DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to amendments filed on July 5, 2022.
Claims 1-20 have been amended.
Claims 1-20 are pending.

Response to Arguments
The rejection regarding 35 U.S.C. 112(b) for Claim 16 have been withdrawn because the claim has been amended.
The rejections regarding 35 U.S.C. 102 and 103 for Claims 1-20 have been withdrawn because the claims have been amended.
Applicant’s arguments with respect to Claims 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-5, 11-15, 19, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Jeran et al. (U.S. Pub. No. 2016/0187827 A1) hereinafter referred to as “Jeran”, and Iwasaki et al. (U.S. Pub. No. 2015/0154484 A1) hereinafter referred to as “Iwasaki”.
Regarding Claim 1:
	Jeran discloses the following limitations:
	An anti-cloning system. comprising: a first device configured for a connection to a first embedded device having a first unique identity value (Abstract, installing a consumable product in the host device (an anti-cloning system. comprising: a first device) where the consumable product stores an identifier in memory (configured for a connection to a first embedded device having a first unique identity value)). The system of Jeran is directed towards a printer, i.e. the host device, which authenticates a printer cartridge, i.e. the consumable product, including determining whether the cartridge is a possible clone. Under the broadest reasonable interpretation, this consumable product is considered to be an embedded device as the print cartridge of Jeran is understood to be a device due to its computing capabilities (Par. [0014], the print cartridge (100) contains a digital signature (104) that is contained in memory (106)).  
	and a controller coupled to the first device (Par. [0025], In some examples, the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (and a controller coupled to the first device) (102), or combinations thereof). The system of Jeran includes a controller in the form of a third device which is connected to the printer and a remote server and teaches all combinations for distributing components of the determining system among the devices named.
	the controller having: a controller memory configured to store a public verification key (Par. [0039], the data structures shown stored in the memory resources (504) include a key (510) (the controller having: a controller memory configured to store a public verification key)). Jeran discloses that the controller, which contains components of the determining system, has a memory which stores a public verification key.
	and a controller processor coupled to the controller memory, the controller processor being configured to: (Par. [0047], In some examples, the processing resources (502) (controller processor) and the memory resources (504) are located within the same physical component, such as a server, or a network component (coupled to the controller memory, the controller processor being configured to)). The determining system of Jeran includes a processor and memory coupled to each other such that the processor performs the following limitations.
	verify, using the public verification key, the first unique identity value (Par. [0014], The digital signature (104) signs data stored on the cartridge, such signed data contains a unique identifier (108) (the first unique identity value) for that print cartridge (100); Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510)
(verify, using the public verification key)). The printer cartridge of Jeran includes a digital signature which contains the first unique identifier. This signature, and thus the identifier, is verified with the aforementioned public key, and this is handled by the determining system on behalf of the printer.
	(taught by Iwasaki below)
	and enable the first device to use the first embedded device, the enabling being based on: the first unique identity value being verified (Par. [0031], on the other hand, if the digital signature appears genuine, the process continues with determining (212) whether the identifier in the signed data matches an identifier in the host device's non-authenticated identifiers list. If the identifier in the signed data fails to match any of the identifiers recorded in the host device's non-authenticated identifiers list (the enabling being based on: the first unique identity value being verified ), the consumable product is authenticated (214) (and enable the first device to use the first embedded device)). Jeran further verifies the identifier by checking if the identifier is present on a blacklist. After passing this check, the embedded device is authenticated, i.e. the first device is allowed to use the embedded device. 
	(taught by Iwasaki below)

`	Iwasaki discloses the following limitations not taught by Jeran:
	add, based on a predetermined condition being satisfied, the first unique identity value to an operating list of embedded device identity values associated with a plurality of respective embedded devices that are temporarily allowed to be used with the first device for a threshold amount of time (Par. [0041], Par. [0058], the cloud print service 200 performs the temporary printer settings … the cloud print service 200 registers setting information for associating the physical printer ID (the image forming device 100) included in the setting request as a candidate output destination with the user ID, Par. [0062], Par. [0063]). Iwasaki teaches authenticating usage of printers temporarily by keeping track of a list of printer IDs that a user device can temporarily operate, implying usage for a threshold amount of time. These IDs are added through user registration, i.e. a predetermined satisfied condition. By combining the temporary operating list of IDs taught by Iwasaki with the identifiers of Jeran, this teaches the claimed limitation.
	and the first unique identity value being added to the operating list of embedded device identity values (Par. [0041], Par. [0066], Par. [0083]). Iwasaki teaches that using the printer temporarily can only be done through performing user authentication, which adds the identity value to the operating list as argued above. Therefore, the enablement of using the printer in combination with the identifiers taught by Jeran teaches the claimed limitation. 
	Jeran does not teach an operating list which stores identity values that identify embedded devices which are allowed to be used temporarily. Iwasaki however teaches that in a cloud printing system, keeping track of such an operating list of temporary device operational privileges can be performed, and this has the further benefit of additional user authentication and sharing of device privileges (Par. [0008], Par. [0035], Par. [0045], Par. [0046]).
	Jeran and Iwasaki are considered to be analogous art because they relate to authentication systems for printer devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the device authentication system of Jeran with the operating list of Iwasaki in order to gain the benefit of additional user authentication and sharing of device privileges. 

