Detailed Action
Claims 1-12 are presented for examination.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claim 12 is objected to because it recites “the method of claim 7” where claim 7 is an apparatus. Since this claim is parallel to claim 6, it is construed as reciting “the method of claim 8”. Correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5-10 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Briceno et al (US Pub. No.2014/0289833).

Re Claim 1. Briceno discloses an apparatus for controlling authentication, the apparatus comprising: a processor configured to process authentication of a user; and a  authentication 230 includes a location authentication module 231 for performing location-based authentication using a location sensor(s) 241 and historical or user-specified location data stored within a user/location data storage device ) [Briceno, para.0102, Fig.2], wherein the at least one command comprises: an identification command of identifying an authentication-processing space, which is a space in which the authentication of the user is processed (i.e. the location sensor 241 may include a GPS device and/or a module for detecting a current access point or cell tower to which the client 200 is connected (which can be used to estimate the device's current location).  Any sensor capable of providing data related to a user's location may be used.  The location authentication module 231 determines the effect that the current location of the client device has on the assurance level.) [Briceno, para.0102]; a determination command of determining space reliability for the authentication-processing space based on correlation between the authentication-processing space and the user (i.e. For example, if the device is currently at a "home" or "office" location (according to historical or user-specified location data 245) then the assurance level may be adjusted upwards; whereas if device is currently at a distant, unknown location, then the assurance level may be adjusted downwards.  In addition to automatically training the system during the "legitimate user state" (as described herein) in one embodiment, the user is ) [Briceno, para.0102]; and a control command of authenticating the user through an authentication scheme that is determined differently according to the space reliability for the authentication-processing space (i.e. the risk engine 812 then evaluates this data to arrive at an implicit "risk score" or a preliminary assurance level inversely related to the risk score), which may be used to determine the amount of additional assurance required to authenticate the user for a given transaction……………. based on the implicit risk score, the adaptive authentication module on the relying party 810 or the client device 800 determines a set of one or more authentication modules 222, 230 with the potential of increasing the overall assurance level to the required level for an intended transaction (i.e., when combined with the preliminary assurance level/implicit risk score).  In one embodiment, the assurance level gain analysis module 811 determines the amount of gain required and the adaptive authentication module 800, 810 is provided with an indication of the required assurance level gain as a parameter.  The adaptive authentication module 800, 810 then uses this "gain" parameter in order to determine the most convenient set of authentication techniques (non-intrusive 230 and/or explicit 222) in order to achieve (at least) the required gain) [Briceno, para.0128-0129], (i.e. the 
and/or server may make a determination of the physical location of the client device, and feed that location to a policy engine that evaluates an ordered set of policy rules.  In one embodiment, these rules specify classes of locations and the authentication mechanism or mechanisms that must be applied if the client location matches the location definition in the rule) [Briceno, para.0179-0183].
	Briceno does not disclose all the claimed features in one embodiment however it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to combine the embodiments of Briceno to arrive at the current invention because it would be beneficial to select and/or combine authentication modalities based on the current detected risk [Briceno, para.0013].

	Re Claim 8. In a manner similar to the rejection of claim 1, Briceno discloses the method of claim 8.

Re Claims 2 and 9. Briceno discloses the features of claims 1 and 8, Briceno further discloses wherein the correlation between the authentication-processing space and the user is based on a number of times that at least one of the user and other users who the distance to frequently visited destinations of the legitimate user may be tracked, stored and subsequently used to 
determine the assurance level.  For example, if the user is connecting to a relying party from a location known to be the user's home or office, then the assurance level may be set to a relatively high value, whereas if the device is connecting from an unknown or distant location, then the assurance level may be 
adjusted to a lower level) [Briceno, para.0097].
The same motivation to combine Briceno’s embodiments, as in claim 1, applies.

Re Claims 3 and 10. Briceno discloses the features of claims 2 and 9, Briceno further discloses wherein the other users include users who the user registers as acquaintances and users located at an identical space as the user (i.e. other types of non-intrusive measurements may be performed to determine whether the authorized user is in possession of the device including, for example, the identity of networks or devices to which the client device is connected such as Bluetooth devices, near field communication (NFC) devices, Wifi devices such as routers or access points, smart watches, other computing 
devices, Nymi bracelets, to name a few.  Wifi devices may include the visibility of Wifi networks in reach such as a ) [Briceno, para.0098], (i.e. using the techniques described herein, a location may be defined as "with my work colleagues" or "at work" where the presence of a set 
of peer devices known to be owned by the user's work colleagues may be used as a proxy for the risk that needs to be mitigated by authentication policy.) [Briceno, para.0211, note: it is implied that the user is defining the location as “with my work colleagues” and therefore implicitly registering the owners of the nearby devices as acquaintances].
The same motivation to combine Briceno’s embodiments, as in claim 1, applies.

