DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
1. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2. 	This is the initial office action that has been issued in response to patent application 16/650,439, filed on 03/25/2020. Claims 38-62, as originally filed, are currently pending and have been considered below. Claims 38, 50 and 61 are independent claims. 

Priority
3. 	The application is a 371 of PCT/US18/53433 filed on 09/28/2019 has a PRO 62/621,376 filed on 01/24/2018.

Drawings
4. 	The drawings (Figures 1-2 and 10) are objected to as failing to comply with 37 CFR 1.84(p)(4) because there are no present descriptive legends for all the character numbers in the drawings of Figures 1-2 and 10 as described in the specification. It becomes difficult for the Examiner to understand what the reference characters represent without having to view the specification.
 Any structural detail that is essential for a proper understanding of the disclosed invention should be shown in the drawing. MPEP § 608.02(d). Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.


	Information Disclosure Statement
5. 	The information disclosure statements (IDS’s) submitted on 03/25/2020 is in compliance with provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. 

Claim Rejections - 35 USC § 102
6. 	(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


7. 	Claims 38-42, 44-47, 49-54, 56-59 and 61-62 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Smith (US Patent Publication No. 2017/364908 A1).

8. 	Regarding Claim 38, Smith discloses, a device (Smith, Fig 1, [0004], manufacturer device), comprising: communications circuitry; processing circuitry; and a memory device including instructions embodied thereon, wherein the instructions, which when executed by the processing circuitry, configure the processing circuitry to perform operations comprising(Smith, [0022],  the illustrative manufacturer device 102 includes a processor 210, an input/output (“I/O”) subsystem 212, a memory 214, a data storage 216, a communication circuitry 218, and one or more peripheral devices 220. Of course, the manufacturer device 102 may include other or additional components, such as those commonly found in a typical computing device (e.g., various input/output devices, peripheral devices, and/or other components), in other embodiments.): 
receiving a request to perform an owner transfer method of a subject device, the subject device being associated with a device platform(Smith [0022], Fig 1, Compute device 106, As shown in FIG. 2, the illustrative manufacturer device 102 includes a processor 210, an input/output (“I/O”) subsystem 212, a memory 214, a data storage 216, a communication circuitry 218, and one or more peripheral devices 220. Of course, the manufacturer device 102 may include other or additional components, such as those commonly found in a typical computing device (e.g., various input/output devices, peripheral devices, and/or other components), in other embodiments. Claim 1, A rendezvous server for device commissioning, the rendezvous server comprising: an ownership transfer module to receive, from a buyer device, a request to transfer ownership of a compute device to the buyer device); 
verifying attestation evidence associated with the subject device, the attestation evidence provided by the device platform, wherein the attestation evidence is signed by a certificate produced using a manufacturer-embedded key, wherein the manufacturer-embedded key is provided from a trusted hardware component of the device platform (Smith, [0037],  in some embodiments, the verification module 406 may require the compute device 106 to perform an attestation using an attestation key of the compute device 106 (e.g., its private EPID key), which may be verified by the verification module 406. [0067], the method 900 advances to block 910 in which the rendezvous server 910 instructs the compute device 106 to perform attestation to the rendezvous server 114 using the private EPID key provisioned to the compute device 106 by the manufacturer device 102 during the initial provisioning of the compute device 106 by the manufacturer); 
and performing device provisioning of the subject device, based on the attestation evidence  (Smith, [0051], server 114 may supply the buyer's ownership key (BKey_pub) to the compute device 106), 
wherein the device provisioning causes the subject device to use a security profile tied to manufacturer-embedded keys (Smith, [0042],  the manufacturer device 102 embeds an Enhanced Privacy Identification (EPID) private key that identifies the compute device 106 as one manufactured by the manufacturer associated with the manufacturer device 102. It should be appreciated that, in the illustrative embodiment, each compute device 106 is provisioned with a private EPID key that corresponds with a public EPID key (DKm_pub) that identifies the group of devices that have the same make/model/version and/or are of a common device type).  

