DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the instant Amendment, claims 1, 7-8, 14 and 20 have been amended; and claims 1, 8 and 14 are independent claims.  Claims 1-20 have been examined and are pending.  This Action is made FINAL.

Response to Arguments
The DP will be held in abeyance until the claims are otherwise found to be allowable.   
Applicants’ arguments in the instant Amendment, filed on 07/20/2022, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant’s arguments: “Luo in view of Idnani does not disclose or suggest wherein the gateway credentials are securely relayed unexposed to users of the client device, as recited in amended claim 1.” 
The Examiner disagrees with the Applicants. The Examiner respectfully submits that Idnani discloses wherein the gateway credentials are securely relayed unexposed to users of the client device (Idnani: ¶0072 securely sending to the terminal device, one or more parameters that enable wireless access by the terminal device to wireless access point functionality of the gateway device [] and acting as a proxy for the end user by automatically registering the terminal device to the end user account of the Internet based service without additional end user involvement). More specifically, Idnani discloses the gateway device may continuously or periodically scan for Wi-Fi APs sending a particular beacon transmission with a known SSID format or pattern (e.g., IoT_1234). An IoT device [] may transmit the particular beacon using what is referred to herein as a "Wi-Fi Soft AP." When the gateway device finds such an AP beacon, the gateway device may then connect to the IoT device [] as a Wi-Fi station (STA), and may provide the credentials of the Wi-Fi network of the end-users to the IoT device. The IoT device may then use the end-user WiFi network to connect to the Internet and through the Internet to the IoT system of a service provider [0032], the IoT system is aware of the presence of the gateway device as a network element of the end-user, and works cooperatively with the gateway device to automatically register IoT devices that the gateway device discovers and identifies to the Io T system [0067] and method of automatic association of new IoT devices with an end-user account at an IoT system, based on an IP address of the IoT device and an IP address of another IoT device previously associated with the end-user at the IoT system [0071]. Therefore as the metes and bounds of the limitation of been met as noted above; the examiner finds this argument not persuasive.

Applicant’s arguments: “Luo in view of Idnani does not disclose or suggest the gateway credentials correspond to a management service that is unassociated with any person, as recited in amended claim 1.” 
The Examiner respectfully submits that applicant’s arguments with respect to the limitation the gateway credentials correspond to a management service that is unassociated with any person is moot due to absent of aforementioned limitation in amended claim 1. Therefore as the metes and bounds of the limitation of been met as noted above; the examiner finds this argument not persuasive.

The amended claims 1, 7, 8, 14, and 20 have been addressed in rejection below.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.


Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 10708261. Although the claims at issue are not identical, they are not patentably distinct from each other because all limitations recited in claims 1, 8 and 14 of the instant application are encompassed all limitations recited in claims 1, 8 and 14 of the patent ‘261, respectively (please refer to comparison table below for details).

Instant Application 16/911552


Patent No. 10708261


Claim 1:  A system, comprising
 at least one computing device comprising at least one processor; and
a data store comprising instructions, wherein the instructions, when executed by the at least one processor, cause the at least one computing device to at least:




identify a gateway identifier that uniquely identifies a gateway;
transmit, from a client device to a management service, a request for gateway credentials, wherein the request comprises the gateway identifier; and

relay, by the client device, the gateway credentials from the management service to the gateway device, wherein the gateway credentials are securely relayed unexposed to users of the client device


Claim 1: A system, comprising:
at least one computing device of a client device; and
a data store of the client device, the data store comprising instructions executable by the at least one computing device, wherein the instructions, when executed, cause the at least one computing device to:
retrieve an onboarding token using a request for the onboarding token that is authenticated based on user credentials associated with a user account with a management service;
cause a gateway account to be created using a request to create the gateway account, wherein the request to create the gateway account is transmitted to the management service, wherein the request to create the gateway account comprises a gateway identifier that uniquely identifies a gateway, and wherein the request to create the gateway account is authenticated based on the onboarding token;
relay gateway credentials for the gateway account from the management service to the gateway, wherein the gateway credentials authenticate communications between the gateway and the management service, and wherein the gateway credentials are stored in the data store of the client device and concealed from users of the client device; and
remove the gateway credentials from the data store based on an event comprising at least one of: a transmission of the gateway credentials to the gateway, a confirmation from the gateway that the gateway credentials are received by the gateway, or a confirmation from the management service that the gateway has checked in using the gateway credentials.

