DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 09/30/2022 has been entered.

Status of Claims:
Claims 1-22 are pending in this Office Action.
Claims 1, 8, 15, 18-19, 21, and 22 are amended.
Claims 1-22 are rejected. 

Response to Arguments
Applicant’s arguments filed in the amendment filed 09/30/2022, have been fully considered but are moot in view of new grounds of rejection. The reasons set forth below.


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-7 and 21-22 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 1 recites the limitation “receiving, at the on-premise device provisioning service”. There is insufficient antecedent basis for this limitation in the claim.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-3, 8-10, 15-17 and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over Aiken et al. (U.S. Publication 2019/0179610) in view of Boyle et al. (U.S. Publication 2003/0070063) [Applicant’s IDS].
As per claim 1, Aiken discloses a method of provisioning an on-premise device within an on-premise communications network (Device provisioning will be taught later. Aiken: Fig. 1 and paragraphs 0014, 0019-0020, 0054; a local hub may be located within a home or other premises and is used to control other collocated devices using a local network. The local network in the home is an on-premise communications network and the other devices are the other devices in the home with a local connection), the method comprising:
connecting, via a network connection, an on-premise gateway system (Aiken: Fig. 1 and paragraphs 0014, 0019-0020, 0054; a local hub may be located within a home or other premises and is used to control other collocated devices using a local network…paragraph 0074; hub communicates with wireless access point, which is a gateway…paragraphs 0022-0023; the hub may communicate with a remote system over a wide area network such as the internet, which is a network connection to an off-premise system) in the on-premise communications network (Aiken: Fig. 1 and paragraphs 0014, 0019-0020, 0054; a local hub may be located within a home or other premises and is used to control other collocated devices using a local network) with an off-premise device provisioning service system in an off-premise communications network (Device provisioning will be taught later. Aiken: paragraph 0036; remote system includes an authoritative device store of devices related to the hub’s account. Examiner asserts that the authoritative device store suggests a provisioning, but regardless will supplement the provisioning teaching later…paragraph 0022; remote system is part of a platform that provides cloud services, which is an off-premise communications network. Further, the internet is an off-premises communications network), wherein the off-premise device provisioning service system is configured to register the on-premise device for use with off-premise solutions inaccessible by the on-premise device via the off-premise communications network while the network connection is disconnected (Aiken: Fig. 2 and paragraphs 0024-0027, 0046-0048, 0055-0056; Either the local or the remote system can generate a directive. The local system is used when the remote system is unavailable…paragraph 0036; remote system includes an authoritative device store of devices related to the hub’s account, which is a registration of an on-premise device. Therefore, the off-premise system registers devices and that registration allows for use with off-premise solutions that are inaccessible when the network connection is unconnected. See also Boyle, paragraph 0030-0032, 0035; DHCP server assigns an IP address to a device to be configured, which is a registration);
disconnecting the network connection between the on-premise communications network and the off-premise communications network (Aiken: Fig. 4 and paragraphs 0071-0075; System determines whether a wide area connection is available, which suggests a disconnection can be made between the on-premise network and the off-premise network. See also Boyle: Fig. 5 and paragraphs 0025-0028, 0038; Central server is unavailable... paragraph 0004; power outage or communication line cut);
wherein provisioning operation includes registering the on-premise device for use with on-premise solutions accessible to the on-premise device via the on-premise communications network while the network connection is disconnected (Aiken: Paragraph 0036; remote system includes an authoritative device store of devices related to the hub’s account, which is a registration of an on-premise device. Therefore, the off-premise system registers devices and that registration allows for use with off-premise solutions that are inaccessible when the network connection is unconnected. See also Boyle: paragraphs 0030-0032, 0035; DHCP server assigns an IP address to a device to be configured, which is a registration).
However Aiken does not explicitly mention device provisioning or communicating one or more device provisioning records.
