DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.This action is responsive to the communication filed on March 29, 2021. At this time, claims 1-6 are pending and addressed below. 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
                                                                          Double Patenting
4. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the "right to exclude" granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993);  In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Omum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). 
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. 
Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). 

Claims 1, 5 and 6 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1, 5 and 6 of US patent number 10992667. The conflicting claims are not identical, they are not patentably distinct from each other because the current application contains claims that are broader in scope than the claims of the patent number 10992667 and are anticipated by the claims 1, 5 and 6. 

This is a provisional obviousness double patenting rejection.        


                                                 Claims Comparison Table 
Application Number
17/215,810
Co-pending Patent Number
10992667
1. An authentication method for a group to which one or more devices and one or more controllers belong, the authentication method comprising: a first controller on a network generating a first group key, executing first mutual authentication with the one or more devices within the group, and sharing the first group key with the one or more devices that have succeeded in the first mutual authentication, wherein the first controller is included in the one or more controllers that belongs to the group; in a case where a second controller newly joins the group, at least one controller deciding a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the second controller newly joined in the group, wherein the at least one controller is included in the two or more controllers; the first controller executing second mutual authentication with the coordinator, and sharing the first group key with the coordinator in a case where the second mutual authentication is successful; the coordinator performing encrypted communication within the group using the first group key; and the coordinator generating a second group key when the first group key valid time runs out and before updating the first group key, executing third mutual authentication with the one or more devices and a third controller, which is one or more controllers included in the two or more controllers and which is different from the coordinator, within the group, and updating the first group key of the one or more devices and the third controller that have succeeded in the third authentication to the second group key. 
1. An authentication method for a group to which one or more devices and one or more controllers belong, the authentication method comprising: a first controller on a network generating a first group key, executing first mutual authentication with the one or more devices within the group, and sharing the first group key with the one or more devices that have succeeded in first mutual authentication, wherein the first controller is included in the one or more controllers that belongs to the group; in a case where a second controller newly joins the group, at least one controller deciding a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the second controller newly joined in the group, wherein the at least one controller is included in the two or more controllers; the first controller executing second mutual authentication with the coordinator, and sharing the first group key with the coordinator in a case where the second mutual authentication is successful; the coordinator performing encrypted communication within the group using the first group key; and the coordinator generating a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executing third mutual authentication with the one or more devices and a third controller, which is one or more controllers included in the two or more controllers and which is different from the coordinator, within the group, and updating the first group key of the one or more devices and the third controller that have succeeded in the third authentication to the second group key.
5. A first controller, comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as a connector that connects to a group to which one or more devices and one or more controllers on a network belong, where the first controller of the one or more controllers generates a first group key, executes first mutual authentication with the one or more devices within the group, and shares the first group key with the one or more devices that have succeeded in the first mutual authentication; a negotiator that decides a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the first controller; and an authentication processor that executes second mutual authentication with the one of the one or more controllers that receives the first group key from the one of the one or more controllers that in a case where the second mutual authentication is successful, and performs encrypted communication within the group using the first group key, wherein, in a case where the first controller itself is decided to be the coordinator, the authentication processor further generates a second group key when the first group key valid time runs out and before updating the first group key, receives authentication information of the one or more devices within the group from the one of the one or more controllers, executes third mutual authentication with the one or more devices and the one or more controllers within the group using the received authentication information, and updates the first group key of the one or more devices and the one or more controllers that have succeeded in the third authentication to the second group key. 
	
