PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 16/408,796
Filing Date: 10 May 2019
Appellant(s): Slak et al.



__________________
Matthew T, Currie
Reg. No. 58,533
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed 03/24/2022.

(1) Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 10/28/2021 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”
(2) Response to Argument
Appellant’s argument (Brief, pages 1-18) have been fully considered and are addressed below.
References
Buhrmann et al (US Patent Application No. 20130197998) (Hereinafter Buhrmann)
Gaudet et al, (US Patent Application No. 20140123237) (Hereinafter Gaudet).

Argument 1:
Buhrman in view of Gaudet does not teach or suggest at a first time, allowing the user to access a secure resource on a first client node on the basis of a first authentication mode in accordance with a security policy, (2) after the user has accessed the secure resource, one or more wireless devices co-located with the user and the first client node are enrolled, and (3) the user later accesses the same secure resource on a second client node on the basis of a second authentication mode without requiring the first authentication mode, where the second authentication mode comprises co-location of one or more enrolled wireless devices with the user and the second client node, as required by independent claims 21 and 35.
Response 1:  Buhrmann discloses at a first time, allowing the user to access the secure resource (fig 2, element 100, identity register) on a first client node on the basis of a first authentication mode in accordance with a security policy (fig 2, element 350,  online registration  accessing  secure resource  100 in accordance to  initial registration policy; para 39, initial registration of mobile device is required, “direct registration occurs when an individual enters identity information into a form on a web page presented by a registration application supported by the Identity Register. Identity information may contain a username, password, given name, address, sex, age, email address or various other information and the required and unique mobile directory number (MDN) associated with the user's wireless device. … After the user's initial registration is confirmed, the user's Identity Data is stored in the Identity Register for use with a multiplicity of applications that may support the fraud risk score required for identity authentication related to transactions, computer applications, networks, systems or devices.”), wherein the first client node (fig 2, element 350, online registration computer)  is not a wireless device of the user (para 39, 85, “one preferred embodiment of direct registration occurs when an individual enters identity information into a form on a web page presented by a registration application supported by the Identity Register. Identity information may contain a username, password, given name, address, sex, age, email address or various other information and the required and unique mobile directory number (MDN) associated with the user's wireless device”. the user is registering the wireless device to the identity database remote from the user);
after the user has accessed to the secure resource, enrolling one or more wireless devices co-located with the user and the first client node by associating the one or more wireless devices with the user in an identity database (fig 2, para 39, 85, “one preferred embodiment of direct registration occurs when an individual enters identity information into a form on a web page presented by a registration application supported by the Identity Register. Identity information may contain a username, password, given name, address, sex, age, email address or various other information and the required and unique mobile directory number (MDN) associated with the user's wireless device”., the user is registering the wireless device to the identity database remote from the user); and
 at a second time after the first time (para 208, after enrolling wireless device, requesting access to garage via app on smartphone ), allowing the user to access the secure resource on a second client node (para 208, Garage door opening computing system obtains fraud risk score of entity requesting access into the garage from the Identity Register computing system, the garage door opening system allows user to authenticate themselves by accessing secure resource identity database 100 fig 2, using unique mobile directory number (MDN) associated with the user's wireless device) on the basis of a second authentication mode in accordance with the security policy (para 113, networks and devices requiring secure user access or authentication, unique mobile directory number (MDN) associated with the user's wireless device that is second authentication mode) without requiring the first authentication mode (para 208, enrolling smartphone is not required, unique mobile directory number (MDN) associated with the user's wireless device) , wherein the second authentication mode comprises co-location of one or more enrolled wireless devices with the user and the second client node (para 208, smartphone is co-located to the user and garage opening door system). Buhrmann does not explicitly disclose words or phrases such as security policies and resources, well known in the art, for example, Gaudet discloses security policies and resource (para 3,4, 27).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Buhrmann and Gaudet. The motivation would have been to build the network that provide endpoint security solutions (both hardware and software based). 
Argument 1 B:
B. Buhrmann Teaches Against, And Is Incompatible With, Requirements Of Independent Claims 21 And 35.
Response 1 B:

