DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) was submitted on 3/31/2021. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claims 2-12, 14 and 16-19 are objected to because of the following informalities:  
Claims 2-12 (line 1), 14 (line 1) and 16-19 (line 1) recites the limitation “of claim #.”  After “claim #” a comma should be inserted.
Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:



Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Fascenda (US 20040068653 A1, hereinafter Fascenda) in further view of Garin et al. (US 8838376 B2, hereinafter Garin).

Regarding claim 1, Ross discloses an information handling system of a wireless network access point operating a location multi-factor authentication security system comprising: 
a memory storing a private and a public key (paras. [0064], lines 2-4, secret cryptographic key of all authorized client keys in a client database that is uploaded to each access point...; [0067], lines 34-37, types of cryptographic keys such as public/private cryptographic keys may be employed...); 
an access point network interface device operably connecting the wireless network access point to a network requesting access to the network (paras. [0012], user moves from network to network, for instance from his office network to a public network at a Wi-Fi coffee shop, the user must switch his setting as appropriate for the local network. Generally, this requires advanced knowledge of the settings for the new network. Microsoft Windows® operating systems facilitate the storage of these settings as a "location," thereby enabling the user to simply point-and-click to select the new network. However, the user still must manually install these parameters for the new network during initial setup…; [0065], lines 1-4, nerve center of the system is the AP software executing at access point 220. The AP software facilitates the authentication of a client computing device 210 attempting to access network 200…); 
the access point network interface device transmitting a random number challenge generated using the private key to the client device if the geographic location estimation is within a preset geographical area (Figs. 10-11; paras. [0069], lines 1-8, upon entering the communication range of a wireless Wi-Fi network C comprising the access point220 (Dev lC), the client device 210 detects the presence of the network by either listening for a 'beacon" frame or a "probe response" frame (step 1002). The beacon or probe response frame comprises a BSSID field that uniquely identifies the network and access point, and distinguishes the current access point from other access points…; [0076], lines 20-27, access point 220 then obtains (step (R2) 1125) a second random number generated in the SIM 252 of the AP key 250. The first random number Rl is encrypted with CK_IDS2c obtained from the client key database file…access point forms a second challenge comprising Rle and R2. This second challenge is then encrypted with NKS1 and sent (step 1130) to client device 210…); 
the access point network interface device receiving a challenge response from the client device (Figs. 2 and 9A; paras. [0067], lines 31-33, important to note that NKR and NKS are private cryptographic keys stored in the physical keys 230, 240A-N, and 250…; Fig. 10; [0070], lines 1-6, Client device 210 sends (step 1010) the authentication frame 922 to the access point 220. The challenge of authentication frame 922 comprises the serial number of the client key 240 corresponding to the client device 210 (Rl) attempting authentication and a first random number generated by SIM 242 of the client key 240...); 
(paras. [0047], lines 20-25, individual client key record comprises a serial number of the corresponding client key and information such as name of person or computing device that the client key belongs to, location, company department, and any other administrative fields deemed necessary…; [0063], lines 7-10, use the CK_IDS of the client key 240 when communicating with the client device 210, the access point 220 pulls the corresponding record and then decrypts the encrypted CK_IDS with AP_IDS…, where the public key encrypted CK_IDS with AP_IDS; [0077], lines 1-6, client device 210 receives and decrypts the second challenge of authentication frame 924 using NKR1 to obtain Rle and R2. Rle is then decrypted (step 1135) with CK_IDS2c from SIM 242. The client device 210 then compares (step 1140) Rl as originally sent with the Rle received to identify if they match…); 
the processor generating a boot process authorization instruction if the challenge response matches the challenge response comparator (para. [0078], lines 1-17, client device 210 responds to the access point 220 with a final challenge. This challenge comprises the second random number R2 encrypted at the access point 220 with the CK _IDS2c. Encrypted R2 is now referred to as R2e. The client device 210 sends (step 1150) the third challenge encrypted with NKS2 to the access point 220. The access point 220 decrypts (step 1155) the third challenge with NKR1 and then R2e with CK_IDS2c- The access point 220 then compares (step 1160) R2 as originally sent with the decrypted R2e received to identify if they match. If the random numbers do not match, the access point 220 knows the client device 210 is not a trusted device and therefore places (step 1165) the MAC Address of the client device 210 in the "Do Not Allow" table 850…); and 
(para. [0078], lines 1-17, If R2e equals R2, the access point 220 knows that the client device 210 is a trusted component and places (step 1170) the MAC address of the client device 210 in the "Authorized Users Table"830…).
Although Fascenda discloses the geographic location estimation is within a preset geographical area (Figs. 10-11; paras. [0069], lines 1-8; [0076], lines 20-27), prepopulating a message (Fig. 3; para. [0043], but fails to teach receiving a geographic location estimation from a client device.
Garin, in the same or similar field of endeavor, teaches receiving a geographic location estimation from a client device (col. 8, lines 50-55, mobile devices may have access to location information such as GPS information, or information from inertial sensors that permit the mobile device to obtain a location estimate, the APs may request or the mobile devices may send, or be instructed to send, location information to the APs…). 
Therefore, considering Fascenda and Garin’s teachings as a whole, one of ordinary skill in the art, before the effective filing date of Applicant’s claimed invention, would be motivated to determine the location of the mobile device relative to one or more APs taught by Garin, for optimizing the process of selecting APs (col. 8, lines 43-49).	

