of Claims
Claims 1-20 are subject to examination.  

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 3, 5, 14, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Panje, 11038757 in view of Loladia et al., 10,382,203.

Referring to claims 1, 14, 20, Panje, discloses an end device for secure communication with a remote device, the end device comprising: memory storing instructions; controller configured to execute the instructions to perform operations, a non-transitory computer-readable medium for storing instructions which, when executed, cause a controller to perform operations for a first device to securely communicate with a second device, the operations comprising: a method for a first device to securely communicate with a second device (BLE secure pairing among devices, claim 10), the method comprising:  

    PNG
    media_image1.png
    459
    551
    media_image1.png
    Greyscale


    PNG
    media_image2.png
    357
    596
    media_image2.png
    Greyscale

transmitting a security message (message containing information for a device such as IOT to be provisioned and configured with secure communication, col.., 4, lines 10-42, message for secure pairing, claim 10) of a protocol (secure wireless/wired protocol, col., 3, lines 50-67) through a serial link (serial link col., 7, lines 15-27) in accordance with a Bluetooth communication protocol (BLE security protocol, claim 10) to a gateway (claim 10), the security message being transmitted by the gateway to the second device (gateway passing messages from the devices such as IOT and devices such as server, claim 10, col., 7, lines 15-27); configuring a secure connection between the first and second devices through the serial link in accordance with the Bluetooth communication protocol between the first device and the gateway (provisioning and configuring secure communication between devices though gateway using BLE secure, for devices such as IOT, col.., 4, lines 10-42, message for secure pairing, claim 10), the secure connection being based on the security message (using message containing information for a device such as IOT to be provisioned and configured with secure communication, col.., 4, lines 10-42, message for secure pairing, claim 10); and communicating data via the secure connection by at least one of: transmitting data from the first device to the second device; or receiving data by the first device from the second device (after provisioning and configuring the secure communication, devices such as IOT and server exchange messages via gateway, col.., 4, lines 10-42, claim 10).
Panje does not specifically mention about, which is well-known in the art, which Loladia discloses, security protocol (col., 4, lines 20-40, along with overlapped teachings of gateway, end devices, server, etc., as seen in below figures). 

    PNG
    media_image3.png
    412
    586
    media_image3.png
    Greyscale

    PNG
    media_image4.png
    601
    460
    media_image4.png
    Greyscale

    PNG
    media_image5.png
    490
    664
    media_image5.png
    Greyscale

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known / standardized communication protocols such as HTTPS, SSL, TLS, etc. These protocol(s) would enable extracting messages between interacting computing systems implementing secure communication. A broad variety of network protocols would be utilized to provide security when communicating with a broad variety of IOT devices in residential and enterprise settings. Communications between the IoT service and the companion application or IoT device may occur using an encrypted channel (e.g., SSL/TLS), col., 4, lines 20-40.

Referring to claim 3 Loladia discloses a Secure Sockets Layer protocol, a transport layer security (TLS) protocol, a datagram TLS (DTLS) protocol, a Secure/Multi-purpose Internet Mail Extensions (S/MIME) protocol, an Open Pretty Good Privacy (OQpenPGP) protocol, or a Secure HyperText Transfer Protocol (S/HTTP) (col., 4, lines 20-40).

Referring to claim 5, Loladia discloses the security protocol is a protocol of at least one of a transport layer or an application layer (col., 4, lines 20-40).

Claim(s) 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Panje in view of Loladia and Jarchafjian et al., 2018/0324152.

Referring to claim 2, Panje and Loladia do not disclose, which is well-known in the art, which Jarchafjian discloses packet size (the bluetooth is a constrained in packet size, BLE packet size constraint, para 3). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known / standardized communication protocols such as BLE, etc. These protocol(s) would enable extracting messages between interacting computing systems implementing secure communication. The constrained such as BLE packet size constraint would limit number of packets that would be communicated in a given amount of time. Knowing of the constraints would enable selection of number of needed communication channels for a device, para 3.  

Claim(s) 4, 17, is/are rejected under 35 U.S.C. 103 as being unpatentable over Panje in view of Loladia and Verzun et al., 2016/0219024.
Referring to claim(s) 4, 17, Panje discloses transmitting the security message through the serial link in accordance with the protocol between the first device and gateway (refer to the rejections in claim 1). Panje and Loladia do not specifically mention about, which is well-known in the art, which Verzun discloses, dynamic fragmentation (para 874, serial communication, para 104). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known dynamic fragmentation. The dynamic fragmentation would enable fragmentation of network traffic/packets on the path between devices. This would support overcoming constraint at the network device of the network and maintain connection among the devices, para 104.  

