DETAILED ACTION 
 Notice of Pre-AIA  or AIA  Status 
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .          

 Status of the Claims 

This Allowance Office Action is in response to Applicant’s remarks of 01 March 2021.  Claims 1-17 & 21-23 are pending and have been considered as follows for an Allowance as described hereunder in this Office Action.           

 Allowable Subject Matter 
Claims 1-17 & 21-23 are pending and allowed.
The following is an Examiner’s statement of reasons for this Allowance: 
The closest prior art of Hamdi reference (Pub. No. US 2018/ 0124072) teaches---       
{“Systems and methods for monitoring states of operation of a computer environment can include one or more computer servers identifying a target asset of the computer environment and establishing a communication link with a computing device associated with the target asset.  The one or more computer servers can determine a first set of parameters for profiling the target asset, transmit a first query for the first set of parameters to the computing device via the communication link, and receive one or more first parameter values corresponding to the first set of parameters responsive to the query.  The one or more computer servers can compare the one or more first parameter values to one or more first criteria or threshold values, an determine a state of operation of the target asset based on the comparison.  The state of operation can be indicative of an abnormal behavior associated with the target asset.”}            


{“IoT devices are secured on multiple local area networks.  Each local network contains a router which monitors activities of IoT devices, and transmits corresponding information to a backend server.  The backend amalgamates this information, calculates dynamic reputation scores, and determines expected authorized activities for specific IoT devices.  Based thereon, the backend creates a constraint profile for each IoT device, and transits the constraint profiles to the routers for enforcement.  Enforcing a constraint profile can include creating multiples VLANs with varying levels of restricted privileges on a given local area network, and isolating various IoT devices in specific VLANs based on their reputation scores.  Constraint profiles can specify to enforce specific firewall rules, and/or to limit an IoT device's communication to specific domains and ports, and/or to specific content.  The backend continues to receive monitored information concerning IoT devices from multiple routers over time, and periodically updates constraint profiles.”}         


Further, Maheshwari reference (Pub. No. US 2018/ 0025356) teaches ---    
{“A computer device for monitoring for fraudulent activity, including (a) a plurality of sensors; and (b) one or more processors in communication with the sensors and non-transitory data storage including, stored thereon, a plurality of instructions which, when executed, cause the one or more processors to perform the steps of (i) receiving instructions to determine a confidence level; (ii) determining a confidence level by monitoring one or more of the following: sensor data; user behaviour; payment history; security level; connected devices; and location data; and (iii) returning said confidence level, wherein the confidence level represents a relative risk of fraudulent activity.”}     


Further, Fallah reference (Pub. No. US 2019/ 0319808) teaches ---     
{“A system and method of determining an attestation or identity score of a user of a communication device employs metadata stored in a plurality of client devices, such as IoT devices.  A request for attestation, comprises a unique identifier associated with the communication device and an input or shared value.  The unique identifier is used to identify, in a distributed ledger (blockchain), client devices that are paired with the communication device.  Metadata stored in association with each of the client devices is retrieved and compared to the input or shared value, and a sub-identity score is determined based on the extent to which there is a match and the reliability of the client device.  The sub-identity scores are combined to obtain an identity score reflecting a confidence level in the user and/or communication device.”}          




In regards to independent Claims 1, 22 and 23, Hamdi, Chillappa, Maheshwari and Fallah references, taken either individually or in combination with each other or other prior art of record, fails to teach or render obvious:        

Claim 1:         
1.     A method implemented on a network appliance on a local area network for securing internet of things (IoT) devices, the method comprising:      
determining a level of confidence of an identity of at least one specific IoT device purchased on at least one computing device on the local area network, by assigning weight to identified information concerning the purchase of at least one IoT device;       
analyzing the information concerning the purchase of at least one IoT device, including the level of confidence;             
determining identifying information concerning the discovered IoT device, using the analyzed information concerning the purchase of at least one IoT device, including the level of confidence;         
Application No. 15/942,232Atty. Dkt. No. 10295-07227 USreceiving a constraint profile matching the discovered IoT device from the remote backend component, the remote backend component configured to create the constraint profile using information concerning purchases of the discovered IoT device received from a plurality of other local area networks, the information concerning purchases of the discovered IoT device further comprising corresponding levels of confidence of the identity of the discovered IoT device;   and       
constraining a behavior of the discovered IoT device to perform authorized functionality by enforcing the received constraint profile on the local area network.            



Claim 22:       
22.    A system comprising:         
an internet of things (IoT) network management system residing in the system memory, the IoT network management system being programmed to:        
identify information concerning a purchase of at least one IoT device on at least one computing device on the local area network using the monitored purchasing related activity;        
determine a level of confidence of an identity of at least one specific IoT device purchased on at least one computing device on the local area network, by assigning weight to identified information concerning the purchase of at least one IoT device;      discover an IoT device added to the local area network;       
analyze the information concerning the purchase of at least one IoT device, including the level of confidence;        

constrain a behavior of the discovered IoT device to perform authorized functionality by enforcing the received constraint profile on the local area network.            



Claim 23:           
23.    At least one non-transitory computer-readable storage medium for securing internet of things (IoT) devices on a local area network, the at least one non-transitory computer-readable storage medium storing computer-executable instructions that, when loaded into computer memory and executed by at least one processor of a network appliance, cause the network appliance to perform operations comprising:    
identifying information concerning a purchase of at least one IoT device on at least one computing device on the local area network, using the monitored purchasing related activity; Page 8 of 33 
Application No. 15/942,232Atty. Dkt. No. 10295-07227 USdetermining a level of confidence of an identity of at least one specific IoT device purchased on at least one computing device on the local area network, by assigning weight to identified information concerning the purchase of at least one IoT device;         determining identifying information concerning the discovered IoT device, using the analyzed information concerning the purchase of at least one IoT device, including the level of confidence;        
receiving a constraint profile matching the discovered IoT device from the remote backend component, the remote backend component configured to create the constraint profile using information concerning purchases of the discovered IoT device received from a plurality of other local area networks, the information concerning purchases of the discovered IoT device further comprising corresponding levels of confidence of the identity of the discovered IoT device;   and          
constraining a behavior of the discovered IoT device to perform authorized functionality by enforcing the received constraint profile on the local area network.





Any comments considered necessary by the Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”                 


 Conclusion 
Any inquiry concerning this communication or earlier communications from the Examiner should be directed to SANJEEV MALHOTRA, whose telephone number is (571) 272-7292.  The Examiner can normally be reached during Monday-Friday at 8:30 to 17:00 hours on a Flexible schedule.           
If attempts to reach the Examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Kalinowski, can be reached on (571) 272-6771.  The facsimile/fax phone number for the organization, where this application or proceeding is assigned, is (571) 273-8300.                 

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.           


    PNG
    media_image1.png
    100
    143
    media_image1.png
    Greyscale


/S. M./         
Examiner, Art Unit 3691        

/ALEXANDER G KALINOWSKI/Supervisory Patent Examiner, Art Unit 3691