Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 15-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 15 recites the limitation "the second parameter" in line 2.
Claim 16 recites the limitation "the third parameter" in line 2.
There are insufficient antecedent basis for this limitation in the claims.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2 and 4-20 are rejected under 35 U.S.C. 103 as being unpatentable over Huber et al. (Hereinafter referred to as Huber, US 20140375422 A1) in view of Trani US 20160284183 A1.

As per claim 1:
Hubur discloses an access control system which relies at least in part on a non-networked path for permitting an entity access to a secured location ([0050-0051]:Electronic lock 100);
the entity identified by the system by means of a unique entity identifier accorded the entity ([0052]: A machine-readable optical identifier 103 (i.e., the depicted Quick Response Code (QR Code); the machine-readable optical identifier 103 encodes at least a lock identifier that provides the identity the electronic lock 100 as it is registered in a lock management system; The machine-readable optical identifier 103 enables the user to optically obtain the lock identifier using a camera or other optical sensing device of a properly configured electronic device (e.g., a smartphone having appropriate software installed and running thereon, a desktop or laptop computer, wearable electronics such as watches or glasses, etc.);

said barrier identified by the system by means of a barrier identifier accorded the barrier ([0041]: Optical identifier that includes at least a lock identifier. Based on visually/optically reading the lock identifier, and based on past knowledge of access to the mechanical lock, a computing device and/or a computing system can provide a user a current access code to grant access to the mechanical lock; [0105]: lock id: id.sub.l);
said system including a local access unit located local to the barrier, said system including a barrier controller for actuation of the barrier ([0060]: The electronic lock 100 include one or more transducers; The transducers can be usable for opening and closing the shackle 101 and/or the lockable compartment via an electronic signal from the microcontroller(s). The transducer(s) 
said local access unit issuing an open signal to the barrier controller whereby the barrier permits the entity access to the secured location if and only if data contained in a token communicated from an un-trusted communications device to the local access unit is verified by the local access unit with respect to at least a first parameter by the local access unit ([0051]: The electronic lock 100 includes and employs computer circuitry and software/firmware to execute a time-based algorithm that generates access codes that are valid for limited periods of time. The computer circuitry and software/firmware are also configured to receive user input comprising an access code. Such user input can be received at any appropriate input device, such as the depicted keypad 104. The computer circuitry and software/firmware are also configured to compare a received access code to the current access code that has been generated by the time-based algorithm at the electronic lock 100, and to grant or deny a user access to certain functionality of the electronic lock 100 based on whether the received access code matches the generated access code. Granting or denying access to functionality of the electronic lock 100 may include providing access to the lockable compartment, unlocking the shackle 101, enabling configuration capabilities, providing access to lock logs, etc);
wherein the token is verified by the local access unit by the steps of: deconstructing the alphanumeric sequence contained in the received token into a received hashed value and a received non-hashed value ([0056-0057]: The time-based cryptographic algorithm executed by the microcontroller(s) produces the same access code for the duration of a particular period, such as for a period of one minute, a period of ten minutes, for a period of thirty minutes, for a 
identifying at least a portion of the received non-hashed value as a received portion; applying the predetermined hash algorithm to at least a time derived from a local source which is local to the local access unit ([0056]: The cryptographic algorithm can comprise any appropriate time-based cryptographic algorithm that produces the same result for a given period, such as a time-based one-time password algorithm (TOTP), a keyed-hash message authentication code (HMAC)-based one-time password algorithm (HOTP), etc. [0120]: access code: up=SHA1(concat(c.sub.ts, id.sub.l))).

Hubur does not explicitly disclose said barrier controller is uniquely identified by the identifier. Trani, in analogous art however, discloses said barrier controller is uniquely identified by the identifier ([0047] An administrator will typically add authorization information 46 associated with each of the users 104 to the user account 19 based on security objectives. Authorization information 46 determines which users 104 are authorized to access specified restricted buildings or areas of a building 102. In one implementation, the authorization information 46 is provided as a separate access control list for each door controller 112, where 
Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to modify the claimed limitations of the local access unit including the barrier controller disclosed by Hubur to include said barrier controller is uniquely identified by the identifier. This modification would have been obvious because a person having ordinary skill in the art would have been motivated by the desire to provide improved access control system that determines whether non-authorized users are tailgating through the access point in response to the positioning unit detecting that two or more user devices are first located within a threshold area of the access point, the access control system determining that at least one of the users is not an authorized user, and in response to the positioning unit then detecting 

