DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present application, filed on October 05, 2020, is accepted. 
Claims 1 – 20 are being considered on the merits.

Drawings
The drawings, filed on October 05, 2020, are accepted.

Specification
The specification, filed on October 05, 2020, is accepted.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 – 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20180145971 A1 to Mistry in view of US 20200162454 A1 in view of Jain et al., (hereinafter, “Jain”).
Regarding claim 1, Mistry teaches a method for provisioning a computing device, comprising: receiving, by provisioning software that executes on the computing device to provision the computing device for access to an enterprise infrastructure from a device orchestration service through which computing devices are provisioned to access the enterprise infrastructure, a digital certificate representing a credential for accessing, by a user via the computing device, the enterprise infrastructure; [Mistry, para. 4 discloses a mobile device may include at least one memory and a processor cooperating with the at least one memory to store a plurality of managed enterprise applications in the at least one memory, and receive and store a digital certificate in a secure shared location within the at least one memory. Para. 30 discloses client computers 211-214 may connect to management server 210 via the Internet or other communication network, and may request access to one or more of the computing resources managed by management server 210. In response to client requests, the management server 210 may include a resource manager configured to select and provision physical resources in the hardware layer of the cloud system based on the client requests. For example, the management server 210 and additional components of the cloud system may be configured to provision, create, and manage virtual machines and their operating environments (e.g., hypervisors, storage resources, services offered by the network elements, etc.) for customers at client computers 211-214, over a network (e.g., the Internet), providing customers with computational resources, data storage services, networking capabilities, and computer platform and application support. Cloud systems also may be configured to provide various specific services, including security systems, development environments, user interfaces, and the like.] storing, by the provisioning software, the digital certificate in a secure credential storage location on the computing device; [Mistry, para. 4 discloses a mobile device may include at least one memory and a processor cooperating with the at least one memory to store a plurality of managed enterprise applications in the at least one memory, and receive and store a digital certificate in a secure shared location within the at least one memory. Para. 33 discloses physical hosting resources (or processing resources), physical network resources, physical storage resources, switches, and additional hardware resources that may be used to provide cloud computing services to customers. The physical hosting resources in a cloud zone 201-202 may include one or more computer servers 203, such as virtualization servers, which may be configured to create and host virtual machine instances. The physical network resources in a cloud zone 201 or 202 may include one or more network elements 205 (e.g., network service providers) comprising hardware and/or software configured to provide a network service to cloud customers, such as firewalls, network address translators, load balancers, virtual private network (VPN) gateways, Dynamic Host Configuration Protocol (DHCP) routers, and the like. The storage resources in the cloud zone 201-202 may include storage disks (e.g., solid state drives (SSDs), magnetic hard disks, etc.) and other storage devices.], but Mistry does not teach receiving, by the provisioning software via a user interface, a one-time-usable nonce value generated by the device orchestration service and usable to unlock the digital certificate; unlocking, by the provisioning software and using the nonce value, the digital certificate stored in the secure credential storage location; and presenting the digital certificate to the enterprise infrastructure to authorize access to the enterprise infrastructure by the user via the computing device. 
However, Jain does tech receiving, by the provisioning software via a user interface, a one-time-usable nonce value generated by the device orchestration service and usable to unlock the digital certificate; [Jain, para. 25 discloses an authentication interface of the authentication system may route the authentication request to a corresponding AD plugin, which may prompt the user to enter the user name and password before authenticating with a customer AD system. But if it is desirable for the enterprise server to authenticate using both AD and OTP, the client application may need to generate two separate authentication requests. Aspects described herein may provide a plugin corresponding to the combined authentication process, such as AD+OTP. This AD+OTP plugin may self-federate back to the authentication interface of the authentication system and generate requests for the AD authentication and for the OTP authentication, which will be handled by the respective AD and OTP plugins. The AD+OTP plugin may receive the resulting authentication tokens for the AD and OTP requests from the authentication interface, and may combine the tokens for use by the client application. The combined token may be returned to the enterprise server via the authentication interface so that the user can access the system.] unlocking, by the provisioning software and using the nonce value, the digital certificate stored in the secure credential storage location; [Jain, para. 9 discloses a second plugin corresponding to the second type of authentication process may gather user credentials and request the second authentication token from a resource owner system. Similarly, a third plugin corresponding to the third type of authentication process may gather necessary credentials and authenticate with a resource owner system. According to some aspects, the authentication system may implement single-sign on features. If the user has previously authenticated with a particular resource owner system and/or through a particular authentication process, the authentication system may provide stored single-sign on credentials/tokens without needing to re-gather credentials and re-authenticate with the resource owner system. While single-sign on credentials/tokens may be associated with timing and/or use restrictions, they may allow users to avoid duplicative credential prompts when re-accessing resources within the parameters of the single-sign on system.] and presenting the digital certificate to the enterprise infrastructure to authorize access to the enterprise infrastructure by the user via the computing device. [Jain, para. 51 discloses The Secure InterProcess Communication (IPC) links 312 between the native applications 310 and client agent 304 represent a management channel, which may allow a client agent to supply policies to be enforced by the application management framework 314 “wrapping” each application. The IPC channel 312 may also allow client agent 304 to supply credential and authentication information that enables connectivity and SSO to enterprise resources 308. Finally, the IPC channel 312 may allow the application management framework 314 to invoke user interface functions implemented by client agent 304, such as online and offline authentication.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Jain’s system with Mistry’s system, with a motivation to invoke a particular authentication process and/or an implicit request, where the authentication process may be determined based on an indication of the resources to be accessed. The self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code. [Jain, para. 24] 

