PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 16/522,949
Filing Date: 26 Jul 2019
Appellant(s): iControl Networks, Inc.



__________________
Gabriel T. Applegate
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed 18 July 2022.
(1) Grounds of Rejection to be Reviewed on Appeal
Every ground of rejection set forth in the Office action dated 18 October 2021 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”

(2) Response to Appellant Argument
Argument: 
	Claim 1 recites that the “computing device” is determined to be authorized to communicate with the security system “based on the whitelist indicating the one or more authorized devices,” and based on that determination, is “enabled” to communicate with the security system (1.e., Appellant’s claimed security system includes the security system server). Neither Naidoo, nor Cholas, teaches or suggests these features.

Response:
As discussed in the office action mailed 18 October 2021 and further elaborated in the office action mailed 7 February 2022,  Naidoo disclose receiving, by a gateway device (Fig. 1: security gateway 115) located at a premises (Fig. 1: security gateway device is located within premises 110), from a security server device (Fig. 1: security server 131) located external to the premises (Fig. 1: security server 131 is located external to premises 110), information (E.g. Col 10, lines 16-29, Col 19, line 4 – Col 20, line 9; see the token received from the security server by the gateway device), wherein a security system (Fig. 1: security system 100) comprises the gateway (E.g. Col 6, lines 22-23: Security system 100 comprises a security gateway 115) and the security server (E.g. Col 6, lines 28-29: Security system 100 further comprises a security system server 131), and wherein the information comprises: 
one or more devices authorized (Fig. 1: remote client 155; the token include information for authorizing the remote client device 155) to communicate with the security system (E.g. Col 10. Lines 30-41: once authenticated, remote user 152 may perform lifestyle monitoring from remote location 150 through security gateway 115. The remote monitoring feature allows remote user 152 at remote location 150 to view all or only selected portions of the video images from video cameras 112, and to hear all or only selected portions of audio data from audio stations 107. Depending on the access permissions assigned to remote user 152, remote user 152 may further have the capability to accomplish the following: arm and disarm the system 100; configure the security system 100 to monitor different zones; review and change account information, Col 10, lines 16-29: Remote client 155 may connect to security system server 131 and security gateway 115 (after authentication) via network 120. In one particular embodiment, remote client 155 includes a web-browser-based video client for accessing audio and video data. Typically, the web-based video client is a web browser or a plug-in for a web browser. After authentication, security system server 131 may be configured to create a data connection between remote client 155 and security gateway 115 such that communications between remote client 155 and security gateway 115 bypass security system server 131; Col 9, lines 41-67, Col 10, lines 30-50, Col 11, lines 16-24, Col 19, line 4 – Col 20, line 9, Col 17, lines 63 – Col 18, line 52); and 
one or more rules for communicating with at least one of the authorized devices (E.g. Col 19, lines 20-27: If the remote user has the necessary permissions, in step 540, the security system server provides the remote client and the security gateway with an access token. The access token will typically comprise the identity of the remote user, the identity of security gateway to be accessed, the access permissions to be granted for the access token, and the desired lifespan of the token, as well as a digital signature of the security system server; Col 19, lines 60-67: the security system server may assign a lifespan to the access token. In such cases, after a pre-specified time or event, the access token expires and the remote user may not access the security gateway after the expiration of the access token. In order to access to the features of the security gateway after expiration of the access token, the remote user must reconnect to the security system server and provide valid authentication information; Col 9, lines 41-66: The present invention provides for access to security gateway 115 and security system server 131 by remote user 152 using a remote client 155 which is located at a remote location 150. Remote user 152 may be the General Administrator, i.e., a person (typically the owner of premises 110) having full access to security gateway 115, including without limitation having the following capabilities: accessing all zones; arming and disarming security system 100; reviewing logs of alarm events and non-alarm events; accessing account information such as the billing address, phone number, and contact persons; renaming a sensor; performing maintenance on the system such as checking battery levels; creating guest accounts for other remote users 152, including defining access permissions for the guest user and creating a username and password for the guest user; and adjusting controls on the security system 100, such as the gain control for the microphones, the volume controls for the speakers, and the time limit for caching information. Alternatively, remote user 152 may be a guest user, i.e., a user whose permissions and access are controlled by the General Administrator. The features of the security system that a guest user may access are defined and modified according to the General Administrator's preferences, Fig. 5);
determining, by the gateway device and based on the information indicating the one or more authorized devices, that a computing device (Fig. 1: remote client 155) is authorized to communicate with the security system (E.g. Col 19, lines 20-59: If the remote user has the necessary permissions, in step 540, the security system server provides the remote client and the security gateway with an access token. The access token will typically comprise the identity of the remote user, the identity of security gateway to be accessed, the access permissions to be granted for the access token, and the desired lifespan of the token, as well as a digital signature of the security system server… The remote client then connects directly to the security gateway and provides the security gateway with the access token in step 550. It is noted that the term "connects directly" means that communications between the remote client and security gateway do not pass through security system server. The security gateway inspects the access token received from the remote client and compares it to the access token received by the security gateway in step 560. If the access tokens do not match, then the remote user at the remote client is denied access to the security gateway, and process flow ends in step 590… If the access tokens match in step 565, then the remote user may access features of the security gateway in step 570 in accordance with the user's permissions profile. During access by the remote user of the security system cameras or audio stations at the premises, the security gateway activates a notification signal comprising an audiovisual cue at the premises in step 575, indicating to occupants of the premises that remote monitoring is occurring, Col 9, lines 41-66: The present invention provides for access to security gateway 115 and security system server 131 by