In response to applicant's argument that Prior art “Teaches Against”, The prior art’s mere disclosure of more than one alternative does not constitute a teaching away from any of these alternatives because such disclosure does not criticize, discredit, or otherwise discourage the solution claimed….” The argument is misleading, broad conclusory statement, not the requirements of the claims, and not substantiated by the reference.  Buhrmann discloses at a first time, allowing the user to access the secure resource (fig 2, element 100, identity register) on a first client node on the basis of a first authentication mode in accordance with a security policy (fig 2, element 350,  online registration  accessing  secure resource  100 in accordance to  initial registration policy; para 39, initial registration of mobile device is required, “direct registration occurs when an individual enters identity information into a form on a web page presented by a registration application supported by the Identity Register. Identity information may contain a username, password, given name, address, sex, age, email address or various other information and the required and unique mobile directory number (MDN) associated with the user's wireless device. … After the user's initial registration is confirmed, the user's Identity Data is stored in the Identity Register for use with a multiplicity of applications that may support the fraud risk score required for identity authentication related to transactions, computer applications, networks, systems or devices.”), wherein the first client node (fig 2, element 350, online registration computer)  is not a wireless device of the user (para 39, 85, “one preferred embodiment of direct registration occurs when an individual enters identity information into a form on a web page presented by a registration application supported by the Identity Register. Identity information may contain a username, password, given name, address, sex, age, email address or various other information and the required and unique mobile directory number (MDN) associated with the user's wireless device”. the user is registering the wireless device to the identity database remote from the user);
after the user has accessed to the secure resource, enrolling one or more wireless devices co-located with the user and the first client node by associating the one or more wireless devices with the user in an identity database (fig 2, para 39, 85, “one preferred embodiment of direct registration occurs when an individual enters identity information into a form on a web page presented by a registration application supported by the Identity Register. Identity information may contain a username, password, given name, address, sex, age, email address or various other information and the required and unique mobile directory number (MDN) associated with the user's wireless device”., the user is registering the wireless device to the identity database remote from the user); and
 at a second time after the first time (para 208, after enrolling wireless device, requesting access to garage via app on smartphone ), allowing the user to access the secure resource on a second client node (para 208, Garage door opening computing system obtains fraud risk score of entity requesting access into the garage from the Identity Register computing system, the garage door opening system allows user to authenticate themselves by accessing secure resource identity database 100 fig 2, using unique mobile directory number (MDN) associated with the user's wireless device) on the basis of a second authentication mode in accordance with the security policy (para 113, networks and devices requiring secure user access or authentication, unique mobile directory number (MDN) associated with the user's wireless device that is second authentication mode) without requiring the first authentication mode (para 208, enrolling smartphone is not required, unique mobile directory number (MDN) associated with the user's wireless device) , wherein the second authentication mode comprises co-location of one or more enrolled wireless devices with the user and the second client node (para 208, smartphone is co-located to the user and garage opening door system).
Argument 1 C:
C. The Examiner Fails To Provide A Proper Prima Facie Case For Obviousness For Independent Claims 21 And 35.
Response 1 C:


Note: The examiner would like to point out the test for obviousness is not whether the features of a secondary reference may be bodily incorporated into the structure of the primary reference; nor is it that the claimed invention must be expressly suggested in any one or all of the references. Rather, the test is what the combined teachings of the references would have   suggested to those of ordinary skill in the art. See In re Keller, 642 F.2d 413,208 USPQ 871 (CCPA 1981).

