DETAILED ACTION
This Action is in consideration of the Applicant’s response on December 16, 2021.  Claims 6, 8, and 12 are cancelled by the Applicant.  Claims 1, 4, 9, and 14 are amended.  Claims 22 – 25 are added.  Claims 1 – 5, 7, 9 – 11, and 13 – 25, where Claims 1, 9, 14, and 22 – 25 are in independent form, are presented for examination.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
	Applicant's arguments filed December 16, 2021 have been fully considered but they are moot based on the new grounds of rejection as stated below.
Specifically, Applicant’s arguments with respect to Claim(s) 1, 9, and 14 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1, 5, 9 – 11, 13, and 22 – 25 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by PGPub. 2018/0213370 (hereinafter “Plüss”).
Claim 1, Plüss discloses a method of communicating between an Internet of Things device and a remote computer system [Figs. 4 and 5; Abstract], the method comprising:
transmitting via a close range communication circuit an upload data message for the remote computer system from the Internet of Things device to a mobile communication device, within the close range of the Internet of Things device, for forwarding to the remote computer system via a mobile radio communication network [Fig. 4; Para. 0046, 0052-54; direct wireless link between terminal device (IoT device) and mobile communication device used to send messages to message processing system (remote computer system)], the upload data message including a unique identifier of the Internet of Things device and an identifier of a back-end system associated with the remote computer system [Fig. 3; Para. 0052; terminal report message comprises message identifier which includes the electronic terminal device identifier and the back-end system identifier];
receiving in the remote computer system the upload data message from the Internet of Things device, as forwarded by the mobile communication device via the mobile radio communication network [Fig. 4; Para. 0055-57];
storing in the remote computer system an address of the mobile communication device, as a communication relay address, linked to the unique identifier of the Internet of Things device [Fig. 4; Para. 0059; for relaying purposes, message center stores the forwarding message or at least the message identifier, including the sequence number and electronic terminal device identifier with the address of the mobile communication device];

receiving in the Internet of Things device the download data message from the remote computer system, as forwarded by the mobile communication device via the close range communication circuit [Fig. 5; Para. 0068-69].
2.	Regarding Claim 5, Plüss discloses the limitations of Claim 1 above.  Plüss, further discloses of:
receiving in the remote computer system, with the upload data message from the Internet of Things device, customization information included by the mobile communication device [Fig. 4; Para. 0058-59; message center receives message from terminal device via mobile communication device, which includes the sequence number];
storing in the remote computer system the customization information linked to the unique identifier of the Internet of Things device [Fig. 4; Para. 0058-59; message center stores the message, including the sequence number and terminal device identifier for matching and relaying response messages];
transmitting the customization information with the download data message from the remote computer system to the communication relay address linked to the unique identifier of the Internet of Things device, for forwarding to the Internet of Things device [Fig. 5; Para. 0062-64; back-end response message includes the sequence number received in the previous message]; and

3.	Regarding Claim 9, Plüss discloses a computer system for communicating with an Internet of Things device [Fig. 1; Para. 0036; message processing center (computer system)], the computer system comprising:
a communication module configured to exchange data with a mobile communication device via a mobile radio communication network [Figs. 4 and 5; Para. 0057; message center receives forwarding message via telecommunications network from the mobile communication device]; 
a processor [Para. 0058-59; message center comprises processor] configured to: 
extract from an upload data message from the Internet of Things device, as received by the mobile communication device from the Internet of Things device via a close range communication circuit and forwarded by the mobile communication device via the mobile radio communication network to the computer system, a unique identifier of the Internet of Things device [Fig. 4; Para. 0053, 0057-58], 
to store in the remote computer system an address of the mobile communication device, as a communication relay address, linked to the unique identifier of the Internet of Things device [Fig. 4; Para. 0059; for relaying 
to transmit via the mobile radio communication network a download data message for the Internet of Things device to the communication relay address linked to the unique identifier of the Internet of Things device, for forwarding by the mobile communication device via the close range communication circuit to the Internet of Things device [Fig. 5; Para. 0059, 0062, 0064-65; response message for electronic terminal device forwarded to mobile communication device based on saved message identifier by message center], 
wherein the processor is further configured:
to extract from the upload data message an identifier of a back-end system, included in the Internet of Things device [Fig. 4; Para. 0058-59; extracting back-end system identifier to determine back-end system assigned to the electronic terminal device]; and
to forward at least a part of the upload data message to a computer system defined by the identifier of the back-end system, the part including the unique identifier of the Internet of Things device [Fig. 4; Para. 0058-59; transmit message content to identified back-end system extracted; the message content includes message identifier comprising the electronic terminal device identifier].
