DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The amendment filed 10/27/2021 has been placed of record in the file.
Claims 1-4, 7-10, 12, 13, 16, 22, 23, 27, and 31 have been amended.
The interpretation of the claim limitations under 35 U.S.C. 112(f) is withdrawn in view of the amendment.
Claims 1-4, 7-10, 12-16, 20, 22, 23, 27-29, and 31 are pending.
The applicant’s arguments with respect to claims 1-4, 7-10, 12-16, 20, 22, 23, 27-29, and 31 have been considered but are moot in view of the following new grounds of rejection.

Response to Amendment
Claims have been amended to further define the present invention’s spoof protection capabilities.  The amendment proves a change in scope to the independent claims as the independent claims now explicitly state monitoring a cadence of token generation requests, generating tokens based on the cadence, etc.  However, none of the amended claims show a patentable distinction over the prior art as evidenced by the following new grounds of rejection.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 7, 9, 12-15, 22, 23, 27, and 29 are rejected under 35 U.S.C. 103 as being unpatentable over Wang (U.S. Patent Application Publication Number 2020/0382306) in view of Dudziak et al. (U.S. Patent Application Publication Number 2014/0237564), hereinafter referred to as Dudziak.
Wang disclosed techniques for determining if a biometric certification token is valid.  In an analogous art, Dudziak disclosed techniques for updating credentials for secure access to network resources.  Both systems deal directly with user authentication management.
Regarding claim 1, Wang discloses an apparatus to verify token integrity for a computing device, the apparatus comprising: artifact engine circuitry to: store first artifact data with a first timestamp in a device artifact storage (paragraph 55, stores hashed biometric template, and paragraph 26, hash stored with time stamp); and store second artifact data with a second timestamp in the device artifact storage ( paragraph 55, stores hashed biometric template, and paragraph 26, hash stored with time stamp); offchain identification protector (OIP) controller circuitry to: generate a first token based on the first artifact data and the first timestamp, the first token to establish a first entry in a blockchain at a first time (paragraph 56, biometric certification token stored in blockchain); and generate a second token based on the second artifact data, the second timestamp, and the first token, the second token to establish a second entry in the blockchain at a second time after the first time (paragraph 56, biometric certification token stored in blockchain, and paragraph 26, each block includes hash of previous block); and 
Wang does not explicitly state spoof protector circuitry to monitor a cadence of token generation requests, where the second token is generated in response to the cadence of token generation requests satisfying a threshold value.  However, managing authentication tokens in such a way was well known in the art as evidenced by Dudziak.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Wang by adding the ability for spoof protector circuitry to monitor a cadence of token generation requests, where the second token is generated in response to the cadence of token generation requests satisfying a threshold value as provided by Dudziak (see paragraph 54, identifies when updated credentials requested greater than threshold number of times in particular time period).  One of ordinary skill in the art would have recognized the benefit that monitoring credential management would assist in changing sets of credentials for security purposes (see Dudziak, paragraph 1).
Regarding claim 2, the combination of Wang and Dudziak discloses wherein the verify engine circuity is to, in response to a successful match of the selected first or second artifact data in the blockchain, designate the second token as valid (Wang, paragraph 66, indicates biometric certification token is valid).
Regarding claim 3, the combination of Wang and Dudziak discloses wherein the OIP controller circuitry is to store the valid second token in a cloud storage device (Wang, paragraph 84, remote server computer in the cloud).
Regarding claim 4, the combination of Wang and Dudziak discloses wherein the OIP controller circuitry is to provide access information corresponding to the cloud storage device in response to an authentication request to the computing device (Wang, paragraph 75, authorization response message).
Regarding claim 7, the combination of Wang and Dudziak discloses wherein the verify engine circuitry is to, in response to a failed match of the selected first or second artifact data in the blockchain, designate the second token as unverified (Wang, paragraph 64, templates do not match).
Regarding claim 9, the combination of Wang and Dudziak discloses including update engine circuitry to invoke generation of a third token to replace the unverified second token, the third token based on third artifact data (Dudziak, paragraph 13, updating credentials).
