DETAILED ACTION
Claims 1, 4-6, 9, 11-15, 17, 19, 20, 23-25, 28, 30, 32-34, 36, 38 and 39 have been amended.
Claims 2, 3, 8, 21, 22, and 27 have been cancelled.
Claims 40-42 have been newly added.
Objections to the drawings has been overcome due to the filed corrections.
Objection to claims 9, 11, 14, 20, 28, 30, 33, 38 has been overcome due to the filed amendments. 
112(b) rejection to claims 1, 4, 5, 12, 20, 23, and 24 has been overcome due to the filed amendments. 
Claims 1, 4-7, 9-20, 23-26, 28-42 are pending. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant's arguments filed 08/30/2022 have been fully considered but they are not persuasive. Applicant has argued that examiner has construed the term machine, to read on computing device. Applicant has further amended the claim to recite “piece of machinery”. Examiner respectfully disagrees. The teaching a of a computing device and access to computing resource outlined in the claim rejection also read on “piece of machinery”. A computing device is also a piece of machinery. Therefore, the initial mapping is proper and also reads on “piece of machinery”. 
Additional arguments are moot in view of the new grounds of rejection necessitated by the amendments. 
Claim Objections
Claims 13, 32, and 33 objected to because of the following informalities:  Claims 13 and 14 depend on claim 8, which is a cancelled claimAppropriate correction is required.
Claim 1 objected to because of the following informalities:  Claim 1 is amended as “… determined to at or above”. For the purpose of examination this is being interpreted as “… determined to be at or above”. Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claim 39 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. There is already an existing claim 39. However, the amended claims show a new claim 39 different from the previous one. For the purpose of examination claim 39 has been interpreted as being amended to delete the previous features and to recite the new features. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4-6, 9-12, 16-20, 23-25, 28-32, 35, 36, 38, and 39 are rejected under 35 U.S.C. 103 as being unpatentable over BAR (US-20170289168-A1) in view of SUBRAMANYA (US-20170034152-A1) hereinafter BAR -SUBRAMANYA.
Regarding claim 1, BAR teaches “A method controlling access permissions to a piece of machinery, the method comprising: receiving behavioral data relating to at least one user; ([BAR, ABSTRACT] “Aspects of the technology described herein provide a mechanism for controlling access to secure computing resources based on inferred user authentication. A current user may be authenticated and access to secure computing resources permitted based on a determined probability that the current user is a legitimate user associated with the secure computing resource. Legitimacy of the current user may be inferred based on a comparison of user-related activity of the current user to a persona model, which may comprise behavior patterns, rules, or other information for identifying a legitimate user. If it is determined that the current user is likely legitimate, then access to secure information may be permitted.”) ([BAR, para. 0061] “In one embodiment, the information in a persona model comprises one or more patterns of user-behavior for a legitimate user, related contextual information associated with the legitimate user”) receiving, from a user, an access request; ([BAR, para. 0118] “At step 430, an indication is received of a request to access a secure computing resource.”) receiving current user behavioral data from the user and ……  at a time corresponding to the access request; ([BAR, para. 0061] “In one embodiment, the information in a persona model comprises one or more patterns of user-behavior for a legitimate user, related contextual information associated with the legitimate user”) ([BAR, para. 0118] “At step 430, an indication is received of a request to access a secure computing resource. As described previously, a secure computing resource may comprise sensitive information about the legitimate user, which may include credentials, security settings or preferences, and in some cases a persona model for the legitimate user, and/or other secure computing applications or computing services, which may include third-party applications or services.”) generating a likelihood value, indicating the likelihood the access request is a valid request based on the current user behavioral data …. ([BAR, para. 0004] “Based on the comparison, an authenticity confidence score for the current user may be computed based on a statistical similarity to the persona model of the legitimate user. The authenticity confidence score (authenticity score) may be monitored in an ongoing manner by an application or service, such as a personal digital assistant application or may be checked as needed, such as when the current user attempts to access secure data, applications, or services.”) authenticating the user for access to operate the piece of machinery when the current user likelihood value is determined to at above a predetermined threshold value; ([BAR, para. 0119] “At step 445, the authentication confidence score is evaluated to determine whether it indicates the current user is legitimate. Embodiments of step 445 evaluate the authentication score to determine a degree of legitimacy for the current user. In an embodiment of step 445, the authentication score is compared against a threshold corresponding to a sufficient confidence of legitimacy. If the threshold is satisfied, then the current user is determined to be legitimate, but if the threshold is not satisfied, then the current user is determined to be illegitimate. The threshold may be pre-determined and may be specified by the legitimate user, such as a in a setting or preference, or may correspond to the particular secure computing resource (from step 430) that the current user is attempting to access. In some embodiments, different thresholds may exist for different secure computing resources, enabling some such resources to be accessed with a lower confidence of legitimacy and other resources to require very high confidence of legitimacy. Some embodiments of step 445 may be carried out by an authenticity verification