Notice of Pre-AIA  or AIA  Status
The present application, filed on or after February 20, 2020, is being examined under the first inventor to file provisions of the AIA .

Detailed action
Claims 1, 2, 4 and 6-9 are pending and are being considered.
Claims 1, 4, 7 and 8 have been amended.
Claim 9 have been newly added.
Response to 103
Applicants argument filled on 09/29/2022 have been fully considered and are partially persuasive.
In response to applicants arguments on page 8 of remarks that the cited reference Oikawa (i.e. primary reference) fails to teach “transmit, to an external authentication device, a first request of a key information to be used for authentication, when the external authentication device is connected to the service usage apparatus” the examiner acknowledges applicants point of view but respectfully disagree because Oikawa on [page 5 last para and page 16 para 2-3] explicitly teaches the key management service providing unit 512 of the key management server apparatus 500 (i.e. service usage apparatus) transmits a key generation request for generating a pair of the user's private key and public key to the private key management apparatus 600 (i.e. external authentication device), wherein the server apparatus 500 and management apparatus 600 are connected via network 340 along with other devices.
In response to applicant’s arguments that the cited references fail to teach the limitation “receive, from the external authentication device, public key information when authentication processing performed by the external authentication device based on the first request is successful, wherein secret key information corresponding to the public key information as a key pair and authentication information used for the authentication processing are managed by the external authentication device.” The examiner acknowledges applicant’s point of view but respectfully disagrees because OIKAWA teaches the above limitation. OIKAWA on [page 16 para 3-4] teaches when the access right authentication is successful the key generation unit 6122 (i.e. of the external authentication) determine private key and public key. See on [page 16 3rd last para] teaches the key management service providing unit 512 of the key management server apparatus 500 receives the key ID (i.e. identification information) and the public key. Further teaches the key management unit 612 of the secret key management apparatus 600 sends the key ID associated with the secret key generated in step S6150 and the public key corresponding to the secret key to the key management server apparatus 500 and the Key ID is associated with user ID (i.e. steps of receiving public key based on successful authentication). See on [page 5 last para and page 6 1st para] teaches key management apparatus 600 for managing secret key. See on [page 7 4th last para] teaches secret key management apparatus for managing secret key and authentication information. See also [page 8 para 2] teaches the key generation unit of management apparatus 600 generated encryption key as set of public and corresponding secret key (i.e. secret corresponds to public key). See on [page 16 para 3-4] teaches key pair is generated at private key management 600 (i.e. managed by external authentication device) in association with management authentication information (i.e. authentication information) received for authentication process. 
 	 in response to applicant’s arguments that the cited references fail to teach the limitation “in response to a second request from a service providing system, which provides a service via the network, after the received identification information and the received public key information has been stored in the service usage apparatus, transmit the stored public key information to the service providing system without performing communication with the external authentication device, wherein the second request is a request for registering the public key information for using the service provided by the service providing system” The examiner respectfully disagrees because the above limitations is taught by SAKUMOTO. See Fig 9 and associated text on [0152-0155] teaches portable terminal 100 (i.e. equivalent to external authentication device), PC 200 (i.e. service usage apparatus) and PC 300 (i.e. service providing system), the portable terminal 100 supplies the PC 200 with the public key pk generated in response to a request (i.e. first request) from the PC 200. See Fig 10 and text on [0161-0162] teaches transmission unit 308 of server apparatus 300 (i.e. equivalent to service providing apparatus in view of [0153] service provided by server apparatus 300) transmits information to PC 200 (i.e. service usage apparatus in instant case), wherein the information is a registration request (i.e. second request) of the public key pk and the reception unit 310 of server apparatus 300 receives public key pk from PC 200 in response to registration request (i.e. PC 200 transmits public key to PC 300 after public key and secret keys are stored by the PC 200 without performing communication with portable terminal 100, because the PC 200 already have the public key transmitted by the portable terminal, therefore transmits the public key when there is registration request by the PC 300, without communicating with the portable terminal as required by the claim).
In response to applicant's argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning.  But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971). in this case OIKAWA discloses transmitting first request when devices is connect with service apparatus, receiving public key in response to successfully authentication and managing by the by the external apparatus the secret key corresponding to private key. Although OIKAWA teaches transmitting the public key information and deleting the public key from storage based on certain condition, but fails to explicitly teach transmitting the public key to the service providing apparatus and third party device receives the public key from service providing apparatus without communicating with external device and once the public key is transmitted to third party, than the public key from service providing apparatus is deleted so that the security of public key is maintained and preventing the public key from unauthorized access. This deficiency is overcome by SAKUMOTO. See the rejection below for motivation.
In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007).  In this case, the applicants argue that the office fails to determine whether there was an apparent reason to combine the teaching. The applicant further argues that an explicit analysis must be made as per MPEP to establish obviousness. The examiner respectfully disagrees because the factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
In this case the examiner showed what the base reference i.e. OIKAWA teaches service usage apparatus receives from external authentication device public key, but fails to explicitly teach transmitting received public key to service providing system without contacting the external authentication device for the public key. This deficiency is overcome by SAKUMOTO which discloses that the public key can be transmitted to service providing system without communicating with the external system because the service usage already has the public key stored.

