DETAILED ACTION
	This application has been examined. Claims 1,4,6,8-13,16,18 and 20-29 are pending.  Claims 2-3,5,7,14-15,17,19 are cancelled.  
 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Re-opening Prosecution
In view of the Appeal Brief filed on 8/1/2022, PROSECUTION IS HEREBY REOPENED.  This Non-Final Office Action is being presented in order to present new USC 103 rejections and the claim limitations as disclosed by the prior art.
To avoid abandonment of the application, appellant must exercise one of the following two options:
(1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 CFR 1.113 (if this Office action is final); or,
(2) initiate a new appeal by filing a notice of appeal under 37 CFR 41.31 followed by an appeal brief under 37 CFR 41.37.  The previously paid notice of appeal fee and appeal brief fee can be applied to the new appeal.  If, however, the appeal fees set forth in 37 CFR 41.20 have been increased since they were previously paid, then appellant must pay the difference between the increased fees and the amount previously paid.
A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by signing below:

 
Response to Arguments
Applicant's arguments filed 8/1/2021 have been fully considered but they are moot in view of the new grounds for rejection.  
Nathan disclosed (re. Claim 1) ‘obtaining, at the mobile device, at least one visual code that has encoded therein enrollment information (Nathan-Paragraph 96,  app running on the client computerized device can request that the server generate a camera setup token, such as an optical bar code or QR code, Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )    including  secret information comprising a camera token for use by the camera (Nathan- Paragraph 89,  The VCS allocates a time expiring secret key and password to the device, which it will use for all future requests until these expire Paragraph 94, using at least one time expiring token and at least one encryption key )   in requesting the enrollment into the video surveillance system; and displaying, on a display of the mobile device, the at least one visual code for being read by the camera, (Nathan-Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )    
However Nathan does not disclose (re. Claim 1) ‘obtaining, at the mobile device, at least one visual code that has encoded therein enrollment information including secret information comprising an encryption key.
Cammarota Paragraph 67 disclosed wherein the encryption key may be encoded in a barcode image. Cammarota Paragraph 48 disclosed wherein a common example of a barcode may be a QR code.
Cammarota disclosed (re. Claim 1) visual code that has encoded secret information comprising an encryption key. (Cammarota-Paragraph 67,the encryption key may be encoded in a barcode image, Paragraph 48, a common example of a barcode may be a QR code )

 Nathan and Cammarota are analogous art because they both present concepts and practices regarding using a client device for registering a target device.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Cammarota into Nathan.  The motivation for the said combination would have been to provide a scalable and less complex approach for adding more configurator devices to the device provisioning protocol, as compared to approaches that rely on different configurator keys for each configurator device. By defining a secure storage format for storing or sharing configurator keys, the device provisioning protocol may benefit from increased interoperability between configurator devices. (Cammarota-Paragraph 42)


Allowable Subject Matter
Claims 26-29 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and including all of the limitations in each and every intervening claim(s).

Priority
	 This application claims benefits of priority from Provisional Application 62/780216 filed December 15, 2018. 
	The effective date of the claims described in this application is December 15, 2018.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 21 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 21 recites a claim dependency on cancelled claim 19.  There is insufficient antecedent basis for this limitation in the claim.


 Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1,4,6,8-13,16,18 and 22-25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nathan (USPGPUB 2020/0137354) further in view of Cammarota (USPGPUB 2018/0109381). 

In regard to Claim 1
Nathan Paragraph 96 disclosed wherein when a user installs a new camera (or reconfigures an existing camera), the user can use the user's client computerized device to sign into the system and request a new camera setup. For example an app running on the client computerized device can request that the server generate a camera setup token, such as an optical bar code or QR code, that the processor equipped camera can then read and use to extract configuration information.
Nathan disclosed (re. Claim 1) a method for enrolling a camera into a video surveillance system, the method comprising: 
receiving, at a mobile device, an indication to enroll the camera into the video surveillance system; (Nathan-Paragraph 96, the user can use the user's client computerized device to sign into the system and request a new camera setup ) 
obtaining, at the mobile device, visual information (Nathan-Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )   indicative of enrollment information for enrolling the camera into the video surveillance system; (Nathan-Paragraph 96, an app running on the client computerized device can request that the server generate a camera setup token, such as an optical bar code or QR code ) 
and displaying, on a display of the mobile device, the visual information  (Nathan-Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )   for being read by the camera, the camera configured to request enrollment from a server of the video surveillance system (Nathan-Paragraph 98, The camera can then take the customer ID, camera token, and camera ID and register with the system server )  based on the enrollment information obtainable from the visual information. (Nathan-Paragraph 97, When this QR code is shown to the camera, the camera processor, using suitable bar code recognition software, can extract the WiFi SSID and password and use this information connect to the Internet, possibly using a cloud server URL previously stored in the camera system software, or alternatively provided by the QR code as well. The camera and server can then take the locale code to setup the default system server URL depending on the location of the camera. This scheme thus allows any camera to be provisioned to the system servers according to the camera's geolocation ) 

