DETAILED ACTION
Responsive to the Applicant reply filed on 07/29/2022, Applicant’s amendments to claims have been entered and respective arguments carefully considered and responded in following.
Claims 1-20 are pending.
Claims 1-6 and 15-20 are rejected under 35 U.S.C § 103.
Claims 5, 7-14, 15 and 20 are rejected under 35 U.S.C. § 112(b).
Claims 7-14 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 112(b).

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
The amendment filed 07/29/2022 has been entered. 
Claims 1, 2, 5, 7, 15 and 18-20 have been amended.
Applicant’s amendment to claims overcome the objection and 112(b) rejection previously set forth in the Non-final Office Action mailed on 04/29/2022. Therefore, the objections and 112(b) rejection previously set forth are withdrawn.

Response to Arguments
Applicant’s arguments, see claims 1, 15 and Remark, filed 07/29/2022, with respect to the newly added limitation “at least one vehicle sensor key is specific to a vehicle and sensor, including vehicle make, model, and a sensor feature; vehicle sensor key that is specific to the vehicle make, model, and sensor feature.” have been fully considered and are persuasive. Therefore, the rejection has been withdrawn.  However, upon further consideration for the newly added limitation, a new ground(s) of rejection is made in view of GOLGIRI et al. (US 20190213022 A1). Please refer to the 35 U.S.C. § 103 section below for the detailed rejection.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claim 5, 7-15 and 20 are rejected under 35 U.S.C. 112(b).
Claim 5 recites "in response to a request" in line 4 but it is already defined in claim 1.
Claim 7 recites "in response to a request" in line 15 but it is already defined in line 7. The dependent claims 8-14 inherit the deficiencies of the claim upon which ultimate claim and are rejected as well.
Claim 15 recites "the at least on sensor key" in line 5.  There is insufficient antecedent basis for this limitation in the claim.
Claim 20 recites “the updated subscription private key” in line 8-9. There is insufficient antecedent basis for this limitation in the claim since “an updated subscription private key” is defined in claim 18 instead of claim 1.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3 and 5 are rejected under 35 U.S.C. 103 as being unpatentable Oguchi et al. (US 20200382313 A1 hereinafter “Oguchi”) in view of Gautama et al. (US 20140169564 A1 hereinafter “Gautama”) in view of over in view of Abbas (US 20210099308 A1) in view of GOLGIRI et al. (US 20190213022 A1 hereinafter “Golgiri”). 
Regarding claim 1, (Currently Amended) Oguchi discloses a subscription method of facilitating permission-based access to a subset of vehicle sensor data in a vehicle electronic control unit (ECU) to augment an information application, the method comprises: 
generating, by a vehicle subscription server, at least one vehicle sensor key and at least one subscription key ([0034] The memory 32 stores public key cryptographic scheme secret keys. Public keys associated with the secret keys are recorded at time of manufacturing the ECU 10); 
installing, in a memory of the vehicle ECU, the at least one vehicle sensor key ([0038] The memory 12 [included in ECU, See Fig. 2] stores a public key corresponding to a secret key stored in the authentication server 30).
Oguchi may not explicitly teach, but Gautama, which is a same field of endeavor, disclose the method, wherein in response to a request for a subscription by a mobile device, transmitting, by the vehicle subscription server, the at least one subscription key ([0068-0070] the key fob programming device 340 transmits a request message to the KPS 410 to request a public key infrastructure (PKI) private/public key pair and/or a digital certificate. The KPS 410 transmits a response message to the device 340. The key fob programming device 340 transmits the private key to the central module 140 of the vehicle 110); 
using the at least one subscription key to authenticate the mobile device as having obtained the subscription ([0089] The connection response message is encrypted with a private key (that was downloaded to the central module 140 from the KPS 410 and programmed into the central module 140 at 318 of FIG. 3), and is used to establish an authorized connection with the wireless communication device 170); and 
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Oguchi with the teachings of Gautama to transmit, by the vehicle subscription server, the at least one subscription key in response to a request for a subscription by a mobile device; use the at least one subscription key to authenticate the mobile device as having obtained the subscription. One of ordinary skill in the art would have been motivated to make this modification because the central module [or ECU] may use the PIN and the along with a digital certificate that is signed with the private key to encrypt information that is to be sent to the wireless communication device (para. 0086). A message signed with a sender's private key can be verified by anyone who has access to the sender's public key, thereby proving that the sender had access to the private key and, therefore, is likely to be the person associated with the public key used. This also ensures that the message has not been tampered with (para. 0059).