component or routine, such as authenticity verification 290 of system 200, described in connection to FIG. 2.”) and generating a permissions data structure …... whereby the permissions data structure can be used to control use of the piece of machinery by the user. ([BAR, para. 0156] “if the determined authentication confidence score does not indicate that the current user is likely to be the legitimate user, then restricting, by the credentials manager, access to the secure computing resource”) ([BAR, para. 0016] “When it is determined that the current user likely is not the legitimate user or there is uncertainty (i.e. not enough confidence) that the current user is the legitimate user, a user-verification procedure may be initiated and/or access to the legitimate user's sensitive information, such as user passwords, accounts, configuration settings, applications, or services (which may include purchases or transactions), may be restricted or limited. For example, in an embodiment, when the authenticity score is not high enough (indicating a lack of confidence about the user's legitimacy) for the user to access a particular computing resource or carryout a particular activity, such as posting a message on social media (which could be an abuse carried out by an illegitimate user, such as posting malicious content, spam (advertising) or similar unauthorized content. On the other hand, if the authenticity score indicates that the current user is likely legitimate, then access to sensitive information, secure applications, services, or computing resources may be provided, and/or the user persona model may be updated based on monitored user-related activity of the current user. In some embodiments, a successful outcome of the user-verification procedure may be used for updating the statistical likelihood that the current user is legitimate (i.e., answering a question correctly may boost the authenticity score).”).
However, BAR does not teach “current state data relating to the piece of machinery …… indicating the likelihood the access request is a valid request based on  …  the current state data …… specifying features of the piece of machinery which can be operated by the user”
In analogous teaching SUBRAMANYA teaches “current state data relating to the piece of machinery ([SUBRAMANYA, para. 0068] “In at least one embodiment, Web Gate 206 may determine 220 whether a requested resource is protected. Web Gate 206 may communicate with authorization engine 210 to determine whether a resource is protected. In some instances, a resource may be protected for some users and may not be protected for other users depending on access granted to each user. At 222, authorization engine 210 may send a response 222 indicating whether a requested resource is protected. Response 222 may include other information related to access for the requested resource.”) indicating the likelihood the access request is a valid request based on  …  the current state data ([SUBRAMANYA, para. 0068] “At 222, authorization engine 210 may send a response 222 indicating whether a requested resource is protected. Response 222 may include other information related to access for the requested resource.”) ([SUBRAMANYA, para. 0079] “Based on the assessment of the scope of authentication for a session, an authorization response can be sent 270 to Web Gate 206. The authorization response can be sent from authorization engine 210 or can be communicated to session engine 208, which then sends the authorization response to Web Gate 206. At 272, Web Gate 206 may assess the authorization response to determine access to a resource of a session. Based on the assessment, Web Gate 206 may send an authorization message to client device 202. In some embodiments, the authorization message may be received at client device 202 by application 204. In response to the authorization message, application 204 may determine whether to permit or deny access to a requested resource through application 204. If access is permitted, application 204 may provide the resource in application 204.”) specifying features of the piece of machinery which can be operated by the user ([SUBRAMANYA, para. 0013] “The method may include receiving scope information for configuring the access to the plurality of resources. The method may include determining, based on the scope of information, a scope of authentication for the user to access the plurality of resources. The scope of authentication may indicate a set of resources of the plurality of resources for which the user is denied access at the client device.”) ([SUBRAMANYA, para. 0014] “Yet in some embodiments, scope of information indicates a set of permitted resources for which the user is permitted access at the client device.”)
Thus, given the teaching of SUBRAMANYA, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of scope of permission of the machine used by a user as taught by SUBRAMANYA into the teaching of a method for authorizing a user for controlling access permissions as taught by BAR. One of ordinary skill in the art would have been motivated to do so because SUBRAMANYA recognizes the need to improve access security to prevent unwanted users from gaining access to sensitive resources. ([SUBRAMANYA, para. 0031] “The capability to configure access to resources when providing credential information provides greater security for access management by preventing other users from gaining access to sensitive resources and/or applications on a shared computer.”) ([SUBRAMANYA, para. 0011] “Enabling a user to restrict access to resources provides a user with greater control over access such that the user can determine at run-time the resources to restrict or permit depending on the users who may be accessing a client for the SSO session. The capability to configure access to resources when providing SSO credential information further improves access security by preventing other users from gaining access to sensitive resources and/or applications.”).
Regarding claim 20, this claim recites a computer system comprising a processor and storing computer readable instructions corresponding to the features of claim 1. Therefore, claim 20 is rejected in a similar manner as in the rejection of claim 1. 