5. A first controller, comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as a connector that connects to a group to which one or more devices and one or more controllers on a network belong, where the first controller of the one or more controllers generates a first group key, executes first mutual authentication with the one or more devices within the group, and shares the first group key with the one or more devices that have succeeded in the first mutual authentication; a negotiator that decides a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the first controller; and an authentication processor that executes second mutual authentication with the one of the one or more controllers that receives the first group key from the one of the one or more controllers that in a case where the second mutual authentication is successful, and performs encrypted communication within the group using the first group key, wherein, in a case where the first controller itself is decided to be the coordinator, the authentication processor further generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, receives authentication information of the one or more devices within the group from the one of the one or more controllers, executes third mutual authentication with the one or more devices and the one or more controllers within the group using the received authentication information, and updates the first group key of the one or more devices and the one or more controllers that have succeeded in the third authentication to the second group key.
6. A first controller, in one or more controllers on a network that belong to a group to which one or more devices further belong, the first controller comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as an authentication processor that generates a first group key, that executes first mutual authentication with the one or more devices within the group, and that shares the first group key with the one or more devices that have succeeded in the first mutual authentication; and a negotiator that, in a case where a second controller newly joins the group, decides a coordinator that manages a group key used in common in the group, from two or more controllers including the one or more controllers and the second controller newly joined in the group, wherein the authentication processor further executes second mutual authentication with the coordinator, and shares the first group key with the coordinator in a case where the second mutual authentication is successful; transmits authentication information of the one or more devices in the group to the coordinator; and performs third mutual authentication with the coordinator, and in a case where the third authentication is successful, receives a second group key generated by the coordinator when the first group key valid time runs out and before updating the first group key, and updates the first group key of the first controller to the second group key. 
6. A first controller, in one or more controllers on a network that belong to a group to which one or more devices further belong, the first controller comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as an authentication processor that generates a first group key, that executes first mutual authentication with the one or more devices within the group, and that shares the first group key with the one or more devices that have succeeded in the first mutual authentication; and a negotiator that, in a case where a second controller newly joins the group, decides a coordinator that manages a group key used in common in the group, from two or more controllers including the one or more controllers and the second controller newly joined in the group, wherein the authentication processor further executes second mutual authentication with the coordinator, and shares the first group key with the coordinator in a case where the second mutual authentication is successful; transmits authentication information of the one or more devices in the group to the coordinator; and performs third mutual authentication with the coordinator, and in a case where the third authentication is successful, receives a second group key generated by the coordinator when valid time of the first group key is equal to or smaller than a predetermined value, and updates the first group key of the first controller to the second group key. 





Claims 1, 5 and 6 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1, 12 and 13 of US patent number 10440021. The conflicting claims are not identical, they are not patentably distinct from each other because the current application contains claims that are broader in scope than the claims of the patent number 10440021 and are anticipated by the claims 1, 12 and 13. 

This is a provisional obviousness double patenting rejection.          