Claim 8:  A non-transitory computer-readable medium comprising executable instructions, wherein the instructions, when executed by at least one processor, cause the at least one computing device to at least:




identify a gateway identifier that uniquely identifies a gateway;
transmit, from a client device to a management service, a request for gateway credentials, wherein the request comprises the gateway identifier; and


relay, by the client device, the gateway credentials from the management service to the gateway device, wherein the gateway credentials are securely relayed unexposed to users of the client device.











Claim 14:  A method implemented using a client device, the method comprising:




identifying a gateway identifier that uniquely identifies a gateway;
transmitting, from a client device to a management service, a request for gateway credentials, wherein the request comprises the gateway identifier; and


relaying, by the client device, the gateway credentials from the management service to the gateway device, wherein the gateway credentials are securely relayed unexposed to users of the client device.
        
Claim 8:  A non-transitory computer-readable medium embodying instructions executable in at least one computing device of a client device wherein the instructions, when executed, cause the at least one computing device to:
retrieve an onboarding token using a request for the onboarding token that is authenticated based on user credentials associated with a user account with a management service;
cause a gateway account to be created using a request to create the gateway account, wherein the request to create the gateway account is transmitted to the management service, wherein the request to create the gateway account comprises a gateway identifier that uniquely identifies a gateway, and wherein the request to create the gateway account is authenticated based on the onboarding token;
relay gateway credentials for the gateway account from the management service to the gateway, wherein the gateway credentials authenticate communications between the gateway and the management service, and wherein the gateway credentials are stored in a data store of the client device and concealed from users of the client device; and
remove the gateway credentials from the data store based on an event comprising at least one of: a transmission of the gateway credentials to the gateway, a confirmation from the gateway that the gateway credentials are received by the gateway, or a confirmation from the management service that the gateway has checked in using the gateway credentials.
Claim 14:  A method implemented using a client device, the method comprising:
retrieving an onboarding token using a request for the onboarding token that is authenticated based on user credentials associated with a user account with a management service;
causing a gateway account to be created using a request to create the gateway account, wherein the request to create the gateway account is transmitted to the management service, wherein the request to create the gateway account comprises a gateway identifier that uniquely identifies a gateway, and wherein the request to create the gateway account is authenticated based on the onboarding token; and
relaying gateway credentials for the gateway account from the management service to the gateway, wherein the gateway credentials authenticate communications between the gateway and the management service, and wherein the gateway credentials are stored in a data store of the client device and concealed from users of the client device; and
removing the gateway credentials from the data store based on an event comprising at least one of: a transmission of the gateway credentials to the gateway, a confirmation from the gateway that the gateway credentials are received by the gateway, or a confirmation from the management service that the gateway has checked in using the gateway credentials.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person.


This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-4, 7-11, 14-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Luo et al. (“Luo,” US 2019/0281455) in view of Idnani et al. (“Idnani,” US 2017/0353859).

Regarding claim 1: Luo discloses a system, comprising:
at least one computing device comprising at least one processor; and a data store comprising instructions, wherein the instructions, when executed by the at least one processor (Luo: fig. 4; ¶0043 a gateway device 402 can include an internal communication IF 446, an external IF 448, a processor system 444, and a memory system 428), cause the at least one computing device to at least:
identify a gateway identifier that uniquely identifies a gateway device (Luo: ¶0047 secure storage region 428-2 can store identification and encryption data for the gateway device 402);
transmit, from a client device to a management service, a request for gateway credentials, wherein the request comprises the gateway identifier (Luo: ¶0056 a user device starting a program that can locate and connect with a gateway server [] such an action can include a user device receiving a network address (e.g., private IP address or URL) for the gateway server and operating a web browser to contact the gateway server); 
relay, by the client device, the gateway credentials from the management service to the gateway device (Luo: ¶0058 setting up a secure connection to the gateway server with the user device acting as an intermediary (action 662-6); ¶0083 a user device [] starts relaying TLS messages between the gateway server and the gateway device 962-16 to -19; ¶0060 a gateway device can receive a credential from a gateway server (action 662-10)); and
deleted from the client device upon detection of a predetermined event (Luo: ¶0098 received account information can then be stored in secure memory of the gateway device 962-52. After the user account information is securely saved in the gateway device [] until the user account is deleted by the legitimate user (i.e., the gateway device can only be decommissioned by the original user who commissioned it)).
Luo does not explicitly disclose wherein the gateway credentials are securely relayed unexposed to users of the client device.
However, Idnani discloses wherein the gateway credentials are securely relayed unexposed to users of the client device (Idnani: ¶0072 securely sending to the terminal device, one or more parameters that enable wireless access by the terminal device to wireless access point functionality of the gateway device [] and acting as a proxy for the end user by automatically registering the terminal device to the end user account of the Internet based service without additional end user involvement).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Idnani with the system/method of Luo to include the gateway credentials are securely relayed unexposed to users of the client device.
One would have been motivated to automatically and securely registering or associating an Internet of Things (Io T) device with a user account on a remote Io T system (Idnani: ¶0023).
 