However Boyle teaches:
provisioning, by the on-premise device provisioning service of the on-premise gateway system, the on-premise device based on the one or more device provisioning records, while the network connection is disconnected, responsive to receiving the provisioning request (Boyle: paragraphs 0025-0028, 0032, 0038; system provisions using the locally cached configuration file when the network connection is unavailable),
an off-premise device provisioning service system; provisioning, by the on-premise device provisioning service (Off-premise and On-Premise was previously taught. Boyle: paragraphs 0025-0028, 0032; System provisions a device…Figs. 2, 3c and paragraphs 0025-0028; The central server provides configuration files to the provisioning server. The provisioning server caches configuration files and if the remote central server is unavailable it will use its locally stored configuration files to provision the device…paragraphs 0025-0028, 0030; system provisions using data known to remote server);
communicating one or more device provisioning records between the off-premise device provisioning service system and an on-premise device provisioning service of the on-premise gateway system via the network connection (Boyle: Figs. 2, 3C and paragraphs 0025-0028; The central server provides configuration files to the provisioning server. The provisioning server caches configuration files and if the remote central server is unavailable it will use its locally stored configuration files to provision the device. It would have been obvious to one of ordinary skill prior to the effective filing date to allow both the remote server and the hub of Aiken to provision devices to allow devices to be controlled by the account holder);
responding to a discovery request received from the on-premise device via the on- premise communications network, while the network connection is disconnected (Boyle: paragraph 0026, 0030; Request is received to connect an access device being booted to the network while the central server is unavailable. See also Aiken: paragraph 0048; request made while the remote system is unavailable);
receiving, at the on-premise device provisioning service of the on-premise gateway system, a provisioning request from the on-premise device via the on-premise communications network, while the network connection is disconnected, responsive to the responding operation (Boyle: Fig. 3C and paragraphs 0026, 0030-0031; DHCP Discover, followed by DHCP Request for an IP address. See also Aiken: Fig. 1 and paragraphs 0014, 0019-0020, 0054; a local hub may be located within a home or other premises and is used to control other collocated devices using a local network).
Therefore it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Boyle with the teachings as in Aiken. The motivation for doing so would have been for providing a communication of device provisioning records in order to allow the on-premise device to provision devices to be used even when no internet connection was available (Boyle: paragraph  0004-0005).
As per claim 2, the modified Aiken teaches the method of claim 1, wherein the operations of responding to the discovery request, receiving the provisioning request, and provisioning the on-premise device occur before the communicating operation and the disconnecting operation (Boyle: paragraph 0007, 0026; device is provisioned without receiving an updated configuration file…paragraph 0003; the majority of a configuration file remains the same. Therefore, provisioning can occur without receiving one or more files based on the stored files from a previous provisioning. Furthermore, it would have been obvious to one of ordinary skill prior to the effective filing date to include configuration files with the on-premise device in order to configure devices even if that device had not been configured before).
The same motivation to combine as the independent claim applies here.
And Aiken also teaches and the disconnecting operation. (Aiken: Fig. 2 and paragraphs 0024-0027, 0046-0048, 0055-0056; Either the local or the remote system can generate a directive. Thus the local system could do the provisioning even if the network was not disconnected because it could opt to perform the directive locally).
As per claim 3, the modified Aiken teaches the method of claim 1, and Boyle also teaches wherein the operations of responding to the discovery request, receiving the provisioning request, and provisioning the on-premise device occur after the communicating operation and the disconnecting operation (Boyle: paragraph 0026; if the central server is operable it sends updated configuration data in order to perform provisioning. See also Aiken: paragraph 0036; periodic syncing between the remote system and the local hub).
The same motivation to combine as the independent claim applies here.
With respect to claim 8, it is substantially similar to claim 1 and is rejected in the same manner, the same art and reasoning applying. Further, Aiken also teaches one or more hardware processors (Aiken: paragraph 0138; processor);
an off-premise network interface (Aiken: paragraphs 0023, 0145; TCP/IP. Internet communication);
an on-premise network interface configured (Aiken: paragraphs 0041, 0145; Wi-Fi, Bluetooth, RF, USB port, Zigbee).
