DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Should applicant desire to obtain the benefit of foreign priority under 35 U.S.C. 119(a)-(d) prior to declaration of an interference, a certified English translation of the foreign application must be submitted in reply to this action.  37 CFR 41.154(b) and 41.202(e).
Failure to provide a certified translation may result in no benefit being accorded for the non-English application.
Applicant cannot rely upon the certified copy of the foreign priority application to overcome this rejection because a translation of said application has not been made of record in accordance with 37 CFR 1.55. See MPEP §§ 215 and 216.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-15 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Cammarota et al (20190306710).
Regarding claim 1, Cammarota et al discloses, an access point that is an enrollee attempting to enroll in a multiple access point network (abstract, fig. 1-9), the access point comprising: 
a transmit/receive unit (1120, fig. 11, ¶ 0038, transmitting and receiving RF signals according to any of the wireless communication standards); and a processor (1102, fig. 11, ¶ 0114), wherein the processor is configured to: 
receive, from a multiple access point device (220/120, fig. 2-3) that has enrolled in the multiple access point network, a first device provisioning protocol (DPP) message when the access point onboards to the multiple access point network by using a DPP (¶ 0060, 0069, fig. 2-3, the DPP configurator 220 generates a first nonce, generates a protocol key pair, performs a hash function of the enrollee public bootstrap key, and generates a first symmetric key based on a shared secret derived from the hashed bootstrap data. The DPP configurator 220 sends a DPP Authentication Request message 217 via one or more of the channels in the Channel List. The DPP authentication request message 217 includes the shared secret and the first nonce encrypted by the first symmetric key.), 
transmit, to the multiple access point device, a second DPP message based on the first DPP message (¶ 0061, the DPP enrollee 230 receives the DPP Authentication Request message 217 and checks whether a hash of its public bootstrap key is in the message. If a hash of its public bootstrap key is in the message, the DPP enrollee 230 generates the shared secret and derives the first symmetric key. The DPP enrollee 230 attempts to unwrap the first nonce using the first symmetric key. Next, the DPP enrollee 230 generates a second nonce, a shared secret, and a second symmetric key. The DPP enrollee 230 wraps the two nonces and its capabilities in the first symmetric key and wraps the authenticating tag in the second symmetric key. The DPP enrollee 230 then places a hash of its public bootstrapping key, its public protocol key, the wrapped nonces along with its wrapped network public key, and the wrapped authentication tag in an DPP Authentication Response message 227. The DPP Authentication Response message 227 is transmitted to the DPP configurator 220.), 
wherein the first DPP message is obtained based on information related to a medium access control (MAC) address of the enrollee transmitted from a controller of the multiple access point network (¶ 0075, the performance of the onboarding processes shown in FIGS. 1-3, the network operator 110 may receive an order to deploy a new Multi-AP Controller to replace a faulty device or upgrade the network. Before the new Multi-AP Controller is deployed to the Multi-AP Network (such as the network shown in FIG. 1), the network operator 110 may configure the new Multi-AP controller with the DPP configuration information 350. When the new Multi-AP Controller is deployed and power is turned on, the new Multi-AP Controller may attempt to connect by exchanging IEEE 1905.1 messages (shown at 333-363 of FIG. 3) for establishing IEEE 1905.1 network configuration and security. However, since the new Multi-AP Controller has a different media access control (MAC) address than the previous Multi-AP Controller, the IEEE 1905.1 AutoConfiguration request and response messages (such as the messages at 333) between the existing Multi-AP Agent(s) (such as the Multi-AP Agent 130) and the new Multi-AP Controller may fail. This may trigger a new IEEE 1905.1 authentication request and response message exchange (such as the messages at 343) between each of the existing Multi-AP Agent(s) and the new Multi-AP Controller to exchange the DPP configuration information. Each of the existing Multi-AP Agent(s) and the new Multi-AP Controller also may perform the message exchanges of 353 and 363 for establishing IEEE 1905.1 network configuration and security. In some implementations, the new Multi-AP Controller may perform both the message exchanges shown at 303-323), 
wherein a transmission method of the first DPP message is determined based on the information related to the MAC address of the enrollee (¶ 0075, the performance of the onboarding processes shown in FIGS. 1-3, the network operator 110 may receive an order to deploy a new Multi-AP Controller to replace a faulty device or upgrade the network. Before the new Multi-AP Controller is deployed to the Multi-AP Network (such as the network shown in FIG. 1), the network operator 110 may configure the new Multi-AP controller with the DPP configuration information 350. When the new Multi-AP Controller is deployed and power is turned on, the new Multi-AP Controller may attempt to connect by exchanging IEEE 1905.1 messages (shown at 333-363 of FIG. 3) for establishing IEEE 1905.1 network configuration and security. However, since the new Multi-AP Controller has a different media access control (MAC) address than the previous Multi-AP Controller, the IEEE 1905.1 AutoConfiguration request and response messages (such as the messages at 333) between the existing Multi-AP Agent(s) (such as the Multi-AP Agent 130) and the new Multi-AP Controller may fail. This may trigger a new IEEE 1905.1 authentication request and response message exchange between each of the existing Multi-AP Agent(s) and the new Multi-AP Controller to exchange the DPP configuration information. Each of the existing Multi-AP Agent(s) and the new Multi-AP Controller also may perform the message exchanges of 353 and 363 for establishing IEEE 1905.1 network configuration and security. In some implementations, the new Multi-AP Controller may perform both the message exchanges shown at 303-323). 
