DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This is in response to the amendments filed on 09/21/2021. Claims 1, 6, 8, 15, and 17-20 have been amended. Claims 1-20 are currently pending and have been considered below.

Response to Arguments
Applicant’s arguments, see pages 9-14, filed 09/21/2021, with respect to the rejection of claims 1-20 under 35 U.S.C. 103 have been considered but are moot because the arguments do not apply to the reference being newly cited in the current rejection. 

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably 
Amended claims 1, 8 and 15 each recites “determining … using the event-descriptive information … a major event…” However, this limitation does not appear to be described within the Specification. Applicant asserts that support for the claim amendment can be found, for example, at paragraph 21, 39, and 41 of the Applicant’s specification. In this regard, the specification describes, in part, that 
A “major event,” as used herein, may include any event having an importance level above a usual importance level of IoT communication for the particular IoT device. For example, when a major event associated with IoT device 130 occurs, first ledger 150 and second ledger 190 may store information associated with IoT device 130 and/or information associated with the major event. For example, when the major event associated with IoT device 130 occurs, first ledger 150 and second ledger 190 may store the initial registration information associated with IoT device 130 and may further store information associated with the major event (e.g., the type of event, the time of the event, etc.). 

However, the Examiner does not find any relevant description about the event-descriptive information nor any relevant description that a major event is determined using the event-descriptive information. As such, the Examiner suggests Applicant to point to specific language within the Specification that fully discloses the above noted limitation of claims 1, 8 and 15, otherwise Applicant should amend the claims to recite limitations fully supported within Applicant’s Specification.
Claims 2-7, 9-14, and 16-20 are rejected under 112(a) as being dependent from the rejected claims 1, 8, and 15, respectively. 

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 1, 8 and 15 each recites “a level of importance of the event satisfies a threshold level for classification as a major event.” It is unclear as to what a threshold level for classification exactly is.  In this regard, the specification describes, in part, that 
A “major event,” as used herein, may include any event having an importance level above a usual importance level of IoT communication for the particular IoT device. (See paragraph 21)

However, the claims and specification do not define what the threshold level for classification exactly is, and when an importance level satisfies the threshold level for classification. In this regard, the Examiner does not believe that “a usual importance level” is the same meaning as, or includes a meaning of “a threshold level.”
Claims 2-7, 9-14, and 16-20 are rejected under 112(b) as being dependent from the rejected claims 1, 8, and 15, respectively. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 6-9, 13-16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Smith (US 2019/0044703 A1; hereinafter, “Smith”) in view of Castinado et al. (US2019/0318329 A1; hereinafter, “Castinado”), and further in view of Pulkkis et al. (“Blockchain‐Based Security Solutions for IoT Systems”, Wiley-IEEE Press 2018, Edition: 1, Pages: 255-273; hereinafter “Pulkkis”).