Regarding claim 4 and 23, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. BAR further teaches “further comprising requesting a secondary authentication method of the user when the likelihood value is determined to be not at or above the predetermined threshold value.” ([BAR, para. 0005] “In one aspect, when the authenticity score indicates a current user may not be the legitimate user, such as when the authenticity score falls below a certain threshold, the user may be presented with a dynamic security challenge to validate legitimacy of the current user. The security challenges may be generated and evaluated using the personal digital assistant application (or other application or computer service), which may also manage access to the user's secure information. In one respect, the dynamic security challenge comprises interrogating the current user, which may include generating one or more question-answer pairs and presenting the question(s) to the user. The question-answer pairs may be based on information derived from monitored recent user activity or persona model of the legitimate user.”).


Regarding claims 5 and 24, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. BAR further teaches “wherein the scope of permissions is a default scope of permissions when the likelihood value is determined to be not at or above the predetermined threshold value.” ([BAR, para. 0108] “In some embodiments, the weighting or ceiling may be pre-determined, such as a default security setting (or settings), so that access to the more sensitive information or more secure applications and service (e.g., banking/financial services, posting to social media, etc.) are restricted. Further, in some embodiments, the weighting or ceiling level(s) can be set or modified according to user settings or preferences, which may be modified only when the authenticity score is sufficiently high enough, in some embodiments (indicating high confidence that the current user is legitimate).”).


