DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This is a reply to the request for Continued Examination (RCE) filed on 09/29/2021, in which Claim(s) 1-20 are presented for examination. Claim(s) 1, 6-7, 10-16 and 18-20 are amended. No claim(s) are cancelled or newly added.

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 09/29/2021 has been entered.

Response to Argument
Claim Rejections - 35 U.S.C. § 102 and 35 U.S.C. § 103:
Applicant’s arguments with respect to the rejection of claim(s) 1-20 have been considered but are moot in view of the new ground(s) of rejection.
Applicant is encouraged to schedule an interview with the Examiner prior to the next communication to compact prosecution of the case.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-10, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Kane-Parry et al. (US 9,838,384 B1) in view of Smith et al. (US 2020/0186998 A1) .
Regarding Claim 1, Kane-Parry discloses A system for monitoring the security of networked device attempting to connect with an associated service provider computer device separate and distinct from the networked device, comprising: 
a network doppelganger (ND) computer device comprising at least one processor in communication with at least one memory device (col 1 lines 47-49, & Fig. 4, “a password fraud detection module” as the network doppelganger with memory 418 and processor 420, col 5 lines 59-62, “The password fraud detection module may be implemented as hardware, software, or a combination of software and hardware to perform the functions described”), 
wherein the at least one memory device stores a plurality of instructions, which when executed by the at least one processor cause the at least one processor to (col 1 lines 47-49, & Fig. 4, “a password fraud detection module” as the network doppelganger with memory 418 and processor 420, col 5 lines 59-62, “The password fraud detection module may be implemented as hardware, software, or a combination of software and hardware to perform the functions described”): 
store a plurality of policies associated with the service provider computer device (Fig. 5 shows the password fraud detection module may include Authentication Module, col 21 lines 2-9, “The authentication information management feature may access one or more policies”, col 22 lines 40-52, “the authentication information management module may maintain one or more authentication generation security protocols in data store…configured for maintaining policies”); 
receive a first communication from the networked device addressed to the service provider computer device (col 6 lines 15-16, “receive (a communication of) the request to set the password 110 via a network 112”); 
analyze the first communication in view of the plurality of policies to determine whether the first communication is approved (col 20 lines 61-66, “The authentication information management applications 700 and 702 may have different policies to apply when determining similarity or overlap between the sets of authentication information” to determine if the communication is approved); 
if the first communication is approved, route the first communication to the service provider computer device (col 21 lines 9-13, “no action is taken (with the client device) if, for example, authentication information management application 702 identifies no similarities between the passwords maintained on behalf of user 710 and the passwords included in compromised password information 714”, i.e. the request (communication, the password) is approved and route to (inform) the service provider device); 
Kane-Parry does not explicitly teach but Smith teaches the networked device is at least one Internet of Things (IoT) device ([0085], “a number of Internet of Things (IoT) devices”).
wherein the ND computer device is (i) in communication with the at least one IoT device and the service provider computer device ([0056], “device 2 512 and device 3 513 involve different frameworks, but the same physical device; thus, these devices are denoted as doppelgangers”, [0058], “The physical device corresponding to PID1 (providing logical Device 2 and Device 3) is established in a device directory 540 identify doppelganger devices using a common PID”, i.e. the doppelganger is providing an interface between the framework IoT devices and the service provider as in [0059], “introduces the device directory 540 ( service provider) to each Framework-A device and similarly for Framework-B onboarding for Framework-B devices.”).
Kane-Parry and Smith are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smith with the disclosure of Kane-Parry. The motivation/suggestion would have been to securely identify and provision a second device (Smith, Abstract).
The combined teaching of Kane-Parry and Smith does not explicitly teach but Irwan teaches 
wherein the ND computer device is (ii) separate and distinct from the at least one IoT device and the service provider computer device, and (iii) configured to provide an intervening physical midbox between the at least one IoT device and the service provider computer device preventing direct communication between the at least one IoT device and the service provider computer device (see Fig. 2 the security gateway 170 is separate and distinct from the client device 161 and the enterprise device 180, [0097], “the security gateway 170 acts as an intermediary (i.e. an intervening physical midbox to prevent direct communication) between the client device 161 and the enterprise device 180”, [0003], “internet of things (IoT) devices”), and
monitor additional communications from the at least one IoT device addressed to the service provider computer device for malicious activity ([0097], “Since the security gateway 170 acts as an intermediary between the client device 161 and the enterprise device 180, the security gateway 170 may monitor all devices and all transactions mediated by security gateway 17”, [0052], “monitoring the status of all client and enterprise devices, detecting security breaches, and flagging suspicious activities.”).
Kane-Parry, Smith and Irwan are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Irwan with the combined teaching of Kane-Parry and Smith. The motivation/suggestion would have been to improve the resistance of networked IoT devices to attacks, unauthorized or malicious use, or malware (Irwan, [0001]).