Regarding claim 12, Wang discloses a non-transitory computer readable storage medium comprising instructions that, when executed, cause a machine to at least: store first artifact data with a first timestamp in a device artifact storage (paragraph 55, stores hashed biometric template, and paragraph 26, hash stored with time stamp); store second artifact data with a second timestamp in the device artifact storage ( paragraph 55, stores hashed biometric template, and paragraph 26, hash stored with time stamp); generate a first token based on the first artifact data and the first timestamp, the first token to establish a first entry in a blockchain at a first time (paragraph 56, biometric certification token stored in blockchain); generate a second token based on the second artifact data, the second timestamp, and the first token, the second 
Wang does not explicitly state instructions that cause the machine to monitor a cadence of token generation requests, where the second token is generated in response to the cadence of token generation requests satisfying a threshold value.  However, managing authentication tokens in such a way was well known in the art as evidenced by Dudziak.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Wang by adding the ability for instructions that cause the machine to monitor a cadence of token generation requests, where the second token is generated in response to the cadence of token generation requests satisfying a threshold value as provided by Dudziak (see paragraph 54, identifies when updated credentials requested greater than threshold number of times in particular time period).  One of ordinary skill in the art would have recognized the benefit that monitoring credential management would assist in changing sets of credentials for security purposes (see Dudziak, paragraph 1).
Regarding claim 13, the combination of Wang and Dudziak discloses wherein the instructions, when executed, cause the machine to, in response to a successful match of the 
Regarding claim 14, the combination of Wang and Dudziak discloses wherein the instructions, when executed, cause the machine to store the valid second token in a cloud storage device (Wang, paragraph 84, remote server computer in the cloud).
Regarding claim 15, the combination of Wang and Dudziak discloses wherein the instructions, when executed, cause the machine to provide access information corresponding to the cloud storage device in response to an authentication request to the computing device (Wang, paragraph 75, authorization response message).
Regarding claim 22, Wang discloses a method to verify token integrity for a computing device, the method comprising: storing first artifact data with a first timestamp in a device artifact storage (paragraph 55, stores hashed biometric template, and paragraph 26, hash stored with time stamp); storing second artifact data with a second timestamp in the device artifact storage ( paragraph 55, stores hashed biometric template, and paragraph 26, hash stored with time stamp); generating a first token based on the first artifact data and the first timestamp, the first token to establish a first entry in a blockchain at a first time (paragraph 56, biometric certification token stored in blockchain); generating a second token based on the second artifact data, the second timestamp, and the first token, the second token to establish a second entry in the blockchain at a second time after the first time (paragraph 56, biometric certification token stored in blockchain, and paragraph 26, each block includes hash of previous block); selecting the first or the second artifact data from the device artifact storage (paragraph 61, receives reference biometric template); and searching for a match of the selected first or second artifact 
Wang does not explicitly state monitoring a cadence of token generation requests, where the second token is generated in response to the cadence of token generation requests satisfying a threshold value.  However, managing authentication tokens in such a way was well known in the art as evidenced by Dudziak.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Wang by adding the ability for monitoring a cadence of token generation requests, where the second token is generated in response to the cadence of token generation requests satisfying a threshold value as provided by Dudziak (see paragraph 54, identifies when updated credentials requested greater than threshold number of times in particular time period).  One of ordinary skill in the art would have recognized the benefit that monitoring credential management would assist in changing sets of credentials for security purposes (see Dudziak, paragraph 1).
Regarding claim 23, the combination of Wang and Dudziak discloses in response to a successful match of the selected first or second artifact data in the blockchain, designating the second token as valid (Wang, paragraph 66, indicates biometric certification token is valid).
Regarding claim 27, the combination of Wang and Dudziak discloses in response to a failed match of the selected first or second artifact data in the blockchain, designating the second token as unverified (Wang, paragraph 64, templates do not match).
Regarding claim 29, the combination of Wang and Dudziak discloses does not explicitly state invoking generation of a third token to replace the unverified second token, the third token based on third artifact data (Dudziak, paragraph 13, updating credentials).