Claim(s) 4, 17, is/are rejected under 35 U.S.C. 103 as being unpatentable over Panje in view of Loladia and Emmons 20160040903.
Referring to claim(s) 4, 17, Panje discloses transmitting the security message through the serial link in accordance with the protocol between the first device and gateway (refer to the rejections in claim 1). Panje and Loladia do not specifically mention about, which is well-known in the art, which Emmons discloses, dynamic fragmentation (para 54). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known dynamic fragmentation. The dynamic fragmentation would enable fragmentation of network traffic/packets on the path between devices. This would support overcoming constraint at the network device of the network and maintain connection among the devices, para 104.  


Claim(s) 6, 16, is/are rejected under 35 U.S.C. 103 as being unpatentable over Panje in view of in view of Loladia, Galvin et al., 2011/0093710 and Cheng et al., 2009/0089262.
Referring to claim(s) 6, 16, Panje and Loladia does not specifically mention about, which is well-known in the art, which Galvin discloses, negotiating an encryption algorithm with the second device (para 2); exchanging key information with the second device (para 32, 33), calculating a session key based on the encryption algorithm and the key information (generate session key using negotiated algorithm and exchanged key information, para 32, 33). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known deriving a session key based on the encryption algorithm and the key information. The session key would enable securing a session between devices for communicating secure data. The session key is valid for the particular session and would be based on the key information agreed upon the devices for enhanced security, para 32, 33. Panje, Galvin and Loladia do not specifically mention about, which is well-known in the art, which Cheng discloses, verifying an identity of the second device in accordance with a trusted authentication authority (as per the authority issuing identifier for authentication, para 51. Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known authority issued identifier for verifying a device. After verification of the device a session would be established between devices for communicating secure data. The verification would ensure that the device is a trusted device for accessing information from another device, para 51.  

Claim(s) 8, is/are rejected under 35 U.S.C. 103 as being unpatentable over Panje and Loladia in view of Matthews et al., 10,601,779.
Referring to claim(s) 8, Panje and Loladia does not specifically mention about, which is well-known in the art, which Matthews discloses, checking a status of a session between the first and second devices (whether the session status changes, col., 5, lines 20-30); updating the session if the status is determined to be recoverable at the second device (recover session and use the recovered session for communication, col., 9, lines 18-34), wherein communicating the data comprises exchanging the data based on a session key associated with the updated session (using the recovered session for communication between devices., col., 9, lines 18-34). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known usage of updated session and updated session key. When a session needs to be recovered, the session would be recovered. The recovered session using updated session key and updated information would enable exchanging secure data between devices, col., 9, lines 18-34.  

Claim(s) 11, 13, is/are rejected under 35 U.S.C. 103 as being unpatentable over Panje and Loladia in view of Janardhanan 2015/0180758.
Referring to claim(s) 11, Panje discloses the first end device comprises a client in the secure connection (as rejected in claim 1). Panje and Loladia does not specifically mention about, which is well-known in the art, which Janardhanan discloses, the second end device comprises a server in the secure connection (end device(s) can be a server or PC, para 17). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known devices to perform specific task. The device would act as a client or server. The device would enable configuring a connection such that messages would be exchanged using the connection. This would further enable securing another device, para 17.  

Referring to claim(s) 13, Panje discloses the first end device comprises a client in the secure connection and the first end device comprises a client (as rejected in claim 1). Panje and Loladia does not specifically mention about, which is well-known in the art, which Janardhanan discloses, the second end device comprises a server (end device can be a server or PC, para 17). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Mangla to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing server as an end device. The server would enable providing information across a network using an established connection, para 17. 

Claim(s) 7, 9, 10, 12, 15, 18, 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Panje in view of Loladia and Mangla et al., Juniper Networks, Inc., 2020/0344173.
Referring claim 7, Panje and Loladia does not specifically mention about, which is well-known in the art, which Mangla-Juniper-Networks discloses wherein communicating data comprises at least one of: encrypting data based on a session key and transmitting the encrypted data from the first device to the second device; or receiving data by the first device from the second device and decrypting the received data based on the session key (encrypt/decrypt traffic using the encryption key for securing information between the two devices, para 23). Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing encryption key to encrypt the data prior to communication to another device. The encrypted data would be available only for further processing if the key is available for decryption. The session would be secure by utilizing the encryption of the data using the encryption key, para 23. 

Referring claim 9, 18, Mangla-Juniper-Networks discloses the second device comprises a server connected to the gateway via an Internet Protocol link (additional/fewer devices, any endpoint device, any network device, network devices including both the server and the gateway for the end to end connection, para 35); the first device comprises an end device communicating with the server via the secure connection (endpoint device 210 in the end to end connection, para 34); and communicating the data comprises exchanging the data between the end device and the server through the gateway (exchange traffic via gateway and server, para 14, gateway, para 35).

