DETAILED ACTION
This Non-Final Office Action is in response to the request for continued examination filed on 05/31/2022.  	Claims 1-2, 4-12 and 14-22 are being considered on the merits.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 05/31/2022 has been entered.
Claim Objections
3.	The objection to claim 6 is withdrawn based on the filed amendments. 
Response to Arguments
4.	Applicant's arguments filed 05/31/2022 have been fully considered but they are moot in consideration of the newly cited reference below.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


5.	Claims 1-2,4-12 and 14-22 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. US 8,214,880 B1 to Wu, (hereinafter, “Wu”), in view of US Pub. No. US 2019/0087577 A1 to Doliwa, (hereinafter, “Doliwa”), in further view of US Pub. No. US 2021/0075671 A1 to Li, (hereinafter, “Li”).

As per claim 1, Wu teaches a method comprising: 
receiving, at a first networked device operating in the communications network, configuration data used to configure a second networked device to operate in the communications network, wherein each of the first and second networked devices includes a respective hardware circuit with each hardware circuit being preconfiqured to comprise a respective shared common firmware key (Wu, col. 5 lines 27-32 and 56-64 “each of the network devices 110 includes a common (i.e., the same) decryption key. The use of a common decryption key across the network devices 110 reduces manufacturing costs and complexities as compared to the use of a unique decryption key for each of the network devices 110… When communications between the network devices 110 and the provisioning subsystem 120 have been established, the network devices 110 are prepared to be provisioned by receiving, verifying, and loading configuration profiles received from the provisioning subsystem 120. The decryption keys included in the network devices 110 allow data communicated between the network devices 110 and the pro visioning subsystem 120 to be encrypted.”), 

generating a setup file comprising the encrypted configuration data that was encrypted using the shared common firmware key (Wu, col. 7 lines 1-8 “The provisioning Subsystem 120 may include one or more encryption keys (e.g., private keys) for encrypting configuration profiles. In certain embodiments, the provisioning Sub system 120 is able to use a single encryption key for encrypting configuration profiles for all of the network devices 110. In other embodiments, the provisioning subsystem 120 uses multiple encryption keys for encrypting configuration pro files for the network devices 110.” And col. 8 lines 49-54 “The configuration profile having the unique identifier 245 may be provided to the encrypt/decrypt module 275, which can use the encryption key 290 to encrypt the configuration profile. In certain embodiments, the encrypted configuration profile is stored to the data store 285. I” and col. 9 lines 62-67 “The communications interface 225 of the network device 110-1 receives the encrypted configuration profile, which is decrypted by the encrypt/decrypt module 260 using the decryption key 250. The configuration module 255 is able to process the decrypted configuration profile, including identifying the unique parameter 245 included in the configuration profile” and col. 10 lines 45-48 “another network device such as network device 110-2 having the decryption key 250 may be used to decrypt the profile. Such devices may be available especially where the network devices 110 are mass produced with a common decryption key.” And col. 12 lines 14-23 and lines 33-43 “In step 430, a configuration profile is generated. Step 430 may be performed in any of the ways described above, including the provisioning Subsystem 120 generating the configuration profile based at least in part on data included in the activation request. In step 440, the unique parameter is incorporated in the configuration profile. Step 440 may be performed in any of the ways described above, including inserting data representative of the unique parameter into a field of the configuration profile… In step 470, the encrypted configuration profile associated with the network device is identified from data included in the provisioning request. Step 470 may be performed in any of the ways described above, including using data representative of the unique parameter included in the provisioning request to identify the configuration profile. In step 480, the encrypted configuration profile is provided to the network device. Step 480 may be performed in any of the ways described above, including transmitting the encrypted configuration profile over the communication network 140.”); and 
sending setup file to the communications network for distribution to the second networked device, (Wu, col. 9 lines 45-52 “Once the appropriate configuration profile (e.g., configuration profile 292) has been identified and encrypted (either previously or dynamically), the provisioning Subsystem 120 sends the encrypted configuration profile having the unique parameter 245 to the communications interface 270, which is configured to send the encrypted configuration profile to the network device 110-1 over the communication network 140, as represented by arrow 294 in FIG. 2.”).

Wu teaches all the limitations of claim 1 above, however fails to explicitly teach but Doliwa teaches:

