DETAILED ACTION
	This action is responsive to communication filed on 02/09/2021. Claims 1-20 are pending and being considered. Claims 1, 11 and 19 are independent. Claims 1, 7-9, 11 and 17-19 are amended. Thus, the claims 1-20 are rejected.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments/Remarks
	Applicant’s arguments/remarks filed on 02/09/2021 have been fully considered and are rendered moot in view of new grounds of rejection outlined below, which were necessitated by the applicant’s amendment. The argument do not apply to the current art(s) being used.

Information Disclosure Statement


The information disclosure statement (IDS) submitted on 01/21/2021 was filed on or after the mailing date of the application no.16/404.655 on 05/06/2019. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner and an initialed and dated copy of Applicant’s IDS forms 1449 filed on 01/21/2021 is attached to the instant office action.

Claim Objections
The amendments, filed on 02/09/2021, has overcome the claim objections. Therefore, the claim objections has been withdrawn.

Claim Rejections - 35 USC § 112
In view of amendments, filed on 02/09/2021, the rejection under 35 USC § 112(b) has been reconsidered and withdrawn.

Claim Rejections - 35 U.S.C. 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. 

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Turon, Martin A. et al. (US 2015/0372875 A1), hereinafter (Turon) in view of Raje, Surabhi et al. (US 2018/0262497 A1), hereinafter (Raje).

As per claim 1, Turon teaches a method for adding wireless mesh devices to a computer network, the method comprising: establishing a secure communication session between a computing device and a computer via a first type of communication channel (Turon, Figs. 2 & 5, and Para. [0057], discloses that a user choosing to commission a new device to join the mesh network 100 can use a commissioning device 210 (i.e., hereinafter a computer), which connects to the border router 202 (i.e., hereinafter a computing device) via the external network technology of the access point 204, to commission the new device. The commissioning device 210 may be any computing device, such as a smart phone, tablet, notebook computer, and so forth, with a suitable user interface and communication capabilities to operate in the role of a commissioner to join devices to the mesh network 100, and as further disclosed in Para. [0070], a commissioner session 502 which is a secure communication tunnel from the commissioning device 210 to the border router 202 as illustrated in Fig. 5); 
sending validation information to the computing device via a second type of communication channel (Turon, Para. [0007], discloses that the border router can also register an identity of the commissioning device to establish a secure commissioning communication session, including providing a hardened (e.g., or see also Fig. 6 and Para. [0079], discloses that the commissioning session can be established in any suitable manner, such as using the pre-shared key for commissioner (PSKc) to establish the commissioning session using DTLS or TLS. By way of example, and not limitation, the commissioning device 210 and the border router 202 exchange DTLS messages 606-616 to identify and authenticate the commissioning device to the mesh network 100, and to establish the secure connection for the commissioner session 502 (shown in Fig. 5)); 
receiving the validation information from the computing device via the first type of communication channel (Turon, Para. [0007], discloses that the border router can also register an identity of the commissioning device to establish a secure commissioning communication session, e.g., the border router includes a copy of the encrypted commissioning credential usable to authenticate the commissioning device to the mesh network, where the copy of the encrypted commissioning credential was previously derived from the commissioning credential, and as further disclosed in Para. [0057], wherein the commissioning device 210 may be any computing device with a suitable user interface for communication with mesh network devices, or see also Fig. 6 and Para. [0079], discloses that the commissioning session can be established in any suitable manner, such as using the pre-shared key for commissioner (PSKc) to ); 
sending a session token to the computing device based on identifying that the received validation information matches the validation information sent to the computing device via the second type of communication channel (Turon, Fig. 4 and Para. [0005 and 0069], discloses that the joiner router receives an indication from the commissioning device to pass the network credentials (i.e., session token) for the mesh network 100, after the handshake process is complete (e.g., by establishing a secure socket connection/tunnel with the border router 202 using a PSKc (such as disclosed in Para. [0065 and 0079])), and/or as disclosed in Para. [0179], after the node device in the mesh network updates the stored commissioning dataset to match the received commissioning dataset, wherein the received commissioning dataset comprises: the received timestamp, a commissioning credential, a network name of the mesh network, and a security policy that indicates which security-related operations are allowed in the mesh network, as disclosed in Para. [0258]); and 