	In response to applicant’s argument on page 11 of remarks that the examiner appears to dissect the claim into discrete elements and applies the references to these elements separately without considering the relationship of these elements as whole. The examiner respectfully disagrees because the applied references i.e. OIKAWA and SAKUMOTO are as whole relevant to the instant application. For example, OIKAWA discloses public key is transmitted to the service usage apparatus from external authentication device and SAKUMOTO teaches that the received public key can be transmitted to third party without contacting the external authentication device for the public key. The claimed concept of instant application is considered while applying the references. 
Rest of applicant’s argument are moot in view of new grounds of rejection. The argument do not apply to the current art being used.
Claim Objections
Claims 1, 4 and 7-9 objected to because of the following informalities:  
Claim 1, 7 and 8 recites “…secret key information corresponds to public key information” The role of secret key information in the claim is not clear. The examiner suggests to clarify what is the purpose of the secret key information.
claim 4 recites “wherein the instructions further cause the service usage apparatus to transmit when service information corresponding to the service has been received from the service providing system and the external authentication device has been connected to the service usage apparatus after the stored public key information has been transmitted to the service providing system, the service information to the external authentication device” the examiner suggest to clarify the active step that is being performed by the service usage apparatus responsive to a condition being satisfied. For example, the claim can be clarified as 
“wherein the instructions further cause the service usage apparatus to transmit service information to the external authentication device, responsive to the service information received from the service providing system and the external authentication device has been connected to the service usage apparatus after the stored public key information has been transmitted to the service providing system”
Claim 9 “associted” should read as” associated”
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 7 and 8 recites the limitation "the received identification information".  There is insufficient antecedent basis for this limitation in the claim. The claim does not recite receiving of any identification information. Furthermore, the purpose of identification information with respect claimed invention is unclear. The examiner suggests to clarify the role of the identification information. 
Dependent claims 2, 4, 6 and 9 are also rejected under 112 for inheriting the deficiency of independent claims.

                                               Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4 and 6-8 are rejected under 35 U.S.C. 103 as being unpatentable over OIKAWA et al (hereinafter OIKAWA) (JP 2011-71721) (English translation used for examination) in view of SAKUMOTO et al (hereinafter SAKUMOTO) (US 20160182476) and further in view of Bailey (US 20190109869).