remote user 152 using a remote client 155 which is located at a remote location 150. Remote user 152 may be the General Administrator, i.e., a person (typically the owner of premises 110) having full access to security gateway 115, including without limitation having the following capabilities: accessing all zones; arming and disarming security system 100; reviewing logs of alarm events and non-alarm events; accessing account information such as the billing address, phone number, and contact persons; renaming a sensor; performing maintenance on the system such as checking battery levels; creating guest accounts for other remote users 152, including defining access permissions for the guest user and creating a username and password for the guest user; and adjusting controls on the security system 100, such as the gain control for the microphones, the volume controls for the speakers, and the time limit for caching information. Alternatively, remote user 152 may be a guest user, i.e., a user whose permissions and access are controlled by the General Administrator. The features of the security system that a guest user may access are defined and modified according to the General Administrator's preferences, Col 10. Lines 30-41: once authenticated, remote user 152 may perform lifestyle monitoring from remote location 150 through security gateway 115. The remote monitoring feature allows remote user 152 at remote location 150 to view all or only selected portions of the video images from video cameras 112, and to hear all or only selected portions of audio data from audio stations 107. Depending on the access permissions assigned to remote user 152, remote user 152 may further have the capability to accomplish the following: arm and disarm the system 100; configure the security system 100 to monitor different zones; review and change account information; Col 19, line 60 – Col 20, line 9; Fig. 5; Col 10, lines 16-29);
and enabling, based on the determining that the computing device is authorized to communicate with security system, the computing device to communicate, using the one or more rules, with the security system (E.g.  Col 19, lines 36-59: The remote client then connects directly to the security gateway and provides the security gateway with the access token in step 550. It is noted that the term "connects directly" means that communications between the remote client and security gateway do not pass through security system server. The security gateway inspects the access token received from the remote client and compares it to the access token received by the security gateway in step 560. If the access tokens do not match, then the remote user at the remote client is denied access to the security gateway, and process flow ends in step 590. If the access tokens match in step 565, then the remote user may access features of the security gateway in step 570 in accordance with the user's permissions profile. During access by the remote user of the security system cameras or audio stations at the premises, the security gateway activates a notification signal comprising an audiovisual cue at the premises in step 575, indicating to occupants of the premises that remote monitoring is occurring. For example, an LED on a camera at the premises may be activated while the remote user is accessing that camera. In another example, an audible tone may be activated while the remote user is accessing an audio station at the premises. The remote user will continue to be able to access designated security gateway features until the remote user logs out according to step 580 or the access token expires according to step 585; Col 9, lines 41-66: The present invention provides for access to security gateway 115 and security system server 131 by remote user 152 using a remote client 155 which is located at a remote location 150. Remote user 152 may be the General Administrator, i.e., a person (typically the owner of premises 110) having full access to security gateway 115, including without limitation having the following capabilities: accessing all zones; arming and disarming security system 100; reviewing logs of alarm events and non-alarm events; accessing account information such as the billing address, phone number, and contact persons; renaming a sensor; performing maintenance on the system such as checking battery levels; creating guest accounts for other remote users 152, including defining access permissions for the guest user and creating a username and password for the guest user; and adjusting controls on the security system 100, such as the gain control for the microphones, the volume controls for the speakers, and the time limit for caching information. Alternatively, remote user 152 may be a guest user, i.e., a user whose permissions and access are controlled by the General Administrator. The features of the security system that a guest user may access are defined and modified according to the General Administrator's preferences, Col 11, lines 16-24, Col 19, line 4 – Col 20, line 9, Col 17, lines 63 – Col 18, line 52).
Naidoo clearly discloses that the Remote client 155 may connect to security system server 131 after authentication via network 120. In other words, the remote client is not already connected to the security server.
Furthermore, as shown above in the detailed citations the gateway device determines whether to authorize the remote client device 155 to communicate with security system elements such as cameras, speakers and microphone located inside the premises using one or more communication rule. 
Naidoo just fails to expressly disclose that the information comprises a whitelist indicating the one or more authorized device authorized to communicate with the security system, and determining based on the whitelist that the computing device is authorized to communicate with the security system.
Cholas is merely relied on to show that it was well known in the art of authorizing devices to include a whitelist indicating one or more authorized device authorized to communicate with a premises network, and determining based on the whitelist that a computing device is authorized to communicate with the premises network [E.g. 0027, 0076-0079, 0111-0126, Figs. 2-4].
It would have been obvious to one of ordinary skill in the art at the time the invention was made to modify Naidoo with the teaching of Cholas in order to have enable the device to automatically connect to the network by having it authorized to connect in a whitelist of devices authorized to connect and thereby there is no need to for the device to authorize itself every time it connects to the network.
Furthermore, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).

Conclusion
For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,
/MOHAMED BARAKAT/Primary Examiner, Art Unit 2689       
                                                                                                                                                                                                 Conferees:

/JOSEPH H FEILD/Supervisory Patent Examiner, Art Unit 2689       

                                                                                                                                                                                                 /QUAN ZHEN WANG/Supervisory Patent Examiner, Art Unit 2684                                                                                                                                                                                                        


Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.