Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claimed foreign priority date 12/03/2018 under foreign app HK18115417.3 is acknowledged.

Detailed action
Claims 1-16 are pending and are being considered.
Claims 1, 2 and 5-16 have been amended.
Claims 17-20 have been canceled.
112f interpretation is withdrawn due to amendments.


Response to 103 
Applicants arguments filed on 09/13/2022 have been fully considered. The amended feature of claim 1 and 14 was originally from claim 6. The examiner relied on Nataros (i.e. third reference) to teach the amended feature. In response to applicant’s argument on page 11- 12 of remarks that Nataros fails to teach the limitation “the server is configured to conduct an operation related to the private key only when the server has been unlocked using an encryption key held on the plurality of key-holding devices”. The applicant argues that the its unclear which of three entities in Nataros corresponds to server and key holding devices. The examiner acknowledges applicants point of view but respectfully disagrees because Nataros on teaches client front end device 102 (i.e. key holding device) and client server 104 (i.e. equivalent to server which is to be unlocked using encryption key). See Fig 1 block 102 (i.e. plurality of key holding devices), 104 (i.e. server), 116 (i.e. encryption key) and text on [0023-0024] teaches “upon the client front end 102 indicating to the authentication server 106 which client server 104 it desires a connection to, the authentication server 106 “locks,” indicates, or otherwise deems that particular client server 104 as unavailable to any other client front end 102 so that no two client front ends 102 have the same one-time password key 116, as only the first client front end 102 would be allowed access to the client server 104”. The above bolded portion of Nataros teaches that the client server 104 (i.e. server which is to be unlocked) is in locked state is not available to client front end device 102 (i.e. plurality of key holding device having one-time password key for having access to the server 104 based on one-time password key). 
	The applicant further argues that Nataros fails to teach plurality of key holding computing devices. The examiner acknowledges applicants point of view but respectfully disagrees because Natros on [0023-0024] explicitly teaches “no two client front ends 102 have the same one-time password key 116” indicating plurality of devices 102 for having different one-time password key.

Applicants amended in dependent claim 6 necessitates new of grounds of rejection, therefore, applicants arguments with respect to dependent claim are moot in view of new grounds of rejection. The argument do not apply to the current art being used. 

Claim Objections
Claims 1 and 14 objected to because of the following informalities:
Claim 1 and 14 recites “…server has been unlocked using an encryption key” the examiner suggests to clarify which entity (i.e. key requesting device or key holding device) unlocks the server.
Appropriate correction is required.


                                               Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 5, 9, 10 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Brown et al (hereinafter Brown) (US 8074078) and further in view of Nataros (US 20170142098).

Regarding claim 1 Machani teaches a distributed key management system, comprising (Machani on [Col 3 line 1-5] teaches key distribution system);
 a) a server (Machani Fig 1 block 10 and text on [Col 4 line 46-64] teaches remote management server 10 communicably connected to a number of appliance clusters, 20, 22, 42 (i.e. appliance cluster referrers to plurality of hardware device connected with server in view of [col 5 line 30-35] equivalent to plurality of key holding devices) belonging to one or more business enterprises);
b) a plurality of key-holding computing devices adapted to communicate with the server (Machani Fig 1 block 10 and text on [Col 4 line 46-64] teaches remote management server 10 communicably connected to a number of appliance clusters, 20, 22, 42 (i.e. appliance cluster referrers to plurality of hardware device connected with server in view of [col 5 line 30-35] equivalent to plurality of key holding devices) belonging to one or more business enterprises);
wherein each one of the plurality of key-holding computing devices is adapted to hold a different fragment of a private key (Machani Fig 1-3 and text on [Col 5 line 55-65 and Col 6 line 1-25] teaches after master encryption key (i.e. private key) is generated, splitting by the server each master encryption key into plurality of shares MEK1---MEKn (i.e. private key fragments), the shares of each master encryption key are distributed such that at least one share (the “RMS key share”) is stored in the Remote Management Server 10, and other shares (the “appliance key shares”) are distributed among the appliances (i.e. different keys fragments of master encryption key stored in cluster of plurality of appliances as shown in Fig 1-3));
the server adapted to reconstruct the private key based on the fragments received from the plurality of key-holding computing devices (Machani Fig 8 and text on [Col 9 line 13-25 and Col 10 line 20-40] teaches when a new appliance joins the network, the remote server reconstructs the master encryption key (i.e. private key) by obtaining one or more appliance shares from one or more of the existing appliances to which appliance shares were previously distributed. See also Fig 9 and text on [Col 10 line 47-55] teaches reconstructing master encryption key based on receiving plurality of shares from cluster devices).
wherein the server is configured to conduct an operation related to the private key [[only when the server has been unlocked using an encryption key held on the plurality of key-holding devices]] (Machani Fig 8 and text on [Col 9 line 13-25 and Col 10 line 20-40] teaches when a new appliance joins the network, the remote server reconstructs the master encryption key (i.e. private key) by obtaining one or more appliance shares from one or more of the existing appliances to which appliance shares were previously distributed (i.e. adding new appliances by the server is equivalent to performing operations)).