As per claim 2:
Hubur discloses a wherein data in the token is created by a step of hashing data at a location remote from the local access unit ([0059]: Optical identifier 103 includes or encodes at least an identifier of the electronic lock 100, but may include/encode additional information as well. Different data fields of a QR code, for example, can be used to store different types of information. For example, in addition to a lock identification field, the machine-readable optical identifier 103 may also include one or more Uniform Resource Locator (URL) fields that direct a scanning device to a web page that provides information about gaining access to the electronic lock 100, one or more URL fields that direct a scanning device to a web page that provides for account registration, one or more URL fields that direct a scanning device to a download location for software (e.g., an smartphone "app") for use with machine-readable optical identifier 103, etc. Other fields are also possible, as described later; [0064]: The electronic lock 100 may develop a hash (e.g., SHA1) over all or part of the log. The hash may be usable to identify a current state or "snapshot" of the log. The hash can be usable for identifying if the copy of the log at the electronic lock 100 is in sync with another copy (such as a copy at a server). For example, if a server's own hash of its copy of the log matches the hash generated by the electronic lock 100, then the server's log matches the lock's log).

As per claim 4: 


As per claim 5:
Hubur discloses wherein the step of hashing is performed at a location not in direct networked communication with the local access controller ([0119-0120]: the server or the mobile device (if it has been provided the server crypto keys) can compute an access code for the current period as follows: access code: up=SHA1 (concat(c.sub.ts, id.sub.l)).

As per claim 6:
Hubur discloses wherein the step of hashing is performed at a web enabled database located remote from the local access unit ([0119-0120]: the server or the mobile device (if it has been provided the server crypto keys) can compute an access code for the current period as follows: access code: up=SHA1(concat(c.sub.ts, id.sub.l)).

As per claim 7:


As per claim 8:
Hubur discloses wherein the local access unit does not include a long-range communications module ([0054]: the electronic lock 100 may one or more radios (e.g., WiFi, NFC, Bluetooth, RFID), one or more infrared transmitters/receivers, one or more lights or light emitting diodes (LEDs), one or more cameras or light-sensing devices, one or more microphones, one or more speakers or buzzers, etc. [0074; 0079]).

As per claim 9:
Hubur discloses wherein the first parameter is time ([0051]: The electronic lock 100 includes and employs computer circuitry and software/firmware to execute a time-based algorithm that generates access codes that are valid for limited periods of time; [0094]: While in the case of an electronic lock 701 the access code will be valid for only a certain period, the access code may be valid for an extended amount of time if the period is long (e.g., one day)).

As per claim 10:


As per claim 11:
Hubur discloses wherein the first parameter is a pre-authorised barrier open time ([0144]: the method 2300 includes an act 2301 of computing a time-based access code; Act 2301 can comprise executing a time-based cryptographic algorithm to compute a time-based access code;  For example, the lock 701 can execute a cryptographic (e.g.,TOTP) function that generates different access codes based on the current time. A similar cryptographic function may be executed at the server 703 and/or the mobile device 702, such that the lock 701 and the server 703/mobile device 702 generate the same access code during the same time interval; [0145]: The method 2300 also includes an act 2302 of comparing the time-based access code with a received access code;  For example, the lock 701 can compare the computed time-based access code with an access code that is received from the mobile device 702 (or a user of the mobile device 702); [0146]: The method 2300 also includes an act 2303 of granting access to lock features based on the received access code;  Act 2303 can comprise granting access to one or more lock features 

As per claim 12:
Hubur discloses wherein the first parameter is a preauthorised barrier open time authorised with respect to the unique entity identifier ([0144]:  As depicted, the method 2300 includes an act 2301 of computing a time-based access code; Act 2301 can comprise executing a time-based cryptographic algorithm to compute a time-based access code. For example, the lock 701 can execute a cryptographic (e.g., TOTP) function that generates different access codes based on the current time. A similar cryptographic function may be executed at the server 703 and/or the mobile device 702, such that the lock 701 and the server 703/mobile device 702 generate the same access code during the same time interval; [0145]: The method 2300 also includes an act 2302 of comparing the time-based access code with a received access code. For example, the lock 701 can compare the computed time-based access code with an access code that is received from the mobile device 702 (or a user of the mobile device 702); [0146]: The method 2300 also includes an act 2303 of granting access to lock features based on the received access code. Act 2303 can comprise granting access to one or more lock features when the time-based access code matches the received access code. For example, the lock 701 may unlock, or provide access to a compartment containing key(s) or access card(s) when the time-based access code matches the received access code).


Hubur discloses wherein the token communicated from the un-trusted communications device to the local access unit is verified by the local access unit with respect to a second parameter by the local access unit ([0052]: Optical identifier 103 encodes at least a lock identifier that provides the identity the electronic lock 100 as it is registered in a lock management system. The machine-readable optical identifier 103 enables the user to optically obtain the lock identifier using a camera or other optical sensing device of a properly configured electronic device (e.g., a smartphone having appropriate software installed and running thereon, a desktop or laptop computer, wearable electronics such as watches or glasses, etc.); [0140]: The method 2200 also includes an act 2203 of sending the lock identifier and the user identifier to a remote computer system. For example, the mobile device 702 can send the lock identifier of the lock 701 and the user identifier of a user using the mobile device 702 to the server 703 through the network 704).