Regarding claim 1:
Smith teaches:
A method (claim 24: a method) comprising:
receiving, at a router (FIG. 1 & para. [0074]: edge resources 110 include end-user devices 112 a,b (e.g., desktops, laptops, mobile devices), Internet-of-Things (IoT) devices 114, and gateways or routers 116), a first indication that an Internet of Things (IoT) device is attempting to access a network associated with the router (para. [0485]: where a device identity transaction is received from a first device. In some embodiments, for example, the device identity transaction may contain and/or indicate a device identity, a digital signature, and/or a public key associated with the first device; para. [0483]: a particular device can register its associated device identity with the device identity blockchain before the device joins one or more distributed computing networks. --- It is noted that a device identity teaches a first indication; a device identity transaction is received from a first device teaches an Internet of Things (IoT) device is attempting to access a network associated with the router); 
determining, by the router (see above), that the IoT device is a trusted device … (para. [0487]: The flowchart then proceeds to block 9106 to determine, based on the computed hash, whether the device identity is already registered in the device identity blockchain; para. [0489]: once the device identity transaction has been added to the blockchain, an error will be returned if other devices subsequently attempt to register the same device identity. --- It is noted that determine whether the device identity is already registered teaches determining that the IoT device is a trusted device, since attempt to register the same device identity could be made by an untrusted device);
storing, by the router (see above), registration information including an identifier associated with the IoT device to a blockchain in response to determining that the IoT device is a trusted device … (para. [0489]: If the answer at block 9106 is NO, the flowchart then proceeds to block 9110, where the device identity transaction is added to the device identity blockchain. In some embodiments, for example, the device identity transaction may be added to a current block of recent transactions associated with the device identity blockchain. --- It is noted that the device identity transaction is added to the device identity blockchain teaches storing registration information including an identifier associated with the IoT device to a blockchain, here the claim does not specify about the registration information, thus the identifier is interpreted as the registration information; and answer is no teaches in response to determining that the IoT device is a trusted device);
receiving, by the router (see above), a second indication that an event has occurred with respect to the IoT device, wherein the second indication includes event-descriptive information associated with the event (para. [0492]: an algorithm blockchain may be used to manage the algorithms used by processing devices of distributed computing network(s) (e.g., algorithms used by IoT devices on IoT network(s), algorithms used by cameras/sensors and/or other processing devices on visual fog network(s), and/or algorithms used by any other type of device for any type of distributed computing network); para. [0496]: where an algorithm registration transaction is received from a particular network (and/or from a device associated with that network). The algorithm registration transaction, for example, may contain an algorithm identifier, a description of an algorithm, and/or a representation of the algorithm (e.g., a machine-readable and/or machine-executable representation of the algorithm); para. [0494]: a first network may submit a new algorithm to the blockchain processing device(s), and the new algorithm may subsequently be added to the algorithm blockchain after the appropriate vetting and/or validation is performed). --- It is noted that an algorithm registration transaction and an algorithm identifier is received from a device teaches receiving a second indication; new algorithms used by processing devices and algorithms used by IoT devices teaches an event has occurred with respect to the IoT device. It is further noted that the claim recites that “an event has occurred with respect to the IoT device”, but does not recite such that an event has occurred to the IoT device itself. Thus, under the broadest reasonable interpretation, the event is interpreted as any event related to the IoT device. Also noted that the claim does not specify about what the event-descriptive information exactly is, thus the event-descriptive information is interpreted as any information associated with an event from the IoT device, that is, for example, an algorithm identifier, a description of an algorithm, and/or a representation of the algorithm (e.g., a machine-readable and/or machine-executable representation of the algorithm) teaches the event-descriptive information, or algorithm itself);
determining, by the router (see above) using the event-descriptive information, … the event satisfies … a major event, wherein the classification is based on a type of the IoT device (para. [0493]: as new algorithms are developed for devices of distributed computing network(s), the algorithms can be submitted to the algorithm blockchain; para. [0492]: an algorithm blockchain may be used to manage the algorithms used by processing devices of distributed computing network(s) (e.g., algorithms used by IoT devices on IoT network(s), algorithms used by cameras/sensors and/or other processing devices on visual fog network(s), and/or algorithms used by any other type of device for any type of distributed computing network). --- It is noted that new algorithms are developed for devices and the device uses the newly developed algorithm teaches a major event in view of the specification; new algorithm teaches the event-descriptive information, here “new” corresponds to descriptive information; algorithms used by any other type of device teaches the classification is based on a type of the IoT device); and
(see above) …, an identity associated with the IoT device (para. [0483]: a particular device can register its associated device identity with the device identity blockchain before the device joins one or more distributed computing networks. In this manner, when the device subsequently attempts to onboard onto particular network(s), the network(s) can query the device identity blockchain to verify that the device is the true owner of its asserted device identity. --- it is noted that verify that the device is the true owner of its asserted device identity teaches verifying an identity associated with the IoT device) by:
... the IoT device includes processing or storage capabilities (para. [0091]: an IoT device may be a smart phone, laptop, tablet, or PC, or other larger device.), and
… the IoT device does not include processing or storage capabilities (para. [0092]: Networks of IoT devices may include commercial and home automation devices, such as water distribution systems, electric power distribution systems, pipeline control systems, plant control systems, light switches. --- it is noted that light switches teaches the IoT device which does not include processing or storage capabilities since generally light switches do not include processing or storage capabilities).
Smith is silent about:
determining … that … a trusted device [is] included on a list of trusted devices associated with the router; … determining … that … a trusted device [is] included on the list of trusted devices;
…
determining … that a level of importance of the event satisfies a threshold level for classification as a major event …; and
… responsive to determining the major event … :
recording of the registration information and the event-descriptive information, to the blockchain if the IoT device includes processing or storage capabilities; and

