DETAILED ACTION
This Office action is in response to Amendment filed on 05/27/2022.  Claims 1, 3, 9, 13, 17, and 19 are amended.  Claim 16 is canceled.  Claims 1-15 and 17-22 remain pending in the application.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments (pg. 8), filed on 05/27/2022, with respect to the 112 rejections of claims 1-22 have been considered but are moot because the arguments do not apply to the newly found reference being used in the current rejection.

Response to Amendment
The Amendment filed on 05/27/2022 has been entered.  Applicant’s amendments to the Claims have overcome the 112(a) and 112(b) rejections previously set forth in the Non-Final Rejection mailed on 03/29/2022.

Claim Objections
Claim 6 is objected to because of the following informalities:  
Regarding claim 6, the limitations “unmapping the signed unique certificate from the sensor” (line 2) and “reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority” (lines 4-5) are recommended to be deleted due to redundancy with claim 1.
Appropriate corrections are required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-15 and 17-22 are rejected under 35 U.S.C. 103 as being unpatentable over Goluboff (US 2016/0323689 A1, hereinafter “Goluboff”) in view of Bhatia et al. (US 2018/0288179 A1, hereinafter “Bhatia”) further in view of Kommireddy et al. (US 2017/0041151 A1, hereinafter “Kommireddy”).

Regarding claim 1, Goluboff discloses:
A computer-implemented method comprising:
onboarding a sensor onto a network managed by a network management system (onboarding IoT device onto network, Goluboff: [0041], [0042]).
Goluboff does not explicitly disclose:
generating a unique identifier for the sensor;
mapping the unique identifier to a serial number of the sensor to distinctively associate the unique identifier with the serial number, wherein the unique identifier is reassignable to different sensors within the network;
sending a certificate signing request to a certificate authority;
receiving a signed unique certificate from the certificate authority, wherein the signed unique certificate includes the unique identifier;
mapping the signed unique certificate to the unique identifier for the sensor and the signed unique certificate is recyclable to the different sensors within the network;
assigning the signed unique certificate to the sensor;
unmapping the signed unique certificate from the sensor; and
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority.
However, in the same field of endeavor, Bhatia teaches:
generating a unique identifier for the sensor (generating device identifier for IoT device, Bhatia: [0013], [0014]);
mapping the unique identifier to a serial number of the sensor to distinctively associate the unique identifier with the serial number, wherein the unique identifier is reassignable to different sensors within the network (mapping globally unique identifiers of IoT devices to pool of device identifiers, Bhatia: [0013], [0014]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Bhatia in order to further modify the method of onboarding IoT sensor devices onto network using signed certificates from the teachings of Goluboff with the method of mapping unique identifiers of IoT sensor devices to pool of device identifiers from the teachings of Bhatia.
One of ordinary skill in the art would have been motivated because it would have reduced overhead (Bhatia: [0073]).
Goluboff in view of Bhatia does not explicitly disclose:
sending a certificate signing request to a certificate authority;
receiving a signed unique certificate from the certificate authority, wherein the signed unique certificate includes the unique identifier;
mapping the signed unique certificate to the unique identifier for the sensor and the signed unique certificate is recyclable to the different sensors within the network;
assigning the signed unique certificate to the sensor;
unmapping the signed unique certificate from the sensor; and
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority.
However, in the same field of endeavor, Kommireddy teaches:
sending a certificate signing request to a certificate authority (sending certificate signing request to certificate authority, Kommireddy: [0037]);
receiving a signed unique certificate from the certificate authority, wherein the signed unique certificate includes the unique identifier (receiving signed certificate from certificate authority, Kommireddy: [0030], [0036]-[0038]);
mapping the signed unique certificate to the unique identifier for the sensor and the signed unique certificate is recyclable to the different sensors within the network (linking signed certificate to unique device identifier, Kommireddy: [0020], [0038], [0039]);
assigning the signed unique certificate to the sensor (sending signed certificate to device, Kommireddy: [0040]);
unmapping the signed unique certificate from the sensor (removing link between unique device identifier and corresponding certificates, Kommireddy: [0038]); and
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority (linking signed certificate to unique device identifier, Kommireddy: [0020], [0038], [0039]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Bhatia further in view of Kommireddy in order to further modify the method of onboarding IoT sensor devices onto network based on mapping unique identifiers of IoT sensor devices to pool of device identifiers from the combined teachings of Goluboff and Bhatia with the method of using signed certificates from certificate authority linked to unique device identifiers from the teachings of Kommireddy.
One of ordinary skill in the art would have been motivated because it would have improved security (Kommireddy: [0002]).