11.	Claims 8 and 28 are rejected under 35 U.S.C. 103 as being unpatentable over Wang in view of Dudziak, further in view of Belton et al. (U.S. Patent Application Publication Number 2013/0333002), hereinafter referred to as Belton.
The combination of Wang and Dudziak disclosed techniques for determining if a biometric certification token is valid.  In an analogous art, Belton disclosed techniques for dynamic authentication across distinct standards.  Both systems deal directly with user authentication management.
Regarding claim 8, the combination of Wang and Dudziak does not explicitly state wherein the OIP controller circuitry is to remove the second token from a cloud storage device to prevent unauthorized access to digital services.  However, managing authentication tokens in such a way was well known in the art as evidenced by Belton.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Wang and Dudziak by adding the ability that the OIP controller circuitry is to remove the second token from a cloud storage device to prevent unauthorized access to digital services as provided by Belton (see paragraph 76, credentials deleted).  One of ordinary skill in the art would have recognized the benefit that streamlining authentication management would provide benefits for users related to time and resources (see Belton, paragraph 4).
Regarding claim 28, the combination of Wang and Dudziak does not explicitly state removing the second token from a cloud storage device to prevent unauthorized access to digital services.  However, managing authentication tokens in such a way was well known in the art as evidenced by Belton.  Since the inventions encompass the same field of endeavor, it would have .

12.	Claims 10 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Wang in view of Dudziak, further in view of Biyani et al. (U.S. Patent Application Publication Number 2019/0036906), hereinafter referred to as Biyani.
The combination of Wang and Dudziak disclosed techniques for determining if a biometric certification token is valid.  In an analogous art, Biyani disclosed techniques for authentication using a security framework based on blockchain.  Both systems deal directly with user authentication management.
Regarding claim 10, the combination of Wang and Dudziak does not explicitly state wherein the verify engine circuitry is to confirm the match when a timestamp associated with the second token at the third time matches the second timestamp in the second entry of the blockchain.  However, using timestamps in this way was well known in the art as evidenced by Biyani.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Wang and Dudziak by adding the ability that the verify engine circuitry is to confirm the match when a timestamp associated with the second token at the third time matches the second timestamp in the second entry of the blockchain as provided by Biyani 
Regarding claim 20, the combination of Wang and Dudziak does not explicitly state wherein the instructions, when executed, cause the machine to confirm the match when a timestamp associated with the second token at the third time matches the second timestamp in the second entry of the blockchain.  However, using timestamps in this way was well known in the art as evidenced by Biyani.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Wang and Dudziak by adding the ability that the instructions, when executed, cause the machine to confirm the match when a timestamp associated with the second token at the third time matches the second timestamp in the second entry of the blockchain as provided by Biyani (see paragraph 91, verification includes comparing timestamp with timestamp of encrypted block).  One of ordinary skill in the art would have recognized the benefit that blockchain would assist in providing security for IoT devices and networks (see Biyani, paragraph 2).

13.	Claims 16 and 31 are rejected under 35 U.S.C. 103 as being unpatentable over Wang in view of Dudziak, further in view of Boye et al. (U.S. Patent Application Publication Number 2007/0061590), hereinafter referred to as Boye.
The combination of Wang and Dudziak disclosed techniques for determining if a biometric certification token is valid.  In an analogous art, Boye disclosed techniques for secure biometric authentication.  Both systems deal directly with user authentication management.
Regarding claim 16, the combination of Wang and Dudziak does not explicitly state wherein the instructions, when executed, cause the machine to repeat the verification of the integrity of the second token using an alternate one of the selected first or second artifact data when searching for the match in the blockchain.  However, performing biometric authentication in such a way was well known in the art as evidenced by Boye.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Wang and Dudziak by adding the ability that the instructions, when executed, cause the machine to repeat the verification of the integrity of the second token using an alternate one of the selected first or second artifact data when searching for the match in the blockchain as provided by Boye (see paragraph 80, analysis of two or more biometric samples).  One of ordinary skill in the art would have recognized the benefit that performing authentication in such a fashion would assist in enhancing the security of biometric identification systems (see Boye, paragraph 11).
Regarding claim 31, the combination of Wang and Dudziak does not explicitly state applying at least one of a random or pseudo-random selection of the first or the second artifact data from the device artifact storage.  However, performing biometric authentication in such a way was well known in the art as evidenced by Boye.  Since the inventions encompass the same field of endeavor, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Wang and Dudziak by adding the ability for applying at least one of a random or pseudo-random selection of the first or the second artifact data from the device artifact storage as provided by Boye (see paragraph 79, random selection of biometric templates).  One of ordinary skill in the art would .

Conclusion
14.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
15.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to Victor Lesniewski whose telephone number is (571)272-2812. The examiner can normally be reached Monday thru Friday, 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/Victor Lesniewski/Primary Examiner, Art Unit 2493