DETAILED ACTION

Notice of Pre-AIA  or AIA  Status

1. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2. 	This is the initial office action that has been issued in
response to patent application 16/958,252, filed on 06/26/2020.
Claims 1-15 are cancelled. Claims 16-25 as originally filed and are currently pending and have been considered below. 

Specification
3. 	The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. 
Drawings
4. 	The drawings are objected to under 37 CFR 1.83(a) because they fail to show details of the drawings as described in the specification. Any structural detail that is essential for a
proper understanding of the disclosed invention should be shown in the drawing. MPEP § 608.02(d). Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any 
the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application

Claim Rejections - 35 USC § 103
5. 	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.






6. 	Claims 16, 20 and 25 are  rejected under 35 U.S.C. 103 as being unpatentable over Lawrence (US 2014/0108800 A1), Cheng (US 2017/109514 A1) and Aura (US 2006/0020796 A1) in view of Sakamoto (US 2008/0181403 A1).

7. 	Regarding Claim 16, Lawrence and Cheng disclose, an authentication method comprising: 
Lawrence does not explicitly disclose the following limitations that Cheng teaches:
- collecting, based on a predetermined authentication policy, at least one context data element (Cheng, [0031], the utilization of a user's activity context for continuous authentication, embodiment of the present invention may also be used for providing alerts.  An alert generated in response to the detection of a predetermined activity context); 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include an authentication policy that is collected at the data element wherein at least one context is existing. 

- constituting a data packet, based on the at least one collected context data element (Lawrence, [0053], the client device 108 seeded by the digital samples 226 collected by the client device in the data block 138 and authenticate); - Lawrence, [0070], The function 242, may comprise for example but without limitation, a Secure Hash Algorithm or other algorithm capable of generating a repeatable hash value such as the hash value 152 for the same data block such as the data block 138.); - sending the generated hash (Lawrence, [0058], sends hash value); 
Lawrence and Cheng does not explicitly disclose the following limitations that Aura teaches:
- generating, as a hash distance generation step, a hash distance between the generated hash and a predetermined reference hash (Aura, [0074], in a predetermined portion of the hash value (such as a predetermined number of the left-most bits), may be the greatest number of zero bits within the complete computed hash value, may be the greatest number of sequential zero bits within the computed hash value); 
Lawrence, Cheng and Aura does not explicitly disclose the following limitations that Sakamoto teaches:
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the generated hash between the determined hash. 
Lawrence, Cheng and Aura does not explicitly disclose the following limitations that Sakamoto teaches:

and - authenticating successfully or not based on the generated hash distance, as an authentication step (Sakamoto, [0002], an authenticating system, an authenticating method, and an authenticating program that can be successively utilized also in a case where a hash algorithm) 

8. 	Regarding Claim 20, Lawrence, Cheng, Aura and Sakamoto disclose, the method according to claim 16, 
Lawrence does not explicitly disclose the following limitations that Cheng teaches:
wherein, prior to constituting the data packet, the method further comprises grouping together, according to the authentication policy, at least two context data elements comprised within the at least one context data element, to constitute at least one corresponding context data group (Cheng, [0050], modules and/or data structures may be combined or divided into sub-modules, sub-processes or other units of computer code or data as may be required by a particular design or implementation of the user authentication subsystem 110.).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed 

9. 	Regarding Claim 25, Lawrence, Cheng, Aura, Sakamoto disclose, an authentication system, comprising a first authentication device and at least one second authentication device, wherein the first authentication device is configured to:
Lawrence does not explicitly disclose the following limitations that Cheng teaches:
 - collect at least one context data element, based on a predetermined authentication policy (Cheng, [0031], the utilization of a user's activity context for continuous authentication, embodiment of the present invention may also be used for providing alerts.  an alert generated in response to the detection of a predetermined activity context [0024], the data signals produced by the sensing device(s) 126 provide the activity context inputs 128 and/or the biometric inputs 130 that are analyzed by the user authentication subsystem 110.); - constitute a data packet, based on the at least one collected context data element (Lawrence, [0053], the client device 108 seeded by the digital samples 226 collected by the client device in the data block 138 and authenticate); - generate a hash, by using a predetermined hash type algorithm and the data packet, as input to the predetermined hash type algorithm (Lawrence, [0070], The function 242, may comprise for example but without limitation, a Secure Hash Algorithm or other algorithm capable of generating a repeatable hash value such as the hash value 152 for the same data block such as the data block 138.); and - send to the second authentication device, the generated hash (Lawrence, [0058], sends hash value); - and wherein the second authentication device is configured to: - receive the generated hash from the first device (Lawrence, [0006], a client device receives a received hash value); Patent 

