DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
This Office Action is in response to the amendment filed on 5/21/2021.
Claims 1-2, 8, 15-16 and 19 have been amended.
Claims 1-20 are pending for consideration.

Response to Arguments
Applicant’s arguments on pages 10-11 of Remarks (i.e., the signature of the IoT device merely appears to correspond with an HMAC signature or “security hash”  and not a signature corresponding with a set of fields to include in the signature that is determined using a machine learning machine) with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-4, 8-11, 15, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Idnani et al. (US 20170353859) (hereinafter Idnani) in view of PUCK et al. (US 20170236188) (hereinafter PUCK).
Regarding claim 1, Idnani discloses a method comprising: receiving, at an edge device in a network, a data packet from an Internet of Things (loT) device (Idnani: paragraphs 0035-0036 and 0052, “An IoT device in accordance with various aspects of the present disclosure may include a "vendor-specific attribute" (VSA) in the Wi-Fi beacon transmitted by an IoT device operating in "Soft AP mode." The VSA may include a key-hash message authentication code (HMAC) signature, which may be calculated using, for example, the SSID, BSSID, and other known attributes”, {the Wi-Fi beacon transmitted by an IoT device is mapped to the data packet received from the IOT device}); accessing, at the edge device, a signature associated with the IoT device, wherein the signature includes network layer information about the IoT (Idnani: paragraphs 0036 and 0055-0056, “The gateway device that receives such a beacon transmission as shown in FIG. 9 and described above, may then use the shared random string, and the SSID, BSSID, index, key length, and VendorID parameters received from the IoT device”, {the network layer information is mapped to applying, by the edge device, a set of rules to provide security for the IOT device by validating the IoT device based on the accessed signature (Idnani: paragraphs 0055-0056, “If the gateway device determines that the received HMAC signature matches the HMAC signature locally generated, the gateway device of the present disclosure may then provide Wi-Fi credentials to the IoT device”); and responsive to the IoT device being validated based on the accessed signature, received data packet, and the applied set of rules, processing, by the edge device, the data packet from the IoT device (Idnani: paragraphs 0049-0050 and 0055-0066, “If the gateway device determines that the received HMAC signature matches the HMAC signature locally generated, the gateway device of the present disclosure may then provide Wi-Fi credentials to the IoT device attempting to register”).
Idnani does not explicitly disclose the following limitation which is disclosed by PUCK, wherein a set of fields to include in the signature is determined using a machine learning model (PUCK: paragraphs 0007, 0044 and 0172, “The variables or parameters used in a decision process may be specified by a user and/or identified by application of a suitable data analysis technique such as machine learning, pattern matching, statistical analysis, etc.,”).  Idnani and PUCK are analogous art because they are from the same field of endeavor, data processing.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Idnani and PUCK before him or her, to modify the system of Idnani to include the set of fields to include in the signature is determined using a machine learning model of PUCK. The suggestion/motivation for doing so would 
Regarding claim 8, claim 8 discloses a medium claim that is substantially equivalent to the method of claim 1.  Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 8 and rejected for the same reasons.
Regarding claim 15, claim 15 discloses a device claim that is substantially equivalent to the method of claim 1.  Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 15 and rejected for the same reasons.
Regarding claim 3, Idnani as modified discloses responsive to the IoT device not being validated, dropping, by the edge device, the data packet and performing remediation (Idnani: paragraph 0065, “If, however, the authorization information is determined at block 1424 to not be valid, the method of FIG. 14 continues at block 1426, where the gateway device drops the association of the IoT device with the gateway device, and the method of FIG. 14 ends.”).
Regarding claims 4 and 10, Idnani as modified discloses wherein performing remediation comprises: determining, by the edge device, a first remediation of a set of remediations to perform based on a signature rule that failed during validation (Idnani: paragraph 0065, “If, however, the authorization information is determined at block 1424 to not be valid, the method of FIG. 14 continues at block 1426, where the gateway device drops the association of the IoT device with the gateway device, and the method of FIG. 14 ends.”).
Regarding claim 9, Idnani as modified discloses instructions to determine whether the signature associated with the IoT device exists (Idnani: paragraphs instructions to validate the data packet using all fields of the data packet responsive to determining that the signature does not exist ((Idnani: paragraphs 0034 and 0056, “If the gateway device determines that the received HMAC signature matches the HMAC signature locally generated, the gateway device of the present disclosure may then provide Wi-Fi credentials to the IoT device attempting to register”).
Regarding claim 11, Idnani as modified discloses wherein the instructions to perform remediation comprise: instructions to receive a second data packet from a second loT device (Idnani: see figure 1, item 112; and paragraph 0031, “The Wi-Fi STA 222 functions to connect as an STA to an end-user IoT device (e.g., IoT devices 110, 112, 114, 116 of FIG. 1) when the end-user IoT device is in what may be referred to herein as a "Soft AP mode." When in the "Soft AP mode," the IoT device may behave as a Wi-Fi (e.g., IEEE 802.11 a/b/g/n/ac) "access point," and Wi-Fi STA 222 may provide Wi-Fi credentials (e.g., Service Set Identifier (SSID), Passphrase, Security Mode) to the IoT device, so that the IoT device is then able to associate with the Wi-Fi router 224 of the gateway device”); instructions to access a second signature associated with the second loT device, where the second signature includes network layer information about the second loT device (Idnani: paragraph 0047, “an IoT device (e.g., any of IoT devices 110, 112, 114, 116 of FIG. 1), …In this example, the IoT device may, as shown in information exchange 563 of FIG. 5, transmit a Wi-Fi "beacon" with an SSID field formatted according to the particular format mentioned nstructions to determine a second set of rules to use to validate the second loT device based on the accessed second signature (Idnani: paragraphs 0055-0056, “If the gateway device determines that the received HMAC signature matches the HMAC signature locally generated, the gateway device of the present disclosure may then provide Wi-Fi credentials to the IoT device”); and instructions to process the second data packet from the second loT device responsive to the second loT device being validated based on the accessed second signature, received second data packet, and the applied second set of rules (Idnani: paragraphs 0049-0050 and 0055-0066, “If the gateway device determines that the received HMAC signature matches the HMAC signature locally generated, the gateway device of the present disclosure may then provide Wi-Fi credentials to the IoT device attempting to register”).
Regarding claim 17, Idnani as modified discloses wherein the physical processor implements machine readable instructions that cause the edge device to: responsive to the IoT device not being validated: drop the data packet (Idnani: paragraph 0065, “If, however, the authorization information is determined at block 1424 to not be valid, the method of FIG. 14 continues at block 1426, where the gateway device drops the association of the IoT device with the gateway device, and the method of FIG. 14 ends.”); and determine a first remediation of a set of remediations to perform based on a signature rule that failed during validation (Idnani: paragraph 0065, “If, however, the authorization information is determined at block 1424 to not be valid, the method of FIG. 14 continues at block 1426, where the gateway device drops .