 	 
 	receiving, at the mobile device, secret information from the server, (Nathan-Paragraph 96, an app running on the client computerized device can request that the server generate a camera setup token, such as an optical bar code or QR code )  the secret information comprising a camera token that the mobile device is to provide to the camera for use by the camera in requesting enrollment into the video surveillance system’ (Nathan-Paragraph 87, secret key is also tied up to a unique key (local id) identifying the device uniquely, which is again SHA hashed to time in the devices , Paragraph 94, using at least one time expiring token and at least one encryption key)   --  and  -- ‘generating, at the mobile device, at least one visual code to encode therein enrollment information (Nathan-Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )    including the secret information comprising the camera token  for use by the camera in requesting the enrollment into the video surveillance system; and displaying, on a display of the mobile device, the at least one visual code for being read by the camera, (Nathan-Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )    the camera configured to request the enrollment into the video surveillance system from the server of the video surveillance system (Nathan-Paragraph 98, The camera can then take the customer ID, camera token, and camera ID and register with the system server )   based on the enrollment information including the secret information comprising the camera token  -obtainable from the at least one visual code (Nathan-Paragraph 97, When this QR code is shown to the camera, the camera processor, using suitable bar code recognition software, can extract the WiFi SSID and password and use this information connect to the Internet, possibly using a cloud server URL previously stored in the camera system software, or alternatively provided by the QR code as well. The camera and server can then take the locale code to setup the default system server URL depending on the location of the camera. This scheme thus allows any camera to be provisioned to the system servers according to the camera's geolocation )
 
The Examiner notes wherein the Nathan Paragraph 99 disclosed using one or more bar codes or other type optical codes that encode at least some information selected from the group consisting of WiFi SSD, WiFi passwords, locate code, customer ID, and camera token. Nathan Paragraph 94 disclosed wherein communications between the various processor controlled video cameras, various system Internet servers, and various client computerized devices can be secured by using at least one time expiring token and at least one encryption key

Nathan disclosed (re. Claim 1) ‘obtaining, at the mobile device, at least one visual code that has encoded therein enrollment information (Nathan-Paragraph 96,  app running on the client computerized device can request that the server generate a camera setup token, such as an optical bar code or QR code, Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )    including  secret information comprising a camera token for use by the camera (Nathan- Paragraph 89,  The VCS allocates a time expiring secret key and password to the device, which it will use for all future requests until these expire Paragraph 94, using at least one time expiring token and at least one encryption key )   in requesting the enrollment into the video surveillance system; and displaying, on a display of the mobile device, the at least one visual code for being read by the camera, (Nathan-Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )    
However Nathan does not disclose (re. Claim 1) ‘obtaining, at the mobile device, at least one visual code that has encoded therein enrollment information including secret information comprising an encryption key.
Cammarota Paragraph 67 disclosed wherein the encryption key may be encoded in a barcode image. Cammarota Paragraph 48 disclosed wherein a common example of a barcode may be a QR code.
Cammarota disclosed (re. Claim 1) visual code that has encoded secret information comprising an encryption key. (Cammarota-Paragraph 67,the encryption key may be encoded in a barcode image, Paragraph 48, a common example of a barcode may be a QR code )

 Nathan and Cammarota are analogous art because they both present concepts and practices regarding using a client device for registering a target device.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Cammarota into Nathan.  The motivation for the said combination would have been to provide a scalable and less complex approach for adding more configurator devices to the device provisioning protocol, as compared to approaches that rely on different configurator keys for each configurator device. By defining a secure storage format for storing or sharing configurator keys, the device provisioning protocol may benefit from increased interoperability between configurator devices. (Cammarota-Paragraph 42)

	In regard to Claim 13
  Claim 13 (re. a mobile device) recites substantially similar limitations as Claim 1.  Claim 13 is rejected on the same basis as Claim 1.
In regard to Claim 25
  Claim 25 (re. non-transitory computer-readable medium) recites substantially similar limitations as Claim 1.  Claim 25 is rejected on the same basis as Claim 1.
 