Regarding claims 9-10, they are substantially similar to claims 2-3, respectively, and are rejected in the same manner, the same arts and reasoning applying. 
With respect to claim 15, it is substantially similar to claim 1 and is rejected in the same manner, the same art and reasoning applying. Further, Aiken also teaches one or more tangible processor-readable storage media of a tangible article of manufacture encoding processor-executable instructions for executing on an electronic computing device (Aiken: paragraph 0101; non-transitory media including a hard disk).
Regarding claims 16-17, they are substantially similar to claims 2-3, respectively, and are rejected in the same manner, the same arts and reasoning applying.
As per claim 21, the modified Aiken teaches the method of claim 1, wherein the on-premise solutions include another on-premise device operable to work with the on-premise device over the on-premise communications network based on the provisioning (Aiken: paragraphs 0020-0022; Collocated second device can be operated or automatically operated from local hub or from remote server...paragraph 0110; remote access may allow for streaming of a song, whereas a local access may play a snippet of a song as an alarm).
	As per claim 22, the modified Aiken teaches the method of claim 1, further comprising: provisioning, by the off-premise device provisioning service, the on-premise device to access off-premise resources while the network connection is connected (Boyle: paragraphs 0025-0028, 0030; system provisions using data known to remote server).
The same motivation to combine as the independent claim applies here.
and Aiken also teaches the on-premise device to access off-premise resources while the network connection is connected (Aiken: paragraph 0020-0022; Collocated second device can be operated or automatically operated from local hub or from remote server…paragraph 0110; remote access may allow for streaming of a song, whereas a local access may play a snippet of a song as an alarm).


Claims 4-7, 11-14, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Aiken et al. (U.S. Publication 2019/0179610), in view of Boyle et al. (U.S. Publication 2003/0070063) [Applicant’s IDS], and further in view of Worsley (U.S. Patent No. 9,064,117) [Applicant’s IDS].
As per claim 4, the modified Aiken teaches the method of claim 1.
However the modified Aiken does not explicitly mention wherein the provisioning operation comprises: authenticating the on-premise device using the one or more device provisioning records via the on-premise communications network.
However Worsley teaches:
wherein the provisioning operation comprises: authenticating the on-premise device using the one or more device provisioning records via the on-premise communications network (Worsley: col. 4, lines 45-48; target computers attempting to provision themselves from the provisioning service/authority 104 may need to authenticate with the provisioning service/authority 104 prior to provisioning).
Therefore it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Worsley with the teachings as in Aiken. The motivation for doing so would have been for providing authentication in order to provision devices in networks that are not yet secure (Worsley: col. 1, lines 22-24).
As per claim 5, the modified Aiken teaches the method of claim 1, wherein the one or more provisioning records are sourced from a gateway identity brokering system of the on-premise gateway system (Aiken: paragraph 0036; local hub may include a copy of a device registry for the account, which is an identity brokering system. See also Worsley citations below).
However the modified Aiken does not explicitly mention the provisioning operation comprises: registering a cryptographic identity of the on-premise device to access one or more in- gateway solutions.
However Worsley teaches:
the provisioning operation comprises: registering a cryptographic identity of the on-premise device to access one or more in- gateway solutions (Worsley: col. 7, lines 25-30; the authorization logic may provide an identification of the target computer 106 to the provisioning service/authority 104, and may receive in return an authorization to provision the target computer 106 as well as a designation of a particular boot image 134 that should be provided to the target computer 106…col. 7, lines 42-47; the provisioning device 102 may notify the provisioning service/authority 104 that certain credentials have been issued to a target computer 106, and may also provide an identification of the target computer 106 such as a MAC (media access control) address of the target computer 106…col. 10, lines 9-12; Security measures, including authentication and encryption procedures, may be used to ensure that only authorized devices are able to access the provisioning service/authority 104…col. 11, lines 38-42; An action 308 comprises identifying the connected target computer 106. For example, the target computer 106 may be configured to boot from the connected provisioning device 102, and during this process may report its MAC address or some other identifier to the provisioning device. See also Aiken, paragraphs 0020-0022; devices may be controlled or automatically controlled and may receive commands from a local user or the remote cloud…paragraph 0110; remote access may allow for streaming of a song, whereas a local access may play a snippet of a song as an alarm).
