DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The preliminary amendment of 11/09/20 was received and considered.
Clams 11 and 21-33 are canceled.  Claims 1-10, 12-20 and 34 are presented for examination. 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim 34 is rejected under 35 U.S.C. 101 as not falling within one of the four statutory categories of invention.  Claim 34 is directed towards a computer readable storage medium.  The broadest reasonable interpretation of a claim drawn to a computer readable medium (also called machine readable medium and other such variations) typically covers forms of non-transitory tangible media and transitory propagating signals per se in view of the ordinary and customary meaning of computer readable media, particularly when the specification is silent.  Paragraph 0092 of the specirfication defines: “The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable medium may be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing.”  A claim drawn to such a computer readable medium that covers both transitory and non-transitory embodiments may be amended to narrow the claim to cover only statutory embodiments to avoid a rejection under 35 U.S.C. § 101 by adding the limitation “non-transitory” to the claim and specification.  
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-10, 12-20 and 34 are rejected under 35 U.S.C. 103 as being unpatentable over White US 2007/0234058 and further in view of Conley et al, US 2004/0215974.

Regarding claim 1, White teaches a method for a network management agent to establish trust of a device (paragraph 0005:  an authentication service that functions as a trustee that connects and intermediates between the various parties involved in authenticating a product), the method comprising: 
receiving, at the network management agent (figs. 1 and 2, authenticiation service) from the device (fig. 1, product and associated electronic device, see abstract), via a first channel (RFID transmission), a first device identifier (fig. 1, 6: unique product identifier, see abstract) ; 
authenticating the device based upon the received first device identifier and a second device identifier of the device provided (abstract: second measurement of the unique product identifier, fig. 1, (8)), via a second channel (abstract: scanning of the tag of the device and RFID transmission), to the network management agent to establishing at the network management agent, trust of the device (See abstract and paragraph 0012:  The reader can compare the product signature with a decrypted version of the stored signature using the corresponding public key. If the two match, then the product is deemed to be authentic); and 
transmitting, from the network management agent to the device, via the first channel, a security token (See abstract, Fig. 1, 9: authentication signal); 
wherein the security token is derived from a device security token of the device provided, via the second channel, to the network management agent (paragraph 0013: the step of communicating an authentication signal when the product identifier from the electronic device is determined to match product identifier data in the database associated with the product signature for the product.).
White lacks or does not expressly disclose  
wherein the first channel is different from the second channel.
However, Conley discloses 
wherein the first channel is different from the second channel (paragraph 0034, primary channel and the secondary channel).  It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify White with Conley to include the first channel is different from the second channel, in order to establish a secondary communication channel, as taught by Conley, paragraph 0034 and abstract.Regarding claim 2, White as modified above, further discloses the method of claim 1, further comprising: in response to authenticating the device, granting the device access to a network (0013: communicating an authentication signal when the product identifier from the electronic device is determined to match product identifier data in the database associated with the product signature for the product.).Regarding claim 3, White as modified above, further discloses the method of claim 1, wherein authenticating the device comprises: determining that the first device identifier corresponds to the second device identifier (Paragraph 0012 and abstract: At the time the product is to be authenticated, a second measurement is taken, which is compared to the product signature. A product identifier from the electronic device may be used to facilitate the comparison. If the signatures match, the product is considered to be authentic.).Regarding claim 4, White as modified above, further discloses the method of claim 1, further comprising: storing the second device identifier of the device and the device security token of the device at the network management agent (abstract: measures a physical attribute of the product, such as a laser speckle, and stores the measurement as a product signature, either in the RFID circuit or remotely. Also see paragraph 0027).Regarding claim 5, White as modified above, further discloses the method of claim 1, further comprising: receiving, at the network management agent from the device, via the first channel, a request for the security token; and transmitting, from the network management agent to the device, via the first channel, the security token derived from the device security token of the device, in response to the request (paragraph 0055: FIG. 2. In this embodiment, a load center application (i.e., the application that loads data onto the processor) requests a public key (1) for use in encrypting a token for the processor.).Regarding claim 6, White as modified above, further discloses the method of claim 1, further comprising: scanning using a scanner device (0044: a product signature scanner), a tag of the device to obtain, via the second channel, the second device identifier of the device and the device security token of the device encoded in the tag (0012: the product identifier data can comprise a copy of the product signature encoded using a private key of a public/private key pair which is stored on the RFID tag.); and receiving, at the network management agent from the scanner device the second device identifier of the device and the device security token of the device (0057: the public key used to encode the token for the processor.).Regarding claim 7, White as modified above, further discloses the method of claim 6, wherein the scanner device is provided at a physical entrance to an area supported by the network management agent, the method further comprising: scanning the tag of the device upon entry to the area (0044: a warehouse scanner that would be used to determine the authenticity of products coming into a loading dock.).Regarding claim 8, White as modified above, further discloses the method of claim 1, further comprising: receiving, at the network management agent from a device retailer the second device identifier of the device and the device security token of the device (0045: a signature can be constructed by imaging each bill with its serial number becoming its unique ID. These can be read by a device at a merchant location, a bank or a device under a consumer's control to validate that a specific bill was not counterfeit.).Regarding claim 9, White as modified above, further