Referring claim 10, 19, Mangla-Juniper-Networks discloses the gateway is a first gateway, the serial link is a first serial link (para 10) the frist device comprises a first end device connected to the first gateway through the first serial link (additional/fewer devices, any endpoint device, any network device, network devices including multiple gateways for the end to end connection, para 35, traffic/packet fragmentation when parallel or serial processing of the traffic in the devices, para 10, 25), the second device comprises a second end device connected to a second gateway over a second serial link in accordance with a protocol (additional/fewer devices, any endpoint device, any network device, network devices including multiple gateways for the end to end connection, para 35), the first gateway and the second gateway are connected with each other via an Internet Protocol link (protocol, para 17, 41), the first end device and the second end device communicate with each other via the secure connection through the first gateway and the second gateway (network devices communicate via multiple gateways for the end to end connection, para 35); and communicating the data comprises exchanging the data via the secure connection between the first end device and the second end device through the first gateway and the second gateway (network devices exchange information via multiple gateways for the end to end connection, para 35).

Referring claim 12, 15, Mangla-Juniper-Networks discloses connecting a first end device to the gateway over the serial link, wherein: the first device comprises the first end device (additional/fewer devices, any endpoint device, any network device, para 34); connecting the first device to the gateway over the serial link, the remote device comprises a second end device connected to the gateway via an IP link, the second device comprises a second end device (additional/fewer devices, any endpoint device, any network device, para 34) connected to the gateway via an Internet Protocol link (gateway, para 35, 14); the first end device and the second end device communicate with each other via the secure connection through the gateway (end to end secure connection, para 37); and communicating the data comprises exchanging the data via the secure connection between the first end device and the second end device through the gateway (exchange traffic via gateway, para 14, gateway, para 35).

Response to Arguments
Applicant's arguments filed 7/22/22, pages 10-20 have been fully considered but they are not persuasive.  Therefore, rejection of claims 1-20 is maintained. 
Regarding applicant’s concern for limitations of claim 1, “Panje Fails to Disclose or Suggest the Claimed “Security Message of a Security Protocol”; the examiner respectfully disagrees.
Applicant failed to consider that limitations, “Security Message of a Security Protocol”, are rejected by combined teachings of Panje and Loladia.  In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).     

Regarding applicant’s concern for limitations of claim 1, Panje Fails to Disclose or Suggest the Claimed “Serial Link in accordance with a Bluetooth or Universal Asynchronous Receiver/Transmitter (UART) Communication Protocol”; the examiner respectfully disagrees. Applicant failed to acknowledge that Panje discloses secure pairing, claim 10 of a protocol (secure wireless/wired protocol, col., 3, lines 50-67) through a serial link (serial link col., 7, lines 15-27) in accordance with a Bluetooth communication protocol (BLE security protocol, claim 10).

Regarding applicant’s concern for limitations of claim 1, Panje Fails to Disclose or Suggest the Claimed “Security Message being Transmitted by the Gateway to the Second Device”; the examiner respectfully disagrees. Applicant failed to acknowledge that Panje discloses the security message being transmitted by the gateway to the second device (gateway passing messages from the devices such as IOT and devices such as server, claim 10, col., 7, lines 15-27).

Regarding applicant’s concern for limitations of claim 1, Panje and Loladia Do Not Have Overlapped Network Architecture and cannot Be Combined; the examiner respectfully disagrees. Applicant failed to acknowledge that Loladia is relied upon for well-known security protocol (col., 4, lines 20-40). Applicant also failed to consider that Panje doesn’t mention anywhere that a security protocol cannot be added to the Panje’s teachings. The Applicant is again informed that one of ordinary skilled in the art would readily know what a security protocol is and what it is used for. Addition of Loladia’s disclosed security protocol with the Panje’s teachings does not require that Loladia’s network architecture be similar to the Panje’s network architecture. Contrary to applicant’s assertion Loladia’s network architecture is not relied upon for the rejections.
The conclusion of obviousness may be made from common knowledge and common sense of a person of ordinary skill in the art without any specific hint or suggestion in a particular reference.  In re Bozek, 416 F.2d 1385, 163 USPQ 545 (CCPA 1969).  
It is well established that a conclusion of obviousness may be made based on a combination of references based on a reason, suggestion or motivation to lead an inventor to combine those references.  In re Pro-Mold and Tool Co. v. Great Lakes Plastic Inc., 37 USPQ2d 1626, 1629 (Fed. Cir. 1996).  

