DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Status of claims
This office in response to claims filed on 05/21/2021; the foreign application priority date (01/10, 2018) is considered.
Claims 3, 7-8, 14 and 16-21 are pending and rejected; claims  3, 7, 7, 16, 17 and 19-21 are independent claims

Response to Arguments
Applicant's arguments filed on 05/21/2021 have been fully considered but they are not persuasive. 
With respect to applicant’s argument: “With regard to Applicant's claim 3, if one were to assume arguendo that the cloud service in claim 3 corresponds to the authorization service in Vongsouvanh, Vongsouvanh would at most teach that a token is generated and sent. However, as defined in claim 3, the token is received by the cloud service from the mobile device together with industrial automation device information. The received token is stored to the cloud service. By contrast, the computing device (e.g., a mobile device) in Vongsouvanh does not send any token to the remote system, and thus, the remote system does not receive a token from the computing device. Further, the remote system in Vongsouvanh does not store or use a token that has been received from a mobile device. These distinctions also apply to Applicant's claims 19-21”
Examiner respectfully disagrees with applicant’s argument for the following reasons: First, (see applicants own disclosure Pub. US20019/0215319 A1, Abstract, “a token is generated by the cloud service to the first cloud service, and forwarded via the mobile device to the industrial automation .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 3, 7-8, 14, and 16-21 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Vongsouvanh et al. US Patent No.: 20150249659 A1 (hereinafter Vongsouvanh) (included in the IDS).

	Claims 1-2, (canceled)
Vongsouvanh teaches:

authenticating a user of a mobile device at the cloud service (see Vongsouvanh Fig. 5B, ¶¶19, 37, authenticate user); 
receiving, at the cloud service, after successful authentication of the user, a token and industrial automation device information from the mobile device(see Vongsouvanh Figs. 5-6, ¶43, “Computing device 100 receives access token 402 and sends, responsive to authorization request 130”); 
storing the token to the cloud service (see Vongsouvanh ¶34, “ client device 110 receives an access token, issued by authorization service 122”); and 
communicating, by the cloud service, without involvement of the mobile device, with the industrial automation device using the token to authenticate the industrial automation device to the cloud service or the cloud service to the industrial automation device (see Vongsouvanh Figs 5B: 524-530,  and ¶76, “Authorization service 122 sends access token 402 to computing device 100 (524), which receives access token 402 (526) and sends access token 402 to client device 110 using short-range wireless communication by communication pathway 126 (528)”).

	Claims 4-6, (canceled)
Vongsouvanh teaches:
As to claim 7, a method for an industrial automation device, the method comprising at least:
establishing, by an industrial automation device, a first connection with a mobile device (see Vongsouvanh Fig. 5B, ¶¶19, 37, authenticate user); 
receiving, by the industrial automation device, over the first connection, a token and information on a cloud service from the mobile device (see Vongsouvanh Fig 5B: 518, 520, ¶26, “Authorization request 130 may include an identifier for client device 110, a requested scope for the requested authorization” ¶30, “Authorization service 122 issues a security credential for use by client device 110 after successfully authenticating user 132 and authorizing client device 110”); 
storing, by the industrial automation device, the token and the information on the cloud service to a memory (see Vongsouvanh ¶34, “ client device 110 receives an access token, issued by authorization service 122”; and 
exchanging, by the industrial automation device, information with the cloud service using the token as authentication information, over a second connection between the industrial automation device and the cloud service  (see Vongsouvanh Figs 5B: 524-530,  and ¶76, “Authorization service 122 sends access token 402 to computing device 100 (524), which receives access token 402 (526) and sends access token 402 to client device 110 using short-range wireless communication by communication pathway 126 (528)”.)

As to claim 8, the method of claim 7, further comprising: receiving, by the industrial automation device, with the token and information on the cloud service, additional information indicating information for which the token is to be used; and selecting, by the industrial automation device, the token and cloud service to be used based on the information to be exchanged (see Vongsouvanh Figs. 5-6). 
	Claims 9-13, (canceled)

As to claim 14, the system of claim 21, further comprising in the second cloud at least one second apparatus configured to provide the second cloud service, wherein the second apparatus comprises at least one processor and at least one memory including computer program code (see Vongsouvanh Figs. 5-6)
the at least one memory and computer program code configured to, with the at least one processor, cause the second apparatus at least to perform: authenticating the user of the mobile device at the second cloud service (see Vongsouvanh Figs. 5-6); 
storing, in response to the user being successfully authenticated and in response to receiving from the mobile device a token for the industrial automation device and industrial automation device information of the industrial automation device, the received token to the second cloud service (see Vongsouvanh Figs. 5-6); and
communicating with the industrial automation device using the token to authenticate the industrial automation device to the second cloud service or the second cloud service to the industrial automation device; and the mobile device is further configured to, in response to the token being requested from the first cloud service for the second cloud service, authenticate the user of the mobile device with the second cloud service (see Vongsouvanh Figs. 5-6); and 
causing sending, by the mobile device, the token and the device information to the second cloud service (see Vongsouvanh Figs. 5-6).

