DETAILED ACTION
CLAIMS 1-5, 7-8, 10-11, 13, 15-16, 18, 20, 22, 25, 28-29, 31-32, 38, 42, 46, AND 50-52 
are presented for examination.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
35 U.S.C.§112(b) or 35 U.S.C.§112 (pre-AIA ), Second Paragraph
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim(s) 15 and 25 
 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim(s) 15
 recites the limitation “The  method of Claim 14 …” There is insufficient antecedent basis for this limitation in the claim.
In the interest of compact prosecution, and in light of the specification as it would be interpreted by a person having ordinary skill in the art before the effective filing date of the claimed invention, examiner will  substitute the following language: “The method of Claim 13”.
Claim(s) 25
 recites the limitation “The method of Claim 23 … ” There is insufficient antecedent basis for this limitation in the claim.
In the interest of compact prosecution, and in light of the specification as it would be interpreted by a person having ordinary skill in the art before the effective filing date of the claimed invention, examiner will  substitute the following language: “The method of Claim 22”.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claim(s) 38, 1-5, 7-8, 10-11, 13, 18, 42, 20, 22-23, 25, 28, 46, and 29 

is/are rejected under 35 U.S.C. 103 as being unpatentable over Mathison et al., US 2018/0152541 Al, (“Mathison”; Cited by Applicant on IDS dated 4/02/2021) in view of Khanna et. al., US 2005/0071677 Al, (“Khanna”; Cited to but not relied upon in the previous action.)
Regarding Claim 38,
 Mathison teaches A device that is operable to connect to a network, the device comprising:
a processor;
and a memory coupled to the processor and having instructions stored therein that are executable by the processor to cause the device to perform operations comprising: : (Fig. 3, elements 300, 320, and 330; See also [0035] “Processor 320 may include a processor, a microprocessor, or processing logic that may interpret and execute instructions. Memory 330 may include any type of dynamic storage device that may store information and instructions, for execution by processor 320 ….”)
requesting a Bootstrap data object (Fig. 7, element 716; Fig. 9, element 946; i.e. management server connection information – Bootstrap data object giving the claim the BRI – is requested ) from a network node reachable via the network (Fig. 7, element 160; Fig. 9, element 160)  …, the Bootstrap data object comprising an identification of a device management server; ([0052] “The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150.”)
receiving the Bootstrap data object from  the network node; ([0052] “bootstrap server 160 may provide management server connection information (e.g., for management server 150) to UE 110 (signal 722).” Emphasis added.) 
configuring a data object on the device in accordance with the Bootstrap data object; ([0053] “In response to receiving the management server connection information, UE 110 may provide a registration request to management server 150 (signal 724). The registration request may include an encrypted string or token based on the session key previously provided to UE 110 by bootstrap server 160.” i.e. a registration request is generated based on the management server connection information – a data object is configured giving the claim the BRI –) and
requesting registration with the management server identified in the Bootstrap data object.  (Fig. 7, element 724; Fig. 9, element 946; See also [0053] “UE 110 may provide a registration request to management server 150 (signal 724).”) 
Mathison does not teach requesting a Bootstrap data object from a network node reachable via the network  and separate from a Bootstrap server. Emphasis added. As discussed above, Mathison goes on to teach authenticating and balancing load  across a pool of servers. (Mathison [0013] and [0023]) 
Khanna teaches requesting a Bootstrap data object from a network node reachable via the network  and separate from a Bootstrap server. Emphasis added. ([0043] – [0045] “a DHCP (or a DHCP/Proxy) server 402, and a boot server 404 … hosted by separate machines (as shown) … The client initiates the protocol by broadcasting a DHCP _DISCOVER …  a DHCP server or a Proxy DHCP server implementing this extended protocol is available, after several intermediate steps, the server sends the client a list of appropriate boot servers. The client then discovers a boot server of the type selected and receives the name of an executable file on the chosen boot server. The client uses TFTP to download the executable from the boot server. Finally, the client initiates execution of the downloaded image.” Emphasis added; see also Fig. 4.
i.e. the address of the boot server(s) is provided by the DHCP or DHCP proxy server, separate from the boot server itself.) 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Khanna with the teaching of Mathison as both references are directed to configuring computing systems for network boot. Moreover, Khanna improves on Mathison’s teaching of authenticating and balancing configuration requests amongst a pool of servers (Mathison [0013]) by teaching a technique which authenticates clients using a shared secret/key pair (Khanna Fig. 4 and [0015]) thus improving security and authentication in the system. 