9. 	Regarding Claim 39, Smith discloses, the device of claim 38, the operations further comprising: maintaining a list of owned and trusted devices of the device platform, the list including the subject device (Smith, [0037, The verification module 406 is configured to review the block chain entries of the block chain 120 associated with the compute device 106 to be transferred to determine the sequence of events that led to a device token being delivered to the rendezvous server 114 requesting transfer of ownership. ).  

10. 	Regarding Claim 40, Smith discloses, the device of claim 38, wherein performing device provisioning includes further operations comprising: provisioning the subject device with local credentials from a local certificate authority, the local certificate authority operated by the device, wherein the local credentials indicate a verified use of the security profile tied to manufacturer-embedded keys (Smith,[0052], It should be appreciated that the compute device 106 and the buyer's commissioning device may establish a connection directly to perform additional device provisioning such as, for example, configuration of collection-specific device credentials, policies, and settings [0032], it should be appreciated that inclusion of the DMR and/or other data by the manufacturer device 102 to the block chain 120 virtually guarantees that the data will be fixed forever and therefore trustworthy. As such, in some embodiments, it may be unnecessary to utilize a certificate provided by a certificate authority in a public key infrastructure to serve as the root of trust.).  

11. 	Regarding Claim 41, Smith discloses, the device of claim 38, wherein performing device provisioning includes further operations comprising: 	 									 updating a resource of the subject device to a value associated with the security profile, wherein the subject device is transitioned to use of the security profile upon completion of the device provisioning(Smith, [0051], the rendezvous server 114 may verify the rendezvous server 114 is trusted by the buyer device 112, and the rendezvous server 114 may supply the buyer's ownership key (BKey_pub) to the compute device).  

12. 	Regarding Claim 42, Smith discloses, the device of claim 38, wherein the manufacturer-embedded key is associated with a trust anchor, wherein the trust anchor is managed through use of a trust anchor management protocol (Smith, [0042], the system 100 may utilize a one-to-many cryptographic scheme different from EPID. Further, in some embodiments, the manufacturer device 102 generates a hash (e.g., a cryptographic hash) of the public cryptographic key of the rendezvous server (SKey) and stores the generated hash to the compute device 106 and/or to the manufacturer device 102 for facilitating device commissioning. It should be appreciated that the public cryptographic key, SKey, may serve as a trust anchor for the rendezvous server 114.).  

13. 	Regarding Claim 44, Smith discloses, the device of claim 38, wherein the manufacturer-embedded key is associated with a platform attribute credential of the device platform, and wherein the platform attribute credential includes platform information that is publicly verifiable at a third party data source(Smith, [0031], the manufacturer device 102 may generate a device manufacture record (DMR) that includes several device attributes of the manufactured compute device 106, which may be cryptographically signed by a private cryptographic key of the manufacturer device 102. In the illustrative embodiment, the DMR may include attributes such as the public cryptographic key of the intended distributor (i.e., of the distribution device 108), a unique identifier of the manufactured compute device 106 (e.g., a UUID), data regarding a device “type” of the compute device 106, make/model/version information regarding the compute device 106, a public cryptographic key corresponding with a private cryptographic key (e.g., an EPID key) provisioned to the compute device 106).  

14. 	Regarding Claim 45, Smith disclose, the device of claim 38, the operations further comprising: querying a blockchain to confirm a trust anchor linked to the manufacturer- embedded key (Smith, [0044], the block chain 120 with that hash under the authority of the public cryptographic key, MKey_pub, of the manufacturer device 102. [0043], the manufacturer device 102 creates/generates a device manufacture record (DMR) that includes various attributes of the manufactured compute device 106 and, in some embodiments, cryptographically signs the DMR with a private cryptographic key of the manufacturer device 102 (MKey). For example, in the illustrative embodiment, the DMR includes the public cryptographic key of the intended distribution device 108 (TKey_pub),).  