Regarding Claim 3:
	Jeran/Iwasaki discloses Claim 1.	Jeran further discloses the following limitations:
	wherein the controller is a second device that is remote from the first device (Par. [0025], in some examples, the printer (102) is in communication with a remote device, such as a remote server (117) (wherein the controller is a second device that is remote from the first device)). Jeran teaches the printer, the first device, communicating with a remote device, and this applies to the third device as previously interpreted in Claim 1 due to Jeran disclosing all possible distributions of components.
Regarding Claim 4:
	Jeran/Iwasaki discloses Claim 1.
	Jeran further discloses the following limitations:	
	wherein the controller processor is further configured to: determine whether the first unique identity value is in a consumed devices list (Par. [0025], In some examples, the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (wherein the controller processor is further configured to) (102), or combinations thereof; Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data with an identifier in the identifier list (determine whether the first unique identity value is in a consumed devices list)). Jeran teaches that the determining system may be distributed along various servers, and discloses all combinations thereof (Par. [0047], Thus, the determining system (500) may be implemented on a user device, on a server, on a collection of servers, or combinations thereof). Therefore, the determining system of Jeran teaches an arrangement in which the controller is a third device distinct from a remote server and the printer, and this remote server performs the identifier match in order for the controller to make the claimed determination. 
	that includes a plurality of unique identity values of embedded devices that have been consumed (Par. [0018], The number of printers in which a print cartridge has been installed may be tracked via the identifier. If this number exceeds a predetermined threshold, this suggests that the identifier has been copied and the identifier may then be added to the listing engine list (that includes a plurality of unique identity values of embedded devices that have been consumed)). The system of Jeran implements a blacklist which tracks a plurality of identifiers of devices which are not to be authenticated (Claim 14, listing engine that contains a list of identifiers). The blacklist is said to be updated whenever the number of times a device has been installed, i.e. consumed, exceeds a threshold so that the consumed device identifier is added. Therefore, the blacklist of Jeran constitutes a consumed devices list, as it lists devices which have been previously consumed.  
	and prevent, based on the first unique identity value being in the consumed devices list, use of the first embedded device (Par. [0045], The authentication denier (526) represents programmed instructions that, when executed, cause the processing resources (502) to deny authentication if it is determined that the consumable product's identifier matches an identifier from the list of non-authenticated identifiers (and prevent, based on the first unique identity value being in the consumed devices list, use of the first embedded device)). The system of Jeran then uses determination from the identifier match to deny authorization of disallowed devices, thereby preventing operation of the embedded device. 

Regarding Claim 5:
	Jeran/Iwasaki discloses Claim 4.
	Jeran further discloses the following limitations:
	further comprising: a server configured to store the consumed devices list (Par. [0039], The data structures shown stored in the memory resources (504) include a key (510) and identifier list (518) (further comprising: a server configured to store the consumed devices list)). As argued previously in Claim 4, Jeran teaches all possible combinations of the authentication components being distributed among separate devices, wherein the controller is a third device which consults a remote server for identifier matching. Firstly, the memory resources, which stores the identifier list, are contained within the server as claimed.  
	and check the first unique identity value against the consumed devices list (Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data with an identifier in the identifier list (518) (and check the first unique identity value against the consumed devices list)). Next, the identifier matcher of Jeran is combined with the identifier list in the same server. 
	and wherein to determine whether the first unique identity value is in the consumed devices list the controller processor is further configured to: provide the first unique identity value to the server for the checking of the first unique identity value against the consumed devices list (Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature (wherein to determine whether the first unique identity value is in the consumed devices list the controller processor is configured to: provide the first unique identity value to the server for the checking of the first unique identity value against the consumed devices list); Par. [0044]). Next, the controller includes the digital signature verifier component. That is, the identifier matcher of Jeran verifies the identifier found in the verified signed data while checking the identifier against the list, so this teaches that the identifier is provided to the server by the controller. 
	and obtain an indication related to a result of the checking of the first unique identity value (Par. [0044], If the identifier matcher (516) cannot match the identifier with one from the list, the consumable product is authenticated (and obtain an indication related to a result of the checking of the first unique identity value)). Finally, the identifier matcher determines authentication, i.e. an indication from checking the identifier, which the authentication denier of the controller uses. For these reasons, there is a teaching from Jeran for a server to perform the authentication components described while the controller exists as another device distinct from the printer and server.

