DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed 10/11/2022 have been fully considered but they are not persuasive. 
The Applicant argues that the cited reference does not disclose or suggest how the keys are distributed to different devices via different connections or through different receivers. The Examiner respectfully disagrees.
Kruglick discloses that the keys are distributed to different devices via different connections or through different receivers. For example, Kruglick discloses splitting the service keys and wherein the first subset is different from the second subset and transmitting the keys via a first connection and a second connection through a first receiver on the first device and a second receiver on a second device that is distinct from the first receiver; quorum of decryption keys may be used to decrypt the data. Decryption keys may be distributed amount VMs, with different decryption keys provided to different VMs, so that a single VM may not decrypt the VM data without decryption keys held by other VMs, wherein VMs can exist on multiple devices of any type. Furthermore, each VM has a keymaster that is configured to receive the keys; see at least paragraphs 0019, 0033, 0041, 0044, 0070-0072, 0082 and 0100.
For at least the above reasons, the present claimed invention is not patentable over the cited reference(s). Claim 26 is rejected under a new prior art.
Claims 1 and 9 have been amended and claims 15-20 have been cancelled and claims 21-26 have been newly added.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-7, 9-13 and 21-25 are rejected under 35 U.S.C. 103 as being unpatentable over Zhang (US 6,550,008) in view of Kruglick (US 2014/0201533).
Regarding claim 1, Zhang discloses a method comprising:
at a headend including a non-transitory memory, a device key generator, a controller, and a transmitter (head end system; see least Fig. 1 and col. 3, line 65-col. 4, line 30):
obtaining, from the non-transitory memory, a security profile associated with a first device, a second device paired with the first device that is distinct from the first device, and a user (obtaining devices IDs; see at least col. 5, lines 30-65 wherein the host and the POD can be different electronic devices; see at least col. 3, lines 14-34 and wherein the head-end system has one or more databases containing information from which the binding messages are generated; see at least col. 3, line 65-col. 4, line 30);
locating, by the device key generator, a first device key for the first device and a second device key for the second device (mapping the devices’ IDs to locations in a database to locate keys; see at least col. 5, line 65-col. 6, line 24); and
regulating, by the controller, user access to a channel during an entitlement period (authorization message is sent to the user when the user request to view a particular program or channel; see at least col. 3, lines 34-44), including:
determining a first security ranking of the first device and a second security ranking of the second device based on the security profile (the security ranking is equivalent to if the device is authorized or not; see at least col. 4, lines 37-65), 
encrypting the first subset of service keys using the first device key and encrypting the second subset of the service keys using the second device key (public keys are encrypted using a symmetric cipher scheme with the public keys of the host device; see at least col. 13, lines 57-63), and 
transmitting, by the transmitter, the first subset of encrypted service keys to the first device and the second subset of encrypted service keys to the second device that is distinct from the first device (using a binding message; see at least col. 4, lines 37-65, col. 5, line 65-col. 6, line 24 and col. 14, lines 35-50).
Zhang discloses generating service keys for the channel in the entitlement period including a first subset of service keys to be encrypted with the first device key and a second subset of service keys to be encrypted with the second device key based on the first security ranking and the second security ranking, wherein the first subset is different from the second subset (a list of public or private keys are generated and stored at the headend and used in a binding message sent to the devices wherein identities of the devices are verified during an entity authorization process. Thus, the security ranking is equivalent to if the device is authorized or not; see at least col. 4, lines 37-65), but is not clear about splitting the service keys and wherein the first subset is different from the second subset. Furthermore, Zhang is not clear about transmitting the keys via a first connection and a second connection through a first receiver on the first device and a second receiver on a second device that is distinct from the first receiver.
Kruglick discloses splitting the service keys and wherein the first subset is different from the second subset and transmitting the keys via a first connection and a second connection through a first receiver on the first device and a second receiver on a second device that is distinct from the first receiver; quorum of decryption keys may be used to decrypt the data. Decryption keys may be distributed amount VMs, with different decryption keys provided to different VMs, so that a single VM may not decrypt the VM data without decryption keys held by other VMs, wherein VMs can exist on multiple devices of any type. Furthermore, each VM has a keymaster that is configured to receive the keys; see at least paragraphs 0019, 0033, 0041, 0044, 0070-0072, 0082 and 0100.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify Zhang by the teachings of Kruglick by having the above limitations so to be able to allow for higher levels of security to be employed, by requiring devices to assemble a quorum of decryption keys by requesting decryption keys held by other devices in order to decrypt data.

Regarding claim 2, Zhang in view of Kruglick disclose the method of claim 1, wherein obtaining, from the non-transitory memory, the security profile includes:
receiving from the first device a user profile of the user, a profile of the first device
including an identifier of the first device, a profile of the second device including an identifier
of the second device, and data exchanged during pairing of the first device and the second
device (Zhang; col. 5, line 65-col. 6, line 24); and
establishing the security profile based on the profile of the first device, the profile of
the second device, and the user profile for storage in the non-transitory memory (mapping the devices’ IDs to locations in a database to locate keys; Zhang; see at least col. 5, line 65-col. 6, line 24).

Regarding claim 3, Zhang in view of Kruglick disclose the method of claim 1, wherein determining the first security ranking of the first device and the second security ranking of the second device based on the security profile includes:
associating values to security features extracted from a profile of the first device and a
profile of the second device (Zhang; see at least col. 14, line 51-col. 15, line 6); and
calculating the first security ranking of the first device and the second security ranking
of the second device based on a function of the values associated with the security features (Zhang; see at least col. 14, line 51-col. 15, line).