Regarding claim 2, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 1 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the sensor is a troubleshooting sensor for the network management system (IoT device having monitoring sensor, Goluboff: [0035], [0038]).

Regarding claim 3, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 1 above.
Goluboff-Bhatia-Kommireddy further discloses:
exchanging the signed unique certificate in an EAP-TLS exchange between the sensor, the certificate authority, the network, and authentication, authorization, and accounting (AAA) appliances of the network management system (securing connection using EAP-TLS and X.509 certificate, Goluboff: [0043]); and
establishing a dot1x EAP-TLS exchange between the sensor, the certificate authority, and the AAA appliances of the network management system (establishing connection using EAP-TLS and X.509 certificate, Goluboff: [0043]).

Regarding claim 4, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 1 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the certificate signing request further includes a requesting multiple certificates attribute and wherein the network management system receives multiple signed unique certificates for respective sensors from the certificate authority (certificate signing request including additional field for specifying request for one or more certificates, Kommireddy: [0032]).

Regarding claim 5, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 4 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the network management system maintains a pool of signed unique certificates of which the signed unique certificates can be used to map onto incoming sensors (maintaining existing pool of certificates, Kommireddy: [0028]).

Regarding claim 6, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 5 above.
Goluboff-Bhatia-Kommireddy further discloses:
unmapping the signed unique certificate from the sensor (removing link between unique device identifier and corresponding certificates, Kommireddy: [0038]);
maintaining the signed unique certificate in the pool of signed unique certificates (maintaining existing pool of certificates, Kommireddy: [0028]); and
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority (linking signed certificate to unique device identifier, Kommireddy: [0020], [0038], [0039]).

Regarding claim 7, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 4 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the signed unique certificate is a X.509 certificate (signed certificate being X.509 certificate, Goluboff: [0043]) and wherein # of certs requested for is an attribute in the certificate signing request to the certificate authority using a PKCSReg or a GetCert request (certificate signing request including additional field for specifying request for one or more certificates, Kommireddy: [0032]).

Regarding claim 8, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 7 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the certificate signing request is a CertRequest (certificate signing request using CertRequest, Kommireddy: [0029]).