	Although Machani teaches plurality of computing devices for holding different portion of master encryption key and new device joining the network and requesting master encryption key portion from remote server (i.e. See Fig 8 which can be a requesting key device), but fails to explicitly teach c) a key-requesting device adapted to communicate with the server and the key-requesting device adapted to obtain the private key from the server, however Brown from analogous art teaches c) a key-requesting computing device adapted to communicate with the server (Brown Fig 1 block 10, 40 and 100 and associated text on [Col 1 line 65-67 and Col 2 line 1-10] teaches mobile communication device 100 and computer device 10 are communicating with the server 40 through the internet 20. See also [Col 5 line 50-60] teaches the device 10 or 100 for requesting blinded key L’ from server device);
and the key-requesting computing device adapted to obtain the private key from the server (Brown server 40 then transmits this newly computed blinded key L' (i.e. encrypted private key which is computed based on private key b and random number D) and the new password to the communications device 100 or 10 at step 350. The new password is preferably destroyed at the server 40 at step 390. After the device 100 or 10 receives L' (i.e. private key) at step 355, it preferably verifies that L' is a valid public key at step 360; the device 100 or 10, computes the inverse function r.sup.-1L'=L).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Brown into the teaching of Machani by having a key requesting device receiving private key from server device. One would be motivated to do so in order to protect the sensitive data stored on the key holding and key requesting device by ensuring that the stored data (i.e. private key) is only accessible to the designated user so that the unauthorized device may not be able to reconstruct private key (Brown on [Col 1 line 15-30]).

Although the combination of Machani and Brown teaches server conducting operations releated to private key but fails to explicitly teach the server is configured to conduct an operation [[related to the private key]] only when the server has been unlocked using an encryption key held on the plurality of key-holding devices, however Nataros from analogous art teaches the server is configured to conduct an operation [[related to the private key]] only when the server has been unlocked using an encryption key held on the plurality of key-holding devices (Nataros on [0023-0024] teaches sending a new one-time password key 116 (i.e. an encryption key) to the authentication server 106, and the authentication server 106 “unlocks” (i.e. the authentication server is unlocked using the one time password key) when the authentication server is locked indicating that the authentication server is unavailable for performing operations and the authentication server is only able to perform operation when the server is unlocked).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Nataros into the combined teaching of Machani and Brown by performing operation by the server when the server is unlocked based on the keys stored on the client device. One would be motivated to do so in order to improve the security of the system for performing authentication operation only when the server is unlocked by the device requesting the authentication operation (Nataros on [0004-0005]).

Regarding claim 2 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, Macahani further teaches wherein the server is further adapted to reconstruct the private key based on the fragments received from at least a part of the plurality of key-holding computing devices (Machani Fig 8 and text on [Col 9 line 13-25 and Col 10 line 20-40] teaches when a new appliance trying to join, the remote server reconstructs the master encryption key by obtaining one or more appliance shares from one or more of the existing appliances to which appliance shares were previously distributed. See also Fig 9 and text on [Col 10 line 47-55] teaches reconstructing master key based on receiving plurality of shares from cluster devices).