Regarding Claim 2,
 Mathison teaches wherein configuring the data object comprises writing the identification of the device management server as a value of the data object on the device.  ([0052] - [0053] “The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150 … In response to receiving the management server connection information, UE 110 may provide a registration request to management server 150 (signal 724). The registration request may include an encrypted string or token based on the session key previously provided to UE 110 by bootstrap server 160.” Emphasis added. i.e. a request to the management server is generated – written giving the claim the BRI – and provided to the management server.  )
Regarding Claim 3,
 Mathison teaches wherein the Bootstrap data object further comprises an object specification describing at least one of an object structure and object resource values, . ([0052] “The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150 …” Emphasis added. i.e. a  URL and a session key – object resource values giving the claim the BRI – are provided)and
wherein configuring the data object comprises at least one of:
creating the data object on the device having the described object structure;
writing the described object resource values into the data object on the device. ([0053] “UE 110 may provide a registration request to management server 150 (signal 724). The registration request may include an encrypted string or token based on the session key previously provided to UE 110 by bootstrap server 160.” Emphasis added. i.e. the address and key may be included in the generated registration request). 
Regarding Claim 4,
 Mathison teaches wherein the Bootstrap data object further comprises at least one of:
security credentials for the device management server; ([0052] “The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150 …” Emphasis added. i.e. a session key – security credentials giving the claim the BRI – are provided)
and
 an indication of how the security credentials may be obtained
wherein configuring the data object comprises writing the security credentials for the device management server as a value of the data object on the device ([0053] “UE 110 may provide a registration request to management server 150 (signal 724). The registration request may include an encrypted string or token based on the session key previously provided to UE 110 by bootstrap server 160.” Emphasis added. i.e. key may be used to encrypt data sent in the request – writing the security credentials as a value of a data object giving the claim the BRI –).  and
wherein requesting registration with the device management server comprises requesting registration using the security credentials for the device management server.  ([0053] “Management server 150 may receive the registration request and obtain a corresponding session key from bootstrap server 160 to authenticate UE 110 (signal 726). Alternatively, the session key may be provided as part of the assignment signal 720. Assuming successful authentication ( e.g., a match of the encrypted string or token from signal 724 and signal 726), management server 150 may provide a registration response to UE 110 (signal 728), after which UE 110 and management server 150 can perform data exchanges. In one implementation, UE 110 may store the session key (or an updated secure key) for management server 150 (signal 730). The stored key may be used for later data exchange sessions with management server 150” Emphasis added.)
Regarding Claim 5,
 Mathison teaches further comprising- obtaining an address of the network node provisioned with the Bootstrap data object,
wherein requesting the Bootstrap data object comprises sending a request message to the address, and (Fig. 7, element 710 and element 130; See also [0050] “UE 110 providing a bootstrap server identifier (BSID) request (signal 710) to access network 130.”) 
wherein obtaining the address of the network node provisioned with the Bootstrap data object comprises at least one of:
retrieving a dedicated multicast address for Bootstrap data object provisioned network nodes from a memory;
querying a Resource Directory for network nodes having exposed the Bootstrap data object as a discoverable resource.   (Fig. 7, element 712; See a;so [0051] “In response to the bootstrap server identifier request, network 130 may provide a bootstrap server URL (signal 712). The bootstrap server URL may include a URL for a bootstrap server (e.g., bootstrap server 160) associated with the particular mobile carrier for access network 130.” i.e. querying a resource directory for nodes giving the claim the BRI).
Regarding Claim 7,
 Mathison teaches wherein the network node comprises at least one of:
a Bootstrap Server cache;
a Bootstrap server proxy node;
a file server; and
 a peer client device.  (Fig. 7, element 130; See also [0051] “A device in access network 130, such as MME 230 or a downstream network device, may receive the bootstrap server identifier request, and, if necessary extract the bootstrap server identifier request from an attach request”; See also [0034]; i.e. a Bootstrap server proxy node giving the claim the BRI )
Regarding Claim 8,
 Mathison teaches wherein requesting the Bootstrap data object comprises sending a Bootstrap data object request message to the network node , the Bootstrap data object request message comprising a characteristic of the device, the characteristic comprising at least one of:
a device type;
a device identifier;
a representation of device capabilities; and
 a representation of data objects configured on the device. ([0032] “MME device 230 may obtain the subscription status information and the bootstrap server address from HSS device 260 when MME device 230 authenticates UE 110 in response to UE 110 requesting to attach to access network 130 ….” i.e. an authentic device – a device type giving the claim the BRI – is responded to by the MME.) 
