DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
3.	Claims 1-2, 4, 6-8, 10-12, 14, 16-17 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-4, 6-11 and 14-16 of U.S. Patent No. 10,945,131. Claims 1-2, 4, 6-8, 10-12, 14, 16-17 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-4, 6-11 and 14-16 of U.S. Patent No. 10,945,131 in view of Killian et al. (Killian), U.S. Publication No. 2011/0016307 (described below).  
Although the claims at issue are not identical, they are not patentably distinct from each other because the subject matter of Independent Claims 1, 11 and 20 of the current application are the same as Independent Claims 1, 9 and 16 of the patent. Dependent Claims 2, 4, 6-8, 10, 12, 14 and 16-17 of the current application are the same as the Dependent claims 2-4, 6-8, 10-11 and 14-15 of the patent.


Current Application:
Patent:
Rationale:
Claim 1 (similarly, Claims 11 and 20): A method, the method comprising: receiving at a customer premises network device physically located at a first customer premises, a credential service setup request from a first user device while said first user device is physically located at the first customer premises of a first user of the first user device; sending, from the customer premises network device, a request for master security information to said first user device requesting information for securing information in first user credential storage included in said network device located at the first customer premises; receiving at the customer premises network device, encrypted information corresponding to the first user sent from the first user device, said encrypted information corresponding to the first user including at least one password for a network service that was encrypted using said master security information; and storing the encrypted information including one or more passwords, in encrypted form, on a portion of a storage device allocated to the first user, said storage device being located in the customer premises network device.
Claim 1 (Similarly, Claims 9 and 16): A method, the method comprising: receiving at a customer premises network device physically located at a first customer premises, a credential service setup request from a first user device while said first user device is physically located at the first customer premises of a first user of the first user device; validating the first user with an ISP provider; sending, from the customer premises network device, a request for master security information to said first user device requesting information for securing information in first user credential storage included in said network device located at the first customer premises; receiving at the customer premises network device, encrypted information corresponding to the first user sent from the first user device, said encrypted information corresponding to the first user including at least one password for a network service; storing the encrypted information including one or more passwords, in encrypted form, on a portion of a storage device allocated to the first user, said storage device being located in the customer premises network device; sending, from the first customer premises network device, a message to the first user device indicating successful credential storage for the first user; operating the first user device to receive a request from the first user for credential information corresponding to a first service; prompting the first user to enter master security information required to access secure credential storage corresponding to the first user stored on said first user device; receiving at the first user device master security information; and verifying the received master security information; and following verification of the received master security information, decrypting the credential information corresponding to the first service; and i) providing the credential information corresponding to the first service to the user of the first device or ii) communicating the credential information to a server providing the first service.
The current application states “that was encrypted using said master security information”.  Although the patent does not specify, Killian has been shown to teach the password (i.e., AUTH2) as encrypted information using master security information (i.e., K_MSK) as discussed in paragraph [0050].  It would have been obvious to consider this teaching of encrypting information using security information for preventing unauthorized replay of content and the outright theft of the service (see paragraph [0013] of Killian).
Claim 2: The method of claim 1, validating the first user with an ISP provider; said step of validating the first user with the ISP provider including: sending an authentication request to the first user device; receiving ISP login credentials from the first user device; communicating the ISP login credentials to an ISP server responsible for validating ISP users; and confirming that a validation success result was received from the ISP server in response to the communicated ISP login credentials.
Claim 2: The method of claim 1, wherein validating the first user with the ISP provider includes: sending an authentication request to the first user device; receiving ISP login credentials from the first user device; communicating the ISP login credentials to an ISP server responsible for validating ISP users; and confirming that a validation success result was received from the ISP server in response to the communicated ISP login credentials.

Claim 4: The method of claim 3, wherein said message to the first user device is sent with credential synchronization information providing the first user device with a copy of at least some encrypted credential information stored on the portion of a storage device included in the customer premises network device allocated to the first user.
Claim 3: The method of claim 1, wherein said message to the first user device is sent with credential synchronization information providing the first user device with a copy of at least some encrypted credential information stored on the portion of a storage device included in the customer premises network device allocated to the first user.