However Turon in Fig. 4 and Para. [0069] discloses to establish a secure joining session between a joining device and a commissioning device, via border router and/or joiner router, based on a “PSKd” derived from a joining device credential received out-of-band of the mesh network, typically entered through a user interface of the commissioning device 210, such as by scanning a QR code or bar code, wherein Turon fails to explicitly disclose but Raje teaches receiving registration information from the computing device, the registration information identifying at least two mesh nodes to associate with a customer license, wherein the at least two mesh nodes are configured in parallel and are allowed to send wireless communications over a wireless mesh network that is associated with the customer license based on at least a portion of the received registration information being consistent with stored data (Raje, Fig. 2 and Para. [0025], discloses an environment for batch registration and configuration of devices in a wireless network, including registration of authenticated devices. Wherein the devices 150 may be registered in serial or in parallel, e.g., depending on the ability or inability of the computing device 110 that runs the configuration utility 120 to access more than one of the devices at a time, and see also Fig. 9 and associated Para. [0046-0049], for detailed description of steps 800-861 (depicted in Fig. 9) for batch registration and configuration of devices in a wireless network, in which a user of a batch configuration utility 120 (of a computing device 110, as depicted in Figs. 1-3 and 5) may be authenticated such that the user may proceed to register and configure devices in a batch. Wherein, the registered and configured ).
Turon and Raje are analogous arts and are in the same field of endeavor as they both pertain and directed to providing security and secure communication session between devices/nodes via a computer network.
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Raje’ into the teachings of ‘Turon’, with a motivation to receive registration information from the computing device, the registration information identifying at least two mesh nodes to associate with a customer license, wherein the at least two mesh nodes are configured in parallel and are allowed to send wireless communications over a wireless mesh network that is associated with the customer license based on at least a portion of the received registration information being consistent with stored data, as taught by Raje, in order to protect the wireless network environment from unauthenticated/unauthorized devices; Raje, Abstract and Para. [0026].

As per claim 2, Turon as modified by Raje teaches the method of claim 1, wherein Turon fails to explicitly disclose but Raje teaches further comprising storing information in a database that cross-references the received registration information with the customer license (Raje, Figs. 2-3 and Para. [0022], discloses that the configuration of a device may include creating and/or modifying a device-specific account to reflect registration and/or deployment of the device. Device-specific accounts may be maintained by the service provider environment 170, and the device-).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Raje’ into the teachings of ‘Turon’, with a motivation to store information in a database that cross-references the received registration information with the customer license, as taught by Raje, in order to protect the wireless network environment from unauthenticated devices; Raje, Abstract and Para. [0026].

As per claim 3, Turon as modified by Raje teaches the method of claim 1, wherein Turon further teaches further comprising: identifying a first identifier and a code included in the registration information (Turon, Para. [0004], discloses that the joiner router receives a message from the joining device requesting to join the mesh network. The message received from the joining device can include a device identifier that is usable to authenticate the joining device, and as further disclosed in Para. [0091], discloses that the joining device credential may be communicated by scanning a QR code or a barcode, located on the joining device 212, with a camera included in the commissioning device 210); 
identifying that the at least portion of the received registration information is consistent with the stored data based on the first identifier and the code matching information stored in a database (Turon, Para. [0011], discloses that the joining device establishes a secure joiner communication session with the ); and 
sending a registration complete message after identifying that the first identifier and the code match the information stored in the database (Turon, Fig. 7 and Para. [0102], discloses that the commissioning device 210 uses the joiner’s identification message to initiate a DTLS-HelloVerify message based on the PSKd (derived from QR code or bar code as disclosed in Para. [0069]) and the received joiner device identifier (as disclosed in Para. [0011]), and sends the DTLS-HelloVerify message to the joining device 212, at 718).  

As per claim 4, Turon as modified by Raje teaches the method of claim 3, wherein Turon further teaches further comprising: identifying that the registration information also includes information that identifies the computing device (Turon, ); and 
storing in the database information that cross-references the computing device identifying information with the customer license (Turon, Para. [0056], discloses that the cloud service 208 provides applications that include connecting end user devices, such as smart phones, tablets, and the like, to devices in the mesh network 100, processing and presenting data acquired (i.e., information that cross-references the computing device identifying information) in the mesh network 100 to end users, linking devices in one or more mesh networks 100 to user accounts of the cloud service 208, provisioning and updating devices in the mesh network 100, and so forth).  

As per claim 5, Turon as modified by Raje teaches the method of claim 1, Wherein Turno further teaches further comprising storing information in a database that cross-references the customer license with a mesh network identifier that uniquely identifies the mesh network as belonging to a customer (Turno, Para. [0050], discloses that in addition to insertion of the network credentials into the joining device during commissioning, additional provisioning may be required for the joining device, in order to update or configure the joining device for use in the mesh network. This provisioning may require secure communication of information, such as linking the joining device to a user account of a cloud service (i.e., a user account stored on a cloud service), and as further disclosed in Para. [0056], the cloud service 208 provides applications that include connecting end user devices, such as smart phones, tablets, and the like, to devices in the mesh network 100, processing and presenting data ).  