Regarding Claim 10,
 Mathison teaches wherein the Bootstrap data object further comprises a representation of a prerequisite object configuration that should be existing on the device before configuration of the data object on the device in accordance with the Bootstrap data object,  the method further comprising: ([0052] “bootstrap server 160 may provide management server connection information (e.g., for management server 150) to UE 110 (signal 722). The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150”; See also [0023] “For example, LW bootstrap server 160 may act as an intermediary element in environment 100 that provides application independent functions for mutual authentication of mobile terminals (e.g., UE 110) and application servers (e.g., management server 150) to each other and for "bootstrapping" the exchange of secret session keys afterwards.”)
 comparing a representation of an existing object configuration on the device with the representation of the prerequisite object configuration .  ([0053] “Management server 150 may receive the registration request and obtain a corresponding session key from bootstrap server 160 to authenticate UE 110 (signal 726).” Emphasis added. i.e. the session key sent to the UE – prerequisite object giving the claim the BRI – must match the session key obtained by the management server – representation of data objects that must exist on the device giving the claim the BRI –) 
A person having ordinary skill in the art a the time the claimed invention was filed would recognize that Mathison’s session keys ([0052]) may be used to carry out the authentication of the UE at the boot server ( [0023]) as well as at the management server ([0053])  
Regarding Claim 11,
 Mathison teaches further comprising at least one of:  responsive to determining that the representation of the existing object configuration and the representation of the prerequisite object configuration are a match, ([0043] “The bootstrap status flag, for example, may be toggled "on" when UE 110 has successfully completed a registration with management server 150 via bootstrap server 160. As long as the bootstrap status flag is toggled on, UE 110 may connect to the assigned management server 150”)  configuring the data object on the device in accordance with the Bootstrap data object; and
 responsive to determining that the representation of the existing object configuration and the representation of the prerequisite object configuration are not a match,  
wherein requesting the new Bootstrapping data object from the second network node omprises at least one of:
obtaining  an address of the second network node provisioned with the new Bootstrap data object and sending a  second request message to the address of the second network node; and
 sending a  second Bootstrap data object request message, the  second Bootstrap data object request message comprising a different characteristic of the device. ([0043] “In one example, the bootstrap status flag may be toggled off when UE 110 fails to provide matching credentials. In another example, the bootstrap status flag may be toggled off when a security change or upgrade is implemented ( e.g., by direction of a network administrator). If a bootstrap status flag is off for a particular UE 110, UE 110 may be redirected to request a bootstrap server address from access network 130. In some implementations, UE 110 may be required to re-attach to access network 130 to submit a new bootstrap server address request.” Emphasis added.)

Regarding Claim 50,
 Mathison does not teach wherein the network node is separate from a Bootstrap server.  
Khanna teaches wherein the network node is separate from a Bootstrap server.  
([0043] – [0045] “a DHCP (or a DHCP/Proxy) server 402, and a boot server 404 … hosted by separate machines (as shown) … The client initiates the protocol by broadcasting a DHCP _DISCOVER …  a DHCP server or a Proxy DHCP server implementing this extended protocol is available, after several intermediate steps, the server sends the client a list of appropriate boot servers. The client then discovers a boot server of the type selected and receives the name of an executable file on the chosen boot server. The client uses TFTP to download the executable from the boot server. Finally, the client initiates execution of the downloaded image.” Emphasis added; see also Fig. 4.
i.e. the address of the boot server(s) is provided by the DHCP or DHCP proxy server, separate from the boot server itself.) 
Regarding Claim 42,
 A Bootstrap server comprising a processor; and
 a memory coupled to the processor and having instructions stored therein that are executable by the processor to cause the device to perform operations comprising: (Fig. 1, element 160; see also Fig. 3, elements 300, 320, and 330; See also [0035] “Processor 320 may include a processor, a microprocessor, or processing logic that may interpret and execute instructions. Memory 330 may include any type of dynamic storage device that may store information and instructions, for execution by processor 320 ….”)
generating a Bootstrap data object corresponding to a device that is operable to connect to a network, the Bootstrap data object comprising an identification of a device management server; (Fig. 7, element 160, 720, and 722; See also [0052] “bootstrap server 160 may assign an applicable management server 150 for UE 110 (signal 720) … server 160 may provide management server connection information (e.g., for management server 150) to UE 110 (signal 722).”)and
 distributing the Bootstrap data object to a network node reachable via the network and separate from … and the device.  .  (Fig. 7, element 110; See also element 722 and [0052] “bootstrap server 160 may provide management server connection information (e.g., for management server 150) to UE 110 (signal 722).”) 
