DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This written action is responding to the amendment dated on 06/01/2022.
Claims 1, 10 and 11 have been amended and all other claims are previously presented.
Claims 1, 10 and 11 are submitted for examination.
Claims 1, 10 and 11 are pending.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Response to Arguments
Applicant’s amendment filed on June 15, 2022 has claims 1, 10 and 11 and all other claims are previously presented. Among the amended claims, claims 1, 10 and 11 are independent ones, and thus, the amendment necessitates a new ground of rejection.
Applicant’s remark, filed on June 1, 2022 at pages 10-11, indicates, “Claim 1 as amended recites, inter alia, "performing authentication on an authentication request using the previously stored copy of the authentication-list at the first worker system responsive to the determination that the master system cannot be reached by the first network." Claims 10 and 11 as amended recite analogous language. Support for the amendment can be found in the present specification at least in paragraph 48. Danielsson is cited to address the performance of the authentication, but the Examiner concedes that Danielsson and Hochrieser do not teach the determination that the master system cannot be reached. As a result, Danielsson and Hochrieser cannot teach the feature of performing this authentication responsive to the determination that the master system cannot be reached. While Legette is cited to generally address the feature of an unreachable master system, it does not cure the deficiencies of Danielsson and Hochrieser, Legette maintains cached credentials which are generated after authentication. Thus, keeping the cached credentials from expiring does not read on the performance of authentication using a previously stored copy of an authentication-list. Trani is cited to address unrelated features and cannot cure this deficiency. It is therefore respectfully asserted that Danielsson, Hochrieser, Legette, and/or Trani, taken alone or in any combination, fail to disclose or suggest performing authentication on an authentication request using a previously stored copy of the authentication list. Claim 1 as amended further recites, "wherein authentication removes matching detected face images from the detected face images in the first time window and the second time window after completing an authentication request." Claims 10 and 11 recite analogous language. Support for the amendment can be found in the present specification at least in paragraph 43. The Office Action cites Danielsson as teaching this feature, in particular citing a discussion of an "identification profile" from a list of tracked persons. However, removing a profile of a user does not appear to read on removing matching detected face images from a set of detected face images in a given time window. The other cited art does not read on this feature. It is therefore respectfully asserted that Danielsson, Hochrieser, Legette, and/or Trani, taken alone or in any combination, fail to disclose or suggest authentication that removes matching detected face images from the detected face images in the first time window and the second time window after completing an authentication request. Thus, it is respectfully submitted that claims 1, 10, and 11 are patentably distinct and non-obvious over the cited reference for at least the reasons set forth above. Reconsideration and withdrawal of the rejection is respectfully requested.”
Applicant’s argument has been considered and is found persuasive. Therefore, Applicant’s amendment necessitates a new ground of rejection. Accordingly, a new ground of rejection based on the newly identified prior-art by Scheja et al. (US 10,089,804) hereinafter Scheja, and Tussy et al. (US 2020/0042685) hereinafter Tussy has been applied to the amendment.
Specifically, Scheja discloses a technology for allowing access to an area having a blocked entrance , wherein the blocking of the entrance is controlled by an access controller arranged to unblock the entrance upon receipt of an authorized credential . The technology is implemented to repeatedly updating an override credential in the access controller , sending updated override credential the access controller to a remote node , repeatedly checking the connectivity between the remote node and the access controller , detecting failure of connectivity between the access controller and the remote node , setting the override credential as an authorized credential in the access controller in response to the detection of failure of connectivity , and allowing access through the blocked entrance upon receipt of the override credential in an access request to the area received by the access controller. In addition, column 6 lines 4-17 discloses the use of a copy of the authorized credentials in order to grant physical access to a user. Thus, Examiner submits that Scheja teaches the amended feature limitation, “storing a copy of an authentication-list at a first worker system”, “a master system … cannot be reached by a first network, after storing the copy of the authentication-list” and “performing authentication … responsive to the determination that the master system cannot be reached by the first network”. (See Abstract and rejection below)
Regarding new applied art by Tussy, discloses a method for generating a digital ID comprising capturing one or more user images of user's face, transmitting the one or more user images or data derived therefrom to a verification server and determining if the one or more images represent a live person. In addition, paragraph [0117] discloses that the authentication server may then associate the enrollment biometrics with the device information and the unique identifier (or account information) and stores the biometric information in the database. For added security, the mobile device  and the authentication server may be configured to delete the enrollment images after the enrollment biometrics of the user are obtained. Thus, Examiner submits that Tussy teaches the amended feature limitation, “wherein authentication removes matching detected face images from the detected face images … after completing an authentication request to prevent other individuals from using a same identifier”. (See rejection below)
Finally, Examiner submits that the new combination of prior-art references by Danielsson, Scheja Hochrieser and Tussy would render the claimed limitations obvious. (See rejection below)
Applicant’s remarks regarding amended independent claims 17 and 18 has been considered and is addressed based on the same rationale presented for the amended claim 1. Please refer to the rejection to the claims in details below.
Applicant further recites similar remarks as listed above for dependent claims, 2-9 and 12-19. Please refer to the aforementioned response, which addresses how the new combination of prior-art references by Danielsson, Scheja Hochrieser, Tussy, Leggette and Trani would render the claimed limitations obvious.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 5-6, 11-12 and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Danielsson et al. (US 2018/0107880) hereinafter Danielsson (included in IDS) in view of Scheja et al. (US 10,089,804) hereinafter Scheja and Hochrieser et al. (US 10,606,993) hereinafter Hochrieser and further in view of Tussy et al. (US 2020/0042685) hereinafter Tussy.
As per Claim 1, Danielsson teaches a method for authentication, comprising:
[storing a copy of an authentication-list at a first worker system]; 
determining, at the first worker system (Danielsson, Parag. [0035]; “The physical access controllers 103a, 103b are part of a physical access control system adapted to control physical access to the defined area by matching credentials presented by a person requesting access to the defined area 101 to credentials in a database including credentials of preregistered persons.”), that a master system that stores a current authentication-list (Danielsson, Parag. [0035]; “The matching of the credentials as well as the storage of the credential database may be handled locally on the access controller 103a, 103b or at a server 109a connected to the access controllers 103a, 103b. In FIG . 1 the server 109a is placed in box with dashed lines outside, but connected to, the defined area 101. The purpose of this representation of the server 109a is to show that the server may be physically located within the defined area 101 or outside the defined area, in case the server 109a is located outside the defined area 101 it would be connected to the access controllers 103a, 103b through a network”.  Parag. [0008]; “… Registering an identification profile of the identified person in a list of persons that are tracked in the area, the identification profile comprising information for identifying the person from image data, receiving image data from a scene within the area, creating a set of identification characteristics for an object detected in the received image data, comparing the created set of identification characteristics of the detected object to the registered identification profiles in the list of persons that are tracked in the area, determining the identification profile in the list of persons that are tracked in the area that best match the set of identification characteristics of the detected object.”  Parag. [0047]; “The created identification characteristics are then stored for the detected object and compared to the identification characteristics in the registered identification profiles in the list of persons that are tracked.”) [cannot be reached by a first network, after storing the copy of the authentication-list;]; 