Regarding claim 1 OIKAWA teaches a service usage apparatus comprising (OIKAWA on [Page 6 para 4-5] teaches a key management server apparatus); 
 at least one memory storing instructions; and at least one processor that executes the instructions to cause the service usage apparatus to: (OIKAWA on [page 6 para 4-5] teaches the key management server apparatus having a memory for storing instruction and processor for executing instructions);
transmit, to an external authentication device, a first request of a key information to be used for authentication, when the external authentication device is connected to the service usage apparatus (OIKAWA on [page 16 para 2-3] teaches the key management service providing unit 512 of the key management server apparatus 500 (i.e. service usage apparatus) transmits a key generation request for generating a pair of the user's private key and public key to the private key management apparatus 600 (i.e. external authentication device), the key management unit 612 of the secret key management apparatus 600 receives the key generation request transmitted in step S6130 via the communication unit 650 (i.e. indication that external authentication device is connected with service usage apparatus). Further on [page 5 last para] teaches the server device 500 and apparatus 600 along with other devices are connected via network 340); 
receive, from the external authentication device, public key information when authentication processing performed by the external authentication device based on the first request is successful (OIKAWA on [page 16 para 3-4] teaches when the access right authentication is successful the key generation unit 6122 (i.e. of the external authentication) determine private key and public key.. See on [page 16 3rd last para] teaches the key management service providing unit 512 of the key management server apparatus 500 receives the key ID (i.e. identification information) and the public key. Further teaches the key management unit 612 of the secret key management apparatus 600 sends the key ID associated with the secret key generated in step S6150 and the public key corresponding to the secret key to the key management server apparatus 500 and the Key ID is associated with user ID);
wherein secret key information corresponding to the public key information as a key pair and authentication information used for the authentication processing are managed by the external authentication device (OIKAWA on [page 5 last para and page 6 1st para] teaches key management apparatus 600 for managing secret key. See on [page 7 4th last para] teaches secret key management apparatus for managing secret key and authentication information. See also [page 8 para 2] teaches the key generation unit of management apparatus 600 generated encryption key as set of public and corresponding secret key. See on [page 16 para 3-4] teaches key pair is generated at private key management 600 (i.e. managed by external authentication device) in association with management authentication information (i.e. authentication information) received for authentication process. Further teaches management unit 612 of key management apparatus 600 for managing secret key associated with key ID (i.e. identification information) by sending the secret key).
the received identification information stored (OIKAWA on [page 16 para 5-7] teaches storing the identification information)
Although OIKAWA teaches the management service device 500 receives the public key and identification and inherently stores the public key because the public key is later transmitted to the terminal device, but fails to explicitly teach storing the public key and in response to a second request from a service providing system, which provides a service via the network, transmit the stored public key information to the service providing system without performing communication with the external authentication device, wherein the second request is a request for registering the public key information for using the service provided by the service providing system  and wherein a transmission of the first request of the key information is performed before the second request from the service providing system, however SAKUMOTO from analogous art teaches store the received public key information (SAKUMOTO Fig 2 and text on [0064-0066 and 0109-0111] teaches PC 200 stores public key and secret key  in storage unit 204 for transmitting to PC 300 upon request);
 in response to a second request from a service providing system, which provides a service via the network, after the received identification information and the received public key information has been stored in the service usage apparatus, transmit the stored public key information to the service providing system without performing communication with the external authentication device, wherein the second request is a request for registering the public key information for using the service provided by the service providing system (SAKUMOTO Fig 9 and associated text on [0152-0155] teaches portable terminal 100 (i.e. equivalent to external authentication device), PC 200 (i.e. service usage apparatus) and PC 300 (i.e. service providing system), the portable terminal 100 supplies the PC 200 with the public key pk generated in response to a request (i.e. first request) from the PC 200. See Fig 10 and text on [0161-0162] teaches transmission unit 308 of server apparatus 300 (i.e. equivalent to service providing apparatus in view of [0153] service provided by server apparatus 300) transmits information to PC 200 (i.e. service usage apparatus in instant case), wherein the information is a registration request (i.e. second request) of the public key pk and the reception unit 310 of server apparatus 300 receives public key pk from PC 200 in response to registration request (i.e. PC 200 transmits public key to PC 300 after public key and secret keys are stored by the PC 200 without performing communication with portable terminal 100, because the PC 200 already have the public key transmitted by the portable terminal, therefore transmits the public key when there is registration request by the PC 300, without communicating with the portable terminal as required by the claim));