4.	Regarding Claim 10, Plüss discloses the limitations of Claim 9.  Plüss further discloses that the processor is further configured to: 

verify the unique identifier by decrypting the verification message included in the upload data message, using a cryptographic key stored securely in the remote computer system [Fig 4, Para. 0054, 0061; decrypts the content data and stores it in the back-end system assigned to the electronic terminal device identifier].
5.	Regarding Claim 11, Plüss discloses the limitations of Claim 9.  Plüss further discloses that the processor is further configured to: 
receive, with the upload data message from the Internet of Things device, customization information included by the mobile communication device [Fig. 4; Para. 0058-59; message center receives message from terminal device via mobile communication device, which includes the sequence number]; 
store the customization information in the remote computer system linked to the unique identifier of the Internet of Things device [Fig. 4; Para. 0058-59; message center stores the message, including the sequence number and terminal device identifier for matching and relaying response messages]; and 
transmit the customization information with the download data message to the communication relay address linked to the unique identifier of the Internet of Things 
6.	Regarding Claim 13, Plüss discloses the limitations of Claim 9.  Plüss further discloses that the processor is further configured to:
receive from a back-end system an instruction for the Internet of Things device [Fig. 5; Para. 0062, 0069; content data may include software updates and/or configuration parameter for the electronic terminal device]; and
forward the instruction from the back-end system in the download data message to the communication relay address linked to the unique identifier of the Internet of Things device, for forwarding to the Internet of Things device [Fig. 5; Para. 0064-68],
wherein the instruction comprises at least one of: a reset instruction, a firmware update instruction, or an access rights update instruction [Fig. 5; Para. 0038-39, 0062, 0069; content data may include software updates and/or configuration parameters for the electronic terminal device].
7.	Regarding Claim 22, Plüss discloses a method of communicating between an Internet of Things device and a remote computer system [Figs. 4 and 5], the method comprising:
transmitting via a close range communication circuit an upload data message for the remote computer system from the Internet of Things device to a mobile communication device, within the close range of the Internet of Things device, for forwarding to the remote computer system via a mobile radio communication network, the upload data message including a unique identifier of the Internet of Things device [Fig. 4; Para. 0041, 0047, 0052; terminal report message sent from electronic terminal 
receiving in the remote computer system the upload data message from the Internet of Things device, as forwarded by the mobile communication device via the mobile radio communication network [Fig. 4; Para. 0052, 0054, 0057];
storing in the remote computer system an address of the mobile communication device, as a communication relay address, linked to the unique identifier of the Internet of Things device [Fig. 4; Para. 0059, 0065; message center stores the forwarding message (includes electronic terminal device identifier) assigned to an address of the mobile communication device];
transmitting via the mobile radio communication network a download data message for the Internet of Things device from the remote computer system to the communication relay address linked to the unique identifier of the Internet of Things device, for forwarding to the Internet of Things device [Fig. 5; Para. 0061-64]; and
receiving in the Internet of Things device the download data message from the re- mote computer system, as forwarded by the mobile communication device via the close range communication circuit [Fig. 5; Para. 0066-68], wherein the download data message includes a version indicator [Para. 0062, 0069; back-end response message comprises a sequence number and timestamp (either or both can be version indicator)], the method further comprising discarding in the Internet of Things device the download data message from the remote computer system, as forwarded by the mobile communication device, if the version indicator included in the download data message 
8.	Regarding Claim 23, Plüss discloses a method of communicating between an Internet of Things device and a remote computer system [Figs 4 and 5], the method comprising:
transmitting via a close range communication circuit an upload data message for the remote computer system from the Internet of Things device to a mobile communication device, within the close range of the Internet of Things device, for forwarding to the remote computer system via a mobile radio communication network, the upload data message including a unique identifier of the Internet of Things device [Fig. 4; Para. 0041, 0047, 0052; terminal report message sent from electronic terminal device (IoT device) to mobile communication device via direct wireless link for forwarding to message processing system; message identifier comprises electronic terminal device identifier];
receiving in the remote computer system the upload data message from the Internet of Things device, as forwarded by the mobile communication device via the mobile radio communication network [Fig. 4; Para. 0052, 0054, 0057];

transmitting via the mobile radio communication network a download data message for the Internet of Things device from the remote computer system to the communication relay address linked to the unique identifier of the Internet of Things device, for forwarding to the Internet of Things device, wherein the download data message comprises an instruction from a back-end system for the Internet of Things device [Fig. 5; Para. 0061-64]; 
receiving in the Internet of Things device the download data message from the remote computer system, as forwarded by the mobile communication device via the close range communication circuit [Fig. 5; Para. 0067-68], 
extracting, by the Internet of Things device, the instruction from the download data message, as forwarded by the mobile communication device [Fig. 5; Para. 0069]; and 
executing the instruction in the Internet of Things device, wherein the instruction comprising at least one of: a reset instruction, a firmware update instruction [Fig. 5; Para. 0062, 0069; installation of software updates and/or configuration parameters], or an access rights update instruction including access rights and/or access right time data.