Although Oguchi teaches, in para. 0086, “a GPS sensor”, it does not teach “augmenting, by the vehicle ECU, the information application with the subset of the vehicle sensor data accessed based on the at least one vehicle sensor key.”
In a same field of endeavor Abbas discloses the method, wherein augmenting, by the vehicle ECU, the information application with the subset of the vehicle sensor data accessed based on the at least one vehicle sensor key ([0095-0097] the vehicle 101, ECU 105, user device 107, or other client devices may execute a software application 109 to provide or use a homomorphic cryptosystem [“based on the at least one vehicle sensor key”, See details Fig. 3 or para. 0061-0065 step 303-305] according the embodiments described herein. By way of example, the application 109 may also be any type of application that is executable on the vehicle 101, ECU 105, user device 107, etc. The vehicle 101, user device 107, and/or other client devices are configured with various sensors for generating or collecting environmental sensor data (e.g., for processing by the in-vehicle processor/ECU 105 and/or data platform 111).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Oguchi and Gautama with the teachings of Abbas to augment, by the vehicle ECU, the information application with the subset of the vehicle sensor data accessed based on the at least one vehicle sensor key. One of ordinary skill in the art would have been motivated to make this modification because it may introduce a capability to safely and securely deliver data (e.g., mapping data such as map tiles and attributes stored in the geographic database  [or subset of the vehicle sensor data]) to client devices (e., the ECU of the vehicle or other user device ) over the communication network  (e.g., mobile or cellular network) (para. 0044). Therefore, it introduce a layer of security to ensure that the client devices (e.g., processor or ECU of the vehicle) can safely reject data that are simply old replay data or data that have been maliciously modified using a reduced amount of computational resources compared to a traditional asymmetric encryption system.
Oguchi and Abbas respectively teach “public/secret key pair or public/ private key pair” which considers as the “vehicle sensor key and a subscription key” as stated above. However, the combination does not teach “the at least one vehicle sensor key is specific to a vehicle and sensor, including vehicle make, model, and a sensor feature; the at least one vehicle sensor key that is specific to the vehicle make, model, and sensor feature”.
In a same field of endeavor, Golgiri further discloses the method, wherein the at least one vehicle sensor key is specific to a vehicle and sensor, including vehicle make, model, and a sensor feature (para. 0039, parameters may include one or more of the VIN of the vehicle 102, a vehicle 102 condition as indicated by the vehicle sensors 122);
the at least one vehicle sensor key that is specific to the vehicle make, model, and sensor feature (para. 0039, parameters may include one or more of the VIN of the vehicle 102 [“vehicle make, model”], a vehicle 102 condition as indicated by the vehicle sensors 122).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Oguchi, Gautama and Abbas with the teachings of Golgiri to include at least one vehicle sensor key that is specific to a vehicle and sensor, including vehicle make, model, and a sensor feature; at least one vehicle sensor key that is specific to the vehicle make, model, and sensor feature. One of ordinary skill in the art would have been motivated to make this modification because advice request may include one or more parameters for selecting advice for the vehicle to present to a user upon a next key cycle of the vehicle. For example, responsive receiving to the advice request, the mobile device or the advice server may query the one or more advice databases or the one or more advice databases, respectively, to identify advice to be presented responsive to a next key cycle (para. 0038). Therefore, the advice [or the information application with the subset of the vehicle sensor] may be selected based on several parameters, such as VIN of the vehicle, a vehicle condition as indicated by the vehicle sensors.