wherein the shared common firmware key of each of the first and second networked devices comprises a symmetrical private key that protects one or more encrypted components of the respective hardware circuit (Doliwa, para. [0019] “In addition to the ICs, the IC manufacturer also provides a secure memory 24 to the IoT device manufacturer. Secure memory 24 is a device that provides some level of security to stored contents. In one embodiment, secure memory 24 is a programmable secure device like a smartcard or a hardware security module (HSM). In the illustrated embodiment, the use of a smartcard can ensure the firmware decryption key does not leave the secure environment of the smartcard unless it is encrypted. In other embodiments, secure memory 24 may be a memory device included with software to provide a desired level of security to stored contents. As illustrated, secure memory 24 is loaded with initial secret device security configuration parameters such as a key pair including MCP and MDP. The IoT device manufacturer adds a contract manufacturer specific key pair CCP and CDP to the smartcard. The information on smartcard 24, information added by the IoT device manufacturer, and the information preloaded onto the IC by the IC manufacturer, are used to securely provision IC 18 with firmware in unsecured contract manufacturing environment 50.”), and 
wherein the hardware circuit of the first networked device is a same type of hardware circuit of the second network device (Doliwa, para. [0025] “FIG. 3 illustrates IoT device manufacturing environment 30 of the method of FIG. 1 in more detail. In FIG. 3, preliminary firmware decryption key (PFDK) 38 is combined with the hash of the firmware signature verification key (FSK) 40, or the firmware signature verification key, to produce firmware decryption key (FDK) 42. Firmware decryption key 42, firmware 34, and signature 36 are provided to server 32. Firmware 34 is encrypted to produce encrypted firmware 44, and encrypted firmware 44 and signature 36 are then provided to for upload IoT device 58 as illustrated in FIG. 1. Also, PFDK 38 is uploaded to smart card 24.” And para. [0026] “Whenever there is a firmware image to be provisioned to manufactured IoT device 58, the IoT device manufacturer encrypts and signs the firmware image that the contract manufacturer is supposed to provision to the manufactured devices. This is only done once for a given firmware version as the devices of the same model all run the same firmware and would not benefit from a device specific firmware image encryption. To the contrary, encrypting the same image with many different keys could even help attackers to break the encryption.”);  
encrypting, at the first networked device, the configuration data using the shared common firmware key included in the hardware circuit of the first networked device (Doliwa, para. [0027] “The basic scheme simply uses a static symmetric FDK or PFDK put on the smartcard before delivering the smartcard to the contract manufacturer. This has the disadvantage that either the same key would have to be used for different firmware versions or a new smartcard would have to be configured and delivered to the contract manufacturer each time a new firmware version is created. In another embodiment, the FDK or PFDK is delivered together with the firmware image in encryption form. The firmware decryption key is then encrypted specifically for the contract manufacturer via the smartcard by the IoT device manufacturer. Only the firmware provisioning toolchain will be able to decrypt the firmware decryption key and re-encrypt it using the shared secret between the key pairs on the toolchain and IC 18 inside IoT device 58. For encrypting the FDK or PFDK for the smartcard, a static symmetric key stored on the smartcard by the IoT device manufacturer may be used. In another embodiment, a shared secret DSS, shared between key pairs on the smartcard and a key pair chosen by the IoT device manufacturer, is used for encrypting the FDK or PFDK.”);
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Doliwa’s secure firmware provisioning into Wu’s method for securely configuring a network device, with a motivation to protect the firmware from tampering (Doliwa, para. [0002]). 

The combination of Wu and Doliwa teaches all the limitations of claim 1 above, however fails to explicitly teach but Li teaches:

wherein the second networked device comprises a point-of-sale (POS) device (Li, para. [0039] “The term "computing device" or "client device" or "electronic device" used interchangeably hereinafter, to refer to any or all of programmable logic controllers (PLCs), programmable automation controllers (PACs), industrial computers, desktop computers, personal data assistants (PDAs), laptop computers, tablet computers, smartbooks, palm-top computers, personal computers, barcode readers, scanners, indicia readers, imagers, Radio-frequency identification (RFID readers or interrogators), vehicle-mounted computers, wearable barcode scanners, wearable indicia readers, a point of sale (POS) terminal, headset devices, and similar electronic devices equipped with at least a processor configured to perform the various operations described herein.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Li’s method for configuring a remote electronic device into Wu’s method for securely configuring a network device, with a motivation to initialize or customize an electronic device to operate in a desired manner within a networked environment (Li, para. [0003]). 

As per claim 2, the combination of Wu, Doliwa and Li teach the method of claim 1 wherein generating a setup file comprising the encrypted configuration data that was encrypted using the shared common firmware key comprises generating the setup file for the second networked device including the encrypted configuration data (Li, para. [0102] “FIG. 8 illustrates another example scenario representing a first view 800 that illustrates sharing of the configuration settings from the first computing device 102 (e.g. a master device) to remaining of the plurality of electronic devices 104-10N. FIG. 8 also illustrates another example scenario that illustrates, a second view 820 depicting a configuration set up by the remaining of the plurality of electronic devices 104-10N, in accordance with some example embodiments described herein. Illustratively, the first view 800 depicts sending of encrypted data, at step 802, from the first computing device 102 to the remaining of the plurality of electronic devices 104-10N. In this regard, as illustrated, the remaining of the plurality of electronic devices 104-10N can be connected (or establish a socket connection) with the first computing device 102, over the secured communication network 105. Establishing a socket connection can be performed based on a secret key exchange process, using steps as described in reference to FIG. 5. In some example embodiments, the encrypted data may correspond to configuration settings or configuration data to configure the remaining of the plurality of electronic devices 104-10N shared by the first computing device 102. To this end, in some examples, the configuration settings can be encrypted using a session key (e.g. the encrypted session key, as described in reference to FIG. 5).” And para. [0103] “the remaining of the plurality of electronic devices 104-10N can decrypt the encrypted data using the session key to access the configuration settings. In some examples, the configuration settings may include but not limited to, SSID, security password etc. shared by the first computing device 102 to configure the remaining of the plurality of electronic devices 104-10N to use the access point or the hotspot. Accordingly, as illustrated in the second view 820, the remaining of the plurality of electronic devices 104-10N can be configured, at step 806, by using the configuration settings (e.g. the SSID and the security password) decrypted at step 804. In some examples, based on configuration the remaining of the plurality of electronic devices 104-10N can remain connected to the Wi-fi access point or the hotspot initialized at the first computing device 102.”).
	