Regarding claim 5 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, Brown further teaches wherein the key-requesting computing device is adapted to produce a final key based on the private key received from the server such that the server has no access to the final key (Brown server 40 then transmits this newly computed blinded key L' (i.e. encrypted private key which is computed based on private key b and random number D) and the new password to the communications device 100 or 10 at step 350. The new password is preferably destroyed at the server 40 at step 390. After the device 100 or 10 receives L' (i.e. private key) at step 355, it preferably verifies that L' is a valid public key at step 360; the device 100 or 10, computes the inverse function r.sup.-1L'=L (i.e. L is equivalent to final key by unwrapping the blinded key interpreted in view of [0031]  of instant application). See on [Col 7 line 20-30] teaches  since public key D is not transmitted to the server 40; only the key D', which is a blinded version of D, is transmitted to the server 40 such that the server 40 remains unable to compute L).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Brown into the teaching of Machani by having a key requesting device receiving private key from server device. One would be motivated to do so in order to protect the sensitive data stored on the key holding and key requesting device by ensuring that the stored data (i.e. private key) is only accessible to the designated user so that the unauthorized device may not be able to reconstruct private key (Brown on [Col 1 line 15-30]).


Regarding claim 9 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, Machani further teaches wherein the operation is: a) adding a new key-holding computing  device; b) removing one of the plurality of the key-holding computing devices; c) generating a new private key; or d) approving a request from the key-requesting computing device (Machani Fig 8 and text on [Col 9 line 13-25 and Col 10 line 20-40] teaches when a new appliance joins the network, the remote server reconstructs the master encryption key (i.e. private key) by obtaining one or more appliance shares from one or more of the existing appliances to which appliance shares were previously distributed (i.e. adding new appliances by the server is equivalent to performing operations)).

Regarding claim 10 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, Machani further teaches wherein the server is configured to recalculate the fragments of the private key when a new key-holding computing device joins the plurality of key-holding computing devices, and afterwards distribute the fragments of the private key to the plurality of key-holding computing devices and the new key-holding computing device  (Machani Fig 8 and text on [Col 9 line 13-25 and Col 10 line 20-40] teaches when a new appliance joins the network, the remote server reconstructs the master encryption key (i.e. private key) by obtaining one or more appliance shares from one or more of the existing appliances to which appliance shares were previously distributed reconstruct the master encryption key share and sending the new key share to the new appliance. See also Fig 9 and text on [Col 10 line 47-55] teaches reconstructing master encryption key based on receiving plurality of shares from cluster devices).
Regarding claim 12 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, Brown further teaches wherein the key-holding computing devices are portable computing devices (Brown on [Col 1 line 65-67 and Col 2 line 1-10] teaches mobile communication device as portable device).
The motivation for combining is same as claim 1 set forth above.

Claims 3-4 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Brown et al (hereinafter Brown) (US 8074078), in view of Nataros (US 20170142098). and further in view of Srinivasan (US 20200153614).

Regarding claim 3 the combination of Machani, Brown and Nataros teaches all the limitations of claim 2 above, the combination fails to explicitly teach wherein the server is adapted to reconstruct the private key using Shamir's Secret Sharing algorithm over Galois Field 256, however Srinivasan from analogous art teaches wherein the server is adapted to reconstruct the private key using Shamir's Secret Sharing algorithm over Galois Field 256 (Srinivasan Fig 3G and text on [0016 and 0074] teaches Shamir’s secret sharing scheme used for key splitting and key recovery process over Galois Field 256).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Srinivasan into the combined teaching of Machani, Brown and Nataros by reconstructing the private key based on Shamir's Secret Sharing algorithm over Galois Field 256. One would be motivated to do so in order to prevent the sensitive data based on splitting and reconstructing the private key based on Shamir's Secret Sharing algorithm over Galois Field 256 (Srinivasan on [0002]).

Regarding claim 4 the combination of Machani, Brown, Nataros and Srinivasan teaches all the limitations of claim 3 above, Machani further teaches wherein the private key is a random number or is constructed using a random number (Machani on [Col 5 line 55-55] teaches he master encryption keys may be generated using any specific technique for generating cryptographic keys, such as using a random number generator, pseudorandom number generator, or any other appropriate technique).
The combination of Machani, Brown and cited portion of Srinivasan fails to teach the private key is a byte array with byte value in 0-255 range, however Srinivasan on different portion teaches the private key is a byte array with byte value in 0-255 range (Srinivasan on [0025-0026 and 0029] teaches the transportation key values range from 2 to 255).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Srinivasan cited on different portion into the combined teaching of Machani, Brown and Nataros by reconstructing the private key based on Shamir's Secret Sharing algorithm over Galois Field 256. One would be motivated to do so in order to prevent the sensitive data based on splitting and reconstructing the private key based on Shamir's Secret Sharing algorithm over Galois Field 256 (Srinivasan on [0002]).