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of SAKUMOTO into the teaching of OIKAWA by transmitting and registering public key upon request by the service providing system. One would be motivated to do so in order to securely and efficiently use service provided by service providing system based on registering public key with the service provider system (SAKUMOTO on [0005-0006]).
Although the combination of OIKAWA and SAKUMOTO teaches deleting the public key, but fails to explicitly teach delete the public key information stored in the service usage apparatus based on the registering the public key information on the service providing system, however Bailey from analogous art teaches delete the public key information stored in the service usage apparatus based on the registering the public key information on the service providing system (Bailey Fig 2 block 222, 224 and text on [0035-0036] teaches the encrypted key is transmitted to C&C server for storage (i.e. registering key at service providing system) and delete the key from the local storage of computer (i.e. service usage apparatus)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bailey into the combined teaching of OIKAWA and SAKUMOTO by deleting the key once the key is registered with the service providing apparatus. One would be motivated to do so in order to securely and efficiently use service provided by service providing system based on registering public key with the service provider system and deleting the key, thereby protecting the key from being exposed to an unauthorized access (Bailey on [0005-0006]).
Regarding claim 4 the combination of OIKAWA, SAKUMOTO and Bailey teaches all the limitations of claim 1 above, OIKAWA further teaches wherein the instructions further cause the service usage apparatus to transmit when service information corresponding to the service has been received from the service providing system and the external authentication device has been connected to the service usage apparatus after the stored public key information has been transmitted to the service providing system, the service information to the external authentication device (OIKAWA on [page 18 para 6-7] teaches the management service device 500 transmits key deletion request (i.e. service information for deleting key ID) along with key ID to apparatus 600. The apparatus receives the request along with key ID and authentication information).

Regarding claim 6 the combination of OIKAWA, SAKUMOTO and Bailey teaches all the limitations of claim 1 above, OIKAWA further teaches wherein the instructions further cause the service usage apparatus to: when the service usage apparatus has accessed the service providing system to use the service and a request for authentication has been received from the service providing system, perform an authentication request to the external authentication device (OIKAWA on [page 4 para 4-6 and page 10] teaches when a user accesses a service providing apparatus in order to enjoy the service, it is a process of authenticating whether or not the user or a terminal device used by the user is valid. As shown in FIG. 1, the authentication process is executed between the key management device, the terminal device, and the service providing device. Further teaches the terminal device transmits a service providing request to the service providing device. In step S102, the service providing apparatus returns electronic data used for user authentication to the terminal apparatus that has transmitted the service providing request. See also [page 12 last 4 para] teaches transmitting signature request (i.e. authentication request) to the apparatus 600 and transmits signature in response to the request from server device 500);
transmit, to the service providing system, signature information included in a response received from the external authentication device in response to the authentication request, wherein the signature information is generated by using secret key information included in the key pair, (OIKAWA  on [page 12 last 4 para] teaches upon receiving the signature request, the apparatus 600 extracts the secret key information and generated signature and transmits the generated signature to server apparatus 500);
wherein, when verification using the signature information and the transmitted public key information is successful, the service usage apparatus is able to use the service (OIKAWA on [page 10 para 5-8] teaches the service providing apparatus 320 performs verification using the received authentication (signature) response. Specifically, the service providing apparatus 320 verifies the electronic signature included in the authentication (signature) response using the user certificate, and obtains the user certificate in accordance with the general PKI (Public Key Infrastructure) specifications. Verifying and authorizing the user for using service).