                                                 Claims Comparison Table 
Application Number
17/215,810
Co-pending Patent Number
10440021
1. An authentication method for a group to which one or more devices and one or more controllers belong, the authentication method comprising: a first controller on a network generating a first group key, executing first mutual authentication with the one or more devices within the group, and sharing the first group key with the one or more devices that have succeeded in the first mutual authentication, wherein the first controller is included in the one or more controllers that belongs to the group; in a case where a second controller newly joins the group, at least one controller deciding a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the second controller newly joined in the group, wherein the at least one controller is included in the two or more controllers; the first controller executing second mutual authentication with the coordinator, and sharing the first group key with the coordinator in a case where the second mutual authentication is successful; the coordinator performing encrypted communication within the group using the first group key; and the coordinator generating a second group key when the first group key valid time runs out and before updating the first group key, executing third mutual authentication with the one or more devices and a third controller, which is one or more controllers included in the two or more controllers and which is different from the coordinator, within the group, and updating the first group key of the one or more devices and the third controller that have succeeded in the third authentication to the second group key.
1. An authentication method for a group to which one or more devices and one or more controllers, including a first controller on a network, belong, the authentication method comprising: a first controller generating a first group key, executing first mutual authentication with the one or more devices within the group, and sharing the first group key with the one or more devices that have succeeded in first mutual authentication, wherein the first controller is included in the one or more controllers that belong to the group; in a case where a second controller newly joins the group, at least one controller deciding a coordinator that manages a group key used in common in the group, from two or more controllers including the one or more controllers and the second controller newly joined in the group, in accordance with attributes of the two or more controllers, wherein the at least one controller is included in the two or more controllers; the first controller executing second mutual authentication with the coordinator, and sharing the first group key with the coordinator in a case where the second mutual authentication is successful, the coordinator performing encrypted communication within the group using the first group key, the coordinator generating a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executing third mutual authentication with the one or more devices and a third controller, which is one or more controllers included in the two or more controllers and which is different from the coordinator, within the group, and updating the first group key of the one or more devices and the third controller that have succeeded in the third authentication to the second group key.
5. A first controller, comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as a connector that connects to a group to which one or more devices and one or more controllers on a network belong, where the first controller of the one or more controllers generates a first group key, executes first mutual authentication with the one or more devices within the group, and shares the first group key with the one or more devices that have succeeded in the first mutual authentication; a negotiator that decides a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the first controller; and an authentication processor that executes second mutual authentication with the one of the one or more controllers that receives the first group key from the one of the one or more controllers that in a case where the second mutual authentication is successful, and performs encrypted communication within the group using the first group key, wherein, in a case where the first controller itself is decided to be the coordinator, the authentication processor further generates a second group key when the first group key valid time runs out and before updating the first group key, receives authentication information of the one or more devices within the group from the one of the one or more controllers, executes third mutual authentication with the one or more devices and the one or more controllers within the group using the received authentication information, and updates the first group key of the one or more devices and the one or more controllers that have succeeded in the third authentication to the second group key.
12. A first controller, comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as a connecting unit that connects to a group to which one or more devices and one or more controllers on a network belong, where one controller of the one or more controllers generates a first group key, executes first mutual authentication with the one or more devices within the group, and shares the first group key with the one or more devices that have succeeded in the first authentication; a negotiator that decides a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the first controller, in accordance with attributes of the two or more controllers; an authentication processing unit that executes second mutual authentication with the one of the one or more controllers that receives the first group key from the one or more of the one or more controllers that in a case where the second mutual authentication is successful, and performs encrypted communication within the group using the first group key, wherein, in a case where the first controller itself is decided to be the coordinator, the authentication processing unit further generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, receives authentication information of the one or more devices within the group from the one of the one or more controllers, executes third mutual authentication with the one or more devices and the one or more controllers within the group using the received authentication information, and updates the first group key of the one or more devices and the one or more controllers that have succeeded in the third authentication to the second group key. 
6. A first controller, in one or more controllers on a network that belong to a group to which one or more devices further belong, the first controller comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as an authentication processor that generates a first group key, that executes first mutual authentication with the one or more devices within the group, and that shares the first group key with the one or more devices that have succeeded in the first mutual authentication; and a negotiator that, in a case where a second controller newly joins the group, decides a coordinator that manages a group key used in common in the group, from two or more controllers including the one or more controllers and the second controller newly joined in the group, wherein the authentication processor further executes second mutual authentication with the coordinator, and shares the first group key with the coordinator in a case where the second mutual authentication is successful; transmits authentication information of the one or more devices in the group to the coordinator; and performs third mutual authentication with the coordinator, and in a case where the third authentication is successful, receives a second group key generated by the coordinator when the first group key valid time runs out and before updating the first group key, and updates the first group key of the first controller to the second group key. 
13. A first controller in one or more controllers, on a network, which belongs to a group to which one or more devices further belong, the controller comprising: a processor; and a memory that stores a program that, when executed by a processor, causes the processor to function as an authentication processing unit that generates a first group key, that executes first mutual authentication with the one or more devices within the group, and that shares the first group key with the one or more devices that have succeeded in the first mutual authentication; and a negotiator that in a case where a second controller newly joins the group, decides a coordinator that manages a group key used in common in the group, from two or more controllers including the one or more controllers and the second controller newly joined in the group, in accordance with attributes of the two or more controllers, wherein the authentication processing unit further executes second mutual authentication with the coordinator, and shares the first group key with the coordinator in a case where the second mutual authentication is successful; transmits authentication information of the one or more devices in the group to the coordinator; and performs third mutual authentication with the coordinator, and in a case where the third authentication is successful, receives a second group key generated by the coordinator when valid time of the first group key is equal to or smaller than a predetermined value, and updates the first group key of the first controller to the second group key. 




