DETAILED ACTION
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant’s submission filed on March 4, 2021 has been entered.
3.	This communication is in response to the RCE filed on March 4, 2021, in which claims 1 and 3-8 have been amended.  Accordingly, claims 1 and 3-8 remain pending for examination.
Status of Claims
4.	Claims 1 and 3-8 are pending, all of which are rejected under 35 U.S.C. 103.
Examiner’s Note
virtual message bus”.  In particular, Examiner notes that on paragraph [0040] of instant Specification, Applicant recites, “The WebRTC signaling server 400 performs access control in cooperation with the IDM at the time of a connection request from the user terminal 100 and dynamically forms a P2P connection for data connection between an authorized user terminal 100 and a connection destination. The P2P connection functions as a virtual message bus and serves as a mechanism for the user terminal 100 to communicate with each data source. It is not necessary to install a server on a DMZ or to establish a VPN connection in advance. All P2P connections (data paths) are established dynamically in response to connection requests from the user application and are released upon termination of the application. Only the connectivity to the signaling server 400 must be secured, but communication with the signaling server 400 is performed only when starting and ending P2P connection establishment, and data communication is not always performed. For this reason, it is easy to maintain scalability against an increase in the number of edge devices” (Recited from paragraph [0040] of instant Specification, with added emphasis).	Thus, for prior art purposes, Examiner will interpret the newly added limitation of “wherein the virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application” as simply requiring a dynamic peer-to-peer connection which is 
Claim Rejections - 35 USC § 103
6.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
7.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:	A patent for a claimed invention may not be obtained, notwithstanding that the 	claimed invention is not identically disclosed as set forth in section 102, if the 	differences between the claimed invention and the prior art are such that the 	claimed invention as a whole would have been obvious before the effective 	filing date of the claimed invention to a person having ordinary skill in the art to 	which the claimed invention pertains. Patentability shall not be negated by the 	manner in which the invention was made.
8.	Claims 1, 5 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Eugene Lapidous (United States Patent Application Publication No. US 2017/0063798 A1), hereinafter “Lapidous,” in view of Loladia et al. (United States Patent No. US 10,447,683 B1), hereinafter “Loladia,” in view of Ned M. Smith (United States Patent Application Publication No. US 2016/0366102 A1), hereinafter “Smith”.
	Regarding claim 1, Lapidous discloses an IoT device that is used as a first message bus agent apparatus in a system including a message bus management server, a signaling server, the first message bus agent apparatus, and a second message bus agent apparatus, the IoT device comprising (IoT device 130 (See FIG. 3) on local network 132, remote clients 310 A, 320 B in wide area network (WAN) 134, AUTH PROXY/authorizer 330, a VPN server 340 and a router 350. For clarity, Examiner maps the recited “message bus management server” to the disclosed authorizer 330, maps the recited “signaling server” to the disclosed router 350 and maps the recited “second message bus agent apparatus” to the disclosed clients 310 A, 320 B) (Lapidous, FIG. 3, paragraphs [0107]-[0108]):	processing circuitry configured to (at least impliedly, as dev_1 (e.g. one of the IoT devices 130) on the local network 132 is disclosed as being able to transmit outbound to router 350) (Lapidous, FIGS. 3 and 4A, paragraphs [0109]-[0111])		transmit, to the signaling server, a signaling message in which an agent ID of the second message bus agent apparatus is designated as a connection destination (wherein the embodiment of FIG. 3 discloses that router 350 only accepts incoming connections 354 if they are received through the connection 352 opened by that router to an intermediary server, such as VPN server 340. With continued reference to FIG. 4A, Lapidous further teaches that the router 350 receives a request from dev_1 (e.g. one of the IoT devices 130) on the local network 132 to establish an outbound connection with an external IP address IP_A (See FIG. 4A, step 410). Examiner maps this request to recited “signaling message”. The router 350 then checks whether dev_1 is allowed to initiate outbound requests (See FIG. 4A, step 420), such as according to a whitelist, blacklist or other pre-configured rules, and, if not, blocks the outbound request. Otherwise, if, e.g., the outbound connection request of dev_1 attempts to connect to an IP address in a white list (See FIG. 4A, step 430), then the request is sent to the destination IP address (See FIG. 4A, step 440)) (Lapidous, FIGS. 3 and 4A, paragraphs [0109] and [0111]); and		establish a connection with the second message bus agent apparatus as a virtual message bus based on processing