As per claim 4, the combination of Wu, Doliwa and Li teach the method of claim 1 wherein the first and second networked devices are of a same device type (Wu, col. 6 lines 28-34 “The configuration profiles are defined to include unique parameters associated with respective network devices 110. In certain embodiments, for example, a unique parameter associated with a particular network device 110 is inserted into a predefined field (e.g., a unique identifier field such as a MAC field) of the configuration profile associated with the same network device 110.”).

As per claim 5, the combination of Wu, Doliwa and Li teach the method of claim 4 wherein the first and second networked devices are printers (Wu, col. 4 lines 55-60 “. The network devices 110 may include various peripherals such as a terminal, keyboard, keypad, mouse, screen, printer, Stylus, input device, output device, microphone, speaker, Sound card, or any other apparatus or interface that can facilitate use of the network devices 110 by human operators.”).

As per claim 6, the combination of Wu, Doliwa and Li teach the method of claim 4 wherein the first networked device is a Point of Sale (POS) device (Li, para. [0039] “The term "computing device" or "client device" or "electronic device" used interchangeably hereinafter, to refer to any or all of programmable logic controllers (PLCs), programmable automation controllers (PACs), industrial computers, desktop computers, personal data assistants (PDAs), laptop computers, tablet computers, smartbooks, palm-top computers, personal computers, barcode readers, scanners, indicia readers, imagers, Radio-frequency identification (RFID readers or interrogators), vehicle-mounted computers, wearable barcode scanners, wearable indicia readers, a point of sale (POS) terminal, headset devices, and similar electronic devices equipped with at least a processor configured to perform the various operations described herein.”).

As per claim 7, the combination of Wu, Doliwa and Li teach the method of claim 1 wherein the communications network comprises a Wireless Fidelity (WiFi) network (Li, para. [0051] “the communication network 103 may include…a Wireless Fidelity (Wi-Fi) network”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Li’s Wireless Fidelity network into Wu’s secure configuration of a network device, with a motivation to customize an electronic device to operate in a desired manner within a networked environment (Li, para. [0003]). 
As per claim 8, the combination of Wu, Doliwa and Li teach the method of claim 1: wherein the shared common firmware key is associated with firmware in each of the first and second devices (Doliwa, para. [0027] “The basic scheme simply uses a static symmetric FDK or PFDK put on the smartcard before delivering the smartcard to the contract manufacturer. This has the disadvantage that either the same key would have to be used for different firmware versions or a new smartcard would have to be configured and delivered to the contract manufacturer each time a new firmware version is created. In another embodiment, the FDK or PFDK is delivered together with the firmware image in encryption form. The firmware decryption key is then encrypted specifically for the contract manufacturer via the smartcard by the IoT device manufacturer. Only the firmware provisioning toolchain will be able to decrypt the firmware decryption key and re-encrypt it using the shared secret between the key pairs on the toolchain and IC 18 inside IoT device 58. For encrypting the FDK or PFDK for the smartcard, a static symmetric key stored on the smartcard by the IoT device manufacturer may be used. In another embodiment, a shared secret DSS, shared between key pairs on the smartcard and a key pair chosen by the IoT device manufacturer, is used for encrypting the FDK or PFDK. ”).

As per claim 9, the combination of Wu, Doliwa and Li teach the method of claim 8, wherein a version of the firmware in the first networked device and the version of the firmware in the second networked device are the same (Doliwa, para. [0026] “Whenever there is a firmware image to be provisioned to manufactured IoT device 58, the IoT device manufacturer encrypts and signs the firmware image that the contract manufacturer is supposed to provision to the manufactured devices. This is only done once for a given firmware version as the devices of the same model all run the same firmware and would not benefit from a device specific firmware image encryption.”).

As per claim 10, the combination of Wu, Doliwa and Li teach the method of claim 8, wherein a version of the firmware in the first networked device and the version of the firmware in the second networked device are different (Li, para. [0044] “Typically for configuring electronic devices, configuration data can be provided to an electronic device by an administrator (e.g. a server or a remote device). Further, it also requires a latest or desired version of configuration data to be available at the master device at a given point of time”).

