DETAILED ACTION
This Office action is in response to the original application filed on 09/04/2019.  Claims 1-22 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 6 and 16 are objected to because of the following informalities:  
Regarding claims 6 and 16, the usage of possessive pronoun “its” suggested be avoided for clarity (line 2).
Appropriate corrections are required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-22 are rejected under 35 U.S.C. 103 as being unpatentable over Goluboff (US 2016/0323689 A1, hereinafter “Goluboff”) in view of Kommireddy et al. (US 2017/0041151 A1, hereinafter “Kommireddy”).

Regarding claim 1, Goluboff discloses:
A computer-implemented method comprising:
onboarding a sensor onto a network managed by a network management system (onboarding IoT device onto network, Goluboff: [0041], [0042]).
Goluboff does not explicitly disclose:
generating a unique serial number for the sensor;
sending a certificate signing request to a certificate authority;
receiving a signed unique certificate from the certificate authority;
mapping the signed unique certificate to the unique serial number for the sensor; and
transmitting the signed unique certificate to the sensor.
However, in the same field of endeavor, Kommireddy teaches:
generating a unique serial number for the sensor (generating unique device identifier, Kommireddy: [0026]);
sending a certificate signing request to a certificate authority (sending certificate signing request to certificate authority, Kommireddy: [0037]);
receiving a signed unique certificate from the certificate authority (receiving signed certificate from certificate authority, Kommireddy: [0030], [0037]);
mapping the signed unique certificate to the unique serial number for the sensor (linking signed certificate to unique device identifier, Kommireddy: [0020], [0039]); and
transmitting the signed unique certificate to the sensor (sending signed certificate to device, Kommireddy: [0040]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Kommireddy in order to further modify the method of onboarding IoT sensor devices onto network using signed certificates from the teachings of Goluboff with the method of linking signed certificates from certificate authority to unique device identifiers in order to establish secure connection from the teachings of Kommireddy.
One of ordinary skill in the art would have been motivated because it would have improved security (Kommireddy: [0002]).

claim 2, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 1 above.
Goluboff in view of Kommireddy further discloses:
wherein the sensor is a troubleshooting sensor for the network management system (IoT device having monitoring sensor, Goluboff: [0035], [0038]).

Regarding claim 3, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 1 above.
Goluboff in view of Kommireddy further discloses:
exchanging the signed unique certificate in an EAP-TLS exchange between the sensor, the certificate authority, the network, and authentication, authorization, and accounting (AAA) appliances of the network management system (securing connection using EAP-TLS and X.509 certificate, Goluboff: [0043]); and
establishing a dot1x EAP-TLS exchange between the sensor, the certificate authority service, and the AAA appliances of the network management system (establishing connection using EAP-TLS and X.509 certificate, Goluboff: [0043]).

Regarding claim 4, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 1 above.
Goluboff in view of Kommireddy further discloses:
wherein the certificate signing request further includes a requesting multiple certificates attribute and wherein the network management system receives multiple signed unique certificates for respective sensors from the certificate authority (certificate signing request including additional field for specifying request for one or more certificates, Kommireddy: [0032]).

Regarding claim 5, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 4 above.
Goluboff in view of Kommireddy further discloses:
wherein the network management system maintains a pool of signed unique certificates of which the signed unique certificates can be used to map onto incoming sensors (maintaining existing pool of certificates, Kommireddy: [0028]).

Regarding claim 6, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 5 above.
Goluboff in view of Kommireddy further discloses:
unmapping the signed unique certificate from its associated sensor (removing link between unique device identifier and corresponding certificates, Kommireddy: [0038]);
maintaining the signed unique certificate in the pool of signed unique certificates (maintaining existing pool of certificates, Kommireddy: [0028]); and
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority (linking signed certificate to unique device identifier, Kommireddy: [0020], [0039]).

Regarding claim 7, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 4 above.

wherein the signed unique certificate is a X.509 certificate (signed certificate being X.509 certificate, Goluboff: [0043]) and wherein # of certs requested for is an attribute in the certificate signing request to the certificate authority using a PKCSReg or a GetCert request (certificate signing request including additional field for specifying request for one or more certificates, Kommireddy: [0032]).

Regarding claim 8, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 7 above.
Goluboff in view of Kommireddy further discloses:
wherein the certificate signing request is a CertRequest (certificate signing request using CertRequest, Kommireddy: [0029]).