Lawrence and Cheng does not explicitly disclose the following limitations that Aura teaches:
Attorney Docket No. - generate a hash distance between the generated hash and a predetermined reference hash (Aura, [0074], in a predetermined portion of the hash value (such as a predetermined number of the left-most bits), may be the greatest number of zero bits within the complete computed hash value, may be the greatest number of sequential zero bits within the computed hash value);
and - authenticate successfully or not based on the generated hash distance (Sakamoto, [0002], an authenticating system, an authenticating method, and an authenticating program that can be successively utilized also in a case where a hash algorithm.).

10. 	Claims 17 is rejected under 35 U.S.C. 103 as being unpatentable over Lawrence (US 2014/0108800 A1), Cheng (US 2017/109514 A1), Aura (US 2006/0020796 A1) and Sakamoto (US 2008/0181403 A1) in view of Sharifi (US 9514753 B2).

11. 	Regarding Claim 17, Lawrence, Cheng, Aura, Sakamot and Sharifi disclose, the method according to claim 16, wherein, the predetermined hash type algorithm comprises a locality sensitive hash type algorithm, and wherein the method further comprises, as the hash distance generation step and the authentication step, the following steps:
Lawrence, Cheng Aura, Sakamoto does not disclose the following limitations that Sharifi teaches:
 - generating a score, by using the locality sensitive hash type algorithm, as a level of similarity between the generated hash and the predetermined reference hash (Sharifi, Col. 19, lines 25-28, Comparing the speaker vectors in the set with the utterance vector includes determining similarity scores that each indicate a degree of similarity. Col. 9, lines 60-61, For each speaker vector 130 a-130 c, a hash value may be determined for each of multiple hash functions 140); 
Lawrence and Cheng does not disclose the following limitations that Sharifi teaches:
- comparing the score to a predetermined threshold value (Sharifi, Col. 12, lines 54-55, similarity score that satisfies the threshold); 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a score that is generated using levels of similarities for predetermined reference hash and comparing the score to the threshold. 

Patent Attorney Docket No. - authenticating successfully only if the score is equal to or greater than the predetermined threshold value (Lawrence, [0050], the data block 138 has effectively been validated, the data block 138 can reliably be processed to authenticate the time t2 and/or the location 122 of the client device 108. [0086], he computed hash value 322 match, and if the time difference 322 (t1−t2est) is below a time threshold value, the authentication processor 300 authenticates possession).  

12. 	Claims 18 and 21-22 are rejected under 35 U.S.C. 103 as being unpatentable over Lawrence (US 2014/0108800 A1), Cheng (US 2017/109514 A1), Aura (US 2006/0020796 A1) and Sakamoto (US 2008/0181403 A1) in view of in view of Chul-min(US 20040221153 A1)

13. 	Regarding Claim 18, Lawrence, Cheng, Aura, Sakamoto and Chul-min disclose, the method according to claim 16, 
Lawrence, Cheng, Aura, Sakamoto does not explicitly disclose the following limitations that Chil-min teaches:
wherein, prior to generating the hash, the method further comprises sorting, according to a numerical order, the at least one collected context data element within the data packet (Chul-min, Abstract, data packets as a combination value, which is obtained by dividing the fixed width by the variable width, and combining the same number of sequentially received variable).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the generated hash and sorting the method in numerical order for one collected context data. 

14. 	Regarding Claim 21, Lawrence, Cheng, Aura, Sakamoto and Chul-min disclose, the method according to claim 16, 
Lawrence, Cheng, Aura, Sakamoto does not explicitly disclose the following limitations that Chil-min teaches:
wherein, prior to generating the hash, the method further comprises ciphering the data packet, according to the authentication policy (Chul-min, [0050], generates a hash code providing authentication for an entire fixed width data packet.  [0041], he enciphering unit 22 enciphers a fixed width data packet. [0051], AH engine generates an authentication code of an entire data packet.).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to cipher the data packet with the information given from the authentication policy.

