Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 08/08/2022 has been entered.

Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 4, 6-7, 8, 11, 13-14, 15, 18, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gehrmann in view of Ballard (US 2015/0244708)


 

Regarding Claim 1,
Gehrmann (US 2008/0260149) teaches a method comprising:
assigning, by a credential manager, credential set data to a computing device (Paragraph [0027] teaches the directory server assigning batches of device records for mobile devices)
mapping the credential set data to a device identifier key associated with the computing device in a credential data store accessible by the credential manager (Paragraph [0026] teaches device record includes temporary identifier and a secret key mapped to mobile device)
receiving, by the credential manager from the computing device, a credential set request message that includes the device identifier key and that is generated by a service provisioning service client in the computing device by the credential manager in response to an activation of the computing device at a customer location site (Paragraph [0045]. Figure 8, step 6 and 7, teaches a method configured inside the computing device for requesting the message)(Paragraph [0035] teaches activation); and
sending, by the credential manager to the computing device, the credential set data for authenticating the computing device at the customer location site (Paragraph [0051-0053], Figure 8, steps 8 and 9, teaches returning a temporary packet data access to the mobile device for authentication)
Gehrmann does not explicitly teach establishing credential set data corresponding to a computing device at a manufacturing site; wherein the computing device is not provisioned with the credential data set at the manufacturing site, the credential set data includes a username and password
Ballard (US 2015/0244708) teaches establishing credential set data corresponding to a computing device at a manufacturing site (Paragraph [0039] manufacture establishes a delegation service for the devices it manufactures)(Fig. 2B and associated text, especially 213 teaches delegation service maps credential set data corresponding to computing device)
 wherein the computing device is not provisioned with the credential data set at the manufacturing site, (Fig. 2A, 201, device is activated and device is not provisioned with credential data from the manufacturing site) the credential set data includes a username and password (Paragraph [0036], Fig. 2B 216, 217)
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Gehrmann with the credential provisioning not at the manufacturing site
The motivation is to enable zero-touch or fully automatic device set up (Paragraph [0036] of Ballard)

Regarding Claim 4,

    	Gehrmann teaches the method of claim 1 comprising transporting the computing device from a manufacturer location site associated with the credential manager to the customer location site (Paragraph [0033, 0036]).

Regarding Claim 6,

    Gehrmann teaches the method of claim 1 wherein the provisioning service client resides in at least one of the computing device and a host device supporting the computing device (Paragraph [0034] teaches wherein the trusted module is inside the mobile device).


Regarding Claim 7,

 Gehrmann teaches the method of claim 1 wherein the credential set data is provided to the provisioning service client in either a plaintext format or an encrypted format (Paragraph [0052]).

Regarding Claims 8, 11, 13-14,
Claims 8, 11, 13-14 are similar in scope to Claims 1, 4, 6-7 and are rejected for a similar rationale.

Regarding Claims 15, 18, 20

Claims 15, 18, 20 are similar in scope to Claims 1, 4, 6 and are rejected for a similar rationale.


Claim 2, 9, 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gehrmann, in view of Ballard in view of Liberman (US 2013/0036458).

Regarding Claim 2,

Gehrmann and Ballard teaches the method of claim 1 but does not explicitly teach comprising prompting a user entity to reset the credential set data in accordance to an established security policy.
Liberman (US 2013/0036458) teaches prompting a user entity to reset the credential set data in accordance to an established security policy (Figure 24 and associated text).
It would have been obvious to one of ordinary skill before the effective filing date of the invention to modify Gerhmann with the resetting policy of Liberman
The motivation is provide a new credential set

Regarding Claims 9 and 16,

Claims 9 and 16 are similar in scope to Claim 2 and is rejected for a similar rationale.

Claim 3, 10, 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gehrmann, in view of Ballard in view of Perkins (US 2003/0163566).

Regarding Claim 3,

 Gehrmann and Ballard teaches the method of claim 1 but does not explicitly teach comprising deleting an entry containing the credential set data from the credential data store after the credential manager sends the credential set data to the provisioning service client.
Perkins (US 2003/0163566) teaches deleting an entry containing the credential set data from the credential data store after the credential manager sends the credential set data to the provisioning service client (Paragraph [0040-0041]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Gehrmann with the credential manager deleting method of Perkins
The motivation is to improve the security policy of the credential manager.

Regarding Claims 10 and 17,

Claims 10 and 17 are similar in scope to Claim 3 and is rejected for a similar rationale.


Claim 5, 12, 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Gehrmann, in view of Ballard in view of Bhuyan (US 2010/0263032).


Regarding Claim 5,

Gehrmann and Ballard teaches the method of claim 1 but does not explicitly teach wherein the credential set data includes a unique username and a unique password solely associated to the computing device.

Bhuyan (US 2010/0263032) teaches wherein the credential set data includes a unique username and a unique password solely associated to the computing device (Paragraph [0016] teaches wherein username and password is associated with the computing device).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify Gehrmann with the username and password associated with the computing device taught by Bhuyan.

The motivation is determine if the device is authentication

Regarding Claims 12 and 19,

Claims 12 and 19 are similar in scope to Claim 5 and is rejected for a similar rationale.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARRIS C WANG whose telephone number is (571)270-1462. The examiner can normally be reached M-F 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/HARRIS C WANG/Primary Examiner, Art Unit 2439