DETAILED ACTION

Continued Examination Under 37 CFR 1.114

A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 04/25/2022 has been entered.
 
Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment

Claims 1, 3-6, 12, 13, 17, 18, and 20 have been amended. Claims 1-20 are currently pending. 

Response to Arguments

Applicant’s arguments with respect to claim(s) 1, 13, and 17 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claim 6 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

Regarding claim 6, the claim 6 limitations “connected to one or more similar peripheral devices as the peripheral device”, “the one or more similar peripheral devices identified from the previous connection times”, and “when the client device has connected to the one or more similar peripheral devices” are considered indefinite because it is unclear what the metes and bounds of “similar” peripheral devices are. 
Applicant’s Specification filed 10/07/2019, Paragraph [0016] briefly mentions a similar device and Paragraph [0035] discloses an example of similar devices such as “a first device-type may refer to a keyboard or other similar type of input device (e.g., the same or different keyboard)” but there is no specific definition as to what constitutes a “similar” type (i.e. is a speaker “similar” to a microphone because they are both audio-type devices?) nor what constitutes a “same” and/or “different” type of devices (i.e. same/different based off brand, design such as mechanical vs non-mechanical keyboard, appearance?). 
Thus, it is unclear what constitutes a “similar” peripheral device based on the claim limitations and the specification. Examiner suggests amending the claim limitations as “connected to one or more same type peripheral devices as the peripheral device”, “the one or more same type peripheral devices identified from the previous connection times”, and “when the client device has connected to the one or more same type peripheral devices”, thereby indicating that a “similarity” is based solely on type alone. 

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim 1, 3, 5-6, 8, 10, and 13-14, and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over Viscarola (US 2018/0365397) in view of Dabbiere (US 2013/0304641) and further in view of Kaines (US 2016/0203311).