Claim 24, Plüss discloses a method of communicating between an Internet of Things device and a remote computer system [Figs. 4 and 5], the method comprising: 
storing in the Internet of Things device an identifier of a partner back-end system [Fig. 4; Para. 0054; terminal device can encrypt message content part using encryption algorithm that requires for its decryption a secret of the back-end system assigned to the terminal device (algorithm and/or key mapped to back-end system)]; 
generating in the Internet of Things device an upload data message for the partner back-end system [Fig. 4; Para. 0052, 0054; terminal device generates terminal report message];
transmitting via a close range communication circuit the upload data message from the Internet of Things device to a mobile communication device, within the close range of the Internet of Things device, for forwarding to the remote computer system via a mobile radio communication network, the upload data message including a unique identifier of the Internet of Things device [Fig. 4; Para. 0041, 0047, 0052; terminal report message sent from electronic terminal device (IoT device) to mobile communication device via direct wireless link for forwarding to message processing system; message identifier comprises electronic terminal device identifier];
receiving in the remote computer system the upload data message from the Internet of Things device, as forwarded by the mobile communication device via the mobile radio communication network [Fig. 4; Para. 0052, 0054, 0057];
storing in the remote computer system an address of the mobile communication device, as a communication relay address, linked to the unique identifier of the Internet 
transmitting the upload data message from the remote computer system to the partner back-end system defined by the identifier of the partner back-end system [Fig. 4; Para. 0059; message center transmits the message content to the identified back-end system];
transmitting a download data message from the partner back-end system to the remote computer system for transmission to the Internet of Things device identified by its unique identifier [Fig. 5; Para. 0062; generating back-end response message for terminal device];
transmitting via the mobile radio communication network the download data message for the Internet of Things device from the remote computer system to the communication relay address linked to the unique identifier of the Internet of Things device, for forwarding to the Internet of Things device [Fig. 5; Para. 0061-64]; and 
receiving in the Internet of Things device the download data message from the remote computer system, as forwarded by the mobile communication device via the close range communication circuit [Fig. 5; Para. 0066-68].
10.	Regarding Claim 25, Plüss discloses a method of communicating between an Internet of Things device and a remote computer system [Figs. 4 and 5], the method comprising:
storing in the Internet of Things device an identifier of a partner back-end system [Fig. 4; Para. 0054; terminal device can encrypt message content part using encryption algorithm that requires for its decryption a secret of the back-end system assigned to the terminal device (algorithm and/or key mapped to back-end system)];
generating in the Internet of Things device a registration request, the registration request including the identifier of the partner back-end system [Figs. 3 and 4; Para. 0052, 0054; terminal device generates terminal report message, which comprises back-end system identifier];
transmitting via a close range communication circuit the registration request in an upload data message for the remote computer system from the Internet of Things device to a mobile communication device, within the close range of the Internet of Things device, for forwarding to the remote computer system via a mobile radio communication network, the upload data message including a unique identifier of the Internet of Things device [Fig. 4; Para. 0041, 0047, 0052; terminal report message sent from electronic terminal device (IoT device) to mobile communication device via direct wireless link for forwarding to message processing system; message identifier comprises electronic terminal device identifier];
receiving in the remote computer system the upload data message from the Internet of Things device, as forwarded by the mobile communication device via the mobile radio communication network [Fig. 4; Para. 0052, 0054, 0057];
storing in the remote computer system the identifier of the partner back-end system and an address of the mobile communication device, as a communication relay address, linked to the unique identifier of the Internet of Things device [Fig. 4; Para. 0059, 0065; message center stores the forwarding message, which includes the back-end system identifier, assigned to an address of the mobile communication device and electronic terminal device identifier]; 
transmitting a registration message from the remote computer system to the partner back-end system defined by the identifier of the partner back-end system, the registration message including the unique identifier of the Internet of Things device [Fig. 4; Para. 0059; message center transmits the message content, which includes the electronic terminal device identifier, to the identified back-end system];
