DETAILED ACTION

Claims 1-20 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims1, 3-8, 10-15, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Reagan et al. (US Patent Application No. 20160188307) (Hereinafter Reagan) in view of Aun et al. (US Patent Application No.20210311710) (Hereinafter Aun).

	
As per claim 1, Reagan discloses a method for onboarding user devices in a unified endpoint management system (“UEMS”), comprising: 
receiving, at a management application of a user device, network settings for connecting to a local server (para 23, mentions device to enroll with the management system 119); 
providing, by the management application, an enrollment request and an identifier of the user device to the local server (para 29, mentions that 142 accept/deny requests to enroll; 142 can verify whether enrollment request is in place); 
receiving, at the management application, enrollment instructions from the local server, the enrollment instructions including an address of the management server and a security token (data store 116 store the agent application that is downloaded by 106 as shown in Fig 2B; Fig 4 step 407 mention about the receiving the registration server address, para 30 authentication token).
Regan does not disclose enrolling the user device with a management server by providing, by the management application, the security token to the management server. However, Aun discloses enrolling the user device with a management server by providing, by the management application, the security token to the management server (para 10, generating, by the server, a token corresponding to an encrypted account).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Reagan and Aun. The motivation would have been to build the network that provide security solutions by executing security protocol to ensure device is free from the threat/attack.

As per claim 3, claim is rejected for the same reasons and motivation as claim 1, above in addition, Reagan discloses the enrollment instructions further include a network address for the management server (para 23 and 24, a particular network address with which a loader service can be preconfigured to communicate. Such a network address, such as a particular hostname in a particular domain name).

As per claim 4, claim is rejected for the same reasons and motivation as claim 1, above in addition, Reagan discloses wherein the enrollment instructions further include placeholders, and enrolling with the management server further comprises: 
replacing the placeholders with information relating to the model of the user device (device profile, or device template a blueprint that defines the characteristics and behaviors of a type of device that connects to your application, for example para 19 mentions device profile); and 
providing the device model information to the management server (para 23, device profile data provisioned upon the client device, the client device  can communicate with the device discovery computing environment in order to discover the network address of a registration server with which it should communicate in order to enroll itself with a management system).

As per claim 5, claim is rejected for the same reasons and motivation as claim 1, above in addition, Reagan discloses wherein the user device identifier is associated with an account in the UEMS and is used to validate the user device ("UEMS"; 119 in Fig 1; para 13  mentions that 119 is to manage the operation of multiple client devices).

As per claim 6, claim is rejected for the same reasons and motivation as claim 1, above in addition, Reagan discloses wherein the security token received at the management application is different from the security token provided to the management server for enrollment, and the two security tokens use different security keys (para 41, authentication token and  para 31 , security key provided).

As per claim 7, claim is rejected for the same reasons and motivation as claim 1, above in addition, Reagan discloses wherein the enrollment instructions include a group identifier, and wherein enrolling the user device includes supplying the group identifier to the management server, wherein the management server creates a new group based on the group identifier and associates the user device with the new group (para 22, the device discovery computing environment  may employ multiple computing devices that may be arranged, for example, in one or more server banks, computer banks, or other arrangements).

As per claim 8,  Reagan discloses a non-transitory, computer-readable medium containing instructions that, when executed by a hardware-based processor, performs stages for onboarding user devices in a unified endpoint management system (“UEMS”), the stages comprising: 
receiving network settings that allow a user device to locate a local server (para 23, mentions device to enroll with the management system 119); 
providing an enrollment request and an identifier of the user device to the local server(para 29, mentions that 142 accept/deny requests to enroll; 142 can verify whether enrollment request is in place); 
receiving enrollment instructions from the local server, the enrollment instructions including a security token (data store 116 store the agent application that is downloaded by 106 as shown in Fig 2B; Fig 4 step 407 mention about the receiving the registration server address, para 30, authentication token).
Regan does not disclose enrolling the user device with a management server by providing the security token to the management server. However, Aun discloses enrolling the user device with a management server by providing the security token to the management server (para 10, generating, by the server, a token corresponding to an encrypted account).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Reagan and Aun. The motivation would have been to build the network that provide security solutions by executing security protocol to ensure device is free from the threat/attack.

As per claim 10, claim is rejected for the same reasons and motivation as claim 8, above in addition, Reagan discloses, wherein the enrollment instructions further include a network address for the management server (para 23 and 24, a particular network address with which a loader service can be preconfigured to communicate. Such a network address, such as a particular hostname in a particular domain name).

As per claim 11, claim is rejected for the same reasons and motivation as claim 8, above in addition, Reagan discloses replacing the placeholders with information relating to the model of the user device(device profile, or device template a blueprint that defines the characteristics and behaviors of a type of device that connects to your application, for example para 19 mentions device profile); and providing the device model information to the management server(para 23, device profile data provisioned upon the client device, the client device  can communicate with the device discovery computing environment in order to discover the network address of a registration server with which it should communicate in order to enroll itself with a management system).

As per claim 12, claim is rejected for the same reasons and motivation as claim 8, above in addition, Reagan discloses wherein the user device identifier is associated with an account in the UEMS and is used to validate the user device("UEMS"; 119 in Fig 1; para 13  mentions that 119 is to manage the operation of multiple client devices).

As per claim 13, claim is rejected for the same reasons and motivation as claim 8, above in addition, Reagan discloses wherein the security token received at the management application is different from the security token provided to the management server for enrollment, and the two security tokens use different security keys (para 41, authentication token and  para 31 , security key provided).

As per claim 14, claim is rejected for the same reasons and motivation as claim 8, above in addition, Reagan discloses wherein the enrollment instructions include a group identifier, and wherein enrolling the user device includes supplying the group identifier to the management server, wherein the management server creates a new group based on the group identifier and associates the user device with the new group (para 22, the device discovery computing environment  may employ multiple computing devices that may be arranged, for example, in one or more server banks, computer banks, or other arrangements).

As per claim 15, claim is rejected for the same reasons  and motivation as claim 8, above.

As per claim 17, claim is rejected for the same reasons  and motivation as claims 8 and 10, above.

As per claim 18, claim is rejected for the same reasons  and motivation as claims 8 and 11, above.


As per claim 19, claim is rejected for the same reasons  and motivation as claims 8 and 12, above.

As per claim 20, claim is rejected for the same reasons  and motivation as claims 8 and 13, above.

Claims 2, 9 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Reagan et al. (US Patent Application No. 20160188307) (Hereinafter Reagan) in view of Aun et al. (US Patent Application No.20210311710) (Hereinafter Aun) in further view of Rogers et al. (US Patent Application No. 20200327526) (Hereinafter Rogers).

As per claims 2, 9 and 16, Reagan in view of Aun fails to disclose the network settings are received based on the user device scanning a QR code with a network address of the local serve. However, Rogers discloses  the network settings are received based on the user device scanning a QR code with a network address of the local server (para 66, The QR code 2 or similar information to be read from a target may also include a web link, or other network or server address, which could be used by software on the mobile customer device to address the location transmission to the appropriate server). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Reagan and Aun with Rogers. The motivation would have been to build the network that provide security solutions by executing security protocol to ensure device is free from the threat/attack

Conclusion

Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493