15. 	Regarding Claim 46, Smith discloses, the device of claim 45, the operations further comprising: querying the blockchain to search for a trust anchor revocation for the trust anchor linked to the manufacturer-embedded key; and causing the subject device to use another security profile based on identifying the trust anchor revocation (Smith, [0065], rendezvous service providers, retailers, and distributors may compete for block chain clearing services. It should be further appreciated that the use of a block chain 120 may permit other techniques not described herein in detail for brevity of the disclosure. For example, in some embodiments, EPID revocations including signature and private key revocation events may be contributed to the block chain 120, thereby enabling a key status service to support EPID revocation processing. Indeed, a key status service may be utilized by one or more of the devices in the system 100 to monitor the block chain 120 for various key compromise events.).  

16. 	Regarding Claim 47, Smith discloses, the device of claim 38, wherein the subject device conducts a trusted boot sequence of device software for operation on the subject device, and wherein the attestation evidence includes verification of the trusted boot sequence by the device platform (Smith, [0043], in some embodiments, the manufacturer key and signing operation (or other operations described herein) may be security hardened by virtue of a trusted execution environment (TEE) technology).  

17. 	Regarding Claim 49, Smith discloses, the device of claim 38, wherein the trusted hardware component and the device are configured according to a specification of a Trusted Computing Group (TCG) standards family (Smith, [0043],  in some embodiments, the manufacturer key and signing operation (or other operations described herein) may be security hardened by virtue of a trusted execution environment (TEE) technology (e.g., Intel SGX, ARM TrustZone, Intel MemCore, Intel CSME/CSE, Intel Trust Technology, Intel TXT, Intel Secure Transfer Monitor (STM)) or secure element (SE) technology (e.g., Trusted Platform Module (TPM), a smartcard, a hardware security module (HSM)).).  

18. 	Regarding Claim 50, Smith discloses, a method for onboarding a subject device for use with a security profile, using operations performed by an onboarding tool device comprising (Smith, [0054], given set of compute devices 106 from a manufacturer, the compute devices 106 may be partitioned according to a plurality of buyers, where each buyer may supply a different onboarding utility and a DANE system 706 may choose from various possible onboarding utilities.),: 
receiving a request to perform an owner transfer method of the subject device, the subject device being associated with a device platform (Smith [0022], Fig 1, Compute device 106, As shown in FIG. 2, the illustrative manufacturer device 102 includes a processor 210, an input/output (“I/O”) subsystem 212, a memory 214, a data storage 216, a communication circuitry 218, and one or more peripheral devices 220. Of course, the manufacturer device 102 may include other or additional components, such as those commonly found in a typical computing device (e.g., various input/output devices, peripheral devices, and/or other components), in other embodiments. Claim 1,  A rendezvous server for device commissioning, the rendezvous server comprising: an ownership transfer module to receive, from a buyer device, a request to transfer ownership of a compute device to the buyer device); 
verifying attestation evidence associated with the subject device, the attestation evidence provided by the device platform, wherein the attestation evidence is signed by a certificate produced using a manufacturer-embedded key, and wherein the manufacturer- embedded key is provided from a trusted hardware component of the device platform (Smith, [0037],  in some embodiments, the verification module 406 may require the compute device 106 to perform an attestation using an attestation key of the compute device 106 (e.g., its private EPID key), which may be verified by the verification module 406. [0067], the method 900 advances to block 910 in which the rendezvous server 910 instructs the compute device 106 to perform attestation to the rendezvous server 114 using the private EPID key provisioned to the compute device 106 by the manufacturer device 102 during the initial provisioning of the compute device 106 by the manufacturer); 
andPRELIMINARY AMENDMENTPage 6Serial Number:UnknownDkt: (AA8284-PCT-US) 1884.592US1Filing Date: Herewith performing device provisioning of the subject device, based on the attestation evidence (Smith, [0051], server 114 may supply the buyer's ownership key (BKey_pub) to the compute device 106), 
wherein the device provisioning causes the subject device to use a security profile tied to manufacturer-embedded keys (Smith, [0042], the manufacturer device 102 embeds an Enhanced Privacy Identification (EPID) private key that identifies the compute device 106 as one manufactured by the manufacturer associated with the manufacturer device 102. It should be appreciated that, in the illustrative embodiment, each compute device 106 is provisioned with a private EPID key that corresponds with a public EPID key (DKm_pub) that identifies the group of devices that have the same make/model/version and/or are of a common device type).  
  