of a signaling message by the signaling server (wherein as above, if, e.g., the outbound connection request of dev_1 attempts to connect to an IP address in a white list (See again, FIG. 4A, step 430), then the router 350 sends the request to the destination IP address (See again, FIG. 4A, step 440)) (Lapidous, FIGS. 3 and 4A, paragraph [0111]); and	wherein, when the message bus management server permits connection between the IoT device and the second messaging bus agent apparatus, the processing circuitry establishes the virtual message bus with the second message bus agent apparatus (wherein again, router 350 only accepts incoming connections 354 if they are received through VPN reverse tunnel 352, which will only pass through VPN tunnel 352 if validated from AUTH PROXY/authorizer 330, thereby ensuring that only authorized clients (for instance, ones submitting valid user name and password) are allowed to issue requests to the router 350) (Lapidous, FIGS. 3 and 4A, paragraph [0109]).  Lapidous does not explicitly disclose that the agent ID of the second message bus agent apparatus is issued from the message bus management server; and	wherein the virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application.	In an analogous art however, Loladia discloses that an agent ID of a second message bus agent apparatus is issued from a message bus management server (wherein IoT service 117 includes an authorization service 239 for provisioning an IoT device 110 with a security certificate, thereby allowing the IoT devices 110 to connect and communicate with cloud services in a secure manner. In particular, IoT service 117 may generate a provisioning certificate for a particular device (e.g., via certificate authority (CA) 238 - See FIG. 2). The user requests a provisioning certificate from the authorization service 239. The request can include credentials, device type information, permissions to be associated with the IoT device on the service, and a certificate signing request (CSR) for the provisioning certificate. The authorization service 239 may validate the credentials, and once validated, the authorization service 239 may forward the CSR to the CA 238, which in turn generates the provisioning certificate. The authorization service 239 may register the provisioning certificate with the user on the IoT service 117 and store the provisioning certificate on the IoT data store 123. Further, the CA 238 may send the provisioning certificate to the user, which allows the user to store the generated provisioning certificate on associated IoT devices of a given device group) (Loladia, FIGS. 1 and 2, col. 4, ll. 57-60, col. 5, ll. 9-11, col. 5, ll. 58-62, col. 6, l. 59-col. 7, l. 7).	Lapidous and Loladia are analogous art because they deal with subject matter from the same problem solving area, namely, managing IoT devices in communication networks.	Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Lapidous and Loladia before him or her, to modify the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous to include the additional limitation that an agent ID of a second message bus agent apparatus is issued from the message bus management server, as disclosed in Loladia, with reasonable expectation that this would result in a system that enabled IoT devices to connect with one another and other services and clients in a secure manner (See Loladia, col. 5, ll. 9-11).  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Loladia.	Therefore, before the effective filing date of the claimed invention, it would have been obvious to one having ordinary skill in the art to combine the teachings of Lapidous with Loladia to obtain the invention as specified in claim 1.  Lapidous-Loladia does not explicitly disclose wherein the virtual message bus is a message bus that is established dynamically in response to a connection request from an application Smith discloses wherein a virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application (wherein Smith teaches embodiments to provide flexible and dynamic scaling of security in IoT networks, while enabling peer-to-peer communication between devices within one or more zones within a domain, as well as between devices present in one or more different zones of different domains. More particularly, with reference to FIG. 2, Smith discloses a block diagram of a portion of an IoT network where multiple devices are present in two different domains, namely domain A that includes a domain controller A, which may be a simple key distribution center (SKDC), underneath which a zone controller A is provided (also a SKDC), which in turn interacts with a client IoT device of the same domain and zone (domain A). Similar devices are present in a second domain B. As further illustrated in FIG. 2, various interactions can occur in process 200 within and between zones and domains. For example, Smith teaches that to enable direct peer-to-peer communication between client device A of the first zone and first domain and a client device B (SP B) of the second domain and the second zone, a request (block 201) can be initiated from client A to its zone controller and domain controllers A and B (blocks 202 and 203, respectively) to in turn receive a ticket and a receipt (blocks 205, 206, 207, 208) that includes security credentials to control the interaction between these devices) (Smith, FIG. 2, paragraphs [0027]-[0029]).	