Mathison does not teach and separate from the Bootstrap server …
Khanna teaches and separate from the Bootstrap server … ([0043] – [0045] “a DHCP (or a DHCP/Proxy) server 402, and a boot server 404 … hosted by separate machines (as shown) … The client initiates the protocol by broadcasting a DHCP _DISCOVER …  a DHCP server or a Proxy DHCP server implementing this extended protocol is available, after several intermediate steps, the server sends the client a list of appropriate boot servers. The client then discovers a boot server of the type selected and receives the name of an executable file on the chosen boot server. The client uses TFTP to download the executable from the boot server. Finally, the client initiates execution of the downloaded image.” Emphasis added; see also Fig. 4.
i.e. the address of the boot server(s) is provided by the DHCP or DHCP proxy server, separate from the boot server itself.) 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Khanna with the teaching of Mathison as both references are directed to configuring computing systems for network boot. Moreover, Khanna improves on Mathison’s teaching of authenticating and balancing configuration requests amongst a pool of servers (Mathison [0013]) by teaching a technique which authenticates clients using a shared secret/key pair (Khanna Fig. 4 and [0015]) thus improving security and authentication in the system. 


Regarding Claim 46,
 Mathison teaches a network node … the network node comprising:
a processors and a memory coupled to the processor and having instructions stored therein that are executable by the processor to cause the device to perform operations comprising: (Fig. 3, element 130; See also Fig. 2, element 130; See also [0032] and Fig. 3, elements 300, 320, and 330; See also [0035] “Processor 320 may include a processor, a microprocessor, or processing logic that may interpret and execute instructions. Memory 330 may include any type of dynamic storage device that may store information and instructions, for execution by processor 320 ….”) 
receiving a request for a Bootstrap data object from a device operable to connect to a network, (Fig. 7, element 160, 720, and 722; See also Fig. 9;)
the Bootstrap data object comprising an identification of a device management server; ([0052] “The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150.”) 
determining whether the Bootstrap data object is available on the network node; and
responsive to determining that the  Bootstrap data object is available on the network node,  sending the Bootstrap data object to the device.  ([0065] “UE 110 may receive bootstrap server URL 712 from PGW device 250 and generate a request for management server connection information 716 using bootstrap server URL 712. Bootstrap server 160 may receive request 716 and, after verifying the request, may assign a management server 150 to UE 110 based on particular load-balancing criteria, and may provide management server connection information 722 to UE 110.” Emphasis added. 
See also [0040] “load balancer 410 may assign a UE 110 to a particular management server 150 based on available resources ….” i.e. if a management server meeting with appropriate resources is available, the bootstrap server/load manager will assign the UE to the management server. ) 
Mathison does not teach A network node that is separate from a Bootstrap server
Mathison goes on to teach authenticating and balancing load  across a pool of servers. (Mathison [0013] and [0023])
Khanna teaches A network node that is separate from a Bootstrap server
([0043] – [0045] “a DHCP (or a DHCP/Proxy) server 402, and a boot server 404 … hosted by separate machines (as shown) … The client initiates the protocol by broadcasting a DHCP _DISCOVER …  a DHCP server or a Proxy DHCP server implementing this extended protocol is available, after several intermediate steps, the server sends the client a list of appropriate boot servers. The client then discovers a boot server of the type selected and receives the name of an executable file on the chosen boot server. The client uses TFTP to download the executable from the boot server. Finally, the client initiates execution of the downloaded image.” Emphasis added; see also Fig. 4.
i.e. the address of the boot server(s) is provided by the DHCP or DHCP proxy server, separate from the boot server itself.) 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Khanna with the teaching of Mathison as both references are directed to configuring computing systems for network boot. Moreover, Khanna improves on Mathison’s teaching of authenticating and balancing configuration requests amongst a pool of servers (Mathison [0013]) by teaching a technique which authenticates clients using a shared secret/key pair (Khanna Fig. 4 and [0015]) thus improving security and authentication in the system. 