Regarding claim 2: Luo in view of Idnani discloses the system of claim 1.
Luo further discloses identify an onboarding endpoint of the management service associated with a customer identifier of an enterprise, wherein the request for gateway credentials is transmitted to the onboarding endpoint (Luo: ¶0059 action 662-4 can include a user device establishing a connection to the gateway server at a particular endpoint (e.g., socket). Once the gateway 3P attestation protocol starts, action 662-6 can create a connection to a different endpoint ( e.g., an endpoint indicated for or dedicated to, authentication of gateway and possibly other devices)).

Regarding claim 3: Luo in view of Idnani discloses the system of claim 2.
Luo further discloses wherein the customer identifier is manually entered through a user interface element generated on the client device (Luo: ¶0128 the user can enter password in the gateway device's Web interface as authentication credential).

Regarding claim 4: Luo in view of Idnani discloses the system of claim 1.
Luo further discloses wherein the gateway identifier is identified based on the gateway identifier being manually entered through a user interface element generated on the client device (Luo: ¶0054 a user device detecting a gateway device [] including entering a predetermined network address into an application running on the user device).

Regarding claim 7: Luo in view of Idnani discloses the system of claim 1.
Luo further discloses predetermined event comprises: a transmission of the gateway credentials to the gateway, a confirmation that the gateway received the gateway credentials, or a confirmation that the gateway has checked in with the management service using the gateway credentials (Luo: ¶0083 a user device [] starts relaying TLS messages between the gateway server and the gateway device 962-16 to -19; ¶0060 a gateway device can receive a credential from a gateway server (action 662-10)).

Regarding claim 8: Luo discloses a non-transitory computer-readable medium comprising executable instructions, wherein the instructions, when executed by at least one processor, cause the at least one computing device to at least:
identify a gateway identifier that uniquely identifies a gateway (Luo: ¶0047 secure storage region 428-2 can store identification and encryption data for the gateway device 402);
transmit, from a client device to a management service, a request for gateway credentials, wherein the request comprises the gateway identifier (Luo: ¶0056 a user device starting a program that can locate and connect with a gateway server [] such an action can include a user device receiving a network address (e.g., private IP address or URL) for the gateway server and operating a web browser to contact the gateway server); and
relay, by the client device, the gateway credentials from the management service to the gateway device (Luo: ¶0058 setting up a secure connection to the gateway server with the user device acting as an intermediary (action 662-6); ¶0083 a user device [] starts relaying TLS messages between the gateway server and the gateway device 962-16 to -19; ¶0060 a gateway device can receive a credential from a gateway server (action 662-10)); and
deleted from the client device upon detection of a predetermined event (Luo: ¶0098 received account information can then be stored in secure memory of the gateway device 962-52. After the user account information is securely saved in the gateway device [] until the user account is deleted by the legitimate user (i.e., the gateway device can only be decommissioned by the original user who commissioned it)).
Luo does not explicitly disclose wherein the gateway credentials are securely relayed unexposed to users of the client device.
However, Idnani discloses wherein the gateway credentials are securely relayed unexposed to users of the client device (Idnani: ¶0072 securely sending to the terminal device, one or more parameters that enable wireless access by the terminal device to wireless access point functionality of the gateway device [] and acting as a proxy for the end user by automatically registering the terminal device to the end user account of the Internet based service without additional end user involvement).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Idnani with the system/method of Luo to include the gateway credentials are securely relayed unexposed to users of the client device.
One would have been motivated to automatically and securely registering or associating an Internet of Things (Io T) device with a user account on a remote IoT system (Idnani: ¶0023).