Lapidous-Loladia and Smith are analogous art because they deal with subject matter from the same problem solving area, namely, managing IoT devices in Lapidous-Loladia and Smith before him or her, to modify the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia to include the additional limitation of wherein a virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application, as disclosed in Smith, with reasonable expectation that this would result in a system having the added benefit of providing flexible and dynamic scaling of security in IoT networks, while enabling peer-to-peer communication between devices within one or more zones within a domain, as well as between devices present in one or more different zones of different domains (See Smith, paragraph [0027]).  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Smith.	Therefore, before the effective filing date of the claimed invention, it would have been obvious to one having ordinary skill in the art to combine the teachings of Lapidous-Loladia with Smith to obtain the invention as specified in claim 1.
Lapidous-Loladia-Smith discloses such a “non-transitory computer readable recording medium” (invention taking the form of a computer program product embodied in any tangible medium of expression having computer-usable program code embodied in the medium) (Lapidous, paragraph [0050]), Claim 6 is rejected under the same rationale.
	In addition, claim 5 includes a “method” that performs limitations substantially as described in “IoT device” claim 1, and does not appear to include any additional features with regard to novelty and/or inventive step; therefore, it is rejected under the same rationale.
9.	Claims 3, 4, 7 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Lapidous-Loladia-Smith, and further in view of Grabelsky et al. (United States Patent Application Publication No. US 2004/0003046 A1), hereinafter “Grabelsky”.
	As to claim 3, Lapidous discloses a signaling server in a system including a message bus management server, the signaling server, a first message bus agent apparatus which is an IoT device, and a second message bus agent apparatus (wherein as discussed and shown above with respect to independent claim 1, Lapidous discloses a system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel, including IoT device 130 (See again, FIG. 3) on local network 132, remote clients 310 A, 320 B in wide area network (WAN) 134 which are mapped to recited “second message bus agent apparatus” AUTH PROXY/authorizer 330, which is mapped to the recited “message bus management server” and a router 350 mapped to the recited “signaling server”) (Lapidous, FIG. 3, paragraphs [0107]-[0108]), the signaling server comprising:	processing circuitry configured to (again, impliedly, as the router can receive incoming connections 354 and a request from dev_1 (e.g. one of the IoT devices 130) on the local network 132 to establish an outbound connection with an external IP address IP_A (See FIG. 4A, step 410)) (Lapidous, FIGS. 3 and 4A, paragraphs [0109] and [0111])		receive, from the IoT device, a signaling message in which an agent ID of the second message bus agent apparatus is designated as a connection destination (wherein again, the embodiment of FIG. 4A which makes reference to the block diagram of FIG. 3 discloses that router 350 receives a request from dev_1 (e.g. one of the IoT devices 130) on the local network 132 to establish an outbound connection with an external IP address IP_A (See FIG. 4A, step 410). Again, Examiner maps this request to recited “signaling message”. The router 350 then checks whether dev_1 is allowed to initiate outbound requests (See FIG. 4A, step 420), such as according to a whitelist, blacklist or other pre-configured rules, and, if not, blocks the outbound request. Otherwise, if, e.g., the outbound connection request of dev_1 attempts to connect to an IP address in a white list (See FIG. 4A, step 430), then the request is sent to the destination IP address (See FIG. 4A, step 440)) (Lapidous, FIGS. 3 and 4A, paragraphs [0109] and [0111]); and		when the connection is permitted, transmits a signaling message to the second message bus agent apparatus (again, when dev_1 is allowed to initiate outbound requests (See FIG. 4A, step 420), such as according to a whitelist, the request is sent to the destination IP address (See FIG. 4A, step 440)) (Lapidous, FIGS. 3 and 4A, paragraph [0111]),	wherein a virtual message bus is established between the IoT device and the second message bus agent apparatus based on the signaling message (wherein as above, if, e.g., the outbound connection request of dev_1 attempts to connect to an IP address in a white list (See again, FIG. 4A, step 430), then the router 350 sends the request to the destination IP address (See again, FIG. 4A, step 440)) (Lapidous, FIGS. 3 and 4A, paragraph [0111]).  