Regarding Claim 11:
	Jeran/Iwasaki discloses Claim 1.
	Jeran further discloses the following limitations:
	further comprising: a second device configured for a connection to a second embedded device having a second unique identity value (Par. [0018], the common location collects the non-authenticated identifiers (112) (having a second unique identity value) from the multiple reporting printers (further comprising: a second device configured for a connection to a second embedded device) to create the listing engine list (110) that reflects the activity of multiple printers). Jeran teaches that a plurality of printers, i.e. a second device, report a plurality of non-authenticated identifiers, i.e. a second identity value from a second embedded device, to the listing engine in order to create the identifier list. Since Jeran discloses that all possible combinations of components distributed among different devices (Par. [0025], the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (102), or combinations thereof), the combination of the remote device and listing engine of Jeran acting as the controller teaches the controller servicing a second device with its own second embedded device. 
	and wherein the controller processor is further configured to verify, using the public verification key, the second unique identity value (Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510) (and wherein the controller processor is further configured to verify, using the public verification key, the second unique identity value)). As argued previously in Claim 1, the controller only uses one public verification key.
	
Regarding Claim 12:
	Jeran/Iwasaki discloses Claim 1.
	Jeran further discloses the following limitations:
	wherein the first device is further configured for a connection to a second embedded device having a second unique identity value (Par. [0013], In this example, the consumable product is a print cartridge (100) and the device is a printer (wherein the first device is further configured for a connection to); Par. [0011], Print cartridges can be authenticated upon installation into the printer so that for example a warranty eligibility of the print cartridge can be determined. In an example, third party print cartridges may not fall under warranties offered by an original printer company (a second embedded device having a second unique identity value)). The system of Jeran is directed towards authenticating printer cartridges, and teaches the authentication of consumable products. Under the broadest reasonable interpretation, the claim only recites that the first device is “configured to be coupled to or receive a second embedded device”, but this does not necessarily imply that the first device must simultaneously connect to both embedded devices. For this reason, as the system of Jeran is directed towards authenticating genuine printer cartridges, i.e. first embedded device, and rejecting third party print cartridges, i.e. second embedded device, from their identifier, Jeran teaches the first device being configured to receive and verify a second embedded device. 
	and wherein the controller processor is further configured to verify, using the public verification key, the second unique identity value (Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510) (and wherein the controller processor is further configured to verify, using the public verification key, the second unique identity value)). As argued previously in Claim 1, the controller only uses one public verification key.

Regarding Claim 13:
	Jeran discloses the following limitations:
	An anti-cloning system, comprising: a server configured to verify one or more unique identity values (Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data with an identifier in the identifier list (518) (An anti-cloning system, comprising: a server configured to verify one or more unique identity values)). The authentication system of Jeran may take the form of multiple devices/servers (Par. [0047], Thus, the determining system (500) may be implemented on a user device, on a server, on a collection of servers, or combinations thereof), of which one server contains the identifier matcher component. 
	a device configured for a connection to an embedded device having a unique identity value (Abstract). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	and a controller coupled to the device, the controller having: a controller memory configured to store a public verification key (Par. [0025], Par. [0039]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	and a controller processor coupled to the controller memory, the controller processor being configured to (Par. [0047]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	verify, using the public verification key, the unique identity value (Par. [0014], Par. [0042]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	(taught by Iwasaki below)
	and enable the device to use the embedded device, the enabling being based on: the unique identity value being verified (Par. [0031]). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	(taught by Iwasaki below)

	Iwasaki discloses the following limitations not taught by Jeran:
	add, based on a predetermined condition being satisfied, the unique identity value to an operating list of embedded device identity values associated with a plurality of respective embedded devices that are temporarily allowed to be used with the device for a threshold amount of time (Par. [0041], Par. [0058], Par. [0062], Par. [0063]).  This limitation of the claim was previously argued to be taught by Iwasaki in Claim 1. 
	and the unique identity value being added to the operating list of embedded device identity values (Par. [0041], Par. [0066], Par. [0083]). This limitation of the claim was previously argued to be taught by Iwasaki in Claim 1. 

	Jeran does not teach an operating list which stores identity values that identify embedded devices which are allowed to be used temporarily. Iwasaki however teaches that in a cloud printing system, keeping track of such an operating list of temporary device operational privileges can be performed, and this has the further benefit of additional user authentication and sharing of device privileges (Par. [0008], Par. [0035], Par. [0045], Par. [0046]).
	Jeran and Iwasaki are considered to be analogous art because they relate to authentication systems for printer devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the device authentication system of Jeran with the operating list of Iwasaki in order to gain the benefit of additional user authentication and sharing of device privileges. 

Regarding Claim 14:
	Jeran/Iwasaki discloses Claim 13.
	Jeran further discloses the following limitations:
	wherein the controller processor is further configured to: determine whether the unique identity value is in a consumed devices list that includes a plurality of unique identity values of embedded devices that have been used(Par. [0025], Par. [0044], Par. [0018]). This limitation of the claim was previously argued to be taught by Jeran in Claim 4. That is, the controller determines whether the identity value is in the list by communicating with the server, the identifier matcher. 
	and prevent, based on the unique identity value being in the consumed devices list, the use embedded device (Par. [0045]). This limitation of the claim was previously argued to be taught by Jeran in Claim 4. 