Regarding claim 6 and 25, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. BAR further teaches “further comprising: receiving repeated behavior …. data over time, including when accessing the service; updating the method for generating a likelihood value using the data.” ([BAR, para. 0079] “In some instances, the pattern-confidence weighting may be reflected in the person a model and considered when evaluating legitimacy of a current user against a persona model when determining the authenticity score. For example, in some embodiments, a minimum pattern-confidence weight may be needed before using a particular activity pattern is used for evaluating against activity of a current user. Nevertheless, user-related activity still may be monitored and activity-related patterns updated based on additional activity observations, since the additional observations of may increase the pattern-confidence for a particular pattern.”) ([BAR, para. 0098] “This may prompt a legitimate user to either modify their behavior (or remind them that if they continue, they will need to satisfy a security challenge or otherwise increase their authenticity score) or consider updating their persona model, which may be updated automatically to consider the new behavior, in some embodiments, where the authenticity score is sufficiently high.”) ([BAR, para. 0060] “Continuing with system 200 of FIG. 2, persona models generator 260 is generally responsible for generating (or updating) a persona model corresponding to a legitimate user. A persona model comprises a set of information about a legitimate user (or users) that may be used to determine a confidence value about the legitimacy of a current user”) ([BAR, para. 0061] “the information in a persona model comprises one or more patterns of user-behavior for a legitimate user, related contextual information associated with the legitimate user (such as locations, communication networks, environmental features, or other contextual data described herein), for instance, a geographic location frequently associated with the legitimate user at a certain time of day, such as at night (i.e., the location of the legitimate user's home) or during the weekday (i.e., the location of the user's work); these frequented locations are sometimes referred to as hubs.”). ([BAR, para. 0051] “In some embodiments, the user activity-related features may be interpreted to determine user-related activity has occurred. For example, in some embodiments, activity detector 282 employs user-related activity event logic, which may include rules, conditions, associations, classification models, or other criteria to identify user-related activity. For example, in one embodiment, user-related activity event logic may include comparing user-related activity criteria with the user data in order to determine that an activity-related event has occurred. The activity event logic can take many different forms depending on the mechanism used to identify an activity-related event. For example, the user-related activity event logic could be training data used to train a neural network that is used to evaluate user data to determine when an activity event has occurred. The activity event logic may comprise fuzzy logic, neural network, finite state machine, support vector machine, logistic regression, clustering, or machine learning techniques, similar statistical classification processes or, combinations of these to identify activity events from user data.”).
However, BAR does not teach “receiving … state data”. In analogous teaching  SUBRAMANYA teaches “receiving … state data”. ([SUBRAMANYA, para. 0068] “In at least one embodiment, Web Gate 206 may determine 220 whether a requested resource is protected. Web Gate 206 may communicate with authorization engine 210 to determine whether a resource is protected. In some instances, a resource may be protected for some users and may not be protected for other users depending on access granted to each user. At 222, authorization engine 210 may send a response 222 indicating whether a requested resource is protected. Response 222 may include other information related to access for the requested resource.”).
The same motivation to modify BAR with SUBRAMANYA as in the rejection of claim 1, applies. 
Regarding claim 9 and 28, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. BAR further teaches “wherein one or more of the following machine learning algorithms is used; decision tree, regression, neural network, time series, clustering, outlier detection, ensemble model, factor analysis, naive Bayes formulation, support vector machine, linear regression, logistic regression, k-nearest neighbors (kNN), k-Means, random forest, dimensionality reduction, gradient boosting, apriori, nearest neighbor, attention layers, generative adversarial networks, and teacher-student curriculum learning.” ([BAR, para. 0051] “For example, the user-related activity event logic could be training data used to train a neural network that is used to evaluate user data to determine when an activity event has occurred. The activity event logic may comprise fuzzy logic, neural network, finite state machine, support vector machine, logistic regression, clustering, or machine learning techniques, similar statistical classification processes or, combinations of these to identify activity events from user data.”).


Regarding claims 10 and 29, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. BAR further teaches “wherein the user data includes, for each access to the service, one or more of: user location data, a date and/or time, a weekday, a direction of approach to a service access location, a barometer reading, an accelerometer reading, a microphone reading, wireless frequencies and communications of user device, recent physical activity levels, recent user actions on the user device, results of user gait  analysis, recent user location, orientation of the user device, a lock state of the user device, a lock time of the user device and/or a lock duration of the user device.” (BAR, para. 0021] “Accordingly, as will be further described, in one embodiment, user-related activity of a legitimate user is monitored to determine a user persona model for the legitimate user. The user-related activity may include user interactions with one or more user devices associated with the legitimate user, and other information detected by the user device(s) or in the cloud, such as user activity associated with applications, services, or online accounts of the legitimate user. By way of example and not limitation, this may include user device location-information, such as geographical location, venue, time spent at a location, frequented locations, patterns or sequences of locations visited; network connection(s), such as familiar the wireless network(s) a user device is connected to or detects”) ([BAR, para. 0139] “The computing device of embodiment 1, wherein the user-related activity information of the legitimate user used for determining the persona model comprises information detected via the computing device including one or more of a geographical location, a venue, a communication network, browsing history, application-usage history, or calling history.”).

