DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on September 29 2022 has been entered. Applicant amended claims 1-2 and 14.
 
Response to Arguments
Applicant's arguments filed September 29 2022 have been fully considered but they are not persuasive. 
On page 5, Applicant alleges “…Abraham discloses nothing regarding trusted parties, semi-trusted parties, and untrusted parties. The claim amendment taken as a whole render the rejection moot….”. This is not persuasive because according to National Institute of Standards and Technology (NIST) publications, a trusted party/semi trusted party is interpreted/defined to be :
(1) a party that is trusted by its clients to generate cryptographic keys (from NIST SP 800-133 Rev. 2, page 8,  see https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-133r2.pdf) and 
(2) a party that is trusted by an entity to faithfully perform certain services for that entity, an entity may choose to act as a trusted party for itself (from NIST SP 800-56B Rev. 2, page 9, see https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf). 
Therefore, applying the broadest reasonable interpretation, in Abraham, paragraphs 41, 87,  and Figure 1 disclose STA 106 (which is a station (STA) that can be a mobile/endpoint device) and this STA includes a service ID component. It is this service ID component that generates a service identifier/key based on the first hash value and/or password, and/or medium access control address of the STA/mobile/endpoint device.  Paragraph 42  of Abraham discloses the service ID as a hash value is based on a service ID encryption key. Paragraph 87 of Abraham also reveals that the service ID may further be based on a password and a MAC address of the wireless device and the password maybe associated with neighbor awareness networking(NAN) and in a NAN, a service provider/STA may publish data that it is providing service which include transmission of service ID. Thus, referring to the NIST definition that an entity can be the trusted party itself, this is the interpretation applied in Abraham with the plurality of STA within the NAN. The STA, being an entity, generates a unique identifier based on a service ID encrypted key, a password, and/or a MAC address of the device, and transmits the unique identifier to other STA-devices within the NAN. Paragraph 88 of Abraham provides additional details in stating that the service identifier enables discover of the NAN service which include the service provider/STA by other wireless STA(s)/devices. Therefore, Abraham teaches a trusted party/semi-trusted party. 
In regards to Applicant’s remarks concerning Abraham failing to teach “untrusted party”, please see paragraph 67-68 of Abraham which describe third parties that track mobile devices via the service ID; therefore, to prevent the tracking by these third parties, the service ID is changed on a periodic basis and/or may be obscured by device IDs/MAC address. The tracking third party is the untrusted party.

On page 6, Applicant further alleges “….the combination of Abraham and Griffin does not teach or suggest trusted parties, semi-trusted parties, and untrusted parties. Claims 11-13 depend from claim 1, as discussed above and is patentable for reasons similar to those discussed above with respect to claims 1-10 and 14-20”. This is not persuasive, please see paragraphs above. 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-10 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Abraham et al US 20160285630 (hereinafter Abraham).
	
	As to claim 1, Abraham teaches a method (Figure 2 and Figure 3), comprising: generating a unique identifier (abstract, Figure 1, reference number 126, and paragraphs 41 and75) for an endpoint device (Figure 1, the endpoint device is the mobile device 106a, wherein paragraph 41 disclose that the mobile device, 106a, may include a service ID component, and the abstract recites the apparatus may be configured to generate a service identifier, see also claim 1)  wherein the unique identifier is specific to the endpoint device (Figure 1 discloses the service ID is specific to the mobile device 106a, see also paragraphs 41 and 84) and is configured to identify the endpoint device with at least one semi-trusted party (paragraphs 43 and 84, wherein paragraph 43 discloses “services can be identified among wireless device using a service ID within packetized communications among wireless devices”, see also paragraphs 67 and 73), the unique identifier to identify the endpoint device with at least one untrusted party (paragraph 67-68 describe third parties that track mobile devices via the service ID, and therefore, to prevent the third parties the service ID is changed on a periodic basis and/or may be obscured by device IDs/MAC address. The tracking third party is the untrusted party); and sharing the unique identifier with another device (abstract and paragraph 84 disclose the endpoint device may be configured to transmit the generated service identifier).