Regarding Claim 15:
	Jeran/Iwasaki discloses Claim 14.
	Jeran further discloses the following limitations:
	wherein the server is further configured to store the consumed devices list and check the unique identity value against the consumed devices list (Par. [0039], Par. [0044]). This limitation of the claim was previously argued to be taught by Jeran in Claim 5. 
	wherein to determine whether the unique identity value is in the consumed devices list the controller processor is further configured to: provide the unique identity value to the server for the checking of the unique identity value against the consumed devices list (Par. [0042], Par. [0044]). This limitation of the claim was previously argued to be taught by Jeran in Claim 5. 
	and obtain an indication related to a result of the checking of the unique identity value (Par. [0044]). This limitation of the claim was previously argued to be taught by Jeran in Claim 5. 

Regarding Claim 19:
	Jeran discloses the following limitations:
	A method of verifying an embedded device, comprising: determining, by a processor on or within a controller, that the embedded device has been connected to a device (Par. [0025], the computer readable instructions and hardware for authenticating the print cartridge (100) are distributed across the printer (102), the remote device, another device connected to the remote device or printer (102) (controller), or combinations thereof; Par. [0041], The consumable product recognizer (506) represents programmed instructions that, when executed, cause the processing resources (502) to recognize that a consumable product is in a condition to be authenticated). The system of Jeran discloses all possible distributions of components of the determining system across the listed devices, where the “another device” is considered to be the controller. One component of the determining system detects the connection of a consumable product, i.e. embedded device. 
	the embedded device having a unique identity value (Abstract). This limitation of the claim was previously argued to be taught by Jeran in Claim 1. 
	verifying, by the processor, a digital signature on the unique identity value of the embedded device (Par. [0014], The digital signature (104) signs data stored on the cartridge, such signed data contains a unique identifier (108) (the unique identity value) for that print cartridge (100); Par. [0042], The digital signature verifier (512) represents programmed instructions that, when executed, cause the processing resources (502) to verify a digital signature stored in the memory of the consumable product with the key (510) (verifying, by the processor, a digital signature on the unique identity value of the embedded device)). When it was previously argued in Claim 1 that Jeran teaches verification through a public verification key, this was used to verify a digital signature of the identifier of Jeran. 
	(taught by Iwasaki below)
	determining by the processor and based on a connection status between the controller and a server, whether the unique identity value of the embedded device is included in a consumed devices list stored on the server (Par. [0025], Par. [0044], Par. [0018], Par. [0020], A communicator (118) of the printer (102) may communicate with the listing engine (114) when internet connectivity exists (and based on a connection status between the controller and a server)). Regarding checking a consumed devices list stored on the server, this limitation was previously shown to be taught by Jeran in the rejection of Claim 5. Regarding the determination being based on a connection status, Jeran also discloses an embodiment using internet connectivity for the device, i.e. controller, to communicate with the listing engine, i.e. the server which stores the consumed devices list. 
	enabling, by the processor, the device to use the embedded device, the enabling being based on: the digital signature on the unique identity value being verified, consumed devices list (Par. [0031], on the other hand, if the digital signature appears genuine (the digital signature on the unique identity value being verified), the process continues with determining (212) whether the identifier in the signed data matches an identifier in the host device's non-authenticated identifiers list. If the identifier in the signed data fails to match any of the identifiers recorded in the host device's non-authenticated identifiers list (and the unique identity value not being on the consumed devices list), the consumable product is authenticated (214) (enabling, by the processor, the device to use the embedded device)). The verification of Jeran uses both the digital signature verification and checking for a match in the identifier list.

	Iwasaki discloses the following limitations not taught by Jeran:
	adding, by the processor and based on a predetermined condition being satisfied, the unique identity value to an operating list of unique identity values associated with a plurality of respective embedded devices that are temporarily allowed to be used with the device for a threshold amount of time (Par. [0041], Par. [0058], Par. [0062], Par. [0063]).  This limitation of the claim was previously argued to be taught by Iwasaki in Claim 1. 
	the unique identity value being added to the operating list of unique identity values (Par. [0041], Par. [0066], Par. [0083]). This limitation of the claim was previously argued to be taught by Iwasaki in Claim 1. 

	Jeran does not teach an operating list which stores identity values that identify embedded devices which are allowed to be used temporarily. Iwasaki however teaches that in a cloud printing system, keeping track of such an operating list of temporary device operational privileges can be performed, and this has the further benefit of additional user authentication and sharing of device privileges (Par. [0008], Par. [0035], Par. [0045], Par. [0046]).
	Jeran and Iwasaki are considered to be analogous art because they relate to authentication systems for printer devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the device authentication system of Jeran with the operating list of Iwasaki in order to gain the benefit of additional user authentication and sharing of device privileges. 

