DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 06/02/2020 has been entered.
Claims 1, 2, 4, 8, 9, 10, 11, 12, 14, 18, 19, 20 are currently amended; Claims 3, 13 are cancelled; Claims 21 and 22 are new; Claims 1, 2, 4 – 12, 14 – 22 are currently pending and subject to examination.

Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1, 2, 5, 8 - 12, 15, 18 - 21 are rejected under 35 U.S.C. 103 as being unpatentable over Vasseur (US 20130159550 A1) in view of Thubert et al. (US 20140192808 A1).

Vasseur, FIG. 5, MCO device 500) comprising a processor (Vasseur, FIG. 5, MCO processor 520), a memory (Vasseur, FIG. 5, MCO memory 540), and communication circuitry (Vasseur, FIG. 5, MCO network interfaces 510), the apparatus being connected to a first communications network (Vasseur, FIG. 4, IoT domain 110) via its communication circuitry (Vasseur, [0054] the network interface(s) 510 contain the mechanical, electrical, and signaling circuitry for communicating data over links coupled to the network 100, i.e., in IoT domain 110), the first communications network being a Constrained Application Protocol (CoAP) network (Vasseur, [0035] new IP protocols are required for the highly constrained and harsh environments), 
the apparatus further comprising computer-executable instructions stored in the memory of the apparatus (Vasseur, [0049] each MCO generally has limited intelligence sufficient to perform its respective designated task, securely join a computer network) which, when executed by the processor of the apparatus, cause the apparatus to: 
receive, from a CoAP Controller Resource Directory (CRD) (Vasseur, FIG. 6, distributed intelligence agents (DIAs) 600), a first discovery query (Vasseur, [0060] the DIA process is configured to perform complex application-specific data processing, such as triggering local actuation at the MCOs), 
the first discovery query asking whether the apparatus is capable of performing one or more autonomic functions comprising self-configuration, self-protection, self-healing, or self-optimization (Vasseur, [0052] each MCO provides just enough state information to the DIA/CIC with regards to its functionalities, resources, and supported capability); 
send, to the CRD, a response to the first discovery query (Vasseur, [0072] the DIA collects local state information from a plurality of minimalistic connected objects (MCOs) in a computer network; [0087] each node in the network shares its list of reachable neighbors, for example, through the use of IPv6 ND (Neighbor Discovery)); 
receive, from the CRD, a first map comprising network addresses of a confirmed group of autonomic nodes on an Autonomic Control Plane (ACP) (Vasseur, [0072] the local state information for each MCO comprising a corresponding neighbor list and a selected next-hop for the respective MCO), 
the ACP (Vasseur, FIG. 4, field area network 120) being a second communications network that is logically distinct from the first communications network (Vasseur, [0026] each IoT domain may be interconnected to a next hierarchical level, such as a field area network; [0057] the Distributed Intelligence Agent (DIA) 600, consists of set of software/hardware modules hosted at the edge of the network), 
the autonomic nodes having sufficient security credentials to participate with each other in the one or more autonomic control functions (Vasseur, [0048] the Minimalistic Connected Objects (MCOs) are limited to providing basic secure connectivity to an LBR/DIA; [0049], each MCO generally has limited intelligence sufficient to perform its respective designated task, securely join a computer network ),
Vasseur, [0072] the local state information for each MCO comprises a corresponding neighbor list and a selected next-hop for the respective MCO, where one or more of the MCOs are configured to select their next-hop without any self-optimization; [0081] RPL protocol may define a complete set of functionalities, in order to maintain a simplified process on the MCOs to create a routing topology); 
form, based on the first map, an internal routing table comprising next hop ACP neighbors of the apparatus (Vasseur, [0072] the DIA may transmit a unicast routing instruction to one or more individual MCOs to instruct those individual MCOs how to optimize the current routing topology; [0082] DAGs may be built (by a routing process) based on an Objective Function (OF) or by using basic next-hop selection algorithms); and 
transmit, via the ACP based on the internal routing table, an ACP message to an autonomic node in the confirmed group of autonomic nodes (Vasseur, [0083] DIS (DODAG Information Solicitation) messages are sent under specific circumstances for a node to request routing neighbor discovery).
Vasseur does not expressly disclose the ACP message comprising a first security credential.
Thubert et al. for example, from an analogous field of endeavor (Thubert et al., [0014] an autonomic system may also include self-optimization, self-healing, and self-protection for each network component), discloses the ACP message Thubert et al., [0016] domain identity along with a certificate is used to establish trust levels on all interfaces).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the ACP message comprising a first security credential as taught by Thubert et al. with the system of Vasseur in order to allow for a single virtual routing and forwarding (VRF) (Thubert et al., [0020]).