Regarding claim 9, Goluboff discloses:
A non-transitory computer-readable medium comprising instructions stored thereon that when executed are effective to cause one or more processors of a network management system to:
onboard, via the network management system, a sensor onto the network managed by the network management system (onboarding IoT device onto network, Goluboff: [0041], [0042]).
Goluboff does not explicitly disclose:
receive, at a network management system for a network, a request for a sensor certificate;
generate, via a sensor certificate lifecycle manager associated with the network management system, a unique identifier for the sensor;
map the unique identifier to a serial number of the sensor to distinctively associate the unique identifier with the serial number, wherein the unique identifier is reassignable to different sensors within the network;
send, via the sensor certificate lifecycle manager, a certificate signing request for the sensor using the unique serial number to a certificate authority;
receive, via the sensor certificate lifecycle manager, a signed unique certificate for the sensor from the certificate authority, wherein the signed unique certificate includes the unique identifier;
map, via the network management system, the signed unique certificate to the sensor and the signed unique certificate is recyclable to the different sensors within the network based on the unique identifier being reassignable;
assign the signed unique certificate to the sensor;
unmap the signed unique certificate from the sensor; and
reassign the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority.
However, in the same field of endeavor, Bhatia teaches:
generate, via a sensor certificate lifecycle manager associated with the network management system, a unique identifier for the sensor (generating device identifier for IoT device, Bhatia: [0013], [0014]);
map the unique identifier to a serial number of the sensor to distinctively associate the unique identifier with the serial number, wherein the unique identifier is reassignable to different sensors within the network (mapping globally unique identifiers of IoT devices to pool of device identifiers, Bhatia: [0013], [0014]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Bhatia in order to further modify the method of onboarding IoT sensor devices onto network using signed certificates from the teachings of Goluboff with the method of mapping unique identifiers of IoT sensor devices to pool of device identifiers from the teachings of Bhatia.
One of ordinary skill in the art would have been motivated because it would have reduced overhead (Bhatia: [0073]).
Goluboff in view of Bhatia does not explicitly disclose:
receive, at a network management system for a network, a request for a sensor certificate;
send, via the sensor certificate lifecycle manager, a certificate signing request for the sensor using the unique serial number to a certificate authority;
receive, via the sensor certificate lifecycle manager, a signed unique certificate for the sensor from the certificate authority, wherein the signed unique certificate includes the unique identifier;
map, via the network management system, the signed unique certificate to the sensor and the signed unique certificate is recyclable to the different sensors within the network based on the unique identifier being reassignable;
assign the signed unique certificate to the sensor;
unmap the signed unique certificate from the sensor; and
reassign the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority.
However, in the same field of endeavor, Kommireddy teaches:
receive, at a network management system for a network, a request for a sensor certificate (receiving certificate signing request, Kommireddy: [0028]);
send, via the sensor certificate lifecycle manager, a certificate signing request for the sensor using the unique serial number to a certificate authority (sending certificate signing request to certificate authority, Kommireddy: [0037]);
receive, via the sensor certificate lifecycle manager, a signed unique certificate for the sensor from the certificate authority, wherein the signed unique certificate includes the unique identifier (receiving signed certificate from certificate authority, Kommireddy: [0030], [0036]-[0038]);
map, via the network management system, the signed unique certificate to the sensor and the signed unique certificate is recyclable to the different sensors within the network based on the unique identifier being reassignable (linking signed certificate to unique device identifier, Kommireddy: [0020], [0038], [0039]);
assign the signed unique certificate to the sensor (sending signed certificate to device, Kommireddy: [0040]);
unmap the signed unique certificate from the sensor (removing link between unique device identifier and corresponding certificates, Kommireddy: [0038]); and
reassign the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority (linking signed certificate to unique device identifier, Kommireddy: [0020], [0038], [0039]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Bhatia further in view of Kommireddy in order to further modify the method of onboarding IoT sensor devices onto network based on mapping unique identifiers of IoT sensor devices to pool of device identifiers from the combined teachings of Goluboff and Bhatia with the method of using signed certificates from certificate authority linked to unique device identifiers from the teachings of Kommireddy.
One of ordinary skill in the art would have been motivated because it would have improved security (Kommireddy: [0002]).

Regarding claim 10, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 9 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein mapping the unique serial number to the sensor comprises mapping the unique serial number to a MAC address of the sensor (unique device identifier corresponding to MAC address of device, Kommireddy: [0026]).

Regarding claim 11, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 9 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein mapping the unique serial number to the sensor comprises mapping the unique serial number to a factory assigned serial number of the sensor (unique device identifier corresponding to GUID of device, Kommireddy: [0026]).

Regarding claims 12-15, 17, and 18, they do not teach or further define over the limitations in claims 2-5, 7, and 8.  Therefore, claims 12-15, 17, and 18 are rejected for the same reasons as set forth in the rejections of claims 2-5, 7, and 8 above.