As per claim 11, Wu teaches a networked device comprising: 
communications circuitry configured to communicate messages via a communications network (Wu, col. 3 lines 34-47 “The elements of the system 100 may communicate using any known communication technologies, devices, media, and protocols Supportive of Voice and/or data communications, including, but not limited to, the Internet, intranets, local area networks, Voice over Internet Protocol (“VoIP) networks, packet-switched networks, circuit-switched networks…and other Suitable communications technologies.”); and processing circuitry communicatively connected to the communications circuitry, and while the networked device is operating in a communications network (Wu, col. 8 lines 14-21 “The processor 220 is configured to perform the operations of the network device 110-1 described herein. The processor 220 may execute computer-readable instructions stored in the data store 230 and/or the memory 235, as is well known. In particular, the processor 220 may perform computer-readable instructions (e.g., software applications) associated with the configuration module 255 and the encrypt/decrypt module 260.”), is configured to:
 receive configuration data used to configure a target networked device to operate in the communications network (Wu, col. 5 lines 27-32 and 56-64 “each of the network devices 110 includes a common (i.e., the same) decryption key. The use of a common decryption key across the network devices 110 reduces manufacturing costs and complexities as compared to the use of a unique decryption key for each of the network devices 110… When communications between the network devices 110 and the provisioning subsystem 120 have been established, the network devices 110 are prepared to be provisioned by receiving, verifying, and loading configuration profiles received from the provisioning subsystem 120. The decryption keys included in the network devices 110 allow data communicated between the network devices 110 and the pro visioning subsystem 120 to be encrypted.”);  
generate a setup file comprising the encrypted configuration data that was encrypted using the shared common firmware key  (Wu, col. 7 lines 1-8 “The provisioning Subsystem 120 may include one or more encryption keys (e.g., private keys) for encrypting configuration profiles. In certain embodiments, the provisioning Sub system 120 is able to use a single encryption key for encrypting configuration profiles for all of the network devices 110. In other embodiments, the provisioning subsystem 120 uses multiple encryption keys for encrypting configuration pro files for the network devices 110.” And col. 8 lines 49-54 “The configuration profile having the unique identifier 245 may be provided to the encrypt/decrypt module 275, which can use the encryption key 290 to encrypt the configuration profile. In certain embodiments, the encrypted configuration profile is stored to the data store 285. I” and col. 9 lines 62-67 “The communications interface 225 of the network device 110-1 receives the encrypted configuration profile, which is decrypted by the encrypt/decrypt module 260 using the decryption key 250. The configuration module 255 is able to process the decrypted configuration profile, including identifying the unique parameter 245 included in the configuration profile” and col. 10 lines 45-48 “another network device such as network device 110-2 having the decryption key 250 may be used to decrypt the profile. Such devices may be available especially where the network devices 110 are mass produced with a common decryption key.” And col. 12 lines 14-23 and lines 33-43 “In step 430, a configuration profile is generated. Step 430 may be performed in any of the ways described above, including the provisioning Subsystem 120 generating the configuration profile based at least in part on data included in the activation request. In step 440, the unique parameter is incorporated in the configuration profile. Step 440 may be performed in any of the ways described above, including inserting data representative of the unique parameter into a field of the configuration profile… In step 470, the encrypted configuration profile associated with the network device is identified from data included in the provisioning request. Step 470 may be performed in any of the ways described above, including using data representative of the unique parameter included in the provisioning request to identify the configuration profile. In step 480, the encrypted configuration profile is provided to the network device. Step 480 may be performed in any of the ways described above, including transmitting the encrypted configuration profile over the communication network 140.”); and 
send the setup file to the communications network for distribution to the target networked device (Wu, col. 9 lines 45-52 “Once the appropriate configuration profile (e.g., configuration profile 292) has been identified and encrypted (either previously or dynamically), the provisioning Subsystem 120 sends the encrypted configuration profile having the unique parameter 245 to the communications interface 270, which is configured to send the encrypted configuration profile to the network device 110-1 over the communication network 140, as represented by arrow 294 in FIG. 2.”).