Regarding Claim 2, the combined teaching of Kane-Parry, Smith and Irwan teaches if the first communication is not approved, modify the first communication to comply with the plurality of policies; and route the modified first communication to the service provider computer device (Kane-Parry, Col 21 Lines 2-9, “The authentication information management feature may access one or more policies determining the similarity thresholds.”, “in response to identifying or determining similarity between the sets of authentication information, the authentication information management application may generate a recommendation such as an update password recommendation to provide to user”, i.e. to update (modify) the password communication”).

Regarding Claim 3, the combined teaching of Kane-Parry, Smith and Irwan teaches discard the first communication if the first communication is not approved (Kane-Parry, Col 21 Lines 2-9, “The authentication information management feature may access one or more policies determining the similarity thresholds.”, “in response to identifying or determining similarity between the sets of authentication information, the authentication information management application may generate a recommendation such as an update password recommendation to provide to user”, i.e. to update (modify) the password communication, therefore discard the original communication”).

Regarding Claim 4, the combined teaching of Kane-Parry, Smith and Irwan teaches wherein the ND computer device is further in operable communication with a network operator computer device and wherein the network operator computer device is configured to route the first communication between the service provider computer device and the ND computer device (Kane-Parry, Col 4 Line 65 – Col 5 Line 8, “an authentication information clearinghouse service that implements an authentication information clearinghouse feature may manage compromised authentication information for one or more accounts on behalf of a user, share and receive other authentication information maintained by peer members of a compromised authentication information clearinghouse, and update the authentication information for the one or more accounts based on the authentication information that is shared and received by the password fraud detection service”).

Regarding Claim 5, the combined teaching of Kane-Parry, Smith and Irwan teaches store a second plurality of policies associated with the network operator computer device; and analyze the first communication in view of both the plurality of policies associated with the service provider computer device and the network operator computer device (Kane-Parry, col 4 line 65 – col 5 line 8, “an authentication information clearinghouse service that implements an authentication information clearinghouse feature may manage compromised authentication information for one or more accounts on behalf of a user, share and receive other authentication information maintained by peer members of a compromised authentication information clearinghouse, and update the authentication information for the one or more accounts password fraud detection service”, col 21 lines 2-9, “The authentication information management feature may access one or more policies”).

Regarding Claim 6, the combined teaching of Kane-Parry, Smith and Irwan teaches 
receive a second communication from the service provider computer device addressed to the at least one IoT device (Kane-Parry, col 6 lines 15-16, “receive the (second) request to set the password 110 via a network 112”, Smith, [0085], “a number of Internet of Things (IoT) devices”); 
analyze the second communication in view of both the plurality of policies associated with the service provider computer device and the network operator computer device (Kane-Parry, Kane-Parry, col 4 line 65-col 5 line 8, “an authentication information clearinghouse service that implements an authentication information clearinghouse feature may manage compromised authentication information for one or more accounts on behalf of a user, share and receive other authentication information maintained by peer members of a compromised authentication information clearinghouse, and update the authentication information for the one or more accounts based on the authentication information that is shared and received by the password fraud detection service”, col 21 lines 2-9, “The authentication information management feature may access one or more policies”);
if the second communication is approved, route the second communication to the service provider computer device (Kane-Parry, col 21 lines and 
if the second communication is not approved, the instructions further cause the at least one processor to: modify the second communication to comply with both the plurality of policies associated with the service provider computer device and the network operator computer device; and route the modified second communication to the at least one IoT device (Kane-Parry, col 21 lines 2-9, “The authentication information management feature may access one or more policies determining the similarity thresholds.”, “in response to identifying or determining similarity between the sets of authentication information, the authentication information management application may generate a recommendation such as an update password recommendation to provide to user”, i.e. to update (modify) the password communication, Smith, [0085], “a number of Internet of Things (IoT) devices”).  