In regard to Claim 4,16
Nathan-Cammarota disclosed (re. Claim 4,16) wherein the enrollment information comprises server location information of the server of the video surveillance system (Nathan-Paragraph 97, When this QR code is shown to the camera, the camera processor can use this information to connect to the Internet, possibly using a cloud server URL provided by the QR code as well. The camera and server can then take the locale code to setup the default system server URL depending on the location of the camera. This scheme thus allows any camera to be provisioned to the system servers according to the camera's geolocation ) 	In regard to Claim 6,18
Nathan-Cammarota disclosed (re. Claim 6,18) ‘transmitting, by the mobile device, an enrollment initiation request to a server of the video surveillance system, (Nathan-Paragraph 96, the user can use the user's client computerized device to sign into the system and request a new camera setup )   the enrollment initiation request (Nathan-Paragraph 98, The camera can then take the customer ID, camera token, and camera ID and register with the system server )  indicative of an intention to enroll the camera into the video surveillance system; and

receiving, at the mobile device, at least in part the enrollment information from the server. (Nathan-Paragraph 96, an app running on the client computerized device can request that the server generate a camera setup token, such as an optical bar code or QR code )

wherein receiving, at the mobile device, at least in part the enrollment information from the server comprise receiving, at the mobile device, the secret information comprising the encryption key from the server.(Cammarota-Paragraph 67,the encryption key may be encoded in a barcode image, Paragraph 48, a common example of a barcode may be a QR code )
	In regard to Claim 8,20
Nathan-Cammarota disclosed (re. Claim 8,20) wherein the secret information comprises a unique identifier assigned to the camera by the server for use by the camera in requesting the enrollment into the video surveillance system (Nathan-Paragraph 87, secret key is also tied up to a unique key (local id) identifying the device uniquely, which is again SHA hashed to time in the devices )  
	In regard to Claim 11,23
Nathan-Cammarota disclosed (re. Claim 11,23) providing, by the mobile device, an indication that the camera has been enrolled in response to receiving confirmation from the server (Nathan-Paragraph 72, server may either respond back with just an acknowledgement, or with additional data for configuration/updates )  that the camera has been enrolled into the video surveillance system. (Nathan-Paragraph 174, client computerized device receives a notification from the system servers which will typically include the eventID (event identification number). In some embodiments, the system can then automatically use this event ID to then construct a reasonably secure URL from which do then obtain the video that corresponds to this eventID ) 	In regard to Claim 12,24
 	Nathan-Cammarota disclosed (re. Claim 12,24)  receiving, at the mobile device, camera configuration information (Nathan-Paragraph 72, server may either respond back with just an acknowledgement, or with additional data for configuration/updates)   and providing, by the mobile device, the camera configuration information to the camera.(Nathan-Paragraph 139, Once registered, the camera will then retrieve the appropriate camera configuration ) 
 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 9,21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nathan (USPGPUB 2020/0137354) further in view of Cammarota (USPGPUB 2018/0109381) further in view of Avetisov (USPGPUB 2021/0258308) further in view of Pattar (USPGPUB 2018/0278612).
 	In regard to Claim 9,21
Nathan-Cammarota disclosed (re. Claim 9,21)   generate encrypted login credentials of the camera by encrypting login credentials of the camera   (Nathan-Paragraph 97, the client computerized device can generate the appropriate QR code, which is then either displayed on the display screen of the client computerized device )    wherein the camera is configured to transmit the encrypted login credentials of the camera to the server. (Nathan-Paragraph 98, The camera can then take the customer ID, camera token, and camera ID and register with the system server )   
While Nathan-Cammarota substantially disclose the claimed invention Nathan-Cammarota does not disclose (re. Claim 9,21) wherein the encryption key is a public encryption key.
Avetisov Paragraph 23 disclosed wherein the QR code may encode a ciphertext of a challenge code, for example, one encrypted with a public key of an asymmetric cryptographic key pair corresponding to the user.
Avetisov disclosed (re. Claim 9,21) wherein the encryption key is a public encryption key.(Avetisov-Paragraph 23,the QR code may encode a ciphertext of a challenge code, for example, one encrypted with a public key of an asymmetric cryptographic key pair corresponding to the user.)
Nathan and Avetisov are analogous art because they both present concepts and practices regarding using a client device for registering a target device.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Avetisov into Nathan-Cammarota.  The motivation for the said combination would have been to enable mitigate known issues by conveying a high-entropy, single-use value from the authentication server, to the user's smartphone (or other computing device serving a similar role, like an augmented reality headset or other wearable computing device) via (e.g., wirelessly, like with an optical code) the user's network-connected computing device upon which the user seeks to be authenticated and, then, causing the user's smartphone (or other computing device serving a similar role) to perform a transformation on that high-entropy value that produces an output demonstrating proof of possession of a cryptographic key. (Avetisov-Paragraph 22)

