Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Application No. 16/933,501 filed on 07/20/2020.
Claims 1-20 have been examined and are pending in this application. 
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/07/2021, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claim 1 is objected to because of the following informality:
Regarding Claim 1, The limitations in claim 1 are separated with a commas “,” , the limitations should be separated with a semi-colon “;” instead of “,”. Appropriate corrections are required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ferreira et al. (W.O. 2018093386 A1; Hereinafter “Ferreira”) in view of Mahaffey et al. (U.S. 20140189808 A1; Hereinafter “Mahaffey”).
Regarding claim 1, Ferreira teaches a system, comprising: a memory (Ferreira: para[0038] “Figure 6 illustrates an example computing device in which example systems and methods, and equivalents, may operate. The example computing device may be a computer 600 that includes a processor 610 and a memory 620 connected by a bus 630.”); and 
a processor coupled to the memory and configured to allow or deny access to a network in which to exchange communications according to a method that includes (Ferreira: para [009], “For example, a user constantly broadcasting a beacon may be able to be tracked as they travel, visit clients, and so forth. Further, broadcasting an identical beacon may be susceptible to replay attacks that allow someone to gain access to a managed resource by transmitting a duplicate of the beacon to that resource.”): 
detecting presence of a device (mobile device 100) based on receipt of communications from the device (Ferreira: para[0014-0015]“In some examples, each presence identifier 105 broadcast by mobile device 100 may be uniquely generated for that particular broadcast. The presence identifier may be detected by managed devices 110. Managed devices 110 may be devices, appliances, and so forth that make up the information technology infrastructure of a company.”).
Ferreira does not explicitly teach determining that the device is unmanaged by the system based on data included with the communications received from the device,  the data not including a signature indicative of enrollment of the device with the system, and in response to determining that the device is unmanaged by the system, denying access to the network
However, in an analogous art, Mahaffey teaches determining that the device is unmanaged by the system based on data included with the communications received from the device,  the data not including a signature indicative of enrollment of the device with the system (Mahaffey: para [0004], “Credentials may be bound in some way to the individual to whom they were issued, such as for identification, or they may be bearer credentials, which may be acceptable for general authorization.”, para [0062], [0068], [0101][0077], [0094], “For example credentials may comprise a username/password combination and/or a token and/or a cryptographic signature.”, “The user's credentials are then sent to the authentication server by whichever server or other resource is storing the credentials, act 458. In decision block 460, the authentication server determines whether or not the credentials are valid and approved.”), and 
in response to determining that the device is unmanaged by the system, denying access to the network (Mahaffey: para [0101],“If they are not valid, the requesting client is denied access, act 462. If instead the credentials are approved, then the client is allowed to access the resource, act 464”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching of Mahaffey into the teaching of Ferreira to include determining that the device is unmanaged by the system based on data included with the communications received from the device, and in response to determining that the device is unmanaged by the system, denying access to the network because it will protect the network and prevent phishing attacks (Mahaffey: para [0133]).
Regarding claim 2, Ferreira in view of Mahaffey teaches the independent claim 1. Mahaffey teaches wherein the method further includes: in response to determining that the device is unmanaged by the system, offering an enrollment option to the device (Mahaffey: para [0045], “If a user is not enrolled in service, the user can be enrolled. In this case, the service may have its own authentication mechanism, server is interacting with it.”); and 
in response to determining that the device is managed, providing network access (Mahaffey: para [0101], “If instead the credentials are approved, then the client is allowed to access the resource, act 464”).
Regarding claim 3, Ferreira in view of Mahaffey teaches the independent claim 1. Ferreira additionally teaches wherein detecting presence of the device includes monitoring communication channels for communications from the device (Ferreira: para[0022], “The broadcast may be received from a mobile device. Throughout method 200 transmissions involving the mobile device may occur, for example, via a pairing technology, such as Bluetooth, near field communication, WIFi, and so forth”)..
Regarding claim 4, Ferreira in view of Mahaffey teaches the independent claim 1. Mahaffey teaches wherein determining whether the device is unmanaged by the system includes configuring an access point with a management enforcement agent that attempts to capture the signature from the device and then authenticates the signature with the system (Mahaffey: [0072], [0094] “Wi-Fi access points (APs) which may supply Wi-Fi SSIDs, BSSIDs, type of authentication information, any other information gather-able about the APs, and signal strength information,”).