Claims 2 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Idnani in view of PUCK, and further in view of CARIOU et al. (US 20180092055) (hereinafter CARIOU).
Regarding claims 2 and 16, Idnani in view of PUCK discloses accessing, at the edge device, the signature associated with the IoT device (Idnani: paragraphs 0036 and 0055-0056, “The gateway device that receives such a beacon transmission as shown in FIG. 9 and described above, may then use the shared random string, and the SSID, BSSID, index, key length, and VendorID parameters received from the IoT device”, {the network layer information is mapped to the SSID, BSSID, and other known attributes }); applying, by the edge device, the set of rules to validate the IoT device based on the accessed signature (Idnani: paragraphs 0055-0056, “If the gateway device determines that the received HMAC signature matches the HMAC signature locally generated, the gateway device of the present disclosure may then provide Wi-Fi credentials to the IoT device”); and responsive to the IoT device being validated based on the accessed signature, received  (Idnani: paragraphs 0049-0050 and 0055-0066, “If the gateway device determines that the received HMAC signature matches the HMAC signature locally generated, the gateway device of the present disclosure may then provide Wi-Fi credentials to the IoT device attempting to register”).  
receiving, at the edge device in a network, a second data packet from the IoT device at a time interval after receiving the data packet (CARIOU: paragraphs 0066 and 0102, “a device (e.g., the user device(s) 120 and/or the AP 102 of FIG. 1) may determine a first portion and a second portion of a beacon interval. A beacon interval is a time interval between two consecutive beacon frames” … “The AP may utilize beacon frames in order to determine whether a service period is allocated for a synchronized or unsynchronized operation”).  Idnani in view of PUCK and CARIOU are analogous art because they are from the same field of endeavor, wireless communications.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Idnani in view of PUCK and CARIOU before him or her, to modify the system of Idnani in view of PUCK to include the second data packet from the IoT device at a time interval after receiving the data packet of CARIOU. The suggestion/motivation for doing so would have been to allow an AP to serve devices based on the number of sectors that may be covered by each antenna of the AP (CARIOU: paragraph 0014).