performing authentication on an authentication request using the previously stored copy of the authentication-list at the first worker system (Danielsson, Parag. [0042]; “The identification is performed by matching credentials presented to the system by the person to credentials in a database including credentials of preregistered persons. Step 202 may be performed by the physical access control system described in connection to FIG. 1, for example comprising a credential input device 104 for reading the credential presented by the person and an access controller 103 matching the presented credentials to credentials in a database including credentials of preregistered persons.”  Parag. [0008], “… Registering an identification profile of the identified person in a list of persons that are tracked in the area, the identification profile comprising information for identifying the person from image data, receiving image data from a scene within the area, creating a set of identification characteristics for an object detected in the received image data, comparing the created set of identification characteristics of the detected object to the registered identification profiles in the list of persons that are tracked in the area, determining the identification profile in the list of persons that are tracked in the area that best match the set of identification characteristics of the detected object.” Parag. [0047]; “The created identification characteristics are then stored for the detected object and compared to the identification characteristics in the registered identification profiles in the list of persons that are tracked.”) [responsive to the determination that the master system cannot be reached by the first network], 
wherein the authentication includes facial recognition (Danielsson, Parag. [0008]; “… the identification profile comprising information for identifying the person from image data, receiving image data from a scene within the area, creating a set of identification characteristics for an object detected in the received image data, comparing the created set of identification characteristics of the detected object to the registered identification profiles in the list of persons that are tracked in the area”.  Parag. [0047]; “The created identification characteristics are then stored for the detected object and compared to the identification characteristics in the registered identification profiles in the list of persons that are tracked.”) [that is performed on detected face images for a first time window, before receiving the authentication request, and for a second time window, after receiving the authentication request], and 
[wherein authentication removes matching detected face images from the detected face images in the first time window and the second time window after completing an authentication request to prevent other individuals from using a same identifier]; and 
[granting access to a secured area responsive to the authentication].
However, Danielsson does not expressly teach:
storing a copy of an authentication-list at a first worker system;
a master system … cannot be reached by a first network, after storing the copy of the authentication-list;
performing authentication … responsive to the determination that the master system cannot be reached by the first network;
wherein the authentication includes facial recognition that is performed on detected face images for a first time window, before receiving the authentication request, and for a second time window, after receiving the authentication request; and
wherein authentication removes matching detected face images from the detected face images in the first time window and the second time window after completing an authentication request to prevent other individuals from using a same identifier; and
granting access to a secured area responsive to the authentication.
But, Scheja teaches:
storing a copy of an authentication-list at a first worker system (Scheja, Col. 6, lines 8-15; “The distribution of the access system may in some embodiments be implemented so that each access controller keeps a copy of the credentials authorized in the system. In an alternative system the access controller stores authorized credentials that are likely to become relevant for the access controller, i.e. that a user with the authorized credential is likely to access the restricted area/areas that the access controller is arranged to allow access to.”);
a master system … cannot be reached by a first network, after storing the copy of the authentication-list (Scheja, Col. 4, lines 16-26; “The method comprises detecting failure of connectivity over the network connection between the access controller and the remote node, initiating a wireless short range communication access point in response to said detection of failure of connectivity, said wireless short range communication access point being initiated by the access controller, and receiving at the access controller via said wireless short range communication access point a credential authorising the access controller to unblock said entrance and then allowing access to the area.” … Col. 10, lines 23-30; “However , if the connection is down, i.e. not working properly, then the access controller is arranged to start the wireless short range communication access point 62, S212. As previously mentioned, the wireless short range communication access point 62 may be arranged in the same housing as the access controller or it may be arranged externally and communicating with the access controller via LAN, e.g. an Ethernet connection.”);
performing authentication … responsive to the determination that the master system cannot be reached by the first network (Scheja, Cols. 1-2, lines 67-8; “if the network connection to the entrance of the area to access is down for one reason or another then the centralised system does not work as the authentication authorisation is performed centrally and the signal to allow access cannot be passed to the lock of the door due to the network connection being down. This problem is partly solved by using local access controllers in a distributed system as the authentication and authorisation may be performed locally at the entrance to the area. One requirement for this latter to work properly is that the temporary access credential (i.e. The copy of the list) has been registered in the local access at the position of the entrance to the area before the network connection to the rest of the network or at least to the part of the network including the gateway to the cellular network and/or a credential setting service (which may be provided in any number of access controllers in the system) has been disconnected from each other.”)
Danielsson and Scheja are from similar field of technology. Prior to the instant application’s effective filling date, there was a need to provide user authentication using a previously stored copy of the authentication list at the first worker system. The authentication includes facial recognition that is performed on detected face images.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Scheja’s system into Danielsson’s system, with a motivation to provide a method for connectivity checking and if a failure is detected authorizing the credentials stored at the system (Scheja, Abstract).
However the combination of Danielsson and Scheja does not expressly teach:
wherein the authentication includes facial recognition that is performed on detected face images for a first time window, before receiving the authentication request, and for a second time window, after receiving the authentication request; and
wherein authentication removes matching detected face images from the detected face images in the first time window and the second time window after completing an authentication request to prevent other individuals from using a same identifier; and
granting access to a secured area responsive to the authentication.
But, Hochrieser teaches:
wherein the authentication includes facial recognition that is performed on detected face images for a first time window, before receiving the authentication request, and for a second time window, after receiving the authentication request (Hochrieser, Col. 9, lines 31-38; “FIGS. 8B and 9B illustrate captured images (850, 950) that are captured at the first time (t0) and the second time (t1), respectively, while the user interface 800 is displayed. In some embodiments, the captured images 850 and 950 are frames of a video or still images captured by a camera 218. The captured images 850 and 950 include a first facial image 852 and a second facial image 952, respectively, of the 402.” … Col. 10, lines 64-67 to Col. 11, lines 1-9; “In some embodiments, prior to receiving a captured image, the device receives (1302) an authorization request from an image capturing device 200 via a first network 150. For example, the authorization request is an access request (such as a data access request, a device access request, and/or a facility access request) and/or a request to conduct a transaction. In some embodiments, in response to receiving the authorization request from the image capturing device 200, the device transmits (1304), to the image capturing device 200, a request for captured image data that includes a first facial image 602 and an image of a document 300 that includes a second facial image 302.”); and
[wherein authentication removes matching detected face images from the detected face images] in the first time window and the second time window (Hochrieser, Col. 9, lines 31-38; “FIGS. 8B and 9B illustrate captured images (850, 950) that are captured at the first time (t0) and the second time (t1), respectively, while the user interface 800 is displayed. In some embodiments, the captured images 850 and 950 are frames of a video or still images captured by a camera 218. The captured images 850 and 950 include a first facial image 852 and a second facial image 952, respectively, of the 402.”) [after completing an authentication request to prevent other individuals from using a same identifier]; and
granting access to a secured area responsive to the authentication (Hochrieser, Col. 1, lines 45-48; “If the image analysis determines that there is a match, authorization is granted. In this way, a device is enabled to perform authentication using a received image”.  Col. 11, lines 36-41; “For example, in some embodiments, determining whether an authorization has been granted for a particular user includes determining whether, for a previous authorization request, authorization information has been received by the imaging capturing device 200 (e.g., as described below with regard to operation (1342).”).
Danielsson, Scheja and Hochrieser are from similar field of technology. Prior to the instant application’s effective filling date, there was a need to provide user authentication using a previously stored copy of the authentication list at the first worker system. The authentication includes facial recognition that is performed on detected face images.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Hochrieser’s system into Danielsson-Scheja system, with a motivation to perform authentication using a captured image that includes a person's face and a document that includes a previously captured image of the person's face (Hochrieser, Col. 1, lines 35-38). 