As per claim 6, Turon as modified by Raje teaches the method of claim 1, Wherein Turno further teaches further comprising: receiving information that identifies the computing device (Turon, Para. [0004], discloses that the joining device can include a device identifier that is usable to authenticate the joining device, and/or see also Para. [0045], discloses that a certificate can be validated to authenticate the identity of another device on the network); and 
However Turon fails to explicitly disclose but Raje further teaches storing information in a database that associates the customer license with the information that identifies the computing device (Raje, Para. [0035 and 0046], discloses that the login interface 502 may interact with an authentication handler 512 which verifies that the user has the proper access credentials (login credentials). The authentication handler 512 may access a backend service to verify that the user has the desired level of access, e.g., with an administrative account or other suitable account with the service provider environment 170, and as further disclosed in Para. [0014], wherein the account or login credential (i.e., maintained within the service provider environment 170) associated with the user of the configuration utility 120 (within computing device 110) is distinct or independent from the device-specific accounts).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Raje’ into the teachings of ‘Turon’, with a motivation to store information in a database that associates 

As per claim 7, Turon as modified by Raje teaches the method of claim 1, wherein Turon further teaches further comprising: Turon, Para. [0106], discloses that when the joining device 212 is joined to the mesh network 100, the joining device 212 may also require provisioning. Provisioning may include updating the firmware in the joining device 212, configuring the joining device 212, providing a local configuration related to other devices on the mesh network 100, linking the joining device 212 to an account of the user on the cloud service 208, linking the joining device 212 to a cloud-based application server, and so forth); 
sending configuration information to the at least two mesh nodes Turon, Para. [0050 or 0106], discloses that in addition to insertion of the network credentials into the joining device during commissioning, additional provisioning may be required for the joining device, in order to update or configure the joining device for use in the mesh network. This provisioning may require secure communication of information, such as linking the joining device to a user account of a cloud service, and ).  
However Turon fails to explicitly disclose but Raje teaches storing a profile in a database, the profile identifying a configuration to associate with the at least two mesh nodes, the profile associated with previously received registration information and the customer license (Raje, Para. [0022], discloses that the configuration of a device may include creating and/or modifying a device-specific account to reflect registration and/or deployment of the device. Device-specific accounts may be maintained by the service provider environment 170, and the device-specific accounts may be distinct or independent from an account or login credential associated with the user of the configuration utility. In one embodiment, the configuration of a device may include storing values for configuration parameters with the device-specific account. The values for the configuration parameters may be stored in a configuration profile associated with the device-specific account, and the corresponding device may be operated in accordance with the configuration profile. For example, the configuration profile stored in the service provider environment 170 may include a wireless network credential, a "wake word" or other user prompt to activate voice capture, a time zone, an indication of skills that are accessible to the device, and/or other suitable configuration parameters. At least some of the configuration parameter values may be provided using the configuration utility 120. In one embodiment, the configuration of a ); 
identifying that the registration information is consistent with the customer license, wherein the at least two mesh nodes are allowed to communicate over the wireless mesh network based on the registration information being consistent with the customer license (Raje, Para. [0031], discloses that the configuration utility 120 may include a device configuration component 128. Using the device configuration component 128, a configuration profile (or a portion thereof) and/or its constituent one or more configuration parameters 155 may be deployed to authenticated devices 150A-150N in a batch. Wherein, the deployed configuration profile may include various parameters such as a networking credential (e.g., a wireless networking credential) that permits the device to access a local area network (e.g., a Wi-Fi network), a "wake word" to activate voice capture on detection of audible speech including the word, a time zone, and/or other suitable configuration parameters to be stored on the devices); and 
sending configuration information to the at least two mesh nodes that is consistent with the profile stored in the database that is associated with the previously received registration information, wherein the one or more mesh nodes are configured based on the configuration information sent to the one or more mesh nodes (Raje, Para. [0022], discloses that the configuration parameter values deployed to a device may include a wireless network credential, a wake word or other user prompt to activate voice capture, a time zone, and/or other suitable configuration parameters. By deploying the wireless network credential to the device, the device may be usable with a particular wireless local area network, e.g., to interact with voice-based ). 
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Raje’ into the teachings of ‘Turon’, with a motivation to provide a device configuration interface for saving the created configuration profile which may potentially be applicable to multiple devices. Wherein the configuration profile may be defined or specified at any suitable point during the registration and configuration process, e.g., before or after the devices are detected and selected; Raje, Para. [0038 and 0047].