Regarding claim 2, modified Mistry teaches the method of claim 1, but Mistry does not teach further comprising, generating, by the orchestration service and dependent on a unique identifier of the computing device and on infrastructure access information associated with the user, the digital certificate.  
However, Jain does teach further comprising, generating, by the orchestration service and dependent on a unique identifier of the computing device and on infrastructure access information associated with the user, the digital certificate. [Jain, para. 81 discloses Authentication system 420 may issue an authentication token to an authenticated user (e.g., a user that successfully authenticates with a federated identity provider) as a result of successfully completing an authentication procedure (e.g., logging in) in the enterprise network. In one example, users of client devices may log into a virtualized, cloud-based environment using their existing authentication credentials, which may be a username and password, biometric measurement (e.g., fingerprint scan, retina scan, facial recognition, voice recognition, etc.), entering an access code provided to a specified user device (e.g., the user's smartphone may receive a message containing a code to enter into a portal provided by the relying party), or any other authentication means for access to the enterprise network. Para. 82 discloses Computing environment 400 may include one or more federated identity providers, such as federated identity providers 441, 443, 445, 447, which may be responsible for generating, updating, and managing tokens of users for use in the public network for access to third party systems. In some instances, the authentication tokens issued by authentication system 420 might not be recognized and interpreted by the federated identity provider servers.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Jain’s system with Mistry’s system, with a motivation to invoke a particular authentication process and/or an implicit request, where the authentication process may be determined based on an indication of the resources to be accessed. The self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code. [Jain, para. 24] 

As per claim 3, modified Mistry teaches the method of claim 2, wherein the infrastructure access information associated with the user comprises at least one of: account information associated with the user; information identifying an access portal of the enterprise infrastructure [Mistry, para. 19 discloses an access manager may perform a validation process that determines whether a mobile application requesting access to enterprise resources has accurately identified itself and has not been subsequently altered after installation at the mobile computing device. In this way, the access manager may ensure the mobile application requesting access to the enterprise resource can be trusted and is not attempting to circumvent the security mechanisms used to protect those enterprise resources. As a result, individuals associated with the enterprise may advantageously utilize enterprise resources at their personal mobile devices.] Mistry does not teach and an enterprise login credential for the user.
However, Jain does teach and an enterprise login credential for the user (Jain, Para. 25 discloses consider an authentication system that supports user name and password verification via a first authentication process, such as Active Directory (AD), and supports two-factor verification via a second authentication process, such as One Time Password (OTP). If a relying party such as an enterprise server wanted to authenticate a client device via the AD process, the relying party may send an authentication request to the authentication system. An authentication interface of the authentication system may route the authentication request to a corresponding AD plugin, which may prompt the user to enter the user name and password before authenticating with a customer AD system. But if it is desirable for the enterprise server to authenticate using both AD and OTP, the client application may need to generate two separate authentication requests. Para. 36 discloses the managed partition 310 may have policies applied to it to secure the applications running on and data stored in the managed partition. In other embodiments, all applications may execute in accordance with a set of one or more policy files received separate from the application, and which define one or more security parameters, features, resource restrictions, and/or other access controls that are enforced by the mobile device management system when that application is executing on the device. By operating in accordance with their respective policy file(s), each application may be allowed or restricted from communications with one or more other applications and/or resources, thereby creating a virtual partition.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Jain’s system with Mistry’s system, with a motivation to invoke a particular authentication process and/or an implicit request, where the authentication process may be determined based on an indication of the resources to be accessed. The self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code. [Jain, para. 24]. 