Castinado teaches:  
determining … that a level of importance of the event satisfies a threshold level for classification as a major event … (para. [0035]: According to embodiments of the invention described herein, various systems, apparatus, methods, and computer program products are herein described for real-time (or near real-time) processing of computing events that are triggered by a threshold level being met by data detected at Internet-of-Things (IoT) devices and, in response to meeting the threshold, communicating an event processing request to a real-time event-mediating channel. ---  it is noted that events that are triggered by a threshold level being met by data detected at Internet-of-Things (IoT) teaches determining that a level of importance of the event satisfies a threshold level for classification as a major event). 
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Smith’s system by enhancing Smith’s system to determine if updating an IoT device by an new or modified algorithm is a major event meeting a threshold level, as taught by Castinado, in order to further process only selected events. 
The motivation is to prevent the system from creating too much network traffic by processing only limited major events instead of processing all events. 
Smith in view of Castinado is silent about: 
determining … that … a trusted device [is] included on a list of trusted devices associated with the router; … determining … that … a trusted device [is] included on the list of trusted devices; 
…
… responsive to determining the major event …:
recording of the registration information and the event-descriptive information, to the blockchain if the IoT device includes processing or storage capabilities; and

Pulkkis teaches: 
determining … that … a trusted device [is] included on a list of trusted devices associated with the router; … determining … that … a trusted device [is] included on the list of trusted devices (page 266: Current standard solutions for access control to network-connected devices are based on access control lists (ACLs). However, it would be impossible to maintain an ACL for each and every IoT device and rely on centralized access control servers when IoT scales to billions of devices and millions of device owners. --- it is noted that access control to network-connected devices are based on access control lists (ACLs) teaches determining that a trusted device [is] included on a list of trusted devices associated with the router).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Smith in view of Castinado’s system by enhancing Smith in view of Castinado’s system to control the access to network-connected devices based on access control lists (ACLs), as taught by Pulkkis, in order to confirm that a network-connected device is a trusted device or not. 
The motivation is to protect the system and sensitive information from accessing by the untrusted devices. In addition, using the access control lists (ACLs) to control the access to network-connected devices are well known technology in this technical field.
Pulkkis further teaches: 
… responsive to determining the major event …:
recording of the registration information and the event-descriptive information, to the blockchain if the IoT device includes processing or storage capabilities (pages 261-262: IoT devices generate enormous amounts of data, which must be stored and processed. Each CRUD (Create, Read, Update, or Delete) operation on IoT data can be registered as a transaction record in a blockchain block. Unauthorized operations on stored IoT data can, therefore, be detected. An identity credential for an IoT device can be registered as a transaction record in a blockchain block when the device is manufactured and retrieved later when the device is being used … The deployment history of an IoT device can be stored as transaction records in a blockchain. Transaction records can be stored in blockchain blocks when the IoT device is produced, delivered to an owner, installed, updated, and delivered to another owner, and so on; page 265: An IoT device identity that is validated using a blockchain has been proposed to be used to create a blockchain based identity log capturing the device ID, its manufacturer, lists of available firmware updates, and known security issues (Manning, 2017); page 260: Each blockchain network node tries to validate the received transaction record with the public key of the initiator of the related transaction. --- it is noted that transaction records can be stored in blockchain blocks when the IoT device is installed, updated, and delivered to another owner, and so on teaches responsive to determining the major event, here for example, updated or delete operation on IoT data corresponds to a major event in view of the specification; each CRUD (Create, Read, Update, or Delete) operation on