Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments

	Applicant has amended to overcome the previous 101 rejection. In particular, Applicant has amended to include the term non-transitory.
Therefore the 101 rejection is withdrawn.
	Applicant has amended to include “dynamically generating at least one ACL…when provisioning the one or more devices.”
	Applicant in Remarks pages 9-12 argues the previously cited portions of Lear and Thaler do not teach the newly amended limitations.
	However, previously cited art Thaler (US 2018/0103039) teaches in Paragraph [0071] “Fig. 4 illustrates…a method for provisioning an IoT device.”
	Thaler in Figure 4, step 450, teaches “creating an access control list for the IoT device.”
	Therefore Thaler in Figure 4 teaches dynamically generating at least one ACL when provisioning the one or more devices.
	The combined refrences of Lear and Thaler teaches the new amendments.
	Applicant makes similar amendments to independent claims 8 and 15.
	The remaining arguments are similar to the ones above and are unpersuasive for a similar rationale.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-6, 8-13, 15-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lear (US 2018/0115611) in view of Thaler (US 2018/0103039)


Regarding Claim 1,

Lear (US 2018/0115611) teaches a computer-implemented method for providing secure access to one or more devices enabled for connectivity using access control, the method comprising: 
assigning an IP address to each of the one or more devices enabled for connectivity (Paragraph [0027-0028, 0030] teaches assigning IP addresses to IoT devices); dynamically generating at least one access-control list (ACL) for each of the one or more devices associated with the at least one user account (Paragraph [0030] teaches the home gateway creates ACL); 
and restricting access only to the at least one user account via ACL generated for the one or more devices (Paragraph [0043] teaches the ACL grants access to the IoT device) (Paragraph [0056] teaches an end user with a user account that accesses on or more IoT devices).
Lear does not explicitly teach dynamically associating each of the one or more devices to at least one user account, dynamically generating at least one ACL when provisioning the one or more devices.
Thaler (US 2018/0103039) teaches dynamically associating each of the one or more devices to at least one user account (Paragraph [0058] teaches associating an IoT device with at least one user account)
dynamically generating at least one ACL when provisioning the one or more devices. (Paragraph [0071] “Fig. 4 illustrates…a method for provisioning an IoT device.” Figure 4, step 450, teaches “creating an access control list for the IoT device.”)

It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Lear with the associating the one or more devices to at least one user account
The motivation is to help provision an IoT device (Paragraph [0017])


Regarding Claim 2,

Lear and Thaler teaches the computer-implemented method of claim 1. Lear teaches further comprising: generating virtual private network (VPN) credentials for accessing the one or more devices over the VPN, wherein generating VPN credentials includes dynamically assigning an IP address to the at least one user account (Paragraph [0039] teaches authentication parameters to establish a VPN, and determining appropriate IP addresses used for managing the IoT device); and enabling access to the one or more devices enabled for connectivity assigned to the at least one user account using the generated VPN credentials (Paragraph [0039] teaches establishing the VPN and registering the IoT device with the security controller).

Regarding Claim 3,

Lear and Thaler teaches the computer implemented method of claim 1. While Lear teaches a cloud computing environment (Paragraph [0054]) Lear does not explicitly teach wherein the one or more devices enabled for connectivity are deployed on a public cloud network or a private cloud network.
The Examiner takes Official Notice that public and private cloud networks are well known in the art
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Lear with a public or private cloud network and the results would be predictable (i.e. the devices would be deployed on public or private cloud)


Regarding Claim 4,

Lear and Thaler teaches the computer-implemented method of claim 1.
Thaler (US 2018/0103039) teaches dynamically generated ACL is updated for the one or more user accounts based on device status, wherein the device status comprises any one or more of: active, suspended and inactive (Figure 4, teaches a device status is active (i.e. IoT device wishing to join a group) and 450 teaches generating an Access Control List based upon the active device)

Regarding Claim 5,

Lear and Thaler teaches the computer-implemented method of claim 2.
Thaler teaches one user account comprises one or more user accounts, wherein the one or more user accounts are arranged in a hierarchical order such that a user belonging to a parent account can access devices that are under its child account but the user belonging to a child account cannot access the devices under its parent account other than the devices under its own account (Paragraph [0058] teaches a “predefined hierarchy of users”)(Paragraph [0061-0066] teaches wherein the parent account may access all devices but child may not access the parent account)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Lear with the hierarchical user accounts of Thaler
The motivation is generate an access control list based on pre-existing information of a group (Paragraph [0008] of Thaler)



Regarding Claim 6,

Lear and Thaler teaches the computer-implemented method of claim 2. Lear teaches wherein the at least one user account comprises one or more user accounts, and wherein access to the one or more device by the one or more user accounts is managed by the at least one user account or the end user of that device (Paragraph [0056] teaches an end user with a user account that accesses on or more IoT devices).


Regarding Claims 8-13,

Claims 8-13 are similar in scope to Claims 1-6 and are rejected for a similar rationale.

Regarding Claims 15-20,

Claims 15-20 are similar in scope to Claims 1-6 and are rejected for a similar rationale.


Claim 7, 14, 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lear and Thaler in view of Bone (US 2017/0054564)

Regarding Claim 7,

Lear and Thaler teaches the computer-implemented method of claim 2, but does not explicitly teach wherein generating VPN credentials further comprises: sending a VPN request to application programming interface (API) gateway; validating the VPN request; receiving account details for the at least one user account; validating account status of the at least one user account; generating a VPN username for the account; and identifying a target list of VPN servers.
Bone (US 2017/0054564) teaches sending a VPN request to application programming interface (API) gateway (Paragraph [0007] teaches VPN server issues an API request to the broker); validating the VPN request; receiving account details for the at least one user account; validating account status of the at least one user account (Paragraph [0096] teaches indication M2M devices have been successfully provisioned) ; 
generating a VPN username for the account; and identifying a target list of VPN servers (Paragraph [0104]  M2M device ID)(Paragraph [0056] teaches list of VPN servers).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Lear with the API gateway of Bone
The motivation is to provide secure machine to machine communication (Paragraph [0008] of Bone)

Regarding Claims 14, 21

Claims 14, 21 is similar in scope to Claim 7 and is rejected for a similar rationale.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARRIS C WANG whose telephone number is (571)270-1462. The examiner can normally be reached M-F 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/HARRIS C WANG/Primary Examiner, Art Unit 2439