Regarding claim 1, Viscarola teaches a method, comprising: detecting a connection of a peripheral device (Fig. 2, 216, USB Device; Paragraph 0049, Each peripheral device 216 denotes any suitable device that can be communicatively coupled to or interact with the processor 202 or other components of the device 200) with an externally accessible port (Fig. 2, 210, Removable Device Interface) of a client device (Fig. 2, 200, Client Device; Paragraph 0043, device 200 shown in FIG. 2 could denote any of the controllers, operator stations, or other devices in the system 100 of FIG. 1); receiving, from the peripheral device via the detected connection, peripheral device data including one or more indicators associated with features of the peripheral device (Fig. 4A, 402; Paragraph 0073, FIG. 4A, the graphical user interface 400 includes information 402 identifying the peripheral device to be authorized.  In this example, the information 402 includes a vendor identifier, a product identifier, a manufacturer, and a product type associated with the peripheral device); determining a connection pattern of the client device connecting to the peripheral devices based on historical usage information from a client device profile (Fig. 6 Flowchart of Whitelist, 606, Compare Identifier Specification to Whitelist Identifier Specifications), the historical usage information comprising previous connections of the peripheral devices to the client device (Paragraph 0060, previously-connected devices (for which an authorized human response was previously obtained) and/or devices previously authorized by a suitable outside system may be placed into a "whitelist" of pre-authorized devices for which no additional authentication is needed), and previous connection locations (Paragraph 0091, generate a device identifier specification for a peripheral device, such as the peripheral device 216, where the device identifier specification is used to determine whether the peripheral device is identified in a whitelist. Information about the peripheral device is obtained before or during quarantine of the peripheral device… one or more of the following pieces of information could be obtained: … Paragraph 0098, logical or physical location of the device on the system… Paragraph 0099, device identifier specification is created here using data that is available prior to and during the times that devices are quarantined… Paragraph 0104, device identifier specification is compared to device identifier specifications in a whitelist); identifying environmental information comprising a location of the peripheral device at the time the connection of the peripheral device is detected (Paragraph 0084, obtain information about the peripheral device 216, such as its name, device manufacturer, device description (like category or purpose), location); determining a risk factor for the peripheral device based on comparing the one or more indicators received from the peripheral device and the environmental information from the client device profile (Fig. 4B, Identifier Specification with Device Information and Location Information; Paragraph 0105, Each device identifier specification could uniquely identify both a device and its location in a system, thus allowing the authorization system to differentiate between otherwise identical devices attached via different mechanisms to the same system (such as different keyboards plugged into different USB ports)) to the connection pattern of the client device (Fig. 6, 608, Match Found; Paragraph 0104, authorization driver 304 comparing the generated device identifier specification for the peripheral device 216 to the device identifier specifications in the whitelist); and granting a level of trust to the peripheral device based on the determined risk factor (Fig. 6, 610, Treat Peripheral Device as Pre-Authorized Device; Paragraph 104, If a match in the whitelist is found at step 608, the peripheral device is treated as a pre-authorized device at step 610).
Viscarola teaches determining a trust level for a USB device connected to a USB host based on historical information and environmental information. Viscarola does not teach wherein the environmental information comprises location information of the client device at a time that the connection of the peripheral device is detected.
Dabbiere teaches identifying environmental information comprising a time that the connection of the peripheral device is detected (Paragraph 0068, at least one compliance rule provides that access to one or more particular peripheral devices 190 is limited to one or more particular periods of time) and a location information of the client device (Fig. 1, 150, User Device; Paragraph 0029, control access to peripheral devices by host devices, e.g., user devices, via the application of one or more (e.g., at least one) compliance rules.  These compliance rules may, for example, restrict and/or allow access based on any number of conditions, such as a user device's location) at a time that the connection of the peripheral device (Fig. 1, 190, Peripheral Device; Paragraph 0038, peripheral device(s) 190 may comprise a printer, scanner, mouse, keyboard, external hard drive, sensor, camera, speaker system) is detected (Paragraph 0042, Attempts by the host device(s), e.g., user device(s) 150, to perform certain functionality, such as accessing a peripheral device 190 directly or via the network 140, performing a responsive action or the like, may require the host device to be in compliance with one or more of the compliance rules); determining a risk factor for the peripheral device based comparing the one or more indicators received from the peripheral device and the environmental information from the client device profile to the connection pattern of the client device (Paragraph 0034, authorization procedure may, for example, involve authenticating the host device(s), e.g., user device(s), and/or peripheral device(s) and/or determining whether causing a given responsive action to be performed is authorized, e.g., by one or more compliance rules).
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the method to incorporate the teachings of Dabbiere and include location information of the client device connected to the peripheral device (See Dabbiere: Paragraph 0049, host device(s), peripheral device(s), compliance server 130, and/or resource server 110 may connect with the network 140 via wired means such as Ethernet, USB (Universal Serial Bus)) in the environmental parameters of Viscarola.   
One of ordinary skill in the art would be motivated to make the modifications in order to prevent the client device from accessing devices within unsafe geographic zones, thus ensuring the security of the client from access by malevolent entities (See Dabbiere: Paragraph 0078).
Viscarola teaches a detecting a location at a time of connection. Dabbiere teaches detecting a client location at a time of connection. Neither Viscarola nor Dabbiere explicitly teaches previous connection times nor a time when the connection is initially detected. 
Kaines teaches historical usage information comprising previous connection times (Paragraph 0027, the present invention might retain varying numbers of records recorded during past connections requests of the device 101… By replacing the authenticator every time, optional data in the authenticator, such as the creation date of the authenticator, can be leveraged to compare if the authenticator is old or not (actualized)); identifying environmental information comprising a time that the connection of the peripheral device is initially detected (Paragraph 0029, the policy module begins the receipt step by listening, over a published port known to a generic device driver practicing this disclosure, for a connection from a generic device driver located on a host) and a location of the client device (Paragraph 0025, administrators of the policy module 103 would then be able to determine whether to allow the specimen 101 to be used by the requesting host based on a selective combination of criteria.  Examples include location, user, time, date, host ID, previous connection history) at the time the connection is initially detected (Paragraph 0029, authorized devices are not to be connected to computers belonging to the Active Directory Lookup service on the same network as the policy module outside normal business hours. Therefore the time of the connection is taken into account… Same decision step analysis would apply for any other rules that the policy module would be in charge of enforcing per the security policy set; i.e. the location of the device in combination with the initial connection detection time is used to determine authorization). 
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the method to incorporate the teachings of Kaines and include previous connection time records and determination of location information in response to the initial connection detection.   
One of ordinary skill in the art would be motivated to make the modifications in order to determine if the connection request in combination with location satisfies the policy rules set by the administrator, thus preventing access from incorrect times/locations (See Kaines: Paragraphs 0025 & 0029).

Regarding claim 3, the combination of Viscarola/Dabbiere/Kaines teaches the method of claim 1. Viscarola further teaches wherein receiving the peripheral device data comprises receiving an indication of a device type for the peripheral device (Fig. 4A, 404, Device Types); and determining the risk factor comprises: identifying one or more input capabilities (Paragraph 0099, device identifier specification is created here using data that is available prior to and during the times that devices are quarantined) for the device type for the peripheral device corresponding to the received indication (Paragraph 0091, one or more of the following pieces of information could be obtained:… Paragraph 0094, device type, device category, device class, or alphanumerical identifier(s) describing the same); and determining the risk factor based on the identified one or more input capabilities for the device type (Paragraph 0085, the authorization driver 304 determining whether the peripheral device 216 is listed in a whitelist of pre-authorized devices.  In some embodiments, the authorization driver 304 could generate a device identifier specification for the peripheral device 216 and compare the device identifier specification to identifier specifications contained in the whitelist).