IoT data and an identity credential for an IoT device are registered as a transaction record in a blockchain block, which teaches recording of the registration information and the event-descriptive information to the blockchain, here an identity credential for an IoT device corresponds to the registration information, and each CRUD (Create, Read, Update, or Delete) operation on IoT data corresponds to the event-descriptive information; the IoT device on which each CRUD (Create, Read, Update, or Delete) operation on IoT data is performed teaches the IoT device including processing or storage capabilities since it is obvious that updating and deleting operation on IoT data can be performed only by an IoT device which includes processing or storage capabilities; Further note that in view of the claim language, the meaning of “verifying” is interpreted as “recording” itself);
recording of the registration information without the event-descriptive information, to the blockchain, if the IoT device does not include processing or storage capabilities (page 268: When an existing IoT device is removed, its ledger is deleted from the local blockchain … A monitor transaction, which can be initiated by a local network owner, retrieves the status of a connected IoT device, such as the current temperature value of a thermostat . --- it is noted that when an existing IoT device is removed teaches responsive to determining the major event; its ledger is deleted from the local blockchain teaches recording of the registration information to the blockchain; here, the claim and the specification do not specify what is a major event for the IoT device which does not include processing or storage capabilities, thus, removing an existing IoT device corresponds to a major event for the IoT device; thermostat corresponds to the IoT device does not include processing or storage capabilities; it is obvious that an IoT device which does not include processing or storage capabilities (e.g., thermostat) cannot produce the event-descriptive information, thus it is obvious that the thermostat cannot provide the event-descriptive information to the blockchain since generally a thermostat does not include processing or storage capabilities).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Smith in view of Castinado’s system by enhancing Smith in view of Castinado’s system to register the algorithm used by an IoT device and an identity credential for the IoT device in a blockchain, as taught by Pulkkis, in order to verify the IoT device using the registered transaction records. 
The motivation is to protect the system and sensitive information from accessing by the untrusted devices by verifying the IoT device using the registered transaction records. 

Regarding claim 2:
Smith in view of Castinado and Pulkkis teaches:
The method of claim 1.
Smith further teaches:
wherein the major event includes one of a firmware update (para. [0494]: a first network may submit a new algorithm to the blockchain processing device(s), and the new algorithm may subsequently be added to the algorithm blockchain after the appropriate vetting and/or validation is performed); para. [0467]: For example, in some embodiments, after the algorithm has been adequately vetted, the first fog network and second fog network may agree to begin using the new algorithm. --- It is noted that submit a new algorithm teaches a firmware update), a digital identification upgrade, a power off/on of the IoT device, a connection to the router turning off/on, or a network configuration or settings change.

Regarding claim 6:  
Smith in view of Castinado and Pulkkis teaches:
The method of claim 1, wherein the storing the identifier associated with the IoT device to the blockchain comprises…
Smith further teaches:
storing the identifier on devices associated with a service provider (para. [0756]: One or more embodiment may include a system, comprising: a plurality of devices capable of communicating over a plurality of networks; and one or more blockchain devices to: receive a device identity transaction from a first device of the plurality of devices, wherein the device identity transaction comprises a device identity; para. [0761]: In one example embodiment of a system, the one or more blockchain devices are further to: receive a second device identity transaction from a second device of the plurality of devices, wherein the second device identity transaction comprises the device identity. --- It is noted that one or more blockchain devices to receive a device identity transaction from a first device of the plurality of devices teaches the identifier associated with the IoT device to the blockchain; and a device identity transaction from a first device and a device identity transaction from a second device teaches the identifier on devices associated with a service provider).