Regarding claim 2, 12, Vasseur – Thubert et al. discloses transmitting a second discovery query to candidate nodes in the first communications network (Thubert et al., [0018] each autonomic device runs adjacency discovery on all interfaces, on layer two and/or on layer three, to be able to bridge potential non-autonomic layer two devices), 
the second discovery query comprising a second security credential (Thubert et al., [0016] if a neighbor device belongs to the same domain, the autonomic process starts routing on that interface), 
wherein the second discovery query asks each candidate node whether the candidate node is configured to perform an additional autonomic function comprising self-configuration, self-protection, self-healing, or self-optimization (Thubert et al., [0014] each network component self-manages in autonomic networks where self-management includes, at least, self-configuration of a virtual network for OAM.  An autonomic system may also include self-optimization, self-healing, and self-protection for each network component); 
Thubert et al., [0016] network devices with an autonomic process and a verifiable domain identity are able to automatically form the network); 
forming a second map from the addresses of the candidate nodes responding affirmatively (Thubert et al., [0018] adjacency discovery results are entered into a database, which lists for each interface the identity of the neighbor); 
transmitting, to each of the candidate nodes responding affirmatively, a confirmation, the confirmation confirming membership in the ACP (Thubert et al., [0019] higher layer autonomic processes associate an interface with a certain trust level, based on this database; [0026] neighboring autonomic network devices automatically establish virtual point-to-point connections between each other), 
wherein the confirmation comprises an indication of a neighbor node with which the candidate node may form a pairwise communication channel in the ACP (Thubert et al., [0019] a message bus allows for messaging related to the autonomic network between trusted devices; [0026] using neighbor discovery and validation, the autonomic control plane may be built between neighbor devices of the same domain with current or validated domain credentials).  The motivation is the same as in claim 1.

Regarding claim 5, 15, Vasseur – Thubert et al. discloses the first security credential is a certificate (Thubert et al., [0016] the domain identity along with a certificate is used to establish trust levels on all interfaces).  The motivation is the same as in claim 1.

Regarding claim 8, 18, Vasseur – Thubert et al. discloses transmitting a data plane message (Thubert et al., [0043] as data traffic is prepared to be transmitted through the tunnel, the routing instance identified for the data traffic is determined), the data plane message comprising an option signifying that the data plane message should be forwarded via the ACP in the case that transmission is unsuccessful (Vasseur, [0092] the DIA-R may send a newly defined message that contains a directive for the targeted node(s) to modify their routing table and consequently update the current routing topology; [0093] the MCO may re-select a next-hop (and optionally a back-up next hop) for an updated current routing topology).  The motivation is the same as in claim 1.

Regarding claim 9, 19, Vasseur – Thubert et al. discloses a graphical user interface whereby a user may see the portion of the first map (Vasseur, [0027] the network management component may consist of one or more servers is configured to provide high-level control over the network operations of network, and may provide an interface to users/administrators).

Regarding claim 10, 20, Vasseur – Thubert et al. discloses a graphical user interface whereby a user may configure or perform an additional autonomic network or node management function (Vasseur, [0027] the CICs are configured to provide one or more interfaces to receive a set of user-defined rules for the MCO and DIA operation).