Regarding Claim 20:
	Jeran/Iwasaki discloses Claim 19.
	Jeran further discloses the following limitations:
	wherein: determining whether the unique identity value of the embedded device is included in the consumed devices list includes: comparing, based on the controller being connected to the server, the unique identity value against a plurality of unique identity values on the consumed devices list (Par. [0025], Par. [0044], Par. [0018], Par. [0020]). This limitation of the claim was previously argued to be taught by Jeran in the rejection of Claim 4 and 19. 
	(taught by Iwasaki below)
	includes adding the unique identity value based on the number of unique identity values on the operating list is less than a threshold amount (Par. [0020], However, in examples where the listing engine non-authenticated identifier list (110) exceeds the amount of memory available in the printer (102), the printer (102) may download just a portion of the listing engine non-authenticated identifier list (and when the number of unique identity values on the operating list is less than a threshold amount)). Reference Jeran teaches that locally stored identifier lists, such as the operating list of Iwasaki, have a size limit, i.e. threshold, due to the memory of the device. Therefore, the combination of the combination of Jeran with Iwasaki teaches the operating list having a threshold of identifier values for which another identifier cannot be added due to memory constraints. 

	Iwasaki discloses the following limitations not taught by Jeran: 
	and adding the unique identity value to the operating list (Par. [0041], Par. [0058], Par. [0062], Par. [0063]).  This limitation of the claim was previously argued to be taught by Iwasaki in Claim 1. 

Claims 2, 6, 10, 16 are rejected under 35 U.S.C. 103 as being unpatentable over Jeran/Iwasaki, and further in view of Lim et al. (U.S. Pub. No. 2011/0154043 A1) hereinafter referred to as “Lim”.
Regarding Claim 2:
	Jeran/Iwasaki discloses Claim 1.
	Jeran further discloses the following limitation:
	wherein the controller is included within the first device (Par. [0039], For example, the authentication system (500) may be incorporated into a printer (wherein the controller is included within the first device)). Jeran teaches including components of the determining (authentication) system within the printer itself, i.e. the controller is included within the first device.
	(taught by Lim below)

	Lim discloses the following limitation not taught by Jeran/Iwasaki:
	and wherein the first unique identity value is a media access control (MAC) address of the first embedded device, a Bluetooth Low Energy (BLE) address of the first embedded device, or a serial number of the first embedded device (Par. [0032], a unique device identifier 502 related to object 104 and/or chip 106, such as a serial or ID number or code). Reference Jeran/Iwasaki does not teach the unique identifier being a MAC address, BLE address, or a serial number of the embedded device. Reference Lim however teaches that the identity value may be a serial number of the object, i.e. the first embedded device, in its own authentication system for detecting cloned devices. Since the claim recites the word “or”, fulfilling one of the listed options meets the claim limitation under the broadest reasonable interpretation. 

	Jeran/Iwasaki does not teach a device identifier being a MAC address, BLE address, or serial number. Lim however teaches that a device identifier can take the form of a serial number. References Jeran/Iwasaki and Lim are considered to be analogous art because they are directed towards anti-cloning systems. Thus, all of the features of the claimed invention were known in the prior art. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute the unique identifier of Jeran/Iwasaki with the serial number of Lim because the references teach the respective elements as predictable alternatives for a device identifier. 

Regarding Claim 6:
	Jeran/Iwasaki discloses Claim 5.
	Jeran further discloses the following limitations:
	wherein the server includes: a server memory that is configured to (Par. [0047], the memory resources (504) are located within the same physical component, such as a server (wherein the server includes: a server memory that is configured to)). The server of Jeran is disclosed to include a memory.
	(taught by Lim below)
	and a server processor coupled to the server memory, the server processor being configured to: (Par. [0047], the processing resources (502) and the memory resources (504) are located within the same physical component, such as a server). Likewise, the server of Jeran is taught to have a processor, and these are considered coupled as they are located within the server. 
	(taught by Lim below)

	Lim discloses the following limitations not taught by Jeran/Iwasaki: 
	store a secret signing key and the public verification key (Par. [0031], The certificate authority can be a manufacturer, fabricator, distributor or other entity related to chip 106 and/or object 104. A private verification key 510 (shown in FIG. 5) is held by the certificate authority and forms a verification key pair with public key 103 stored on device 102 (store a secret signing key and the public verification key)). 
	digitally sign, using the secret signing key, the first unique identity value (Par. [0031], At 402, a digest is created by a certificate authority (digitally sign, using the secret signing key, the first unique identity value)). Reference Jeran/Iwasaki does not disclose the server being able to produce the digital signatures or store the signing key. That is, reference Jeran discloses authenticating digital signatures, but does not disclose their origin. Reference Lim however teaches that a certificate authority responsible for digital signatures, i.e. storing the secret signing key and digitally signing the identity values, may be any entity related to the authentication system, i.e. the server of Jeran. 

	References Jeran/Iwasaki and Lim are considered to be analogous art because they are directed towards anti-cloning systems. Thus, all of the features of the claimed invention were known in the prior art. Therefore, it would have been obvious to combine the anti-cloning system of Jeran/Iwasaki with the certificate authority of Lim, as the storage of the private key and act of producing digital signatures would not have produced changes in the respective functions of the server when the references are combined. 