19. 	Regarding Claim 51, Smith discloses, the method of claim 50, further comprising: 
maintaining a list of owned and trusted devices of the device platform, the list including the subject device (Smith, [0037, The verification module 406 is configured to review the block chain entries of the block chain 120 associated with the compute device 106 to be transferred to determine the sequence of events that led to a device token being delivered to the rendezvous server 114 requesting transfer of ownership. ).  
Regarding Claim 52, Smith discloses, the method of claim 50, wherein performing device provisioning includes further operations comprising: provisioning the subject device with local credentials from a local certificate authority, the local certificate authority operated by the device, wherein the local credentials indicate a verified use of the security profile tied to manufacturer-embedded keys (Smith,[0052], It should be appreciated that the compute device 106 and the buyer's commissioning device may establish a connection directly to perform additional device provisioning such as, for example, configuration of collection-specific device credentials, policies, and settings [0032], it should be appreciated that inclusion of the DMR and/or other data by the manufacturer device 102 to the block chain 120 virtually guarantees that the data will be fixed forever and therefore trustworthy. As such, in some embodiments, it may be unnecessary to utilize a certificate provided by a certificate authority in a public key infrastructure to serve as the root of trust.).  

20. 	Regarding Claim 53, Smith discloses, the method of claim 50, wherein performing device provisioning includes further operations comprising: updating a resource of the subject device to a value associated with the security profile, wherein the subject device is transitioned to use of the security profile upon completion of the device provisioning (Smith, [0051], the rendezvous server 114 may verify the rendezvous server 114 is trusted by the buyer device 112, and the rendezvous server 114 may supply the buyer's ownership key (BKey_pub) to the compute device).  

21. 	Regarding Claim 54, Smith discloses, the method of claim 50, wherein the manufacturer-embedded key is associated with a trust anchor, wherein the trust anchor is managed through use of a trust anchor management protocol (Smith, [0042], the system 100 may utilize a one-to-many cryptographic scheme different from EPID. Further, in some embodiments, the manufacturer device 102 generates a hash (e.g., a cryptographic hash) of the public cryptographic key of the rendezvous server (SKey) and stores the generated hash to the compute device 106 and/or to the manufacturer device 102 for facilitating device commissioning. It should be appreciated that the public cryptographic key, SKey, may serve as a trust anchor for the rendezvous server 114.).  

22. 	Regarding Claim 56, Smith discloses, the method of claim 50, wherein the manufacturer-embedded key is associated with a platform attribute credential of the device platform, and wherein the platform attribute credential includes platform information that is publicly verifiable at a third party data source (Smith, [0031], the manufacturer device 102 may generate a device manufacture record (DMR) that includes several device attributes of the manufactured compute device 106, which may be cryptographically signed by a private cryptographic key of the manufacturer device 102. In the illustrative embodiment, the DMR may include attributes such as the public cryptographic key of the intended distributor (i.e., of the distribution device 108), a unique identifier of the manufactured compute device 106 (e.g., a UUID), data regarding a device “type” of the compute device 106, make/model/version information regarding the compute device 106, a public cryptographic key corresponding with a private cryptographic key (e.g., an EPID key) provisioned to the compute device 106).  
  
23. 	Regarding Claim 57, Smith discloses, the method of claim 50, the operations further comprising: querying a blockchain to confirm a trust anchor linked to the manufacturer- embedded key (Smith, [0044], the block chain 120 with that hash under the authority of the public cryptographic key, MKey_pub, of the manufacturer device 102. [0043], the manufacturer device 102 creates/generates a device manufacture record (DMR) that includes various attributes of the manufactured compute device 106 and, in some embodiments, cryptographically signs the DMR with a private cryptographic key of the manufacturer device 102 (MKey). For example, in the illustrative embodiment, the DMR includes the public cryptographic key of the intended distribution device 108 (TKey_pub),).  