Re Claim 5. Briceno discloses the features of claim 2, Briceno further discloses wherein the determination command comprises determining space reliability by assigning a weighted value for each visit time point at which the user and the other users visit the authentication-processing space in each visit (i.e. the client may see a variety of peer devices connected to the work LAN and/or may see the wireless signals generated by those devices regardless of whether the client connects to those devices………………. The device proximity detection logic 2001 may detect the devices in the vicinity and persistently store the results as historical device proximity data 2004.  When the user subsequently returns to the location, the device proximity detection logic 2001 may compare the devices that it currently "sees" against the devices stored as historical proximity data 2004 to generate a correlation ) [Briceno, para.0212-0213, note: each time the user’s device and the users’ devices are seen in proximity, the correlation is stronger i.e. a weight value is assigned for each visit time point];
The same motivation to combine Briceno’s embodiments, as in claim 1, applies.

Re Claims 6 and 12. Briceno discloses the features of claims 1 and 8, Briceno further discloses wherein, when the user authentication is successful, the control command comprises omitting additional user authentication required within an allowable distance from the authentication-processing space (i.e. For example, if the client device is currently at a location known to be the user's home or office or within a defined radius of another trusted location, then minimal (or no) authentication may be required) [Briceno, para.0206] and within an allowable time after a time point at which the authentication is successful according to a preset additional authentication condition (i.e. The assurance level may be calculated, for example, based on the time which has passed since the last explicit user authentication (e.g., to SIM card or phone unlock with PIN or finger swipe).  Assuming that amount of time which has passed is ) [Briceno, para.0096].
The same motivation to combine Briceno’s embodiments, as in claim 1, applies.

Re Claim 7. Briceno discloses the features of claims 6 and 12, Briceno further discloses wherein the additional authentication condition is set to be a wider allowable distance (i.e. At 1902, one or more location classes (and potentially Boolean combinations of classes) are identified for the current location based on an existing set of policy rules.  At 1903, one or more authentication techniques are identified according to the location class(es).  For example, if the client device is 
currently at a location known to be the user's home or office or within a defined radius of another trusted location, then minimal (or no) authentication may be required.  By contrast, if the client device is currently at an unknown location and/or a location known to be untrusted, then more rigorous 
authentication may be required (e.g., biometric authentication such as a fingerprint scan, PIN entry, etc).  At 1904, the authentication techniques are employed and if authentication is successful, determined at 1905, then the transaction requiring authentication is authorized at 1906.) [Briceno, para.0206, aslo 244, Examiner interprets that when the space reliability is higher by more rigorous authentication then access is permitted an area outside the known locations and therefore in a wider allowable distance], [see para.0186-0193 describing the classes of locations] and a longer allowable time as the space reliability is higher (i.e. FIG. 10 graphically illustrates how the embodiments of the invention 
described above may evaluate the assurance level to determine authentication modalities.  At time t1, the user performs an explicit authentication (e.g., swiping a finger, entering a PIN, etc).  At time t2, the relying party asks for authentication with an assurance level gain of al4.  The non-intrusive 
authentication modality delivers assurance level all which is higher than al4, so there is no need to trigger an explicit authentication) [Briceno, para.0137, Fig.10], (i.e. the complete time window (including the standard time window and extended time window) may be defined as follows: (1) if inside the legitimate 
user state time window following a successful explicit user authentication (i.e. t1 .  . . t1+T1)) [Briceno, para.0123, shows that the interval  t1 to t1+T1 is the initial time window after authentication ].
The same motivation to combine Briceno’s embodiments, as in claim 1, applies.

Claims 4 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Briceno as applied to claims 3 and 10, in view of Zhou (US Pub.No. 2012/0110071).

Re Claims 4 and 11. Briceno discloses the features of claims 3 and 10, Briceno further discloses wherein a weighted value for determining the space reliability for each visit of 
(i.e. the device proximity detection logic 2001 may detect the devices in the vicinity and persistently store the results as historical device proximity data 2004.  When the user subsequently returns to the location, the device proximity detection logic 2001 may compare the devices that it currently "sees" against the devices stored as historical proximity data 2004 to generate a correlation between the two.  In general, the stronger the correlation, the more likely it is that the client is at the specified location.  Over time, devices which are seen regularly may be prioritized above other devices in the historical device proximity data 2004 e.g., because these devices tend to provide a more accurate correlation with the user's work location) [Briceno, para.0213];
 	Briceno does not explicitly disclose whereas Zhou does: and a time during which it is identified that the user and the other users are located in an identical space in each visit (i.e. A user's attributes may be inferred based on the attribute values of the user's connections, such as the mean, median, or mode of the attribute values of those connections.  The aggregate value of these attributes may be a weighted aggregate value.  In an embodiment, the weight assigned to information associated with a user is determined based on factors including ) [Zhou, claim 0006].
	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify Briceno with Zhou because Zhou provides more accuracy since Users that have not interacted with the user for a long time can be excluded since there is a possibility that they are old connections of the user and the user may have moved to a different location [Zhou, para.0032].

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NOURA ZOUBAIR whose telephone number is (571)270-7285.  The examiner can normally be reached on Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434