Regarding claim 7 OIKAWA teaches a method for a service usage apparatus, the method comprising (OIKAWA on [page 2 para 1-2] teaches key managing method);
transmit, to an external authentication device, a first request of a key information to be used for authentication, when the external authentication device is connected to the service usage apparatus (OIKAWA on [page 16 para 2-3] teaches the key management service providing unit 512 of the key management server apparatus 500 (i.e. service usage apparatus) transmits a key generation request for generating a pair of the user's private key and public key to the private key management apparatus 600 (i.e. external authentication device), the key management unit 612 of the secret key management apparatus 600 receives the key generation request transmitted in step S6130 via the communication unit 650 (i.e. indication that external authentication device is connected with service usage apparatus). Further on [page 5 last para] teaches the server device 500 and apparatus 600 along with other devices are connected via network 340); 
receive, from the external authentication device, public key information when authentication processing performed by the external authentication device based on the first request is successful (OIKAWA on [page 16 para 3-4] teaches when the access right authentication is successful the key generation unit 6122 (i.e. of the external authentication) determine private key and public key.. See on [page 16 3rd last para] teaches the key management service providing unit 512 of the key management server apparatus 500 receives the key ID (i.e. identification information) and the public key. Further teaches the key management unit 612 of the secret key management apparatus 600 sends the key ID associated with the secret key generated in step S6150 and the public key corresponding to the secret key to the key management server apparatus 500 and the Key ID is associated with user ID);
wherein secret key information corresponding to the public key information as a key pair and authentication information used for the authentication processing are managed by the external authentication device (OIKAWA on [page 5 last para and page 6 1st para] teaches key management apparatus 600 for managing secret key. See on [page 7 4th last para] teaches secret key management apparatus for managing secret key and authentication information. See also [page 8 para 2] teaches the key generation unit of management apparatus 600 generated encryption key as set of public and corresponding secret key. See on [page 16 para 3-4] teaches key pair is generated at private key management 600 (i.e. managed by external authentication device) in association with management authentication information (i.e. authentication information) received for authentication process. Further teaches management unit 612 of key management apparatus 600 for managing secret key associated with key ID (i.e. identification information) by sending the secret key).
  the received identification information stored (OIKAWA on [page 16 para 5-7] teaches storing the identification information)

Although OIKAWA teaches the management service device 500 receives the public key and identification and inherently stores the public key because the public key is later transmitted to the terminal device, but fails to explicitly teach storing the public key and in response to a second request from a service providing system, which provides a service via the network, transmit the stored public key information to the service providing system without performing communication with the external authentication device, wherein the second request is a request for registering the public key information for using the service provided by the service providing system  and wherein a transmission of the first request of the key information is performed before the second request from the service providing system, however SAKUMOTO from analogous art teaches store the received public key information (SAKUMOTO Fig 2 and text on [0064-0066 and 0109-0111] teaches PC 200 stores public key and secret key  in storage unit 204 for transmitting to PC 300 upon request);
 in response to a second request from a service providing system, which provides a service via the network, after the received identification information and the received public key information has been stored in the service usage apparatus, transmit the stored public key information to the service providing system without performing communication with the external authentication device, wherein the second request is a request for registering the public key information for using the service provided by the service providing system (SAKUMOTO Fig 9 and associated text on [0152-0155] teaches portable terminal 100 (i.e. equivalent to external authentication device), PC 200 (i.e. service usage apparatus) and PC 300 (i.e. service providing system), the portable terminal 100 supplies the PC 200 with the public key pk generated in response to a request (i.e. first request) from the PC 200. See Fig 10 and text on [0161-0162] teaches transmission unit 308 of server apparatus 300 (i.e. equivalent to service providing apparatus in view of [0153] service provided by server apparatus 300) transmits information to PC 200 (i.e. service usage apparatus in instant case), wherein the information is a registration request (i.e. second request) of the public key pk and the reception unit 310 of server apparatus 300 receives public key pk from PC 200 in response to registration request (i.e. PC 200 transmits public key to PC 300 after public key and secret keys are stored by the PC 200 without performing communication with portable terminal 100, because the PC 200 already have the public key transmitted by the portable terminal, therefore transmits the public key when there is registration request by the PC 300, without communicating with the portable terminal as required by the claim));

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of SAKUMOTO into the teaching of OIKAWA by transmitting and registering public key upon request by the service providing system. One would be motivated to do so in order to securely and efficiently use service provided by service providing system based on registering public key with the service provider system (SAKUMOTO on [0005-0006]).
Although the combination of OIKAWA and SAKUMOTO teaches deleting the public key, but fails to explicitly teach delete the public key information stored in the service usage apparatus based on the registering the public key information on the service providing system, however Bailey from analogous art teaches delete the public key information stored in the service usage apparatus based on the registering the public key information on the service providing system (Bailey Fig 2 block 222, 224 and text on [0035-0036] teaches the encrypted key is transmitted to C&C server for storage (i.e. registering key at service providing system) and delete the key from the local storage of computer (i.e. service usage apparatus)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bailey into the combined teaching of OIKAWA and SAKUMOTO by deleting the key once the key is registered with the service providing apparatus. One would be motivated to do so in order to securely and efficiently use service provided by service providing system based on registering public key with the service provider system and deleting the key, thereby protecting the key from being exposed to an unauthorized access (Bailey on [0005-0006]).

