DETAILED ACTION
  
Response to Arguments
 Examiner did not identify any arguments.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claim 1, 3-8, 10-15, and 17-23   is/are rejected under 35 U.S.C. 103 as being unpatentable over 
SINHA(US2012/0240183 hereinafter Sinha) 
in view of  Obaidi et al (US 9769671 hereinafter Obaidi) 
in further view of KWON et al ( US 2014/0150049 hereinafter Kwon) 
in further view of  Walker (US 2020/0104144 hereinafter Walker)


As to claim 1,   
Sinha discloses s method comprising: 
in a cloud node   Fig 5 502 / Fig 6 502 cloud node
executing a security service, 
[0005] cloud node is configured to perform mobile device policy and security 
enforcement while concurrently providing access to the network
			in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316
in further view of  [0027] processing nodes 110 may include a decision system …
causing 
[0084] Once installed, the mobile device is configured to connect to a network using 
the mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement.
			in view of Fig 18 1806
in further view of  [0085]-[0087] state that methods 1900 and 2000 may be 
implemented 'through' and 'with' a mobile device and the cloud based security system 
a mobile device 
Fig 2 220/230 in view of Fig 18 1802 end user device
via an application Fig 18 1804 mobile profile and/or application  in view of [0084] application
[[to perform]] a validation check 
 [0084] the mobile device is configured to connect to a network using the 
mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement (i.e. Fig 18 1808).
  see also  Fig 19 1900 in view of [0086] security score items 1-6
*It should be noted that the claim limitations also include an amended limitation of 'the validation check is performed via the application and the fake check service' indicating that the limitation of 'causing the mobile device to perform' may be interpreted as 'causing the mobile device to participate in performing a validation check' because the claim includes a validation check performed via the application on a mobile device and a fake check service indicating that the entire validation check is not performed only by the application. As such, Sinha discloses the performing by the mobile device limitation at least in [0084] because once the app in installed in step 1804 traffic is routed through the cloud based security system so that the system can perform content inspection and policy enforcement
[[to determine if the mobile device is any of fake, counterfeit, jailbroken, and rooted; ]]
[[wherein the determining is done based on hardware and/or software details]]
prior to  Fig 18 step 1804 occurs before Fig 18 step 1806-08 corresponding to methods 1900/200
the causing, 
[0084] Once installed, the mobile device is configured to connect to a network using 
the mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement.
in view of Fig 18 1806   see also  Fig 19 1900 in view of [0086] security score items 1-6
an application Fig 18 1804 mobile profile and/or application  in view of [0084] application
is installed Fig 18 1804 installed
and launched  
[0086] app behavior 
in view of  [0084]connect/communication requires launching (i.e. execution of the app)
on the mobile device Fig 2 220/230 in view of Fig 18 1802 end user device

wherein the mobile device can be a laptop  see Fig 1 220 laptop

wherein registration 
[0084] Once installed, the mobile device is configured to connect to a network using 
the mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement.
			see also [0074] enrolled
with 
[0084] Once installed, the mobile device is configured to connect to a network using 
the mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement.
the security service 
[0005] cloud node is configured to perform mobile device policy and security 
enforcement while concurrently providing access to the network
			in view of  [0062] cloud nodes 502 may include processing nodes 110
requires 
[0084] the application is installed…once installed, the mobile is configured to connect
in view of [0086] real-time analysis of app behavior
the application, Fig 18 1804 mobile profile and/or application in view of [0084] application

and wherein the validation check is performed, 
[0084] the mobile device is configured to connect to a network using the 
mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement (i.e. Fig 18 1808).
  see also  Fig 19 1900 in view of [0086] security score items 1-6
	  in view of  [0085] method 1900 may be implemented in network 1700 see  Fig 17A
	in further view of [0082]  all network content is scanned
[[responsive to the registration, ]]
via [0082] application generated traffic is scanned
the application 
Fig 18 1804 mobile profile and/or application in view of [0084] application
in view of [0084] application in view of  Fig 17A 400
and a fake check service  
Fig 17A 100, 500 in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316 see also  [0083] system 100, 500
[[that is separate from the security service;]]