Panje, discloses an end device for secure communication with a remote device, the end device comprising: memory storing instructions; controller configured to execute the instructions to perform operations, a non-transitory computer-readable medium for storing instructions which, when executed, cause a controller to perform operations for a first device to securely communicate with a second device, the operations comprising: a method for a first device to securely communicate with a second device (BLE secure pairing among devices, claim 10), the method comprising:  

    PNG
    media_image1.png
    459
    551
    media_image1.png
    Greyscale


    PNG
    media_image2.png
    357
    596
    media_image2.png
    Greyscale

transmitting a security message (message containing information for a device such as IOT to be provisioned and configured with secure communication, col.., 4, lines 10-42, message for secure pairing, claim 10) of a protocol (secure wireless/wired protocol, col., 3, lines 50-67) through a serial link (serial link col., 7, lines 15-27) in accordance with a Bluetooth communication protocol (BLE security protocol, claim 10) to a gateway (claim 10), the security message being transmitted by the gateway to the second device (gateway passing messages from the devices such as IOT and devices such as server, claim 10, col., 7, lines 15-27); configuring a secure connection between the first and second devices through the serial link in accordance with the Bluetooth communication protocol between the first device and the gateway (provisioning and configuring secure communication between devices though gateway using BLE secure, for devices such as IOT, col.., 4, lines 10-42, message for secure pairing, claim 10), the secure connection being based on the security message (using message containing information for a device such as IOT to be provisioned and configured with secure communication, col.., 4, lines 10-42, message for secure pairing, claim 10); and communicating data via the secure connection by at least one of: transmitting data from the first device to the second device; or receiving data by the first device from the second device (after provisioning and configuring the secure communication, devices such as IOT and server exchange messages via gateway, col.., 4, lines 10-42, claim 10).
Panje does not specifically mention about, which is well-known in the art, which Loladia discloses, security protocol (col., 4, lines 20-40, along with overlapped teachings of gateway, end devices, server, etc., as seen in below figures). 

    PNG
    media_image3.png
    412
    586
    media_image3.png
    Greyscale

    PNG
    media_image4.png
    601
    460
    media_image4.png
    Greyscale

    PNG
    media_image5.png
    490
    664
    media_image5.png
    Greyscale

Therefore, it would have been obvious to one of ordinary skill in the art at the time of the effective filing date of the claimed invention to modify the invention disclosed by Panje to implement these limitations and also one of ordinary skill in the art would have been motivated to do so because it could provide utilizing well-known / standardized communication protocols such as HTTPS, SSL, TLS, etc. These protocol(s) would enable extracting messages between interacting computing systems implementing secure communication. A broad variety of network protocols would be utilized to provide security when communicating with a broad variety of IOT devices in residential and enterprise settings. Communications between the IoT service and the companion application or IoT device may occur using an encrypted channel (e.g., SSL/TLS), col., 4, lines 20-40.


Conclusion
Mere arguments would not overcome the rejections: For example, Applicant argument, Panje and Loladia Do Not Have Overlapped Network Architecture and cannot Be Combined; the examiner respectfully disagrees. Applicant failed to acknowledge that Loladia is only relied upon for well-known security protocol (col., 4, lines 20-40). Applicant also failed to consider that Panje doesn’t mention anywhere that a security protocol must not be added to the Panje’s teachings. The Applicant is again informed that one of ordinary skilled in the art would readily know what a security protocol is and what the security protocol is used for. Addition of Loladia’s disclosed security protocol with the Panje’s teachings does not require that Loladia’s network architecture be similar to the Panje’s network architecture. Contrary to applicant’s assertion Loladia’s network architecture is not relied upon for the rejections.
Applicant also failed to consider that serial communication using BLE with SSL/TLS protocol(s) for IOT devices / gateway / server / other end devices are well known in the art, and not invented by the Applicant. Please see prior arts of the rejections of claim 1.
Mainly Applicant relied upon claimed “security message” is not limited to any particular message. 
Mainly Applicant relied upon claimed “security message” is subject to empty message, which means that there is nothing but an empty alert.
The Applicant relied upon claimed “security message” is not limited to any particular size, which means that the message is not having any characters.
Mainly Applicant relied upon claimed “security message” is not limited generated by any entity. 
Mainly Applicant relied upon claimed “security message” is not limited to ever received by any entity in claim 1. Mere transmission does not include receiving it.
Mainly Applicant failed to consider that regardless of what the “security message” contains, or do not contain anything; the secure connection would be configured.  
Mainly Applicant failed to consider that the argued claim does not contain different “security message”(s) such that the secure connection would be configured differently.   
Mainly Applicant failed to consider that mere “based on” does not limit that the claimed “security message” would be different to impact the configuring the secure connection. Rather, what the Applicant has claimed is that the configuring the secure connection would be performed regardless of what the “security message” is.  
Mainly Applicant agreed with the Bluetooth/UART protocol. Isn’t Bluetooth/UART protocol well-known in the art. Isn’t secure Bluetooth/UART protocol, which includes secure messages well-known in the art, rather invented by the applicant. Please refer to above prior arts used for the rejection of claim 1.  
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARESH PATEL whose telephone number is (571)272-3973.  The examiner can normally be reached on M-F 9-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado, can be reached at (571) 272-7624. The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HARESH N PATEL/Primary Examiner, Art Unit 2496