Regarding claims 11 and 30, BAR-SUBRAMANYA teaches all limitations of claims 4 and 23. BAR further teaches “wherein the secondary authentication method includes, a least one of requesting a fingerprint, requesting a password or pin, facial identification, user speech identification, requesting user location information, requesting a hardware token, requesting a response by short message service SMS, near field communication NFC communication with a user device, requesting badge information, requesting single sign on SSO history information, retina identification, requesting electrocardiogram EKG information of the user, user weight, user height and/or a secret knowledge challenge.” ([BAR, para. 0144] “The computing device of any of embodiments 1-6, wherein the determined authentication confidence score does not indicate that the current user is likely to be the legitimate user, and wherein the computer instructions are further configured to: generate a security challenge based on the persona model corresponding to the legitimate user”) ([BAR, para. 0145] “The computing device of any of embodiments 1-7, wherein the security challenge comprises one or a biometric challenge, requesting a password, a static security question, or two-factor authentication procedure.”).

Regarding claims 12 and 31, BAR-SUBRAMANYA teaches all limitations of claims 11 and 30. BAR further teaches “wherein a combination of multiple secondary authentication methods is used to authenticate identity.” ([BAR, para. 0126] “In some embodiments, the security challenge may comprise a plurality of questions and/or challenges provided to the current user. Embodiment of step 550 may be carried out by a security challenge generator 294 or authentication verification 290, as described in system 200 in connection to FIG. 2.”) ([BAR, para. 0089] “It is also contemplated that a security challenge may request the user to provide biometric information or conventional passwords. RSA token, Captcha, multifactor authentication, a code from an internal site or admin user, Microsoft Passport or Windows Hello, or other identifying information, in some embodiments (or that security challenges may be a mix of this and temporal or dynamic challenges described above).”).


Regarding claims 16 and 35, BAR-SUBRAMANYA teaches all limitations of claims 5 and 24. BAR further teaches “wherein the default scope of permissions is based on at least one of site policy, system configuration and/or operator preference.” ([BAR, para. 0024] “In embodiments, the threshold may be pre-determined by the user, application, or service, and may vary according to the sensitivity level of information or services being accessed. For instance, accessing email may require a lower threshold than accessing a mobile banking application.”) ([BAR, para. 0119] “The threshold may be pre-determined and may be specified by the legitimate user, such as a in a setting or preference, or may correspond to the particular secure computing resource (from step 430) that the current user is attempting to access. In some embodiments, different thresholds may exist for different secure computing resources, enabling some such resources to be accessed with a lower confidence of legitimacy and other resources to require very high confidence of legitimacy. Some embodiments of step 445 may be carried out by an authenticity verification component or routine, such as authenticity verification 290 of system 200, described in connection to FIG. 2.”).

Regarding claims 17 and 36, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. BAR further teaches “wherein elements of the behavioral data for at least one user …. relating to the service is selected based on at least one of site policy, system configuration and/or operator preference.” ([BAR, para. 0083] “In some embodiments, an authenticity score may be determined based on a combination or one or more of: user-related activity or behavior pattern analysis; …………. In some embodiments, the contribution or input of each of these towards determine the authenticity score may be specified in the user settings or preferences 243, in persona model logic 230”) ([BAR, para. 0101] “User settings or preferences 243 generally includes user settings or preferences associated with user-related activity monitoring; determining persona models (which may include information to be included or excluded from a persona model): determining authenticity scores (which may include settings specifying information to be considered when computing an authentication score), which may include permission for using information for designated third-party applications or services and/or weighting to be applied to this information; settings or preferences regarding generating, presenting, and/or evaluating security challenges; or other options associated with functions of the embodiments described herein. In some embodiments, user settings or preferences 243 may include user preferences about specific user-related activities (and related information) that the user desires be explicitly monitored or not monitored or categories of activities to be monitored or not monitored, crowdsourcing preferences, such as whether to use crowd sourced information, or whether the user's activity pattern information may be shared as crowdsourcing data; settings regarding thresholds; and/or notification preferences, for example. Furthermore, as described herein, user settings or preferences 243 may also specify thresholds or minimum authenticity scores (or a minimum degree of confidence about the legitimacy of a current user) for accessing certain classes of sensitive information or other secure computing resources.”).
However, BAR does not teach “the state data”. In analogous teaching SUBRAMANYA teaches “the state data” ([SUBRAMANYA, para. 0068] “In at least one embodiment, Web Gate 206 may determine 220 whether a requested resource is protected. Web Gate 206 may communicate with authorization engine 210 to determine whether a resource is protected. In some instances, a resource may be protected for some users and may not be protected for other users depending on access granted to each user. At 222, authorization engine 210 may send a response 222 indicating whether a requested resource is protected. Response 222 may include other information related to access for the requested resource”) ([SUBRAMANYA, para. 0045] “In some embodiments, access management system 140 may use one or more policies 160 to control access to resources. Policies 160 may include an authentication policy that specifies the authentication methodology to be used for authenticating the user for whom the access must be provided on a given resource. Policies 160 define the way in which the resource access is to be protected (e.g., type of encryption, or the like). Policies 160 may include an authorization policy that specifies the conditions under which a user or group of users has access to a resource. For example, an administrator may only authorize certain users within a group to access particular resources. Access management system 140 may determine authentication for an SSO session based on one or more of policies 160.”).
The same motivation to modify BAR with SUBRAMANYA as in the rejection of claim 1, applies. 