Regarding claims 2, 7, 13, Cammarota et al discloses, wherein the first DPP message includes information related to a channel on which the DPP is performed, wherein the second DPP message is transmitted on a channel indicated by the information related to the channel (see above further, see ¶ 0057, 0060, Channel number list may indicate which wireless channel).  
Regarding claims 3, 8, 13, Cammarota et al discloses, wherein the number of the channel on which the DPP is performed is plural (see above further, see ¶ 0057, 0060, Channel number list may indicate which wireless channel).  
Regarding claims 4, 9, 14, Cammarota et al discloses, wherein when the MAC address of the enrollee is included in the information related to the MAC address of the enrollee, the transmission method of the first DPP message is unicast, wherein when the MAC address of the enrollee is not included in the information related to the MAC address of the enrollee, the transmission method of the first DPP message is broadcast (see above further, see ¶ 0075, the performance of the onboarding processes shown in FIGS. 1-3, the network operator 110 may receive an order to deploy a new Multi-AP Controller to replace a faulty device or upgrade the network. Before the new Multi-AP Controller is deployed to the Multi-AP Network, the network operator 110 may configure the new Multi-AP controller with the DPP configuration information 350. When the new Multi-AP Controller is deployed and power is turned on, the new Multi-AP Controller may attempt to connect by exchanging IEEE 1905.1 messages for establishing IEEE 1905.1 network configuration and security. However, since the new Multi-AP Controller has a different media access control (MAC) address than the previous Multi-AP Controller, the IEEE 1905.1 AutoConfiguration request and response messages (such as the messages at 333) between the existing Multi-AP Agent(s) (such as the Multi-AP Agent 130) and the new Multi-AP Controller may fail. This may trigger a new IEEE 1905.1 authentication request and response message exchange between each of the existing Multi-AP Agent(s) and the new Multi-AP Controller to exchange the DPP configuration information. Each of the existing Multi-AP Agent(s) and the new Multi-AP Controller also may perform the message exchanges of 353 and 363 for establishing IEEE 1905.1 network configuration and security. In some implementations, the new Multi-AP Controller may perform both the message exchanges shown at 303-323). 
Regarding claims 5, 10, 15, Cammarota et al discloses, wherein a security process for the DPP to establish a secured link between the controller and the enrollee is initiated by the controller when the enrollee onboards to the multiple access point network without using the security process for the DPP and the controller holds information on a bootstrap public key of the enrollee (see above further, see ¶ 0060-0061, the DPP enrollee 230 receives the DPP Authentication Request message 217 and checks whether a hash of its public bootstrap key is in the message. If a hash of its public bootstrap key is in the message, the DPP enrollee 230 generates the shared secret and derives the first symmetric key. The DPP enrollee 230 attempts to unwrap the first nonce using the first symmetric key. Next, the DPP enrollee 230 generates a second nonce, a shared secret, and a second symmetric key. The DPP enrollee 230 wraps the two nonces and its capabilities in the first symmetric key and wraps the authenticating tag in the second symmetric key. The DPP enrollee 230 then places a hash of its public bootstrapping key (and optionally includes a hash of the configurators public bootstrapping key if it is doing mutual authentication), its public protocol key, the wrapped nonces along with its wrapped network public key, and the wrapped authentication tag in an DPP Authentication Response message 227. The DPP Authentication Response message 227 is transmitted to the DPP configurator 220). 