	Claims 15, (canceled)

As to claim 16, A method for a cloud service, the method comprising at least: 
authenticating a user of a remote support application running in a mobile device at a first cloud service to establish a remote support session, wherein the first cloud service is a remote service provided by a first cloud for industrial automation devices (see Vongsouvanh Fig. 5B, ¶¶19, 47, computing device 100 may display, using a web browser or other application (i.e. remote support application running in a mobile device at a first cloud service to establish a remote support session), a login or other authentication screen by which user 132 may enter and submit his or her resource owner credentials to authorization service 122); 
establishing, after successful authentication of the user, a remote support session between the mobile device and the first cloud service (see Vongsouvanh Fig. 5B, ¶¶19, 47, Authorization service 122 authorizes the resource owner credentials and, if the resource owner credentials are valid),; 
receiving, at the first cloud service, in the remote support session, from the mobile device, a request for a token for a second cloud service for an industrial automation device and industrial automation device information of the industrial automation device, wherein the second cloud service is a remote service provided by a second cloud for industrial automation devices (see Vongsouvanh Fig 5B: 518, 520, ¶26, “Authorization request 130 may include an identifier for client device 110, a requested scope for the requested authorization” ¶30, “Authorization service 122 issues a security credential for use by client device 110 after successfully authenticating user 132 and authorizing client device 110”; ¶48, “issues access token 412 (and optionally a refresh token) directly to client device 110 using communication pathway 124 ); 
generating at the first cloud service a token to be used as authentication information in information exchange between the industrial automation device and the second cloud service, the information exchange not involving the mobile device (see Vongsouvanh Figs 5B: 523, 532-536; ¶18, “The authorization service may generate a security credential, such as an access token, that provides an indication of authorization for the user”: ¶¶76-77, “Client device 110 may include access token 402 in a resource request to resource service 120 of remote system 118 (532). Remote system 118 receives the resource request (534). Upon validating access token 402, remote system 118 provides access to client device 110 to the requested resource (536).”); and 
causing sending at least the token to the mobile device (see Vongsouvanh Figs 5B: 524-530,  and ¶76, “Authorization service 122 sends access token 402 to computing device 100 (524), which receives access token 402 (526) and sends access token 402 to client device 110 using short-range wireless communication by communication pathway 126 (528)”).

As to claim 17, a method for a mobile device, the method comprising at least: 
establishing, by a mobile device, a connection to an industrial automation device (see Vongsouvanh ¶24, “causes computing device 100 to engage tag device 114 using communication pathway 126”); 
retrieving, by the mobile device, device information from the industrial automation device (see Vongsouvanh ¶126, “Authorization request 130 may include an identifier for client device 110”); 
running in the mobile device a remote support application (see Vongsouvanh Fig. 5B, ¶¶19, 47, computing device 100 may display, using a web browser or other application (i.e. remote support application running in a mobile device at a first cloud service to establish a remote support session), a login or other authentication screen by which user 132 may enter and submit his or her resource owner credentials to authorization service 122); 
authenticating, by the mobile device, a user of the remote support application with a first cloud service to establish a remote support session, wherein the first cloud service is a remote service provided by a first cloud for industrial automation devices (see Vongsouvanh Fig. 5B, ¶¶19, 47, computing device 100 may display, using a web browser or other application (i.e. remote support application running in a mobile device at a first cloud service to establish a remote support session), a login or other authentication screen by which user 132 may enter and submit his or her resource owner credentials to authorization service 122); 
establishing, after successful authentication of the user, a remote support session between the mobile device and the first cloud service (see Vongsouvanh Fig. 5B, ¶¶19, 47, Authorization service 122 authorizes the resource owner credentials and, if the resource owner credentials are valid); 
prompting, by the mobile device, the user of the mobile device to provide information on a cloud service for which a token for the industrial automation device is to be requested (see Vongsouvanh Fig. 1 and ¶¶27-28, Computing device 100, in response to receiving authorization request 130, may display prompt 104 that provides user 132 of computing device 110 with the option to accept or deny authorization request 130); 
receiving, as the user input, a second cloud service, wherein the second cloud service is a remote service provided by a second cloud for industrial automation devices (see Vongsouvanh ¶27, Prompt 104 may represent an input interface of an application, executing on computing device 100, that is configured to recognize authorization request 130 as a request for authorization to exchange information with a service. The application may be provided by an entity that manufactures client device 110 or software operating on client device 110 (i.e. second cloud service)); 
causing sending in the remote support session the device information of the industrial automation device from the mobile device to the first cloud service with a request for a token for the second cloud device (see Vongsouvanh ¶26, request 130 may include an identifier for client device 110, a requested scope for the requested authorization, local state, and/or a redirection Uniform Resource Identifier (URI) to which authorization service 122 may redirect mobile computing device 100 upon granting access to resource service 120); 
receiving, by the mobile device, from the first cloud service, a token to be used as authentication information in information exchange between the industrial automation device and the second cloud service, the mobile device not being involved in the information exchange (see Vongsouvanh Figs 5B: 524-530,  and ¶76, “Authorization service 122 sends access token 402 to computing device 100 (524), which receives access token 402 (526) and sends access token 402 to client device 110 using short-range wireless communication by communication pathway 126 (528)”.); and 
forwarding, by the mobile device, to the industrial automation device, the token and information on the second cloud service with which to use the token (see Vongsouvanh ¶76, Authorization service 122 sends access token 402 to computing device 100 (524), which receives access token 402 (526) and sends access token 402 to client device 110 using short-range wireless communication by communication pathway 126 (528)) .

As to claim 18, the method of claim 17, further comprising, causing sending, by the mobile device, the token and the device information to the second cloud service (see Vongsouvanh ¶77, Client device 110 may include access token 402 in a resource request to resource service 120 of remote system 118 (532). Remote system 118 receives the resource request (534)) .
As to independent claim 19, this claim directed to a non-transitory computer readable medium comprising one of a first set of program instructions executing the method of claims 1 and 17; therefore it is rejected along similar rationale.
As to independent claim 20, this claim directed to an apparatus executing the method of claims 1 and 17; therefore it is rejected along similar rationale.
As to independent claim 21, this claim directed to a system executing the method of claims 1 and 17; therefore it is rejected along similar rationale.
Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478.  The examiner can normally be reached on Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 5712726798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/NEGA WOLDEMARIAM/Examiner, Art Unit 2433                    

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433