Claims 1, 5 and 6 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1, and 8 of US patent number 10104076. The conflicting claims are not identical, they are not patentably distinct from each other because the current application contains claims that are narrower in scope than the claims of the patent number 10104076 and are anticipated by the claims 1, and 8. 

This is a provisional obviousness double patenting rejection.           

                                                Claims Comparison Table
Application Number
17/215,810
Co-pending Patent Number
10104076
1. An authentication method for a group to which one or more devices and one or more controllers belong, the authentication method comprising: a first controller on a network generating a first group key, executing first mutual authentication with the one or more devices within the group, and sharing the first group key with the one or more devices that have succeeded in the first mutual authentication, wherein the first controller is included in the one or more controllers that belongs to the group; in a case where a second controller newly joins the group, at least one controller deciding a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the second controller newly joined in the group, wherein the at least one controller is included in the two or more controllers; the first controller executing second mutual authentication with the coordinator, and sharing the first group key with the coordinator in a case where the second mutual authentication is successful; the coordinator performing encrypted communication within the group using the first group key; and the coordinator generating a second group key when the first group key valid time runs out and before updating the first group key, executing third mutual authentication with the one or more devices and a third controller, which is one or more controllers included in the two or more controllers and which is different from the coordinator, within the group, and updating the first group key of the one or more devices and the third controller that have succeeded in the third authentication to the second group key. 
1. An authentication method performed in an authentication system including a controller, a first device, and a second device, the authentication method comprising: a first process comprising: performing a first mutual authentication between the controller and the first device, creating a group key, sharing the group key between the controller and the first device, and setting the first device as a reference device; a second process comprising: performing a first mutual authentication between the controller and the second device, and sharing the group key with the second device; a third process performed after the second process comprising: performing a second mutual authentication between the controller and the first device in response to a session update request from the first device, updating the group key in response to the second mutual authentication between the controller and the first device, and sharing the updated group key between the controller and the first device; and a fourth process performed at a group key update timing when the group key is updated comprising: performing a second mutual authentication between the controller and the second device, and sharing the updated group key with the second device.
5. A first controller, comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as a connector that connects to a group to which one or more devices and one or more controllers on a network belong, where the first controller of the one or more controllers generates a first group key, executes first mutual authentication with the one or more devices within the group, and shares the first group key with the one or more devices that have succeeded in the first mutual authentication; a negotiator that decides a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the first controller; and an authentication processor that executes second mutual authentication with the one of the one or more controllers that receives the first group key from the one of the one or more controllers that in a case where the second mutual authentication is successful, and performs encrypted communication within the group using the first group key, wherein, in a case where the first controller itself is decided to be the coordinator, the authentication processor further generates a second group key when the first group key valid time runs out and before updating the first group key, receives authentication information of the one or more devices within the group from the one of the one or more controllers, executes third mutual authentication with the one or more devices and the one or more controllers within the group using the received authentication information, and updates the first group key of the one or more devices and the one or more controllers that have succeeded in the third authentication to the second group key.
8. An authentication system, comprising: a controller; a first device; and a second device, wherein the controller and the first device are configured to perform a first mutual authentication, with the first device being set as a reference device and a group key being created and shared between the controller and the first device in response to the first mutual authentication between controller and the first device, the controller and the second device are configured to perform a first mutual authentication, with the group key being shared with the second device in response to the first mutual authentication between controller and the second device, after the first mutual authentication between controller and the second device: the controller and the first device are configured to perform a second mutual authentication in response to a session update request from the first device, with the group key being updated and shared between the controller and the first device in response to the second mutual authentication between the controller and the first device, and at a group key update timing when the group key is updated, the controller and the second device are configured to perform a second mutual authentication, with the updated group key being shared with the second device.
5. A first controller, comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as a connector that connects to a group to which one or more devices and one or more controllers on a network belong, where the first controller of the one or more controllers generates a first group key, executes first mutual authentication with the one or more devices within the group, and shares the first group key with the one or more devices that have succeeded in the first mutual authentication; a negotiator that decides a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the first controller; and an authentication processor that executes second mutual authentication with the one of the one or more controllers that receives the first group key from the one of the one or more controllers that in a case where the second mutual authentication is successful, and performs encrypted communication within the group using the first group key, wherein, in a case where the first controller itself is decided to be the coordinator, the authentication processor further generates a second group key when the first group key valid time runs out and before updating the first group key, receives authentication information of the one or more devices within the group from the one of the one or more controllers, executes third mutual authentication with the one or more devices and the one or more controllers within the group using the received authentication information, and updates the first group key of the one or more devices and the one or more controllers that have succeeded in the third authentication to the second group key.
8. An authentication system, comprising: a controller; a first device; and a second device, wherein the controller and the first device are configured to perform a first mutual authentication, with the first device being set as a reference device and a group key being created and shared between the controller and the first device in response to the first mutual authentication between controller and the first device, the controller and the second device are configured to perform a first mutual authentication, with the group key being shared with the second device in response to the first mutual authentication between controller and the second device, after the first mutual authentication between controller and the second device: the controller and the first device are configured to perform a second mutual authentication in response to a session update request from the first device, with the group key being updated and shared between the controller and the first device in response to the second mutual authentication between the controller and the first device, and at a group key update timing when the group key is updated, the controller and the second device are configured to perform a second mutual authentication, with the updated group key being shared with the second device. 





