DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

	Claims 1-20 as submitted on 2/22/22 were considered.

Response to Arguments
	Applicant’s arguments submitted on 2/22/22 were considered, but were not persuasive.
	Applicant argues Huotari does not disclose of any type of “unrecognized device,” but rather a device is either on a blacklist or a list of clients permitted to join the network.  The list of clients permitted to join the network was discussed in paragraph 32.  This paragraph states that if a client was permitted to join the network, the client’s information was stored in the list of clients permitted to join the network so that the “stored information may be accessed the next time the client attempts to access the network and the WAP may be permitted access without sending an alert or waiting for feedback”.  This means that all the clients on that list are recognized as ones that were previously allowed to join.  The ones on the blacklist are recognized as ones that were previously denied.  
Whenever a new client 170 attempts to join (paragraph 19), in order that a decision on whether to allow that client access or not, based on the two lists discussed in paragraph 32, it should be evident that these two lists must first be consulted, since new client is an “unrecognized device” in since Huotari’s invention does not have a record of it on either the blacklist or the list of clients permitted to join the network.
Previous rejections are repeated below for record.



Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1, 3-4, 7-9, 13-16, and 19 is/are rejected under 35 U.S.C. 102(a)(1) and (a)(2) as being anticipated by Huotari et al (US 2009/0122787).
Claims 1 and 14:
	As per claim 1, Huotari discloses:
automatically detecting with a network device of the secure network
whether a client device requesting access to the secure network is a known client device on a list maintained by the network device or an unrecognized client device that is not on the list (paragraphs 19, 27-28, and 32; Control logic 123 of the WAP 120 (i.e. the claimed network device) causes the WAP to send a signal to the master 100 to determine whether an unrecognized/new client 170 is allowed to associate with WAP.  As this detecting is done by the control logic, it is done automatically since it does not involve a user.  Further, as discussed in paragraph 32, clients allowed access to the network are tracked via a list of clients permitted to join.  Clients that aren’t allowed are tracked via a blacklist.  Any clients not found in one of these two lists are “new”/“unknown” and must go through a process where a user decides whether to allow or deny access to the requesting client device);
automatically blocking with the network device access to the secure network by the client device based on the client device being detected as an unrecognized client device during the automatically detecting step (paragraphs 28-32; As discussed in paragraph 32, only clients found in the list of clients permitted to join the network list are allowed to join.  If a client is new/unknown, it cannot be on the permitted list, thus must be automatically blocked, at least until a user allows access as discussed in paragraphs 29-30.  Further, note that as discussed in paragraph 31, if a user does not give feedback, the default behavior for the client is that the client’s access is blocked).
automatically causing a message in electronic form to be sent from the network device to a manager of the secure network based on the client device being detected as an unrecognized client device during the automatically detecting step as another level of security, the message seeking a response from the manager as to whether access to the unrecognized client device should be granted or denied (paragraphs 19-20 and 27-32; The master 100 is considered the claimed manager.  The master receives a message from WAP 120 upon detection of a new client attempting to associate/access the network.  A first level of security are use of the two lists discussed in paragraph 32, while the message sent from the access point upon detection of a new client as discussed in paragraphs 27-28 for a user to decide whether to allow a new/unknown client access to the network is another level of security.  The client being automatically denied if the user does not give feedback (as discussed in paragraph 31) is yet another level of security on top of the lists and message sent from the access point); and
automatically adding identification information of the unrecognized client device to the list of known client devices when the response is received and granting or denying access based on the response (paragraphs 31-32; Access is allowed or denied  and the new/unknown client is added to a white or black list to automate future access by the client.  The white list or “list of clients permitted to join the network 220” and the clients in the blacklist are considered the claimed list of known clients).

The rejection of claim 1 applies, mutatis mutandis, to claim 14.

Claim 3:
	Huotari further discloses wherein the list includes a whitelist of identification information of known client devices that are automatically to be granted access to the secure network by the network device (paragraph 32).

Claim 4:
	Huotari further discloses wherein the list includes a blacklist of identification information of known client devices that are automatically to be denied access to the secure network by the network device (paragraph 32).

Claims 7 and 15:
	As per claim 7, Huotari further discloses wherein the secure network is a wireless local area network (WLAN), wherein the network device is customer premise equipment (CPE), a gateway device, or a WiFi router of the secure network that has access to the Internet, and wherein the network device transmits the message to the manager via the Internet (paragraphs 14, 16, 19, and 59; Note the WAP is a CPE and as discussed in paragraph 14, can be integrated with the router and modem as a single unit, thus is also a WiFi router connected to the Internet).
The rejection of claim 7 applies, mutatis mutandis, to claim 15.