 Regarding claim 6, Cammarota et al discloses, an access point that is a controller configured to control a multiple access point network (abstract, fig. 1-9), the access point comprising: 
a transmit/receive unit (1120, fig. 11, ¶ 0038, transmitting and receiving RF signals according to any of the wireless communication standards); and a processor (1102, fig. 11, ¶ 0114), wherein the processor is configured to:    
transmit, to a multiple access point device that has enrolled in the multiple access point network, information related to a medium access control (MAC) address of an enrollee when the enrollee attempting to enroll in the multiple access point network onboards to the multiple access point network by using a device provisioning protocol (¶ 0075, the performance of the onboarding processes shown in FIGS. 1-3, the network operator 110 may receive an order to deploy a new Multi-AP Controller to replace a faulty device or upgrade the network. Before the new Multi-AP Controller is deployed to the Multi-AP Network, the network operator 110 may configure the new Multi-AP controller with the DPP configuration information 350. When the new Multi-AP Controller is deployed and power is turned on, the new Multi-AP Controller may attempt to connect by exchanging IEEE 1905.1 messages for establishing IEEE 1905.1 network configuration and security. However, since the new Multi-AP Controller has a different media access control (MAC) address than the previous Multi-AP Controller, the IEEE 1905.1 AutoConfiguration request and response messages (such as the messages at 333) between the existing Multi-AP Agent(s) (such as the Multi-AP Agent 130) and the new Multi-AP Controller may fail. This may trigger a new IEEE 1905.1 authentication request and response message exchange between each of the existing Multi-AP Agent(s) and the new Multi-AP Controller to exchange the DPP configuration information. Each of the existing Multi-AP Agent(s) and the new Multi-AP Controller also may perform the message exchanges of 353 and 363 for establishing IEEE 1905.1 network configuration and security. In some implementations, the new Multi-AP Controller may perform both the message exchanges shown at 303-323), 
receive, from the multiple access point device, a first DPP message (¶ 0060, 0069, fig. 2-3, the DPP configurator 220 generates a first nonce, generates a protocol key pair, performs a hash function of the enrollee public bootstrap key, and generates a first symmetric key based on a shared secret derived from the hashed bootstrap data. The DPP configurator 220 sends a DPP Authentication Request message 217 via one or more of the channels in the Channel List. The DPP authentication request message 217 includes the shared secret and the first nonce encrypted by the first symmetric key.), 
wherein the first DPP message is obtained based on a third DPP message that is a response to a second DPP message transmitted by the multiple access point device to the enrollee (¶ 0061-0062, the DPP enrollee 230 receives the DPP Authentication Request message 217 and checks whether a hash of its public bootstrap key is in the message. If a hash of its public bootstrap key is in the message, the DPP enrollee 230 generates the shared secret and derives the first symmetric key. The DPP enrollee 230 attempts to unwrap the first nonce using the first symmetric key. Next, the DPP enrollee 230 generates a second nonce, a shared secret, and a second symmetric key. The DPP enrollee 230 wraps the two nonces and its capabilities in the first symmetric key and wraps the authenticating tag in the second symmetric key. The DPP enrollee 230 then places a hash of its public bootstrapping key, its public protocol key, the wrapped nonces along with its wrapped network public key, and the wrapped authentication tag in an DPP Authentication Response message 227. The DPP Authentication Response message 227 is transmitted to the DPP configurator 220. After receiving a response, the DPP configurator 220 may validate the result at 235 and transmit a DPP Authentication Confirm message 237 to complete the DPP authentication phase. After successful completion of the DPP authentication phase, a secure channel between the DPP configurator 220 and the DPP enrollee 230 is established.), 
wherein the second DPP message is obtained based on information related to a MAC address of the enrollee, wherein a transmission method of the second DPP message is determined based on the information related to the MAC address of the enrollee ¶ 0075, the performance of the onboarding processes shown in FIGS. 1-3, the network operator 110 may receive an order to deploy a new Multi-AP Controller to replace a faulty device or upgrade the network. Before the new Multi-AP Controller is deployed to the Multi-AP Network, the network operator 110 may configure the new Multi-AP controller with the DPP configuration information 350. When the new Multi-AP Controller is deployed and power is turned on, the new Multi-AP Controller may attempt to connect by exchanging IEEE 1905.1 messages for establishing IEEE 1905.1 network configuration and security. However, since the new Multi-AP Controller has a different media access control (MAC) address than the previous Multi-AP Controller, the IEEE 1905.1 AutoConfiguration request and response messages (such as the messages at 333) between the existing Multi-AP Agent(s) (such as the Multi-AP Agent 130) and the new Multi-AP Controller may fail. This may trigger a new IEEE 1905.1 authentication request and response message exchange between each of the existing Multi-AP Agent(s) and the new Multi-AP Controller to exchange the DPP configuration information. Each of the existing Multi-AP Agent(s) and the new Multi-AP Controller also may perform the message exchanges of 353 and 363 for establishing IEEE 1905.1 network configuration and security. In some implementations, the new Multi-AP Controller may perform both the message exchanges shown at 303-323). 