Lapidous does not explicitly disclose that the agent ID of the second message bus agent apparatus is issued from the message bus management server; and	transmit, to the message bus management server, an inquiry about propriety of connection between the IoT device and the second message bus agent apparatus, and when the connection is permitted, transmits a signaling message to the second message bus agent apparatus, and	wherein the virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application.Loladia discloses that an agent ID of a second message bus agent apparatus is issued from a message bus management server (wherein IoT service 117 includes an authorization service 239 for provisioning an IoT device 110 with a security certificate, thereby allowing the IoT devices 110 to connect and communicate with cloud services in a secure manner. In particular, IoT service 117 may generate a provisioning certificate for a particular device (e.g., via certificate authority (CA) 238 - See FIG. 2). The user requests a provisioning certificate from the authorization service 239. The request can include credentials, device type information, permissions to be associated with the IoT device on the service, and a certificate signing request (CSR) for the provisioning certificate. The authorization service 239 may validate the credentials, and once validated, the authorization service 239 may forward the CSR to the CA 238, which in turn generates the provisioning certificate. The authorization service 239 may register the provisioning certificate with the user on the IoT service 117 and store the provisioning certificate on the IoT data store 123. Further, the CA 238 may send the provisioning certificate to the user, which allows the user to store the generated provisioning certificate on associated IoT devices of a given device group) (Loladia, FIGS. 1 and 2, col. 4, ll. 57-60, col. 5, ll. 9-11, col. 5, ll. 58-62, col. 6, l. 59-col. 7, l. 7).	Lapidous and Loladia are analogous art because they deal with subject matter from the same problem solving area, namely, managing IoT devices in communication networks.	Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Lapidous and Loladia Lapidous to include the additional limitation that an agent ID of a second message bus agent apparatus is issued from a message bus management server, as disclosed in Loladia, with reasonable expectation that this would result in a system that enabled IoT devices to connect with one another and other services and clients in a secure manner (See Loladia, col. 5, ll. 9-11).  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Loladia.	Therefore, it would have been obvious to one having ordinary skill in the art to combine the teachings of Lapidous with Loladia to obtain the invention as specified in claim 3.  Lapidous-Loladia does not expressly disclose transmitting, to the message bus management server, an inquiry about propriety of connection between the IoT device and the second message bus agent apparatus, and when the connection is permitted, transmits a signaling message to the second message bus agent apparatus, and	wherein the virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application.	However in an analogous art, Smith discloses wherein the virtual message bus  application (wherein as discussed above with respect to independent claim 1, Smith teaches embodiments to provide flexible and dynamic scaling of security in IoT networks, while enabling peer-to-peer communication between devices within one or more zones within a domain, as well as between devices present in one or more different zones of different domains. More particularly, with reference to FIG. 2, Smith discloses a block diagram of a portion of an IoT network where multiple devices are present in two different domains, namely domain A that includes a domain controller A, which may be a simple key distribution center (SKDC), underneath which a zone controller A is provided (also a SKDC), which in turn interacts with a client IoT device of the same domain and zone (domain A). Similar devices are present in a second domain B. As further illustrated in FIG. 2, various interactions can occur in process 200 within and between zones and domains. For example, Smith teaches that to enable direct peer-to-peer communication between client device A of the first zone and first domain and a client device B (SP B) of the second domain and the second zone, a request (block 201) can be initiated from client A to its zone controller and domain controllers A and B (blocks 202 and 203, respectively) to in turn receive a ticket and a receipt (blocks 205, 206, 207, 208) that includes security credentials to control the interaction between these devices) (Smith, FIG. 2, paragraphs [0027]-[0029]).	Lapidous-Loladia and Smith are analogous art because they deal with subject matter from the same problem solving area, namely, managing IoT devices in communication networks.Lapidous-Loladia and Smith before him or her, to modify the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia to include the additional limitation of wherein a virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application, as disclosed in Smith, with reasonable expectation that this would result in a system having the added benefit of providing flexible and dynamic scaling of security in IoT networks, while enabling peer-to-peer communication between devices within one or more zones within a domain, as well as between devices present in one or more different zones of different domains (See Smith, paragraph [0027]).  