DETAILED ACTION
This notice is in response to the amended claims filed on 06/09/2022 for examination, as well as the claim set alterations indicated to be entered following the applicant interview of 06/28/2022.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The text of those sections of the Title 35 U.S. Code not included in this section can be found in the prior office action.
The prior office actions are incorporated herein by reference. In particular, the observations with respect to claim language, and response to previously presented arguments.
Claims 1 and 9 have been amended.
Claims 6 and 14 have been cancelled.
Claims 1-5, 7-13, and 15 are pending.

Interview Summary
Examiner initiated an Examiner Interview on 06/28/2022. Applicant and Examiner discussed the previously cited disclosure of Lau et al. (US20150121070) in view of Lee (US20100042835) and Oguma et al. (US20170111177), and to the incorporation of subject matter directed to the monitoring agent of the installation package collecting trust parameters. Specific proposed amendments were agreed upon, and applicant subsequently indicated Examiner proceed with entering an Examiner’s Amendment as below.

Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the applicant, an amendment may be filed as provisioned by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for examiner’s amendment was given in email received from applicant on July 1, 2022 to amend claims 1 and 9 as herein.
The application has been amended as follows:

CLAIMS:
1. 	(Currently Amended) A computing platform for onboarding a device into a trusted connected system by establishing a secure communication pathway with the device , the computing platform comprising:
one or more memory storage areas; and
one or more processors collectively configured to:
receive, over a network, device data comprising a unique machine identifier corresponding to the device and a first public cryptography key generated by the device in response to a command provided to the device from an external device ; and
generate a device-specific installation package comprising:
a second public cryptography key generated by the one or more processors as a part of a second public-private cryptography key pair;
the unique machine identifier;
a device agent, wherein the device agent comprises a monitoring agent which periodically transmits parameters used for monitoring trust of the device and device environment to the computing platform;
a one-time use nounce; and
an executable installation script configured to cause the device to install the device agent and to initiate a secure communication connection between the device and the computing platform by passing a message encrypted with the second public cryptography key back to the computing platform, wherein the message comprises the one-time use nounce;
encrypt the device-specific installation package via the first public cryptography key;
provide the device-specific installation package to the device; and
establish a secure communication pathway with the device upon receipt of the encrypted message from the device at least in part by: 
comparing a nounce value from the monitoring agent included within the encrypted message received from the device against the one-time use nounce included within the device-specific installation package; and
upon determining a match between the nounce value and the one-time use nounce, establish the secure communication pathway with the device and invalidate the one-time use nounce.

9. 	(Currently Amended) A computer-implemented method for onboarding a device into a trusted connected system by establishing a secure communication pathway between the device and a computing platform, the method comprising:
receiving, over a network, device data comprising a unique machine identifier corresponding to the device and a first public cryptography key generated by the device in response to a command provided to the device from an external device ; 
generating a second public-private cryptography key pair comprising a second public cryptography key; and
generating a device-specific installation package comprising:
the second public cryptography key;
the unique machine identifier;
a device agent, wherein the device agent comprises a monitoring agent which periodically transmits parameters used for monitoring trust of the device and device environment to the computing platform;
a one-time use nounce; and
an executable installation script configured to cause the device to install the device agent and to initiate a secure communication connection between the device and the computing platform by passing a message encrypted with the second public cryptography key back to the computing platform, wherein the message comprises the one-time use nounce;
encrypting the device-specific installation package via the first public cryptography key;
providing the device-specific installation package to the device; and
establishing a secure communication pathway with the device upon receipt of the encrypted message from the device at least in part by: 
comparing a nounce value from the monitoring agent included within the encrypted message received from the device against the one-time use nounce included within the device-specific installation package; and
upon determining a match between the nounce value and the one-time use nounce, establish the secure communication pathway with the device and invalidate the one-time use nounce.

Allowable Subject Matter
Claims 1-5, 7-13, and 15 are allowed. The following is an examiner’s statement of reasons for allowance (in accordance with MPEP 1302.14): The primary reason for allowance of the foregoing claims in the inclusion of a limitation in the independent claim which is not found in prior art references. Specifically, amended claim 1 recites, inter alia, “a device agent, wherein the device agent comprises a monitoring agent which periodically transmits parameters used for monitoring trust of the device and device environment to the computing platform; […] comparing a nounce value from the monitoring agent included within the encrypted message received from the device against the one-time use nounce included within the device-specific installation package; and upon determining a match between the nounce value and the one-time use nounce, establish the secure communication pathway with the device and invalidate the one-time use nounce”.
Art found of record, e.g., the combination of Lau et al. (US20150121070) in view of Lee (US20100042835) and Oguma et al. (US20170111177) teach a computing platform for onboarding a device into a trusted connected system by establishing a secure communication pathway with the device located at a trusted connected system location, the computing platform comprising: one or more memory storage areas; and one or more processors collectively configured to: receive, over a network, device data comprising a unique machine identifier corresponding to the device and a first public cryptography key generated by the device in response to a command provided to the device from an external device while the device is operating at the trusted connected system location; and generate a device-specific installation package comprising: a second public cryptography key generated by the one or more processors as a part of a second public-private cryptography key pair; the unique machine identifier; a device agent; an executable installation script configured to cause the device to install the device agent and to initiate a secure communication connection between the device and the computing platform by passing a message encrypted with the second public cryptography key back to the computing platform; encrypt the device-specific installation package via the first public cryptography key; provide the device-specific installation package to the device; and establish a secure communication pathway with the device upon receipt of the encrypted message from the device (see as particularly presented in Final Office Action dated 12/09/2021), however fails to teach a similar device agent, wherein the device agent comprises a monitoring agent which periodically transmits parameters used for monitoring trust of the device and device environment to the computing platform; […] comparing a nounce value from the monitoring agent included within the encrypted message received from the device against the one-time use nounce included within the device-specific installation package; and upon determining a match between the nounce value and the one-time use nounce, establish the secure communication pathway with the device and invalidate the one-time use nounce.
Other prior art, e.g., Medvinsky (US6892308) discloses a system for securing communications between devices (see abstract), wherein one-time use nonces are used in each message exchanged between a system and onboarding device (see, e.g., abstract, [0006], [0016-017]), and to determining a match between nonces (Id.), yet fails to similarly fails teach a similar device agent, wherein the device agent comprises a monitoring agent which periodically transmits parameters used for monitoring trust of the device and device environment to the computing platform; […] comparing a nounce value from the monitoring agent included within the encrypted message received from the device against the one-time use nounce included within the device-specific installation package; and upon determining a match between the nounce value and the one-time use nounce, establish the secure communication pathway with the device and invalidate the one-time use nounce. Goto et al. (US20190306698) and Lee (US20170093585) each teach a system for generating a public key in a device in response to transmitted commands in an onboarding system to establish trust (see, e.g., Goto at [0070] and Lee at [0062-063]), yet similarly fail to remedy the aforementioned deficiency.
None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious all features of the invention of the present application claim 1 at or before the time it was filed. Independent claim 9 similarly has been amended to recite language directed to the aforementioned subject matter. Dependent claims 2-5, 7-8 (of claim 1) 10-13, and 15 (of claim 11) incorporate the limitations of their parent claim, and are allowable for at least the same rationale.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

Conclusion
21. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365.  The examiner can normally be reached on Monday-Thursday, & Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 5712723787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/J.R.W./Examiner, Art Unit 2438                                                                                                                                                                                                       

/TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438