Regarding claim 5, the combination of Viscarola/Dabbiere/Kaines teaches the method of claim 1. Viscarola teaches wherein the environmental information additionally includes one or more of (i.e. BRI of “one or more” requires just one of limitation A or one of limitation B): an indication of a presence or absence of one or more known wireless devices within a proximity of the client device at the time that the connection is initially detected; and an identification of one or more peripheral devices already connected to the client device at the time that the connection of the peripheral device is detected (Paragraph 0105, Each device identifier specification could uniquely identify both a device and its location in a system, thus allowing the authorization system to differentiate between otherwise identical devices attached via different mechanisms to the same system (such as different keyboards plugged into different USB ports)). 
Viscarola does not explicitly teach an initial connection detection. 
Kaines teaches an identification at the time that the connection of the peripheral device is initially detected (Paragraph 0029, authorized devices are not to be connected to computers belonging to the Active Directory Lookup service on the same network as the policy module outside normal business hours. Therefore the time of the connection is taken into account… Same decision step analysis would apply for any other rules that the policy module would be in charge of enforcing per the security policy set; i.e. the location of the device in combination with the initial connection detection time is used to determine authorization). 
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the method to incorporate the teachings of Kaines and include previous connection time records and determination of location information in response to the initial connection detection.   
One of ordinary skill in the art would be motivated to make the modifications in order to determine if the connection request in combination with location satisfies the policy rules set by the administrator, thus preventing access from incorrect times/locations (See Kaines: Paragraphs 0025 & 0029).

Regarding claim 6, the combination of Viscarola/Dabbiere/Kaines teaches the method of claim 1. Viscarola further teaches wherein the historical usage information includes one or more of: an indication that the peripheral device has connected to one or more same type peripheral devices as the peripheral device; a historical pattern of previously detected connections between the client device and the one or more same type peripheral devices identified from the previous connection times and the previous connection locations; or an indication of one or more locations of the client device when the client device has connected to one or more same type peripheral devices (Paragraph 0091, one or more of the following pieces of information could be obtained:… Paragraph 0094, device type, device category, device class, or alphanumerical identifier(s) describing the same… Paragraph 0085, the authorization driver 304 determining whether the peripheral device 216 is listed in a whitelist of pre-authorized devices.  In some embodiments, the authorization driver 304 could generate a device identifier specification for the peripheral device 216 and compare the device identifier specification to identifier specifications contained in the whitelist).

Regarding claim 8, the combination of Viscarola/Dabbiere/Kaines teaches the method of claim 1. Viscarola further teaches the method further comprising: determining that the risk factor is greater than a threshold risk factor associated with a threshold risk that the peripheral device is a malicious device (Fig. 5, 508; i.e. does not meet threshold to be a pre-authorized device and thus exceeds a risk factor threshold); and in response to determining that the risk factor is greater than the threshold risk factor, providing an interface prompt via a graphical user interface of the client device (Figs. 4A-B, 460, Allow or Cancel; Paragraph 0078, While a user could still be allowed to authorize such a peripheral device, the user can be notified about the inability to retrieve the relevant information from the device (since this may or may not be indicative of a potential threat)) indicating a risk associated with establishing a trusted connection with the peripheral device, wherein the interface prompt includes one or more selectable options associated with granting the level of trust to the peripheral device (Paragraph 0075, Buttons 410 can be used by the user to either indicate that the device should be authorized ("Allow") or quarantined further ("Cancel")).

Regarding claim 10, the combination of Viscarola/Dabbiere/Kaines teaches the method of claim 8. Viscarola further teaches detecting a user selection of a selectable option from the one or more selectable options provided within the interface prompt indicating a preference to prevent a trusted relationship with the peripheral device (Figs. 4A-B, 460, Allow or Cancel), and wherein granting the level of trust to the peripheral device comprises disabling further communication from the peripheral device to the client device based on detecting the user selection of the selectable option provided within the interface prompt (Paragraph 0075, Buttons 410 can be used by the user to either indicate that the device should be authorized ("Allow") or quarantined further ("Cancel")). 