Claim(s) 1, 18, and 28
 recite(s) features that are substantially the same, save for the category of invention, as the apparatus set forth in claim(s) 38. Specifically:
Claim(s) 1 correspond(s) to claim(s) 38;	
Claim(s) 18 correspond(s) to claim(s) 42; and
Claim(s) 28 correspond(s) to claim(s) 46 
Therefore claim(s) 1, 18, and 28 is/are rejected under the same reasoning set forth above over Mathison.
Regarding Claim 20,
 Mathison teaches  wherein the Bootstrap data object further comprises an object specification describing at least one of an object structure and object resource values for configuration of a data object on the device, ([0052] “The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150 …” Emphasis added. i.e. a  URL and a session key – object resource values giving the claim the BRI – are provided)
wherein the Bootstrap data object further comprises at least one of:
security credentials for the device management server; and
 an indication of how security credentials for the device management server may be obtained.  ([0052] “The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150 …” Emphasis added. i.e. a session key – security credentials giving the claim the BRI – are provided)
Regarding Claim 22,
 Mathison teaches wherein the network node comprises at least one of:
a Bootstrap Server cache;
a Bootstrap server proxy node;
a file server; and
 a peer client device, and 
wherein generating the Bootstrap data object comprises labelling the Bootstrap data object with a characteristic of the device, (Fig. 7, element 110; See also [0034] “FIG. 3 is a diagram illustrating exemplary components of a device 300. Device 300 may correspond, for example, to a component of UE 110, management server 150, bootstrap server 160, eNodeB 220, MME device 230, SGW device 240, PGW device 250, HSS device 260, or another component of network environment 100. Device 300 may include a bus 310, a processor 320, a memory 330, an input component 340, an output component 350, and a communication interface 360.” i.e. a Bootstrap server cache or a peer client device giving the claim the BRI )
Mathison does not teach wherein the characteristic comprises at least one of: a device type; a device identifier; a representation of device capabilities; and
 a representation of data objects configured on the device.  .  ([0053] “bootstrap server 160 may provide management server connection information (e.g., for management server 150) to UE 110 (signal 722). The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150” i.e. a session key corresponding to the UE – a device identifier giving the claim the BRI – is provided in the management server connection info.)

Regarding Claim 51,
 Mathison does not teach wherein the network node is separate from the Bootstrap server and the device  
Khanna teaches wherein the network node is separate from the Bootstrap server and the device  
([0043] – [0045] “a DHCP (or a DHCP/Proxy) server 402, and a boot server 404 … hosted by separate machines (as shown) … The client initiates the protocol by broadcasting a DHCP _DISCOVER …  a DHCP server or a Proxy DHCP server implementing this extended protocol is available, after several intermediate steps, the server sends the client a list of appropriate boot servers. The client then discovers a boot server of the type selected and receives the name of an executable file on the chosen boot server. The client uses TFTP to download the executable from the boot server. Finally, the client initiates execution of the downloaded image.” Emphasis added; see also Fig. 4.
i.e. the address of the boot server(s) is provided by the DHCP or DHCP proxy server, separate from the boot server itself.) 

Regarding Claim 25,
 Mathison teaches wherein the Bootstrap data object further comprises a representation of a prerequisite object configuration that should be existing on the device before configuration of the data object on the device in accordance with the Bootstrap data object, ([0052] “bootstrap server 160 may provide management server connection information (e.g., for management server 150) to UE 110 (signal 722). The management server connection information may include, for example, a management server URL and a session key to allow UE 110 to connect to management server 150”)
wherein the representation of the prerequisite object configuration comprises at least one of:
a representation of data objects that must exist on the device; and
 a representation of data objects that must not exist on the device.  ([0053] “Management server 150 may receive the registration request and obtain a corresponding session key from bootstrap server 160 to authenticate UE 110 (signal 726).” Emphasis added. i.e. the session key sent to the UE – prerequisite object giving the claim the BRI – must match the session key obtained by the management server – representation of data objects that must exist on the device giving the claim the BRI –)
Regarding Claim 29,
 Mathison teaches further comprising:
receiving the Bootstrap data object from a Bootstrap server; and
 
(Fig. 2, element 130; See also  [0032] “MME device 230 may obtain the subscription status information and the bootstrap server address from HSS device 260 when MME device 230 authenticates UE 110 in response to UE 110 requesting to attach to access network 130 … Thus, the bootstrap server address may be stored locally at any of MME 230, PGW device 250, HSS device 260, or another device within access network 130. Regardless of how the bootstrap server address is obtained from access network 130, UE 110 may use the bootstrap server address to initiate communications with bootstrap server 160 over core network 140.” Emphasis added. i.e. access network 130 element 230 receives the bootstrap address from element 260 – boot server giving the claim the BRI – and then provides the bootstrap address to the requestion UE )
Regarding Claim 52,
 Mathison does not teach wherein the network node is separate from a Bootstrap server.