Regarding claims 18 and 37, BAR-SUBRAMANYA teaches all limitations of claims 4 and 23. BAR further teaches “wherein the secondary mode of authentication is selected based on at least one of site policy, system configuration and/or operator preference.” ([BAR, para. 0126] “In some embodiments, the security challenge may be determined (and in some instances, evaluated) using persona model logic 230, by the first secure computing resource, and/or may be specified by a system administrator.”) ([BAR, para. 0077] “Additionally, persona model logic 230 may include logic used for generating security challenges, such as specific types or categories of questions: logic specifying the criteria of legitimate user-related information to be used (e.g. the recency, type, category, such as user interactions, recent venues visited, browsing or app history, or the like); conditions for when to provide more than one security challenge or for monitoring user behavior concurrent with a security challenge (e.g., if the security challenge asks the user about recent calls and the user checks his or her call log, then a new security challenge should be provided); logic specifying how the authenticity score will be recomputed or updated based on correct or incorrect responses form the user, following a challenge, which may include whether to offer a second security challenge following an incorrect response; logic specifying types of security challenges to be presented and answered correctly in order to raise the authenticity score or in order to be granted access to various levels of sensitive information or secure applications and services;”).

Regarding claims 19 and 38, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. Furthermore, this claim recites features similar to those recited in claim 17 therefore claims 19 and 39 are rejected in a similar manner as in the rejection of claim 17. 

Claims 7 and 26 are rejected under 35 U.S.C. 103 as being unpatentable over  BAR-SUBRAMANYA in view of JAKOBSSON (US-20110016534-A1).
Regarding claims 7 and 26, BAR-SUBRAMANYA teaches all limitations of claims 1 and 20. However, BAR-SUBRAMANYA does not teach “wherein the behavioral data is for a group of users that are similar demographically to the user.” 
In analogous teaching, JAKOBSSON teaches “wherein the behavioral data is for a group of users that are similar demographically to the user.” ([JAKOBSSON, para. 0007] “the system determines a user behavior score based on a user behavior model and recent contextual data, wherein the user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern …... the system provides the user behavior score to an access controller of the controlled resource, thereby making an authentication decision derived from the user behavior score for the user to access the controlled resource based at least on the user behavior score.”) ([JAKOBSSON, para. 0027] “In some embodiments, the system derives the user behavior model from a second model of a group of users sharing similar characteristics.”).
Thus, given the teaching of JAKOBSSON, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of behavioral data comprising user demographic as taught by JAKOBSSON into the teaching of a method for authorizing a user for controlling access permissions as taught by BAR-SUBRAMANYA. One of ordinary skill in the art would have been motivated to do so because JAKOBSSON recognizes the need to improve user authentication ([JAKOBSSON, para. 0048] “in accordance with the present invention increase the degree of security when the level of usability remains the same as conventional systems. The systems can use the implicit authentication decision to authenticate the user to access the controlled resource.”) ([JAKOBSSON, para. 0042] “Embodiments of the present invention provide a method for implicitly authenticating a user to access a controlled resource without the need for entering passwords or answering any authentication questions.”) 