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Smith.	Therefore, before the effective filing date of the claimed invention, it would have been obvious to one having ordinary skill in the art to combine the teachings of Lapidous-Loladia with Smith to obtain the invention as specified in claim 3.  Lapidous-Loladia-Smith does not explicitly disclose transmitting, to the message bus management server, an inquiry about propriety of connection between the IoT device Grabelsky discloses transmitting, to a message bus management server, an inquiry about propriety of connection between a device and a second message bus agent apparatus (signaling server 112 (See FIG. 1) may send query to authentication server 110, which may store a user profile including the list of authorized correspondents as well as other user-specific information, to determine how to handle the request) (Grabelsky, FIGS. 1 and 3A, paragraphs [0032], [0043] and [0050]), and when the connection is permitted, transmitting a signaling message to the second message bus agent apparatus (when user is successfully authenticated, authentication server 110 returns AUTH_SUCCESS message 306 to signaling server 112. Signaling server 112 subsequently sends a 200 OK message 308 to the SIP user agent UA-A 370 of the client device of the user) (Grabelsky, FIG. 3A, paragraph [0051]).	Lapidous-Loladia-Smith and Grabelsky are analogous art because they deal with subject matter from the same problem solving area, namely, managing communications in IP networks.	Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Lapidous-Loladia-Smith and Grabelsky before him or her, to modify the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through Lapidous-Loladia-Smith to include the additional limitation of a signaling server transmitting, to a message bus management server, an inquiry about propriety of connection between a device and a second message bus agent apparatus, and when the connection is permitted, transmitting a signaling message to the second message bus agent apparatus, as disclosed in Grabelsky, with reasonable expectation that this would result in a system having the added benefit of improved signaling services between the clients 310, 320, IoT devices 130 and PROXY/authorizer 330 (See Grabelsky, paragraph [0033]).  Examiner further notes that while Grabelsky does not expressly disclose an IoT device, and by extension, transmitting an inquiry about the propriety of connection between an IoT device and a second message bus agent apparatus, nonetheless, the client terminals 102 and 114 of Grabelsky are disclosed as a computer and/or PDA with SIP user agents and Internet capability and can connect to the network 104 via wireless, wireline or combined communication links (See Grabelsky, FIG. 1, paragraphs [0024] and [0033]) and thus the signaling would work equally well if applied between IoT devices or such client terminals with IoT capability, yielding predictable results of the ability to communicate with external/remote clients in a WAN.  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia-Smith was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Grabelsky.	Therefore, it would have been obvious to one having ordinary skill in the art to combine the teachings of Lapidous-Loladia-Smith with Grabelsky to obtain the 
	As to claim 4, Lapidous discloses a message bus management server in a system including the message bus management server, a signaling server, a first message bus agent apparatus which is an IoT device, and a second message bus agent apparatus (wherein as discussed and shown above with respect to independent claim 1, Lapidous discloses a system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel, including IoT device 130 (See again, FIG. 3) on local network 132, remote clients 310 A, 320 B in wide area network (WAN) 134 which are mapped to recited “second message bus agent apparatus” AUTH PROXY/authorizer 330, which is mapped to the recited “message bus management server” and a router 350 mapped to the recited “signaling server”) (Lapidous, FIG. 3, paragraphs [0107]-[0108]), the message bus management server comprising:	processing circuitry configured to (again, impliedly, as the AUTH PROXY/authorizer 330 is combined with a proxy that passes connection requests from the validated clients to the VPN server 340, while blocking invalid clients) (Lapidous, FIG. 3, paragraph [0108])		receive an inquiry about propriety of connection between the IoT device and the second message bus agent apparatus (wherein again, authorizer 330 is combined with a proxy that passes connection requests from the validated clients to the VPN server 340, while blocking invalid clients, by ensuring that only authorized clients (for instance, ones submitting valid user name and password) are allowed to issue requests to the router 350) (Lapidous, FIG. 3, paragraph [0108]); and	the signaling server at receives, from the IoT device, a signaling message in which an agent ID of the second message bus agent apparatus is designated as a connection destination (again, the embodiment of FIG. 4A which