Regarding claims 9-11: Claims 9-11 are similar in scope to claims 2-4, respectively, and are therefore rejected under similar rationale.

Regarding claim 14: A method implemented using a client device, the method comprising:
identifying a gateway identifier that uniquely identifies a gateway device (Luo: ¶0047 secure storage region 428-2 can store identification and encryption data for the gateway device 402);
transmitting, from a client device to a management service, a request for gateway credentials, wherein the request comprises the gateway identifier (Luo: ¶0056 a user device starting a program that can locate and connect with a gateway server [] such an action can include a user device receiving a network address (e.g., private IP address or URL) for the gateway server and operating a web browser to contact the gateway server); and
relaying, by the client device, the gateway credentials from the management service to the gateway device (Luo: ¶0058 setting up a secure connection to the gateway server with the user device acting as an intermediary (action 662-6); ¶0083 a user device [] starts relaying TLS messages between the gateway server and the gateway device 962-16 to -19; ¶0060 a gateway device can receive a credential from a gateway server (action 662-10)); and
deleted from the client device upon detection of a predetermined event (Luo: ¶0098 received account information can then be stored in secure memory of the gateway device 962-52. After the user account information is securely saved in the gateway device [] until the user account is deleted by the legitimate user (i.e., the gateway device can only be decommissioned by the original user who commissioned it)).
Luo does not explicitly disclose wherein the gateway credentials are securely relayed unexposed to users of the client device.
However, Idnani discloses wherein the gateway credentials are securely relayed unexposed to users of the client device (Idnani: ¶0072 securely sending to the terminal device, one or more parameters that enable wireless access by the terminal device to wireless access point functionality of the gateway device [] and acting as a proxy for the end user by automatically registering the terminal device to the end user account of the Internet based service without additional end user involvement).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Idnani with the system/method of Luo to include the gateway credentials are securely relayed unexposed to users of the client device.
One would have been motivated to automatically and securely registering or associating an Internet of Things (Io T) device with a user account on a remote IoT system (Idnani: ¶0023).

Regarding claims 15-17: Claims 15-17 are similar in scope to claims 2-4, respectively, and are therefore rejected under similar rationale.

Regarding claim 20: Claim 20 is similar in scope to claim 7, and is therefore rejected under similar rationale.

Claims 5-6, 12-13 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Luo et al. (“Luo,” US 2019/0281455) in view of Idnani et al. (“Idnani,” US 2017/0353859) and Stewart et al. (“Stewart,” US 2012/0278454).

Regarding claim 5: Luo in view of Idnani discloses the system of claim 1.
Luo in view of Idnani does not explicitly disclose capture an image of the gateway, wherein the image of the gateway is analyzed to identify the gateway identifier.
However, Stewart discloses capture an image of the gateway, wherein the image of the gateway is analyzed to identify the gateway identifier (Stewart: ¶0209 the picture of the gateway device may be of an image on the gateway device that uniquely identifies the gateway device. For example, the image may be a scan code, such as a bar code, a quick response (QR) code, etc. [] the picture may be taken by any of various devices, such as a camera, smart phone, or any device with image capturing capabilities).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Stewart with the system/method of Luo and Idnani to include capture an image of the gateway, wherein the image of the gateway is analyzed to identify the gateway identifier.
One would have been motivated to providing systems and methods for configuring or managing gateway devices at various locations (Stewart: ¶0003).

Regarding claim 6: Luo in view of Idnani and Stewart discloses the system of claim 5.
Stewart further discloses wherein the gateway identifier is identified based on a machine-readable identifier in the image, and wherein the gateway identifier is encoded in the machine-readable identifier (Stewart: ¶0209 the scan code may encode a unique identification code for the gateway device (e.g., a serial number or other unique identifier)).
The motivation is the same that of claim 5 above.
Regarding claims 12-13: Claims 12-13 are similar in scope to claims 5-6, respectively, and are therefore rejected under similar rationale.

Regarding claims 18-19: Claims 18-19 are similar in scope to claims 5-6, respectively, and are therefore rejected under similar rationale.


Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439  



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439