Therefore it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Worsley with the teachings as in Aiken. The motivation for doing so would have been for providing cryptographic identity in order to provision devices in networks that are not yet secure (Worsley: col. 1, lines 22-24).
As per claim 6, the modified Aiken teaches the method of claim 1, wherein the one or more provisioning records are sourced from an on-premise identity system communicatively coupled to the on-premise gateway system by the on-premise communications network, and the provisioning operation (Aiken: paragraph 0036; local hub may include a copy of a device registry for the account, which is an identity brokering system. See also Worsley citations below) comprises:
to access one or more on- premise solutions external to the on-premise gateway system (Aiken: paragraphs 0020-0022; devices may be controlled or automatically controlled and may receive commands from a local user or the remote cloud...paragraph 0110; remote access may allow for streaming of a song, whereas a local access may play a snippet of a song as an alarm),
wherein the one or more on- premise solutions are communicatively coupled to the on-premise gateway system by the on- premise communications network (paragraphs 0020-0022; devices may be controlled or automatically controlled and may receive commands from a local user or the remote cloud).
However the modified Aiken does not explicitly mention registering a cryptographic identity of the on-premise device.
However Worsley teaches:
registering a cryptographic identity of the on-premise device  (Worsley: col. 7, lines 25-30; the authorization logic may provide an identification of the target computer 106 to the provisioning service/authority 104, and may receive in return an authorization to provision the target computer 106 as well as a designation of a particular boot image 134 that should be provided to the target computer 106…col. 7, lines 42-47; the provisioning device 102 may notify the provisioning service/authority 104 that certain credentials have been issued to a target computer 106, and may also provide an identification of the target computer 106 such as a MAC (media access control) address of the target computer 106…col. 10, lines 9-12; Security measures, including authentication and encryption procedures, may be used to ensure that only authorized devices are able to access the provisioning service/authority 104…col. 11, lines 38-42; An action 308 comprises identifying the connected target computer 106. For example, the target computer 106 may be configured to boot from the connected provisioning device 102, and during this process may report its MAC address or some other identifier to the provisioning device).
Therefore it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Worsley with the teachings as in Aiken. The motivation for doing so would have been for providing cryptographic identity in order to provision devices in networks that are not yet secure (Worsley: col. 1, lines 22-24).
As per claim 7, the modified Aiken teaches the method of claim 1, to access one or more off-premise solutions (Aiken: paragraphs 0020-0022; devices may be controlled or automatically controlled and may receive commands from a local user or the remote cloud...paragraph 0110; remote access may allow for streaming of a song, whereas a local access may play a snippet of a song as an alarm).
However the modified Aiken does not explicitly mention the off-premise device provisioning service system registers a cryptographic identity of the on-premise device to access one or more off-premise solutions, after the communicating operation.
However Worsley teaches:
wherein the off-premise device provisioning service system registers a cryptographic identity of the on-premise device to access one or more off-premise solutions, after the communicating operation (Worsley: col. 7, lines 25-30; the authorization logic may provide an identification of the target computer 106 to the provisioning service/authority 104, and may receive in return an authorization to provision the target computer 106 as well as a designation of a particular boot image 134 that should be provided to the target computer 106…col. 7, lines 42-47; the provisioning device 102 may notify the provisioning service/authority 104 that certain credentials have been issued to a target computer 106, and may also provide an identification of the target computer 106 such as a MAC (media access control) address of the target computer 106…col. 10, lines 9-12; Security measures, including authentication and encryption procedures, may be used to ensure that only authorized devices are able to access the provisioning service/authority 104…col. 11, lines 38-42; An action 308 comprises identifying the connected target computer 106. For example, the target computer 106 may be configured to boot from the connected provisioning device 102, and during this process may report its MAC address or some other identifier to the provisioning device. It would have been obvious to one of ordinary skill prior to the effective filing date to register after communication to confirm that the configuration for the device is proper. See Boyle, paragraphs 0030-0031).
