DETAILED ACTION
This Office Action is in response to the application 16/619,906 filed on December 05th, 2019.
Claim 2 was canceled. Claims 1 and 3-26 are pending and herein considered.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Claims
Replacing claims 1, 12 & 22 as following:
Claim 1: (Currently Amended) A system for establishing a distributed trust network, having:
a root of trust (RoT) service with direct knowledge of a RoT of a device, providing authentication services and secure provisioning services of the device on behalf of an application service, thereby the application service can establish a trusted connection with the device without having direct knowledge of the device’s RoT of the device, wherein the RoT service comprises an authentication policy server and an RoT identity server to provide the authentication services, , and wherein the RoT service is configured to:
receive, from a device provisioning service, provisioning policy information that defines requirements for issuing a token;
receive, from an internet of things (IoT) device, a redirect message to authenticate and authorize the IoT device, wherein the redirect message comprising a policy identifier used to identify the provisioning policy information and a provisioning request;
authenticate and authorize the IoT device according to the provisioning policy information issuing a token when the IoT device is authenticated and authorized; and 
send a redirect response to the IoT device with the issued token, wherein the redirect response redirects the IoT device to the device provisioning service with the issued token for the provisioning request to securely provision the IoT device.

Claim 12: (Currently Amended) A method comprising:
receiving, at a device provisioning service, a message from an internet of things (IoT) device to securely provision the IoT device, the message comprising a profile identifier and a provisioning request;
retrieving provisioning policy information using the profile identifier;
determining a Root of Trust (RoT) authentication service to authenticate and authorize the IoT device;
sending, by the device provisioning service, a redirect response to the IoT device to redirect the IoT device to the RoT authentication service to authenticate and authorize the IoT device, wherein the redirect response comprises an encrypted policy identifier used to authenticate the IoT device[[,]]; 
receiving, at the device provisioning service, a provisioning request comprising a token issued by the RoT authentication service[[,]];
validating the provisioning request and the token; and
when the provisioning request and token are validated.

Claim 22: (Currently Amended) A method comprising:
receiving, at a Root of Trust (RoT) authentication service from a device provisioning service, provisioning policy information that defines requirements for issuing a token;
receiving, at the RoT authentication service, a redirect message from an internet of things (IoT) device to authenticate and authorize the IoT device, the redirect message comprising a policy identifier used to identify the provisioning policy information and a provisioning request;
authenticating and authorizing the IoT device by the RoT authentication service according to the provisioning policy information;
issuing a token when the IoT device is authenticated and authorized; and
sending a redirect response to the IoT device with the issued token, wherein the redirect response redirects the IoT device to the device provisioning service with the issued token for the provisioning request to securely provision the IoT device.

Examiner’s Statement of reason for Allowance
The following is an examiner’s statement of reasons for allowance:
The present invention is directed system and methods for Internet of Things (IoT) device management. The closest prior arts, as previously recited, Carrer (U.S. Pub. Number 2016/0285628) and Devine (U.S. Pub. Number 2013/0111576) are also generally direct to various aspects for trusted provisioning and authentication for networked devices in cloud-based IOT/M2M platforms and secure server architecture for web based data management. However, none of Carrer and Devine teaches or suggests, alone or in combination, the particular combinations of steps or elements as recited in the independent claims 1, 12 and 22. For example, none of the cited prior arts teaches or suggests the elements of “a root of trust (RoT) service with direct knowledge of a RoT of a device, providing authentication services and secure provisioning services of the device on behalf of an application service, thereby the application service can establish a trusted connection with the device without having direct knowledge of the device’s RoT of the device, wherein the RoT service comprises an authentication policy server and an RoT identity server to provide the authentication services, a front-end protocol of the authentication policy server is protocol-specific to the device and holds a state of the device, a back-end protocol between the authentication policy server and the RoT identity server is independent of the front-end protocol and is state-less, and wherein the RoT service is configured to: receive, from a device provisioning service, provisioning policy information that defines requirements for issuing a token; receive, from an internet of things (IoT) device, a redirect message to authenticate and authorize the IoT device, wherein the redirect message comprising a policy identifier used to identify the provisioning policy information and a provisioning request; authenticate and authorize the IoT device according to the provisioning policy information issuing a token when the IoT device is authenticated and authorized; and send a redirect response to the IoT device with the issued token, wherein the redirect response redirects the IoT device to the device provisioning service with the issued token for the provisioning request to securely provision the IoT device.” Therefore, the claims are allowable over the cited prior arts.

Conclusion
Examiner encourages Applicant to fill out and submit form PTO-SB-439 to allow internet communications in accordance with 37 CFR 1.33 (MPEP 502.03).  Should the need arise to perfect applicant-proposed or examiner’s amendments, authorization for e-mail correspondence would have already been authorized and would save time.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087.  The examiner can normally be reached on 9:00 AM - 5:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/KHOI V LE/
Primary Examiner, Art Unit 2436