Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the communication and claim amendment filed on 04/28/2022; Claims 1, 6, 12, 13, 18, and 24 have been amended; Claims 1 and 13 are independent claims.  Claims 1-24 have been examined and are pending. 
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative, Mr. HULSEY, WILLIAM (Reg. No.: 33402) has agreed and authorized the Examiner to amend claims 1, 12, 13, and 24; Canceled claims 3 and 15.
Examiner’s Amendments
Claims
Replacing claims 1-26 as following:
 (Currently Amended) A computing device or a server for authorizing a set ofpermitted operations on allowable associated circuits in associated electronic devices, comprising:
circuitry, computer processors, and computer processor instructions, executable computer operation instructions and data, and password and/or biometric persistent user authentication algorithms;
wherein said computing device or server system provides a set of permitted 
wherein said set of authorization operations occur on circuitry, said circuitry comprising:
circuitry and executable instructions for authorizing a specified user input through at least one potentially heterogeneous electronic devices having potentially different computational capabilities;
a plurality of sensors distributed among said at least one electronic devices;
an accessibility/authorization protocol for providing rules for authentication and validation of said plurality of electronic devices, user interfaces, executable instructions and data, resources and contacts
firmware for executing instructions and processing data for authenticating a plurality of user inputs having a plurality of authentication elements, said authentication elements for performing said authentication operation in a remote device with authentication relayed via secure encrypted means, and further whereby said authentication operation is performed in an external device is passive, comprising a beacon or RFID tag, for interacting with one or more of the devices for authentication and/or context validation; 
wherein said set of authorization operations comprise instructions and data for use of a hierarchy of layers, said hierarchy of layers comprising
a user authentication layer operating on said associated electronic device;
a validation layer for validating an intended operation from a set of authorized operations;
a contextual layer  for allowing said set of authorized operations only under a set of specified contexts, including geo-location, date and time contexts;
an allowable resource layer for allowing said set of authorized operations according to allowable resources from a set comprising data, information, messages, audio data, image data, files and media; and
a resolution layer for executing a plurality of resolution operations when an authentication operation fails according to a predetermined hierarchy of actions, said hierarchy actions depending upon the state of said computing device or said server and said associated electronic device, wherein said plurality of resolution operations comprises termination of said set of authorized operations by obfuscating said set of authorized operations from being accessed upon failing said authentication operation, and wherein said obfuscating comprises converting said set of authorized operations into an unreadable format of said set of authorized operations.


(previously presented) The server of Claim 1, further comprising authentication elements grouped for multi-factor simultaneous authentication and/or authorization, said authentication elements comprising multi-step authentication and/or authorization process for creating a sequence of methods according to a group of predefined settings that may depend on availability and status of devices, sensors and environmental conditions.

Cancelled

(original) The server of Claim 1, further comprising authentication elements including, but are not limited to one or a combination of passcodes, facial or hand gestures, device gesture, signature, biometrics, from the group comprising voice, fingerprint, facial recognition, and retinal scan.

(original) The server of Claim 1, further comprising authentication elements according to a set of predefined user preferences for providing user or user group authorizations.

(currently amended) The server of Claim 5, further comprising authentication elements for granting access to or deny access to using the electronic devices.

(previously presented) The server of Claim 5, further comprising authentication elements for granting access to or deny access to perform an operation.

(previously presented) The server of Claim 5, further comprising authentication elements for granting the ability or deny ability for executing specific action within an application.

(previously presented) The server of Claim 5, further comprising authentication elements for granting the ability or deny ability for performing a specific action within an application on allowed resources.

(previously presented) The server of Claim 5, further comprising authentication elements for granting the ability or deny ability for performing a specific action within an application on allowed resources based on certain allowed context.

(previously presented) The server of Claim 5, further comprising authentication elements for predefining whether one or multiple of the multitude of authentication(s) is to be a one-time authentication or a persistent authentication, said one-time or persistent authentication(s) combinable by having one or a multitude of one-time or persistent authentications, and useable in a multitude of operations and resources where authentication is required.

(currently amended) The server of Claim 1, further comprising persistent authentication further comprising one or a combination of passcodes, facial or hand gestures, device gesture, signature, biometrics from the group consisting of voice, fingerprint, facial recognition, and retinal scan, wherein an how often said occurs if they have wherein said required authentication comprises authentication of user, operation, resource and context.

(Currently Amended) A method for authorizing a set of authorized operations on allowable associated circuits in associated electronic devices, comprising:
providing [[a]] circuitry, computer processors, and computer processor instructions, executable computer operation instructions and data, and password and/or biometric persistent user authentication algorithms;
providing, by a computing device or a server, 
operating said set of authorization operations to occur on said circuitry
authorizing said circuitry and said executable instructions for 
providing a plurality of sensors distributed among said at least one electronic device;
providing rules for an accessibility/authorization protocol for 
 providing a firmware for executing instructions and processing data for authenticating a plurality of user inputs having a plurality of authentication elements, said authentication elements for performing said authentication operation in a remote device with authentication relayed via secure encrypted means, and further whereby said authentication operation is performed in an external device is passive, comprising a beacon or RFID tag, for interacting with one or more of the devices for authentication and/or context validation;
performing said set of authorization operations comprise instructions and data for use of a hierarchy of layers, 
 operating on said associated electronic device;


allowing , said set of authorized operations according to allowable resources from a set comprising data, information, messages, audio data, image data, files and media; and
said plurality of resolution operations comprising terminating said set of authorized operations by obfuscating said set of authorized operations from being accessed upon failing said authentication operation, said obfuscating comprising converting said set of authorized operations into an unreadable format of said set of authorized operations.

