DETAILED ACTION

A response was received on 15 March 2021.  By this response, Claims 1, 5-9, 11, 13, 18, 20, and 21 have been amended.  Claim 12 has been canceled.  New Claim 23 has been added.  Claims 1-3, 5-11, 13, and 15-23 are currently pending in the present application.

Response to Amendment

The amendment to the claims does not fully comply with the requirements of 37 CFR 1.121(c) that every claim must include a proper status indicator.  In particular, at least Claim 5, which includes the status indicator “previously presented”, appears to include amendments.  As a courtesy and for the purposes of advancing prosecution, the amendment has been treated as though it were fully in compliance with 37 CFR 1.121(c).  Applicant is reminded that all future amendments must fully comply with the provisions of 37 CFR 1.121.

Response to Arguments

Applicant's arguments filed 15 March 2021 have been fully considered but they are not persuasive.
Regarding the rejection of Claims 1-3, 5-8, 10-13, and 16-22 under 35 U.S.C. 103 as unpatentable over Hardy et al, US Patent 9172605, in view of Inamdar, US 
.

Claim Rejections - 35 USC § 112

The rejection of Claims 7-12 and 20 under 35 U.S.C. 112(b) is withdrawn (or moot) in light of the amendments to (or cancellation of) the claims.
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 3 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 3 recites “a key” in line 5.  It is not clear whether this is intended to refer to the same key as recited in Claim 1 or to a distinct key.  This ambiguity renders the claim indefinite.

The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:


Claim 23 is rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, fourth paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.  
Claim 23 recites that “the encrypted data blob obtained from the cloud-based service was provided by the first server to the cloud-based service”.  This does not provide any further limitation on the management server, and therefore, this does not further limit the subject matter of Claim 1 from which it depends.
Applicant may cancel the claim, amend the claim to place the claim in proper dependent form, rewrite the claim in independent form, or present a sufficient showing that the dependent claim complies with the statutory requirements.

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 1-3, 5-8, 10-13, and 16-22 are rejected under 35 U.S.C. 103 as being unpatentable over Hardy et al, US Patent 9172605, in view of Inamdar, US Patent 9220012.
In reference to Claim 1, Hardy discloses a management server that includes a processor and medium storing instructions (see Figure 8; column 16, line 50-column 17, line 37) that, when executed, cause the processor to discover a first server (column 23, lines 21-48); obtain an encrypted data blob associated with the first server, where the blob is based on encryption using a key of a data blob that includes  a device credential (see column 6, lines 10-18; column 5, lines 63-67); establish trusted communication with the first server using the encrypted data blob (see column 6, lines 10-18; see also column 14, lines 12-20); and provision the first server after establishing communication (column 6, lines 10-18, provisioning).  Hardy discloses both obtaining the data blob as an optical code and obtaining the unique identifier data blob over a network (column 4, lines 39-63).  However, Hardy does not explicitly disclose obtaining the encrypted data blob from a cloud-based service.
Inamdar discloses a system that includes a processor and medium storing instructions that, when executed, cause the processor to discover a first device (column 7, lines 16-41, detecting beacons from new device; Figure 3, steps 202-206), obtain an encrypted data blob over a network from a cloud-based service (column 7, lines 41-53; Figure 3, steps 210-214), and provision the first device in the system (column 7, line 54-
In reference to Claim 2, Hardy and Inamdar further disclose establishing a trusted connection using a trusted certificate and obtaining the blob upon establishing the connection (see Hardy, column 6, lines 10-18; column 17, lines 23-37; column 21, lines 46-50; see also column 4, lines 39-63).
In reference to Claim 3, Hardy and Inamdar further disclose obtaining an encrypted signed blob using a unique identifier, sending the encrypted signed data blob to the new server, and establishing the trust upon authenticating by receiving the encrypted signed data blob (see Hardy, column 21, lines 13-50, default credentials and password, unique identifier; column 10, lines 35-46, signature; column 6, lines 10-18, and column 5, lines 63-67, establishing trust using encrypted data).
In reference to Claims 5 and 6, Hardy and Inamdar further disclose provisioning the first  server based on rules, as well as a cloud-based service (Hardy, cloud based management system 208; Inamdar, cloud server 14) for storing or retrieving the encrypted data blob including credentials such as a unique identifier or random number (Hardy, column 21, lines 13-50, credentials, password, unique identifier; Inamdar, column 6, lines 57-62, credentials).

In reference to Claims 17 and 18, Hardy and Inamdar further disclose sending a password used to login and credentials to be matched (see Hardy, column 21, lines 13-50, credentials, password, unique identifier).
In reference to Claim 19, Hardy and Inamdar further disclose receiving a nonce, sending the nonce, receiving a signed nonce, sending the signed nonce, and establishing the communication based on the signed nonce (Hardy, column 21, lines 13-50; column 10, lines 35-46, signature; column 6, lines 10-18, and column 5, lines 63-67, establishing trust using encrypted data).
In reference to Claim 23, Hardy and Inamdar further disclose providing the encrypted data blob to the cloud-based service (see Inamdar, column 7, lines 41-53; Figure 3, steps 210-214; see also Hardy, column 4, lines 39-63).