Regarding claim 7:  
Smith in view of Castinado and Pulkkis teaches:
The method of claim 1, wherein storing the identifier associated with the IoT device to the blockchain comprises…
Smith further teaches:
storing the identifier on a plurality of home routers and wherein the router is a home router of the plurality of home routers (para. [0076]: Alternatively, or additionally, certain IoT devices 114 may rely on intermediary components, such as edge gateways or routers 116, to communicate with the various components of system 100; para. [0092]: Networks of IoT devices may include commercial and home automation devices, such as water distribution systems, electric power distribution systems, pipeline control systems, plant control systems, light switches, thermostats, locks, cameras, alarms, motion sensors, and the like. The IoT devices may be accessible through remote computers, servers, and other systems, for example, to control systems or access data).

Regarding claim 8:
Claim 8 recites a system which corresponds to a method of claim 1, and additionally contains “one or more processors.”
However, Smith teaches one or more processors (see claim 1: a processor). Therefore claim 8 is rejected by applying the same rationale used to reject claim 1 above.

Regarding claim 9:
Claim 9 recites the system which corresponds to the method of claim 2, and contains no additional limitations. Therefore claim 9 is rejected by applying the same rationale used to reject claim 2 above.

Regarding claim 13:
Claim 13 recites the system which corresponds to the method of claim 6, and contains no additional limitations. Therefore claim 13 is rejected by applying the same rationale used to reject claim 6 above.

Regarding claim 14:
Claim 14 recites the system which corresponds to the method of claim 7, and contains no additional limitations. Therefore claim 14 is rejected by applying the same rationale used to reject claim 7 above.

Regarding claim 15:
Claim 15 recites a non-statutory computer-readable medium which corresponds to a method of claim 1, and additionally contains “one or more instructions that, when executed by a processor.”
However, Smith teaches one or more instructions that, when executed by a processor (see claim 21: At least one machine accessible storage medium having instructions stored thereon, wherein the instructions, when executed on a machine). Therefore claim 15 is rejected by applying the same rationale used to reject claim 1 above.

Regarding claim 16:


Regarding claim 20:
Claim 20 recites the non-statutory computer-readable medium which corresponds to the method of claim 6, and contains no additional limitations. Therefore claim 20 is rejected by applying the same rationale used to reject claim 6 above.


Claims 3-5, 10-12 and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Smith (US 2019/0044703 A1; hereinafter, “Smith”) in view of Castinado et al. (US2019/0318329 A1; hereinafter, “Castinado”), and further in view of Pulkkis et al. (“Blockchain‐Based Security Solutions for IoT Systems”, Wiley-IEEE Press 2018, Edition: 1, Pages: 255-273; hereinafter “Pulkkis”) and Britt (US 2017/0169640 A1; hereinafter, “Britt”).

Regarding claim 3:  
Smith in view of Castinado and Pulkkis teaches:
The method of claim 1, wherein determining that the IoT device is a trusted device includes…
Smith further teaches:
… determining that a trust signal or communication has been received from a user indicating that the IoT device is a trusted device (para. [0487]: The flowchart then proceeds to block 9106 to determine, based on the computed hash, whether the device identity is already registered in the device identity blockchain; para. [0489]: once the device identity transaction has been added to the blockchain, an error will be returned if other devices subsequently attempt to register the same device identity. --- It is noted that determine whether the device identity is already registered teaches determining that a trust signal or communication has been received).
Smith in view of Castinado and Pulkkis is silent about:
… a trust signal or communication has been received from a user indicating that the IoT device is a trusted device.
Britt, in the same field of endeavor, teaches:
… a trust signal or communication has been received from a user indicating that the IoT device is a trusted device (para. [0113]: the IoT device 101 may initially be provided to the end user with an un-programmed SIM card 1101 seated within a SIM interface 1100 on the IoT device 101. In order to program the SIM with a set of one or more encryption keys, the user takes the programmable SIM card 1101 out of the SIM interface 500 and inserts it into a SIM programming interface 1102 on the IoT hub 110. Programming logic 1125 on the IoT hub then securely programs the SIM card 1101 to register/pair the IoT device 101 with the IoT hub 110 and IoT service 120. … Once the SIM 1101 is programmed, the new IoT device 101 may be provisioned with the IoT Service 120 using the SIM as a secure identifier (e.g., using existing techniques for registering a device using a SIM). Following provisioning, both the IoT hub 110 and the IoT service 120 will securely store a copy of the IoT device's public key to be used when encrypting communication with the IoT device 101. --- It is noted that the user programming logic 1125 on the IoT hub then securely programs the SIM card to register/pair the IoT device 101 with the IoT hub 110 and IoT service 120 teaches a trust signal or communication has been received from a user indicating that the IoT device is a trusted device).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Smith in view of Castinado and Pulkkis’s system by enhancing Smith in view of Castinado and Pulkkis’s system to determine if a user registered and paired the IoT device, as taught by Britt, to allow only registered and paired IoT device to be provisioned with the IoT Service. 