(previously presented) The method of Claim 13, further comprising grouping said authentication elements for multi-factor simultaneous authentication and/or authorization, said authentication elements comprising multi-step authentication and/or authorization process for creating a sequence of methods according to a group of predefined settings that may depend on availability and status of devices, sensors and environmental conditions.
Cancelled

(original) The method of Claim 13, further providing said set of authentication elements to include, but not be limited to one or a combination of passcodes, facial or hand gestures, device gesture, signature, biometrics, from the group comprising voice, fingerprint, facial recognition, and retinal scan.

(original) The method of Claim 13, further providing said authentication elements according to a set of predefined user preferences for providing user or user group authorizations.

(currently amended) The method of Claim 17, further providing said authentication elements for granting access to or deny access to using the electronic devices.

(previously presented) The method of Claim 17, further comprising the steps of granting access to or deny access to perform an operation.

(previously presented) The method of Claim 17, further comprising the step of granting the ability or deny ability for executing specific action within an application.

(previously presented) The method of Claim 17, further comprising the step of granting the ability or deny ability for performing a specific action within an application on allowed resources.

(previously presented) The method of Claim 17, further comprising the step of granting the ability or deny ability for performing a specific action within an application on allowed resources based on certain allowed context.

(previously presented) The method of Claim 17, further comprising the step of predefining whether one or multiple of the multitude of authentication(s) is to be a one-time authentication or a persistent authentication, said one-time or persistent authentication(s) combinable by having one or a multitude of one-time or persistent authentications, and useable in a multitude of operations and resources where authentication is required.

(currently amended) The method of Claim 13, further comprising the step of providing persistent authentication further comprising one or a combination of passcodes, facial or hand gestures, device gesture, signature, biometrics from the group consisting of voice, fingerprint, facial recognition, and retinal scan, wherein an authentication is performed in the device and a plurality of persistent authentications formed to be continuous with any user predefined protocol rules to how often the authentication is verified, and further comprising user instructions for providing authority and ability to temporarily suspend persistent authentication or override how often occurs if they have wherein said required authentication comprises authentication of user, operation, resource and context.

Examiner's Statement of reason for Allowance
Claims 1-2, 4-12, 13-14, 16-24 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The invention is directed a system and a method of determining persistent presence of an authorized user while performing allowed operations on an allowed resource of the system while satisfying certain context-sensitive restrictions are disclosed. The system receives a request from a user to authenticate him/her. The system authenticates the user using biometric information of the user or any other authentication mechanism in a given context-sensitive restriction. If the user is authenticated, then the system allows the user to perform the allowed operation using the allowed resources in the context-sensitive restriction. If the authentication fails indicating that the user is an unauthorized user, then the system initiates a resolution process to halt or terminate the allowed operation to restrict or obfuscate the allowed operation from being accessed by the unauthorized user. In one embodiment, the system comprises an External Companion Device (ECD) paired with the system to perform the authentication and manage the allowed.
The closest prior arts are Baker et al. (“Barker,” US 2020/0358787, published Nov. 12, 2020), Adelson (“Adelson,” US 2019/0354670, published Nov. 21, 2019), and Anton et al. (“Anton,” US 2017/0034217, published Feb. 2, 2017) are generally directed to a computing device comprises an accessibility-authorization protocol for providing rules for authentication and validation of electronic devices, user interfaces, executable instructions and data, resources and contacts. A firmware executes instructions and processing data for authenticating user inputs having authentication elements. A resolution layer executes resolution operations, when an authentication operation fails according to a predetermined hierarchy of actions. The hierarchy actions depend upon the state of the server and the associated electronic device. A validation layer validates an intended operation from a set of authorized operations.
However, none of Barker, Adelson, and Anton teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims 1 and 13.  For examples, it failed to teach “firmware for executing instructions and processing data for authenticating a plurality of user inputs having a plurality of authentication elements, said authentication elements for performing said authentication operation in a remote device with authentication relayed via secure encrypted means, and further whereby said authentication operation is performed in an external device is passive, comprising a beacon or RFID tag, for interacting with one or more of the devices for authentication and/or context validation;” and “a contextual layer or allowing for allowing said set of authorized operations only under a set of specified contexts, including geo-location, date and time contexts; an allowable resource layer for allowing said set of authorized operations according to allowable resources from a set comprising data, information, messages, audio data, image data, files and media; and a resolution layer for executing a plurality of resolution operations when an authentication operation fails according to a predetermined hierarchy of actions, said hierarchy actions depending upon the state of said computing device or said server and said associated electronic device, wherein said plurality of resolution operations comprises termination of said set of authorized operations by obfuscating said set of authorized operations from being accessed upon failing said authentication operation, and wherein said obfuscating comprises converting said set of authorized operations into an unreadable format of said set of authorized operations.”
This feature in light of other features, when considered as a whole, in the independent claims 1 and 13 are allowable over the prior arts of record.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CANH LE whose telephone number is (571)270-1380.  The examiner can normally be reached on Monday-Friday: 6:00 AM-3:30 PM, other Friday off.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/Canh Le/
Examiner, Art Unit 2439
May 5th, 2022 


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439