Khanna teaches wherein the network node is separate from a Bootstrap server  ([0043] – [0045] “a DHCP (or a DHCP/Proxy) server 402, and a boot server 404 … hosted by separate machines (as shown) … The client initiates the protocol by broadcasting a DHCP _DISCOVER …  a DHCP server or a Proxy DHCP server implementing this extended protocol is available, after several intermediate steps, the server sends the client a list of appropriate boot servers. The client then discovers a boot server of the type selected and receives the name of an executable file on the chosen boot server. The client uses TFTP to download the executable from the boot server. Finally, the client initiates execution of the downloaded image.” Emphasis added; see also Fig. 4.
i.e. the address of the boot server(s) is provided by the DHCP or DHCP proxy server, separate from the boot server itself.) 

  

Claim(s) 13 and 15-16
 
 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mathison et al., US 2018/0152541 Al, (“Mathison”; Cited by Applicant on IDS dated 4/02/2021) in view of Khanna et. al., US 2005/0071677 Al, (“Khanna”; Cited to but not relied upon in the previous action.) in further view of LIU et al., US 2016/0150001 Al, (“Liu”)
Regarding Claim 13,
 Mathison teaches wherein the representation of the prerequisite object configuration comprises at least one of:
a representation of data objects that must exist on the device; and
 a representation of data objects that must not exist on the device, ([0053] “Management server 150 may receive the registration request and obtain a corresponding session key from bootstrap server 160 to authenticate UE 110 (signal 726).” Emphasis added. i.e. the session key sent to the UE – prerequisite object giving the claim the BRI – must match the session key obtained by the bootstrap server – representation of data objects that must exist on the device giving the claim the BRI –)
Mathison does not teach wherein the representation of the existing object configuration and/or the representation of the prerequisite object configuration comprises at least one of: a checksum; and
 a bloom filter.  Mathison goes on to teach distributing keys and authentication of clients; (Mathison [0023]) 
Liu teaches wherein the representation of the existing object configuration and/or the representation of the prerequisite object configuration comprises at least one of: a checksum; and
 a bloom filter.  (Liu [0109] – [0110] “[0109] In step 407, the access node 20a may decode and authenticate the constructed key … in instances when a constructed key symbol is detected, further authentication may be performed according to a checksum field in the constructed key … The checksum in the constructed key may be set to zero and a CRC function may be performed on the constructed key once. The result may be compared to the known checksum value to satisfy authentication of the received constructed key.”) 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of  Liu with the teaching of Mathison as both references are directed to authenticating computing systems using keys. Moreover, Liu improves on Mathison’s teaching of distributing session keys to authenticate a host (Mathison [0023]) by teaching a technique which further ensures that a distributed key is intact after transmission and during authentication (Liu [0109] – [0110]) thus improving the authentication process by ensuring that the key being used has not been corrupted in transmission.
Regarding Claim 15,
 Mathison does not teach wherein determining that the representation of the existing object configuration and the representation of the prerequisite object configuration are a match comprises determining a similarity between the representation of the existing object configuration on the device and the representation of the prerequisite object configuration is above a threshold level.  
Liu teaches wherein determining that the representation of the existing object configuration and the representation of the prerequisite object configuration are a match comprises determining a similarity between the representation of the existing object configuration on the device and the representation of the prerequisite object configuration is above a threshold level.  (Liu [0109] – [0110] “[0109] In step 407, the access node 20a may decode and authenticate the constructed key … in instances when a constructed key symbol is detected, further authentication may be performed according to a checksum field in the constructed key … The checksum in the constructed key may be set to zero and a CRC function may be performed on the constructed key once. The result may be compared to the known checksum value to satisfy authentication of the received constructed key.”) 
