DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-16 are pending.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 29 October 2020, 16 December 2021, and 27 June 2022 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-12 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Benari et al. (US 20150106911) in view of Medvinsky et al. (US 20170346641).
As per claims 1, 14, and 15, Benari et al. discloses a provisioning system, method and device for provisioning a data processing entity from a set of data processing entities, the data provisioning device comprising: a network interface, the network interface being configured to receive the provisioning data for provisioning the data processing entity, and control information, the control information indicating a processing scheme to be deployed by the data provisioning device when provisioning the data processing entity (see paragraphs [0033] and [0036]-[0037] numerals 335-345); 
a processor being configured to process the provisioning data according to the control information to obtain processed provisioning data, to obtain processed provisioning data (see paragraph [0033] generating the outgoing provisioning response and paragraph [0037] numeral 350 the modification according to the access rules); and 
a device interface being configured to transmit the processed provisioning data to the data processing entity (see paragraphs [0033] and [0037] numeral 355).
While Benari et al. generally discloses the use of encryption, there lacks an explicit teaching of a joint encryption key being associated with the joint decryption key and cryptographically encrypt the processed provisioning data using the received joint encryption key to obtain encrypted processed provisioning data; and a device interface being configured to transmit the encrypted processed provisioning data to the data processing entity.
However, Medvinsky et al. teaches the use of a joint encryption key being associated with the joint decryption key and cryptographically encrypt the processed provisioning data using the received joint encryption key to obtain encrypted processed provisioning data; and a device interface being configured to transmit the encrypted processed provisioning data to the data processing entity (see paragraphs [0015] and [0040]-[0046] where the group key corresponds to the joint key).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include the encryption of Medvinsky et al. in the Benari et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to allow for added protection between the provisioning device and the processing entities.
As per claim 2, the modified Benari et al. and Medvinsky et al. system discloses the network interface is arranged for network communications according to a network protocol, and/or wherein the device interface is arranged for device-to-device communications including a serial bus interface (see Benari et al. paragraph [0021]).
As per claim 3, the modified Benari et al. and Medvinsky et al. system discloses the network interface is arranged for network communications according to a network protocol, but fails to explicitly disclose the use of a wired interface. However, Official Notice is taken that at a time before the effective filing date it would have been obvious to use a wired interface in the modified Benari et al. and Medvinsky et al. system as it is a common and well known network interface type.
As per claim 4, the modified Benari et al. and Medvinsky et al. system discloses the provisioning data comprises a public key certificate including a root of trust certificate according to a public key infrastructure, jointly identifying all data processing entities in the set of data processing entities, and wherein the processor is configured to cryptographically encrypt the processed provisioning data using the public key certificate with the received encryption key to obtain the encrypted processed provisioning data (see Medvinsky et al. paragraphs [0023], [0033], and [0043] where the certificate is used as part of the encryption of the provisioning data).
As per claims 5-7, the modified Benari et al. and Medvinsky et al. system discloses the data processing entity comprises an individual decryption key assigned only to the data processing entity, wherein the network interface is configured to further receive an individual encryption key associated with the individual decryption key of the data processing entity, wherein the provisioning data comprises a data portion only for the data processing entity, and wherein the processor is further configured to encrypt the data portion using the individual encryption key, wherein the control information indicates that the individual encryption key is associated with the data processing entity, and  wherein the processor is configured to encrypt the data portion using the individual encryption key prior to encrypting the provisioning data using the joint encryption key in order to process the provisioning data (see Medvinsky et al. paragraphs [0040]-[0042] and [0046] where there is encryption using the individual key).
As per claims 8-11, the modified Benari et al. and Medvinsky et al. system discloses the uses of signatures and signature keys for verifying the signatures in order to maintain integrity (see Medvinsky et al. paragraphs [0032]-[0033]), but fails to explicitly disclose the signature is provided over the provisioning data.  However, Official Notice is taken that it would have been obvious to one of ordinary skill in the art to include a signature over the provisioning data in the modified Benari et al. and Medvinsky et al. system. Motivation to do so would have been to ensure the integrity of the provisioning data.
As per claim 12, the modified Benari et al. and Medvinsky et al. system discloses a first memory for storing the joint encryption key, and a second memory for storing the provisioning data including the encrypted processed provisioning data (see Medvinsky et al. Fig. 4 the different servers).
As per claim 14, the modified Benari et al. and Medvinsky et al. system fails to explicitly disclose the provisioning device is a portable hardware device. However, Official Notice is taken that at the time of the invention, it would have been obvious to one of ordinary skill in the art for the provisioning device to be a portable hardware device in order to allow for mobility between to-be provisioned devices.
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over the modified Benari et al. and Medvinsky et al. system as applied to claim 1 above, and further in view of Fogle-Weekley et al. (US 20180098218).
As per claim 13, the modified Benari et al. and Medvinsky et al. system discloses the provisioning of multiple processing entities, but fails to explicitly disclose the data processing entity is a first data processing entity in the set of data processing entities, wherein the set of data processing entities comprises a second data processing entity, wherein the provisioning data comprises first provisioning subdata for provisioning the first data processing entity and second provisioning subdata for provisioning the second data processing entity, wherein the control information indicates the first and second data processing entity or a number of data processing entities to be provisioned in the set of data processing entities, wherein the processed provisioning data forms first processed provisioning data, wherein the encrypted processed provisioning data forms encrypted first processed provisioning data, wherein the processor is configured to process the second provisioning subdata to obtain processed second provisioning data and to cryptographically encrypt the processed second provisioning data using the received joint encryption key to obtain encrypted second processed provisioning data, and wherein the device interface is configured to transmit the encrypted first processed provisioning data only to the first data processing entity and to transmit the encrypted second processed provisioning data only to the second data processing entity, or to transmit the encrypted first and second processed provisioning data to both data processing entities.
However, Fogle-Weekley et al. teaches the data processing entity is a first data processing entity in the set of data processing entities, wherein the set of data processing entities comprises a second data processing entity, wherein the provisioning data comprises first provisioning subdata for provisioning the first data processing entity and second provisioning subdata for provisioning the second data processing entity, wherein the control information indicates the first and second data processing entity or a number of data processing entities to be provisioned in the set of data processing entities, wherein the processed provisioning data forms first processed provisioning data, wherein the encrypted processed provisioning data forms encrypted first processed provisioning data, wherein the processor is configured to process the second provisioning subdata to obtain processed second provisioning data (see paragraphs [0117]-[0118]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include multiple provisioning subdata in the modified Benari et al. and Medvinsky et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to allow the generation of a single master provisioning data set rather than generating multiple thereby saving time.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: the remaining references put forth on the PTO-892 form are directed to provisioning of devices.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J PYZOCHA whose telephone number is (571)272-3875. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached on (571) 270-3618. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Michael Pyzocha/               Primary Examiner, Art Unit 2419