Claims 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Brown et al (hereinafter Brown) (US 8074078), in view of Nataros (US 20170142098) and further in view of OKUMURA et al (hereinafter OKUMURA) (US 20170185836).

Regarding claim 6 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, the although the combination teaches plurality of smartphones associated with a user, but fails to explicitly teach wherein the plurality of key-holding computing devices are smartphones belonging to different users, however OKUMURA from analogous art teaches wherein the plurality of key-holding computing devices are smartphones belonging to different users (OKUMURA on [0050] teaches plurality of smartphones belonging to plurality of different users).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of OKUMURA into the combined teaching of Machani, Brown and Nataros by having different plurality of devices each associated with plurality of different user for performing operation. One would be motivated to do so in order to perform operation related to private key for plurality of different user having different devices (OKUMURA on [0007-0009]).


Claims 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Brown et al (hereinafter Brown) (US 8074078) in view of Nataros (US 20170142098) and further in view of Baba et al (hereinafter Baba) (US 20200106612).

Regarding claim 7 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, Nataros further teaches the server adapted to be unlocked using the encryption key held on one of the plurality of key-holding devices and a corresponding public key for the one of the plurality of key-holding devices  (Nataros on [0023-0024] teaches sending a new one-time password key 116 (i.e. associated with old one time password key which is expired after certain time period equivalent to encryption key for unlocking server based on public key corresponding to encryption key) to the authentication server 106, and the authentication server 106 “unlocks” when the authentication server is locked indicating that the authentication server is unavailable for performing operations).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Nataros into the combined teaching of Machani and Brown by performing operation by the server when the server is unlocked based on the keys stored on the client device. One would be motivated to do so in order to improve the security of the system for performing authentication operation only when the server is unlocked by the device requesting the authentication operation (Nataros on [0004-0005]).
The combination fails to explicitly teach wherein the server is adapted to hold a configuration file which is compulsory for conducting the operation, the configuration file associated with a respective public key for each one of the plurality of key-holding devices, however Baba from analogous art teaches wherein the server is adapted to hold a configuration file which is compulsory for conducting the operation (Baba on [0117] teaches the configuration file provided by the configuration server  300 is composed of just the device ID and the public key, the client device 100);
 the configuration file associated with a respective public key for each one of the plurality of key-holding devices (Baba on [0066-0067] teaches configuration file with respective public key of the device. The server sends the configuration file to the client device which enable the client device to be authenticated).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Baba into the combined teaching of Machani, Brown and Nataros by performing operation based on configuration file associated with public key stored on the server. One would be motivated to do so in order to securely and easily perform operation such as generating private key or performing device authentication utilizing configuration file provided by the server (Baba on [0006-0008]).

Claims 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Brown et al (hereinafter Brown) (US 8074078) in view of Nataros (US 20170142098) and further in view of Baker et al (hereinafter Baker) (US 20160086272).

Regarding claim 8 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, although the combination teaches locking/unlocking server, but fails to explicitly teach wherein the server is locked when it has been restarted, however Baker from analogous art teaches wherein the server is locked when it has been restarted (Baker on [0018] teaches synthetic order server restarts, and is therefore unavailable (i.e. locked)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Baker into the combined teaching of Machani, Brown and Nataros by locking the server when server restarts. One would be motivated to do so in order to improve the security of the system and protecting the sensitive data at the server by locking the server once server is restarted or the session is expired (Baker on [0002-0003]).

Claims 11 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Brown et al (hereinafter Brown) (US 8074078), in view of Nataros (US 20170142098) and further in view of Osajima et al (hereinafter Osajima) (US 7978858).