Regarding Claim 16,
 Mathison teaches further comprising: 
subsequent to requesting the Bootstrap data object checking for a request failure condition, ([0043] “The bootstrap status flag, for example, may be toggled "on" when UE 110 has successfully completed a registration with management server 150 via bootstrap server 160. As long as the bootstrap status flag is toggled on, UE 110 may connect to the assigned management server 150”) the request failure condition comprising at least one of receipt of a message indicating that no Bootstrap data object is available and expiry of a request timer; responsive to determining the request failure condition has occurred, .  ([0043] “In one example, the bootstrap status flag may be toggled off when UE 110 fails to provide matching credentials. In another example, the bootstrap status flag may be toggled off when a security change or upgrade is implemented ( e.g., by direction of a network administrator). If a bootstrap status flag is off for a particular UE 110” Emphasis added. i.e. a status flag is toggled – message indicating no bootstrap data object is available giving the claim the BRI –) 
 performing at least one of:  requesting a new Bootstrap data object from a second network node reachable via the network;  sending a Bootstrapping request to a Bootstrapping Server. ([0043] “In one example, the bootstrap status flag may be toggled off when UE 110 fails to provide matching credentials. In another example, the bootstrap status flag may be toggled off when a security change or upgrade is implemented ( e.g., by direction of a network administrator). If a bootstrap status flag is off for a particular UE 110, UE 110 may be redirected to request a bootstrap server address from access network 130. In some implementations, UE 110 may be required to re-attach to access network 130 to submit a new bootstrap server address request.” Emphasis added.)
Claim(s) 31-32
 is/are rejected under 35 U.S.C. 103 as being unpatentable over Mathison et al., US 2018/0152541 Al, (“Mathison”; Cited by Applicant on IDS dated 4/02/2021) in view of Khanna et. al., US 2005/0071677 Al, (“Khanna”; Cited to but not relied upon in the previous action.) in further view of Tripathi et al., US 2013/0238885 Al, (“Tripathi”).
Regarding Claim 31,
 Mathison does not teach further comprising: responsive to the Bootstrap data objects not being available on the network node,  performing at least one of:  ignoring the request;  sending a message to the device indicating that no Bootstrap data object is available; and
  forwarding the request.  
Mathison goes on to teach that bootstrap server address information may be stored on several of the nodes available in its access network (Fig. 2, element 130 and [0032]) 
Tripathi teaches further comprising: responsive to the Bootstrap data objects not being available on the network node,  performing at least one of:  ignoring the request;  sending a message to the device indicating that no Bootstrap data object is available; and
  forwarding the request.  
.  (Fig. 17D, elements 882-886; See also [00265] – [00266] “a request is received by a switching device from a first server, the request being for a boot image for booting the first server. From operation 882, the method flows to operation 884 where a determination is made whether the boot image is available from non-volatile storage in the switching device … From operation 884, the method flows to operation 886 where the request is forwarded to a second server ….” Emphasis added.)
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of  Tripathi with the teaching of Mathison as both references are directed to network bootstrapping. Moreover, Tripathi improves on Mathison’s teaching of an access network providing bootstrapping information to a client in a load balanced environment (Fig. 2, elements 110, 130; See also [0031]-[0033]) by teaching a redundant, distributed network environment which facilitates booting of clients ([0265] and [0057]), thus improving reliability of the booting environment. 
Regarding Claim 32,
 Mathison teaches wherein the network node comprises at least one of: a Bootstrap Server cache; a Bootstrap server proxy node; a file server; and
 a peer client device. (Fig. 7, element 110; See also [0034] “FIG. 3 is a diagram illustrating exemplary components of a device 300. Device 300 may correspond, for example, to a component of UE 110, management server 150, bootstrap server 160, eNodeB 220, MME device 230, SGW device 240, PGW device 250, HSS device 260, or another component of network environment 100. Device 300 may include a bus 310, a processor 320, a memory 330, an input component 340, an output component 350, and a communication interface 360.” i.e. a Bootstrap server cache or a peer client device giving the claim the BRI )
Mathison in view of Khanna does not teach wherein the request comprises a Bootstrap data object request message
wherein the characteristic comprises at least one of:
a device type;
a device identifier;
a representation of device capabilities; and
 a representation of data objects configured on the device, and
Tripathi teaches wherein the request comprises a Bootstrap data object request messagerequest is received by a switching device from a first server, the request being for a boot image for booting the first server” Emphasis added. i.e. the desired boot image -- a characteristic of the device giving the claim the BRI – is requested )
wherein the characteristic comprises at least one of:
a device type;
a device identifier;
a representation of device capabilities; and
 a representation of data objects configured on the device, ([00265] “a determination is made whether the boot image is available from non-volatile storage in the switching device.” i.e. if the requested boot file – representation of objects configured on the device or a device identifier giving the claim the BRI –  is not available on the server – bootstrap data object having a matching label giving the claim the BRI – the request is forwarded.)