discloses the method of claim 1, further comprising: enabling the device to authenticate the network management agent based upon the security token transmitted from the network management agent to the device and another device security token of the device stored at the device; and in response to the device authenticating the network management agent, enabling the device to establish trust of the network management agent (0056: This secure channel can be established using standard PKI certificates and session encryption methods, for example. Over this secure communication channel, the authentication service center and load center application will exchange the public key to be used to encrypt the token to be stored on the processor.).Regarding claim 10, White as modified above, further discloses the method of claim 9, wherein authenticating the network management agent comprises: determining that the security token transmitted from the network management agent corresponds to the another device security token stored at the device (0012: The reader can compare the product signature with a decrypted version of the stored signature using the corresponding public key. If the two match, then the product is deemed to be authentic).Regarding claim 12, White as modified above, further discloses the method of claim 1, further comprising: transmitting, from the network management agent to the device, via the first channel, a request for further device data (0055: a load center application (i.e., the application that loads data onto the processor) requests a public key (1) for use in encrypting a token for the processor. The authentication service center then determines the appropriate public/private key pair to use for the encryption (2) and supplies the appropriate public key to the load center application (3).).Regarding claim 13, White as modified above, further discloses the method of claim 1, further comprising: receiving, at the network management agent, via the second channel, further device data (0055: a load center application (i.e., the application that loads data onto the processor) requests a public key (1) for use in encrypting a token for the processor. The authentication service center then determines the appropriate public/private key pair to use for the encryption (2) and supplies the appropriate public key to the load center application (3).).Regarding claim 14, White as modified above, further discloses the method of claim 1, further comprising: receiving, at the network management agent, via the first channel, further device data (0055: a load center application (i.e., the application that loads data onto the processor) requests a public key (1) for use in encrypting a token for the processor. The authentication service center then determines the appropriate public/private key pair to use for the encryption (2) and supplies the appropriate public key to the load center application (3).).Regarding claim 15, White as modified above, further discloses the method of claim 1, further comprising: receiving, at the network management agent, further device data, and storing the further device data at the network management agent (0056: the authentication service center and load center application will exchange the public key to be used to encrypt the token to be stored on the processor.).Regarding claim 16, White as modified above, further discloses the method of claim 1, further comprising: transmitting, from the network management agent to the device, via the first channel, device configurations for the device (0023: a reader provides an input signal, preferably an electromagnetic signal, to a processor associated with a product. If the processor emits an electromagnetic signal in response, the reader is preferably configured to receive and process such signal. Readers are also preferably configured to communicate with databases located remotely with respect to the reader and product.).Regarding claim 17, White as modified above, further discloses the method of claim 16, further comprising: providing a user interface enabling a user to define the device configurations for the device at the network management agent (0014: an electronic device comprising a memory and a communications interface.).Regarding claims 18-19, White lacks or does not expressly disclose wherein the user interface further enables a user to define device configurations for a type of device at the network management agent .  However, Conley teaches a user to define device configurations for a type of device at the network management agent (0005: exchange the configuration information for those services), the method further comprising: receiving at the network management agent an indication of the type of device; and transmitting, from the network management agent to the device, via the first channel, the device configurations for the type of device (0008:  users then configure their respective applications to connect only to the corresponding authenticated computer, and to encrypt all data sent across the network); the network management agent linking the device to one or more other devices within the network; determining at the network management agent device configurations for the device in response to the device links; and transmitting, from the network management agent to the device, via the first channel, the device configurations for the device (0026: allows the device 200 to communicate through the primary channel link 244 connected to computer/phone interface 234 of the I/O interface 230. The computer/phone interface 234 may be Bluetooth, or as described above, an 802.11 link, an analog headset connection, a direct connection, or a serial connection. The computer/phone interface 234 may also be a direct connection if the computer and phone are a single, integrated device.).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify White with Conley to define device configurations in order to connect to a computer in the network, as taught by Conley, paragraph 0008. As per claims 20 and 34 this is a device and computer readable medium version of the claimed method discussed above in claims 1-19 wherein all claimed limitations have also been addressed and/or cited as set forth above.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 10,250,757 to Russell teaches a first secure channel and a second secure channel for communication of tokens, see claim 1. 
US 8,832,453 to Lord teaches establish a first secure channel between a locked token and the security server system through a client device coupled to the locked token; activate a process to unlock the locked token via the first secure channel; establish a second secure channel between the client device and the security server system in response to activating the process to unlock the locked token, see claim 7. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUBREY H WYSZYNSKI whose telephone number is (571)272-8155. The examiner can normally be reached M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMBIZ ZAND can be reached on 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AUBREY H WYSZYNSKI/Examiner, Art Unit 2434                                                                                                                                                                                                        /KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434