Regarding claim 11, Vasseur discloses a method (Vasseur, FIG. 12) performed by an apparatus (Vasseur, FIG. 5, MCO device 500) of a first communications network  (Vasseur, FIG. 4, IoT domain 110), the first communications network being a Constrained Application Protocol (CoAP) network (Vasseur, [0035] new IP protocols are required for the highly constrained and harsh environments; [0054] the network interface(s) 510 contain the mechanical, electrical, and signaling circuitry for communicating data over links coupled to the network 100, i.e., in IoT domain 110), the method comprising: 
receiving, from a CoAP Controller Resource Directory (CRD) (Vasseur, FIG. 6, distributed intelligence agents (DIAs) 600), a first discovery query (Vasseur, [0060] the DIA process is configured to perform complex application-specific data processing, such as triggering local actuation at the MCOs), the first discovery query asking whether the apparatus is capable of performing one or more autonomic functions comprising self-configuration, self-protection, self-healing, or self-optimization (Vasseur, [0052] each MCO provides just enough state information to the DIA/CIC with regards to its functionalities, resources, and supported capability); 
send, to the CRD, a response to the first discovery query (Vasseur, [0072] the DIA collects local state information from a plurality of minimalistic connected objects (MCOs) in a computer network); 
Vasseur, [0072] the local state information for each MCO comprising a corresponding neighbor list and a selected next-hop for the respective MCO), 
the ACP (Vasseur, FIG. 4, field area network 120) being a second communications network that is logically distinct from the first communications network (Vasseur, [0026] each IoT domain may be interconnected to a next hierarchical level, such as a field area network; [0057] the Distributed Intelligence Agent (DIA) 600, consists of set of software/hardware modules hosted at the edge of the network), 
the autonomic nodes having sufficient security credentials to participate with each other in the one or more autonomic functions (Vasseur, [0048] the Minimalistic Connected Objects (MCOs) are limited to providing basic secure connectivity to an LBR/DIA; [0049], each MCO generally has limited intelligence sufficient to perform its respective designated task, securely join a computer network), 
forming, based on the first map, a pairwise security channel with one or more of the ACP neighbors of the apparatus (Vasseur, [0072] the local state information for each MCO comprises a corresponding neighbor list and a selected next-hop for the respective MCO, where one or more of the MCOs are configured to select their next-hop without any self-optimization; [0081] RPL protocol may define a complete set of functionalities, in order to maintain a simplified process on the MCOs to create a routing topology); 
Vasseur, [0072] the DIA may transmit a unicast routing instruction to one or more individual MCOs to instruct those individual MCOs how to optimize the current routing topology; [0082] DAGs may be built (by a routing process) based on an Objective Function (OF) or by using basic next-hop selection algorithms); and 
transmitting, via the ACP based on the internal routing table, an ACP message to a node in the confirmed group of autonomic nodes (Vasseur, [0083] DIS (DODAG Information Solicitation) messages are sent under specific circumstances for a node to request routing neighbor discovery).
Vasseur does not expressly disclose the ACP message comprising a first security credential.
Thubert et al. for example, from an analogous field of endeavor (Thubert et al., [0014] an autonomic system may also include self-optimization, self-healing, and self-protection for each network component), discloses the ACP message comprising a first security credential (Thubert et al., [0016] domain identity along with a certificate is used to establish trust levels on all interfaces).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the ACP message comprising a first security credential as taught by Thubert et al. with the system of Vasseur in order to allow for a single virtual routing and forwarding (VRF) (Thubert et al., [0020]).

Vasseur, FIG. 6, DIA device 600) comprising a processor (Vasseur, FIG. 6, DIA processor 620), a memory (Vasseur, FIG. 6, DIA memory 640), and communication circuitry (Vasseur, FIG. 6, DIA network interfaces 610), 
the apparatus being connected to a first communications network via its communication circuitry (Vasseur, [0060] each DIA is configured to provide an edge to the computer network for the MCOs), 
the first communications network being a Constrained Application Protocol (CoAP) network (Vasseur, FIG. 4, IoT domain 110), 
the CRD further comprising computer-executable instructions stored in the memory (Vasseur, [0060] each DIA is responsible for intelligent networking management for the MCOs and for performing complex application-specific data processing for the MCOs) which, when executed by the processor, cause the CRD to: 
send, to candidate nodes on the first communications network, a discovery query (Vasseur, [0060] DIA process 648 is configured to perform complex application-specific data processing, such as interpreting data from the MCOs, aggregating data from the MCOs, dropping data from the MCOs, and triggering local actuation at the MCOs), the discovery query asking whether each candidate node is capable of performing a set of autonomic functions comprising one or more of self-configuration, self-protection, self-healing, and self-optimization (Vasseur, [0052] each MCO provides just enough state information to the DIA/CIC with regards to its functionalities, resources, and supported capability); 
Vasseur, [0072] the DIA collects local state information from a plurality of minimalistic connected objects (MCOs) in a computer network); 
form a map, the map being of an Autonomic Control Plane (ACP) (Vasseur, FIG. 4, field area network 120) and comprising addresses of the candidate nodes responding affirmatively (Vasseur, [0072] the local state information for each MCO comprising a corresponding neighbor list and a selected next-hop for the respective MCO), 
wherein the ACP is a second communications network that is logically distinct from the first communications network (Vasseur, [0026] each IoT domain may be interconnected to a next hierarchical level, such as a field area network; [0057] the Distributed Intelligence Agent (DIA) 600, consists of set of software/hardware modules hosted at the edge of the network); 
transmit, to each of the candidate nodes responding affirmatively (Vasseur, [0083] DIS (DODAG Information Solicitation) messages are sent under specific circumstances for a node to request routing neighbor discovery).
Vasseur does not expressly disclose the ACP message comprising a first security credential.
Thubert et al. for example, from an analogous field of endeavor (Thubert et al., [0014] an autonomic system may also include self-optimization, self-healing, and self-protection for each network component), discloses the ACP message comprising a first security credential (Thubert et al., [0016] domain identity along with a certificate is used to establish trust levels on all interfaces).
et al. with the system of Vasseur in order to allow for a single virtual routing and forwarding (VRF) (Thubert et al., [0020]).