As to claim 2, Abraham teaches wherein the unique identifier is a hashed value based on both the endpoint device's MAC address and an operator secret known to a network operator (abstract discloses the service identifier is based on “the first hash value, a password, and a MAC address; the password is the operator secret, see also Figure 7 and 9 which reveals the service ID is generated from a hash value based on MAC address and a password which is the operator secret that is input by an operator, see also paragraph 75), wherein the at least one semi-trusted party includes the network operator (paragraphs 30-31 reveal the STA/endpoint device may also be used an access point. The access point comprise Network controller/operator). 

As to claim 3, Abraham teaches wherein the MAC address is defined by the hardware of the endpoint device (paragraph 75 disclose the MAC address is of the wireless device).

As to claim 4, Abraham teaches wherein the unique identifier is shared wirelessly (paragraph 73 disclose the wireless device may transmit the service ID to other devices in a beacon message).

As to claim 5, Abraham teaches wherein the unique identifier is shared via a network operated by a network operator (paragraphs 74, 100, and 117 disclose the identifier is shared via a NAN network).

As to claim 6, Abraham teaches wherein the unique identifier is generated according to an algorithm: id = hash(operatorSecret, deviceMacAddress), wherein id is the unique identifier, hash is a hashing algorithm, operatorSecret is a secret known by a network operator, and deviceMacAddress is a MAC Address define by hardware of the endpoint device (abstract, Figures 7-9, wherein the abstract discloses the service identifier is based on “the first hash value, a password, and a MAC address; the password is the operator secret; Figures 7 and 9 reveal the service ID is generated from a hash value based on MAC address and a password which is the operator secret that is input by an operator, see also paragraph 75).

As to claim 7, Abraham teaches wherein the hashing algorithm is a Secure Hash Algorithm (SHA) (claims 13, 25, and 37 and paragraph 102; paragraph 102 disclose the first hash function may be one of a SHA).

As to claim 8, Abraham teaches wherein the unique identifier is not understandable by third parties and is linkable to the endpoint device by a network operator (paragraph 76; paragraph 42 discloses a private service ID that entails the service ID becomes encrypted; paragraph 44 recites “the likelihood of undesired third party monitoring of service may decrease by generating a private service ID”).

As to claim 9, Abraham teaches wherein the unique identifier is generated at the endpoint device, further comprising recomputing the unique identifier at a network operator (paragraphs 42-44 disclose encrypting the service ID by using a service ID encryption key, user password).

As to claim 10, Abraham teaches wherein sharing the unique identifier with another device comprises transmitting the unique identifier to another device owned by a network operator (abstract and paragraphs 73, wherein paragraph 73 disclose the wireless device may transmit the service ID to other devices within the NAN network).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 11-20 are rejected under 35 U.S.C. 103 as being unpatentable over Abraham et al US 20160285630 (hereinafter Abraham) in view of Griffin et al US 11240022 (hereinafter Griffin).

As to claim 11, Abraham teaches all the elements recited in claim 2 above; furthermore, Abraham teaches encrypting the operator secret (paragraph 42-47 teach encrypting the password).
Abraham does not teach rotating the operator secret.
Griffin teaches  rotating the operator secret (abstract discloses rotating the key, which is the operator secret).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claim invention to modify Abraham’s encryption key with Griffin’s method of rotating the key such that the identifier data can be deciphered by a party that holds the same rotated key (column 10, lines 15-19 of Griffin) and to improve cryptographic key security (column 3, lines 4-5 of Griffin).

As to claim 12, the combination of Abraham in view of Griffin teaches wherein the operator secret is rotated based on a rotation algorithm known to a network operator (Griffin: column 6, lines 28-45 discloses the algorithm is based on a function using the Fibonacci sequence).

As to claim 13, the combination of Abraham in view of Griffin teaches wherein the rotation algorithm includes predefined parameters known to the network operator (Griffin: column 6, lines 28-45 teaches the parameter is the Fibonacci sequence). 