Wu teaches all the limitations of claim 11 above, however fails to explicitly teach but Doliwa teaches:
wherein both the networked device and the target network device includes a respective hardware circuit with each hardware circuit being preconfigured to comprise a respective shared common firmware key comprising a symmetrical private key, wherein the shared common firmware key of each of the networked device and the target networked device comprises a symmetrical private key that protects one or more encrypted components of the respective hardware circuit (Doliwa, para. [0019] “In addition to the ICs, the IC manufacturer also provides a secure memory 24 to the IoT device manufacturer. Secure memory 24 is a device that provides some level of security to stored contents. In one embodiment, secure memory 24 is a programmable secure device like a smartcard or a hardware security module (HSM). In the illustrated embodiment, the use of a smartcard can ensure the firmware decryption key does not leave the secure environment of the smartcard unless it is encrypted. In other embodiments, secure memory 24 may be a memory device included with software to provide a desired level of security to stored contents. As illustrated, secure memory 24 is loaded with initial secret device security configuration parameters such as a key pair including MCP and MDP. The IoT device manufacturer adds a contract manufacturer specific key pair CCP and CDP to the smartcard. The information on smartcard 24, information added by the IoT device manufacturer, and the information preloaded onto the IC by the IC manufacturer, are used to securely provision IC 18 with firmware in unsecured contract manufacturing environment 50.”), and 
wherein the hardware circuit of the networked device is a same type of hardware circuit of the target network device (Doliwa, para. [0025] “FIG. 3 illustrates IoT device manufacturing environment 30 of the method of FIG. 1 in more detail. In FIG. 3, preliminary firmware decryption key (PFDK) 38 is combined with the hash of the firmware signature verification key (FSK) 40, or the firmware signature verification key, to produce firmware decryption key (FDK) 42. Firmware decryption key 42, firmware 34, and signature 36 are provided to server 32. Firmware 34 is encrypted to produce encrypted firmware 44, and encrypted firmware 44 and signature 36 are then provided to for upload IoT device 58 as illustrated in FIG. 1. Also, PFDK 38 is uploaded to smart card 24.” And para. [0026] “Whenever there is a firmware image to be provisioned to manufactured IoT device 58, the IoT device manufacturer encrypts and signs the firmware image that the contract manufacturer is supposed to provision to the manufactured devices. This is only done once for a given firmware version as the devices of the same model all run the same firmware and would not benefit from a device specific firmware image encryption. To the contrary, encrypting the same image with many different keys could even help attackers to break the encryption.”);  
encrypt the configuration data using the shared common firmware key included in the hardware circuit of the first networked device (Doliwa, para. [0027] “The basic scheme simply uses a static symmetric FDK or PFDK put on the smartcard before delivering the smartcard to the contract manufacturer. This has the disadvantage that either the same key would have to be used for different firmware versions or a new smartcard would have to be configured and delivered to the contract manufacturer each time a new firmware version is created. In another embodiment, the FDK or PFDK is delivered together with the firmware image in encryption form. The firmware decryption key is then encrypted specifically for the contract manufacturer via the smartcard by the IoT device manufacturer. Only the firmware provisioning toolchain will be able to decrypt the firmware decryption key and re-encrypt it using the shared secret between the key pairs on the toolchain and IC 18 inside IoT device 58. For encrypting the FDK or PFDK for the smartcard, a static symmetric key stored on the smartcard by the IoT device manufacturer may be used. In another embodiment, a shared secret DSS, shared between key pairs on the smartcard and a key pair chosen by the IoT device manufacturer, is used for encrypting the FDK or PFDK.”);
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Doliwa’s secure firmware provisioning into Wu’s method for securely configuring a network device, with a motivation to protect the firmware from tampering (Doliwa, para. [0002]). 

The combination of Wu and Doliwa teaches all the limitations of claim 11 above, however fails to explicitly teach but Li teaches:

wherein the target networked device comprises a point-of-sale (POS) device (Li, para. [0039] “The term "computing device" or "client device" or "electronic device" used interchangeably hereinafter, to refer to any or all of programmable logic controllers (PLCs), programmable automation controllers (PACs), industrial computers, desktop computers, personal data assistants (PDAs), laptop computers, tablet computers, smartbooks, palm-top computers, personal computers, barcode readers, scanners, indicia readers, imagers, Radio-frequency identification (RFID readers or interrogators), vehicle-mounted computers, wearable barcode scanners, wearable indicia readers, a point of sale (POS) terminal, headset devices, and similar electronic devices equipped with at least a processor configured to perform the various operations described herein.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Li’s method for configuring a remote electronic device into Wu’s method for securely configuring a network device, with a motivation to initialize or customize an electronic device to operate in a desired manner within a networked environment (Li, para. [0003]). 
As per claim 12, the combination of Wu and Li teach the networked device of claim 11 wherein the processing circuitry is further configured to generate the setup file comprising the encrypted configuration data for the target networked device (Wu, col. 12 lines 14-43 “In step 430, a configuration profile is generated. Step 430 may be performed in any of the ways described above, including the provisioning Subsystem 120 generating the configuration profile based at least in part on data included in the activation request. In step 440, the unique parameter is incorporated in the configuration profile. Step 440 may be performed in any of the ways described above, including inserting data representative of the unique parameter into a field of the configuration profile… the encrypted configuration profile associated with the network device is identified from data included in the provisioning request. Step 470 may be performed in any of the ways described above, including using data representative of the unique parameter included in the provisioning request to identify the configuration profile. In step 480, the encrypted configuration profile is provided to the network device. Step 480 may be performed in any of the ways described above, including transmitting the encrypted configuration profile over the communication network 140.”).