Regarding claim 8 OIKAWA teaches A non-transitory computer-readable storage medium having computer- executable instructions stored thereon, wherein the instructions cause a computer as a service usage apparatus to (OIKAWA on [page 6 para 4-5] teaches the key management server apparatus having a memory for storing instruction and processor for executing instructions);
transmit, to an external authentication device, a first request of a key information to be used for authentication, when the external authentication device is connected to the service usage apparatus (OIKAWA on [page 16 para 2-3] teaches the key management service providing unit 512 of the key management server apparatus 500 (i.e. service usage apparatus) transmits a key generation request for generating a pair of the user's private key and public key to the private key management apparatus 600 (i.e. external authentication device), the key management unit 612 of the secret key management apparatus 600 receives the key generation request transmitted in step S6130 via the communication unit 650 (i.e. indication that external authentication device is connected with service usage apparatus). Further on [page 5 last para] teaches the server device 500 and apparatus 600 along with other devices are connected via network 340); 
receive, from the external authentication device, public key information when authentication processing performed by the external authentication device based on the first request is successful (OIKAWA on [page 16 para 3-4] teaches when the access right authentication is successful the key generation unit 6122 (i.e. of the external authentication) determine private key and public key.. See on [page 16 3rd last para] teaches the key management service providing unit 512 of the key management server apparatus 500 receives the key ID (i.e. identification information) and the public key. Further teaches the key management unit 612 of the secret key management apparatus 600 sends the key ID associated with the secret key generated in step S6150 and the public key corresponding to the secret key to the key management server apparatus 500 and the Key ID is associated with user ID);
wherein secret key information corresponding to the public key information as a key pair and authentication information used for the authentication processing are managed by the external authentication device (OIKAWA on [page 5 last para and page 6 1st para] teaches key management apparatus 600 for managing secret key. See on [page 7 4th last para] teaches secret key management apparatus for managing secret key and authentication information. See also [page 8 para 2] teaches the key generation unit of management apparatus 600 generated encryption key as set of public and corresponding secret key. See on [page 16 para 3-4] teaches key pair is generated at private key management 600 (i.e. managed by external authentication device) in association with management authentication information (i.e. authentication information) received for authentication process. Further teaches management unit 612 of key management apparatus 600 for managing secret key associated with key ID (i.e. identification information) by sending the secret key);
the received identification information stored (OIKAWA on [page 16 para 5-7] teaches storing the identification information).

  
Although OIKAWA teaches the management service device 500 receives the public key and identification and inherently stores the public key because the public key is later transmitted to the terminal device, but fails to explicitly teach storing the public key and in response to a second request from a service providing system, which provides a service via the network, transmit the stored public key information to the service providing system without performing communication with the external authentication device, wherein the second request is a request for registering the public key information for using the service provided by the service providing system  and wherein a transmission of the first request of the key information is performed before the second request from the service providing system, however SAKUMOTO from analogous art teaches store the received public key information (SAKUMOTO Fig 2 and text on [0064-0066 and 0109-0111] teaches PC 200 stores public key and secret key  in storage unit 204 for transmitting to PC 300 upon request);
 in response to a second request from a service providing system, which provides a service via the network, after the received identification information and the received public key information has been stored in the service usage apparatus, transmit the stored public key information to the service providing system without performing communication with the external authentication device, wherein the second request is a request for registering the public key information for using the service provided by the service providing system (SAKUMOTO Fig 9 and associated text on [0152-0155] teaches portable terminal 100 (i.e. equivalent to external authentication device), PC 200 (i.e. service usage apparatus) and PC 300 (i.e. service providing system), the portable terminal 100 supplies the PC 200 with the public key pk generated in response to a request (i.e. first request) from the PC 200. See Fig 10 and text on [0161-0162] teaches transmission unit 308 of server apparatus 300 (i.e. equivalent to service providing apparatus in view of [0153] service provided by server apparatus 300) transmits information to PC 200 (i.e. service usage apparatus in instant case), wherein the information is a registration request (i.e. second request) of the public key pk and the reception unit 310 of server apparatus 300 receives public key pk from PC 200 in response to registration request (i.e. PC 200 transmits public key to PC 300 after public key and secret keys are stored by the PC 200 without performing communication with portable terminal 100, because the PC 200 already have the public key transmitted by the portable terminal, therefore transmits the public key when there is registration request by the PC 300, without communicating with the portable terminal as required by the claim));