responsive to [0037] user login credentials for registered users
the validation check 
[0084] the mobile device is configured to connect to a network using the 
mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement (i.e. Fig 18 1808).
being successful 
[0080] traffic forwarded from the mobile device 400 to network 1710 (see  Fig 17A)
in view of  [0089] if the data does not violate the policy, the system may forward the data 
to the Internet 
		receiving validation credentials [0068] CA 560 provides the cloud node with authentication data
						Because each inbound message is examined (i.e. validation 
check) the message in which the credentials are sent is 
validated;  therefore the reception thereof is in response thereof
*albeit this passage does not specifically reference credentials, one of ordinary skill in the art would understand that an obvious embodiment of authentication data includes validation credentials  
		at the cloud node[0068] CA 560 provides the cloud node with authentication data
		from [0037] user login credentials 
          in view of  [0038] client devices can store login information to enterprise 200
In other words, the authentication data (e.g. credentials)  supplied by the CA 560 are 'from' the mobile device because one of ordinary skill in the art would understand that a user enters 'user login credentials' at the mobile device and therefore no matter what path those credentials take enroute to the cloud node (i.e. via the CA 560), the credentials may be considered to be 'from' the mobile device.
                             the mobile device Fig 2 220/230 in view of Fig 18 1802 end user device
		that validates  [0074] validates the mobile device 550
the mobile device Fig 2 220/230 in view of Fig 18 1802 end user device
		to the cloud node
[0068] CA 560 provides the cloud node with authentication data
in view of [0068] upon successful authentication
in further view of Applicant specification [0016]
		[[as not being any of fake, counterfeit, jailbroken, and rooted  ]]
 

the validation credentials [0068] CA 560 provides the cloud node with authentication data
		being generated
As shown on Fig 5, CA 560  and CN 502 are connected via INTERNET using  HTTP as 
suggested in [0074].   Therefore, when CA 560 provides authentication data (i.e. 
credentials) to CN 502 it is over HTTP which requires a 'generation' step  for generating a signal to propagate the authentication data over the INTERNET using HTTP. 
		by the fake check service
Fig 17A 100, 500 
in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316 see also  [0083] system 100, 500

the validation credentials [0068] CA 560 provides the cloud node with authentication data
		being provided to [0072] provisioning various functions and features including credentials
		the mobile device Fig 2 220/230 in view of Fig 18 1802 end user device
		from [0066] provisioned from MDM API which interfaces to cloud node 502
		fake check service
Fig 17A 100, 500 
in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316 see also  [0083] system 100, 500
		
		and then provided 
			[0040] processing node 110 may include a state manager 116A that may be used to 
maintain the authentication and authorization states of users that submit requests to the processing node 110.  It would be obvious that the authentication data referenced in [0040] is provided to the state manager 116A for the purpose of maintaining the authentication status.
to the security service
[0005] cloud node is configured to perform mobile device policy and security 
enforcement while concurrently providing access to the network
			in view of  [0062] cloud nodes 502 may include processing nodes 110
			in further view of  [0040] processing node 110 may include a state manager 116A

[[upon]]
validation the validation check 
[0084] the mobile device is configured to connect to a network using the 
mobile profile and/or application.  Here, the mobile device is configured such that the data communications is through the cloud-based security system configured to provide content inspection and policy enforcement (i.e. Fig 18 1808).
being successful   
[0080] traffic forwarded from the mobile device 400 to network 1710 (see  Fig 17A)
in view of  [0080] enforcing policy including blocking non-compliant traffic
		in other words, if traffic is not blocked the validation check 
		was successful