As per claim 8, Turon as modified by Raje teaches the method of claim 7, wherein Turon further teaches further comprising sending program code to the at least two mesh nodes, wherein the program code is installed at the at least two mesh nodes based on the program code being consistent with the stored profile (Turon, Fig. 21 and Para. [0200], discloses an example device 2102 which may be any type of computing device, client device, […] and/or other type of device such as a mesh network device that is configured for communication on a mesh network, such as a thermostat, hazard detector, camera, light unit, commissioning device, router, border router, joiner router, joining device, end device, leader, access point, and/or other mesh network devices, and as disclosed in Para. [0202], wherein the device 2102 also includes input/output (I/O) interfaces 2108. Wherein, the I/O interfaces also include data input ports via which any type of data, media content, and/or inputs can be received, such as user inputs to the device, […] and/or data source (i.e., code), and as further code that is native to a particular device, a hardware abstraction layer for a particular device, and so on).  

As per claim 9, Turon as modified by Raje teaches the method of claim 1, wherein Turon fails to explicitly disclose but Raje further teaches further comprising storing information in a database that identifies each and every wireless mesh node at the mesh network including the at least two mesh nodes (Raje, Para. [0028], discloses a device account management service or component 182 in the service provider environment 170, which may maintain individual, device-specific accounts for the devices 150A-150N. As shown in the example of FIG. 2, one device-specific account 182A may be created or maintained which corresponds to device 150A, another device-specific account 182B may be created or maintained which corresponds to device 150B, and yet another device-specific account 182N may be created or maintained which corresponds to device 150N. Registration of a device by the device registration component 126 may include providing an identifier of an authenticated device, such as the device-specific identifier or the device serial number, to one or more backend services of the service provider environment 170, such as the device account management service 182).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Raje’ into the teachings of ‘Turon’, with a motivation to store information in a database that identifies each and every wireless mesh node at the mesh network including the at least two 

As per claim 10, Turon as modified by Raje teaches the method of claim 1, wherein Turon further teaches the first type of communication channel corresponds to a first type of network interface, the second type of communication channel corresponds to a second type of network interface (Turon, Para. [0052], discloses that the routers 102, the router-eligible end device 104, and the end devices 106, each include a mesh network interface (such as disclosed in Para. [0056-0057]) for communication over the mesh network), and the method further comprising identifying that the validation information sent via the second type of communication interface matches the validating information received via the first type of communication interface (Turon, Para. [0179], discloses that if the received timestamp is more recent than the stored timestamp (i.e., "No" from 1806), then at 1810, the stored commissioning dataset is updated to match the received commissioning dataset. For example, the node device in the mesh network updates the stored commissioning dataset to match the received commissioning dataset, and as further disclosed in Para. [0258], wherein the received commissioning dataset comprises: the received timestamp, a commissioning credential, a network name of the mesh network, and a security policy that indicates which security-related operations are allowed in the mesh network), wherein the computing device is authorized to communicate via the wireless mesh network based on the matching validation information (Turon, Para. [0259], discloses a mesh network device implemented as a ).

As per claims 11-18, claims recite similar subject matter as claims 1-8, respectively. Therefore, the response set forth above with respect to the claims 1-8 is equally applicable to claims 11-18 of a non-transitory computer readable storage medium, respectively.

As per claims 19-20, claims recite similar subject matter as claims 1-2, respectively. Therefore, the response set forth above with respect to the claims 1-2 is equally applicable to claims 19-20 of a system for adding wireless mesh devices to a computer network, respectively.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
1.	Panther; Heiko Gernot Albert (US 2015/0180842 A1), this disclosure relates secure pairing of devices via pairing facilitator-intermediary device.
2.	Reddy et al. (US 2011/0138183 A1), invention relates to wireless networks, and more particularly to methods for ensuring security and privacy in wireless networks that employ cognitive radio technology.

4.	Dale W. Malik (US 2016/0352729 A1), disclosure relates generally to authentication of devices and device users and, more particularly, to providing centralized authentication for granting access to online services.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALI CHEEMA, whose telephone number is 571-272-1239. The examiner can normally be reached on 8AM-4PM (EST) Monday-Friday. 

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALI CHEEMA/
Examiner, Art Unit 2433

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498