Regarding claim 2, (Currently Amended) the combination of Oguchi, Gautama, Abbas and Golgiri discloses the subscription method of claim 1, wherein in order to access the vehicle sensor data, the vehicle ECU sends a request to the vehicle subscription server to check whether the mobile device has obtained the subscription ([Abbas: 0036] In addition or alternatively, the vehicle 101 can be equipped with or otherwise associated with a user device 107 (e.g., personal navigation device, smartphone, etc.) executing an application 109 to request and receive data (e.g., map data) from a data platform 111 according to the various embodiments described herein. As used herein, the ECU or processor 105 and the user device 107 can be referred to as client devices of the data platform 111; [Fig. 3; 0060] To begin the initialization process, at step 301 [“ECU sends a request”], the cipher module 203 of the data platform 111 receives a request from the client device 201 (e.g., the ECU 105 [equipped with the user device 107]) to initiate a secret handshake between the data platform 111 and the ECU 105; [Gautama: 0089] In response to the connection request message, at 614, the central module 140 [including ECU, See para 0030] communicates a connection response message to the wireless communication device 170. The connection response message is encrypted with a private key (that was downloaded to the central module 140 from the KPS 410 [“vehicle subscription server”] and programmed into the central module 140 at 318 of FIG. 3)), and if so, receives a signed application key check whether the mobile device has obtained the subscription, and if so, receives a signed application key ([Gautama: 0083-0085] The KPS 410 responds by generating the new public key [“signed application key” since wireless communication device 170 should come within a Bluetooth advertising range of the vehicle, See para. 0059, further details regarding Digital signature, and the current application states, in para. 0068, that app key is a public key] and communicating a response message 514 back to the wireless communication device 170. This response message includes the new public key. The KPS 410 also communicates a message to the central module 140 [including ECU, See para. 0030, “ECU”] of the vehicle 110 (at 516) to provide the public key to the central module 140 and lets the central module 140 know that a new session has been established and that the public key has been provided to the wireless communication device 170. The central module 140 then communicates a response message to the KPS 410 at 518 to acknowledge that the session has been established).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Oguchi, Abbas and Golgiri with the teachings of Gautama to receives a signed application key check whether the mobile device has obtained the subscription, and if so, receives a signed application key. One of ordinary skill in the art would have been motivated to make this modification because a new (temporary) public key [or application key] is to be used only for that particular communication session between the wireless communication device 170 and the central module 140. Therefore, it may allow an establishment of a secure communication channel between the wireless communication device 170 and the central module 140 of the vehicle 110 when the wireless communication device 170 comes within the authorization range 530 of the vehicle 110.

Regarding claim 3, (Original) the combination of Oguchi, Gautama, Abbas and Golgiri discloses the subscription method of claim 1, further comprising: 
transmitting to the information application map information, and augmenting the map information with the subset of the vehicle sensor data ([Abbas: 0036] the vehicle 101 can be equipped with or otherwise associated with a user device 107 (e.g., personal navigation device, smartphone, etc.) executing an application 109 to request and receive data (e.g., map data) from a data platform 111 according to the various embodiments described herein; [0078] In a map data use case, the client device 201 (e.g., an ECU 105) can send a request for updated map data for a given geographic area. The response payload to this request would then be map tile data for the given geographic area; [0097] the sensors may include a global positioning sensor for gathering location data (e.g., GPS)).

Regarding claim 5, (Currently Amended) the combination of Oguchi, Gautama, Abbas and Golgiri discloses the subscription method of claim 1, further comprising: 
installing, in the memory of the vehicle ECU, at least one region key for a geographic region ([Abbas: 0037] the ECU 105 or client device of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103); [0097] the sensed data represent sensor data associated with a geographic location or coordinates at which the sensor data [“region key” considered based on para. 0050 of the current application] was collected. By way of example, the sensors may include a global positioning sensor for gathering location data (e.g., GPS)); 
in response to a request for the subscription, transmitting, by the vehicle subscription server, the at least one region key ([Abbas: 0035-0037] By way of example, for cars (e.g., a vehicle 101) to provide assisted or self-driving capabilities, they generally require map localization data [“request for the subscription”] and information about their surroundings. The data platform 111 [“vehicle subscription server”] provides a mapping data service, the ECU 105 or client device of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103, [“region key” considered based on para. 0050 of the current application]) which contains information such as the attributes of the road.  The ECU 105 periodically requests this data [“request for the subscription”] to ensure that as data on the provider changes, newer data is used by the ECU 105 to perform its functions); and 
outputting to the information application, by the vehicle ECU, the subset of the vehicle sensor data based on the at least one subscription key and the at least one region key ([Abbas: 0037] In a use case where the data platform 111 provides a mapping data service, the ECU 105 or client device [equipped w/ a user device 107, “outputting to the information application”] of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103 [“region key”]) which contains information such as the attributes of the road, the speed sign limits and other factors needed by the vehicle 101 to provide routing guidance, routing recommendations, self-driving functions, etc.; [0087] FIG. 7 is a diagram illustrating an example use case of validating map data using a homomorphic cryptosystem, according to one embodiment. The data platform 111 and ECU 105 have previously initiated a handshake that resulted in the data platform 111 transmitting a cipher [“based on one subscription key”, See more detail Fig. 3 such as the private key at step 305] for storage in a local memory of the ECU 105).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Oguchi, Gautama and Golgiri with the teachings of Abbas to output to the information application, by the vehicle ECU, the subset of the vehicle sensor data based on the at least one subscription key and the at least one region key. One of ordinary skill in the art would have been motivated to make this modification because providing a homomorphic cryptosystem may enable efficient and accurate transfer and validation of data between two devices (e.g., between a server and a client device such as but not limited to a processor or engine control unit (ECU), equipped w/ a user device, of a vehicle) (para. 0002). In addition, the homomorphic cryptosystem of the system may enable secure data transmissions between the data platform 111 (e.g., a server) and a client device 201 (e.g., an ECU 105, equipped w/ a user device,) (para. 0059).