In reference to Claim 7, Hardy discloses a method that includes discovering a first device added to a data center via a network device (column 23, lines 21-48); establishing a trusted connection with a cloud-based service using a trusted certificate (see column 6, lines 10-18; column 17, lines 23-37; column 21, lines 46-50); obtaining an encrypted signed data blob associated with the first device upon establishing the trusted connection, where the encrypted signed data blob is based on encryption of a data blob including a device credential (see column 6, lines 10-18 and 35-46; column 5, lines 63-67); sending the encrypted signed data blob to the first device and establishing 
Inamdar discloses a method that includes discovering a first device (column 7, lines 16-41, detecting beacons from new device; Figure 3, steps 202-206), obtaining an encrypted data blob over a network from a cloud-based service (column 7, lines 41-53; Figure 3, steps 210-214), and provisioning the first device in the system (column 7, line 54-column 8, line 3; Figure 3, steps 220-226).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Hardy to include obtaining a data blob from a cloud-based service, in order to increase security (see Inamdar, column 3, lines 19-37).
In reference to Claim 8, Hardy and Inamdar further disclose receiving the encrypted signed data blob, verifying the signature, decrypting the data blob, determining that the decrypted blob includes default password and credentials, and enabling establishment of trust (see Hardy, column 21, lines 13-50, default credentials and password, unique identifier; column 10, lines 35-46, signature; column 6, lines 10-18, and column 5, lines 63-67, establishing trust using encrypted data).
In reference to Claims 10-12, Hardy and Inamdar further disclose sending a password used to login, and credentials including a unique identifier (see Hardy, column 21, lines 13-50, credentials, password, unique identifier; Inamdar, column 6, lines 57-62, 
In reference to Claim 20, Hardy and Inamdar further disclose sending a password used to login and credentials to be matched (see Hardy, column 21, lines 13-50, credentials, password, unique identifier).

In reference to Claim 13, Hardy discloses a software implementation of a method that includes receiving a request to deploy a new server (column 23, lines 21-48); establish a trusted connection with a cloud-based service using a trusted certificate (see column 6, lines 10-18; column 17, lines 23-37; column 21, lines 46-50); obtaining an encrypted signed data blob associated with the new server upon establishing the trusted connection, where the password and credentials are encrypted using a key (see column 6, lines 10-18 and 35-46; column 5, lines 63-67); sending the encrypted signed data blob to the new server and establishing trust (see column 6, lines 10-18; see also column 14, lines 12-20); and sending a password to login and deploy the new server (column 6, lines 10-18, provisioning; see also column 21, lines 13-50, credentials, password, unique identifier).  Hardy discloses both obtaining the data blob as an optical code and obtaining the unique identifier data blob over a network (column 4, lines 39-63).  However, Hardy does not explicitly disclose obtaining the encrypted data blob from a cloud-based service.
Inamdar discloses a software implementation of a method that includes discovering a first device (column 7, lines 16-41, detecting beacons from new device; Figure 3, steps 202-206), obtaining an encrypted data blob over a network from a cloud-
In reference to Claim 14, Hardy and Inamdar further disclose receiving the encrypted signed data blob, verifying the signature, decrypting the data blob, determining that the decrypted blob includes default password and credentials, and enabling establishment of trust (see Hardy, column 21, lines 13-50, default credentials and password, unique identifier; column 10, lines 35-46, signature; column 6, lines 10-18, and column 5, lines 63-67, establishing trust using encrypted data; see also Inamdar, column 6, lines 57-62, credentials).
In reference to Claim 21, Hardy and Inamdar further disclose sending a password used to login and credentials to be matched (see Hardy, column 21, lines 13-50, credentials, password, unique identifier).
In reference to Claim 22, Hardy and Inamdar further disclose receiving a nonce, sending the nonce, receiving a signed nonce, sending the signed nonce, and establishing the communication based on the signed nonce (Hardy, column 21, lines 13-50; column 10, lines 35-46, signature; column 6, lines 10-18, and column 5, lines 63-67, establishing trust using encrypted data).

Claims 9 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Hardy in view of Inamdar as applied to Claims 7 and 13 above, and further in view of Behringer et al, US Patent 9043884.
In reference to Claim 9, Hardy and Inamdar disclose everything as detailed above with respect to Claim 7.  However, neither Hardy nor Inamdar explicitly discloses communications over LLDP.  Behringer discloses establishing trust (column 3, lines 55-63) and using link layer discovery protocol for neighbor discovery communications (see column 5, lines 9-15).  Therefore, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to further modify the method of Hardy and Inamdar to include the use of LLDP in order to allow neighbor discovery (see Behringer, column 6, lines 17-39).
In reference to Claim 15, Hardy and Inamdar disclose everything as detailed above with respect to Claim 13, and further discloses the use of signing to verify data (Hardy, column 10, lines 35-46).  However, neither Hardy nor Inamdar explicitly discloses communications over LLDP.  Behringer discloses establishing trust (column 3, lines 55-63) by receiving a nonce in link layer discovery protocol packets (column 6, lines 17-26; see also column 5, lines 9-15).  Therefore, it would have been obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to further modify the method of Hardy and Inamdar to include the use of LLDP in order to allow neighbor discovery (see Behringer, column 6, lines 17-39).


Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870.  The examiner can normally be reached on weekdays 9:30-6:00.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Zachary A. Davis/Primary Examiner, Art Unit 2492