Regarding claim 13, Viscarola teaches a system (Fig. 2, System), comprising: one or more processors (Fig. 2, 202, Processor); memory in electronic communication with the one or more processors; and instructions stored in the memory (Fig. 2, 212, Memory), the instructions being executable by the one or more processors to: detect a connection of a peripheral device (Fig. 2, 216, USB Device; Paragraph 0049, Each peripheral device 216 denotes any suitable device that can be communicatively coupled to or interact with the processor 202 or other components of the device 200) with an externally accessible port (Fig. 2, 210, Removable Device Interface) of a client device (Fig. 2, 200, Client Device; Paragraph 0043, device 200 shown in FIG. 2 could denote any of the controllers, operator stations, or other devices in the system 100 of FIG. 1); receive, from the peripheral device via the detected connection, peripheral device data including one or more indicators associated with features of the peripheral device (Fig. 4A, 402; Paragraph 0073, FIG. 4A, the graphical user interface 400 includes information 402 identifying the peripheral device to be authorized.  In this example, the information 402 includes a vendor identifier, a product identifier, a manufacturer, and a product type associated with the peripheral device); determine a connection pattern of the client device connecting to the peripheral devices based on historical usage information from a client device profile (Fig. 6 Flowchart of Whitelist, 606, Compare Identifier Specification to Whitelist Identifier Specifications), the historical usage information comprising previous connections of the peripheral devices to the client device (Paragraph 0060, previously-connected devices (for which an authorized human response was previously obtained) and/or devices previously authorized by a suitable outside system may be placed into a "whitelist" of pre-authorized devices for which no additional authentication is needed), and previous connection locations (Paragraph 0091, generate a device identifier specification for a peripheral device, such as the peripheral device 216, where the device identifier specification is used to determine whether the peripheral device is identified in a whitelist. Information about the peripheral device is obtained before or during quarantine of the peripheral device… one or more of the following pieces of information could be obtained: … Paragraph 0098, logical or physical location of the device on the system… Paragraph 0099, device identifier specification is created here using data that is available prior to and during the times that devices are quarantined… Paragraph 0104, device identifier specification is compared to device identifier specifications in a whitelist); identify environmental information comprising a location of the peripheral device at the time the connection of the peripheral device is detected (Paragraph 0084, obtain information about the peripheral device 216, such as its name, device manufacturer, device description (like category or purpose), location); determine a risk factor for the peripheral device based on comparing the one or more indicators received from the peripheral device and the environmental information from the client device profile (Fig. 4B, Identifier Specification with Device Information and Location Information; Paragraph 0105, Each device identifier specification could uniquely identify both a device and its location in a system, thus allowing the authorization system to differentiate between otherwise identical devices attached via different mechanisms to the same system (such as different keyboards plugged into different USB ports)) to the connection pattern of the client device (Fig. 6, 608, Match Found; Paragraph 0104, authorization driver 304 comparing the generated device identifier specification for the peripheral device 216 to the device identifier specifications in the whitelist); and grant a level of trust to the peripheral device based on the determined risk factor (Fig. 6, 610, Treat Peripheral Device as Pre-Authorized Device; Paragraph 104, If a match in the whitelist is found at step 608, the peripheral device is treated as a pre-authorized device at step 610).
Viscarola teaches determining a trust level for a USB device connected to a USB host based on historical information and environmental information. Viscarola does not teach wherein the environmental information comprises location information of the client device at a time that the connection of the peripheral device is detected.
Dabbiere teaches identify environmental information comprising a time that the connection of the peripheral device is detected (Paragraph 0068, at least one compliance rule provides that access to one or more particular peripheral devices 190 is limited to one or more particular periods of time) and a location information of the client device (Fig. 1, 150, User Device; Paragraph 0029, control access to peripheral devices by host devices, e.g., user devices, via the application of one or more (e.g., at least one) compliance rules.  These compliance rules may, for example, restrict and/or allow access based on any number of conditions, such as a user device's location) at a time that the connection of the peripheral device (Fig. 1, 190, Peripheral Device; Paragraph 0038, peripheral device(s) 190 may comprise a printer, scanner, mouse, keyboard, external hard drive, sensor, camera, speaker system) is detected (Paragraph 0042, Attempts by the host device(s), e.g., user device(s) 150, to perform certain functionality, such as accessing a peripheral device 190 directly or via the network 140, performing a responsive action or the like, may require the host device to be in compliance with one or more of the compliance rules); determine a risk factor for the peripheral device based comparing the one or more indicators received from the peripheral device and the environmental information from the client device profile to the connection pattern of the client device (Paragraph 0034, authorization procedure may, for example, involve authenticating the host device(s), e.g., user device(s), and/or peripheral device(s) and/or determining whether causing a given responsive action to be performed is authorized, e.g., by one or more compliance rules).
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the system to incorporate the teachings of Dabbiere and include location information of the client device connected to the peripheral device (See Dabbiere: Paragraph 0049, host device(s), peripheral device(s), compliance server 130, and/or resource server 110 may connect with the network 140 via wired means such as Ethernet, USB (Universal Serial Bus)) in the environmental parameters of Viscarola.   
One of ordinary skill in the art would be motivated to make the modifications in order to prevent the client device from accessing devices within unsafe geographic zones, thus ensuring the security of the client from access by malevolent entities (See Dabbiere: Paragraph 0078).
Viscarola teaches a detect a location at a time of connection. Dabbiere teaches detecting a client location at a time of connection. Neither Viscarola nor Dabbiere explicitly teaches previous connection times nor a time when the connection is initially detected. 
Kaines teaches historical usage information comprising previous connection times (Paragraph 0027, the present invention might retain varying numbers of records recorded during past connections requests of the device 101… By replacing the authenticator every time, optional data in the authenticator, such as the creation date of the authenticator, can be leveraged to compare if the authenticator is old or not (actualized)); identify environmental information comprising a time that the connection of the peripheral device is initially detected (Paragraph 0029, the policy module begins the receipt step by listening, over a published port known to a generic device driver practicing this disclosure, for a connection from a generic device driver located on a host) and a location of the client device (Paragraph 0025, administrators of the policy module 103 would then be able to determine whether to allow the specimen 101 to be used by the requesting host based on a selective combination of criteria.  Examples include location, user, time, date, host ID, previous connection history) at the time the connection is initially detected (Paragraph 0029, authorized devices are not to be connected to computers belonging to the Active Directory Lookup service on the same network as the policy module outside normal business hours. Therefore the time of the connection is taken into account… Same decision step analysis would apply for any other rules that the policy module would be in charge of enforcing per the security policy set; i.e. the location of the device in combination with the initial connection detection time is used to determine authorization). 
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the system to incorporate the teachings of Kaines and include previous connection time records and determination of location information in response to the initial connection detection.   
One of ordinary skill in the art would be motivated to make the modifications in order to determine if the connection request in combination with location satisfies the policy rules set by the administrator, thus preventing access from incorrect times/locations (See Kaines: Paragraphs 0025 & 0029).