Regarding claim 4, modified Mistry teaches the method of claim 2, wherein generating the digital certificate is further dependent on information indicating a configuration of the computing device. [Mistry, Para. 19 discloses an access manager may perform a validation process that determines whether a mobile application requesting access to enterprise resources has accurately identified itself and has not been subsequently altered after installation at the mobile computing device]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Jain’s system with Mistry’s system, with a motivation to invoke a particular authentication process and/or an implicit request, where the authentication process may be determined based on an indication of the resources to be accessed. The self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code. [Jain, para. 24] 

As per claim 5, modified Mistry teaches the method of claim 1, further comprising accessing, by an application executing on the computing device, the enterprise infrastructure. [Mistry, para. 19 discloses an access manager may perform a validation process that determines whether a mobile application requesting access to enterprise resources has accurately identified itself and has not been subsequently altered after installation at the mobile computing device. In this way, the access manager may ensure the mobile application requesting access to the enterprise resource can be trusted and is not attempting to circumvent the security mechanisms used to protect those enterprise resources. As a result, individuals associated with the enterprise may advantageously utilize enterprise resources at their personal mobile devices.]

Regarding claim 6, modified Mistry teaches the method of claim 1, wherein: the method further comprises receiving, by the device orchestration service, an indication that end-user deployment has been requested on behalf of the user; [Mistry, para. 30 discloses the management server 210 also may include a set of APIs and/or one or more customer console applications with user interfaces configured to receive cloud computing requests from end users via client computers 211-214, for example, requests to create, modify, or destroy virtual machines within the cloud.] and said receiving the digital certificate, said storing the digital certificate, said receiving the nonce value, and said unlocking the digital certificate are performed in response to determining that end-user deployment has been requested. [Mistry, para. 30 discloses client computers 211-214 may connect to management server 210 via the Internet or other communication network, and may request access to one or more of the computing resources managed by management server 210. In response to client requests, the management server 210 may include a resource manager configured to select and provision physical resources in the hardware layer of the cloud system based on the client requests. For example, the management server 210 and additional components of the cloud system may be configured to provision, create, and manage virtual machines and their operating environments (e.g., hypervisors, storage resources, services offered by the network elements, etc.) for customers at client computers 211-214, over a network (e.g., the Internet), providing customers with computational resources, data storage services, networking capabilities, and computer platform and application support. Cloud systems also may be configured to provide various specific services, including security systems, development environments, user interfaces, and the like.], but Mistry does not teach said receiving the nonce value are performed in response to determining that end-user deployment has been requested.
However, Jain does teach said receiving the nonce value are performed in response to determining that end-user deployment has been requested. [Mistry, para. 99 discloses OTP plugin 437 may get user One Time Password (OTP) credentials or proof of access to a multi-factor authentication device. For example, OTP plugin 437 may cause a text message to be sent to a registered SMS number of the user's mobile device, or may receive as input a time-based one time password code from an authentication device of the user.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Jain’s system with Mistry’s system, with a motivation to invoke a particular authentication process and/or an implicit request, where the authentication process may be determined based on an indication of the resources to be accessed. The self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code. [Jain, para. 24] 

Regarding claim 7, modified Mistry teaches the method of claim 1, but Mistry does not teach further comprising providing, to the user by the device orchestration service via a text message or an email message, the nonce value.  
	However, Jain does teach further comprising providing, to the user by the device orchestration service via a text message or an email message, the nonce value. [Mistry, para. 99 discloses OTP plugin 437 may get user One Time Password (OTP) credentials or proof of access to a multi-factor authentication device. For example, OTP plugin 437 may cause a text message to be sent to a registered SMS number of the user's mobile device, or may receive as input a time-based one time password code from an authentication device of the user. OTP plugin 437 may, at step 632, request to authenticate the user device with OTP server 447. OTP server 447 may be a federated identity provider, and may be associated with the enterprise hosting authentication system 520 and/or a third party network. The request may be to obtain a third authentication token, an OTP authentication token. The request may comprise the gathered user credentials, e.g., the one time password. If the OTP server 447 is configured to confirm multi-factor authentication in another manner, such as having an authentication device of the user send a message directly to OTP server 447, the request may not require credentials, but may include information identifying the request and the user device to be authenticated. At step 634, OTP server 447 may authenticate the user based on the credentials in the request and/or OTP/multi-factor authentication information corresponding to the request using known techniques. For example, OTP server may send an SMS message to a mobile phone associated with the user, and the user may enter a one time code into a page provided by OTP server 447 and/or authentication system 520.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Jain’s system with Mistry’s system, with a motivation to invoke a particular authentication process and/or an implicit request, where the authentication process may be determined based on an indication of the resources to be accessed. The self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code. [Jain, para. 24] 