15. 	Regarding Claim 22, Lawrence, Cheng, Aura, Sakamoto and Chul-min disclose, the method according to claim 21, 
Lawrence, Cheng, Aura, Sakamoto does not explicitly disclose the following limitations that Chil-min teaches:
wherein a key used for the data packet ciphering includes a key generated by using a hash-based message authentication code key type derivation function (Chul-min, [0050], the AH engine using a hash message authentication code (HMAC)-message digest function 95 (MD5) algorithm, 32-bit data is input and enciphered and 32-bit cipher data is output. HMAC-MD5 is a secret key algorithm providing authentication).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the key used to cipher the data packet generating the HMAC authentication code.

16. 	Claims 19 is are rejected under 35 U.S.C. 103 as being unpatentable over Lawrence (US 2014/0108800 A1), Cheng (US 2017/109514 A1), Aura (US 2006/0020796 A1) and Sakamoto (US 2008/0181403 A1) in view of Bisikalo (EP 2924603 A2).

17. 	Regarding Claim 19, Lawrence, Cheng, Aura, Sakamoto and Bisikalo disclose, the method according to claim 16, 
Lawrence, Cheng, Aura, Sakamoto does not explicitly disclose the following limitations that Bisikalo teaches:
wherein, prior to generating the hash, the method further comprises weighting, according to the authentication policy, the at least one context data element (Bisikalo, [0031], financial institution may want to weigh the audio element 406 more heavily in the total score than a visual element (e.g., 408) because the institution can utilize speech recognition technology to identify the user with great precision).  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include weighing the hash for the context data element within the authentication policy

18. 	Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Lawrence (US 2014/0108800 A1) and Aura (US 2006/0020796 A1)in view of Sakamoto (US 2008/0181403 A1)

19. 	Regarding Claim 24, Lawrence and Aura disclose, a second authentication device, wherein the second authentication device is configured to: - receive a generated hash (Lawrence, [0006], a client device receives a received hash value); 
Lawrence does not explicitly disclose the following limitations that Aura teaches:
- generate a hash distance between the generated hash and a predetermined reference hash (Aura, [0074], in a predetermined portion of the hash value (such as a predetermined number of the left-most bits), may be the greatest number of zero bits within the complete computed hash value, may be the greatest number of sequential zero bits within the computed hash value); 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include the generated hash between the determined hash. 
Lawrence and Aura does not explicitly disclose the following limitations that Sakamoto teaches:

and - authenticate successfully or not based on the generated hash distance (Sakamoto, [0002], an authenticating system, an authenticating method, and an authenticating program that can be successively utilized also in a case where a hash algorithm.).  


20. 	Claims 23 is rejected under 35 U.S.C. 103 as being unpatentable over Lawrence (US 2014/0108800 A1) and Cheng (US 2017/109514 A1).

21. 	Regarding Claim 23, Lawrence and Cheng disclose, a first authentication device, wherein the first authentication device is configured to: 
Lawrence does not explicitly disclose the following limitations that Cheng teaches:
- collect at least one context data element, based on a predetermined authentication policy (Cheng, [0031], the utilization of a user's activity context for continuous authentication, embodiment of the present invention may also be used for providing alerts.  an alert generated in response to the detection of a predetermined activity context [0024], the data signals produced by the sensing device(s) 126 provide the activity context inputs 128 and/or the biometric inputs 130 that are analyzed by the user authentication subsystem 110.); - constitute a data packet, based on the at least one collected context data element (Lawrence, [0053], the client device 108 seeded by the digital samples 226 collected by the client device in the data block 138 and authenticate); - generate a hash, by using a predetermined hash type algorithm and the data packet, as input to the predetermined hash type algorithm (Lawrence, [0070], The function 242, may comprise for example but without limitation, a Secure Hash Algorithm or other algorithm capable of generating a repeatable hash value such as the hash value 152 for the same data block such as the data block 138.); and - send the generated hash to a second authentication device (Lawrence, [0058], sends hash value).  

Conclusion
22. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAYASA SHAAWAT whose telephone number is (571)272-3939.  The examiner can normally be reached on M-F, 8 AM TO 5 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAYASA SHAAWAT/
Examiner, Art Unit 2433

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433