24. 	Regarding Claim 58, Smith discloses, the method of claim 57, the operations further comprising: querying the blockchain to search for a trust anchor revocation for the trust anchor linked to the manufacturer-embedded key; and causing the subject device to use another security profile based on identifying the trust anchor revocation (Smith, [0065], rendezvous service providers, retailers, and distributors may compete for block chain clearing services. It should be further appreciated that the use of a block chain 120 may permit other techniques not described herein in detail for brevity of the disclosure. For example, in some embodiments, EPID revocations including signature and private key revocation events may be contributed to the block chain 120, thereby enabling a key status service to support EPID revocation processing. Indeed, a key status service may be utilized by one or more of the devices in the system 100 to monitor the block chain 120 for various key compromise events.).  

25. 	Regarding Claim 59, Smith discloses, the method of claim 50, wherein the subject device conducts a trusted boot sequence of device software for operation on the subject device, and wherein the attestation evidence includes verification of the trusted boot sequence by the device platform (Smith, [0043], in some embodiments, the manufacturer key and signing operation (or other operations described herein) may be security hardened by virtue of a trusted execution environment (TEE) technology).  

26. 	Regarding Claim 61, Smith discloses, a non-transitory machine-readable storage medium including instructions, wherein the instructions, when executed by a processing circuitry of a computing device, cause the processing circuitry to perform operations comprising (Smith, [0015], non-transitory machine-readable (e.g., computer-readable) storage medium, which may be read and executed by one or more processors.  [0022], the illustrative manufacturer device 102 includes a processor 210, an input/output (“I/O”) subsystem 212, a memory 214, a data storage 216, a communication circuitry 218, and one or more peripheral devices 220. Of course, the manufacturer device 102 may include other or additional components, such as those commonly found in a typical computing device (e.g., various input/output devices, peripheral devices, and/or other components), in other embodiments.):PRELIMINARY AMENDMENTPage 8Serial Number:UnknownDkt: (AA8284-PCT-US) 1884.592US1Filing Date: Herewith 
receiving a request to perform an owner transfer method of a subject device, the subject device being associated with a device platform (Smith [0022], Fig 1, Compute device 106, As shown in FIG. 2, the illustrative manufacturer device 102 includes a processor 210, an input/output (“I/O”) subsystem 212, a memory 214, a data storage 216, a communication circuitry 218, and one or more peripheral devices 220. Of course, the manufacturer device 102 may include other or additional components, such as those commonly found in a typical computing device (e.g., various input/output devices, peripheral devices, and/or other components), in other embodiments. Claim 1,  A rendezvous server for device commissioning, the rendezvous server comprising: an ownership transfer module to receive, from a buyer device, a request to transfer ownership of a compute device to the buyer device); 
verifying attestation evidence associated with the subject device, the attestation evidence provided by the device platform wherein the attestation evidence is signed by a certificate produced using a manufacturer-embedded key, wherein the manufacturer- embedded key is provided from a trusted hardware component of the device platform (Smith, [0037], in some embodiments, the verification module 406 may require the compute device 106 to perform an attestation using an attestation key of the compute device 106 (e.g., its private EPID key), which may be verified by the verification module 406. [0067], the method 900 advances to block 910 in which the rendezvous server 910 instructs the compute device 106 to perform attestation to the rendezvous server 114 using the private EPID key provisioned to the compute device 106 by the manufacturer device 102 during the initial provisioning of the compute device 106 by the manufacturer; 
and performing device provisioning of the subject device, based on the attestation evidence (Smith, [0051], server 114 may supply the buyer's ownership key (BKey_pub) to the compute device 106), 
wherein the device provisioning causes the subject device to use a security profile tied to manufacturer-embedded keys (Smith, [0042],  the manufacturer device 102 embeds an Enhanced Privacy Identification (EPID) private key that identifies the compute device 106 as one manufactured by the manufacturer associated with the manufacturer device 102. It should be appreciated that, in the illustrative embodiment, each compute device 106 is provisioned with a private EPID key that corresponds with a public EPID key (DKm_pub) that identifies the group of devices that have the same make/model/version and/or are of a common device type).  
  