Regarding claim 19, Goluboff discloses:
A system comprising:
a network management system that controls and manages onboarding of troubleshooting sensors onto a network onboarding IoT device onto network, Goluboff: [0041], [0042]):
onboarding a sensor onto a network (onboarding IoT device onto network, Goluboff: [0041], [0042]).
Goluboff does not explicitly disclose:
a network management system that 
generating a unique identifier for the sensor;
mapping the unique identifier to a serial number of the sensor to distinctively associate the unique identifier with the serial number, wherein the unique identifier is reassignable to different sensors within the network;
sending a certificate signing request to a certificate authority;
receiving a signed unique certificate from the certificate authority, wherein the signed unique certificate includes the unique identifier;
mapping the signed unique certificate to the unique identifier for the sensor and the signed unique certificate is recyclable to the different sensors within the network;
assigning the signed unique certificate to the sensor;
unmapping the signed unique certificate from the sensor;
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority; and
a sensor certificate lifecycle manager, which interfaces with the network management system and a certificate authority, that manages a pool of signed unique certificates and revokes or reassigns any signed unique certificates that need to be revoked or reassigned.
However, in the same field of endeavor, Bhatia teaches:
generating a unique identifier for the sensor (generating device identifier for IoT device, Bhatia: [0013], [0014]);
mapping the unique identifier to a serial number of the sensor to distinctively associate the unique identifier with the serial number, wherein the unique identifier is reassignable to different sensors within the network (mapping globally unique identifiers of IoT devices to pool of device identifiers, Bhatia: [0013], [0014]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Bhatia in order to further modify the system for onboarding IoT sensor devices onto network using signed certificates from the teachings of Goluboff with the system for mapping unique identifiers of IoT sensor devices to pool of device identifiers from the teachings of Bhatia.
One of ordinary skill in the art would have been motivated because it would have reduced overhead (Bhatia: [0073]).
Goluboff in view of Bhatia does not explicitly disclose:
a network management system that 
sending a certificate signing request to a certificate authority;
receiving a signed unique certificate from the certificate authority, wherein the signed unique certificate includes the unique identifier;
mapping the signed unique certificate to the unique identifier for the sensor and the signed unique certificate is recyclable to the different sensors within the network;
assigning the signed unique certificate to the sensor;
unmapping the signed unique certificate from the sensor;
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority; and
a sensor certificate lifecycle manager, which interfaces with the network management system and a certificate authority, that manages a pool of signed unique certificates and revokes or reassigns any signed unique certificates that need to be revoked or reassigned.
However, in the same field of endeavor, Kommireddy teaches:
a network management system that linking signed certificate to unique device identifier, Kommireddy: [0020], [0039]):
sending a certificate signing request to a certificate authority (sending certificate signing request to certificate authority, Kommireddy: [0037]);
receiving a signed unique certificate from the certificate authority, wherein the signed unique certificate includes the unique identifier (receiving signed certificate from certificate authority, Kommireddy: [0030], [0036]-[0038]);
mapping the signed unique certificate to the unique identifier for the sensor and the signed unique certificate is recyclable to the different sensors within the network (linking signed certificate to unique device identifier, Kommireddy: [0020], [0038], [0039]);
assigning the signed unique certificate to the sensor (sending signed certificate to device, Kommireddy: [0040]);
unmapping the signed unique certificate from the sensor (removing link between unique device identifier and corresponding certificates, Kommireddy: [0038]); and
reassigning the signed unique certificate to a new sensor provisioned onto the network without generating a new certificate from the certificate authority (linking signed certificate to unique device identifier, Kommireddy: [0020], [0038], [0039]).
a sensor certificate lifecycle manager, which interfaces with the network management system and a certificate authority, that manages a pool of signed unique certificates and revokes or reassigns any signed unique certificates that need to be revoked or reassigned (communicating with certificate authority and removing link between unique device identifier and corresponding certificates, Kommireddy: [0028], [0037]-[0039]).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Goluboff in view of Bhatia further in view of Kommireddy in order to further modify the system for onboarding IoT sensor devices onto network based on mapping unique identifiers of IoT sensor devices to pool of device identifiers from the combined teachings of Goluboff and Bhatia with the system for using signed certificates from certificate authority linked to unique device identifiers from the teachings of Kommireddy.
	One of ordinary skill in the art would have been motivated because it would have improved security (Kommireddy: [0002]).

Regarding claim 20, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 19 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the sensor certificate lifecycle manager interfaces with the certificate authority via a Simple Certificate Enrollment Protocol interface (communicating with certificate authority using simple certificate enrollment protocol, Kommireddy: [0002], [0037]).

Regarding claim 21, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 19 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the signed unique certificate is an EAP-TLS certificate (securing connection using EAP-TLS and X.509 certificate, Goluboff: [0043]).

Regarding claim 22, Goluboff-Bhatia-Kommireddy teaches all the claimed limitations as set forth in the rejection of claim 19 above.
Goluboff-Bhatia-Kommireddy further discloses:
wherein the system further comprises a zero-touch plug and play interface for the sensors to be onboarded through (zero-touch deployment of IoT device, Goluboff: [0041]).








Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
In the case of amendments, applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and support, for ascertaining the metes and bounds of the claimed invention.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GIL H. LEE whose telephone number is 571-272-3408.  The examiner can normally be reached on Mon-Fri: 9am-6pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian J. Gillis can be reached on 571-272-7952.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center.  Unpublished application information in Patent Center is available to registered users.  To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov.  Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format.  For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GIL H. LEE/
Primary Patent Examiner, Art Unit 2446