As per claim 14, the combination of Wu and Li teach the networked device of claim 11 wherein the networked device and the target network device are the same device type (Wu, col. 6 lines 28-34 “The configuration profiles are defined to include unique parameters associated with respective network devices 110. In certain embodiments, for example, a unique parameter associated with a particular network device 110 is inserted into a predefined field (e.g., a unique identifier field such as a MAC field) of the configuration profile associated with the same network device 110.”).

As per claim 15, the combination of Wu and Li teach the networked device of claim 14 wherein the networked device and the target network device are printers (Wu, col. 4 lines 55-60 “. The network devices 110 may include various peripherals such as a terminal, keyboard, keypad, mouse, screen, printer, Stylus, input device, output device, microphone, speaker, Sound card, or any other apparatus or interface that can facilitate use of the network devices 110 by human operators.”).

As per claim 16, the combination of Wu and Li teach the networked device of claim 14 wherein the networked device is a POS device (Li, para. [0039] “The term "computing device" or "client device" or "electronic device" used interchangeably hereinafter, to refer to any or all of programmable logic controllers (PLCs), programmable automation controllers (PACs), industrial computers, desktop computers, personal data assistants (PDAs), laptop computers, tablet computers, smartbooks, palm-top computers, personal computers, barcode readers, scanners, indicia readers, imagers, Radio-frequency identification (RFID readers or interrogators), vehicle-mounted computers, wearable barcode scanners, wearable indicia readers, a point of sale (POS) terminal, headset devices, and similar electronic devices equipped with at least a processor configured to perform the various operations described herein.”).

As per claim 17, the combination of Wu and Li teach the networked device of claim 11 wherein the shared common firmware key is associated with firmware in each of the networked device and the target network device (Li, para. [0077] “a public key and a corresponding private key pair may be shared and known amongst trusted devices. For instance, the public key and private key information may be shared amongst trusted electronic devices at a time of manufacturing of the electronic devices, by an original equipment manufacturer (OEM) or during a firmware configuration of the electronic devices. In some examples, the first key may correspond to a private key of the first computing device 102 that can be used by the first computing device to encrypt the pre-defined configuration parameter. According to some example embodiments, the pre-defined configuration parameter may be encrypted by the first computing device 102 after configuring the initialization of the communication network 103. Said differently, the first computing device 102 may initiate the access point for communication and subsequently can encrypt the configuration parameters that are to be used for connecting with the access point.”).
As per claim 18, the combination of Wu and Li teach the networked device of claim 17 wherein a version of the firmware in the networked device and the version of the firmware in the target networked device are the same (Li, para. [0044] “Typically for configuring electronic devices, configuration data can be provided to an electronic device by an administrator (e.g. a server or a remote device). Further, it also requires a latest or desired version of configuration data to be available at the master device at a given point of time”).
As per claim 19, the combination of Wu and Li teach the networked device of claim 17 wherein a version of the firmware in the networked device and the version of the firmware in the target networked device are different (Li, para. [0044] “Typically for configuring electronic devices, configuration data can be provided to an electronic device by an administrator (e.g. a server or a remote device). Further, it also requires a latest or desired version of configuration data to be available at the master device at a given point of time”).