Regarding Claim 7, the combined teaching of Kane-Parry, Smith and Irwan teaches 
receive password information from the at least one IoT device (Kane-Parry, col 6 lines 15-16, “receive the request to set the password 110 via a network 112”, Smith, [0085], “a number of Internet of Things (IoT) devices”); 
analyze the password information to determine a security level of the password information (Kane-Parry, col 20 lines 61-66, “The authentication information thresholds”, i.e. a security level); and 
if the security level of the password information is below a required security threshold, transmit update information to a user associated with the at least one IoT device (Kane-Parry, col 21 lines 2-9, “The authentication information management feature may access one or more policies determining the similarity thresholds.”, “in response to identifying or determining similarity between the sets of authentication information (i.e. the security level below the security threshold), the authentication information management application may generate a recommendation such as an update password recommendation to provide to user”, Smith, [0085], “a number of Internet of Things (IoT) devices”).

Regarding Claim 8, the combined teaching of Kane-Parry, Smith and Irwan teaches wherein the transmitted update information includes guidelines for password security to the user (Kane-Parry, col 21 lines 6-9, “generate a recommendation such as an update password recommendation (i.e. guidelines for password security) to provide to user”).

Regarding Claim 9, the combined teaching of Kane-Parry, Smith and Irwan teaches wherein the guidelines for password security are based on the plurality of policies (Kane-Parry, col 21 lines 6-9, “a recommendation such as an update password 

Regarding Claim 10, the combined teaching of Kane-Parry, Smith and Irwan teaches transmit the update information to at least one of the at least one IoT device and the service provider computer device (Kane-Parry, col 21 lines 6-9, “generate a recommendation such as an update password recommendation (i.e. the instruction) to provide to user”, Smith, [0085], “a number of Internet of Things (IoT) devices”).  

Regarding Claim 16, the combined teaching of Kane-Parry, Smith and Irwan teaches wherein the ND computer device is further in operable communication with a tap computer device, and wherein the ND computer device transmits to the tap computer device one or more communications received from and transmitted to the at least one IoT device (Kane-Parry, col 4 line 65 – col 5 line 8, “an authentication information clearinghouse service that implements an authentication information clearinghouse feature may manage compromised authentication information for one or more accounts on behalf of a user, share and receive other authentication information maintained by peer members of a compromised authentication information clearinghouse, and update the authentication information for the one or more accounts based on the authentication information that is shared and received by the password fraud detection service”, Smith, [0085], “a number of Internet of Things (IoT) devices”).

Claims 11-15, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kane-Parry et al. (US 9,838,384 B1) in view of Smith et al. (US 2020/0186998 A1) further in view of Irwan et al. (US 2019/0245856 A1) and further in view of Lopes et al. (US 2017/0086241 A1).
Regarding Claim 11, the combined teaching of Kane-Parry, Smith and Irwan teaches the plurality of policies (Kane-Parry, col 21 lines 2-9, “one or more policies”);
The combined teaching of Kane-Parry, Smith and Irwan does not explicitly teach but Lopes teaches request and receive security information from the at least one IoT device ([0013], “the Internet of moving things”, [0180], “update information for updating software, firmware”); and analyze the security information ([0180], “update information for updating software, firmware”, “may include digital information representing a configuration of a network comprising one or more network entities, software, firmware, and/or the arrangement of the network entities with respect to one another”).
Kane-Parry, Smith, Irwan and Lopes are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention such that based, at least in part, on the plurality of policies (as taught by the combined teaching of Kane-Parry, Smith and Irwan), analyze the security information (as taught by Lopes). The motivation/suggestion would have been to provide an extra level of security for more devices.

Regarding Claim 12, the combined teaching of Kane-Parry, Smith, Irwan and Lopes teaches wherein the security information includes software and hardware information, and wherein the instructions further cause the at least one processor to determine that a software update is necessary for the at least one IoT device (Lopes, [0013], “the Internet of moving things”, [0180], “update information for updating software, firmware”, “may include digital information representing a configuration of a network comprising one or more network entities, software, firmware, and/or the arrangement of the network entities with respect to one another”).