Regarding claim 11 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein the server is configured to remove one of the plurality of the key-holding devices from being able to communicate with the server when a predetermined number of other key-holding devices authorizes a removal, however Osajima from analogous art teaches wherein the server is configured to remove one of the plurality of the key-holding devices from being able to communicate with the server when a predetermined number of other key-holding devices authorizes a removal (Osajima on Fig 6 and text on [Col 8 line 20-60] teaches terminal 20 A-C are communicating with server 10. Terminal device A is authorized to request the deletion of terminal C by sending request to server 10 and terminal B upon receiving the deletion request the server 10 deletes the terminal C from group communication with the server).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Osajima into the combined teaching of Machani, Brown and Nataros by removing by the other devices in the network, a device from communicating with server network. One would be motivated to do so in order to protect user’s information by preventing third parties from fraudulently using or intercepting such information by removing the terminal devices which may be potential fraudulent device from communicating with the server when the removal is authorized by the existing devices in the group (Osajima on [Col 1 line 25-40]).

Claims 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Brown et al (hereinafter Brown) (US 8074078), in view of Nataros (US 20170142098) and further in view of Epstein et al (hereinafter Epstein) (US 6694025).

Regarding claim 13 the combination of Machani, Brown and Nataros teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein the key-holding computing devices are adapted to encrypt their respective fragments of the private key using a biometric authentication, however Epstein from analogous art teaches wherein the key-holding devices are adapted to encrypt their respective fragments using a biometric authentication (Epstein on [Col 3 line 5-10 and Col 6 line 25-40] teaches performing encryption of keys based on biometric information).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Epstein into the combined teaching of Machani, Brown and Nataros by encrypting key using biometric authentication. One would be motivated to do so in order to protect sensitive data stored on different location based on biometric authentication performed when there is request by the server to release the private key share (Epstein on [Col 2 line 55-65]).

Claims 14 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Fu et al (hereinafter Fu) (US 10305873) and further in view of Nataros (US 20170142098).

Regarding claim 14 Machani teaches A method for distributively managing keys, comprising the steps of: (Machani on [Col 3 line 1-5] teaches method of key distribution);
a) generating a private key by a server (Machani Fig 1 block 10 and text on [Col 1 line 40-45] teaches master encryption key (i.e. private key) is generated by remote management server 10);
b) appointing a plurality of key-holding devices (Machani Fig 1 block 20, 22 and 42 and text on [Col 4 line 45-65] teaches plurality of cluster having plurality of appliances device (i.e. plurality of key-holding device) in enterprise are connected with the server 10);
wherein the server is configured to conduct an operation related to the private key [[only when the server has been unlocked using an encryption key held on the plurality of key-holding devices]] (Machani Fig 8 and text on [Col 9 line 13-25 and Col 10 line 20-40] teaches when a new appliance joins the network, the remote server reconstructs the master encryption key (i.e. private key) by obtaining one or more appliance shares from one or more of the existing appliances to which appliance shares were previously distributed (i.e. adding new appliances by the server is equivalent to performing operations)).

	Although Machani teaches splitting the master encryption key into plurality of portion but fails to explicitly teach splitting the private key into a plurality of fragments in accordance with a number of the key-holding devices, however Fu from analogous art teaches 
C) splitting the private key into a plurality of fragments in accordance with a number of the key-holding devices (Fu on [col 6 line 40-45] teaches the QSKM device is responsible for splitting an identity-based system private key into a plurality of system sub-private keys in accordance with a threshold secret sharing mechanism, and respectively distributing the plurality of system sub-private keys to a corresponding number of the QSKD devices in accordance with quantum key agreement. See also on [Col 7 line 5-15] teaches splitting private key into plurality of sub private keys in accordance with QSKD device each distributed to respective device. See also on [Col 7 line 65-67 and col 8 line 1-14] teaches QSKM device splits the private key in accordance with number of QSKD device and distributing respective key share to the respective QSKD device);
and d) distributing a different one of the fragments to each one of the plurality of key- holding devices (Fu on [col 6 line 40-45] teaches the QSKM device is responsible for splitting an identity-based system private key into a plurality of system sub-private keys in accordance with a threshold secret sharing mechanism, and respectively distributing the plurality of system sub-private keys to a corresponding number of the QSKD devices in accordance with quantum key agreement. See also on [Col 7 line 5-15] teaches splitting private key into plurality of sub private keys in accordance with QSKD device each distributed to respective device. See also on [Col 7 line 65-67 and col 8 line 1-14] teaches QSKM device splits the private key in accordance with number of QSKD device and distributing respective key share to the respective QSKD device).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Fu into the teaching of Machani by splitting the key into number of portions equal to number of connected devices. One would be motivated to do so in order to ensure the security of user sensitive information by protecting the private key from unauthorized access by splitting it and storing it in different devices (Fu on [Col 1 line 20-40]).
Although the combination of Machani and Fu teaches server conducting operations releated to private key but fails to explicitly teach the server is configured to conduct an operation [[related to the private key]] only when the server has been unlocked using an encryption key held on the plurality of key-holding devices, however Nataros from analogous art teaches the server is configured to conduct an operation [[related to the private key]] only when the server has been unlocked using an encryption key held on the plurality of key-holding devices (Nataros on [0023-0024] teaches sending a new one-time password key 116 (i.e. an encryption key) to the authentication server 106, and the authentication server 106 “unlocks” (i.e. the authentication server is unlocked using the one time password key) when the authentication server is locked indicating that the authentication server is unavailable for performing operations and the authentication server is only able to perform operation when the server is unlocked).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Nataros into the combined teaching of Machani and Fu by performing operation by the server when the server is unlocked based on the keys stored on the client device. One would be motivated to do so in order to improve the security of the system for performing authentication operation only when the server is unlocked by the device requesting the authentication operation (Nataros on [0004-0005]).