However, the combination of Danielsson, Scheja and Hochrieser does not expressly teach:
wherein authentication removes matching detected face images from the detected face images in [the first time window and the second time window] after completing an authentication request to prevent other individuals from using a same identifier;
wherein authentication removes matching detected face images from the detected face images in [the first time window and the second time window] after completing an authentication request to prevent other individuals from using a same identifier;
But, Tussy teach:
wherein authentication removes matching detected face images from the detected face images in [the first time window and the second time window] after completing an authentication request to prevent other individuals from using a same identifier (Tussy, Parag. [0117]; “In this embodiment in step 524, the mobile device may detect the user's face in each of the enrollment images, crop the images to include only the user's face, and send, via a network, the images to the authentication server 120. In step 526, upon receipt of the enrollment images, the authentication server 120 performs facial recognition on the images to determine biometric information ("enrollment biometrics”) for the user. The authentication server 120 may then associate the enrollment biometrics with the device information and the unique identifier (or account information) and stores the biometric information in the database 124 in step 528. For added security, in step 530, the mobile device 112 and the authentication server 120 may be configured to delete the enrollment images after the enrollment biometrics of the user are obtained.”)
Danielsson, Scheja, Hochrieser and Tussy are from similar field of technology. Prior to the instant application’s effective filling date, there was a need to provide user authentication using a previously stored copy of the authentication list at the first worker system. The authentication includes facial recognition that is performed on detected face images.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Tussy system into Danielsson-Scheja-Hochrieser system, with a motivation to perform authentication by matching facial images of a user to grant access and adding additional security by deleting the captured images. (Tussy, Abstract and Parag. [0117]).