27. 	Regarding Claim 62, Smith discloses, the machine-readable storage medium of claim 61, wherein the subject device conducts a trusted boot sequence of device software for operation on the subject device, and wherein the attestation evidence includes verification of the trusted boot sequence by the device platform (Smith, [0043], in some embodiments, the manufacturer key and signing operation (or other operations described herein) may be security hardened by virtue of a trusted execution environment (TEE) technology).

Claim Rejections - 35 USC § 103
28. 	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

29. 	Claim 43, 48, 55 and 60 are rejected under 35 U.S.C. 103 as being unpatentable over Smith (US Patent Publication No. 2017/364908 A1) in view of “OCF Security specification V1.0.0” by OCF.

30. 	Regarding Claim 43, Smith discloses, the device of claim 38, 
Smith does not explicitly disclose the following limitations that OCF teaches:
wherein the manufacturer-embedded key is linked to a certificate chain, wherein the certificate chain is terminated by a trust anchor, and wherein the attestation evidence includes the trust anchor (OCF, Pg. 29 Section 7.1.1, When a manufacturer certificate is used with certificates chaining to an OCF root CA (as specified in Section 7.1.1), the manufacturer shall include a platform ID inside certificate subject CN field. In such cases, the device ID may be created according to UAID scheme defined in this  section.).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the certificate when terminated by the anchor and the evidence of the attestation within the anchor to enhance security.
Regarding Claim 48, the device of claim 38, wherein the device is an onboarding tool(Smith, [0054], given set of compute devices 106 from a manufacturer, the compute devices 106 may be partitioned according to a plurality of buyers, where each buyer may supply a different onboarding utility and a DANE system 706 may choose from various possible onboarding utilities.), 
Smith does not explicitly disclose the following limitations that OCF teaches:
and wherein the device and the device platform are configured according to a specification of an Open Connectivity Foundation (OCF) standards family (OCF, Pg. 8, Section 1.0, The OCF Core specification contains informative security content. The OCF Security specification contains security normative content and may contain informative content related to the OCF base or other OCF specification).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the platform of the device when configured by and OCF to enhance security features.

31. 	Regarding Claim 55, Smith discloses, the method of claim 50, 
Smith does not explicitly disclose the following limitations that OCF teaches:
wherein the manufacturer-embedded key is linked to a certificate chain, wherein the certificate chain is terminated by a trust anchor, and wherein the attestation evidence includes the trust anchor(OCF, Pg. 29 Section 7.1.1, When a manufacturer certificate is used with certificates chaining to an OCF root CA (as specified in Section 7.1.1), the manufacturer shall include a platform ID inside certificate subject  CN field. In such cases, the device ID may be created according to UAID scheme defined in this  section.).
  
32. 	Regarding Claim 60, Smith discloses the method of claim 50, wherein the onboarding tool device (Smith, [0054], given set of compute devices 106 from a manufacturer, the compute devices 106 may be partitioned according to a plurality of buyers, where each buyer may supply a different onboarding utility and a DANE system 706 may choose from various possible onboarding utilities.) 
and wherein the trusted hardware component and the device platform are further configured according to a specification of a Trusted Computing Group (TCG) standards family (Smith, [0043],  in some embodiments, the manufacturer key and signing operation (or other operations described herein) may be security hardened by virtue of a trusted execution environment (TEE) technology (e.g., Intel SGX, ARM TrustZone, Intel MemCore, Intel CSME/CSE, Intel Trust Technology, Intel TXT, Intel Secure Transfer Monitor (STM)) or secure element (SE) technology (e.g., Trusted Platform Module (TPM), a smartcard, a hardware security module (HSM)).)
Smith does not explicitly disclose the following limitations that OCF teaches:
and the device platform operate according to a specification of an Open Connectivity Foundation (OCF) standards family (OCF, Pg. 8, Section 1.0, The OCF Core specification contains informative security content. The OCF Security specification contains security normative content and may contain informative content related to the OCF base or other OCF specification).    













Conclusion
33. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939.  The examiner can normally be reached on M-F, 8 AM TO 5 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAYASA SHAAWAT/
Examiner, Art Unit 2433
	

/BRANDON HOFFMAN/Primary Examiner, Art Unit 2433