Regarding Claim 10:
	Jeran/Iwasaki discloses Claim 5.
	Jeran further discloses the following limitations:
	wherein the server is further configured to: obtain the first unique identity value; compare the first unique identity value against the consumed devices list (Par. [0044], The identifier matcher (520) represents programmed instructions that, when executed, cause the processing resources (502) to match an identifier found in the signed data (wherein the server is further configured to: obtain the first unique identity value) with an identifier in the identifier list (518) (compare the first unique identity value against the consumed devices list)). The identifier matcher of Jeran, which is interpreted to be the server, obtains the identity value from the signed data and then matches it with the identifier list, i.e. the consumed devices list. 
	when the first unique identity value is in the consumed devices list: send an indication to the controller that the first embedded device is fraudulent (Par. [0045], The authentication denier (526) represents programmed instructions that, when executed, cause the processing resources (502) to deny authentication if it is determined that the consumable product's identifier matches an identifier from the list of non-authenticated identifiers (when the first unique identity value is in the consumed devices list: send an indication to the controller that the first embedded device is fraudulent)). The result of the identifier matcher of Jeran determines that authentication is denied when the identifier is on the identifier list. 
	and when the first unique identity value is not in the consumed devices list: send an indication to the controller that the first embedded device is verified (Par. [0045], The authenticator (522) represents programmed instructions that, when executed, cause the processing resources (502) to authenticate the consumable product in response to determining that the digital signature is genuine and that its associated identifier does not match an identifier in the identifier list (518) (and when the first unique identity value is not in the consumed devices list: send an indication to the controller that the first embedded device is verified)). Similarly, the result of the identifier matcher of Jeran determines that authentication is valid when the identifier is not on the identifier list. 
	(taught by Lim below)

	Lim discloses the following limitation not taught by Jeran/Iwasaki: 
	and add the first unique identity value to the consumed devices list (Par. [0006], adding the unique identifier to the unique identifier blacklist if the unique identifier is not found in the unique identifier blacklist). The system of Jeran/Iwasaki does not disclose immediately adding the identity value to the identifier list, instead it recites meeting a threshold before this determination (Jeran, Par. [0017], occurrence of a particular authenticated identifier exceeds a predetermined threshold). Reference Lim however teaches that the identifier may be added to the blacklist after the device has been authenticated to indicate it has been used. That is, Lim specifies the threshold such that the embedded device can only be used once. 
	
	Jeran/Iwasaki teaches adding device identity values to a consumed devices list after meeting a certain threshold of device uses in order to prevent over-usage, such as in the case of installing the same printer cartridge for multiple printers (Jeran, Par. [0017]). Lim however teaches immediately adding a device to a blacklist after it has been allowed for initial use in order to prevent over-usage (Par. [0042]). This teaching by Lim is akin to setting the predetermined threshold of Jeran to a single device use.  References Jeran/Iwasaki and Lim are considered to be analogous art because they are directed towards anti-cloning systems. Thus, all elements were known in the prior art. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute the threshold of Jeran/Iwasaki with the single device threshold of Lim because the references teach the respective blacklisting thresholds as predictable alternative methods for preventing device over-usage. This single device threshold further results in adding a device identity value to a consumed devices list after authentication as a consequence. 

Regarding Claim 16:
	Jeran/Iwasaki discloses Claim 13.
	Lim discloses the following limitation not taught by Jeran/Iwasaki: 
	wherein the server is configured to digitally sign, using a secret signing key, the unique identity value (Par. [0031], At 402, a digest is created by a certificate authority (wherein the server is configured to digitally sign, using a secret signing key, the unique identity value)). This limitation of the claim was previously argued to be taught by Lim in Claim 6. As the combination of references is the same, the same reasons of motivation/combination of references in Claim 6 are used here. 

	Claims 7, 8, 17, 18 are rejected under 35 U.S.C. 103 as being unpatentable over Jeran/Iwasaki, and further in view of Lang et al. (U.S. Pub. No. 2016/0285950 A1) hereinafter referred to as “Lang”.
Regarding Claim 7:
	Jeran/Iwasaki discloses Claim 1.
	Jeran further discloses the following limitation:
	(taught by Lang below)
	to a consumed devices list (Par. [0039], The data structures shown stored in the memory resources (504) include a key (510) and identifier list (518) (to a consumed devices list))

	Lang discloses the following limitation not taught by Jeran/Iwasaki: 
	wherein the operating list includes one or more embedded device identity values associated with respective one or more embedded devices that are to be used without being compared (Par. [0007], In this way, if an access control device or a server is offline, access can be allowed if the access authorization is designated as valid by reference to the positive/negative list or the whitelist (wherein the operating list includes one or more embedded device identity values associated with respective one or more embedded devices that are to be used without being compared)). References Jeran/Iwasaki does not disclose the operating list allowing for lack of comparison to the consumed devices list. Reference Lang however teaches that a whitelist, which is locally stored, may be used to authorize access when it is not possible to access a server due to the connection being offline. As the server of Jeran is responsible for storing a consumed devices list, this constitutes storing a list of devices to be used without being compared to a consumed devices list, i.e. they are to be used without comparing to the list stored in the server of Jeran. Lang further teaches that this system has the advantage of verifying identity in an offline mode while having “the advantage that a high flexibility and scaling is ensured” (Par. [0005]).