Claims 4 is rejected under 35 U.S.C. 103 as being unpatentable over Oguchi et al. (US 20200382313 A1 hereinafter “Oguchi”) in view of Gautama et al. (US 20140169564 A1 hereinafter “Gautama”) in view of over in view of Abbas (US 20210099308 A1) in view of GOLGIRI et al. (US 20190213022 A1 hereinafter “Golgiri”) as applied to claims 1 above, and further in view of Zaid et al. (US 11042816 B2 hereinafter “Zaid”).
Regarding claim 4, (Original) the combination of Oguchi, Gautama, Abbas and Golgiri discloses the subscription method of claim 1, further comprising: 
periodically updating the at least one vehicle sensor key installed in the memory of the vehicle ECU ([Oguchi: 0041] The substitution unit 112 substitutes the constant G and the second random number b generated by the second random number generator 111 into the function F to generate the second value B (Formula (iii)), which is the ECU 10 side public key [“updated vehicle sensor key”], and transmits it to the update tool 20 through CAN or the like); 
outputting to the information application, by the vehicle ECU, the subset of the vehicle sensor data based on the updated at least one subscription key ([Abbas: 0037] In a use case where the data platform 111 provides a mapping data service, the ECU 105 or client device [equipped w/ a user device 107, “outputting to the information application”] of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103) which contains information such as the attributes of the road, the speed sign limits and other factors needed by the vehicle 101 to provide routing guidance, routing recommendations, self-driving functions, etc.; [0087] FIG. 7 is a diagram illustrating an example use case of validating map data using a homomorphic cryptosystem, according to one embodiment. The data platform 111 and ECU 105 have previously initiated a handshake that resulted in the data platform 111 transmitting a cipher [“based on one subscription key”, See more detail Fig. 3 such as the private key at step 305] for storage in a local memory of the ECU 105; [0097] the sensed data represent sensor data associated with a geographic location or coordinates at which the sensor data was collected).
However, the combination does not explicitly teaches “transmitting, by the vehicle subscription server, an updated at least one subscription key to the mobile device.”
In a same field of endeavor, Zaid discloses the method, wherein transmitting, by the vehicle subscription server, an updated at least one subscription key to the mobile device (col. 17, ln. 04-05, the server update includes a new private key to the vehicle access control system).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Oguchi, Gautama, Abbas and Golgiri with the teachings of Zaid to transmit, by the vehicle subscription server, an updated at least one subscription key to the mobile device. One of ordinary skill in the art would have been motivated to make this modification because the vehicle access control system (e.g., vehicle access control component [or ECU or Smartphone]) is configured to receive a server update [or subscription key] to the vehicle access control system from the wireless communication device (col. 10, ln.13-18). A validity period that meets a security policy and count on a reliable private key to provide expiration may help to avoid security lapses.


Claims 6 is rejected under 35 U.S.C. 103 as being unpatentable over Oguchi et al. (US 20200382313 A1 hereinafter “Oguchi”) in view of Gautama et al. (US 20140169564 A1 hereinafter “Gautama”) in view of over in view of Abbas (US 20210099308 A1) in view of GOLGIRI et al. (US 20190213022 A1 hereinafter “Golgiri”) as applied to claims 1 above, and further in view of Haga et al. (US 20170134164 A1 hereinafter “Haga”).
Regarding claim 6, (Original) the combination of Oguchi, Gautama, Abbas and Golgiri discloses the subscription method of claim 5, further comprising: 
transmitting, by the vehicle subscription server, the updated at least one vehicle sensor key and the updated at least one of region key to the information application ([Oguchi: 0051] When the update tool 20 is connected to the ECU 10 in S203, the transfer unit 213 in S204 transfers the first value A (public key) stored in the memory 22 and the validity period tagged signature to the ECU 10; [Abbas: 0035-0037] The data platform 111 [“vehicle subscription server”] provides a mapping data service, the ECU 105 or client device of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103, [“region key”]) which contains information such as the attributes of the road); and 
outputting to the information application, by the vehicle ECU, the subset of the vehicle sensor data based on the updated at least one vehicle sensor key and the updated at least one region key ([Abbas: 0037] In a use case where the data platform 111 provides a mapping data service, the ECU 105 or client device [equipped w/ a user device 107, “outputting to the information application”] of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103 [“updated region key”]) which contains information such as the attributes of the road, the speed sign limits and other factors needed by the vehicle 101 to provide routing guidance, routing recommendations, self-driving functions, etc.; [0087] FIG. 7 is a diagram illustrating an example use case of validating map data using a homomorphic cryptosystem, according to one embodiment. The data platform 111 and ECU 105 have previously initiated a handshake that resulted in the data platform 111 transmitting a cipher [“based on vehicle sensor key”, See more detail Fig. 3 such as a public key at step 302] for storage in a local memory of the ECU 105).