Claims 1, 5 and 6 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1, 4 and 8 of US patent number 10404453. The conflicting claims are not identical, they are not patentably distinct from each other because the current application contains claims that are broader in scope than the claims of the patent number 10404453 and are anticipated by the claims 1, 4 and 8. 

This is a provisional obviousness double patenting rejection.          

                                               



















                                                   Claims Comparison Table
Application Number
17/215,810
Co-pending Patent Number
10404453
1. An authentication method for a group to which one or more devices and one or more controllers belong, the authentication method comprising: a first controller on a network generating a first group key, executing first mutual authentication with the one or more devices within the group, and sharing the first group key with the one or more devices that have succeeded in the first mutual authentication, wherein the first controller is included in the one or more controllers that belongs to the group; in a case where a second controller newly joins the group, at least one controller deciding a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the second controller newly joined in the group, wherein the at least one controller is included in the two or more controllers; the first controller executing second mutual authentication with the coordinator, and sharing the first group key with the coordinator in a case where the second mutual authentication is successful; the coordinator performing encrypted communication within the group using the first group key; and the coordinator generating a second group key when the first group key valid time runs out and before updating the first group key, executing third mutual authentication with the one or more devices and a third controller, which is one or more controllers included in the two or more controllers and which is different from the coordinator, within the group, and updating the first group key of the one or more devices and the third controller that have succeeded in the third authentication to the second group key.
1. An authentication method for a group to which one or more devices, a first controller, and one or more second controllers belong, the one or more devices, the first controller, and the one or more second controllers being connected to a network, the authentication method comprising: selecting, using one of the first controller and the one or more second controllers, the first controller as a coordinator in accordance with an attribute of the first controller and the one or more second controllers, the coordinator being configured to manage a group key to be used in common in the group; generating, using the first controller, the group key; performing, using the first controller and each of the one or more devices, first mutual authentication between the first controller and the device; performing, using the first controller and each of the one or more second controllers, second mutual authentication between the first controller and the second controller; sharing, using the first controller, the group key with each device for which the first mutual authentication has been successful among the one or more devices; sharing, using the first controller, the group key with each second controller for which the second mutual authentication has been successful among the one or more second controllers; encrypting, using the first controller, transmission data by using the group key to generate encrypted data; generating, using the first controller, authentication data by using the group key from (i) a header, (ii) a source address corresponding to the first controller, (iii) a destination address corresponding to each device and each second controller, and (iv) the transmission data; and simultaneously broadcasting, using the first controller, a message including (i) the header, (ii) the source address, (iii) the destination address, (iv) the encrypted data, and (v) the authentication data from the first controller to each device for which the first mutual authentication has been successful and each second controller for which the second mutual authentication has been successful.
5. A first controller, comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as a connector that connects to a group to which one or more devices and one or more controllers on a network belong, where the first controller of the one or more controllers generates a first group key, executes first mutual authentication with the one or more devices within the group, and shares the first group key with the one or more devices that have succeeded in the first mutual authentication; a negotiator that decides a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the first controller; and an authentication processor that executes second mutual authentication with the one of the one or more controllers that receives the first group key from the one of the one or more controllers that in a case where the second mutual authentication is successful, and performs encrypted communication within the group using the first group key, wherein, in a case where the first controller itself is decided to be the coordinator, the authentication processor further generates a second group key when the first group key valid time runs out and before updating the first group key, receives authentication information of the one or more devices within the group from the one of the one or more controllers, executes third mutual authentication with the one or more devices and the one or more controllers within the group using the received authentication information, and updates the first group key of the one or more devices and the one or more controllers that have succeeded in the third authentication to the second group key. 