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of SAKUMOTO into the teaching of OIKAWA by transmitting and registering public key upon request by the service providing system. One would be motivated to do so in order to securely and efficiently use service provided by service providing system based on registering public key with the service provider system (SAKUMOTO on [0005-0006]).
Although the combination of OIKAWA and SAKUMOTO teaches deleting the public key, but fails to explicitly teach delete the public key information stored in the service usage apparatus based on the registering the public key information on the service providing system, however Bailey from analogous art teaches delete the public key information stored in the service usage apparatus based on the registering the public key information on the service providing system (Bailey Fig 2 block 222, 224 and text on [0035-0036] teaches the encrypted key is transmitted to C&C server for storage (i.e. registering key at service providing system) and delete the key from the local storage of computer (i.e. service usage apparatus)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bailey into the combined teaching of OIKAWA and SAKUMOTO by deleting the key once the key is registered with the service providing apparatus. One would be motivated to do so in order to securely and efficiently use service provided by service providing system based on registering public key with the service provider system and deleting the key, thereby protecting the key from being exposed to an unauthorized access (Bailey on [0005-0006]).

Claims 2 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over OIKAWA et al (hereinafter OIKAWA) (JP 2011-71721) (English translation used for examination) in view of SAKUMOTO et al (hereinafter SAKUMOTO) (US 20160182476), in view of Bailey (US 20190109869) and further in view of Tsuruoka et al (hereinafter Tsuruoka) (US 20100088519). 

Regarding claim 2 the combination of OIKAWA, SAKUMOTO and Bailey  teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein the stored public key information is managed with use of an expiration date, however Tsuruoka from analogous art teaches wherein the stored public key information is managed with use of an expiration date (Tsuruoka on [0172] teaches public key is associated with time stamp as validity period of public key and expired public key is erased automatically).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Tsuruoka into the combined teaching of TSURUOKA, SAKUMOTO and Bailey by associating timestamp with public key. One would be motivated to do so in order to provide service based on public key and automatically remove the public key after expiration of the public key (Tsuruoka on [0002-0003]).

Regarding claim 9 the combination of OIKAWA, SAKUMOTO and Bailey teaches all the limitations of claim 1 above, OIKAWA further teaches wherein the first request is transmitted to the external authentication device when the external authentication device is connected to the service usage apparatus and the stored public key information is not associated with service information (OIKAWA on [page 16 para 2-3] teaches the key management service providing unit 512 of the key management server apparatus 500 (i.e. service usage apparatus) transmits a key generation request for generating a pair of the user's private key and public key to the private key management apparatus 600 (i.e. external authentication device), the key management unit 612 of the secret key management apparatus 600 receives the key generation request transmitted in step S6130 via the communication unit 650 (i.e. indication that external authentication device is connected with service usage apparatus). Further on [page 5 last para] teaches the server device 500 and apparatus 600 along with other devices are connected via network 340).
The combination fails to explicitly teach wherein the external authentication device generates a new key pair including secret key information and public key information based on the first request and transmits the public key information to the service usage apparatus, however Tsuruoka from analogous art teaches wherein the external authentication device generates a new key pair including secret key information and public key information based on the first request and transmits the public key information to the service usage apparatus (Tsuruoka on [0171-0174] teaches generating new public-private key pair and transmitting the new public key for use).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Tsuruoka into the combined teaching of TSURUOKA and Bailey by generating new pair of public and private key pair. One would be motivated to do so in order to provide service based on public key and automatically remove the public key after expiration of the public key (Tsuruoka on [0002-0003]).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522.  The examiner can normally be reached on 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/MOEEN KHAN/               Examiner, Art Unit 2436                                                                                                                                                                                         

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436