Regarding claim 8, modified Mistry teaches the method of claim 1, but Mistry does not teach wherein presenting the digital certificate to the enterprise infrastructure comprises communicating, by the provisioning software, the digital certificate to the enterprise infrastructure in conjunction with a first login to the enterprise infrastructure by the user via the computing device. 
However, Jain does tech wherein presenting the digital certificate to the enterprise infrastructure comprises communicating, by the provisioning software, the digital certificate to the enterprise infrastructure in conjunction with a first login to the enterprise infrastructure by the user via the computing device [Jain, para. 103 discloses the AD+OTP authentication token (or other authentication tokens) may further enable user devices to have single-sign-on (SSO) access to one or more resources using an enterprise identity service provided by an enterprise identity server, e.g., the authentication system 520. For example, enterprise servers (relying parties) may receive the authentication token from enterprise identity provider servers. As an example, relying party 510 may store the AD+OTP authentication token (or other authentication tokens obtained by the authentication system 520 and returned to the relying party 510 or derived from those tokens) in a key store of the enterprise system. In some instances, the authentication token may be specific to authentication system 520 and may be interpreted by authentication system 520, which may enable user devices to have SSO access to various services and resources provided by the enterprise system within the enterprise network. SSO may be a property of access control of multiple related, yet independent services and resources in an enterprise system. As an example, a user may log in with a single ID and password to gain access to connected systems without using different usernames or passwords, or seamlessly sign on at each system.]
Therefore, it would have been obvious to one of ordinary skill within the art before the effective filling to combine Jain’s system with Mistry’s system, with a motivation to invoke a particular authentication process and/or an implicit request, where the authentication process may be determined based on an indication of the resources to be accessed. The self-federating plugin corresponding to the combined authentication process may allow the authentication system to support authentication requests that indicate the combined authentication process. This “chained” authentication process, accomplished through self-federation, may allow the authentication system to reuse existing code paths and avoid downsides associated with duplication of code. [Jain, para. 24] 

Regarding claim 9, Mistry teaches system for provisioning an information handling system, comprising: a device orchestration service through which information handling systems are provisioned to access an enterprise infrastructure, [Mistry, para. 25 discloses memory 121 may further store operating system software 123 for controlling overall operation of the data processing device 103, control logic 125 for instructing data server 103 to perform aspects described herein, and other application software 127 providing secondary, support, and/or other functionality which may or may not be used in conjunction with aspects described herein. The control logic may also be referred to herein as the data server software 125. Functionality of the data server software may refer to operations or decisions made automatically based on rules coded into the control logic, made manually by a user providing input into the system, and/or a combination of automatic processing based on user input (e.g., queries, data updates, etc.).] the device orchestration service configured to generate a digital certificate for the information handling system dependent on a unique identifier of the information handling system and infrastructure access information associated with a user, the digital certificate representing a credential for accessing, by the user, the enterprise infrastructure; [Mistry, para. 44 discloses The enterprise services 308 may include authentication services 358, threat detection services 364, device manager services 324, file sharing services 368, policy manager services 370, social integration services 372, application controller services 374, and the like. Authentication services 358 may include user authentication services, device authentication services, application authentication services, data authentication services and the like. Authentication services 358 may use certificates. The certificates may be stored on the mobile device 302, by the enterprise resources 304, and the like. The certificates stored on the mobile device 302 may be stored in an encrypted location on the mobile device, the certificate may be temporarily stored on the mobile device 302 for use at the time of authentication, and the like. Threat detection services 364 may include intrusion detection services, unauthorized access attempt detection services, and the like. Unauthorized access attempt detection services may include unauthorized attempts to access devices, applications, data, and the like.] the information handling system, including: a secure credential storage medium; a processor; a memory storing program instructions that when executed by the processor cause the processor to:[Mistry, para. 23 discloses the components may include data server 103, web server 105, and client computers 107, 109. Data server 103 provides overall access, control and administration of databases and control software for performing one or more illustrative aspects describe herein. Data server 103 may be connected to web server 105 through which users interact with and obtain data as requested. Alternatively, data server 103 may act as a web server itself and be directly connected to the Internet. Data server 103 may be connected to web server 105 through the network 101 (e.g., the Internet), via direct or indirect connection, or via some other network. Para. 26 discloses Memory 121 may also store data used in performance of one or more aspects described herein, including a first database 129 and a second database 131. In some embodiments, the first database may include the second database (e.g., as a separate table, report, etc.). That is, the information can be stored in a single database, or separated into different logical, virtual, or physical databases, depending on system design. Devices 105, 107, 109 may have similar or different architecture as described with respect to device 103.] the rest of the limitation recite features similar to featured within claim 1, therefore, they are rejection in the same manner.