	If a prima facie case of obviousness is established, the burden shifts to the applicant to come forward with arguments and/or evidence to rebut the prima facie case. See, e.g., In re Dillon, 919 F.2d 688, 692, 16 USPQ2d 1897, 1901 (Fed. Cir. 1990) (en banc). Rebuttal evidence and arguments can be presented in the specification, In re Soni, 54 F.3d 746, 750, 34 USPQ2d 1684, 1687 (Fed. Cir. 1995), by counsel, In re Chu, 66 F.3d 292, 299, 36 USPQ2d 1089, 1094-95 (Fed. Cir. 1995), or by way of an affidavit or declaration under 37 CFR 1.132, e.g., Soni, 54 F.3d at 750, 34 USPQ2d at 1687; In re Piasecki, 745 F.2d 1468, 1474, 223 USPQ 785, 789-90 (Fed. Cir. 1984). However, arguments of counsel cannot take the place of factually supported objective evidence. See, e.g., In re Huang, 100 F.3d 135, 139-40, 40 USPQ2d 1685, 1689 (Fed. Cir. 1996); In re De Blauwe, 736 F.2d 699, 705, 222 USPQ 191, 196 (Fed. Cir. 1984).
Rebuttal evidence may include evidence of "secondary considerations," such as "commercial success, long felt but unsolved needs, [and] failure of others." Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 4459, 467. See also, e.g., In re Piasecki, 745 F.2d 1468, 1473, 223 USPQ 785, 788 (Fed. Cir. 1984) (commercial success). Rebuttal evidence may also include evidence that the claimed invention yields unexpectedly improved properties or properties not present in the prior art. Rebuttal evidence may consist of a showing that the claimed compound possesses unexpected properties. Dillon, 919 F.2d at 692-93, 16 USPQ2d at 1901. A showing of unexpected results must be based on evidence, not argument or speculation. In re Mayne, 104 F.3d 1339, 1343-44, 41 USPQ2d 1451, 1455-56 (Fed. Cir. 1997) (conclusory statements that claimed compound possesses unusually low immune response or unexpected biological activity that is unsupported by comparative data held insufficient to overcome prima facie case of obviousness). Rebuttal evidence may include evidence that the claimed invention was copied by others. See, e.g., In re GPAC, 57 F.3d 1573, 1580, 35 USPQ2d 1116, 1121 (Fed. Cir. 1995); Hybritech Inc.v. Monoclonal Antibodies, 802 F.2d 1367, 1380, 231 USPQ 81, 90 (Fed. Cir. 1986). It may also include evidence of the state of the art, the level of skill in the art, and the beliefs of those skilled in the art. See, e.g., In re Oelrich, 579 F.2d 86, 91-92, 198 USPQ 210, 214 (CCPA 1978) (Expert opinions regarding the level of skill in the art were probative of the nonobviousness of the claimed invention.); Piasecki, 745 F.2d at 1471, 1473-74, 223 USPQ at 790 (Evidence of nontechnological nature is pertinent to the conclusion of obviousness. The declarations of those skilled in the art regarding the need for the invention and its reception by the art were improperly discounted by the Board.); Beattie, 974 F.2d at 1313, 24 USPQ2d at 1042-43 (Seven declarations provided by music teachers opining that the art teaches away from the claimed invention must be considered, but were not probative because they did not contain facts and did not deal with the specific prior art that was the subject of the rejection.). For example, rebuttal evidence may include a showing that the prior art fails to disclose or render obvious a method for making the compound, which would preclude a conclusion of obviousness of the compound. A conclusion of obviousness requires that the reference(s) relied upon together with the knowledge of a person skilled in the art be enabling in that it put the public in possession of the claimed invention. In re Hoeksema, 399 F.2d 269, 273, 158 USPQ 596, 600 (CCPA 1968) (citing In re Le Grice, 301 F.2d 929, 936, 133 USPQ 365, 372 (1962)). The Hoeksema, court stated:
The Hoeksema court further noted that once a prima facie case of obviousness is made by the USPTO through citation of references, the burden is on the applicant to produce contrary evidence establishing that the reference being relied on would not enable a skilled artisan to produce the different compounds claimed. Id. at 274-75, 158 USPQ at 601. See also Ashland Oil, Inc. v. Delta Resins & Refractories, Inc., 776 F.2d 281, 295, 297, 227 USPQ 657, 666, 667 (Fed. Cir. 1985) (citing Hoeksema for the proposition above); In re Grose, 592 F.2d 1161, 1168, 201 USPQ 57, 63-64 (CCPA 1979) ( "One of the assumptions underlying a prima facie obviousness rejection based upon a structural relationship between compounds, such as adjacent homologs, is that a method disclosed for producing one would provide those skilled in the art with a method for producing the other... Failure of the prior art to disclose or render obvious a method for making any composition of matter, whether a compound or a mixture of compounds like a zeolite, precludes a conclusion that the composition would have been obvious." ). Please see the rejection under the heading of Response 1.

    PNG
    media_image2.png
    926
    798
    media_image2.png
    Greyscale




Argument 2:
Note: claim is rejected for the same reasons and motivation as claim 21, above. In addition, 
Buhrman in view of Gaudet does not teach or suggest (Claim 23 and claim 24) the second authentication mode comprises co-location of a plurality of enrolled wireless devices with the user and the second client node. (Claim 24) Buhrman in view of Gaudet does not teach or suggest the second authentication mode comprises co-location of three or more enrolled wireless devices with the user and the second client node. 
Response 2:
Buhrmann discloses wherein the second authentication mode comprises co- location of a plurality of enrolled wireless devices with the user and the second client node (fig 3, para 39, 85, “one preferred embodiment of direct registration occurs; fig 3 and 4 clearly shows multiple wireless devices registered in the identity database, please also see para 113, unique mobile directory number (MDN) associated with the user's wireless device that is second authentication mode). Buhrmann also discloses suggest the second authentication mode comprises co-location of three or more enrolled wireless devices with the user and the second client node (fig 3 and 4 clearly shows multiple wireless devices registered in the identity database, please also see para 113, unique mobile directory number (MDN) associated with the user's wireless device that is second authentication mode; please also see para 208, Garage door opening computing system obtains fraud risk score of entity requesting access into the garage from the Identity Register computing system, the garage door opening system allows user to authenticate themselves by accessing secure resource identity database 100 fig 2, using unique mobile directory number (MDN) associated with the user's wireless device, they all are co-located with user and it is second authentication mode to access secure resource [identity database] for authentication based on MDN). 