Claims 13, 32, 39, 40, 41, and 42 are rejected under 35 U.S.C. 103 as being unpatentable over BAR- SUBRAMANYA in view of BAE (US-20170116804-A1), hereinafter BAR -SUBRAMANYA-BAE.
Regarding claim 13 and 32, BAR -SUBRAMANYA teach all limitations of claim  1 and 20. However,  BAR -SUBRAMANYA does not teaches “wherein the state data includes state data of the piece of machinery relating to at least one of, usage history of the piece of machinery, work schedule of the piece of machinery, damage to the piece of machinery, safe operations rules for the piece of machinery, maintenance state and schedule of the piece of machinery, odometer data of the piece of machinery and/or current or recent location of the piece of machinery.” 
In analogous teaching, BAE teaches “wherein the state data includes state data of the piece of machinery relating to at least one of, usage history of the piece of machinery, work schedule of the piece of machinery, damage to the piece of machinery, safe operations rules for the piece of machinery, maintenance state and schedule of the piece of machinery, odometer data of the piece of machinery and/or current or recent location of the piece of machinery.” ([BAE, para. 0024] “At block 208, the access permission request is further evaluated to determine whether the request was sent from a location near the vehicle. A user requesting access to a vehicle may be required to be in the immediate vicinity of the vehicle to ensure that only the intended secondary user is allowed to access the vehicle, or for other security purposes. In some embodiments, the evaluation of block 208 may require location data from the secondary user device, which may be obtained from GPS, wireless local area network (WLAN) or Wi-Fi-based positioning systems, or the like. In other embodiments, the vehicle may determine whether the secondary user device is nearby through communication by NFC, WLAN/Wi-Fi, Bluetooth, or similar proximity-based, local-area, or short-distance electronic communication protocols. Similar to the outcomes of block 206, if the method 200 determines that the secondary user device requesting access is not located in the immediate vicinity of the vehicle, the method 200 may terminate by proceeding to block 214 denying access to the vehicle, or the permission parameter may be forwarded 212 to a primary user device for individual evaluation by a primary user. If the method 200 determines that the secondary user device requesting access is located in the immediate vicinity of the vehicle, the method may continue to block 210”). 
Thus, given the teaching of BAE, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of state data including location of the piece of machinery as taught by BAE into the teaching of a method for authorizing a user for controlling access permissions as taught by BAR-SUBRAMANYA. One of ordinary skill in the art would have been motivated to do so because BAE recognizes the need to allow secure access to minimize unauthorized access by hackers. ([BAE, para. 0035] “Thus, these methods allow access for pre-approved users in a secure, multi-layer approach and the potential for unauthorized access by hackers is minimized. It will be readily apparent that the methods disclosed will also be applicable to a wide variety of other situations not disclosed herein, particularly where a vehicle owner, lessee, or renter wishes to grant access to any other person without transferring possession of a key fob.”).

Regarding claim 39 and 41, BAR -SUBRAMANYA teach all limitations of claim 1 and 20. However, BAR -SUBRAMANYA does not teach “wherein the piece of machinery is a vehicle or a machine tool.”.
In analogous teaching, BAE teaches “wherein the piece of machinery is a vehicle or a machine tool.” ([BAE, Abstract] “Systems and methods for remotely providing access to a secured vehicle are disclosed. The methods can include receiving a permission parameter from a primary user authorizing a secondary user to enter, receiving an access permission request from a secondary user, evaluating the access permission request for compliance with the permission parameter, and unlocking a door of the vehicle to allow the secondary user to access the vehicle.”)
The same motivation to modify BAR-SUBRAMANYA with BAE as in the rejection of claim 13, applies. 

Regarding claim 40 and 42, BAR-SUBRAMANYA-BAR teach all limitations of claims 39 and 41. SUBRAMANYA further teaches “wherein the permissions data structure specifies that only an auxiliary system of the machinery can be operated by the operator.” ([SUBRAMANYA, para. 0013] “The method may include receiving scope information for configuring the access to the plurality of resources. The method may include determining, based on the scope of information, a scope of authentication for the user to access the plurality of resources. The scope of authentication may indicate a set of resources of the plurality of resources for which the user is denied access at the client device.”) ([SUBRAMANYA, para. 0014] “Yet in some embodiments, scope of information indicates a set of permitted resources for which the user is permitted access”).
The same motivation to modify BAR with SUBRAMANYA, as in the rejection of claim 1, applies.

