DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 12/13/2018, claims 1-20 are pending in this examination.
 In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.   This examination is in response to US Patent Application No. 16/219,402.
Claim Objections
Claims [15 objected to because of the following informalities:  Claims 15, 16, and 18 are method claims which are depend on system claims 9 and 10.  Appropriate correction is required.

CLAIM INTERPRETATION
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification, as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “an access control repository configured to…” in claim 1,” and “credential source is further configured to …” in claim 8 .Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim 
Claim Rejections - 35 USC § 103
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 7-11, and 15-19 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. 2013/0031598 issued to Whelan et al (“Whelan”) and  in view of US Patent No. 2019/0034402 issued to (“Gala”).
Regarding claim 1, Whelan discloses an access management system comprising [¶3, the present disclosure relates to a method, system, and apparatus for contextual-based virtual data boundaries.  In particular, the present disclosure teaches a method to improve data access control that involves assigning at least one threshold to at least one contextual criterion…], and [¶4]. Examiner Note : Gala also discloses this limitation as:[ title: system and methods for personnel monitoring management,  see FIGS.1-3,  and corresponding text for more detail, an employee interface 200 featuring a touch screen 210 and an associated card reader 220].
a credential source comprising access credentials[ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data], and [¶5], and [see FIG.4A and corresponding text for more detail], and [see FIG. 4D and corresponding text for more detail,  Permissible location, contextual threshold before and after employee fired].)
Examiner Note: Gala also discloses this limitation as: [¶29, It is understood that the card reader 220 may be any device that is capable of reading a credential in determining whether to allow access to the features of the touch screen 210.  Accordingly, a PIN pad, such as the one depicted a unique employee identification number using the on-screen pin pad], and [¶30, FIG. 3 shows another embodiment of an employee interface 300 featuring a touch screen 310 and a biometric identification reader 320].
 an employee records source comprising employee information [¶8, in one or more embodiments, at least a portion of the contextual information from the claimant is related to an identity of the claimant].
 an access control repository configured to: receive access credentials from the credential source[ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data], and [¶5], and [see FIG.4A and corresponding text for more detail], and [see FIG. 4D and corresponding text for more detail,  Permissible location, contextual threshold before and after employee fired].
Examiner Note: Gala also discloses this limitation as: [¶29,  It is understood that the card reader 220 may be any device that is capable of reading a credential in determining whether to allow access to the features of the touch screen 210.  Accordingly, a PIN pad, such as the one depicted in FIG. 9, may be incorporated in the touch screen in place of providing a card reader 220.  The employee need only input a unique employee identification number using the on-screen pin pad], and [¶30, FIG. 3 shows another embodiment of an employee interface 300 featuring a touch screen 310 and a biometric identification reader 320].
receive employee information from the employee records source [¶8, in one or more embodiments, at least a portion of the contextual information from the claimant is related to an identity of the claimant], and [¶4, a job function assigned to the claimant,].
an access application configured to generate an access credentials request and transmit the request to the access control repository [¶5, the geographical location of the claimant is determined by using satellite geolocation techniques… the geographical location of the claimant is determined by using ranging techniques that send pings (i.e. signals) to at least one node (e.g., server, router, or device) that has a known location].
 wherein, upon receiving the request, the access control repository is further configured to transmit the access credentials to the access application based on the access credentials request, the employee information, and the work schedule information [¶3,  The present disclosure relates to a method, system, and apparatus for contextual-based virtual data boundaries.  In particular, the present disclosure teaches a method to improve data access control that involves assigning at least one threshold to at least one contextual criterion…the method involves authenticating the claimant, if the contextual information from the claimant meets at least one of the thresholds to at least one contextual criterion.], and [¶4…the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant], and [¶5, the geographical location of the claimant is determined by using satellite geolocation techniques… the geographical location of the claimant is determined by using 
Even though Whelan discloses a work schedule source comprising work schedule information ; receive work schedule information from the work schedule source[ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data].
	However, does not explicitly discloses and  Gala discloses this limitation as [¶22, The database 180 may further store historical information regarding an employee, such as dates and times worked, number of hours worked, compliance history, and duties/positions performed], and [¶35, Scheduling logic 420 performs the necessary timekeeping determinations and calculations.  For example, scheduling logic 420 records the time that an employee reports to work when the employee clocks in, the hours the employee has been working, the number and duration of breaks taken, the amount of overtime worked, and so forth], and [¶¶42-43].
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Whelan, with the teaching Gala in order to implement systems and methods for providing an integrated means for monitoring, 
managing and auditing employees performance at a workplace or job site, such as monitoring the time worked by the employees, ensuring employee compliance with applicable laws and 
Regarding claim 7, Whelan discloses, wherein the employee information comprises a job role[ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data].