    PNG
    media_image3.png
    716
    1071
    media_image3.png
    Greyscale


    PNG
    media_image4.png
    945
    1057
    media_image4.png
    Greyscale

Argument 3:
Buhrman in view of Gaudet does not teach or suggest (Claim 25) the second authentication mode consists of co-location of a plurality of enrolled wireless devices with the user and the second client node. 
Response 3:
Note: claim is rejected for the same reasons and motivation as claim 21, above. In addition, 
Buhrmann discloses wherein the second authentication mode consists of co- location of a plurality of enrolled wireless devices with the user and the second client node (fig 3, fig 3 and 4, para 39, 85; 113, networks and devices requiring secure user access or authentication, unique mobile directory number (MDN) associated with the user's wireless device that is second authentication mode; please also see para 208, Garage door opening computing system obtains fraud risk score of entity requesting access into the garage from the Identity Register computing system, the garage door opening system allows user to authenticate themselves by accessing secure resource identity database 100 fig 2, using unique mobile directory number (MDN) associated with the user's wireless device, they all are co-located with user and it is second authentication mode to access secure resource [identity database] for authentication based on MDN).
Argument 4:
Buhrman in view of Gaudet does not teach or suggest (Claims 28 and 38) enrolling one or more wireless devices comprises, for each said wireless device, (i) creating a signature for the wireless device, and (ii) storing the signature or a link thereto in the identity database. 
Response 4:
Note: claim is rejected for the same reasons and motivation as claim 21, above. In addition, 
Buhrman clearly discloses enrolling one or more wireless devices in above response of the claims 21,23-25). Buhrman clearly discloses in para 15, cryptographic security protocol prevents a mobile directory number from being used by any wireless device other than the one for which it was originally programmed.

Gaudet discloses wherein enrolling one or more wireless devices comprises, for each said wireless device, (i) creating a signature for the wireless device (Fig 2A and 2B, para 47, signature must be created, a digital signature associated with the sending user ), and (ii) storing the signature or a link thereto in the identity database (Fig 2A and 2B;para 46, signature verifying also selecting and send a link is clearly shown in fig 2B).
Argument 5:
Buhrman in view of Gaudet does not teach or suggest (Claim 29) creating the signature for the wireless device comprises embedding a cryptographic token on the wireless device. 
Response 5: 
Buhrman clearly discloses in para 15, cryptographic security protocol prevents a mobile directory number from being used by any wireless device other than the one for which it was originally programmed.
Gaudet discloses wherein creating the signature for the wireless device comprises embedding a cryptographic token on the wireless device (para 46, 48, signature and public key, see also para 27, Authentication may be based on any combination of factors (including textual credentials such as user name, password, PINs, one-time password (OTP) tokens (e.g., as generated in conjunction with a serial number by a wireless device).
Argument 6:
Buhrman in view of Gaudet does not teach or suggest (Claim 30) the signature for the wireless device is generated on the basis of one or more unique properties of the wireless device. 
Response 6:
Note: claim is rejected for the same reasons and motivation as claim 21, above. In addition,
Gaudet discloses wherein the signature for the wireless device is generated on the basis of one or more unique properties of the wireless device (para 46, signing algorithm can create signature using any unique properties well known in the art, Prior art is not been requested, however Buhrman discloses para 15 unique properties of wireless device are used with cryptographic protocol. cryptographic security protocol and public key infrastructure that is only made possible by digital communications technology. This cryptographic security protocol prevents a mobile directory number from being used by any wireless device other than the one for which it was originally programmed, Cryptographic digital signatures use public key algorithms to provide data integrity. When you sign data with a digital signature, someone else can verify the signature, and can prove that the data originated from you and was not altered after you signed it. This is all well known in the art).
 Argument 7:
Buhrman in view of Gaudet does not teach or suggest (Claims 32 and 39) enrolling one or more wireless devices comprises (i) electronically detecting the one or more wireless devices co-located with the user and the first client node and (11) for each said wireless device not already enrolled, storing an identifier associated therewith in the identity database. 
Response 7:
Note: claim is rejected for the same reasons and motivation as claim 21, above. In addition, Buhrman clearly discloses registering wireless device at the first client node (fig 2, para 39, 85, “one preferred embodiment of direct registration occurs when an individual enters identity information into a form on a web page presented by a registration application supported by the Identity Register. Identity information may contain a username, password, given name, address, sex, age, email address or various other information and the required and unique mobile directory number (MDN) associated with the user's wireless device”. the user is registering the wireless device to the identity database remote from the user), and also discloses identity database where wireless devices are stored (fig 3-4, para 208 shows the proximity).
Gaudet discloses wherein enrolling one or more wireless devices comprises (i) electronically detecting the one or more wireless devices co-located with the user and the first client node policy (para 32, detecting proximity of smartcard) and (ii) for each said wireless device not already enrolled, storing an identifier associated therewith in the identity database (para 12, 32, matching requires stored data).

For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,

/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        
Conferees:

CATHERINE THIAW
/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        

CARL G COLIN
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493                                                                                                                                                                                                        




Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.