Claim 10:  The method of claim 1, wherein said customer premises network device is a wireless access point with network connectivity to the ISP server; wherein said first user device is a cell phone; and wherein said encrypted information including one or more passwords stored on the portion of the storage device allocated to the first user includes at least a first identifier of a first video streaming service, a first user identifier used to identify the first user to the first video streaming service; and a password used by the first user with the first video streaming service.
Claim 4: The method of claim 1, wherein said customer premises network device is a wireless access point with network connectivity to the ISP server; wherein said first user device is a cell phone; and wherein said encrypted information including one or more passwords stored on the portion of the storage device allocated to the first user includes at least a first identifier of a first video streaming service, a first user identifier used to identify the first user to the first video streaming service, and a password used by the first user with the first video streaming service.

Claim 6: The method of claim 5, further comprising: sending a credential information update message to the second user device corresponding to the first user, while the second user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the second user device.
Claim 6: The method of claim 5, further comprising: sending a credential information update message to the second user device corresponding to the first user, while the second user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the second user device.

Claim 7: The method of claim 4, further comprising: sending a credential information update message to the first user device corresponding to the first user, while the first user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the first user device.
Claim 7: The method of claim 5, further comprising: receiving from the first user device corresponding to said first user, while first user device is located in the first customer premises, said master security information corresponding to said first user; and sending a credential information update message to the first user device corresponding to the first user, while the first user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the first user device.

Claim 8:  The method of claim 7, further comprising: receiving from the first user device a credential information update including, in encrypted form, at least one new or changed password used by the first user to obtain a service available to the first user; and
storing the updated credential information on the portion of the storage device included in said customer premises network device allocated to the first user.
Claim 8: The method of claim 7, further comprising: receiving from the first user device a credential information update including, in encrypted form, at least one new or changed password used by the first user to obtain a service available to the first user; and storing the updated credential information on the portion of the storage device included in said customer premises network device allocated to the first user.

Claim 12: The system of claim 11, wherein said processor is further configured to validate the first user with an ISP provider; and wherein said customer premises network device further includes: a second transmitter; and a second receiver; and wherein said processor is configured to: control the first transmitter to send an authentication request to the first user device; control the first receiver to receive ISP login credentials from the first user device; control the second transmitter to communicate the ISP login credentials to an ISP server responsible for validating ISP users; and confirm that a validation success result was received from the ISP server in response to the communicated ISP login credentials, as part of being configured to validate the first user with the ISP provider.
Claim 10:  The system of claim 9, wherein said customer premises network device further includes: a second transmitter; and a second receiver; and wherein said processor is configured to: control the first transmitter to send an authentication request to the first user device; control the first receiver to receive ISP login credentials from the first user device; control the second transmitter to communicate the ISP login credentials to an ISP server responsible for validating ISP users; and confirm that a validation success result was received from the ISP server in response to the communicated ISP login credentials, as part of being configured to validate the first user with the ISP provider.

Claim 14: The system of claim 13, wherein said message to the first user device is sent with credential synchronization information providing the first user device with a copy of at least some encrypted credential information stored on the portion of a storage device included in the customer premises network device allocated to the first user.
Claim 11: The system of claim 9, wherein said message to the first user device is sent with credential synchronization information providing the first user device with a copy of at least some encrypted credential information stored on the portion of a storage device included in the customer premises network device allocated to the first user.

Claim 16: The system of claim 15, wherein said processor is further configured to: control said first transmitter to send a credential information update message to the second user device corresponding to the first user, while the second user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the second user device.
Claim 14: The system of claim 13, wherein said processor is further configured to: control said first transmitter to send a credential information update message to the second user device corresponding to the first user, while the second user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the second user device.

Claim 17: The system of claim 15, wherein said first receiver is further configured to: wherein said processor is further configured to control said first transmitter to send a credential information update message to the first user device corresponding to the first user, while the first user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the first user device.
Claim 15: The system of claim 13, wherein said first receiver is further configured to: receive from the first user device corresponding to said first user, while first user device is located in the first customer premises, said master security information corresponding to said first user; and wherein said processor is further configured to control said first transmitter to send a credential information update message to the first user device corresponding to the first user, while the first user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the first user device.