Regarding claim 4:  
Smith in view of Castinado, Pulkkis and Britt teaches:
The method of claim 3.
Smith further teaches:
… wherein determining that the trust signal or communication has been received … (para. [0487]: The flowchart then proceeds to block 9106 to determine, based on the computed hash, whether the device identity is already registered in the device identity blockchain; para. [0489]: once the device identity transaction has been added to the blockchain, an error will be returned if other devices subsequently attempt to register the same device identity. --- It is noted that determine whether the device identity is already registered teaches determining that a trust signal or communication has been received).
Smith in view of Castinado and Pulkkis is silent about:
wherein the user includes an administrator associated with the router and wherein … the trust signal or communication has been received includes receiving the indication that the IoT device is a trusted device from the administrator via an application executing on a user device.
Britt further teaches:
wherein the user includes an administrator associated with the router (para. [0113]: In order to program the SIM with a set of one or more encryption keys, the user takes the programmable SIM card 1101 out of the SIM interface 500 and inserts it into a SIM programming interface 1102 on the IoT hub 110. --- It is noted that the user who programs the SIM teaches an administrator) and wherein … the trust signal or communication has been received includes receiving the indication that the IoT device is a trusted device from the administrator via an application executing on a user device (para. [0113]: the IoT device 101 may initially be provided to the end user with an un-programmed SIM card 1101 seated within a SIM interface 1100 on the IoT device 101. In order to program the SIM with a set of one or more encryption keys, the user takes the programmable SIM card 1101 out of the SIM interface 500 and inserts it into a SIM programming interface 1102 on the IoT hub 110. Programming logic 1125 on the IoT hub then securely programs the SIM card 1101 to register/pair the IoT device 101 with the IoT hub 110 and IoT service 120. … Once the SIM 1101 is programmed, the new IoT device 101 may be provisioned with the IoT Service 120 using the SIM as a secure identifier (e.g., using existing techniques for registering a device using a SIM). Following provisioning, both the IoT hub 110 and the IoT service 120 will securely store a copy of the IoT device's public key to be used when encrypting communication with the IoT device 101. --- It is noted that the user programming logic 1125 on the IoT hub then securely programs the SIM card to register/pair the IoT device 101 with the IoT hub 110 and IoT service 120 teaches a trust signal or communication has been received from a user indicating that the IoT device is a trusted device; and it is inherent that the communication between the IoT device 101 and the IoT hub 110 teaches via an application executing on IoT hub 110 and the client device 611).
The motivation for claim 3 is applicable for claim 4.

