Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Claims 2, 24-27 remain for examination. Applicant's arguments filed on 09/06/2022 have been fully considered but they are not persuasive. The rejections are maintained and incorporated by reference the last Office action on 06/06/2022. Accordingly, this action has been made final. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 2, 25 are rejected under 35 U.S.C. 103 as being unpatentable over Addepalli U.S. Publication No 20130301584 A1, in view of MADDOX U.S 20160105539 A1, in further view of Chang US 20050282546 A1.
As to claim 2, Addepalli teaches an Authentication, Authorization and Accounting (AAA) server operated by, or on behalf of a Dedicated Short-Range Communications infrastructure authority (Addepalli Fig. 1, Pa. [0046]) [communication system 10 may enable OBU 30 to leverage Dedicated Short Range Communication (DSRC) possibly for signaling purposes among mobile nodes that cooperatively self-configure as a network], transmitting messages among and between On-board Units (OBU) and Roadside Units (RSU) (Addepalli Fig. 1, Pa. [0080]) [a roadside access, roadside IAP 146, for example, a RSU, may communicate with an OBU, for example, OBU 130c, via a wireless link 112d, for example, Dedicated Short-Range DSRC],  said AAA server comprising at least one processor running at least one computer program adapted to communicate through the Internet with a plurality of user devices and/or an OBU operating a subnet for one or more user devices, with a plurality of RSUs, in order to carry out the functions of AAA  (Addepalli Fig. 1, Pa. [0078]) [Additionally, OBUs in VAN 100 may dynamically allocate a gateway function to the node (e.g., OBU) with the best uplink channel. By leveraging vehicular access network 100, fewer cars may be directly connected to access points (APs), and more cars can be connected to APs from a greater distance. In general, RSUs can act as access points, but they may be expensive to deploy and manage. With VMN 100, according to embodiments of the present disclosure, fewer RSUs may be deployed to achieve substantial connectivity]
It is noted that Addepalli does not appear explicitly disclose enabling the authority to authenticate said user devices and/or said OBU, and to authorize said user devices and/or said OBU for access to any service subscribed thereby, wherein the AAA server is operable to request assistance from a Security Credentials and Management System (SCMS) components in validating security credentials of said user device and/or said OBU.
However, Maddox discloses enabling the authority to authenticate said user devices and/or said OBU, and to authorize said user devices and/or said OBU for access to any service subscribed thereby (Maddox claim 9) [communications interface employs a security credential management server authenticating communications between the dedicated short range communications equipped user device and the controller area network], wherein the AAA server is operable to request assistance from a Security Credentials and Management System (SCMS) components in validating security credentials of said user device and/or said OBU (Maddox Pa. [0020]) [authentication and security may be maintained via the use of security credentials. In some applications, a security credential management server (SCMS) 200 provides security credentials to OBUs 118 and RSUs 120, which are then used to protect the over-the-air communication against manipulation and injection of false messages. In some embodiments, SCMS 200 can implement and/or manage any type of verified credentials, including but not limited to Verify-On-Demand credentials (that is, in some embodiments, verifying only information and/or data that will impact a driver warning or control input), digital signatures, and/or rolling credentials that are changed on a regular basis (e.g. time based, event based, or the like)]
Thus, at the time of the invention, it would have been recognized by one of ordinary skill in the art, that applying the known technique taught by Maddox to the authentication system of Addepalli would have yield predictable results and resulted in an improved system, namely, a system that would provide dedicated short-range communications (DSRC) and, more particularly, a vehicle interface docking system for a DSRC-equipped user device (e.g. cell phone) in a vehicle (Maddox Pa. [0002])
Furthermore, it is noted that the combination of Addepalli and Maddox does not appear explicitly disclose “Authentication, Authorization and Accounting (AAA) server”
However, paragraph [0007] of Chang discloses [where a station searches for a beacon pilot from the nearby AP, and because of back-end signaling between APs and AAA servers. An AAA server handles connection requests for access to network resources and provides authentication, authorization, and accounting (AAA) services. An AAA server is located in the back-end network and shared by many Aps].
Thus, at the time of the invention, it would have been recognized by one of ordinary skill in the art, that applying the known technique taught by Chang to the authentication systems of Addepalli and Maddox would have yield predictable results and resulted in an improved system, namely, a system that would provide  fast handoff in a WLAN-like communication system by using an active neighboring set to determine a caching candidate set for mobile service information forwarding (Chang Pa. [0002])