makes reference to the block diagram of FIG. 3 discloses that router 350 receives a request from dev_1 (e.g. one of the IoT devices 130) on the local network 132 to establish an outbound connection with an external IP address IP_A (See FIG. 4A, step 410). Again, Examiner maps this request to recited “signaling message”. The router 350 then checks whether dev_1 is allowed to initiate outbound requests (See FIG. 4A, step 420), such as according to a whitelist, blacklist or other pre-configured rules, and, if not, blocks the outbound request. Otherwise, if, e.g., the outbound connection request of dev_1 attempts to connect to an IP address in a white list (See FIG. 4A, step 430), then the request is sent to the destination IP address (See FIG. 4A, step 440)) (Lapidous, FIGS. 3 and 4A, paragraphs [0109] and [0111]),	wherein a virtual message bus is established between the IoT device and the second message bus agent apparatus when the IoT device and the second message bus agent apparatus can be connected (wherein as above, if, e.g., the outbound connection request of dev_1 attempts to connect to an IP address in a white list (See again, FIG. 4A, step 430), then the router 350 sends the request to the destination IP address (See again, FIG. 4A, step 440)) (Lapidous, FIGS. 3 and 4A, paragraph [0111]).  Lapidous does not explicitly disclose that the message bus management server issues an agent ID for each message bus agent apparatus; and		receives an inquiry about propriety of connection between the IoT device  application.	However as discussed above, Loladia discloses that a message bus management server issues an agent ID for each message bus agent apparatus (wherein IoT service 117 includes an authorization service 239 for provisioning an IoT device 110 with a security certificate, thereby allowing the IoT devices 110 to connect and communicate with cloud services in a secure manner. In particular, IoT service 117 may generate a provisioning certificate for a particular device (e.g., via certificate authority (CA) 238 - See FIG. 2). The user requests a provisioning certificate from the authorization service 239. The request can include credentials, device type information, permissions to be associated with the IoT device on the service, and a certificate signing request (CSR) for the provisioning certificate. The authorization service 239 may validate the credentials, and once validated, the authorization service 239 may forward the CSR to the CA 238, which in turn generates the provisioning certificate. The authorization service 239 may register the provisioning certificate with the user on the IoT service 117 and store the provisioning certificate on the IoT data store 123. Further, the CA 238 may send the provisioning certificate to the user, which allows the user to store the generated provisioning certificate on associated IoT devices of a given device group) (Loladia, FIGS. 1 and 2, col. 4, ll. 57-60, col. 5, ll. 9-11, col. 5, ll. 58-62, col. 6, l. 59-col. 7, l. 7).Lapidous and Loladia are analogous art because they deal with subject matter from the same problem solving area, namely, managing IoT devices in communication networks.	Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Lapidous and Loladia before him or her, to modify the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous to include the additional limitation that a message bus management server issues an agent ID for each message bus agent apparatus, as disclosed in Loladia, with reasonable expectation that this would result in a system that enabled IoT devices to connect with one another and other services and clients in a secure manner (See Loladia, col. 5, ll. 9-11).  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Loladia.	Therefore, it would have been obvious to one having ordinary skill in the art to combine the teachings of Lapidous with Loladia to obtain the invention as specified in claim 4.  Lapidous-Loladia does not expressly disclose that the message bus management server receives an inquiry about propriety of connection between the IoT device and the second message bus agent apparatus from the signaling server, and transmits a decision result of the propriety of the connection to the signaling server, and application.	However as discussed above, Smith teaches wherein the virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application (wherein as discussed above with respect to independent claim 1, Smith teaches embodiments to provide flexible and dynamic scaling of security in IoT networks, while enabling peer-to-peer communication between devices within one or more zones within a domain, as well as between devices present in one or more different zones of different domains. More particularly, with reference to FIG. 2, Smith discloses a block diagram of a portion of an IoT network where multiple devices are present in two different domains, namely domain A that includes a domain controller A, which may be a simple key distribution center (SKDC), underneath which a zone controller A is provided (also a SKDC), which in turn interacts with a client IoT device of the same domain and zone (domain A). Similar devices are present in a second domain B. As further illustrated in FIG. 2, various interactions can occur in process 200 within and between zones and domains. For example, Smith teaches that to enable direct peer-to-peer communication between client device A of the first zone and first domain and a client device B (SP B) of the second domain and the second zone, a request (block 201) can be initiated from client A to its zone controller and domain controllers A and B (blocks 202 and 203, respectively) to in turn receive a ticket and a receipt (blocks 205, 206, 207, 208) that includes security credentials to control the interaction between these devices) (Smith, FIG. 2, paragraphs [0027]-[0029]).	