The combination of Oguchi, Gautama, Abbas and Golgiri may not explicitly teach, but Haga, which is a same field of endeavor, discloses the method, wherein periodically updating the at least one vehicle sensor key and the at least one region key ([0042] shared keys [“vehicle sensor key and region key” since they are public keys based on para. 0050 and 0055 of the current application] shared between the master ECU and other ECUs can be updated by the external tool).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Oguchi, Gautama, Abbas and Golgiri with the teachings of Haga to update the at least one vehicle sensor key and the at least one region key. One of ordinary skill in the art would have been motivated to make this modification because updating of the shared keys or firmware within ECUs by an unauthorized external tool [or vehicle subscription server] can be prevented. Also, the level of update authority information [such as information from vehicle sensor key and region key] can be set (and certified) differently for each external tool [or vehicle subscription server] (para. 0140).


Claims 15-17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Abbas (US 20210099308 A1) in view of Donahue et al. (US 20160323736 A1 hereinafter “Donahue”) in view of Gautama et al. (US 20140169564 A1 hereinafter “Gautama”) in view of GOLGIRI et al. (US 20190213022 A1 hereinafter “Golgiri”). 
Regarding claim 15, (Currently Amended) Abbas discloses a system for facilitating permission-based access to a subset of vehicle sensor data to augment an information application, the system comprises: 
a vehicle ECU connected to a plurality of in-vehicle sensors (0096-0097] the ECU 105, user device 107, and/or other client devices may be associated with the vehicle 101 or be a component part of the vehicle 101. The vehicle 101, user device 107, and/or other client devices are configured with various sensors for generating or collecting environmental sensor data (e.g., for processing by the in-vehicle processor/ECU 105 and/or data platform 111)); 26Attorney Docket No.: 526464US
5the vehicle ECU is configured to encrypt and augment the information application with the subset of the vehicle sensor data, using the at least one sensor public key, to be decrypted based on the at least one subscription private key ([0095-0097] the vehicle 101, ECU 105, user device 107, or other client devices may execute a software application 109 to provide or use a homomorphic cryptosystem [See details Fig. 3 or para. 0061-0065 step 303-305, Encryption by using a public key; Fig. 5 or para. 0075-0076 process 501, Decryption by using a private key] according the embodiments described herein. By way of example, the application 109 may also be any type of application that is executable on the vehicle 101, ECU 105, user device 107 [mobile device, para. 0096], etc. The vehicle 101, user device 107, and/or other client devices are configured with various sensors for generating or collecting environmental sensor data (e.g., for processing by the in-vehicle processor/ECU 105 and/or data platform 111)).
Abbas may not explicitly teach, but Donahue, which is a same field of endeavor, disclose the system, wherein a vehicle subscription server configured to generate at least one sensor public key and at least one subscription private key, each said key having respective predetermined expiration dates ([0169] FIGS. 9-16 illustrate encryption/decryption scheme embodiments. Device 1-Device n comprise devices, such as but not limited to IoT devices [in this case vehicle, See para. 0067], energy devices, distributed energy resources, and the like. one of Device 1 and Device 2 comprises a controller such as a device in a cloud energy management system 302, issuing commands that are addressed to the other devices [analogous to “vehicle subscription server and ECU”]; [0231-0237] Device 1 generates a cryptographic key pair, comprising a private key 1912 and a public key 2016. the cryptographic key pair comprising the private key 1912 and public key 2016 expire based at least in part on one or more of an expiry date or time);
a memory of the vehicle ECU to store the at least one sensor public key ([0230] Device 1 distributes public key 2012 to Device 3-Device n matching the private key 1912 distributed to Device 2. Device 3-Device n comprise devices, such as but not limited to IoT devices, energy devices, distributed energy resources, and the like).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Abbas with the teachings of Donahue to include a vehicle subscription server generating at least one sensor public key and at least one subscription private key, each having respective predetermined expiration dates; a memory of the vehicle ECU to store the at least one sensor public key. One of ordinary skill in the art would have been motivated to make this modification because once a pair key expires it can no longer be used to encrypt/decrypt data. A validity period of a key pair may enhance since it ensure that as the key pair on provider changes, a newer key pair is used by a system to perform its functions. Security keys can be allocated by type of device, its location, region, time of day, etc. This will be significantly important for devices that are used to control things across the smart grid and distribution systems, in addition to devices used in a home or facility (para. 0162). Therefore, it enhances the security of communications among such devices (para. 0238).