Regarding Claim 13, the combined teaching of Kane-Parry, Smith, Irwan and Lopes teaches transmit an instruction to the at least one IoT device to install the software update (Lopes, [0050], “implementation of software updates”, [0219], “proceed to install their portion without waiting for the installation and proper configuration of the remaining elements”).

Regarding Claim 14, the combined teaching of Kane-Parry, Smith, Irwan and Lopes teaches transmit the software update to the at least one IoT device (Lopes, [0229], “allows network units to download updates (e.g., software, firmware)”).


Regarding Claim 15, the combined teaching of Kane-Parry, Smith, Irwan and Lopes teaches control the at least one IoT device to install the software update (Lopes, [0050], “implementation of software updates”, [0219], “proceed to install their portion without waiting for the installation and proper configuration of the remaining 

Regarding Claim 17, the combined teaching of Kane-Parry, Smith and Irwan does not explicitly teach but Lopes teaches wherein the transmitted update information includes one or more of a message, a data packet, streaming data, and a request for instructions (Lopes, [0180], “such update information for updating software, firmware, and/or data/configuration information may be referred herein to simply as a software update, an "update," or "update file," and may include digital information representing a configuration of a network comprising one or more network entities, software, firmware, and/or the arrangement of the network entities with respect to one another”).
Kane-Parry, Smith, Irwan and Lopes are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention such that based, at least in part, on the plurality of policies (as taught by the combined teaching of Kane-Parry, Smith and Irwan), analyze the security information (as taught by Lopes). The motivation/suggestion would have been to provide an extra level of security for more devices.

Regarding Claim 18, the combined teaching of Kane-Parry, Smith and Irwan does not explicitly teach but Lopes teaches wherein the transmitted update information is configured to cause the at least one IoT device to install a software update (Lopes, [0050], “implementation of software updates”, [0229], “allows network to download updates (e.g., software, firmware)”, [0228], “use of an update mechanism such as the one presented herein allows for new features to be installed in already deployed network units, providing higher levels of security”).
Kane-Parry, Smith, Irwan and Lopes are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention such that based, at least in part, on the plurality of policies (as taught by the combined teaching of Kane-Parry, Smith and Irwan), analyze the security information (as taught by Lopes). The motivation/suggestion would have been to provide an extra level of security for more devices.


Regarding Claim 19, the combined teaching of Kane-Parry, Smith and Irwan does not explicitly teach but Lopes teaches wherein the transmitted update information includes at least one of a patch and a software update for the at least one IoT device (Lopes, [0050], “implementation of software updates”, [0229], “allows network units to download updates (e.g., software, firmware)”).
Kane-Parry, Smith, Irwan and Lopes are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention such that based, at least in part, on the plurality of policies (as taught by the combined teaching of Kane-Parry, Smith and Irwan), analyze the security information (as taught by Lopes). The motivation/suggestion would have been to provide an extra level of security for more devices.

Regarding Claim 20, the combined teaching of Kane-Parry, Smith and Irwan teaches wherein the at least one IoT device includes a first IoT device and a second IoT device separate and different from the first IoT device (Smith, [0085], “a number of (different) Internet of Things (IoT) devices”); the ND computer device (Smith, [0056], “these devices are denoted as doppelgangers”).
The combined teaching of Kane-Parry, Smith and Irwan does not explicitly teach but Lopes teaches
wherein the device is further configured to (i) simultaneously monitor the first and second IoT devices ([0013], “the Internet of moving things”, [0049], “monitor and/or control components of the network”); and 
 (ii) determine a different security level for the first IoT device than for the second IoT device. ([0228], “use of an update mechanism such as the one presented herein allows for new features to be installed in already deployed network units, providing higher levels of security” for first IoT device than the second IoT device).
Kane-Parry, Smith, Irwan and Lopes are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention such that based, at least in part, on the plurality of policies (as taught by the combined teaching of Kane-Parry, Smith and Irwan), analyze the security information (as taught by Lopes). The motivation/suggestion would have been to provide an extra level of security for more devices.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497