As per claim 2, the combination of Danielsson, Scheja, Hochrieser and Tussy teaches the method of claim 1. Danielsson teaches further comprising downloading the previously stored copy of the authentication-list to the first worker system, from a second worker system (Danielsson, Parag. [0038]; “Yet another alternative is to import identification profiles or data that could be used to compile an identification profile from another source, such as another monitoring system.”).

As per claim 5, the combination of Danielsson, Scheja, Hochrieser and Tussy teaches the method of claim 1.  Danielsson teaches wherein authentication comprises multiple factors, including an identification scan, facial recognition and a schedule check for a recognized individual (Danielsson, Parag. [0035]; “The matching of the credentials as well as the storage of the credential database may be handled locally on the access controller 103a, 103b or at a server 109a connected to the access controllers 103a, 103b. … The access controllers 103a, 103b are connected to a credential input device 104a, 104b, for example a keypad, a biometric scanner, or a reader device for optical, magnetic or radio frequency protocols, or similar device for a person, requesting access to the defined area, to present credentials. The biometric scanner may for example scan fingerprints, irises, retinas or faces. The physical access controllers 103a, 103b are connected to a locking mechanism governing entry to the defined area 101, e. g. via a door, an elevator, a gate, a turnstile, a sliding door, or another movable blocking device that may be put in a passage to prevent people from entering the defined area 101 without presenting their credentials. Depending on the success of matching presented credentials with the credentials in the credential database, and various access rules, a person may be given access to the defined area. An access rule may for example regulate time periods during which access will be granted to preregistered persons.”  Parag. [0018]; “In yet other embodiments, the identification profile comprises one or more sets of identification characteristics for describing the appearance of a person, selected from the group consisting of: characteristic geometrical parameters of the body or the face of a person, mathematical expressions representing facial features or features of the body of a person, texture parameters of a person's clothing, skin or face, color spectrum from the image of a person or part of a person, gait of a person, a movement pattern of a person”.  Parag. [0047]; “The created identification characteristics are then stored for the detected object and compared to the identification characteristics in the registered identification profiles in the list of persons that are tracked.”).