The combination of Abbas and Donahue may not explicitly teach, but Gautama, discloses the system, wherein in response to a request for a subscription by the information application, the vehicle subscription server is configured to transmit the at least one subscription private key ([0089] In response to the connection request message, at 614, the central module 140 [including ECU, See para 0030] communicates a connection response message to the wireless communication device 170. The connection response message is encrypted with a private key (that was downloaded to the central module 140 from the KPS 410 [“vehicle subscription server”] and programmed into the central module 140 at 318 of FIG. 3)).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Abbas and Donahue with the teachings of Gautama to include a vehicle subscription server which is configured to transmit the at least one subscription private key in response to a request for the subscription by the information application. One of ordinary skill in the art would have been motivated to make this modification because the central module [or ECU] may use the PIN and the along with a digital certificate that is signed with the private key to encrypt information that is to be sent to the wireless communication device (para. 0086). A message signed with a sender's private key can be verified by anyone who has access to the sender's public key, thereby proving that the sender had access to the private key and, therefore, is likely to be the person associated with the public key used. This also ensures that the message has not been tampered with (para. 0059).
Abbas and Donahue respectively teach “public/private key pair” which considers as the “sensor public key and subscription private key” as stated above. However, the combination does not teach “the at least one sensor key is specific to a vehicle and sensor, including vehicle make, model, and a sensor feature; the at least one sensor public key that is specific to vehicle make, model, and sensor feature”.
In a same field of endeavor, Golgiri further discloses the method, wherein the at least one sensor key is specific to a vehicle and sensor, including vehicle make, model, and a sensor feature (para. 0039, parameters may include one or more of the VIN of the vehicle 102, a vehicle 102 condition as indicated by the vehicle sensors 122);
the at least one sensor public key that is specific to vehicle make, model, and sensor feature (para. 0039, parameters may include one or more of the VIN of the vehicle 102 [“vehicle make, model”], a vehicle 102 condition as indicated by the vehicle sensors 122).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Abbas Donahue and Gautama with the teachings of Golgiri to include at least one sensor key that is specific to a vehicle and sensor, including vehicle make, model, and a sensor feature; at least one sensor public key that is specific to vehicle make, model, and sensor feature. One of ordinary skill in the art would have been motivated to make this modification because advice request may include one or more parameters for selecting advice for the vehicle to present to a user upon a next key cycle of the vehicle. For example, responsive receiving to the advice request, the mobile device or the advice server may query the one or more advice databases or the one or more advice databases, respectively, to identify advice to be presented responsive to a next key cycle (para. 0038). Therefore, the advice [or the information application with the subset of the vehicle sensor] may be selected based on several parameters, such as VIN of the vehicle, a vehicle condition as indicated by the vehicle sensors.

Regarding claim 16, (Original) the combination of Abbas, Donahue, Gautama and Golgiri discloses the system of claim 15, wherein the vehicle ECU is configured to send a request to the vehicle subscription server to check whether the information application has obtained the subscription ([Abbas: 0036] In addition or alternatively, the vehicle 101 can be equipped with or otherwise associated with a user device 107 (e.g., personal navigation device, smartphone, etc.) executing an application 109 to request and receive data (e.g., map data) from a data platform 111 according to the various embodiments described herein. As used herein, the ECU or processor 105 and the user device 107 can be referred to as client devices of the data platform 111; [Fig. 3; 0060] To begin the initialization process, at step 301 [“ECU sends a request”], the cipher module 203 of the data platform 111 receives a request from the client device 201 (e.g., the ECU 105 [equipped with the user device 107]) to initiate a secret handshake between the data platform 111 and the ECU 105).

Regarding claim 17, (Original) the combination of Abbas, Donahue, Gautama and Golgiri discloses the system of claim 15, wherein: the information application receives map information which is augmented with the subset of the vehicle sensor data ([Abbas: 0036] the vehicle 101 can be equipped with or otherwise associated with a user device 107 (e.g., personal navigation device, smartphone, etc.) executing an application 109 to request and receive data (e.g., map data) from a data platform 111 according to the various embodiments described herein; [0078] In a map data use case, the client device 201 (e.g., an ECU 105) can send a request for updated map data for a given geographic area. The response payload to this request would then be map tile data for the given geographic area; [0097] the sensors may include a global positioning sensor for gathering location data (e.g., GPS)).

