DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of claims
This office action is in response to claims filed on 02/11/2020.
Claims 1-20 are pending and rejected; Claims 1, 8 and 15 are independent claims.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/11/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ding et al. US Pub. No.: 2019/0089693 A1 (hereinafter Ding) in view of HO et al. US Pub. No.: 2019/0075463 A1 (hereinafter HO)

Ding discloses:

in response to determining that the mobile device is locked, requesting, by the authentication service, the user to unlock the mobile device, and determining whether the user has unlocked the mobile device (see Ding ¶68, when a user turns on target device 10 or press a designated button on target device, target device 10 may start to broadcast information, such as its MAC address; 69, terminal 22 may scan a plurality of multicast channels and discover the service of target device 10. After receiving and recognizing the information broadcasted by target device 10 in step 711, terminal 22 may also send an inquiry to target device 10 to obtain the MAC address of target device 10.); 
in response to determining that the user has unlocked the mobile device, retrieving, by the authentication service, from the mobile device, a first token and a media access control (MAC) address  (see Ding ¶63, up on receiving the request for authentication token management server may generate an authentication token ased on the identification information target device including (MAC) addres; ¶70, In response to the request for authentication information, management server 30 may retrieve, from database 40, the authentication pin or token associated with the MAC address, and return the retrieved authentication pin or token to terminal 22); 
retrieving, by the authentication service, from a database of the authentication service, a token identifier registered for the mobile device and a personal identifier registered for the user (see Ding ¶31,  Terminal 22 may obtain the authentication pin or token from terminal 20, and then pair with target device 10 using the authentication pin or token) ; 
generating, by the authentication service, a second token, based on the token identifier and the personal identifier retrieved from the database and based on the media access control (MAC) address retrieved from the mobile device (see Ding ¶22, the first terminal may relay the MAC address to the management server, which may generate a trusted token based on the MAC address and provide, via the first terminal, the trusted token to the target device); 
determining, by the authentication service, whether the first token and the second token match (see Ding ¶74,  target device 10 may verify the received authentication pin or token (step 717). If the received authentication pin or token matches the authentication pin or token of target device 10, target device 10 may return a discovery-confirmation message to terminal 22); and 
in response to determining that the first token and the second token match, granting, by the authentication service, the user access to the secure facility see Ding ¶74,  target device 10 may verify the received authentication pin or token (step 717). If the received authentication pin or token matches the authentication pin or token of target device 10, target device 10 may return a discovery-confirmation message to terminal 22);
Ding does not but the related art OH discloses:
determining, by an authentication service, whether the mobile device of the user is locked when the user approaches the secure facility and when the mobile device is connected to the authentication service through a wireless network at the secure facility (see OH ¶¶8 46,, determining whether the electronic device is communicably connected to at least one of other electronic devices and determining… the operation mode includes a deactivated mode of the electronic device, or locked mode)
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the invention, to modify the system and methods for authentication internet-of-things devices disclosed by Ding to include method and apparatus for controlling operations of electronic device, as thought by OH, in order to determine whether a device is locked  when connected to authentication service through a wireless network. A person with ordinary skill in the art would have been motivated to determine whether electronic device is locked or not because it is inconvenient for the user to change the setting information of the respective electronic devices so as to correspond to the setting information of the electronic devices according to service characteristics or use environment.

in response to determining, when the user approaches the secure facility and when the mobile device is connected to the authentication service through a wireless network at the secure facility, that the mobile device is not locked, rejecting, by the authentication service, the user the access to the secure facility, and requesting the user to lock the mobile device (see HO ¶136, the deactivated mode may include one or more of a screensaver mode, a power saving mode, and a locked mode).

As to claim 3, the combination of Ding and OH teaches the computer-implemented method of claim 1, further comprising: in response to determining that the user has not unlocked the device, rejecting, by the authentication service, the user the access to the secure facility (see HO ¶136, the deactivated mode may include one or more of a screensaver mod, a power saving mode, and a locked mode)

As to claim 4, the combination of Ding and OH teaches the computer-implemented method of claim 1, further comprising: in response to determining that the first token and the second token do not match, rejecting, by the authentication service, the user the access to the secure facility (see Ding ¶74,  target device 10 may verify the received authentication pin or token (step 717). If the received authentication pin or token matches the authentication pin or token of target device 10, target device 10 may return a discovery-confirmation message to terminal 22).

As to claim 5, the combination of Ding and OH teaches the computer-implemented method of claim 1, further comprising: in response to determining that the first token and the second token match, generating, by the authentication service, a certificate for the user to access the secure facility; and deploying, by the authentication service, the certificate on the mobile device (see Ding ¶74,  target device 10 may verify the received authentication pin or token (step 717). If the received 

As to claim 6, the combination of Ding and OH teaches the computer-implemented method of claim 5, further comprising: retrieving, by the authentication service, from the mobile device of the user, the certificate; determining, by the authentication service, whether the certificate is expired; and in response to determining that the certificate is not expired, checking, by the authentication service, access policies; and in response to determining that the access policies grant the user to access, granting, by the authentication service, the user the access to the secure facility (see OH ¶60, deactivated-mode control variable may include a time point at which a switching to the deactivated mode is performed).

As to claim 7, the combination of Ding and OH teaches the computer-implemented method of claim 6, further comprising: in response to determining that the certificate is expired, requesting, by the authentication service, the user to extend the certificate (see OH, ¶60, deactivated-mode control variable may include a time point at which a switching to the deactivated mode is performed).
As to independent claim 8, this claim directed to a computer program product executing the method of claim 1; therefore, it is rejected along similar rationale.
As to independent claim 8, this claim directed to a computer system executing the method of claim 1; therefore, it is rejected along similar rationale.
As to dependent claims 9-14 and 16-20, these claims contain substantially similar subject matter as claim 2-7; therefore, they are rejected along the same rationale.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478. The examiner can normally be reached Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 5712726798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/NEGA WOLDEMARIAM/Examiner, Art Unit 2433     

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433