 	While Nathan-Cammarota-Avetisov substantially disclose the claimed invention Nathan-Cammarota-Avetisov does not disclose (re. Claim 9,21) wherein the server is decrypting the encrypted login credentials with a private encryption key corresponding to the public encryption key to obtain the login credentials of the camera.
 	Pattar Figure 6,Paragraph 80 disclosed a process for registration of a storage device (e.g., storage device 114) may be initiated at device 104. Device 104 may implement an application (e.g., a client) that uses access management client 106. Device 104 may operate based on interaction with an interface of the application. The interaction may provide input to request a process for registration of storage devices.
 	 
 	Pattar disclosed (re. Claim 9,21) wherein the server is decrypting the encrypted login credentials with a private encryption key corresponding to the public encryption key to obtain the login credentials of the camera.( Pattar-Paragraph 53, Storage device registration handler 144 may be equipped with cryptography capabilities to encrypt and decrypt communications with access management client 106. Security data may be stored in storage device data 180, Paragraph 88, Security data may include security key data. Security key data (e.g., one or more security keys) may be generated for each storage device that is registered. For example, a key pair may be generated for the user with respect to a storage device being registered. ) 
 	Nathan and Pattar are analogous art because they both present concepts and practices regarding using a client device for registering a target device.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Pattar into Nathan-Cammarota.  The motivation for the said combination would have been to enable the storage device to perform password-less authentication for subsequent attempts to access resources at a client.
 	
Claims 10,22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Nathan (USPGPUB 2020/0137354) further in view of Cammarota (USPGPUB 2018/0109381) further in view of Madar (USPGPUB 2017/0278365).
 	In regard to Claim 10,22
Nathan-Cammarota disclosed (re. Claim 10,22) transmitting, by the mobile device, camera location information (Nathan-Paragraph 96, camera configuration can include  the location identification code , Paragraph 97, camera and server can then take the locale code to setup the default system server URL depending on the location of the camera)  to the server, wherein the camera location information transmitted to the server by the mobile device comprises a geolocation of the mobile device that identifies or estimates a real-world geographical location of the camera,  (Nathan-Paragraph 96, camera configuration can include  the location identification code , Paragraph 97, camera and server can then take the locale code to setup the default system server URL depending on the location of the camera)   
While Nathan-Cammarota substantially disclose the claimed invention Nathan-Cammarota does not disclose (re. Claim 10,22) wherein the server is configured to store the camera location information including the geolocation of the mobile device in association with a new camera entry for enrolling the camera.

Madar Paragraph 56 disclosed wherein additional information, such as where the surveillance camera 103-1 is installed is also sometimes entered at the user device 400 and sent to the registration server 314. Other information such as a name for the surveillance camera, the type and model of surveillance camera 103 should also be passed to the registration server 314 and stored to the registration database 316. 	Madar disclosed (re. Claim 10,22) wherein the server is configured to store the camera location information including the geolocation of the mobile device in association with a new camera entry for enrolling the camera.( Madar-Paragraph 56,additional information, such as where the surveillance camera 103-1 is installed is also sometimes entered at the user device 400 and sent to the registration server 314. Other information such as a name for the surveillance camera, the type and model of surveillance camera 103 should also be passed to the registration server 314 and stored to the registration database 316.) 
Nathan and Madar are analogous art because they both present concepts and practices regarding using a client device for registering a target device.  At the time of the effective filing date of the claimed invention it would have been obvious to combine Madar into Nathan.  The motivation for the said combination would have been to enable other services to be made available to the surveillance camera 103-1 such as image analytics provided by the cloud video analytics system 312.  (Madar-Paragraph 61)


Conclusion

Examiner’s Note: In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Please refer to the enclosed PTO-892 form.
 
 Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREG C BENGZON whose telephone number is (571)272-3944.  The examiner can normally be reached on Monday - Friday 8 AM - 4:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached on (571) 272-3964.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


	/GREG C BENGZON/           Primary Examiner, Art Unit 2444                                                                                                                                                                                             
/JOHN A FOLLANSBEE/Supervisory Patent Examiner, Art Unit 2444