Regarding claim 5:  
Smith in view of Castinado, Pulkkis and Britt teaches:
The method of claim 3.
Smith further teaches:
wherein storing the identifier associated with the IoT device to a blockchain includes storing a record to the blockchain (para. [0489]: If the answer at block 9106 is NO, the flowchart then proceeds to block 9110, where the device identity transaction is added to the device identity blockchain. In some embodiments, for example, the device identity transaction may be added to a current block of recent transactions associated with the device identity blockchain. --- It is noted that the device identity transaction is added to the device identity blockchain teaches storing an identifier associated with the IoT device to a blockchain; and the device identity transaction teaches a record), wherein the record includes the identifier associated with the IoT device and a time stamp … (para. [0489]: If the answer at block 9106 is NO, the flowchart then proceeds to block 9110, where the device identity transaction is added to the device identity blockchain. In some embodiments, for example, the device identity transaction may be added to a current block of recent transactions associated with the device identity blockchain; para. [0443]: A blockchain, for example, may be a dynamic list of records or blocks that are linked and/or secured using cryptographic approaches. In some embodiments, for example, each block in a blockchain may include a hash pointer linking to a previous block, a timestamp, transaction data, and so forth. Accordingly, in some embodiments, a blockchain can be used as a distributed ledger for recording transactions in an efficient, verifiable, and/or permanent manner. --- It is noted that the device identity transaction teaches the identifier; and each block in a blockchain may include a timestamp teaches in response to determining that the IoT device is a trusted device).
Smith in view of Castinado and Pulkkis is silent about:
… wherein the record includes … a time stamp indicating when the trust signal was received.
Britt teaches:
… wherein the record includes … a time stamp indicating when the trust signal was received(FIG. 16A-B & para. [0147]: … one embodiment of the invention performs the following operations to provide additional layers of authentication and security between the IoT service 120 and IoT device 101: … C. The IoT device then generates a message containing the following: 1. IoT device's unique ID, IoT device serial number, Timestamp. --- It is noted that IoT device's unique ID teaches the identifier; an timestamp teaches a time stamp; a message is generated to provide additional layers of authentication and security teaches a time stamp indicating when the trust signal was received).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Smith in view of Castinado and Pulkkis’s system by enhancing Smith in view of Castinado and Pulkkis’s system to store IoT device's unique ID and Timestamp, as taught by Britt, to use the IoT device's unique ID and Timestamp when verifying the device. 
The motivation is to protect the transmission of IoT device identification data and commands by communicating with only the register/pair IoT device by verifying the device using the IoT device's unique ID and Timestamp.

Regarding claim 10:
Claim 10 recites the system which corresponds to the method of claim 3, and contains no additional limitations. Therefore claim 10 is rejected by applying the same rationale used to reject claim 3 above.

Regarding claim 11:
Claim 11 recites the system which corresponds to the method of claim 4, and contains no additional limitations. Therefore claim 11 is rejected by applying the same rationale used to reject claim 4 above.

Regarding claim 12:
Claim 12 recites the system which corresponds to the method of claim 5, and contains no additional limitations. Therefore claim 12 is rejected by applying the same rationale used to reject claim 5 above.

Regarding claim 17:
Claim 17 recites the non-statutory computer-readable medium which corresponds to the method of claim 3, and contains no additional limitations. Therefore claim 17 is rejected by applying the same rationale used to reject claim 3 above.

Regarding claim 18:
Claim 18 recites the non-statutory computer-readable medium which corresponds to the method of claim 4, and contains no additional limitations. Therefore claim 18 is rejected by applying the same rationale used to reject claim 4 above.

Regarding claim 19:
Claim 19 recites the non-statutory computer-readable medium which corresponds to the method of claim 5, and contains no additional limitations. Therefore claim 19 is rejected by applying the same rationale used to reject claim 5 above.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Chan et al. (US2017/0046526 A1) discloses an apparatus and method configured to determine that the detected event corresponds to at least one triggering event, and in response to the determination, obtain data identifying one or more rules. 


Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WANSIK YOU whose telephone number is (571)270-3360.  The examiner can normally be reached on 7:30-5:30 M-Th.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR PATEL can be reached on (571)-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-

/W.Y./Examiner, Art Unit 2491                                                                                                                                                                                                        




/ASHOKKUMAR B PATEL/            Supervisory Patent Examiner, Art Unit 2491