As to claim 25, the combination of Addepalli, Maddox and Chang teaches operable, in the case where the domain name of the Certificate Management Entity having issued credentials used by an OBU to request authentication and authorization, identifies a remote AAA server, to forward said authentication and authorization request to said remote AAA server, using credentials obtained from SCMS chain of trust to secure communications with said remote AAA server (Maddox Pa. [0020]) [authentication and security may be maintained via the use of security credentials. In some applications, a security credential management server (SCMS) 200 provides security credentials to OBUs 118 and RSUs 120, which are then used to protect the over-the-air communication against manipulation and injection of false messages. In some embodiments, SCMS 200 can implement and/or manage any type of verified credentials, including but not limited to Verify-On-Demand credentials (that is, in some embodiments, verifying only information and/or data that will impact a driver warning or control input), digital signatures, and/or rolling credentials that are changed on a regular basis (e.g. time based, event based, or the like)]
Thus, at the time of the invention, it would have been recognized by one of ordinary skill in the art, that applying the known technique taught by Maddox to the authentication system of Addepalli would have yield predictable results and resulted in an improved system, namely, a system that would provide dedicated short-range communications (DSRC) and, more particularly, a vehicle interface docking system for a DSRC-equipped user device (e.g. cell phone) in a vehicle (Maddox Pa. [0002])
Claims 26-27 are rejected under 35 U.S.C. 103 as being unpatentable over Addepalli U.S. Publication No 20130301584 A1, in view of MADDOX U.S 20160105539 A1, Chang US 20050282546 A1, in further view of Cordeiro US 20150139421 A1.
As to claim 26, the combination of Addepalli, Maddox and Chang teaches 
wherein, on receipt of an authentication and authorization request with SCMS credentials issued for a service identified by Provider Service Identification (PSID) encapsulated in the request (Maddox Pa. [0020]) [authentication and security may be maintained via the use of security credentials. In some applications, a security credential management server (SCMS) 200 provides security credentials to OBUs 118 and RSUs 120, which are then used to protect the over-the-air communication against manipulation and injection of false messages. In some embodiments, SCMS 200 can implement and/or manage any type of verified credentials, including but not limited to Verify-On-Demand credentials (that is, in some embodiments, verifying only information and/or data that will impact a driver warning or control input), digital signatures, and/or rolling credentials that are changed on a regular basis (e.g. time based, event based, or the like)]
 It is noted that Addepalli does not appear explicitly disclose Elliptic Curve Integrated Encryption Scheme (ECIES) is used to encrypt and to transmit to the requesting device necessary parameters and keying material for symmetric encryption of the payload of the service.  
However, Cordeiro discloses Elliptic Curve Integrated Encryption Scheme (ECIES) is used to encrypt and to transmit to the requesting device necessary parameters and keying material for symmetric encryption of the payload of the service (Cordeiro Pa. [0004]) [When symmetric encryption is required, it is expected that nodes perform some well-known key agreement schemes or use integrated encryption schemes. In particular, the IEEE 1609.2 standard specifies the Elliptic Curve Integrated Encryption Scheme as the asymmetric encryption algorithm [3], which is based on Diffie-Hellman key agreement. In [9], an architecture was proposed for secure vehicular communications, which includes a key management scheme. Certification authorities (CAs) are responsible for managing the identity and credentials of vehicles registered within a given region. Each node is registered only in a given CA, which provides it with a unique ID, a long-term pair of private/public keys and a long-term certificate]

As to claim 27, the combination of Addepalli, Maddox, Chang and Cordeiro teaches wherein the service includes a multicast service, and the ECIES is used to encrypt and to transmit to the requesting device the necessary parameters and keying material for symmetric encryption of the payload of the multicast "push notifications" provided by the multicast service (Addepalli Fig. 1, Pa. [0076]) [Multiple associations (1:n)--one wireless interface associated with multiple (n) wireless interfaces. Different interface association possibilities are described in the table below for an arbitrary interface I.sub.0. In one embodiment, for multiple associations (i.e., 1:n), transmissions from I.sub.0 to I.sub.1, . . . , I.sub.n can be unicast, multicast, or broadcast.]
Allowable Subject Matter
Claim 24 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

  Response to Arguments
Arguments
a.	It is argued that: Maddox does not teach the features of authorization of claim 2, but teaches security mechanism that uses the security credentials which may correspond to authentication processes. Maddox does not teach or suggest "to authorize said user devices and/or said OBU for access to any service subscribed thereby" as recited in claim 2. Maddox discloses (emphasis added):
Examiner’s response a. 
In response to applicant's argument that the purpose of authentication/authorization is to provide users ability to access services. Therefore, Maddox discloses on paragraph [0020] [a security credential management server (SCMS) 200 provides security credentials to OBUs 118 and RSUs 120, which are then used to protect the over-the-air communication against manipulation and injection of false messages. In some embodiments, SCMS 200 can implement and/or manage any type of verified credentials, including but not limited to Verify-On-Demand credentials (that is, in some embodiments, verifying only information and/or data that will impact a driver warning or control input), digital signatures, and/or rolling credentials that are changed on a regular basis (e.g. time based, event based, or the like)]. (Emphasis added) claim 9 of Maddox discloses communications interface employs a security credential management server authenticating communications between the dedicated short-range communications equipped user device and the controller area network.
The use of “authorize user devices to access resources” relates to well-known option in the field of authentication, in order to control communication between authenticated devices that the skilled person would consider with no inventive skills.

b.	It is argued that: The combined teachings of Addepalli, Maddox and Chang do not suggest the AAA server that performs the features of the AAA server as recited in claim 2.

Examiner’s response b. 
In response to applicant's argument that claimed limitation is to be given their broadest reasonable interpretation during prosecution, and the scope of a claim cannot be narrowed by reading disclosed limitations into the claim. See In re Morris, 127 F.3d 1048, 1054, 44 USPQ2D 1023, 1027 (Fed. Cir. 1997); In re Zletz, 893 F.2d 319, 321, 13 USPQ2D 1320, 1322 (Fed. Cir.
Also, on paragraph [0024] of Chang, the “AAA server”’ would be functionally equivalent of (current the AAA server as recited in claim 2), and one of ordinary skill in the art would choose one in lieu of the other based on common engineering criteria.

c.	It is argued that: Maddox does not remedy the defect of the combined teachings of Addepalli and Chang, Therefore, claim 2 is not rendered obvious over Addepalli, Maddox and Chang. Claim 28 recites similar features. For the same reasons, claim 28 is not rendered obvious over Addepalli, Maddox and Chang. Withdrawal of the rejection is respectfully requested.

Examiner’s response c. 
In response to applicant's argument that there is no suggestion to combine the references, the examiner recognizes that obviousness can only be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988) and In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992).  
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EVANS DESROSIERS whose telephone number is (571)270-5438. The examiner can normally be reached Monday -Thursday 7:00 am - 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B. Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/EVANS DESROSIERS/           Primary Examiner, Art Unit 2491