Regarding claim 4, Zhang in view of Kruglick disclose the method of claim 1, wherein splitting the service keys for the channel in the entitlement period into the first subset to be encrypted with the first device key and the second subset to be encrypted with the second device key based on the first and the second security ranking includes:
splitting the service keys equally between the first subset and the second subset in accordance with a determination that the first security ranking of the first device is approximately the same as the second security ranking of the second device (the splitting of Kruglick and Zhang; same number of keys; see at least col. 14, lines 35-50).

Regarding claim 5, Zhang in view of Kruglick disclose the method of claim 1, further comprising:
receiving a request from the first device to access the channel (the user request to view a particular program or channel; Zhang; see at least col. 3, lines 34-44);
determining whether or not at least one of the first device, the second device, or a
combination of the first device and the second device is secure to access the channel based on
the security profile in response to the request (Zhang; secure channel; see at least col. 4, lines 37-65); and
performing the splitting, the encrypting and transmitting steps in accordance with a determination that at least one of the first device or the second device is secure to access the channel (Zhang; over a secure channel; see at least col. 4, lines 37-65).

Regarding claim 6, Zhang in view of Kruglick disclose the method of claim 1, further comprising:
detecting an update to the security profile, including at least one update to a profile of
the first device, a profile of the second device, or a user profile of the user; and
adjusting a number of the service keys in at least one of the first subset or the
second subset based on the update (Zhang; when the number of devices change, i.e. a device is added or removed, the session keys will be adjusted accordingly; see at least col. 7, line 64-col. 8, line 20).

Regarding claim 7, Zhang in view of Kruglick disclose the method of claim 1, further comprising regulating user access to the channel during a next entitlement period, including:
determining whether or not a user is entitled to the channel during the next entitlement
period based on a user profile of the user (in terms of if the deivce is aurhoized or not; see at least the rejection of claim 1); and
in accordance with a determination that the user is entitled to the channel, determining a third security ranking of the first device and a fourth security ranking of the second device based on the security profile, and splitting next service keys for the channel in the next entitlement period into a third subset to be encrypted with the first device key and a fourth subset to be encrypted with the second device key based on the third and the fourth security rankings,  wherein the third subset is different from the fourth subset, encrypting the third subset using the first device key and encrypting the fourth subset using the second device key, and transmitting the third subset of encrypted service keys to the first device and the fourth subset of service keys to the second device (the claim doesn’t require that the subset are different; see at least the rejection of claim 1).

Regarding claim 9, Zhang in view of Kruglick disclose all the limitations, wherein the storage to store a security profile associated with a first device, a second device paired with the first device, and a user is met by storing the verification information; see at least col. 5, lines 30-65 and a device key generator to locate a first device key for the first device and a second device key for the second device is met by mapping the devices’ IDs to locations in a database to locate keys; see at least col. 5, line 65-col. 6, line 24.

	Claim 10 is rejected on the same grounds as claim 3.
	Claim 11 is rejected on the same grounds as claim 4.
	Claim 12 is rejected on the same grounds as claim 6.
	Claim 13 is rejected on the same grounds as claim 7.
	Claim 21 is rejected on the same grounds as claim 1.
	Claim 22 is rejected on the same grounds as claim 2.
	Claim 23 is rejected on the same grounds as claim 3.
	Claim 24 is rejected on the same grounds as claim 5.
	Claim 25 is rejected on the same grounds as claim 6.

Claims 8 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Zhang in view of Kruglick and further in view of Candelore (US 2010/0235624).
Regarding claim 8, Zhang in view of Kruglick disclose the method of claim 1, and discloses the first or the second subset of service keys and the first or the second device; see at least the rejection of claim 1, but are not clear about encrypting at least one control word, encrypting media content associated with the channel with the at least one control word and transmitting the encrypted media content and the at least one control word.
Candelore discloses encrypting at least one control word, encrypting media content associated with the channel with the at least one control word and transmitting the encrypted media content and the at least one control word (encrypting a CW and encrypting the content using the CW and sending the encrypted content to the user; see at least paragraphs 0060, 0072, 0075 and 0111).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify Zhang in view of Kruglick by the teachings of Candelore by having the above limitations so to be able to descramble digital content in digital devices; see at least paragraph 0003.
	
	Claim 14 is rejected on the same grounds as claim 8.

Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Zhang in view of Kruglick and further in view of Bedekar (US 2008/0195860).
Regarding claim 26, Zhang in view of Kruglick disclose non-transitory memory of claim 25, and disclose detecting the update to the security profile and adjusting the number of the service keys in at least one of the first subset or the second subset based on the update; as above, but are not clear about detecting compromise of a device and disconnecting the connection through a second receiver on the second device and ceasing transmitting a subset to the second device.
Bedekar discloses the above missing limitations; when a node is detected to be compromised and not operating properly, the method continues by interrupting the communication and ceasing to transmit a secured message to the node and the device; see at least paragraphs 0016-0017, 0031 and 0036.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify Zhang in view of Kruglick by the teachings of Bedekar by having the above limitations so to be able to notify a mobile device that a base station is compromised and that the device should no longer communicate with the base station; see at least paragraph 0001.
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YASSIN ALATA whose telephone number is (571)270-5683.  The examiner can normally be reached on Mon-Fri 7-4 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nasser Goodarzi can be reached on 571-272-4195.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/YASSIN ALATA/Primary Examiner, Art Unit 2426