Regarding claim 14, the combination of Viscarola/Dabbiere/Kaines teaches the system of claim 13. Viscarola further teaches wherein receiving the peripheral device data comprises receiving an indication of a device type for the peripheral device (Fig. 4A, 404, Device Types); and wherein determining the risk factor comprises: identifying one or more input capabilities (Paragraph 0099, device identifier specification is created here using data that is available prior to and during the times that devices are quarantined) for the device type for the peripheral device corresponding to the received indication (Paragraph 0091, one or more of the following pieces of information could be obtained:… Paragraph 0094, device type, device category, device class, or alphanumerical identifier(s) describing the same); and determining the risk factor based on the identified one or more input capabilities for the device type (Paragraph 0085, the authorization driver 304 determining whether the peripheral device 216 is listed in a whitelist of pre-authorized devices.  In some embodiments, the authorization driver 304 could generate a device identifier specification for the peripheral device 216 and compare the device identifier specification to identifier specifications contained in the whitelist).

Regarding claim 16, the combination of Viscarola/Dabbiere/Kaines teaches the system of claim 13. Viscarola further teaches the system further comprising instructions being executable by the one or more processors to: determine that the risk factor is greater than a threshold risk factor associated with a threshold risk that the peripheral device is a malicious device (Fig. 5, 508; i.e. does not meet threshold to be a pre-authorized device and thus exceeds a risk factor threshold); and in response to determining that the risk factor is greater than the threshold risk factor, providing an interface prompt via a graphical user interface of the client device (Figs. 4A-B User Interface; Paragraph 0078, While a user could still be allowed to authorize such a peripheral device, the user can be notified about the inability to retrieve the relevant information from the device (since this may or may not be indicative of a potential threat)) indicating a risk associated with establishing a trusted connection with the peripheral device, wherein the interface prompt includes one or more selectable options associated with granting the level of trust to the peripheral device (Figs. 4A-B, 460, Allow or Cancel); and detect a user selection of a selectable option from the one or more selectable options provided within the interface prompt indicating a preference to prevent a trusted relationship with the peripheral device, and wherein granting the level of trust to the peripheral device comprises disabling further communication from the peripheral device to the client device based on detecting the user selection of the selectable option provided within the interface prompt (Paragraph 0075, Buttons 410 can be used by the user to either indicate that the device should be authorized ("Allow") or quarantined further ("Cancel")). 