Examiner Note: Gala also discloses this limitation as: [see FIG. 7, [¶42, Performance logic 440 performs the functions to determine the appropriate tasks, duties or positions assigned to the employee.  For example, in a restaurant setting, an employee may be responsible for a number of different duties, such as prep work, food preparation, cash register, waiting tables, etc. Performance logic 440 may therefore be configured to keep track of the various duties assigned to the employees and reassign employee duties as Necessary], and [¶43, Thus, an employee may clock in and receive a message directing the employee to report to the prep station.  While the employee is working in the prep station, the system may send a notification to the employee's mobile device instructing the employee to report to the food prep station.  Performance logic 440 accomplishes the coordination of personnel and assignment of duties typically performed by an onsite manager or supervisor.  Performance logic 440 also takes in to consideration an employee's availability or available time.
Regarding claim 8, Whelan does not disclose, however, Gala discloses wherein the credential source is further configured to receive and store user credentials assigned to an employee based on their job role [see FIG. 7, [¶42, Performance logic 440 performs the functions to determine the appropriate tasks, duties or positions assigned to the employee.  For example, in a restaurant setting, an employee may be responsible for a number of different duties, such as prep work, food preparation, cash register, waiting tables, etc. Performance logic 440 may therefore be configured to keep track of the various duties assigned to the employees and reassign employee duties as Necessary], and [¶43, Thus, an employee may clock in and receive a message directing the employee to report to the prep station.  While the employee is working in the prep station, the system may send a notification to the employee's mobile 
device instructing the employee to report to the food prep station.  Performance logic 440 accomplishes the coordination of personnel and assignment of duties typically performed by an onsite manager or supervisor.  Performance logic 440 also takes in to consideration an employee's availability or available time.  For example, performance logic 440 does not assign further duties to an employee who is on break or is in danger of working overtime].
Regarding claim 9, Whelan discloses, wherein the access credentials transmitted to the access application are encrypted [¶63, controlling access to data based on contextual thresholds, such as a user's physical location (i.e. location-based data).  In addition to location-based data, other contextual thresholds may be based off data based on at least one of the following: time duration of access, time of year of access, day of access, type of device accessing the data, type of data being accessed, and the identity of the claimant accessing the data.  Data may be encrypted when it is created and/or when it is transmitted over a network.


Regarding claim 10, Whelan discloses, wherein the access credential request is generated automatically according to a recognized location [see FIGS 4A and 5A, location-related and time-related contextual Criterion, satisfies contextual threshold, data access granted].
Regarding claim 11, this claim is interpreted and rejected for the same rational set forth in claim 1.
Regarding claim 15, further comprising: transmitting the access credentials to the access application based on the employee work schedule information.  
Whelan discloses this limitation as: [ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data].
  Gala discloses this limitation as [¶22, The database 180 may further store historical information regarding an employee, such as dates and times worked, number of hours worked, compliance history, and duties/positions performed], and [¶35, Scheduling logic 420 performs the necessary timekeeping determinations and calculations.  For example, scheduling logic 420 records the time that an employee reports to work when the employee clocks in, the hours the employee has been working,
Regarding claim 16, this claim is interpreted and rejected for the same rational set forth in claim 7.
Regarding claim 17, Whelan discloses , further comprising: determining if the employee is authorized to access the secure systems and resources based on their job role[ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data].
Regarding claim 18, this claim is interpreted and rejected for the same rational set forth in claim 9.
Regarding claim 19, Whelan does not explicitly disclose, However, Gala discloses revoking the access credentials based on the employee work schedule information [¶46, a significant advantage to requiring an employee input information in specified fields, as a condition to clocking out is that it provides further controls and monitoring over the employee's activities.  For example, in the restaurant context, rules may be in place as to tip reporting, e.g., that each employee's reported tip be at least 8% of cash sales.  Once the employee completes the clock out process, the system may communicate with other devices and computers in the restaurant, such as cash registers and order systems, to log that employee out and prevent the employee from having further access to the systems without first clocking in], and [¶39, Thus, the relevant options determined by the scheduling logic 420 may be made in cooperation with the compliance logic 430 and the performance logic 440.  For example, if the scheduling logic 420 determines that the last access from the employee was a "break start", the options available to the employee upon the next access may be "break end" or a "clock out".  If an applicable law 
requires an employee to take a minimum break of 30 minutes, the compliance logic disables the "break end" feature until 30 minutes have elapsed from the time when the employee selected the "break start" feature].

Claims 2-6, and 12-4 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. 2013/0031598 issued to Whelan et al (“Whelan”) and  in view of US Patent No. 2019/0034402 issued to (“Gala”) and further in view of US Patent No. 10,367,911 issued to  Combs et.al(“Combs”).