Claim Rejections - 35 USC § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

5.	Claim(s) 1, 3-4, 11, 13-14 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Killian in view of Zhang, U.S. Publication No. 2013/0305329.
Regarding Claims 1, 11 and 20, Killian discloses a method, the method 
comprising:
receiving at a customer premises network device (i.e., network resources; see figure 1) physically located at a first customer premises (i.e., within a home; see paragraph [0017]), a credential service setup request (i.e., join request, step 276; see figure 2B) from a first user device (i.e., end users; see figure 1) while said first user device is physically located at the first customer premises of a first user of the first user device (see paragraph [0048]);
sending, from the customer premises network device, a request for master security information to said first user device requesting information for securing information in first user credential storage included in said network device located at the first customer premises (i.e., membership query sent from the network resource to the end user in step 280 shown in figure 2B);
receiving at the customer premises network device, encrypted information corresponding to the first user sent from the first user device (in other words, the authorization key K_MSK may be a version of the identifications of the end user computer and of the requested content program, encrypted using a symmetric key possessed by the service intelligence computer and by a network resource.; see paragraph [0006]), said encrypted information corresponding to the first user including at least one password (for example, AUTH2; see paragraphs [0050] and [0051]) for a network service (i.e., step 282 the end user sends a membership response to the network resource shown in figure 2B) that was encrypted using said master security information (as described in paragraph [0050] for computing AUTH2).
Killian fails to disclose storing the encrypted information including one or more passwords, in encrypted form, on a portion of a storage device allocated to the first user, said storage device being located in the customer premises network device.
Zhang discloses storing the encrypted information including one or more passwords, in encrypted form, on a portion of a storage device allocated to the first user, said storage device being located in the customer premises network device (i.e., the encrypted password may be included in the credentials transmitted and stored in the wireless router; see paragraph [0073]).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Zhang’s invention with Killian’s invention for providing a less difficult and less time consuming process for network access credentials retrieval (see paragraph [0002] of Zhang). 
	Regarding Claims 3 and 13, Killian and Zhang disclose the method and system as described above.  Killian discloses further comprising: sending, from the first customer premises network device, a message to the first user device indicating successful credential storage for the first user (see figure 2B).
	Regarding Claims 4 and 14, Killian and Zhang disclose the method and system as described above.  Killian discloses wherein said message to the first user device is sent with credential synchronization information providing the first user device with a copy of at least some encrypted credential information stored on the portion of a storage device included in the customer premises network device allocated to the first user (see figure 2B).
6.	Claims 2 and 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Killian and Zhang in view of Bartoszewski et al. (Bartoszewski), U.S. Publication No. 2015/0326610.
Regarding Claims 2 and 12, Killian and Zhang disclose the method and system 
as described above.  Killian and Zhang fail to disclose validating the first user with an ISP provider; said step of validating the first user with the ISP provider including: sending an authentication request to the first user device; receiving ISP login credentials from the first user device; communicating the ISP login credentials to an ISP server responsible for validating ISP users; and confirming that a validation success result was received from the ISP server in response to the communicated ISP login credentials.  Bartoszewski discloses validating the first user with an ISP provider; said step of validating the first user with the ISP provider including: sending an authentication request to the first user device; receiving ISP login credentials from the first user device; communicating the ISP login credentials to an ISP server responsible for validating ISP users; and confirming that a validation success result was received from the ISP server in response to the communicated ISP login credentials (see paragraph [0028]).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Bartoszewski’s invention with Killian’s and Zhang’s invention for automatically connecting a device to a router including a process with more flexibility, less time consuming and requiring a less amount of resources (see paragraphs [0001] and [0002] of Bartoszewski).
7.	Claims 5-8 and 15-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Killian and Zhang in view of Ziraknejad et al. (Ziraknejad), U.S. Patent No. 10,231,128.
Regarding Claims 5 and 15, Killian and Zhang disclose the method and system 