As per claim 14:
Hubur discloses wherein the token communicated from the un-trusted communications device to the local access unit is verified by the local access unit with respect to a third parameter by the local access unit ([0059]:  Generally, the machine-readable optical identifier 103 includes or encodes at least an identifier of the electronic lock 100, but may include/encode additional information as well. Different data fields of a QR code, for example, can be used to store different types of information. For example, in addition to a lock identification field, the machine-readable optical identifier 103 may also include one or more Uniform Resource Locator (URL) fields that direct a scanning device to a web page that provides information about gaining access to the 

As per claim 15:


As per claim 16:
Hubur discloses wherein the third parameter is a secret alphanumeric sequence ([0102]: cryptographic scheme for use with computer architecture 700. One of ordinary skill in the art will recognize that the example cryptographic scheme may be modified in various manners, such as 

As per claim 17:
Hubur discloses wherein the secret alphanumeric sequence is unique to the unique barrier identifier ([0100]: The unlock request can also include other data fields, such as user identification information (e.g., user name, realtor license number, realtor phone number), a mobile device timestamp, the lock timestamp, a geo-location of the mobile device, the battery percentage of the lock, a device identifier of the mobile device, etc. The server can use the user identification information to verify the user, and the geo-location of the mobile device can be used to track the current location of the lock; [0140]: The method 2200 also includes an act 2203 of sending the lock identifier and the user identifier to a remote computer system. For example, the mobile device 702 can send the lock identifier of the lock 701 and the user identifier of a user using the mobile device 702 to the server 703 through the network 704).

As per claim 18:
Hubur discloses wherein the secret alphanumeric sequence is the unique barrier identifier ([0100]: The unlock request can also include other data fields, such as user identification information (e.g., user name, realtor license number, realtor phone number), a mobile device timestamp, the lock timestamp, a geo-location of the mobile device, the battery percentage of the lock, a device identifier of the mobile device, etc. The server can use the user identification 

As per claim 19:
Hubur discloses wherein the secret alphanumeric sequence is a long alphanumeric sequence which characterizes the unique barrier identifier ([0100]: The unlock request can also include other data fields, such as user identification information (e.g., user name, realtor license number, realtor phone number), a mobile device timestamp, the lock timestamp, a geo-location of the mobile device, the battery percentage of the lock, a device identifier of the mobile device, etc. The server can use the user identification information to verify the user, and the geo-location of the mobile device can be used to track the current location of the lock; [0140] The method 2200 also includes an act 2203 of sending the lock identifier and the user identifier to a remote computer system. For example, the mobile device 702 can send the lock identifier of the lock 701 and the user identifier of a user using the mobile device 702 to the server 703 through the network 704.

As per claim 20:
Hubur discloses wherein the hashed value comprises a hash by a predetermined hash algorithm of a concatenation of a first secret and a first time ([01150121]: The lock can also .

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Huber et al. (Hereinafter referred to as Huber, US 20140375422 A1) in view of Trani US 20160284183 A1. In further view of YANG et al. ((Hereinafter referred to as YANG, US 20140351911 A1).

As per claim 3:
Hubur and Trani do not explicitly disclose wherein the token contains an alphanumeric sequence made up of a hashed value and a non-hashed value. YANG, in analogous art however, discloses wherein the token contains an alphanumeric sequence made up of a hashed value and a non-hashed value ([0046-0047]: The interface 200 may, e.g., be displayed to a user using an associated client device 110. In some embodiments, a user may select a type of secure token 120 that the user would like the client device 110 to generate via a token selection menu 202. For 

BRI (Broadest Reasonable Interpretation)
The above claims under examination have been given their BRI consistent with the applicant’s disclosure as they would be interpreted by one of ordinary skill in the art at the time of filing the invention and the following claim words or terms or phrases or languages have been given to them, as follows, reasonable BRI considerations and context in view of the applicant’s disclosure in order to construe and appraise boundary and scope of the claimed limitations. For example, for the following claim words or terms or phrases or languages, the examiner recites BRI considerations from the applicant’s disclosure as follows:
For applicant’s definition in corresponding paragraphs:
Local access unit: [00018]
Portable digital communications device: [0019]
Token: [0020]
Personalized encoded device: [0022]
Alphanumeric sequence: [0023]


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See the notice of reference cited in form PTO-892 for additional prior art.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to TECHANE GERGISO whose telephone number is (571)272-3784. The examiner can normally be reached 9:30am to 6:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG W KIM can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/TECHANE GERGISO/Primary Examiner, Art Unit 2494