Regarding claim 9, Goluboff discloses:
A non-transitory computer-readable medium comprising instructions stored thereon that when executed are effective to cause one or more processors of a network management system to:
onboard, via the network management system, a sensor onto the network managed by the network management system (onboarding IoT device onto network, Goluboff: [0041], [0042]);
maintain, via the network management system, an association between the sensor, certificate authority, and the network (establishing connection using EAP-TLS and X.509 certificate, Goluboff: [0043]).

receive, at a network management system for a network, a request for a sensor certificate;
generate, via a sensor certificate lifecycle manager associated with the network management system, a unique serial number and mapping the unique serial number to the sensor;
send, via the sensor certificate lifecycle manager, a certificate signing request for the sensor using the unique serial number to a certificate authority;
receive, via the sensor certificate lifecycle manager, a signed unique certificate for the sensor from the certificate authority;
map, via the network management system, the signed unique certificate to the sensor.
However, in the same field of endeavor, Kommireddy teaches:
generate, via a sensor certificate lifecycle manager associated with the network management system, a unique serial number and mapping the unique serial number to the sensor (generating unique device identifier and assigning unique device identifier to device, Kommireddy: [0026]);
send, via the sensor certificate lifecycle manager, a certificate signing request for the sensor using the unique serial number to a certificate authority (sending certificate signing request to certificate authority, Kommireddy: [0037]);
receive, via the sensor certificate lifecycle manager, a signed unique certificate for the sensor from the certificate authority (receiving signed certificate from certificate authority, Kommireddy: [0030], [0037]);
map, via the network management system, the signed unique certificate to the sensor (linking signed certificate to unique device identifier, Kommireddy: [0020], [0039]).

One of ordinary skill in the art would have been motivated because it would have improved security (Kommireddy: [0002]).

Regarding claim 10, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 9 above.
Goluboff in view of Kommireddy further discloses:
wherein mapping the unique serial number to the sensor comprises mapping the unique serial number to a MAC address of the sensor (unique device identifier corresponding to MAC address of device, Kommireddy: [0026]).

Regarding claim 11, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 9 above.
Goluboff in view of Kommireddy further discloses:
wherein mapping the unique serial number to the sensor comprises mapping the unique serial number to a factory assigned serial number of the sensor (unique device identifier corresponding to GUID of device, Kommireddy: [0026]).

claims 12-18, they do not teach or further define over the limitations in claims 2-8.  Therefore, claims 12-18 are rejected for the same reasons as set forth in the rejections of claims 2-8 above.

Regarding claim 19, Goluboff discloses:
A system comprising:
a network management system that controls and manages onboarding of troubleshooting sensors onto a network onboarding IoT device onto network, Goluboff: [0041], [0042]).
Goluboff does not explicitly disclose:
a network management system that 
a sensor certificate lifecycle manager, which interfaces with the network management system and a certificate authority, that manages a pool of signed unique certificates and revokes or reassigns any signed unique certificates that need to be revoked or reassigned.
However, in the same field of endeavor, Kommireddy teaches:
a network management system that linking signed certificate to unique device identifier, Kommireddy: [0020], [0039]
a sensor certificate lifecycle manager, which interfaces with the network management system and a certificate authority, that manages a pool of signed unique certificates and revokes or reassigns any signed unique certificates that need to be revoked or reassigned (communicating with certificate authority and removing link between unique device identifier and corresponding certificates, Kommireddy: [0028], [0037]-[0039]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Kommireddy in order to further modify the system for onboarding IoT sensor devices onto network using signed certificates from the teachings of Goluboff with the system for linking signed certificates from certificate authority to unique device identifiers in order to establish secure connection from the teachings of Kommireddy.
One of ordinary skill in the art would have been motivated because it would have improved security (Kommireddy: [0002]).

Regarding claim 20, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 19 above.
Goluboff in view of Kommireddy further discloses:
wherein the sensor certificate lifecycle manager interfaces with the certificate authority via a Simple Certificate Enrollment Protocol interface (communicating with certificate authority using simple certificate enrollment protocol, Kommireddy: [0002], [0037]).

Regarding claim 21, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 19 above.

wherein the signed unique certificate is an EAP-TLS certificate (securing connection using EAP-TLS and X.509 certificate, Goluboff: [0043]).

Regarding claim 22, Goluboff in view of Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 19 above.
Goluboff in view of Kommireddy further discloses:
wherein the system further comprises a zero-touch plug and play interface for the sensors to be onboarded through (zero-touch deployment of IoT device, Goluboff: [0041]).












Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure: Won et al. (US 2018/0183587 A1: Blockchain-Assisted Public Key Infrastructure for Internet of Things Applications) and Turner et al. (US 2020/0153697 A1: Internet of Things Device Discovery and Deployment).
In the case of amendments, applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and support, for ascertaining the metes and bounds of the claimed invention.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GIL H. LEE whose telephone number is 571-272-3408.  The examiner can normally be reached on Mon-Fri: 9am-6pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian J. Gillis can be reached on 571-272-7952.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/GIL H. LEE/
Primary Patent Examiner, Art Unit 2446