Response to Arguments
Applicant's arguments filed 3/14/2022 (“Remarks”) have been fully considered but they are not persuasive.
Applicant argues first that “management server connection information is not the same as a Bootstrap data object. At best, the management server connection information describes the identification of a device management server, which Claim 1 describes as being included in the Bootstrap data object.” Remarks at p. 2.  Applicant argues similarly with respect to claims 28 and 46 at pp. 3-4.
Examiner respectfully disagrees. As discussed in the previous action and in the rejection above, Mathison teaches that a bootstrap data object – management server connection information – is requested (Mathison. Fig. 7, element 716; Fig. 9, element 946). Examiner respectfully agrees with the proposition that the management server information is a subset of the Bootstrap data object.
Next, Applicant argues that “Mathison fails to teach or suggest ‘configuring a data object on the device in accordance with the Bootstrap data object.’ Page 3 of the Office Action asserts that paragraph [0053] of Mathison teaches these features. However, as explained above, Mathison fails to teach or suggest receiving a Bootstrap data object and therefore necessarily fails to teach or suggest configuring a data object on the device in accordance with the Bootstrap data object … At best, this passage describes “requesting registration with the device management server,” however, it fails to teach or suggest configuring a data object on the device.” Remarks at p. 2.
Examiner respectfully disagrees. As discussed above, Mathison teaches receiving the URL of the bootstrap server, then building up a “registration request” to communicate to the server. That is, at least the URL is used to communicate the request to the server. Undertaking this is being interpreted as configuring a data object giving the claim the BRI.
Third, Applicant argues that “Mathison fails to teach or suggest ‘distributing the Bootstrap data object to a network node reachable via the network.’ Page 7 of the Office Action asserts that paragraph [0052] and FIG. 7 of Mathison teach these features. Specifically, the Office Action cites a portion of paragraph [0052] that states a ‘bootstrap server 160 may provide management server connection information (e.g., for management server 150) to UE 110.’ Even assuming for the sake of argument that the management server connection information is the same as a Bootstrap data object (which Applicant does not concede), the UE is not a network node. The UE of Mathison may be correlated to the device in the present claims.” Remarks at p. 3. Emphasis added.
Examiner respectfully disagrees. As discussed in the previous action, the elements management server, bootstrap server, and UE are all connected by a network (see Mathison Fig. 1). In this way, the UE, the bootstrap server, and the management server are all network nodes, giving the claim the BRI.
Applicant next argues that “.FIG. 3 and Device 300 are provided in Mathison to provide support for the hardware of any of the listed devices and the cited passage does not mean that any of the listed devices are interchangeable. Indeed, it would not make since for a UE to be capable of being a bootstrap server and a management server. Accordingly, Mathison fails to teach or suggest the [subject matter of claims 7, 22, and 32]” remarks at p. 4.
Examiner respectfully disagrees. Mathison teaches that each node may have a memory – a cache giving the claim the BRI. Further, each node may be a “peer client device” (See fig. 1 and [0022]). Examiner has not put forth the assertion that a UE can also be a bootstrap server as argued above. Rather Examiner has provided that a network node may comprise at least one of a bootstrap server cache or a peer client device.
Finally, Applicant argues that Mathison does not teach the subject matter of newly added claims 50-52. Remarks at p. 5. On this matter, Examiner respectfully agrees. However, the newly added and amended claims have been rejected over Mathison in view of Khanna, as discussed above.
Conclusion
	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Anand et al., US 2002/0078188 Al, for its teaching of load balancing boot servers.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRIAN J CORCORAN whose telephone number is (571)270-0549. The examiner can normally be reached M-F 07:30 - 16:30 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jaweed Abbaszadeh can be reached on 571-270-1640. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Brian J Corcoran/Examiner, Art Unit 2187                                                                                                                                                                                                        
/JAWEED A ABBASZADEH/Supervisory Patent Examiner, Art Unit 2187