Claims 5, 12 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Idnani in view of PUCK, and further in view of KAUSHIK (US 20180191756) (hereinafter KAUSHIK).
Regarding claims 5, 12 and 18, Idnani in view of PUCK does not explicitly disclose the following limitation which is disclosed by KAUSHIK, responsive to the edge device not being able to parse the data packet, sending, by the edge device, the data packet to a remote parser (KAUSHIK: paragraphs 0025 and 0032, “The access point 120 comprises an IoT device connection manager 210 to periodically advertise with beacons, manage BSSIDs (basic service set identifiers), and provide network access to stations. A packet processing module 220 parses data frames from IoT devices to reveal data along with header information”); and receiving, by the edge device, validation of the data packet from the remote parser (KAUSHIK: paragraph 0025, “A security breach module 240 can take a security action such a notification or access denial if the deviation amounts to a suspected security breach. An IoT database 250 can locally store IoT rules and other data similar to the IoT device server 112”).  Idnani in view of PUCK and KAUSHIK are analogous art because they are from the same field of endeavor, data protection.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Idnani in view of PUCK and KAUSHIK before him or her, to modify the system of Idnani in view of PUCK to include the parser of KAUSHIK. The suggestion/motivation for doing so would have been to prevent the malicious activity (KAUSHIK: paragraph 0017).

Claims 6-7, 13-14 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Idnani in view of PUCK, and further in view of Chillappa et al. (US 20160381030) (hereinafter Chillappa).
Regarding claims 6, 13 and 19, Idnani in view of PUCK does not explicitly disclose the following limitation which is disclosed by Chillappa, determining, by the edge device, that the IoT device is ready to be deployed (Chillappa: paragraphs responsive to determining that the IoT device is ready to be deployed: moving, by the edge device, the IoT device from a quarantine virtual local area network ("VLAN") to an enterprise VLAN (Chillappa: paragraph 0032, “a constraint profile 301 for an unknown IoT device 123 can direct the router component 123 to segregate the given device 123 to a separate VLAN 309, monitor all attempts by the IoT device 123 to communicate with other devices, and probe the IoT device 123”); and propagating, by the edge device, the signature associated with the IoT device to neighbor edge devices
Regarding claims 7, 14 and 20, Idnani in view of PUCK does not explicitly disclose the following limitation which is disclosed by Chillappa, wherein the determination that the IoT device is ready to be deployed comprises: assigning, by the edge device, the IoT device to the quarantine VLAN (Chillappa: paragraphs 0030 and 0043, “IoT devices 123 can be constrained in their operations by being isolated in virtual local area networks (VLANS)”); generating, by the edge device, a data sheet for the IoT device based on information from a packet of the IoT device and information about the IoT device, wherein the packet includes the network information about the IoT device (Chillappa: paragraph 0030, “receives information concerning the identification and behavior of various IoT devices 123 …therefore able to track the installations, communications and other behaviors of different IoT devices 123 on different local area networks 107 over time…Based on these factors, the backend component 119 creates constraint profiles 301 governing the allowed communication and behaviors of the different IoT devices”); and generating, by the edge device, the signature for the IoT device by determining information from the data sheet to include in the signature (Chillappa: paragraph 0030, “Based on these factors, the backend component 119 creates constraint profiles 301 governing the allowed communication and behaviors of the different IoT devices”).  Idnani in view of PUCK and Chillappa are analogous art because they are from the same field of endeavor, data protection.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Idnani in view of PUCK and Chillappa before him or her, to modify the system of Idnani in view of PUCK to include the deployed IoT device of Chillappa. The suggestion/motivation for doing so .

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is listed.
Gehrmann (US 20180295101) discloses systems, methods, and/or techniques for mitigating attacks on an IoT device at a gateway device may be provided. The gateway device may receive a communication directed to an Internet of Things (IoT) device and forward it to the IoT device. The IoT device may indicate to the gateway device that the communication is associated with an attack and send the gateway device a sleep time period and a request to change a filtering rule set at the gateway device. The gateway device may change the filtering rule set and receive another communication directed to the IoT device. If the another communication is valid based on the filtering rule set with the change and a number of valid packets is less than a threshold, and the sleep time period has expired, the gateway device may send another communication to the IoT device.
Liu (US 20180092151) discloses techniques for managing IoT devices through multi-protocol infrastructure network devices are disclosed. A system utilizing such techniques can include a multi-protocol infrastructure network device and a WAN based IoT device management system and various network device based engines. A method utilizing such techniques can include management according to WAN based IoT device policies and LAN based IoT device policies.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TRANG T DOAN whose telephone number is (571)272-0740.  The examiner can normally be reached on Monday-Friday 7-4 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D Feild can be reached on (571)272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/TRANG T DOAN/Primary Examiner, Art Unit 2431