transmitting via the mobile radio communication network a confirmation in a download data message for the Internet of Things device from the remote computer system to the communication relay address linked to the unique identifier of the Internet of Things device, for forwarding to the Internet of Things device [Fig. 5; Para. 0061-64; back-end response message sent back towards terminal device via mobile communication device];
receiving in the Internet of Things device the download data message from the re- mote computer system, as forwarded by the mobile communication device via the close range communication circuit [Fig. 5; Para. 0066-68]; and
transmitting via the close range communication circuit an upload data message with an acknowledgement from the Internet of Things device to the mobile communication device for forwarding to the remote computer system [Fig. 4; Para. 0052-53, 0069; any prior or subsequent message sent to the back-end system; content data may include affirmative access authorization, a response to a request code included in the received authorization code, or instruction for the back-end system]. 
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 2 – 4, 7, and 14 – 21 are rejected under 35 U.S.C. 103 as being unpatentable over Plüss, in view of PGPub. 2019/0253243 (hereinafter “Zimmerman”).
Claim 2, Plüss discloses the limitations of Claim 1 above.  Plüss further discloses of generating in the Internet of Things device a verification message by encrypting the unique identifier
	Zimmerman discloses a system and method for configuring a new IoT device with a IoT service through a proximate intermediary device [Abstract; Fig. 6].  Zimmerman further discloses that each of the IoT device, intermediary, and IoT server comprises a secure key storage area [Fig. 6; Para. 0083, 0086, 0095].  Zimmerman also discloses of sending a secure identifier of the IoT device, comprising a SIM card, to the server for provisioning (unique identifier stored securely in the IoT device) [Para. 0095].  It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Zimmerman with Plüss since both systems utilize an intermediary device to forward communications between 
12.	Regarding Claim 3, Plüss discloses the limitations of Claim 1 above.  Plüss, however, does not specifically disclose of receiving in the Internet of Things device a secured data package from the mobile communication device via the close range communication circuit, decrypting in the Internet of Things device the secured data package, using a cryptographic key stored securely in the Internet of Things device, extracting in the Internet of Things device a replacement cryptographic key from the secured data package decrypted, and replacing the cryptographic key stored securely in the Internet of Things device with the replacement cryptographic key. 
	Zimmerman discloses the initialization of the IoT device with the IoT server comprises receiving in the Internet of Things device a secured data package from the mobile communication device via the close range communication circuit [Fig. 4A and 23B; Para. 0223; signed packet containing the IoT service session public key from IoT service to IoT device], decrypting in the Internet of Things device the secured data package, using a cryptographic key stored securely in the Internet of Things device [Fig. 6 and 23B; Para. 0083, 0086, 0095, 0223; IoT device verifies the signature with stored IoT server public key], extracting in the Internet of Things device a replacement cryptographic key from the secured data package decrypted [Fig. 23B; Para. 0165-169, 0223; IoT device extracts IoT service session public key from the packet], and replacing the cryptographic key stored securely in the Internet of Things device with the replacement cryptographic key [Fig. 23B; Para. 0224; the IoT server’s session 
It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Zimmerman with Plüss since both systems utilize an intermediary device to forward communications between the IoT device and the server servicing the IoT device.  The combination would enable the distribution of IoT server credentials to an IoT device, which is then later used for generating session keys.  The motivation to do so is to provide an additional layer of security and authentication between the IoT device and IoT service [Zimmerman, Para. 0149].
13.	Regarding Claim 4, Plüss, in view of Zimmerman, discloses the limitations of Claim 3.  Zimmerman further discloses of extracting in the Internet of Things device from the secured data package the identifier of the back-end system associated with the remote computer system [Fig. 23A; Para. 0150-152, 0169, 0221; storing public key and session public key of the registering IoT service]; and storing the identifier of the back-end system in the Internet of Things device for inclusion in the upload data message for the remote computer system [Fig. 23A; Para. 0150-152, 0169, 0221; storing public key and session public key of the registering IoT service].  