Regarding claim 16 the combination of Machani and Fu teaches all the limitations of claim 14 above, Machani further teaches further comprises the step of recalculating the key fragments when a new key-holding device joins the plurality of key-holding computing devices; and afterwards distributing the private key to the plurality of key-holding computing devices and the new key- holding computing device (Machani Fig 8 and text on [Col 9 line 13-25 and Col 10 line 20-40] teaches when a new appliance joins the network, the remote server reconstructs the master encryption key (i.e. private key) by obtaining one or more appliance shares from one or more of the existing appliances to which appliance shares were previously distributed reconstruct the master encryption key share and sending the new key share to the new appliance. See also Fig 9 and text on [Col 10 line 47-55] teaches reconstructing master encryption key based on receiving plurality of shares from cluster devices).

Claims 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Machani et al (hereinafter Machani) (US 9667416) in view of Fu et al (hereinafter Fu) (US 10305873), in view of Nataros (US 20170142098) in view of Zhang et al (hereinafter Zhang) (US 20140020081) and further in view of Popa et al (hereinafter Popa) (US 9954684).

Regarding claim 15 the combination of Machani, Fu and Nataros teaches all the limitations of claim 14 above, the combination fails to explicitly teach wherein the appointing step further comprises registering a first one of the plurality of the key-holding computing devices using a PIN and registering the rest of the plurality of the key-holding computing devices by approval of all or a predefined minimum number of the plurality of the existing key-holding devices, however Zhang from analogous art teaches wherein the appointing step further comprises registering a first one of the plurality of the key-holding computing devices using a PIN (Zhang on [0018] teaches registering the device based on the PIN).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Zhang into the combined teaching of Machani, Fu and Nataros by register the device using PIN. One would be motivated to do so in order to perform secure communication between plurality of devices by register or enrolling first device with the other based on PIN (Zhang on [0006]).

Although the combination teaches registering device based on PIN but fails to explicitly teach but fails to explicitly teach registering the rest of the plurality of the key-holding devices by approval of all or a predefined minimum number of the plurality of the existing key-holding devices, however Popa from analogous art teaches registering the rest of the plurality of the key-holding devices by approval of all or a predefined minimum number of the plurality of the existing key-holding devices (Popa on [Col 15 line 46-53]) teaches server operations must be authenticated by a user key and a device key. The only exception is registering the first device, which does not require authentication with an existing device key. Subsequent devices must be registered with the help of an existing device and thus must be authenticated with the device key of the existing device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Zhang into the combined teaching of Machani, Fu, Nataros and Zhang by register rest of device based on approval from existing device. One would be motivated to do so in order to perform secure communication between plurality of devices by register or enrolling first device with server based on approval from existing devices already communicating with server, since those devices are authorized (Popa on [Col 1 line 5-15]).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522. The examiner can normally be reached 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOEEN KHAN/               Examiner, Art Unit 2436                                                                                                                                                                                         
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436