Regarding claim 2, Fascenda-Garin discloses the information handling system of claim 1 further comprising: the access point network interface device disallowing communication between the network and the client device if the geographical location estimation is not within (Fascenda, paras. [0069], lines 1-8; [0078], lines 1-17) (Garin, col. 8 lines 50-55).

Regarding claim 3, Fascenda-Garin discloses the information handling system of claim 1 further comprising: 
the access point network interface device transmitting a boot up abort instruction to the client device if the geographical location estimation is not within the preset geographical area (Fascenda, paras. [0069], lines 1-8; para. [0078], lines 1-17) (Garin, col. 8 lines 50-55).

Regarding claim 4, Fascenda-Garin discloses the information handling system of claim 1 further comprising: 
the access point network interface device transmitting a boot up abort instruction to the client device if the challenge response does not match the challenge response comparator (Fascenda, paras. [0073], lines 1-8, client device 210 receives and decrypts (step 1045) the second challenge of authentication frame 924 using CK_IDS2c stored with SIM 242 to obtain decrypted R2. If the decryption process yields an empty string, the client device 210 aborts (step 1050) further communications with the access point 220. If the decryption process does not yield a 'null' or empty string, then the client device 210 is assured (step 1055) that it is talking to a trusted component…; [0078], lines 1-17).

Regarding claim 5, Fascenda-Garin discloses the information handling system of claim 1 wherein the geographic location estimation is determined based on an access point beacon (Fascenda, para. [0069], lines 1-8) (Garin, col. 8 lines 50-55).

Regarding claim 6, Fascenda-Garin discloses the information handling system of claim 1 further comprising: the processor authenticating the client device through a Wi-Fi Protected Setup (WPS) security protocol (Fascenda, Fig. 2; paras. [0062], lines 29-31, a client device 210 attempts to authenticate with the access point 220…, where WPS is enabled by default. Manually enabling WPS is done either through the firmware of your router (wireless access point), and its administration user interface, or using a WPS button; [0067], lines 1-3, Referring to FIG. 9A, the access point 220 and the client  device 210 via respective NICs 810 and 910 communicate with each other on a Wi-Fi channel 920.).

Regarding claim 7, Fascenda-Garin discloses the information handling system of claim 1 further comprising: 
the access point network interface device receiving the public key and the private key transmitted from a router within a local network that includes the AP (Fascenda, paras. [0064], lines 2-4; [0067], lines 34-37).

Claim 8 incorporates substantively all the limitations of claims 1 and 5 in method form rather than system form and is rejected under the same rationale. 

Claims 9 and 16 incorporates substantively all the limitations of claims 2 and 4 in method and information handling system forms rather than system form and are rejected under the same rationale.

Regarding claim 10, Fascenda-Garin discloses the method of claim 8 further comprising: receiving a boot process authorization instruction from the nearby AP if the geographic location estimation is within a preset geographical area and the client device transmits a correct asymmetric cryptography challenge response to the AP (Fascenda, paras. [0047], lines 20-25; [0063], lines 7-10; [0077], lines 1-6) (Garin, col. 8 lines 50-55).

Claim 11 incorporates substantively all the limitations of claim 1 in method form rather than system form and are rejected under the same rationale. 

Claim 12 incorporates substantively all the limitations of claims 1 and 4 in method form rather than system form and is rejected under the same rationale. 

Claim 13 incorporates substantively all the limitations of claim 1 in method form rather than system form and is rejected under the same rationale. 

Claim 14 incorporates substantively all the limitations of claim 6 in method form rather than system form and is rejected under the same rationale. 

Claim 15 incorporates substantively all the limitations of claim 1 in system form and is rejected under the same rationale. 

Claims 17-19 incorporates substantively all the limitations of claims 3-4 and 7, respectively, in system form rather and are rejected under the same rationale.

Regarding claim 20, Fascenda-Garin discloses the information handling system of claim 15, wherein the AP beacon frame identifies the nearby AP by a MAC address known to be associated with the nearby AP (Fascenda, paras. [0069], lines 14-17; [0070), lines 1-6).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
See PTO-892 Notice of References Cited.


	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to THORNE E WAUGH whose telephone number is (571)270-0434.  The examiner can normally be reached on Monday-Friday 9AM-5:30PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





6/15/2021
/THORNE E WAUGH/Examiner, Art Unit 2457                                                                                                                                                                                                        
/ARIO ETIENNE/Supervisory Patent Examiner, Art Unit 2457