14.	Regarding Claim 7, Plüss discloses the limitations of Claim 1 above.  Plüss further discloses that the download data message includes executable code for the Internet of Things device [Para. 0069; e.g., executing the installation of a software update], the method further comprising:


extracting the executable code from the download data message [Fig. 5; Para. 0069; process the received back-end response message; e.g., software update included in the data content]; and
installing and executing the executable code in the Internet of Things device [Fig. 5; Para. 0069; e.g., executing the installation of a software update included in the data content].
Plüss, however, does not specifically disclose of encrypting the download data message, using an encryption key and decrypting, by the Internet of Things device, the download data message, using a cryptographic key stored securely in the Internet of Things device.
Zimmerman discloses the initialization of the IoT device with the IoT server comprises both devices generating a session secret for encrypting all subsequent message between the IoT device and IoT server [Fig. 23B and 23C; Para. 0224-225; signed packet containing the IoT service session public key from IoT service to IoT device; both generate session secret].  It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Zimmerman with Plüss since both systems utilize an intermediary device to forward communications between the IoT device and the server servicing the IoT device.  The combination would enable the secure communication between IoT server and the IoT 
15.	Regarding Claim 14, Plüss discloses an Internet of Things device [Fig. 2; Para. 0038-39; electronic terminal device; e.g., electronic lock], comprising:
an electronic communication circuit for close range communication [Fig. 2; Para. 0040-41; radio communication module; e.g., Bluetooth];
a processor connected to the electronic communication circuit [Fig. 2, item 12; Para. 0040-41; controller]; and
, 
wherein the processor is configured to: 
transmit via the electronic communication circuit to a mobile communication device, within the close range of the Internet of Things device, an upload data message for the remote computer system, for forwarding by the mobile communication device via a mobile radio communication network to the remote computer system [Fig. 4; Para. 0052, 0054-57; terminal report created by terminal device to send to back-end system via mobile communication device], and
receive via the close range communication circuit a download data message from the remote computer system, as received by the mobile communication device from the remote computer system via a mobile radio 
Plüss further discloses that the terminal device can store the terminal report message, which includes the unique identifier of the terminal device and the back-end system identifier (a unique identifier of the Internet of Things device and an identifier of a back-end system associated with a remote computer system), for comparison with the response message [Para. 0069].  Plüss does not specifically disclose a data store having stored therein securely a unique identifier of the Internet of Things device and an identifier of a back-end system associated with a remote computer system.
	Zimmerman discloses a system and method for configuring a new IoT device with a IoT service through a proximate intermediary device [Abstract; Fig. 6].  Zimmerman further discloses that each of the IoT device, intermediary, and IoT server comprises a secure key storage area associated with the other systems (identifier of a back-end system associated with a remote computer system for each of the keys) [Fig. 6; Para. 0083, 0086, 0095].    Zimmerman also discloses of sending a secure identifier of the IoT device, comprising a SIM card, to the server for provisioning (unique identifier stored securely in the IoT device) [Para. 0095].  It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Zimmerman with Plüss since both systems utilize an intermediary device to forward communications between the IoT device and the server servicing the IoT 
16.	Regarding Claim 15, Plüss, in view of Zimmerman, discloses the limitations of Claim 14.  The combination of Plüss and Zimmerman further discloses that the processor is further configured to generate in the Internet of Things device a verification message by encrypting the unique identifier [Plüss; Fig. 4; Para. 0053-44; electronic terminal device encrypts message content part, which comprises various types of content data, such as affirmative access authorization or response data, using encryption algorithm that requires for its decryption a secret of the back-end system], using a cryptographic key stored securely in the Internet of Things device [Zimmerman; Fig. 6; Para. 0083, 0086, 0095], and including the verification message in the upload data message, for verification of the unique identifier by the remote computer system [Plüss; Fig 4, Para. 0054, 0061; decrypts the content data and stores it in the back-end system assigned to the electronic terminal device identifier].