Regarding claim 5, Ferreira in view of Mahaffey teaches the independent claim 1. Ferreira additionally teaches wherein detecting presence of the device includes utilizing a beacon or another device enrolled with the system to monitor for communications (Ferreira: para [0022], “Method 200 may perform various tasks associated with personal identification, in various examples, method 200 may be performed by a device managed as a part of a company's information technology infrastructure, similar to managed device 110 (figure 1), Method 200 includes detecting a presence Identifier at 210. The broadcast may be received from a mobile device.”).
Regarding claim 6, Ferreira in view of Mahaffey teaches the dependent claim 5. Ferreira additionally teaches wherein detecting presence of the device includes monitoring for an announcement from the device, wherein the announcement is generated using one of: Bluetooth (Ferreira: para[0022], “The broadcast may be received from a mobile device. Throughout method 200 transmissions involving the mobile device may occur, for example, via a pairing technology, such as Bluetooth, near field communication, WIFi, and so forth”).
Regarding claim 7, Ferreira in view of Mahaffey teaches the independent claim 1. Mahaffey teaches wherein the system enrolls an identified device that is unmanaged by installing an agent onto the identified device, and wherein the agent is configured to output a unique signature indicative of the identified device (Mahaffey: Para [0041], [0044] [0108][0110] [0134] “Some services may require this, where in other cases, server provides open API where any service can request authentication or authorization without a user needing to enroll. The system determines if a user is enrolled in a given service with the server. It may do this by retrieving enrollment information from server (e.g. supply hostname or identifier of site as an HTTP referrer or explicitly) or service; looking for presence of a session or authentication cookie;”).
Regarding claim 8, Ferreira in view of Mahaffey teaches the dependent claim 7. Ferreira additionally teaches wherein the unique signature is time dependent (Ferreira: para [0022] “The portion may also be generated based on a schedule known to the mobile device so that the mobile device periodically changes the presence identifier being broadcast. This may allow the mobile device to obfuscate the identity of a user of the mobile device.”).
Regarding claim 9, Ferreira in view of Mahaffey teaches the dependent claim 7. Mahaffey teaches wherein the unique signature is embedded in an encrypted token that can be decrypted by the system, and wherein the encrypted token is communicated over a secure channel (Mahaffey: para [0095], [0103], “The authenticating information comprising the credentials provided by the system, such as by a server or the authorizing client can be a username/password combination or a session token for the application's backend service, or an authorization token to retrieve login from a service (local or network-based), or other type of credential as described above.”, para [0089], “The client first authenticates the request using a relay of known credentials, digitally signed response, or other means, and provides the result data over a secure transmission channel.”).
Regarding claim 10, Ferreira in view of Mahaffey teaches the dependent claim 7. Mahaffey teaches wherein the unique signature is provided at a predetermined communication layer based on capabilities of network switches (Mahaffey: para [0003] [0104], “In the Internet environment, clients and servers exchange messages according to a request-response messaging exchange in which the client sends a request, and the server returns a response in accordance with a defined communications protocol that operates in the application layer of the TCP/IP (Transmission Control Protocol/Internet Protocol) model.”).
Regarding claim 11, Ferreira in view of Mahaffey teaches the dependent claim 1. Mahaffey teaches wherein the signature is provided over a set of different communication layers utilizing different frame patterns ((Mahaffey: para [0055],[0060, [0085], “The network interface between server computer and the client computers may include one or more routers that serve to buffer and route the data transmitted between the server and client computers. Network 110 may be the Internet, a Wide Area Network (WAN), a Local Area Network (LAN), or any combination thereof.”, “The request 120 includes the application identity information--for a website, mobile or desktop application, or other service needing authentication or authorization URL,.., signing certificate of hosting application,… a digital signature or HMAC provided by the application, or other information)”, the signature provided in Mahaffey used a wired network which has different communication layers and pattern than the Bluetooth communication used in Ferreira”).