Lapidous-Loladia and Smith are analogous art because they deal with subject matter from the same problem solving area, namely, managing IoT devices in communication networks.	Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Lapidous-Loladia and Smith before him or her, to modify the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia to include the additional limitation of wherein a virtual message bus is a message bus that is established dynamically in response to a connection request from an application and is released upon termination of the application, as disclosed in Smith, with reasonable expectation that this would result in a system having the added benefit of providing flexible and dynamic scaling of security in IoT networks, while enabling peer-to-peer communication between devices within one or more zones within a domain, as well as between devices present in one or more different zones of different domains (See Smith, paragraph [0027]).  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Smith.	Therefore, before the effective filing date of the claimed invention, it would have Lapidous-Loladia with Smith to obtain the invention as specified in claim 4.  Lapidous-Loladia-Smith does not explicitly disclose that the message bus management server receives an inquiry about propriety of connection between the IoT device and the second message bus agent apparatus from the signaling server, and transmits a decision result of the propriety of the connection to the signaling server.	As discussed and shown above, however, in an analogous art, Grabelsky discloses that a message bus management server receives an inquiry about propriety of connection between a device and a second message bus agent apparatus from a signaling server (again, signaling server 112 (See FIG. 1) may send query to authentication server 110, which may store a user profile including the list of authorized correspondents as well as other user-specific information, to determine how to handle the request) (Grabelsky, FIGS. 1 and 3A, paragraphs [0032], [0043] and [0050]), and transmits a decision result of the propriety of the connection to the signaling server (when user is successfully authenticated, authentication server 110 returns AUTH_SUCCESS message 306 to signaling server 112. Signaling server 112 subsequently sends a 200 OK message 308 to the SIP user agent UA-A 370 of the client device of the user) (Grabelsky, FIG. 3A, paragraph [0051]).	Lapidous-Loladia-Smith and Grabelsky are analogous art because they deal with subject matter from the same problem solving area, namely, managing communications in IP networks.	Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Lapidous-Loladia-Smith and Grabelsky before him or her, to modify the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia-Smith to include the additional limitations that a message bus management server receives an inquiry about propriety of connection between a device and a second message bus agent apparatus from a signaling server, and transmits a decision result of the propriety of the connection to the signaling server, as disclosed in Grabelsky, with reasonable expectation that this would result in a system having the added benefit of improved authentication, authorization and accounting functions (See Grabelsky, paragraph [0032]).  Examiner further notes that while Grabelsky does not expressly disclose an IoT device, and by extension, receiving an inquiry about propriety of connection between an IoT device and a second message bus agent apparatus, nonetheless, the client terminals 102 and 114 of Grabelsky are disclosed as a computer and/or PDA with SIP user agents and Internet capability and can connect to the network 104 via wireless, wireline or combined communication links (See Grabelsky, FIG. 1, paragraphs [0024] and [0033]) and thus the signaling would work equally well if applied between IoT devices or such client terminals with IoT capability, yielding predictable results of the ability to communicate with external/remote clients in a WAN.  This method of improving the system for preventing exposure of the IP address of a router 350 to external devices 310 in a network environment with connections between local devices 130 and authorized remote computers 310 through a VPN tunnel of Lapidous-Loladia-Smith was well within the ordinary ability of one of ordinary skill in the art based on the teachings of Grabelsky.	Therefore, it would have been obvious to one having ordinary skill in the art to combine the teachings of Lapidous-Loladia-Smith with Grabelsky to obtain the invention as specified in claim 4.