17.	Regarding Claim 16, Plüss, in view of Zimmerman, discloses the limitations of Claim 14.  Zimmerman further discloses the initialization of the IoT device with the IoT server comprises receiving in the Internet of Things device a secured data package from the mobile communication device via the electronic communication circuit [Fig. 4A and 23B; Para. 0223; signed packet containing the IoT service session public key from IoT service to IoT device], decrypting in the Internet of Things device the secured data package, using a cryptographic key stored securely in the Internet of Things device [Fig. 6 and 23B; Para. 0083, 0086, 0095, 0223; IoT device verifies the signature with stored IoT server public key], extracting in the Internet of Things device a replacement 
It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Zimmerman with Plüss since both systems utilize an intermediary device to forward communications between the IoT device and the server servicing the IoT device.  The combination would enable the distribution of IoT server credentials to an IoT device, which is then later used for generating session keys.  The motivation to do so is to provide an additional layer of security and authentication between the IoT device and IoT service [Zimmerman, Para. 0149].
18.	Regarding Claim 17, Plüss, in view of Zimmerman, discloses the limitations of Claim 16.  Zimmerman further discloses that the processor is further configured to:
extract from the secured data package an identifier of a back-end system associated with the remote computer system [Fig. 23A; Para. 0150-152, 0169, 0221; storing public key and session public key of the registering IoT service], and
store the identifier of the back-end system in the Internet of Things device, for inclusion in upload data message for the remote computer system [Fig. 23A; Para. 0150-152, 0169, 0221; storing public key and session public key of the registering IoT service].
Claim 18, Plüss, in view of Zimmerman, discloses the limitations of Claim 14.  Plüss further discloses that the processor is further configured to:
extract from the download data message customization information included by the remote computer system [Fig. 5; Para. 0062, 0069; terminal device processes the received back-end response message to match the message identifier, which includes the sequence number, with the terminal response message; can also be software updates and/or configuration data], and
store in the Internet of Things device the customization information received with the download data message from the remote computer system, as forwarded by the mobile communication device [Fig. 5; Para. 0062, 0069; terminal device processes the received back-end response message to match the message identifier, which includes the sequence number, with the terminal response message; can also be software updates and/or configuration data].
20.	Regarding Claim 19, Plüss, in view of Zimmerman, discloses the limitations of Claim 14.  Plüss further discloses that the processor is further configured to:
extract from the download data message a version indicator, included by the remote computer system [Fig. 5; Para. 0062, 0069; back-end response message comprises sequence number and timestamp], and
discard in the Internet of Things device the download data message from the remote computer system, as forwarded by the mobile communication device, if the version indicator included in the download data message is outdated when compared to version indicators stored in the Internet of Things device, from previously received download data message from the remote computer system, as forwarded previously by 
21.	Regarding Claim 20, Plüss, in view of Zimmerman, discloses the limitations of Claim 14.  Plüss further discloses that the processor is further configured to:

extract from the download data message executable code, included by the remote computer system [Fig. 5; Para. 0069; process the received back-end response message; e.g., software update included in the data content], and
install and execute the executable code in the Internet of Things device [Fig. 5; Para. 0069; e.g., executing the installation of a software update included in the data content].
Zimmerman further discloses the initialization of the IoT device with the IoT server comprises both devices generating a session secret for encrypting all subsequent message between the IoT device and IoT server [Fig. 23B and 23C; Para. 0224-225; signed packet containing the IoT service session public key from IoT service to IoT device; both generate session secret].
Claim 21, Plüss, in view of Zimmerman, discloses the limitations of Claim 14.  Plüss further discloses that the processor is further configured to:
extract from the download data message, as forwarded by the mobile communication device, an instruction from a back-end system for the Internet of Things device, included by the remote computer system [Fig. 5; Para. 0038-39, 0062, 0069; content data in the back-end response message may include software updates and/or configuration parameters for the electronic terminal device to install], and 
execute the instruction in the Internet of Things device, wherein the instruction comprises at least one of: a reset instruction, a firmware update instruction, or an access rights update instruction [Fig. 5; Para. 0038-39, 0062, 0069; content data may include software updates and/or configuration parameters for the electronic terminal device to install].
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

Contacts
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tae K. Kim, whose telephone number is (571) 270-1979.  The examiner can normally be reached on Monday - Friday (10:00 AM - 6:30 PM EST).
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jorge Ortiz-Criado, can be reached on (571) 272-7624.  The fax phone number for submitting all Official communications is (703) 872-9306.  The fax phone number for submitting informal communications such as drafts, proposed amendments, etc., may be faxed directly to the examiner at (571) 270-2979.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should 
/TAE K KIM/Primary Examiner, Art Unit 2496