as described above.  Killian and Zhang fail to disclose further comprising: receiving from a second user device a credential information update including, in encrypted form, at least one new or changed password used by the first user to obtain a service available to the first user; and storing the updated credential information on the portion of a storage device included in said customer premises network device allocated to the first user.  Ziraknejad discloses further comprising: receiving from a second user device a credential information update including, in encrypted form, at least one new or changed password used by the first user to obtain a service available to the first user; and storing the updated credential information on the portion of a storage device included in said customer premises network device allocated to the first user (see col. 21, lines 21-31).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Ziraknejad’s invention with Killian’s and Zhang’s invention for allowing the device-to-device proximity-based interaction to be linked to a broader enterprise-level security plan (see col. 1, lines 32-35).
Regarding Claims 6 and 16, Killian and Zhang disclose the method and system 
as described above.  Killian and Zhang fail to disclose further comprising: sending a credential information update message to the second user device corresponding to the first user, while the second user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the second user device.  Ziraknejad discloses further comprising: sending a credential information update message to the second user device corresponding to the first user, while the second user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the second user device (see col. 12, lines 6-20).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Ziraknejad’s invention with Killian’s and Zhang’s invention for allowing the device-to-device proximity-based interaction to be linked to a broader enterprise-level security plan (see col. 1, lines 32-35).
Regarding Claims 7 and 17, Killian and Zhang disclose the method and system 
as described above.  Killian and Zhang fail to disclose further comprising: sending a credential information update message to the first user device corresponding to the first user, while the first user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the first user device.  Ziraknejad discloses further comprising: sending a credential information update message to the first user device corresponding to the first user, while the first user device is at the first customer premises, said credential information update message communicating one or more passwords in encrypted form corresponding to the first user for storage in a credential information store on the first user device (see col. 12, lines 6-20).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Ziraknejad’s invention with Killian’s and Zhang’s invention for allowing the device-to-device proximity-based interaction to be linked to a broader enterprise-level security plan (see col. 1, lines 32-35).
Regarding Claim 8, Killian and Zhang disclose the method as described above.  
Killian and Zhang fail to disclose further comprising: receiving from the first user device a credential information update including, in encrypted form, at least one new or changed password used by the first user to obtain a service available to the first user; and storing the updated credential information on the portion of the storage device included in said customer premises network device allocated to the first user.  Ziraknejad discloses further comprising: receiving from the first user device a credential information update including, in encrypted form, at least one new or changed password used by the first user to obtain a service available to the first user; and storing the updated credential information on the portion of the storage device included in said customer premises network device allocated to the first user (see col. 16, lines 4-18).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Ziraknejad’s invention with Killian’s and Zhang’s invention for allowing the device-to-device proximity-based interaction to be linked to a broader enterprise-level security plan (see col. 1, lines 32-35).
8.	Claims 10 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Killian and Zhang in view of Haddad et al. (Haddad), U.S. Publication No. 2013/0091279.
Regarding Claims 10 and 19, Killian and Zhang disclose the method and 
system as described above.  Killian and Zhang fail to disclose wherein said customer premises network device is a wireless access point with network connectivity to the ISP server; wherein said first user device is a cell phone; and wherein said encrypted information including one or more passwords stored on the portion of the storage device allocated to the first user includes at least a first identifier of a first video streaming service, a first user identifier used to identify the first user to the first video streaming service; and a password used by the first user with the first video streaming service.
Haddad discloses wherein said customer premises network device is a wireless access point with network connectivity to the ISP server (see paragraph [0008]); wherein said first user device is a cell phone (see paragraph [0046]); and wherein said encrypted information including one or more passwords (see paragraph [0008]) stored on the portion of the storage device allocated to the first user includes at least a first identifier of a first video streaming service, a first user identifier used to identify the first user to the first video streaming service; and a password used by the first user with the first video streaming service (see paragraph [0008]).  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to consider Haddad’s invention with Killian’s and Zhang’s invention for enabling access to resources from a remote home network for a user device visiting another home network (see paragraph [0003] of Haddad).
Allowable Subject Matter
9.	Claims 9 and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHANTELL HEIBER whose telephone number is (571)272-0886.  The examiner can normally be reached on M-F 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Anthony Addy can be reached on 571-272-7795.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SHANTELL L HEIBER/Primary Examiner, Art Unit 2645    
December 8, 2022