	References Jeran/Iwasaki and Lang are considered to be analogous art because they relate to access control systems for devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the anti-cloning system of Jeran/Iwasaki with the whitelist of Lang in order to gain the benefit of an offline mode of verifying identity in a way which is scalable and flexible. 

Regarding Claim 8:
	Jeran/Iwasaki discloses Claim 7.
	Jeran further discloses the following limitations:
	(taught by Lang below)
	and prevent use of any embedded device associated with the any one embedded device identity value included in the operating list that matches the identity value included in the consumed devices list (Par. [0032], if the consumable product matches one of the identifiers, the non-authenticated consumable product is prevented from being used by the host device (and prevent use of any embedded device associated with the any one embedded device identity value included in the operating list that matches the identity value included in the consumed devices list)). 

	Lang discloses the following limitation not taught by Jeran/Iwasaki: 
	wherein the controller processor is further configured to: generate an alert when any one of the device identity values included in the operating list matches an identity value included in the consumed devices list (Par. [0012], Such notifications can be notifications about defined events or irregularities in the access control system, for example, about a blocked or defective access control device, about attempted fraud, vandalism or about the detection of invalid access authorizations (generate an alert); Par. [0006], The recorded data of the access authorization are stored intermediately for a subsequent evaluation in the access control device and loaded onto the server when remaking the online connection (when any one of the device identity values included in the operating list matches an identity value included in the consumed devices list)). The system of Lang discloses that when an online connection is reestablished, a record of the previous authorizations, i.e. devices on the operating list, is sent to the server for updated verification. As argued previously in Claim 7, the combination of Jeran/Iwasaki/Lang has a consumed devices list stored in the remote server. Therefore, this constitutes matching a device on the operating list with a device on the consumed devices list. Furthermore, the system of Lang issues notifications when denied authorization is detected, and the system of Jeran denies authorization when such a match occurs. Likewise, the system of Jeran prevents the usage of any device which matches one on the consumed devices list, so this includes devices on the operating list when combined with Lang, as Lang uses the server as final verification. For these reasons, the reasons for motivation/combination of references Jeran/Iwasaki/Lang remain the same as argued in Claim 7. 

Regarding Claim 17:
	Jeran discloses Claim 13.
Lang discloses the following limitation not taught by Jeran/Iwasaki: 
wherein the controller is coupled to a scanner to read the unique identity value; and wherein controller is configured to use the scanner to read the unique identity value (Par. [0013], an access control can be carried out by means of the data goggles, wherein for this purpose by means of the integrated camera (wherein the controller is coupled to a scanner to read the unique identity value) access authorizations comprising a barcode (and wherein controller is configured to use the scanner to read the unique identity value)). References Jeran/Iwasaki does not teach a scanner or laser for reading identity values and instead uses an electrical connection to communicate the identity values. Reference Lang teaches that a reading device with an integrated camera, i.e. controller, to read barcode values, i.e. identity values. As this camera is used to read barcodes, this is considered a scanner under the broadest reasonable interpretation.

	Jeran/Iwasaki teaches communicating the device identifier both through wired and wireless connections (Jeran, Par. [0014], the receptacle is positioned such that the print cartridge (100) can wirelessly communicate with the printer; Iwasaki, Par. [0053], The short-range communication may be based on short-range wireless communication technologies such as near field communication (NFC), Bluetooth (registered trademark), or WiFi).  Lang however teaches using a camera as an alternative method of receiving a device identifier for authentication in addition to wireless communication (Par. [0013], the validity in the data goggles is made by means of barcode reading software or software for evaluating RFID or Bluetooth low energy).
	References Jeran/Iwasaki and Lang are considered to be analogous art because they relate to access control systems for devices. Thus, all features of the claimed invention were known in the prior art. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to substitute the receptacle of Jeran/Iwasaki with the camera of Lang because the references teach the respective elements as predictable alternatives for receiving the identity value. 