Regarding claim 17, Viscarola teaches a non-transitory computer-readable medium storing instructions thereon that, when executed by one or more processors, causes a client device to: detect a connection of a peripheral device (Fig. 2, 216, USB Device; Paragraph 0049, Each peripheral device 216 denotes any suitable device that can be communicatively coupled to or interact with the processor 202 or other components of the device 200) with an externally accessible port (Fig. 2, 210, Removable Device Interface) of the client device (Fig. 2, 200, Client Device; Paragraph 0043, device 200 shown in FIG. 2 could denote any of the controllers, operator stations, or other devices in the system 100 of FIG. 1); receive, from the peripheral device via the detected connection, peripheral device data including one or more indicators associated with features of the peripheral device (Fig. 4A, 402; Paragraph 0073, FIG. 4A, the graphical user interface 400 includes information 402 identifying the peripheral device to be authorized.  In this example, the information 402 includes a vendor identifier, a product identifier, a manufacturer, and a product type associated with the peripheral device); determine a connection pattern of the client device connecting to the peripheral devices based on historical usage information from a client device profile (Fig. 6 Flowchart of Whitelist, 606, Compare Identifier Specification to Whitelist Identifier Specifications), the historical usage information comprising previous connections of the peripheral devices to the client device (Paragraph 0060, previously-connected devices (for which an authorized human response was previously obtained) and/or devices previously authorized by a suitable outside system may be placed into a "whitelist" of pre-authorized devices for which no additional authentication is needed), and previous connection locations (Paragraph 0091, generate a device identifier specification for a peripheral device, such as the peripheral device 216, where the device identifier specification is used to determine whether the peripheral device is identified in a whitelist. Information about the peripheral device is obtained before or during quarantine of the peripheral device… one or more of the following pieces of information could be obtained: … Paragraph 0098, logical or physical location of the device on the system… Paragraph 0099, device identifier specification is created here using data that is available prior to and during the times that devices are quarantined… Paragraph 0104, device identifier specification is compared to device identifier specifications in a whitelist); identify environmental information comprising a location of the peripheral device at the time the connection of the peripheral device is detected (Paragraph 0084, obtain information about the peripheral device 216, such as its name, device manufacturer, device description (like category or purpose), location); determine a risk factor for the peripheral device based on comparing the one or more indicators received from the peripheral device and the environmental information from the client device profile (Fig. 4B, Identifier Specification with Device Information and Location Information; Paragraph 0105, Each device identifier specification could uniquely identify both a device and its location in a system, thus allowing the authorization system to differentiate between otherwise identical devices attached via different mechanisms to the same system (such as different keyboards plugged into different USB ports)) to the connection pattern of the client device (Fig. 6, 608, Match Found; Paragraph 0104, authorization driver 304 comparing the generated device identifier specification for the peripheral device 216 to the device identifier specifications in the whitelist); and grant a level of trust to the peripheral device based on the determined risk factor (Fig. 6, 610, Treat Peripheral Device as Pre-Authorized Device; Paragraph 104, If a match in the whitelist is found at step 608, the peripheral device is treated as a pre-authorized device at step 610).
Viscarola teaches determining a trust level for a USB device connected to a USB host based on historical information and environmental information. Viscarola does not teach wherein the environmental information comprises location information of the client device at a time that the connection of the peripheral device is detected.
Dabbiere teaches identify environmental information comprising a time that the connection of the peripheral device is detected (Paragraph 0068, at least one compliance rule provides that access to one or more particular peripheral devices 190 is limited to one or more particular periods of time) and a location information of the client device (Fig. 1, 150, User Device; Paragraph 0029, control access to peripheral devices by host devices, e.g., user devices, via the application of one or more (e.g., at least one) compliance rules.  These compliance rules may, for example, restrict and/or allow access based on any number of conditions, such as a user device's location) at a time that the connection of the peripheral device (Fig. 1, 190, Peripheral Device; Paragraph 0038, peripheral device(s) 190 may comprise a printer, scanner, mouse, keyboard, external hard drive, sensor, camera, speaker system) is detected (Paragraph 0042, Attempts by the host device(s), e.g., user device(s) 150, to perform certain functionality, such as accessing a peripheral device 190 directly or via the network 140, performing a responsive action or the like, may require the host device to be in compliance with one or more of the compliance rules); determine a risk factor for the peripheral device based comparing the one or more indicators received from the peripheral device and the environmental information from the client device profile to the connection pattern of the client device (Paragraph 0034, authorization procedure may, for example, involve authenticating the host device(s), e.g., user device(s), and/or peripheral device(s) and/or determining whether causing a given responsive action to be performed is authorized, e.g., by one or more compliance rules).
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the medium to incorporate the teachings of Dabbiere and include location information of the client device connected to the peripheral device (See Dabbiere: Paragraph 0049, host device(s), peripheral device(s), compliance server 130, and/or resource server 110 may connect with the network 140 via wired means such as Ethernet, USB (Universal Serial Bus)) in the environmental parameters of Viscarola.   
One of ordinary skill in the art would be motivated to make the modifications in order to prevent the client device from accessing devices within unsafe geographic zones, thus ensuring the security of the client from access by malevolent entities (See Dabbiere: Paragraph 0078).
Viscarola teaches a detect a location at a time of connection. Dabbiere teaches detecting a client location at a time of connection. Neither Viscarola nor Dabbiere explicitly teaches previous connection times nor a time when the connection is initially detected. 
Kaines teaches historical usage information comprising previous connection times (Paragraph 0027, the present invention might retain varying numbers of records recorded during past connections requests of the device 101… By replacing the authenticator every time, optional data in the authenticator, such as the creation date of the authenticator, can be leveraged to compare if the authenticator is old or not (actualized)); identify environmental information comprising a time that the connection of the peripheral device is initially detected (Paragraph 0029, the policy module begins the receipt step by listening, over a published port known to a generic device driver practicing this disclosure, for a connection from a generic device driver located on a host) and a location of the client device (Paragraph 0025, administrators of the policy module 103 would then be able to determine whether to allow the specimen 101 to be used by the requesting host based on a selective combination of criteria.  Examples include location, user, time, date, host ID, previous connection history) at the time the connection is initially detected (Paragraph 0029, authorized devices are not to be connected to computers belonging to the Active Directory Lookup service on the same network as the policy module outside normal business hours. Therefore the time of the connection is taken into account… Same decision step analysis would apply for any other rules that the policy module would be in charge of enforcing per the security policy set; i.e. the location of the device in combination with the initial connection detection time is used to determine authorization). 
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the medium to incorporate the teachings of Kaines and include previous connection time records and determination of location information in response to the initial connection detection.   
One of ordinary skill in the art would be motivated to make the modifications in order to determine if the connection request in combination with location satisfies the policy rules set by the administrator, thus preventing access from incorrect times/locations (See Kaines: Paragraphs 0025 & 0029).

Regarding claim 18, the combination of Viscarola/Dabbiere/Kaines teaches the medium of claim 17. Viscarola further teaches wherein receiving the peripheral device data comprises receiving an indication of a device type for the peripheral device (Fig. 4A, 404, Device Types); and wherein determining the risk factor comprises: identifying one or more input capabilities (Paragraph 0099, device identifier specification is created here using data that is available prior to and during the times that devices are quarantined) for the device type for the peripheral device corresponding to the received indication (Paragraph 0091, one or more of the following pieces of information could be obtained:… Paragraph 0094, device type, device category, device class, or alphanumerical identifier(s) describing the same); and determining the risk factor based on the identified one or more input capabilities for the device type (Paragraph 0085, the authorization driver 304 determining whether the peripheral device 216 is listed in a whitelist of pre-authorized devices.  In some embodiments, the authorization driver 304 could generate a device identifier specification for the peripheral device 216 and compare the device identifier specification to identifier specifications contained in the whitelist).