4. An authentication method for a group to which one or more devices and a first controller that are connected to a network belong, comprising: generating, using the first controller, a first group key; performing, using the first controller and each of the one or more devices, first mutual authentication between the first controller and the device; sharing, using the first controller, the first group key with each device for which the first mutual authentication has been successful among the one or more devices; selecting, in response to participation of a second controller in the group, using one of the first controller and the second controller, the first controller or the second controller as a coordinator in accordance with an attribute of the first controller and the second controller, the coordinator being configured to manage a group key to be used in common in the group; wherein in response to selection of the second controller as the coordinator, performing, using the first controller and the second controller, second mutual authentication between the first controller and the second controller; generating, using the first controller, first authentication data by using the first group key from (i) a first header, (ii) a source address corresponding to the first controller, (iii) a destination address corresponding to each device and the second controller, and (iv) notification information indicating switching of the coordinator from the first controller to the second controller; simultaneously broadcasting, using the first controller, a switching notification including (i) the first header, (ii) the source address, (iii) the destination address, (iv) the notification information, and (v) the first authentication data from the first controller to each device for which the first mutual authentication has been successful and the second controller for which the second mutual authentication has been successful; generating, using the second controller, a second group key; performing, using the second controller and each device, third mutual authentication between the second controller and the device; updating, by using each device for which the third mutual authentication has been successful, the first group key stored as the group key to the second group key; performing, using the second controller and the first controller, fourth mutual authentication between the second controller and the first controller; and updating, using the first controller, the first group key stored as the group key to the second group key if the fourth mutual authentication for the first controller is successful.
6. A first controller, in one or more controllers on a network that belong to a group to which one or more devices further belong, the first controller comprising: a processor; and a memory that stores a program that, when executed by the processor, causes the processor to function as an authentication processor that generates a first group key, that executes first mutual authentication with the one or more devices within the group, and that shares the first group key with the one or more devices that have succeeded in the first mutual authentication; and a negotiator that, in a case where a second controller newly joins the group, decides a coordinator that manages a group key used in common in the group, from two or more controllers including the one or more controllers and the second controller newly joined in the group, wherein the authentication processor further executes second mutual authentication with the coordinator, and shares the first group key with the coordinator in a case where the second mutual authentication is successful; transmits authentication information of the one or more devices in the group to the coordinator; and performs third mutual authentication with the coordinator, and in a case where the third authentication is successful, receives a second group key generated by the coordinator when the first group key valid time runs out and before updating the first group key, and updates the first group key of the first controller to the second group key. 
8. A controller connected to a network, the controller belonging to a group to which one or more devices and one or more other controllers that are connected to the network belong, one controller among the one or more other controllers having generated a first group key and having performed first mutual authentication with the one or more devices, the controller being connected to one device among the one or more devices for which the first mutual authentication has been successful, the controller comprising: a memory; a processor that executes instructions stored on the memory; and a communicator, wherein the processor performs second mutual authentication with the one controller, wherein if the second mutual authentication is successful, the communicator receives the first group key, the processor encrypts first transmission data by using the first group key to generate first encrypted data, and generates first authentication data by using the first group key from (i) a first header, (ii) a source address corresponding to the controller, (iii) a destination address corresponding to each device and each of other controllers, and (iv) the first transmission data, and the communicator simultaneously broadcasts a message including (i) the first header, (ii) the source address, (iii) the destination address, (iv) the first encrypted data, and (v) the first authentication data to each device and each of other controllers, wherein the processor selects the controller or the one controller as a coordinator in accordance with an attribute of the controller and the one controller, the coordinator being configured to manage a group key to be used in common in the group, wherein in response to selection of the controller as the coordinator, the processor generates a second group key, the communicator receives authentication information concerning the one or more devices from the one controller, the processor performs third mutual authentication with each of the one or more devices by using the authentication information, causes each device for which the third mutual authentication has been successful to update the first group key stored as the group key to the second group key, performs fourth mutual authentication with each of the one or more other controllers by using the authentication information, causes each of the other controllers for which the fourth mutual authentication has been successful to update the first group key stored as the group key to the second group key, encrypts second transmission data by using the second group key to generate second encrypted data, and generates second authentication data by using the second group key from (i) a second header, (ii) the source address, (iii) the destination address, and (iv) the second transmission data, and wherein the communicator simultaneously broadcasts a message including (i) the second header, (ii) the source address, (iii) the destination address, (iv) the second encrypted data, and (v) the second authentication data to each device and each of other controllers.