Regarding claim 19, (Currently Amended) the combination of Abbas, Donahue, Gautama and Golgiri discloses the system of claim 15, wherein: 
the memory of the vehicle ECU is configured to store at least one region public key for a geographic region ([Abbas: 0037] the ECU 105 or client device of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103); [0097] the sensed data represent sensor data associated with a geographic location or coordinates at which the sensor data [“region key” considered based on para. 0050 of the current application] was collected. By way of example, the sensors may include a global positioning sensor for gathering location data (e.g., GPS)); 
the vehicle subscription server is configured to transmit, in response to the request for the subscription, the at least one subscription private key ([Abbas: 0035-0037] By way of example, for cars (e.g., a vehicle 101) to provide assisted or self-driving capabilities, they generally require map localization data [“request for the subscription”] and information about their surroundings. The data platform 111 [“vehicle subscription server”] provides a mapping data service, the ECU 105 or client device of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103, [“region key” considered based on para. 0050 of the current application]) which contains information such as the attributes of the road.  The ECU 105 periodically requests this data [“request for the subscription”] to ensure that as data on the provider changes, newer data is used by the ECU 105 to perform its functions); and 
the vehicle ECU is configured to encrypt and augment the information application with the subset of the vehicle sensor data, using the at least one region public key and the at least one sensor public key, to be decrypted based on the at least one subscription private key ([Abbas: 0037] In a use case where the data platform 111 provides a mapping data service, the ECU 105 or client device [equipped w/ a user device 107, “outputting to the information application”] of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103 [“region key”]) which contains information such as the attributes of the road, the speed sign limits and other factors needed by the vehicle 101 to provide routing guidance, routing recommendations, self-driving functions, etc.; [0087] FIG. 7 is a diagram illustrating an example use case of validating map data using a homomorphic cryptosystem, according to one embodiment [See details Fig. 3 or para. 0061-0065 step 303-305, Encryption by using a public key; Fig. 5 or para. 0075-0076 process 501, Decryption by using a private key]).


Claims 18 is rejected under 35 U.S.C. 103 as being unpatentable over Abbas (US 20210099308 A1) in view of Donahue et al. (US 20160323736 A1 hereinafter “Donahue”) in view of Gautama et al. (US 20140169564 A1 hereinafter “Gautama”) in view of GOLGIRI et al. (US 20190213022 A1 hereinafter “Golgiri”) as applied to claims 15 above, and further in view of Zaid et al. (US 11042816 B2 hereinafter “Zaid”)
Regarding claim 18, (Currently Amended) the combination of Abbas, Donahue, Gautama and Golgiri discloses the system of claim 15, further comprising: 
the memory of the vehicle ECU periodically updates the at least one sensor public key ([Donahue: 0230] Device 1 distributes public key 2012 to Device 3-Device n matching the private key 1912 distributed to Device 2. Device 3-Device n comprise devices, such as but not limited to IoT devices, energy devices, distributed energy resources, and the like; [0162] The FM transmissions can be used to provide encryption codes, encryption keys, or security codes to IoT's devices, which can be updated monthly, daily, or every minute depending on the requirements);
the vehicle ECU is configured to encrypt and augment the information application with the subset of the vehicle sensor data, using the updated at least one sensor public key, to be decrypted based on the updated at least one subscription private key ([Abbas: 0037] In a use case where the data platform 111 provides a mapping data service, the ECU 105 or client device [equipped w/ a user device 107, “outputting to the information application”] of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103) which contains information such as the attributes of the road, the speed sign limits and other factors needed by the vehicle 101 to provide routing guidance, routing recommendations, self-driving functions, etc.; [0087] FIG. 7 is a diagram illustrating an example use case of validating map data using a homomorphic cryptosystem, according to one embodiment [See details Fig. 3 or para. 0061-0065 step 303-305, Encryption by using a public key/ a private key; Fig. 5 or para. 0075-0076 process 501, Decryption by using a private key]).
Although Abbas teaches, para. 0043, “The certificate generally has an expiration period and must be updated periodically”, it does not explicitly teaches “the vehicle subscription server is configured to transmit an updated at least one subscription private key to the information application.”
In a same field of endeavor, Zaid discloses the system, wherein the vehicle subscription server is configured to transmit an updated at least one subscription private key to the information application (col. 17, ln. 04-05, the server update includes a new private key to the vehicle access control system).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Abbas, Donahue, Gautama and Golgiri with the teachings of Zaid to transmit an updated at least one subscription private key to the information application. One of ordinary skill in the art would have been motivated to make this modification because the vehicle access control system (e.g., vehicle access control component [or ECU or Smartphone]) is configured to receive a server update [or subscription private key] to the vehicle access control system from the wireless communication device (col. 10, ln.13-18). A validity period that meets a security policy and count on a reliable private key to provide expiration may help to avoid security lapses.