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Viscarola (US 2018/0365397) in view of Dabbiere (US 2013/0304641) in view of Kaines (US 2016/0203311) and further view of Desai (US 2019/0042805).

Regarding claim 2, the combination of Viscarola/Dabbiere/Kaines teaches the method of claim 1. Viscarola further teaches wherein the externally accessible port comprises a universal serial bus (USB) port (Paragraph 0048, the device 200 could include one or more USB slots, FIREWIRE ports, THUNDERBOLT ports, or other interfaces for coupling to peripheral devices 216) including an interface configured to receive data signals (Fig. 2, 210, Data Interface) via bus driver of the client device (Paragraph 0053, the functional architecture 300 could intercept device connection attempts at the lowest possible level in a host system, such as in the USB hub driver of a USB stack, in order to quarantine a device).
Viscarola teaches a single bus driver. The combination of Viscarola/Dabbiere/Kaines does not teach multiple bus drivers.
Desai teaches including an interface configured to receive power signals and data signals via different bus drivers of the client device (Fig. 3, 100, Computing Device with drivers; Paragraph 0017, trusted software verifies the device descriptor and, if verified, may enable the USB device for use (e.g., by loading appropriate device drivers).  Thus, the computing device 100 may allow trusted software to securely enumerate and use hot-plugged USB devices).
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the method to incorporate the teachings of Desai and include multiple device drivers that can hot-plug the USB peripheral device securely and power the peripheral device.   
One of ordinary skill in the art would be motivated to make the modifications in order to allow hot-plugging capabilities with trusted peripheral devices, thus enabling instant use of the peripheral device (See Desai: Paragraph 0017). 

Claim 11, 12, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Viscarola (US 2018/0365397) in view of Dabbiere (US 2013/0304641) in view of Kaines (US 2016/0203311) and further in view of Nasir (US 2012/0131353).

Regarding claim 11, the combination of Viscarola/Dabbiere/Kaines teaches the method of claim 1. The combination of Viscarola/Dabbiere/Kaines does not explicitly teach changing a charging rate based on peripheral verification. 
Nasir teaches wherein the peripheral device is capable of charging the client device, further comprising: identifying a plurality of charging preferences associated with a speed of charging the client device via the connection with the peripheral device (Paragraph 0043, authenticator 116 may forgo automatically launching an application or refuse some services of peripheral 106.  Assume, for example, that battery charger 106-3 is not authenticated.  Assume also that host device 102 controls the charge coming from battery charger 106-3); and based on information from the device profile, selecting a charging preference from the plurality of charging preferences (Paragraph 0043, Authenticator 116 disconnects the authentication-configured data lines from authentication procedures and establishes these data lines to active components of battery charger 106-3, where host device 102 then limits the services of battery charger 106-3 to a trickle charge and disallows fast charging).
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the method to incorporate the teachings of Nasir and include charging rate changes based on authentication of the peripheral device of Viscarola.   
One of ordinary skill in the art would be motivated to make the modifications in order to prevent unauthenticated batteries from damaging the host computing device (See Nasir: Paragraph 0002).

Regarding claim 12, the combination of Viscarola/Dabbiere/Kaines/Nasir teaches the method of claim 11. Viscarola teaches wherein preference is selected based on a combination of a location of the client device at the time that the connection of the peripheral device is detected (Paragraph 0084, peripheral device 216 to obtain information about the peripheral device 216, such as its name, device manufacturer, device description (like category or purpose), location). Viscarola does not explicitly teach the time that the connection of the peripheral device is initially detected.  
Kaines teaches the time that the connection of the peripheral device is initially detected (Paragraph 0029, authorized devices are not to be connected to computers belonging to the Active Directory Lookup service on the same network as the policy module outside normal business hours. Therefore the time of the connection is taken into account… Same decision step analysis would apply for any other rules that the policy module would be in charge of enforcing per the security policy set; i.e. the location of the device in combination with the initial connection detection time is used to determine authorization). 
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the method to incorporate the teachings of Kaines and include previous connection time records and determination of location information in response to the initial connection detection.   
One of ordinary skill in the art would be motivated to make the modifications in order to determine if the connection request in combination with location satisfies the policy rules set by the administrator, thus preventing access from incorrect times/locations (See Kaines: Paragraphs 0025 & 0029).
The combination of Viscarola/Dabbiere/Kaines does not teach a charging preference. 
Nasir teaches wherein the plurality of charging preferences include a first charging speed preference associated with a first charging speed (Paragraph 0043, Authenticator 116 disconnects the authentication-configured data lines from authentication procedures and establishes these data lines to active components of battery charger 106-3, where host device 102 then limits the services of battery charger 106-3 to a trickle charge and disallows fast charging) and a second charging speed preference associated with a second charging speed that is faster than the first charging speed (Paragraph 0043, authenticator 116 may forgo automatically launching an application or refuse some services of peripheral 106.  Assume, for example, that battery charger 106-3 is not authenticated.  Assume also that host device 102 controls the charge coming from battery charger 106-3), and wherein the charging preference is selected based on a combination of a time that the connection of the peripheral device is detected (Paragraph 0028, Host device 102, through authenticator 116, can compare the identifier with a database of identifiers known to be authentic.  A peripheral can be authenticated, or determined to be potentially authentic, when the peripheral is a device (or class of devices) previously known to be of a particular nature, generally a nature that has not been found to be potentially damaging or that has been designed to function with host device 102).
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the method to incorporate the teachings of Nasir and include charging rate changes based on authentication of the peripheral device of Viscarola.   
One of ordinary skill in the art would be motivated to make the modifications in order to prevent unauthenticated batteries from damaging the host computing device (See Nasir: Paragraph 0002).