responsive to [0067] sign up for cloud MDM  
the sign up process includes the credential exchange of [0068] and the sign up process is the initial step for the MDM functions of Fig 20
the receiving of the validation credentials
	[0068] CA 560 provides the cloud node with authentication data
*albeit this passage does not specifically reference credentials, one of ordinary skill in the art would understand that an obvious embodiment of authentication data includes validation credentials  
at the cloud node Fig 5 502 / Fig 6 502 cloud node
allowing traffic to and from the mobile device Fig 20 steps 2018 / 2010
through 
[0084] data communications is through the cloud based security system
in view of Fig 6 608/612
the security service; [0005] cloud node is configured to perform mobile device policy and security 


and responsive to the validation being unsuccessful, Fig 20 steps 2006 / 2016  No path
an not receiving the validation credentials at the cloud node  
Fig 20 step 2004 
in view of  [0068]upon successful authentication , an ActiveSync account is provisioned
In other words, without receiving credentials there is no provisioned account and therefore, there can be no policy available to apply in Fig 20 2004
preventing traffic to and from the mobile device Fig 20 steps 2008 DATA BLOCKED
through 
[0084] data communications is through the cloud based security system
in view of Fig 6 608/612
the security service. [0005] cloud node is configured to perform mobile device policy and security 

Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to understand that Sinha teaches 
the validation credentials being provided to  the mobile device  from  fake check service upon validation the validation check being successful   
because 
In Ex parte Rubin, 128 USPQ 440 (Bd. App. 1959) (Prior art reference disclosing a process of making a laminated sheet wherein a base sheet is first coated with a metallic film and thereafter impregnated with a thermosetting material was held to render prima facie obvious claims directed to a process of making a laminated sheet by reversing the order of the prior art process steps.). See also In re Burhans, 154 F.2d 690, 69 USPQ 330 (CCPA 1946) (selection of any order of performing process steps is prima facie obvious in the absence of new or unexpected results); In re Gibson, 39 F.2d 975, 5 USPQ 230 (CCPA 1930) (Selection of any order of mixing ingredients is prima facie obvious.).

Therefore the Sinha reference, which discloses each of the steps of the claimed method as shown above, renders the claimed method steps obvious not withstanding any intended particular execution order of the claimed steps.

Sinha does not disclose
the validation check is performed responsive to the registration

causing a mobile device to perform a validation check to determine if the mobile device is any of fake, counterfeit

wherein the determining is done based on hardware and/or software details

a fake check service that is separate from the security service

credentials……that  validates the mobile device to the cloud node as not being any of fake, counterfeit, jailbroken, and rooted   




Obaidi teaches
the validation check is performed 
C2 44-55 a gateway can receive the IMEI and chipset S/N and check within a database to 
  determine if the IMEI and chipset S/N are authentic
responsive to the registration
C2 44-50  In embodiments, when a mobile device attempts to register i.e. access a 
communications network a gateway can receive the IMEI and chipset S/N from the mobile device.  For example, the request to register may include the IMEI and the chipset S/N

causing a mobile device to perform a validation check to determine if the mobile device is any of fake, counterfeit  *examiner interprets fake and counterfeit as synonymous
	C6 66 – C7 20  the mobile device may be listed as 'fake' when the IMEI and chipset S/N 
are not listed in the database

		wherein the determining is done based on hardware and/or software details
C6 66 – C7 20  the mobile device may be listed as 'fake' when the IMEI and chipset 
S/N are not listed in the database
			in view of Applicant specification [0049] wherein an example of the claimed hardware 
and software details includes a device registry to validate IMEI information

a fake check service  Fig 5 Server 500 module 504
that is separate from  the security service  
C9 20-23 server 500 may be located in the RNC or gateway 110 or may be a separate 
  entity located separately

credentials that  validates the mobile device to the cloud node as not being any of fake, counterfeit, jailbroken, and rooted   
C6 66 – C7 20  the mobile device may be listed as 'fake' when the IMEI and chipset 
S/N are not listed in the database



Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to combine the teachings of Sinha and Obaidi as elements known in the prior art combined to yield predictable results.  For example in [0084] , Sinha suggests that validation is performed responsive to the registration.  Here, registration is interpreted as Sinha[0084] the mobile device is configured to connect.  Following the connection,  Sinha adds that data communication is through the cloud-based security.  As such, Sinha suggests that the validation, which is responsive to the data communications, is also responsive to the connection (i.e. the claimed registration) but Sinha does not specifically state that the validation is responsive to the initial connection.  Obaidi cures Sinha's deficiency in C2 44-55 by (1) teaching that registration amounts to 'access a communications network' which corresponds to Sinha's disclosed [0084] 'connect to a network'  and (2) that when a mobile device attempts to register, a gateway can receive the IMEI and chipset S/N from the mobile device, check a database, and determine if the registering device is authentic thereby arriving at the claimed invention.


Neither Sinha nor Obaidi teaches
causing a mobile device to perform a validation check to determine if the mobile device is any of fake, counterfeit, jailbroken, and rooted

	Kwon teaches 
[0028] jailbreak or rooting information may be generated when the MDM agent detects a state change of the mobile device
therefore
	Sinha combined with Obaidi and further modified by Kwon teaches
causing a mobile device to perform a validation check to determine if the mobile device is any of fake, counterfeit, jailbroken, and rooted
because
Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to combine the teachings of Sinha, Obaidi, and Kwon as elements known in the prior art combined to yield predictable results.  For example, Sinha discloses that downloading an application to jailbreak a mobile device may be detected and blocked see  [0092].  In [0028], Kwon adds that the jailbroken/rooted status may also be detected and reported.  Therefore,   Sinha may be improved by incorporating Kwon's additional check.  Sinha demonstrates a motivation for Kwon's check because Sinha system is configured to prevent a jailbreaking application from being downloaded.  By incorporating Kwon, efficacy of Sinha is increased in such case that the jailbreaking application download prevention fails, Sinha as modified by Kwon may detect that the application was used to jailbreak the phone and thereby take resulting remediation action such as shown in Kwon Fig 3 314 BLOCK SERVICES not unlike Sinha Fig 20 2008 DATA BLOCKED

Moreover,  in [0026] Sinha discloses that the cloud based MDM system may also work with an MDM client thereby further supporting the combination of Sinha, Obaidi and Kwon.


Neither Sinha nor Obaidi nor Kwon teaches
causing a mobile device to perform a validation check to determine if the mobile device is any of fake, counterfeit, jailbroken, and rooted

Walker teaches
causing a mobile device to perform a validation check to determine if the mobile device is any of fake, counterfeit, jailbroken, and rooted  
[0061] object 116 may check to determine if device 100 has been rooted
in view of  Fig 1 116 replacement instrumentation object 116 within device 100

Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to combine the teachings of Sinha, Obaidi, Kwon and Walker as elements known in the prior art combined to yield predictable results.  For example, Sinha and Obaidi each teach that the mobile device participates in the validation.  However, Walker specifically lays out that application i.e. object 116  performs the check thereby arriving at the claimed invention.  

As to claim 3,   
Sinha discloses
the application 
Fig 18 1804 mobile profile and/or application 
in view of [0084] application in view of  Fig 17A 400 
provides metadata [0085] various attributes, exemplary attributes see also Fig 20 step 2002
related to the device Fig 2 220/230 in view of  Fig 17A 400
and [[hardware]]
and/or software details [0086]  security attributes, privacy attributes
of the device Fig 2 220/230 in view of Fig 18 1802 end user device
to [0085] method 1900 may be implemented by system 100, 500 
the fake check service 
Fig 17A 100, 500 in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316  see also  [0083] system 100, 500


and the fake check service 
Fig 17A 100, 500 in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316  see also  [0083] system 100, 500
performs 
[0085] method 1900 may be implemented in network 1700  see  [0082] and Fig 17A-B
in view of  [0085] method 1900 may be implemented by system 100, 500
the validation check Fig 19 1900 in view of  [0086] security score based on items 1-6
providing a result Fig 17A clean traffic
of either successful validation or unsuccessful validation Fig 20 2006 / 2016
to the application
[0084] application in view of  Fig 17A 400