Claims 14, 15, 33 and 34 are rejected under 35 U.S.C. 103 as being unpatentable over BAR-SUBRAMANYA in view of FRENCH (US-6321339-B1), hereinafter BAR-SUBRAMANYA-FRENCH.
Regarding claims 14 and 33, BAR-SUBRAMANYA teach all limitations of claim 1 and 20. However, BAR-SUBRAMANYA does not teach “state data includes external context data including data relating to at least one of, a SSO history for the piece of machinery, Electronic Logging Device (ELD) data for the piece of machinery, operator work schedule, operator login history, data indicating a relationship of the operator to other operators, operator checklist data, work order data, vacation schedule data, sick leave data, holiday schedule data, operator certification/licensing and/or data indicating legal limits on usage of the piece of machinery”.
In analogous teaching, FRENCH teaches “state data includes external context data including data relating to at least one of, a SSO history for the piece of machinery, Electronic Logging Device (ELD) data for the piece of machinery, operator work schedule, operator login history, data indicating a relationship of the operator to other operators, operator checklist data, work order data, vacation schedule data, sick leave data, holiday schedule data, operator certification/licensing and/or data indicating legal limits on usage of the piece of machinery”. ([FRENCH, Col. 1 lines 55-59] “An important aspect of the process of issuing the digital certificate is confirming the identity of network users. Various systems exist that perform some level of user authentication. These systems generally require a user to provide certain basic identification information, such as name, date of birth, social security number, address, telephone number and sometimes driver's license information.”) ([FRENCH, Col. 18 lines 51-60] “FIG. 18 illustrates an example authentication carried out according to authentication process 10 of the invention. In general, as illustrated in that figure, the user presents name, social security number, date of birth, email and mailing address information, followed by home telephone number and driver's license data. That information is accepted and processed through preprocessing step 26 and first level authentication step 32, after which it is determined that the data are consistent and merit proceeding to second level authentication step 40.”) [Examiner’s note: operator licensing is regarded here as a driver’s license.]
Thus, given the teaching of FRENCH, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of contextual data consisting of operator license as taught by FRENCH into the teaching of a method for authorizing a user for controlling access permissions as taught by BAR-SUBRAMANYA. One of ordinary skill in the art would have been motivated to do so because FRENCH recognizes the need for an improved method of authentication. ([FRENCH, Col. 2 lines 57-65] “A greater level of security could conceivably be attained by automatically performing a thorough authentication process for every transaction. However, this approach incurs unnecessary costs or resources in cases where only a lower level of certainty is needed. The invention avoids this drawback by enabling different levels of authentication to be performed based on the level of security desired, reducing costs and unnecessary use of system resources.”).

Regarding claims 15 and 34, BAR-SUBRAMANYA-FRENCH teaches all limitations of claims 14 and 33. FRENCH further teaches “wherein the state data includes operator certification/licensing data that is retrieved in real time from a registration database.” ([FRENCH, col, 12 lines 54-60] “FIG. 1 is a flowchart illustrating the overall authentication process according to the invention. Authentication process 10 starts at step 12. The authentication process 10 prompts a user for first level information at step 14. Again, the first type of information is preferably wallet-type information, that is, information such as name, address, driver's license or other information commonly carried on the person.”) ([FRENCH, Col. 13 lines 56-67] “During processing of any user-input driver's license information in the first level authentication step 32 (but preferably not in preprocessing step 26), any further checks against the driver's license database may be preferably implemented, for example, using the commercially available ChoicePoint drivers license database. Information from that external database is generally derived from official department of motor vehicle records or insurance claims information, the content of which may vary by state of issue. Step 54 assigns values and priorities to each response input by the user. Information that is of greater significance may be assigned a higher value or priority.”).
The same motivation to modify BAR-SUBRAMANYA with FRENCH as in the rejection of claim 14 applies. 

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AFAQ ALI whose telephone number is (571)272-1571. The examiner can normally be reached Mon - Fri 7:30am - 5:30pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/AFAQ ALI/Examiner, Art Unit 2434       

/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434