Therefore it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to utilize the teachings as in Worsley with the teachings as in Aiken. The motivation for doing so would have been for providing cryptographic identity in order to provision devices in networks that are not yet secure (Worsley: col. 1, lines 22-24).
Regarding claims 11-14, they are substantially similar to claims 4-7, respectively, and are rejected in the same manner, the same art and reasoning applying.
Regarding claims 18-20, they are substantially similar to claims 5-7, respectively, and are rejected in the same manner, the same art and reasoning applying.





REMARKS
	Applicant submitted arguments to overturn the rejection on 09/30/2022. The examiner maintains the rejections, see remarks below. 
The applicant Argues:
Argument: Applicant argues at Remarks, pages 11-14 that the amended claims are nonobvious because (1) there is only a single provisioning service in Boyle, (2) Boyle does not provision a device “for use with solutions”, (3) Boyle/Narasimham does not teach on/off premises devices performing provisioning.
In response, the examiner respectfully submits: Examiner reconfigures the rejection with Aiken as the primary reference, which moots all the above arguments. Examiner responds to the thrust of the concerns with respect to the new rejection for compact prosecution.
With respect to Boyle only teaching a single provisioning service, Examiner now cites Aiken which teaches that processing and directives can be performed remotely using remote resources when a network connection exists and can be performed locally when no network connection exists. Boyle teaches a type a processing – configuring and provisioning a device – and the combination renders obvious the provisioning being performed by remote system or by local systems. Boyle posits a situation where the provisioning occurs with no remote server (using cached data) and a situation where provisioning occurs using the remote server (when a link is available, the central server provides the files). It is true that what Boyle anticipates is a system where “[the central server] merely provides configuration profiles to the DHCP server” but that does not change the fact that the configuration files are part of provisioning and one of ordinary skill would have found it obvious to have entirely remote provisioning.
The underlying thrust of Applicant’s argument that Boyle only has a single provisioning system is an argument toward what Boyle anticipates, rather than what is rendered obvious. Examiner now cites Aiken as a primary reference where actions are commanded locally or remotely, together with Boyle to teach the provisioning technique to make it more clear that it is obvious for either the remote or the local network to perform provisioning and therefore make the on-premises provisioning system and off-premises provisioning system more clear.
With respect to Boyle not provisioning a device for use with solutions, Examiner disagrees. Configuring a device and providing it an IP address allows it to have network connections which is a use with solutions. Regardless, making Aiken part of the primary rejection has more explicit examples of local and remote resource usage such as remotely streaming a song or providing local voice control or automated action.
With respect to Boyle/Narasimham not teaching on/off premise, Examiner now cites Aiken for the features, but regardless reiterates that Examiner gives patentable weight to on/off premises, the limitation is simply largely irrelevant for an obviousness analysis. Applicant does not dispute that devices may be on or off any particular premise – In Narasimham it was an office, in Aiken it is a home. Nor does Applicant dispute that the relevant feature in the claimed system is whether a communication connection exists. Consequently, the physical location of devices is a simple substitute for predictable results. Regardless, since Aiken is now the primary reference no modification is needed at all, as the hub is explicitly stated as being on a given premises.
At Remarks, page 15, Applicant argues Claim 22 for essentially the same reasons as claim 1 – that provisioning is done by two systems. The same response applies.
All claims remain obvious and all claims remain rejected.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARINA J. GARCIA-CHING whose telephone number is (571)270-7159. The examiner can normally be reached Monday - Wednesday (9:00 AM - 5:00 PM).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Vivek Srivastava can be reached on (571) 272-7304. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KARINA J GARCIA-CHING/Examiner, Art Unit 2449                                                                                                                                                                                                        
/VIVEK SRIVASTAVA/Supervisory Patent Examiner, Art Unit 2449