Regarding claim 2, wherein the access credentials request comprises an actual location of an employee.  
	Even though Whelan discloses this limitation as: [¶5, the geographical location of the claimant is determined by using satellite geolocation techniques… the geographical location of the claimant is determined by using ranging techniques that send pings (i.e. signals) to at least one node (e.g., server, router, or device) that has a known location].
Whelan and Gala do not explicitly discloses and  however, Combs discloses  [Col.6 lines 53-67, Col. 7 lines 1-2, Analysis module 325 receives location information from location information module 320 and determines a predicted work location and an actual/destination location of where the user will be or is working.  User work location patterns can be detected as 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Whelan, and Gala with the teaching Combs in order to provide to smart resource allocation based on work location predictions by implementing a method and system that create a user profile associated with a user.  The user profile can include locations in which the user has worked and information relating to one or more devices associated with the user.  The system can receive data from the devices and 

Regarding claim 3, Whelan and Gala do not explicitly discloses and however, Combs discloses, wherein the access control repository is further configured to generate a predicted location of the employee[Col. 1 lines 64-67, on days when more than 15% of employees are predicted to work in a place other than an enterprise location, fewer resources at the enterprise location may be needed], and [Abstract,     Embodiments disclosed herein describe a method and system that create a user profile associated with a user.  The user profile can include locations in which the user has worked and information relating to one or more devices associated with the user.  The system can receive data from the devices and analyze the data to predict a work location of the user.  Resources can be optimized based on the predicted work location of the user and the predicted work locations of other users], and [Col. 6 lines 53-67- Col.7 lines 1-30].
Regarding claim 4, Whelan and Gala do not explicitly discloses and however, Combs discloses, wherein the access control repository is configured to transmit the access credentials to the access application based on a comparison of the actual location of the employee with the predicted location of the employee [Col. 6 lines 53-67, analysis module 325 receives location information from location information module 320 and determines a predicted work location and an actual/destination location of where the user will be or is working…], and [Col. 6 lines 53-67- Col.7 lines 1-30].
Regarding claim 5, Whelan discloses, wherein access credentials are revoked based on a comparison of the actual location of the employee with the predicted location of the employee [see FIG.3B, 4A and 4B and corresponding text for more detail, contextual criterion: location-related and time-related , does not satisfy contextual threshold ( data access NOT granted)].
Regarding claim 6, Whelan and Gala do not explicitly discloses and however, Combs discloses, wherein the predicted location of the employee is based on a time and a location that an employee is scheduled to work [Col. 6 lines 53-67. Col. 7 lines 1-30, analysis module 325 receives location information from location information module 320 and determines a predicted work location and an actual/destination location of where the user will be or is working.  User work location patterns can be detected as data is gathered over time.  The predicted work location can be determined by reviewing the user's previous work location history and work schedule.  For example, if the user typically works at home when the user's mobile device is connected to a home network at 8:30 a.m., analysis module 325 can predict that the user will work at home when the user's mobile device is connected to a home network after 8:30 a.m.  Additional information may further provide information as to where the user likely will work for the day such as calendar information (e.g., the user is likely working at an enterprise location when the user is scheduled to give a tour of a facility, the user is likely working from home when the user has a doctor's appointment)].
Regarding claim 12, this claim is interpreted and rejected for the same rational set forth in claim 2.
Regarding claim 13, this claim is interpreted and rejected for the same rational set forth in claim 3.
Regarding claim 14, this claim is interpreted and rejected for the same rational set forth in claim 4.
Claim 20 is  rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. 2013/0031598 issued to Whelan et al (“Whelan”) and  in view of US Patent No. 2019/0034402 issued to (“Gala”) and further in view of US Patent No. 2006/0064313 issued to  Steinbarth et.al(“Steinbarth”).
Regarding claim 20,Whelan discloses a computer implemented method for managing access credentials for secure systems and resources, the method comprising[¶3, the present disclosure relates to a method, system, and apparatus for contextual-based virtual data boundaries.  In particular, the present disclosure teaches a method to improve data access control that involves assigning at least one threshold to at least one contextual criterion…], and [¶4]. Examiner Note : Gala also discloses this limitation as:[ title: system and methods for personnel monitoring management,  see FIGS.1-3,  and corresponding text for more detail, an employee interface 200 featuring a touch screen 210 and an associated card reader 220].
 receiving an access credentials request from an access application associated with an employee ;receiving access credentials associated with the employee from a credential source; [ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data], and [¶5], and [see FIG.4A and corresponding text for more detail], and [see FIG. 4D and corresponding text for more detail,  Permissible location, contextual threshold before and after employee fired].)