As per claim 20, Wu teaches a non-transitory computer readable medium comprising computer program code stored thereon that, when executed by processing circuitry of a first networked device operating in a communications network (Wu, col. 8 lines 14-21 “The processor 220 is configured to perform the operations of the network device 110-1 described herein. The processor 220 may execute computer-readable instructions stored in the data store 230 and/or the memory 235, as is well known. In particular, the processor 220 may perform computer-readable instructions (e.g., software applications) associated with the configuration module 255 and the encrypt/decrypt module 260.”), configures the first networked device to: 
receive configuration data used to configure a second networked device to operate in the communications network (Wu, col. 5 lines 27-32 and 56-64 “each of the network devices 110 includes a common (i.e., the same) decryption key. The use of a common decryption key across the network devices 110 reduces manufacturing costs and complexities as compared to the use of a unique decryption key for each of the network devices 110… When communications between the network devices 110 and the provisioning subsystem 120 have been established, the network devices 110 are prepared to be provisioned by receiving, verifying, and loading configuration profiles received from the provisioning subsystem 120. The decryption keys included in the network devices 110 allow data communicated between the network devices 110 and the pro visioning subsystem 120 to be encrypted.”); 
generate a setup file comprising the encrypted configuration data that was encrypted using the shared common firmware key (Wu, col. 9 lines 62-67 “The communications interface 225 of the network device 110-1 receives the encrypted configuration profile, which is decrypted by the encrypt/decrypt module 260 using the decryption key 250. The configuration module 255 is able to process the decrypted configuration profile, including identifying the unique parameter 245 included in the configuration profile” and col. 10 lines 45-48 “another network device such as network device 110-2 having the decryption key 250 may be used to decrypt the profile. Such devices may be available especially where the network devices 110 are mass produced with a common decryption key.” And col. 12 lines 14-23 and lines 33-43 “In step 430, a configuration profile is generated. Step 430 may be performed in any of the ways described above, including the provisioning Subsystem 120 generating the configuration profile based at least in part on data included in the activation request. In step 440, the unique parameter is incorporated in the configuration profile. Step 440 may be performed in any of the ways described above, including inserting data representative of the unique parameter into a field of the configuration profile… In step 470, the encrypted configuration profile associated with the network device is identified from data included in the provisioning request. Step 470 may be performed in any of the ways described above, including using data representative of the unique parameter included in the provisioning request to identify the configuration profile. In step 480, the encrypted configuration profile is provided to the network device. Step 480 may be performed in any of the ways described above, including transmitting the encrypted configuration profile over the communication network 140.”);
send the setup file to the communications network for distribution to the second networked device (Wu, col. 9 lines 45-52 “Once the appropriate configuration profile (e.g., configuration profile 292) has been identified and encrypted (either previously or dynamically), the provisioning Subsystem 120 sends the encrypted configuration profile having the unique parameter 245 to the communications interface 270, which is configured to send the encrypted configuration profile to the network device 110-1 over the communication network 140, as represented by arrow 294 in FIG. 2.”).
Wu teaches all the limitations of claim 20 above, however fails to explicitly teach but Doliwa teaches:
wherein both the first networked device and the second networked device includes a respective hardware circuit with each hardware circuit beinq preconfiqured to comprise a respective shared common firmware key comprisinq a symmetrical private key, wherein the shared common firmware key of each of the first and second networked devices comprises a symmetrical private key that protects one or more encrypted components of the respective hardware circuit (Doliwa, para. [0019] “In addition to the ICs, the IC manufacturer also provides a secure memory 24 to the IoT device manufacturer. Secure memory 24 is a device that provides some level of security to stored contents. In one embodiment, secure memory 24 is a programmable secure device like a smartcard or a hardware security module (HSM). In the illustrated embodiment, the use of a smartcard can ensure the firmware decryption key does not leave the secure environment of the smartcard unless it is encrypted. In other embodiments, secure memory 24 may be a memory device included with software to provide a desired level of security to stored contents. As illustrated, secure memory 24 is loaded with initial secret device security configuration parameters such as a key pair including MCP and MDP. The IoT device manufacturer adds a contract manufacturer specific key pair CCP and CDP to the smartcard. The information on smartcard 24, information added by the IoT device manufacturer, and the information preloaded onto the IC by the IC manufacturer, are used to securely provision IC 18 with firmware in unsecured contract manufacturing environment 50.”), and
 wherein the hardware circuit of the first networked device is a same type of hardware circuit of the second network device (Doliwa, para. [0025] “FIG. 3 illustrates IoT device manufacturing environment 30 of the method of FIG. 1 in more detail. In FIG. 3, preliminary firmware decryption key (PFDK) 38 is combined with the hash of the firmware signature verification key (FSK) 40, or the firmware signature verification key, to produce firmware decryption key (FDK) 42. Firmware decryption key 42, firmware 34, and signature 36 are provided to server 32. Firmware 34 is encrypted to produce encrypted firmware 44, and encrypted firmware 44 and signature 36 are then provided to for upload IoT device 58 as illustrated in FIG. 1. Also, PFDK 38 is uploaded to smart card 24.” And para. [0026] “Whenever there is a firmware image to be provisioned to manufactured IoT device 58, the IoT device manufacturer encrypts and signs the firmware image that the contract manufacturer is supposed to provision to the manufactured devices. This is only done once for a given firmware version as the devices of the same model all run the same firmware and would not benefit from a device specific firmware image encryption. To the contrary, encrypting the same image with many different keys could even help attackers to break the encryption.”);  

encrypt the configuration data using the shared common firmware key included in the hardware circuit of the first networked device (Doliwa, para. [0027] “The basic scheme simply uses a static symmetric FDK or PFDK put on the smartcard before delivering the smartcard to the contract manufacturer. This has the disadvantage that either the same key would have to be used for different firmware versions or a new smartcard would have to be configured and delivered to the contract manufacturer each time a new firmware version is created. In another embodiment, the FDK or PFDK is delivered together with the firmware image in encryption form. The firmware decryption key is then encrypted specifically for the contract manufacturer via the smartcard by the IoT device manufacturer. Only the firmware provisioning toolchain will be able to decrypt the firmware decryption key and re-encrypt it using the shared secret between the key pairs on the toolchain and IC 18 inside IoT device 58. For encrypting the FDK or PFDK for the smartcard, a static symmetric key stored on the smartcard by the IoT device manufacturer may be used. In another embodiment, a shared secret DSS, shared between key pairs on the smartcard and a key pair chosen by the IoT device manufacturer, is used for encrypting the FDK or PFDK.”); and 

Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Doliwa’s secure firmware provisioning into Wu’s method for securely configuring a network device, with a motivation to protect the firmware from tampering (Doliwa, para. [0002]). 