Regarding claim 12, Ferreira in view of Mahaffey teaches the independent claim 1. Mahaffey additionally teaches wherein determining that the device is unmanaged includes sending a credential request to the device (Mahaffey: para[0059], “During a typical network exchange, a user through client computer 112 may make a request 120 to a target server 114 to access an application provided by the server or to access some other network resource through server 114. Many such applications or resources may be protected so that only authorized users may gain access. In this case, the accessed (or "target") server 114 will in turn respond with a challenge 122 requesting that the user provide appropriate authenticating credentials, such as a valid username and password.”).
Regarding claim 13, Ferreira in view of Mahaffey teaches the independent claim 1. Mahaffey additionally teaches wherein the communications include cellular communications (Mahaffey: para[0085], “For an embodiment in which the authorizing client 132 is a mobile or cell phone, it may operate in a networked environment using logical connections to the requesting client 112, 118 or 119 via one or more communication interfaces. The communication interface may interface with a wireless network and/or a wired network. Examples of wireless networks include, for example, a BLUETOOTH network, a wireless personal area network, a wireless 802.11 local area network (LAN), wireless telephony network (e.g., a cellular, PCS, or GSM network), and/or near field communication (NFC)”).
Regarding claim 14, claim 14 is rejected under the same rational as claim 1.
Regarding claim 15, claim 15 is rejected under the same rational as claim 2.
Regarding claim 16, Ferreira in view of Mahaffey teaches the independent claim 14. Ferreira additionally teaches wherein detecting presence of the device includes at least one of: monitoring communication channels for communications from the device; utilizing a beacon or another device enrolled with the service to monitor for communications (Ferreira: para [0022], “Method 200 may perform various tasks associated with personal identification, in various examples, method 200 may be performed by a device managed as a part of a company's information technology infrastructure, similar to managed device 110 (figure 1), Method 200 includes detecting a presence Identifier at 210. The broadcast may be received from a mobile device.”); or 
monitoring for an announcement from the device, wherein the announcement is generated using one of: Bluetooth, Low Energy Bluetooth (BLE) or near field communications (NFC) (Ferreira: para[0022], “The broadcast may be received from a mobile device. Throughout method 200 transmissions involving the mobile device may occur, for example, via a pairing technology, such as Bluetooth, near field communication, WIFi, and so forth”).
Regarding claim 17, claim 17 is rejected under the same rational as claim 4.
Regarding claim 18, Ferreira in view of Mahaffey teaches the independent claim 14. Mahaffey teaches wherein an identified device that is unmanaged is enrolled into the service by installing an agent onto the identified device, wherein the agent is configured to output a unique signature indicative of the identified device, and wherein the unique signature is at least one of: time dependent (Mahaffey: Para [0041], [0044] [0108][0110] [0134] “Some services may require this, where in other cases, server provides open API where any service can request authentication or authorization without a user needing to enroll. The system determines if a user is enrolled in a given service with the server. It may do this by retrieving enrollment information from server (e.g. supply hostname or identifier of site as an HTTP referrer or explicitly) or service; looking for presence of a session or authentication cookie;”); 
embedded in an encrypted token that can be decrypted by the service, and wherein the encrypted token is communicated over a secure channel (Mahaffey: para [0095], [0103], “The authenticating information comprising the credentials provided by the system, such as by a server or the authorizing client can be a username/password combination or a session token for the application's backend service, or an authorization token to retrieve login from a service (local or network-based), or other type of credential as described above.”, para [0089], “The client first authenticates the request using a relay of known credentials, digitally signed response, or other means, and provides the result data over a secure transmission channel.”); or 
provided at a predetermined communication layer based on capabilities of network switches (Mahaffey: para [0003] [0104], “In the Internet environment, clients and servers exchange messages according to a request-response messaging exchange in which the client sends a request, and the server returns a response in accordance with a defined communications protocol that operates in the application layer of the TCP/IP (Transmission Control Protocol/Internet Protocol) model.”).
Regarding claim 19, claim 19 is rejected under the same rational as claim 11.
Regarding claim 20, claim 20 is rejected under the same rational as claim 12.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US-8737965 B2,  Wireless Device Monitoring Systems and Monitoring Devices, and Associated Methods.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 571-272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/L.L.N./Examiner, Art Unit 2437     
/NELSON S. GIDDINS/Primary Examiner, Art Unit 2437