Regarding claim 20, the combination of Viscarola/Dabbiere/Kaines teaches the medium of claim 17. Viscarola teaches wherein preference is selected based on a combination of a location of the client device at the time that the connection of the peripheral device is detected (Paragraph 0084, peripheral device 216 to obtain information about the peripheral device 216, such as its name, device manufacturer, device description (like category or purpose), location). Viscarola does not explicitly teach the time that the connection of the peripheral device is initially detected.  
Kaines teaches the time that the connection of the peripheral device is initially detected (Paragraph 0029, authorized devices are not to be connected to computers belonging to the Active Directory Lookup service on the same network as the policy module outside normal business hours. Therefore the time of the connection is taken into account… Same decision step analysis would apply for any other rules that the policy module would be in charge of enforcing per the security policy set; i.e. the location of the device in combination with the initial connection detection time is used to determine authorization). 
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the medium to incorporate the teachings of Kaines and include previous connection time records and determination of location information in response to the initial connection detection.   
One of ordinary skill in the art would be motivated to make the modifications in order to determine if the connection request in combination with location satisfies the policy rules set by the administrator, thus preventing access from incorrect times/locations (See Kaines: Paragraphs 0025 & 0029).
The combination of Viscarola/Dabbiere/Kaines does not teach a charging preference. 
Nasir teaches wherein the peripheral device is capable of charging the client device, and further comprising instructions that, when executed by the one or more processors, causes the client device to: identify a plurality of charging preferences associated with a speed of charging the client device via the connection with the peripheral device (Paragraph 0043, authenticator 116 may forgo automatically launching an application or refuse some services of peripheral 106.  Assume, for example, that battery charger 106-3 is not authenticated.  Assume also that host device 102 controls the charge coming from battery charger 106-3); and based on information from the device profile, selecting a charging preference from the plurality of charging preferences (Paragraph 0043, Authenticator 116 disconnects the authentication-configured data lines from authentication procedures and establishes these data lines to active components of battery charger 106-3, where host device 102 then limits the services of battery charger 106-3 to a trickle charge and disallows fast charging), wherein the plurality of charging preferences include a first charging speed preference associated with a first charging speed (Paragraph 0043, Authenticator 116 disconnects the authentication-configured data lines from authentication procedures and establishes these data lines to active components of battery charger 106-3, where host device 102 then limits the services of battery charger 106-3 to a trickle charge and disallows fast charging) and a second charging speed preference associated with a second charging speed that is faster than the first charging speed (Paragraph 0043, authenticator 116 may forgo automatically launching an application or refuse some services of peripheral 106.  Assume, for example, that battery charger 106-3 is not authenticated.  Assume also that host device 102 controls the charge coming from battery charger 106-3), and wherein the charging preference is selected based on a combination of a time that that the connection of the peripheral device is detected (Paragraph 0028, Host device 102, through authenticator 116, can compare the identifier with a database of identifiers known to be authentic.  A peripheral can be authenticated, or determined to be potentially authentic, when the peripheral is a device (or class of devices) previously known to be of a particular nature, generally a nature that has not been found to be potentially damaging or that has been designed to function with host device 102).
It would have been obvious to one of ordinary skill in the art before date of application filing to have modified the medium to incorporate the teachings of Nasir and include charging rate changes based on authentication of the peripheral device of Viscarola.   
One of ordinary skill in the art would be motivated to make the modifications in order to prevent unauthenticated batteries from damaging the host computing device (See Nasir: Paragraph 0002).

Allowable Subject Matter

Claims 4, 7, 9, 15, and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

The following is a statement of reasons for the indication of allowable subject matter:  Regarding claim 4, none of the cited references teach either alone or in combination comparing the one or more indicators received from the peripheral device to the connection pattern of the client device based on the historical usage information; comparing the time that the connection of the peripheral device is initially detected to previous connection times of the environmental information; and comparing the location of the client device at the time the connection of the peripheral device is initially detected to previous connection locations of the environmental information. 

Regarding claims 7, 9, 15, and 19, none of the cited references teach either alone or in combination wherein granting the level of trust to the peripheral device comprises enumerating the peripheral device on the client device.

Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US PGPUB 2012/0303827 to Neystadt discloses a location-based access control for a user device is implemented. 
US Patent 8,904,496 to Bailey discloses determining a current location of a device and authorizing access to a resource based on the location and location history of the device. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARRY Z WANG whose telephone number is (571)270-1716. The examiner can normally be reached 9 am - 3 pm (Monday-Friday).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Henry Tsai can be reached on 571-272-4176. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/HARRY Z WANG/Examiner, Art Unit 2184