The combination of Wu and Doliwa teaches all the limitations of claim 20 above, however fails to explicitly teach but Li teaches:

wherein the second networked device comprises a point-of-sale (POS) device (Li, para. [0039] “The term "computing device" or "client device" or "electronic device" used interchangeably hereinafter, to refer to any or all of programmable logic controllers (PLCs), programmable automation controllers (PACs), industrial computers, desktop computers, personal data assistants (PDAs), laptop computers, tablet computers, smartbooks, palm-top computers, personal computers, barcode readers, scanners, indicia readers, imagers, Radio-frequency identification (RFID readers or interrogators), vehicle-mounted computers, wearable barcode scanners, wearable indicia readers, a point of sale (POS) terminal, headset devices, and similar electronic devices equipped with at least a processor configured to perform the various operations described herein.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Li’s method for configuring a remote electronic device into Wu’s method for securely configuring a network device, with a motivation to initialize or customize an electronic device to operate in a desired manner within a networked environment (Li, para. [0003]). 
As per claim 21, the combination of Wu, Doliwa and Li teach the method of claim 1 wherein encrypting, at the first networked device, the configuration data using the shared common firmware key comprises encrypting the configuration data using a symmetric key algorithm (Doliwa, para. [0023] “After verifying the UID of the IC the firmware provisioning toolchain will calculate DSS using the formula DSS custom-character MCP (manufacturer configuration parameter).Math.CCP.Math.UID, encrypt the firmware decryption key using a symmetric encryption algorithm (e.g. AES), and send the encrypted key to the device together with its public intermediate Diffie-Hellman value CUID custom-character MDP.Math.CCP. On each device, the IC will calculate the same shared secret DSS custom-character KDD.Math.CUID and decrypt the firmware decryption key so that the device will be able to decrypt the provisioned firmware.” And para. [0024] “FIG. 2 illustrates a portion of the method of FIG. 1, relating to IC manufacturing environment 10, in more detail. In one embodiment, a private key pair (PK) is kept secret by the IC manufacturer and may be used to protect the generation of the shared secret generation parameters for the manufactured ICs and for secure memory 24 so that only the IC manufacturer is able to generate valid parameters for the shared secret calculation. The KDD and UID 14 are inserted into each die of wafer 16 during wafer testing. Also, on smartcard 24, firmware provisioning toolchain parameters 52 are configured to include initial secrets such as a MCP and MDP key pair. A plurality of IC die are singulated from wafer 16, packaged, and tested. The completed ICs, such as IC 18, are provided to contract manufacturing environment 30. Smart card 24 is provided to the IoT device manufacturer.” And para. [0025] “FIG. 3 illustrates IoT device manufacturing environment 30 of the method of FIG. 1 in more detail. In FIG. 3, preliminary firmware decryption key (PFDK) 38 is combined with the hash of the firmware signature verification key (FSK) 40, or the firmware signature verification key, to produce firmware decryption key (FDK) 42. Firmware decryption key 42, firmware 34, and signature 36 are provided to server 32. Firmware 34 is encrypted to produce encrypted firmware 44, and encrypted firmware 44 and signature 36 are then provided to for upload IoT device 58 as illustrated in FIG. 1. Also, PFDK 38 is uploaded to smart card 24.”).

As per claim 22, the combination of Wu, Doliwa and Li teach the method of claim 1 wherein the second networked device is configured to decrypt the configuration data using a symmetric key algorithm and the shared common firmware key (Doliwa, para. [0027] “The basic scheme simply uses a static symmetric FDK or PFDK put on the smartcard before delivering the smartcard to the contract manufacturer. This has the disadvantage that either the same key would have to be used for different firmware versions or a new smartcard would have to be configured and delivered to the contract manufacturer each time a new firmware version is created. In another embodiment, the FDK or PFDK is delivered together with the firmware image in encryption form. The firmware decryption key is then encrypted specifically for the contract manufacturer via the smartcard by the IoT device manufacturer. Only the firmware provisioning toolchain will be able to decrypt the firmware decryption key and re-encrypt it using the shared secret between the key pairs on the toolchain and IC 18 inside IoT device 58. For encrypting the FDK or PFDK for the smartcard, a static symmetric key stored on the smartcard by the IoT device manufacturer may be used. In another embodiment, a shared secret DSS, shared between key pairs on the smartcard and a key pair chosen by the IoT device manufacturer, is used for encrypting the FDK or PFDK.”).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 20160364723 A1 – Virtual POS terminal.
US 20140268229 A1 – USB tunneling through printer devices.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZOHA P TAFAGHODI whose telephone number is (571)272-5199.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ZOHA PIYADEHGHIBI TAFAGHODI/               Examiner, Art Unit 2437