Examiner Note: Gala also discloses this limitation as: [¶29, It is understood that the card reader 220 may be any device that is capable of reading a credential in determining whether to allow access to the features of the touch screen 210.  Accordingly, a PIN pad, such as the one depicted in FIG. 9, may be incorporated in the touch screen in place of providing a card reader 220.  The employee need only input a unique employee identification number using the on-screen pin pad], and [¶30, FIG. 3 shows another embodiment of an employee interface 300 featuring a touch screen 310 and a biometric identification reader 320].
14 	4810-5204-4930, V.1Atty. docket No. 38079/04335receiving employee information associated with the employee from an employee records source, wherein the employee information includes a job role [¶8, in one or more embodiments, at least a portion of the contextual information from the claimant is related to an identity of the claimant], and [¶4, a job function assigned to the claimant,].
Examiner Note: Gala also discloses this limitation as: [see FIG. 7, [¶42, Performance logic 440 performs the functions to determine the appropriate tasks, duties or positions assigned to the employee.  For example, in a restaurant setting, an employee may be responsible for a number of different duties, such as prep work, food preparation, cash register, waiting tables, etc. Performance logic 440 may therefore be configured to keep track of the various duties assigned to the employees and reassign employee duties as Necessary], and [¶43, Thus, an employee may clock in and receive a message directing the employee to report to the prep station.  While the employee is working in the prep station, the system may send a notification to the employee's mobile device instructing the employee to report to the food prep station.  Performance logic 440 accomplishes the coordination of personnel and assignment of duties typically performed by an onsite manager or supervisor.  Performance logic 440 also takes in to consideration an employee's availability or available time.  For example, performance logic 440 does not assign further duties to an employee who is on break or is in danger of working overtime].
 receiving work schedule information associated with the employee from a work schedule source;
Even though Whelan discloses this limitation as:[ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data].
	However, does not explicitly discloses and  Gala discloses this limitation as [¶22, The database 180 may further store historical information regarding an employee, such as dates and times worked, number of hours worked, compliance history, and duties/positions performed], and [¶35, Scheduling logic 420 performs the necessary timekeeping determinations and calculations.  For example, scheduling logic 420 records the time that an employee reports to work when the employee clocks in, the hours the employee has been working, the number and duration of breaks taken, the amount of overtime worked, and so forth], and [¶¶42-43].
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Whelan, with the teaching Gala in order to implement systems and methods for providing an integrated means for monitoring, 
managing and auditing employees performance at a workplace or job site, such as monitoring the time worked by the employees, ensuring employee compliance with applicable laws and 
 	determining if the employee is not authorized to access the secure systems and resources based on access the credentials request, access credentials, and work schedule information[ ¶4, the contextual information from the claimant includes a geographical location of the claimant when the claimant is attempting to access the data, a time of day the claimant is attempting to access the data, a day of the week the claimant is attempting to access the data, a job function assigned to the claimant, a quantity of data the claimant has gained access to during a first predefined time period, a number of times the claimant has logged into the system during a second predefined time period, and/or a type of a device associated with the claimant that the claimant is using to attempt to access the data], and [¶5], and [see FIG.4A and corresponding text for more detail, Data access NOT granted], and [see FIG. 4D and corresponding text for more detail,  Permissible location, contextual threshold before and after employee fired, NOT permissible data].)
Whelan and Gala do not explicitly disclose, however, Steinbarth discloses overriding the determination that the employee is not authorized to access the secure systems and resources, based on the employee job role; and, transmitting the access credentials to the access application [¶3251, User access rights represent the privileges required for accessing resources.  An administrator protects resources by establishing access control lists to grant permissions to users and groups.  Individual user permissions take precedence over group permissions.  Individual user permission overrides the more restrictive group permission], and 

 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Whelan, and Gala with the teaching Calderano in order to provide the capability to system administrator to over-any business rule to in-house personnel based on the user authority level [Steinbarth,Abstract, ¶¶27,35, 2947].
 Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
LOCONZOLO (US2009/0125346) (¶¶24, 26, employee during scheduled working hours].
Ridge(US9020848)[ Method and system for time and location tracking].
Clifford(US2009/0086936)[¶23, employee identification, employee schedule and location].
Donnelly(US6049776)[ Human resource management system for staffing project].
Cox(US8788308)[ Employee scheduling and schedule modification].
Stepanovich [¶34].
Sun (US2016/0110412) [see FIGS.]. 
Calderaro [¶50, in a distributed model, employee data for a particular area, such as a project or company location, may be located on the same database].
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207.  The examiner can normally be reached on Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to 






/SHAHRIAR ZARRINEH/Examiner, Art Unit 2497