Claims 4, 14, 22 are rejected under 35 U.S.C. 103 as being unpatentable over Vasseur and Thubert et al., as applied to claim 1, further in view of RFC6690.

Regarding claim 4, 14, 22, Vasseur and Thubert et al. do not expressly disclose the first map comprises a Constrained Restful Environment (CoRE) link format device level attribute signifying an autonomic neighbor status.
RFC6690 discloses (RFC6690, section 1.2.1, in M2M applications, for example, home or building automation, there is a need for local clients and servers to find and interact with each other without human intervention) and the first map comprises a Constrained Restful Environment (CoRE) link format device level attribute signifying an autonomic neighbor status (RFC6690, section 3, the attributes describe information useful in accessing the target link of the relation and, in some cases, can use the syntactical form of a URI).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the first map comprises a Constrained Restful Environment (CoRE) link format device level attribute signifying an et al. in order to poll for resources (RFC6690 [section 4]).

Claims 6, 7, 16, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Vasseur and Thubert et al., as applied to claim 1, further in view of RFC7252.

Regarding claims 6, 16, Vasseur and Thubert et al. do not expressly teach the first security credential is a derived from a raw public key.
RFC7252 discloses (RFC7252, section 9, During the provisioning phase, a CoAP device is provided with the security information that it needs, including keying materials and access control lists) and the first security credential is a derived from a raw public key (RFC7252, section 9.1.3.2, a device MAY be configured with multiple raw public keys.  The type and length of the raw public key depends on the cipher suite used).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the first security credential is a derived from a raw public key as taught by RFC7252 with the combined system of Vasseur and Thubert et al. in order to follow the CoAP security standard (RFC7252 [section 9]).

Regarding claims 7, 17, Vasseur and Thubert et al. do not expressly teach the first security credential is a derived from a raw public key and an object security token.
RFC7252, section 9, During the provisioning phase, a CoAP device is provided with the security information that it needs, including keying materials and access control lists) and further teaches the first security credential is a derived from a raw public key and an object security token (RFC7252, section 9.1.3.2, a device MAY be configured with multiple raw public keys.  The type and length of the raw public key depends on the cipher suite used; RFC7252, section 5.3.1, a token is used to match a response with a request).
Thus, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the first security credential is a derived from a raw public key and an object security token as taught by RFC7252 with the combined system of Vasseur and Thubert et al. in order to follow the CoAP standard (RFC7252 [section 9]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Bellagamba et al. (US 20160164832 A1) is cited to show a method of configuring a local network element as an autonomic registrar for a designated network domain; establishing an autonomic control plane ("ACP") between the local network element and one or more remote network elements identified by local network element as a remote neighbor; designating a locally-defined subnet at the local network element to be extended to each of the one or more remote network elements; and executing an ACP command at the local network element, wherein the executing triggers a message to each of the one or more remote network elements, the message .
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LIONEL PREVAL whose telephone number is (571)270-5673.  The examiner can normally be reached on Monday-Thursday 10-4 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, NOEL BEHARRY can be reached on 5712705630.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 

/Lionel Preval/Examiner, Art Unit 2416