Sinha does not disclose
	the application provides hardware details of the device

Obaidi teaches
the application provides hardware details of the device
C2 44-55 a gateway can receive the IMEI and chipset S/N and check within a database to 
determine if the IMEI and chipset S/N are authentic

Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to combine the teachings of Sinha and Obaidi as elements known in the prior art combined to yield predictable results.  For example in [0084] , Sinha suggests that validation is performed responsive to the registration.  Here, registration is interpreted as Sinha[0084] the mobile device is configured to connect.  Following the connection,  Sinha adds that data communication is through the cloud-based security.  As such, Sinha suggests that the validation, which is responsive to the data communications, is also responsive to the connection (i.e. the claimed registration) but Sinha does not specifically state that the validation is responsive to the initial connection.  Obaidi cures Sinha's deficiency in C2 44-55 by (1) teaching that registration amounts to 'access a communications network' which corresponds to Sinha's disclosed [0084] 'connect to a network'  and (2) that when a mobile device attempts to register, a gateway can receive the IMEI and chipset S/N from the mobile device, check a database, and determine if the registering device is authentic thereby arriving at the claimed invention.


As to claim 4,   
Sinha discloses
wherein preventing the traffic Fig 20 steps 2008 DATA BLOCKED
further includes 
causing [0089] unapproved application
a lockdown [0089] system may block the data
of the mobile device [0089] system may block the data from the mobile device
by the application  [0084] application in view of  Fig 17A 400

As to claim 5,   
Sinha discloses
performing inline monitoring Fig 17A in view of  Fig 20
by the security service 
[0005] cloud node is configured to perform mobile device policy and security 
enforcement while concurrently providing access to the network

prior to Fig 20 2014
allowing the traffic; Fig 20 2018

and one of allowing and blocking the traffic based on the inline monitoring.
Fig 20 steps 2006 / 2016  YES or NO paths

As to claim 6,   
Sinha discloses
Page 21 of 25Attorney Docket No.: 7222PATENTpreventing the traffic Fig 20 steps 2008 DATA BLOCKED
by dropping the traffic [0089] system may block the data
at the security service 
[0005] cloud node is configured to perform mobile device policy and security 
enforcement while concurrently providing access to the network
which is configured for inline monitoring Fig 17A in view of  Fig 20
of the mobile device. Fig 2 220/230

As to claim 7,   
Sinha discloses wherein 
the security service 
[0005] cloud node is configured to perform mobile device policy and security 
enforcement while concurrently providing access to the network
is implemented at a Virtual Private Networking (VPN) server  
	[0083] device 400 may connect to network 1730 using a VPN tunnel to system 100
	in view of  Fig 17B


Claims 8 and  10-14 are rejected on the basis previously presented in the respective rejections of corresponding claims 1 and  3-7.
 
Claims 15 and 17-20 are rejected on the basis previously presented in the respective rejections of corresponding claims 1 and 3-6.

As to claim 21,   
Sinha discloses
the fake check service 
Fig 17A 100, 500 in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316  see also  [0083] system 100, 500

Sinha does not disclose wherein 
the fake check service is configured to check the hardware details against expectations in 
a database.