As per claim 10, modified Mistry teaches the system of claim 9, wherein: the information handling system further comprises an embedded controller; [Mistry, para. 25 discloses Each component 103, 105, 107, 109 may be any type of known computer, server, or data processing device. Data server 103, e.g., may include a processor 111 controlling overall operation of the rate server 103. Data server 103 may further include RAM 113, ROM 115, network interface 117, input/output interfaces 119 (e.g., keyboard, mouse, display, printer, etc.), and memory 121. I/O 119 may include a variety of interface units and drives for reading, writing, displaying, and/or printing data or files. Memory 121 may further store operating system software 123 for controlling overall operation of the data processing device 103, control logic 125 for instructing data server 103 to perform aspects described herein, and other application software 127 providing secondary, support, and/or other functionality which may or may not be used in conjunction with aspects described herein. The control logic may also be referred to herein as the data server software 125. Functionality of the data server software may refer to operations or decisions made automatically based on rules coded into the control logic, made manually by a user providing input into the system, and/or a combination of automatic processing based on user input (e.g., queries, data updates, etc.).] and the unique identifier of the information handling system comprises an identifier of the embedded controller. [Mistry, para. 44 discloses The enterprise services 308 may include authentication services 358, threat detection services 364, device manager services 324, file sharing services 368, policy manager services 370, social integration services 372, application controller services 374, and the like. Authentication services 358 may include user authentication services, device authentication services, application authentication services, data authentication services and the like. Authentication services 358 may use certificates. The certificates may be stored on the mobile device 302, by the enterprise resources 304, and the like. The certificates stored on the mobile device 302 may be stored in an encrypted location on the mobile device, the certificate may be temporarily stored on the mobile device 302 for use at the time of authentication, and the like.]

	Regarding claims 11 – 12, they recite features similar to features within the claims 3 – 4, therefore, they are rejected in the same manner. 

Regarding claim 13, it recites feature similar to feature within the claim 8, therefore, it is rejected in the same manner. 
 
As per claim 14, modified Mistry teaches the system of claim 9, wherein: the digital certificate is valid for a predetermined period of time; [Mistry, para. 54 discloses Client agent 404 may facilitate these network connections by providing suitable time limited secondary credentials obtained following online authentication. Multiple modes of network connection may be used, such as reverse web proxy connections and end-to-end VPN-style tunnels 418.] and when executed by the processor, the program instructions further cause the processor to disable the digital certificate stored in the secure credential storage medium in response to the predetermined period of time expiring. [Mistry, para. 62 discloses when an application 410 is put in the background, the memory may be cleared after a predetermined (configurable) time period. When backgrounded, a snapshot may be taken of the last displayed screen of the application to expedite the foregrounding process. The screenshot may contain confidential data and hence should be cleared.]
 
Regarding claim 15, it recites features similar to features within the claim 1, therefore, it is rejected in the same manner.

Regarding claim 16, it recites features similar to features within the claim 2, therefore, it is rejected in the same manner.

Regarding claims 17 – 18, they recite features similar to features within the claims 3 – 4, therefore, they are rejected in the same manner. 

 Regarding claim 19, it recites features similar to features within the claim 8, therefore, it is rejected in the same manner. 

Regarding claim 20, it recites features similar to featurse within the claim 14, therefore, it is rejected in the same manner. 

Conclusion
Pertinent prior art made of record however not relied upon includes:
US 20190332773 A1 to Konetski et al.
“A secured virtual environment provides access to enterprise data and may be configured remotely while isolated from the operating system of an Information Handling System (IHS). In secured booting of the IHS, references signatures are received via an out-of-band connection to the IHS. The reference signatures specify reference states for components of the IHS. Prior to launching a secured virtual environment, a trusted resource of the IHS, such as embedded controller isolated from the operating system, is queried for updated signatures specifying operating states of the component. The integrity of the IHS is validated based on comparisons of the respective reference signatures and updated signatures. If the integrity of the IHS is validated, a secured virtual environment is configured such that particular user may access the enterprise data according to applicable policies that may be periodically revalidated. The secured virtual environment may then be launched on the IHS.”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Phuc Pham whose telephone number is (571)272-8893. The examiner can normally be reached Monday - Thursday 7:30 AM - 4:30 PM; Friday 8:00 AM - 12:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/P.P./Patent Examiner, Art Unit 2434                                                                                                                                                                                                        
/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434