Claims 20 is rejected under 35 U.S.C. 103 as being unpatentable over Abbas (US 20210099308 A1) in view of Donahue et al. (US 20160323736 A1 hereinafter “Donahue”) in view of Gautama et al. (US 20140169564 A1 hereinafter “Gautama”) in view of GOLGIRI et al. (US 20190213022 A1 hereinafter “Golgiri”) as applied to claims 15 above, and further in view of Haga et al. (US 20170134164 A1 hereinafter “Haga”)
Regarding claim 20, (Currently Amended) the combination of Abbas, Donahue, Gautama and Golgiri discloses the system of claim 19, wherein:
the vehicle subscription server is configured to transmit the updated at least one subscription private key to the information application ([Donahue: 0230] Device 1 distributes public key 2012 to Device 3-Device n matching the private key 1912 distributed to Device 2. Device 3-Device n comprise devices, such as but not limited to IoT devices, energy devices, distributed energy resources, and the like; [Abbas: 0035-0037] The data platform 111 [“vehicle subscription server”] provides a mapping data service, the ECU 105 or client device of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103, [“region key”]) which contains information such as the attributes of the road); and 
the vehicle ECU is configured to encrypt and augment the information application with the subset of the vehicle sensor data, using the updated at least one sensor public key and the updated at least one region public key, to be decrypted based on the updated at least subscription private key ([Abbas: 0037] In a use case where the data platform 111 provides a mapping data service, the ECU 105 or client device [equipped w/ a user device 107, “outputting to the information application”] of the vehicle 101 downloads map data information (e.g., in tile format from the geographic database 103 [“updated region key”]) which contains information such as the attributes of the road, the speed sign limits and other factors needed by the vehicle 101 to provide routing guidance, routing recommendations, self-driving functions, etc.; [0087] FIG. 7 is a diagram illustrating an example use case of validating map data using a homomorphic cryptosystem, according to one embodiment [See details Fig. 3 or para. 0061-0065 step 303-305, Encryption by using a public key/a private key; Fig. 5 or para. 0075-0076 process 501, Decryption by using a private key]).
The combination of Abbas, Donahue, Gautama and Golgiri may not explicitly teach, but Haga, which is a same field of endeavor, discloses the method, wherein the vehicle subscription server is configured to periodically update the at least one sensor public key and the at least one region public key ([0042] shared keys [“sensor public key and region public key” since they are public keys] shared between the master ECU and other ECUs can be updated by the external tool).
Before the effective filing date, it would have been obvious for one of ordinary skill in the art to have modified the elements disclosed by Abbas, Donahue, Gautama and Golgiri with the teachings of Haga to include a vehicle subscription server that is configured to periodically update the at least one sensor public key and the at least one region public key. One of ordinary skill in the art would have been motivated to make this modification because updating of the shared keys or firmware within ECUs by an unauthorized external tool [or vehicle subscription server] can be prevented. Also, the level of update authority information [such as information from vehicle sensor key and region key] can be set (and certified) differently for each external tool [or vehicle subscription server] (para. 0140).


Allowable Subject Matter
Claims 7-14 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 112(b).
No statement for examiner's reason for allowance: Applicant’s remarks filed on 07/29/2022, are persuasive as applicant's reply makes evident the reason for allowance and satisfying the record as whole as required by rule 37 CFR 1.104 (e). In this case, the substances of applicant's remarks in the Amendment filed on 07/29/2022 point out the reasons for claims which are patentable over the prior art of record. Thus, the reason for allowance is in all probability evident from the record (see MPEP 1302.14).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Allen, JR. et al. (US 20170345227 A1), System and method for vehicle assessment and uses thereof: para. 0041, Vehicle callout requirements 318 includes a database of the requirements for communicating with a given sensor for a given make, model, and manufacture of vehicle.
RUECKRIEMEN (US 20210273819 A1), Creating a vehicle certificate using a blockchain: para. 0124, the information contained in the registration certificate part I and/or II, such as date of first registration, vehicle category, type of bodywork, vehicle identification number, make.
TAKEMORI et al. (US 20200389791 A1), Maintenance system and maintenance method: para. 0068-0069, MAC key Ka=digest (Master_Secret, VIN, period information). Here, Master_Secret is a master key. VIN is the vehicle identification number. The period information is information indicating a predetermined period based on an authentication time of worker authentication information
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW SUH whose telephone number is (571)270-5524. The examiner can normally be reached 9:00 AM- 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571) 272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/A.S./Examiner, Art Unit 2493                                                                                                                                                                                                        
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493