	Obaidi teaches
the fake check service is configured to check the hardware details against expectations in 
a database.
C2 44-55 a gateway can receive the IMEI and chipset S/N and check within a database 
  to determine if the IMEI and chipset S/N are authentic

Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to combine the teachings of Sinha and Obaidi as elements known in the prior art combined to yield predictable results.  For example in [0084] , Sinha suggests that validation is performed responsive to the registration.  Here, registration is interpreted as Sinha[0084] the mobile device is configured to connect.  Following the connection,  Sinha adds that data communication is through the cloud-based security.  As such, Sinha suggests that the validation, which is responsive to the data communications, is also responsive to the connection (i.e. the claimed registration) but Sinha does not specifically state that the validation is responsive to the initial connection.  Obaidi cures Sinha's deficiency in C2 44-55 by (1) teaching that registration amounts to 'access a communications network' which corresponds to Sinha's disclosed [0084] 'connect to a network'  and (2) that when a mobile device attempts to register, a gateway can receive the IMEI and chipset S/N from the mobile device, check a database, and determine if the registering device is authentic thereby arriving at the claimed invention.


As to claim 22,   
Sinha discloses
the fake check service 
Fig 17A 100, 500 in view of  [0062] cloud nodes 502 may include processing nodes 110
	in further view of  [0029] processing nodes 110 may be implemented as per Fig 3 300 
including programs 316  see also  [0083] system 100, 500

Sinha does not disclose wherein 
the fake check service is configured to check the hardware and/or software details against a global device registry.

	Obaidi teaches
the fake check service is configured to check the hardware and/or software details against a global device registry.
C2 44-55 a gateway can receive the IMEI and chipset S/N and check within a database 
  to determine if the IMEI and chipset S/N are authentic
			in view of  C2 34-37 a database such as for  example the GSMA Global Equipment 
     Identity Register

Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to combine the teachings of Sinha and Obaidi as elements known in the prior art combined to yield predictable results.  For example in [0084] , Sinha suggests that validation is performed responsive to the registration.  Here, registration is interpreted as Sinha[0084] the mobile device is configured to connect.  Following the connection,  Sinha adds that data communication is through the cloud-based security.  As such, Sinha suggests that the validation, which is responsive to the data communications, is also responsive to the connection (i.e. the claimed registration) but Sinha does not specifically state that the validation is responsive to the initial connection.  Obaidi cures Sinha's deficiency in C2 44-55 by (1) teaching that registration amounts to 'access a communications network' which corresponds to Sinha's disclosed [0084] 'connect to a network'  and (2) that when a mobile device attempts to register, a gateway can receive the IMEI and chipset S/N from the mobile device, check a database, and determine if the registering device is authentic thereby arriving at the claimed invention.

As to claim 23,   
Sinha does not disclose wherein 
the global device registry includes information comprising any of International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI), Mobile Station International Subscriber Directory Number (MSISDN), the owner, device, carrier, purchase time, date, location.		
	Obaidi teaches 
the global device registry 
C2 34-37 a database such as for  example the GSMA Global Equipment Identity Register
includes information comprising any of International Mobile Equipment Identity (IMEI)
C2 33-36 chip vendors maintain an IMEI and chipset S/N database 

Before the effective filing date, it would have been obvious to a person having ordinary skill in the art to combine the teachings of Sinha and Obaidi as elements known in the prior art combined to yield predictable results.  For example in [0084] , Sinha suggests that validation is performed responsive to the registration.  Here, registration is interpreted as Sinha[0084] the mobile device is configured to connect.  Following the connection,  Sinha adds that data communication is through the cloud-based security.  As such, Sinha suggests that the validation, which is responsive to the data communications, is also responsive to the connection (i.e. the claimed registration) but Sinha does not specifically state that the validation is responsive to the initial connection.  Obaidi cures Sinha's deficiency in C2 44-55 by (1) teaching that registration amounts to 'access a communications network' which corresponds to Sinha's disclosed [0084] 'connect to a network'  and (2) that when a mobile device attempts to register, a gateway can receive the IMEI and chipset S/N from the mobile device, check a database, and determine if the registering device is authentic thereby arriving at the claimed invention.
Conclusion

	
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to RICHARD A MCCOY whose telephone number is (313)446-6520.  The examiner can normally be reached on M - F 10 - 6.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Cordelia Zecher can be reached on 571 272 7771.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/RICHARD A MCCOY/Examiner, Art Unit 2431