	Claims 7 and 8 are directed to “non-transitory computer readable recording media” that perform limitations substantially as described in “signaling server” claim 3 and “message bus management server” claim 4, and do not appear to include any additional features with regard to novelty and/or inventive step; therefore, as Lapidous-Loladia-Smith-Grabelsky discloses such a “non-transitory computer readable recording medium” (invention taking the form of a computer program product embodied in any tangible medium of expression having computer-usable program code embodied in the medium) (Lapidous, paragraph [0050]), Claims 7 and 8 are rejected under the same rationale.
Response to Arguments
10.	Applicant’s arguments, see page 6, filed March 4, 2021, with respect to Rejections of Claims 6-8 under 35 U.S.C. § 112(b) have been fully considered and are persuasive.  The Rejections of Claims 6-8 under 35 U.S.C. § 112(b), as set forth in the previous Office action, have been withdrawn.

Conclusion
12.	Applicant’s arguments, as well as request for reconsideration, filed March 4, 2021, have been fully considered but they are moot in view of new ground(s) of rejection.
13.	Further references of interest are cited on Form PTO-892, which is an attachment to this Office Action.  For instance, Eric DAO (USPGPUB 2018/0020492 A1) discloses dynamic provisioning of unique identifiers for establishing peer-to-peer connections among IoT devices.  According to certain embodiments, DAO teaches transmitting a request for a unique identifier (UID) to a server, and receiving a UID assigned by the server.  The methods may further include using a service that is rendered based on the UID (See DAO, Abstract).  With particular reference to FIG. 1, DAO discloses a UID management server 140 and P2P communication server 150 operated by an IoT service provider, or a manufacturer or seller of smart camera 110.  The UID management server 140 is configured to dynamically assign a UID to a smart device 110 based on a usage condition of smart camera 110, and P2P communication server 150 is configured to facilitate the formation of a P2P connection between smart (See DAO, FIG. 1, paragraph [0025]).  An additional pertinent reference to Jalali et al. (USPGPUB 2019/0190802 A1) discloses a system, method and program product for managing a moving peer-to-peer network.  A node tracking system collects tracking information of nodes in a moving P2P network including position, connection status and computation capability.  A network representation system stores the tracking information in a dynamic graph that specifies nodes and connections between the nodes.  A task manager receives a task submitted by a requesting node for a service implemented by a provider node and a network allocation system determines and allocates an optimal path back and forth between the requesting node and the provider node, wherein the optimal path is selected to minimize an overall wall-time, and wherein the network allocation system estimates future positions of moving nodes for determining the optimal path (See Jalali, Abstract).
14.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to KOSTAS J. KATSIKIS whose telephone number is (571)270-5434.  The examiner can normally be reached on Monday-Friday, 9:00am-5:00pm.	Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wing F. Chan can be reached on 571-272-7493.  The fax phone number for 
/KOSTAS J KATSIKIS/Primary Examiner, Art Unit 2441