Claims 8 and 19:
	As per claim 8, Huotari further discloses wherein the network device performs at least one of (directly) sending the message and receiving the response (paragraphs 19 and 31 and Fig 1; Direct communication between the WAP and master device for sending and receiving messages).
The rejection of claim 8 applies, mutatis mutandis, to claim 19.

Claim 9:
	Huotari further discloses wherein the network device communicates with a cloud server for at least one of having the message sent and having the response received (Fig 1 and paragraph 15; Wireless connection between the access point and telephone, thus cloud communication is used).

Claim 13:
	Huotari further discloses wherein the client device is selected from the group consisting of a smartphone, smartwatch, tablet computer, lap-top computer, wearable device, smartwatch, smart appliance, smart television, computer, lap top computer, tablet computer, and wireless personal electronic device (paragraph 16).

Claim 16:
	The rejection of claims 3 and 4 combined, applies, mutatis mutandis, to claim 16.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2, 10-12, 17, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Huotari et al (US 2009/0122787) in view of McLaughlin et al (US 2013/0014248).
Claims 2 and 17:
	As per claim 2, Huotari does not disclose, but McLaughlin discloses wherein the identification information is a Media Access Control (MAC) address of the client device (paragraphs 61 and 66).  
KSR Int'l Co. v. Teleflex, Inc., 550 U.S. 398 (2007)).
The rejection of claim 2 applies, mutatis mutandis, to claim 17.

Claim 10:
	Houtari further discloses wherein said steps of detecting, causing, and adding are part of a security system for granting or denying access to client devices to the secure network (paragraphs 29-31; Valid pin use required).
	Houtari does not disclose, but McLaughlin discloses the security system being part of a single factor of a multi-factor authentication security system (paragraphs 26-27).  Before the effective filing date of applicant’s claimed invention, it would have been obvious to one of ordinary skill in the art to incorporate McLaughlin’s teachings into Huotari’s invention such that the authentication security system being part of a single factor of a multi-factor authentication security system.  One of ordinary skill in the art would have been motivated to do so as use of a multi-factor authentication security system provides higher level of security.

Claim 11:


Claim 12:
	McLaughlin further discloses wherein the first-factor requires accurate submission of a pre-set secret password (paragraphs 62 and 64).

Claim 20:
	As per claim 20, Huotari discloses wherein the at least one processor is further configured toexecute the one or more instructions to provide a security system for granting or denying access to client devices in the secure network (paragraphs 29-31).  Houtari does not disclose, but McLaughlin discloses the security system being part of a single factor of a multi-factor authentication security system (paragraphs 26-27).  Before the effective filing date of applicant’s claimed invention, it would have been obvious to one of ordinary skill in the art to incorporate McLaughlin’s teachings into Huotari’s invention such that the authentication security system being part of a single factor of a multi-factor authentication security system.  One of ordinary skill in the art would have been motivated to do so as use of a multi-factor authentication security system provides higher level of security.
User password authentication for the first factor authentication and device id/MAC address for the second factor authentication).



Claims 5, 6, and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Huotari et al (US 2009/0122787) in view of Wang et al (US 9,961,079).
Claim 5:
	Huotari does not disclose, but Wang discloses wherein the message is selected from the group consisting of a text message sent to a phone number of the manager, an email sent to an email address of the manager, or an electronic message sent to an app accessible by the manager (col 6, lines 62-67).
	Before the effective filing date of applicant’s claimed invention, it would have been obvious to one of ordinary skill in the art to incorporate Wang’s teachings into Huotari’s invention such that Huotari’s message from the WAP’s control logic was instead selected from the group consisting of a text message sent to a phone number of the manager, an email sent to an email address of the manager, or an electronic message sent to an app accessible by the manager.  
KSR Int'l Co. v. Teleflex, Inc., 550 U.S. 398 (2007)).

Claim 6:
	Huotari further discloses further comprising the step of requesting a phone number, email address, or username of an app to be input by the manager during setup of the network device (paragraphs 53-54; Phone number needs to be set up at some point for successful message delivery to phone).
	Note that a manger device/program requesting the user input a phone number, email address, or user name for an app as part of a system or software setup was also something that was well known in the art prior to the effective filing date of applicant’s claimed invention.  It would have been obvious for one of ordinary skill in the art to modify Huotari’s invention to have the manager request a user to input a phone number, email address, or username of an app as part of a standard network system setup so the system works properly in order to know where to send alert messages.

Claim 18:
	Claim 18 recite limitations substantially similar to what is recited in both claims 5 and 6, thus the rejections of claims 5 and 6 apply, mutatis mutandis, to claim 18.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to PONNOREAY PICH whose telephone number is (571)272-7962. The examiner can normally be reached M-F 9am-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is 





/PONNOREAY PICH/Primary Examiner, Art Unit 2495