Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 7, 8 and 12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Regarding claims 7 and 8, the phrase "suitable to" renders the claim indefinite because it is unclear whether the limitation(s) following the phrase are part of the claimed invention because the term appears to make the limitation optional as long as the protocol is “suitable to” perform the steps rather than requiring the steps to be performed.  See MPEP § 2173.05(d).
Regarding claim 12, the phrase " can be used" renders the claim indefinite because it is unclear whether the limitation(s) following the phrase are part of the claimed invention.  See MPEP § 2173.05(d).


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-12 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Ayman El-Sayed (Ayman, E. L. "A New Secure Group Management and Communication in End-System Multicast Protocol." IJCSNS 10.3 (2010)), hereinafter, “El-Sayed”.
Regarding Claim 1, El-Sayed Discloses a multicast overlay communications network, comprising: 
a plurality of devices configured as an overlay network for End System Multicast (ESM) communication at the network Application Layer (See, Abstract and Page 302, Section “Introduction”, “End-System Multicast (ESM) (1) aims to simplify group communication by implementing the multicast functionality at the application layer instead of the networking layer. Using ESM, an end-hostcanjoin/leave a multicast group without the need of native multicast support at the network routers. An ESM protocol constructs and maintains an overlay tree between the end host members of the multicast group, and the multicast data traffic is transmitted from one member to another one via this overlay tree using unicast connections. and Fig. 3); 
one or more groups of devices within the overlay network, each comprising a subset of the plurality of devices (See, abstract, “In this paper, a secure group management (i.e. control traffic exchange), based on clustering of group members, is proposed. our proposed of group management is between both (I) the main controller (MRP, Main Rendez-vous Point) and the second controlers (CRP, Cluster RP), and (2) the second controllers and its members. Also, a secure group communication is proposed that is among group members” and also see Fig. 3); 
one or more cryptographic keys established and stored at the network Application Layer (See, Page 303, 1st Column, last paragraph, “In this paper, we propose a new key management scheme, called Transition/Cluster Key Scheme (TCKS), to be used in a centralized ESM protocol. TCKS reduces the key management overhead by using a unique TEK for each cluster, and a set of transition keys for members who recently joined the cluster. The TCKS is periodically updated in order to integrate members who are in the transition state for each cluster (managed by individual transition keys) with its cluster. The use of a unique key for each cluster both decreases the key updating overheads and avoids important decryption and re-encryption overheads, and the use of a small set of transition keys for each cluster, decreases the key updating overhead as well.”); and 
an encryption/decryption protocol configured to encrypt/decrypt datagrams at the network Application Layer using the one or more cryptographic keys to secure communication between the one or more groups (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”).
Regarding Claim 2, the rejection of claim 1 is incorporated and El-Sayed further discloses wherein communications between the one or more groups of devices are secured with end-to-end encryption (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”, Note: both CKS and TCKS perform hop-by-hop encryption at the boundary of cluster and end-to-end encryption within the cluster).
Regarding Claim 3, the rejection of claim 2 is incorporated and El-Sayed further discloses wherein a different cryptographic key of the one or more cryptographic keys is shared with devices within each of the one or more groups (See, Page 304, Section 3.2, “Clusters Key Scheme (CKS), “In this case we can use a separate TEK for each cluster”).
Regarding Claim 4, the rejection of claim 1 is incorporated and El-Sayed further discloses wherein communications between the one or more groups are secured with hop-by-hop encryption (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”, Note: both CKS and TCKS perform hop-by-hop encryption at the boundary of cluster and end-to-end encryption within the cluster).
Regarding Claim 5, the rejection of claim 4 is incorporated and El-Sayed further discloses wherein a different cryptographic key of the one or more cryptographic keys is shared between each pair of adjacent devices in the overlay network (See, Fig. 3, CKS and TCKS).
Regarding Claim 6, the rejection of claim 1 is incorporated and El-Sayed further discloses wherein communications between the one or more groups are secured with a combination of end-to-end encryption and hop-by-hop encryption (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”, Note: both CKS and TCKS perform hop-by-hop encryption at the boundary of cluster and end-to-end encryption within the cluster).
Regarding Claim 7, the rejection of claim 1 is incorporated and El-Sayed further discloses wherein a common control protocol operating at the network Application Layer is suitable to establish one or more ESM route(s) required for communication between the one or more groups, and the one or more cryptographic keys used to secure communications between the one or more groups (See, Fig. 3 and Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”).
Regarding Claim 8, the rejection of claim 1 is incorporated and El-Sayed further discloses wherein a common data protocol operating at the network Application Layer is suitable to: encrypt datagrams using the encryption/decryption protocol and the one or more cryptographic keys; forward datagrams across the overlay network according to one or more ESM route(s); and decrypt datagrams using the encryption/decryption protocol and the one or more cryptographic keys groups (See, Fig. 3 and Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”).
Regarding Claim 9, the rejection of claim 8 is incorporated and El-Sayed further discloses wherein one of the one or more cryptographic keys is used for end-to-end encryption of datagrams transmitted by one of the devices in one or more groups of devices along the ESM route(s) (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”, Note: both CKS and TCKS perform hop-by-hop encryption at the boundary of cluster and end-to-end encryption within the cluster).
Regarding Claim 10, the rejection of claim 8 is incorporated and El-Sayed further discloses wherein a different key of the one or more cryptographic keys is shared between each pair of devices that are adjacent in the overlay network and part of an ESM route for one of the one or more groups forming a set of keys (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”, Note: both CKS and TCKS perform hop-by-hop encryption at the boundary of cluster and end-to-end encryption within the cluster).
Regarding Claim 11, the rejection of claim 10 is incorporated and El-Sayed further discloses wherein the set of keys are used for hop-by-hop encryption of datagrams transmitted by one or more devices of the one or more groups of devices along the ESM route(s) (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”, Note: both CKS and TCKS perform hop-by-hop encryption at the boundary of cluster and end-to-end encryption within the cluster).
Regarding Claim 12, the rejection of claim 10 is incorporated and El-Sayed further discloses wherein a key shared by adjacent devices can be used for hop-by-hop encryption of datagrams transmitted by one or more devices of the one or more groups of devices (See, Pages 304-305, Section 3.2, “Clusters Key Scheme (CKS)”, “To traverse from one cluster to another, the group traffic should be decrypted and re-encrypted at the clusters boundaries. This scheme reduces the rekeying overhead and keeps the decryption/re-encryption overhead acceptable” and Page 305, Section “3.4. Transition/Cluster Key Scheme (TCKS)”, “In TCKS scheme, each message is encrypted/decrypted at the boundary of clusters, depending on number of clusters, and at members who are still in the transition state. The message is decrypted/reencrypted once again by the parents of members in the transition state”, Note: both CKS and TCKS perform hop-by-hop encryption at the boundary of cluster and end-to-end encryption within the cluster).

Allowable Subject Matter
Claims 13-24 are allowed.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Mizutani (US 2005/0111453 A1).
Bijwaard et al. (US 2012/0275457 A1).
Halford (US 2015/0104017 A1).
Qi (US 2016/0127459 A1).
Yiu, W-PK, and S-HG Chan. "SOT: secure overlay tree for application layer multicast." 2004 IEEE International Conference on Communications (IEEE Cat. No. 04CH37577). Vol. 3. IEEE, 2004.






Any inquiry concerning this communication or earlier communications from the examiner should be directed to YOGESH PALIWAL whose telephone number is (571)270-1807. The examiner can normally be reached M-F 9:00AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph P Hirl can be reached on 5712723685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/YOGESH PALIWAL/Primary Examiner, Art Unit 2435