Regarding Claim 18:
	Jeran/Iwasaki discloses Claim 17.
	Lang discloses the following limitations not taught by Jeran/Iwasaki: 
	wherein the embedded device is a non-electrical device (Par. [0004], The customer medium can, for example, be designed as an RFID tag, RFID card or as a paper ticket with machine-readable information (wherein the embedded device is a non-electrical device)). Lang teaches that the device to be authenticated may be a paper ticket, i.e. a non-electrical device. 
	and the unique identity value is a serial number or a bar code (Par. [0013], wherein for this purpose by means of the integrated camera access authorizations comprising a barcode (and the unique identity value is a serial number or a bar code)). Lang teaches that the identity value is a barcode. 
	to be verified against an algorithm, a black list, or the operating list (Par. [0027], access can be allowed if the access authorization is designated as valid by reference to the positive/negative list or the whitelist (to be verified against an algorithm, a black list, or the operating list)). Lang further teaches checking the identifier from the barcode against a whitelist, i.e. an operating list. The reasons for motivation/combination of references remain the same as in Claim 17. 

	Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Jeran/Iwasaki/Lang, and further in view of Balasubramanian et al. (U.S. Pub. No. 2009/0245176 A1) hereinafter referred to as “Balasubramanian”.
Regarding Claim 9:
	The combination of Jeran/Iwasaki/Lang discloses Claim 7.
	Lang further discloses the following limitation:
	wherein the controller processor is configured to: determine that there is no connection between the controller and the server (Par. [0015], The recorded data of the access authorization are stored intermediately for a subsequent evaluation in the access control device and loaded onto the server when remaking the online connection). Reference Lang teaches different authentication methods depending on whether there is a connection to a server or not. Since the system of Lang must choose an authentication scheme, the system of Lang teaches determining a lack of connection between the controller and server.
	(taught by Balasubramanian below)
	(taught by Balasubramanian below)
	(taught by Balasubramanian below)

	Balasubramanian discloses the following limitations not taught by the combination of Jeran/Iwasaki/Lang:
	determine a duration of time since the operating list was checked against the consumed devices list (Par. [0146], time duration can be determined from a timer initialized upon entry of the access point in the black list (determine a duration of time since the operating list was checked against the consumed devices list)). The combination of references Jeran/Iwasaki/Lang does not disclose a time threshold. Reference Balasubramanian however discloses time expiration of blacklists and whitelists. Here, Balasubramanian discloses determining the time duration since an entry is populated in a blacklist, but this action is also understood to be done for whitelists as well (Par. [0096], the list maintainer 308 can leverage the list entry timer 310 to remove list entries. In this regard, after a period of time, entries can be removed from the blacklist and/or whitelist such that the communications apparatus 300 re-evaluates the access point or group of access points corresponding to the entry). The whitelist of Lang updates, which includes adding entries, by checking against the consumed devices list of Jeran in the combination of Lang/Jeran. Therefore, reference Balasubramanian teaches calculating a duration of time since the operating list was checked against the consumed devices list, since the addition of entries to the whitelist suggests an update/check. Furthermore, Balasubramanian teaches a time duration calculated using the difference between Tnow and Tlast (Par. [0094], Tnow is the current time, Tlast is the last time of encounter by the communications apparatus). Balasubramanian teaches that this deletion has the advantage of keeping the entries in the whitelist up to date (Par. [0094], the lists can have maximum sizes such that the list maintainer 308 can insert entries into the list and expunge some list entries to make room for new entries where necessary (e.g., in view of the maximum size)). 
	prevent the use of the first embedded device when the duration of time is at least a threshold duration of time (Par. [0146], a deletion threshold can be compared to the time duration to determine when to delete the access point from the list, as described). References Jeran/Iwasaki/Lang were combined in a manner such that a whitelist is used for authentication in the lack of a connection to the server. Reference Balasubramanian teaches that whitelist entries may be deleted in the event that the entry timer expires, i.e. the duration of time exceeds the threshold specified by the entry timer. Therefore, since the whitelist is responsible for authorizing devices, the removal of this entry teaches preventing use of the embedded device when the threshold is exceeded. 
	and allow the use of the first embedded device when the duration of time is less than the threshold duration of time (Par. [0082], whitelist of suitable access points (and allow the use of the first embedded device); Par. [0146], a deletion threshold can be compared to the time duration to determine when to delete the access point from the list, as described (when the duration of time is less than the threshold duration of time)). Alternatively, the entry remains in the whitelist, so the device is allowed as according to the whitelist of Lang. 

	The combination of references Jeran/Iwasaki/Lang and reference Balasubramanian are considered analogous art because they relate to the field of access control of devices. Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the anti-cloning system of Jeran/Iwasaki/Lang with the whitelist expiration of Balasubramanian in order to gain the benefit of keeping the whitelist up to date in light of size constraints of the whitelist.  

Related Art
	The following prior art made of record and cited on PTO-892, but not relied upon, is considered pertinent to applicant’s disclosure: 
Jeran et al. (U. S. Pub. No. 2016/0173284 A1) – Includes anti-cloning system which authenticates using remaining life value of the consumable product
Brockhaus et al. (U. S. Patent No. 10,461,941 B2) – Includes methods relating to temporary authentication by means of certificate validity periods

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ETHAN V VO whose telephone number is (571)272-2505. The examiner can normally be reached M-F 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on  (571)272-2092. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/E.V.V./Examiner, Art Unit 2431              
                                                                                                                                                                                          /LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431