As to claim 14, Abraham teaches a method comprising: generating a unique identifier (abstract, Figure 1, reference number 126, and paragraphs 41 and75) for an endpoint device (Figure 1, the endpoint device is the mobile device 106a, wherein paragraph 41 disclose that the mobile device, 106a, may include a service ID component, and the abstract recites the apparatus may be configured to generate a service identifier, see also claim 1), wherein the unique identifier is specific to the endpoint device (Figure 1 discloses the service ID is specific to the mobile device 106a, see also paragraphs 41 and 84) and is configured to identify the endpoint device (paragraphs 43 and 84, wherein paragraph 43 discloses “services can be identified among wireless device using a service ID within packetized communications among wireless devices”, see also paragraphs 67 and 73) to at least one untrusted party(paragraph 67-68 describe third parties that track mobile devices via the service ID, and therefore, to prevent the third parties the service ID is changed on a periodic basis and/or may be obscured by device IDs/MAC address. The tracking third party is the untrusted party), the unique identifier based on the operator secret and an identifier of the endpoint device (abstract discloses the service identifier is based on “the first hash value, a password, and a MAC address; the password is the operator secret, see also Figure 7 and 9 which reveals the service ID is generated from a hash value based on MAC address and a password which is the operator secret that is input by an operator, see also paragraph 75); and sharing the unique identifier with another device (abstract and paragraph 84 disclose the endpoint device may be configured to transmit the generated service identifier).
Abraham does not teach rotating an operator secret known to a network operator.
Griffin teaches rotating an operator secret known to a network operator (abstract discloses rotating the key, which is the operator secret).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claim invention to modify Abraham’s encryption key with Griffin’s method of rotating the key such that the identifier data can be deciphered by a party that holds the same rotated key (column 10, lines 15-19 of Griffin) and to improve cryptographic key security (column 3, lines 4-5 of Griffin).

As to claim 15, the combination of Abraham in view of Griffin teaches wherein the identifier of the endpoint device is a MAC address (Abraham: abstract discloses the service identifier is based on a MAC address see also paragraph 75).

As to claim 16, the combination of Abraham in view of Griffin teaches wherein the MAC address is defined by hardware of the endpoint device (Abraham: paragraph 75 disclose the MAC address is of the wireless device).

As to claim 17, the combination of Abraham in view of Griffin teaches wherein the operator secret is known to the network operator (Abraham: Figures 7 and 9 reveal the service ID is generated from a hash value based on MAC address and a password which is the operator secret that is input by an operator, see also paragraph 75).

As to claim 18, the combination of Abraham in view of Griffin teaches wherein the unique identifier is shared wirelessly via a network operated by the network operator (Abraham: paragraph 73 disclose the wireless device may transmit the service ID to other devices in a beacon message, see also paragraphs 74, 100, and 117).

As to claim 19, the combination of Abraham in view of Griffin teaches wherein the unique identifier is generated according to an algorithm id = hash(operatorSecret, deviceMacAddress), wherein id is the unique identifier, hash is a hashing algorithm, operatorSecret is the secret known by the network operator, and deviceMacAddress is a MAC Address define by hardware of the endpoint device ( Abraham: abstract, Figures 7-9, wherein the abstract discloses the service identifier is based on “the first hash value, a password, and a MAC address; the password is the operator secret; Figures 7 and 9 reveal the service ID is generated from a hash value based on MAC address and a password which is the operator secret that is input by an operator, see also paragraph 75).

As to claim 20, the combination of Abraham in view of Griffin teaches wherein the hashing algorithm is a Secure Hash Algorithm (SHA) (Abraham: claims 13, 25, and 37 and paragraph 102; paragraph 102 disclose the first hash function may be one of a SHA).

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to FELICIA FARROW whose telephone number is (571)272-1856. The examiner can normally be reached M - F 7:30--5:30pm (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571)272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/F.F/Examiner, Art Unit 2437   

/KRISTINE L KINCAID/Supervisory Patent Examiner, Art Unit 2437