Regarding claim 11, Cammarota et al discloses, an operation method of an access point that is an enrollee attempting to enroll in a multiple access point network, the operation method comprising: 
receiving, from a multiple access point device that has enrolled in the multiple access point network, a first DPP message when the access point onboards to the multiple access point network by using a DPP (¶ 0060, 0069, fig. 2-3, the DPP configurator 220 generates a first nonce, generates a protocol key pair, performs a hash function of the enrollee public bootstrap key, and generates a first symmetric key based on a shared secret derived from the hashed bootstrap data. The DPP configurator 220 sends a DPP Authentication Request message 217 via one or more of the channels in the Channel List. The DPP authentication request message 217 includes the shared secret and the first nonce encrypted by the first symmetric key.); and 
transmitting, to the multiple access point device, a second DPP message based on the first DPP message (¶ 0061, the DPP enrollee 230 receives the DPP Authentication Request message 217 and checks whether a hash of its public bootstrap key is in the message. If a hash of its public bootstrap key is in the message, the DPP enrollee 230 generates the shared secret and derives the first symmetric key. The DPP enrollee 230 attempts to unwrap the first nonce using the first symmetric key. Next, the DPP enrollee 230 generates a second nonce, a shared secret, and a second symmetric key. The DPP enrollee 230 wraps the two nonces and its capabilities in the first symmetric key and wraps the authenticating tag in the second symmetric key. The DPP enrollee 230 then places a hash of its public bootstrapping key, its public protocol key, the wrapped nonces along with its wrapped network public key, and the wrapped authentication tag in an DPP Authentication Response message 227. The DPP Authentication Response message 227 is transmitted to the DPP configurator 220.), 
wherein the first DPP message is obtained based on information related to a medium access control (MAC) address of the enrollee transmitted from a controller of the multiple access point network, wherein a transmission method of the first DPP message is determined based on the information related to the MAC address of the enrollee ¶ 0075, the performance of the onboarding processes shown in FIGS. 1-3, the network operator 110 may receive an order to deploy a new Multi-AP Controller to replace a faulty device or upgrade the network. Before the new Multi-AP Controller is deployed to the Multi-AP Network, the network operator 110 may configure the new Multi-AP controller with the DPP configuration information 350. When the new Multi-AP Controller is deployed and power is turned on, the new Multi-AP Controller may attempt to connect by exchanging IEEE 1905.1 messages for establishing IEEE 1905.1 network configuration and security. However, since the new Multi-AP Controller has a different media access control (MAC) address than the previous Multi-AP Controller, the IEEE 1905.1 AutoConfiguration request and response messages (such as the messages at 333) between the existing Multi-AP Agent(s) (such as the Multi-AP Agent 130) and the new Multi-AP Controller may fail. This may trigger a new IEEE 1905.1 authentication request and response message exchange between each of the existing Multi-AP Agent(s) and the new Multi-AP Controller to exchange the DPP configuration information. Each of the existing Multi-AP Agent(s) and the new Multi-AP Controller also may perform the message exchanges of 353 and 363 for establishing IEEE 1905.1 network configuration and security. In some implementations, the new Multi-AP Controller may perform both the message exchanges shown at 303-323). 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHAWAR IQBAL whose telephone number is (571)272-7909. The examiner can normally be reached M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jinsong Hu can be reached on 5712723965. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KHAWAR IQBAL/Primary Examiner, Art Unit 2643