Allowable Subject Matter
The following is a statement of reasons for the indication of allowable subject matter:                                                             
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Chakrabarti, US pat.No 7561694, IDS submitted, discloses a first controller on a network generating a first group key, executing first mutual authentication with the one or more devices within the group, and sharing the first group key with the one or more devices that have succeeded in the first mutual authentication, wherein the first controller is included in the one or more controllers that belongs to the group; in a case where a second controller newly joins the group, at least one controller deciding a coordinator that manages a group key used in common in the group, from two or more controllers, including the one or more controllers and the second controller newly joined in the group, wherein the at least one controller is included in the two or more controllers; the first controller executing second mutual authentication with the coordinator, and sharing the first group key with the coordinator in a case where the second mutual authentication is successful;
The prior art does not disclose the coordinator performing encrypted communication within the group using the first group key; and the coordinator generating a second group key when the first group key valid time runs out and before updating the first group key, executing third mutual authentication with the one or more devices and a third controller, which is one or more controllers included in the two or more controllers and which is different from the coordinator, within the group, and updating the first group key of the one or more devices and the third controller that have succeeded in the third authentication to the second group key. 
                                                              Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
OBAS, US20160066354, title “ Communication system “.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSNEL JEUDY whose telephone number is (571)270-7476. The examiner can normally be reached M-F 10:00-8:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Arani T Taghi can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



Date: 9/19/2022

/JOSNEL JEUDY/Primary Examiner, Art Unit 2438