As per claim 6, the combination of Danielsson, Scheja, Hochrieser and Tussy teaches the method of claim 5.  Danielsson further teaches wherein performing authentication further comprises authenticating the identification scan using a previously stored copy of credentials at the first worker system (Danielsson, Parag. [0042]; “The identification is performed by matching credentials presented to the system by the person to credentials in a database including credentials of preregistered persons. Step 202 may be performed by the physical access control system described in connection to FIG. 1, for example comprising a credential input device 104 for reading the credential presented by the person and an access controller 103 matching the presented credentials to credentials in a database including credentials of preregistered persons.”).

As per claim 11, it is a system claim that recites similar limitations to those of claim 1, and therefore it is rejected for the same rationale applied to claim 1.  In addition, Scheja teaches a first network interface (Scheja, Col. 7, lines 20-27; “the access controller 12 according to some embodiments includes an I/O-interface 50 arranged to send control signals to a door lock in order to control the state of the lock, e.g. switching between the states locked and open. Moreover, the access controller 12 includes a network interface 52 arranged to connect the access controller 12 to a local area network (LAN) of the site of the access controller 12.”).  In addition, Hochrieser teaches an authenticator (Hochrieser, Col. 4, lines 6-15; “a user authentication module 108, which stores information such as captured image data 110, extracted first facial image data 112, and/or extracted second facial image data 114 (e.g., extracted by the image analysis module 106 from the captured image data 110), user identification information 116 (e.g., user name, user password, user residential information, user phone number, user date of birth, and/or user e-mail), and user biometric information 118 (e.g., facial data, fingerprint data, retinal data, hand image data, and/or gait data).”) and an authentication console (Hochrieser, Col. 4, lines 4-20; “an operating system 104; an image analysis module; a user authentication module 108, which stores information such as captured image data 110, extracted first facial image data 112, and/or extracted second facial image data 114 (e.g., extracted by the image analysis module 106 from the captured image data 110), user identification information 116 (e.g., user name, user password, user residential information, user phone number, user date of birth, and/or user e-mail), and user biometric information 118 (e.g., facial data, fingerprint data, retinal data, hand image data, and/or gait data) and liveness analysis module 119, which stores information for displaying a moving target liveness user interface 800 and/or a language content liveness user interface 1100.”).

As per claim 12, the rejection of claim 11 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 2, and therefore it is rejected for the same rationale applied to claim 2.

As per claim 15, the rejection of claim 11 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 5, and therefore it is rejected for the same rationale applied to claim 5.

As per claim 16, the rejection of claim 15 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 6, and therefore it is rejected for the same rationale applied to claim 6.

Claims 7-10 and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Danielsson et al. (US 2018/0107880) hereinafter Danielsson (included in IDS) in view of Scheja et al. (US 10,089,804) hereinafter Scheja; Hochrieser et al. (US 10,606,993) hereinafter Hochrieser and Tussy et al. (US 2020/0042685) hereinafter Tussy as applied to claim 1, and further in view of Leggette et al. (US 2019/0095101) hereinafter Leggette.
As per claim 7, the combination of Danielsson, Scheja, Hochrieser and Tussy teaches the method of claim 1.  
However, the combination of Danielsson, Scheja, Hochrieser and Tussy does not expressly teach:
determining that the master system can be reached by the first network, after performing authentication; and 
downloading an up-to-date copy of the authentication-list to the first worker system, from the master system.
But, Leggette teaches the method comprising: 
determining that the master system can be reached by the first network (Leggette, Parag. [0117]; “The method continues at step 118 where the processing module determines whether a remote authentication list is accessible. The determination may be based on whether an authorization authority containing the remote authentication list is accessible (e. g., online).”), after performing authentication (Leggette, Parag. [0113]; “The method continues at step 104 where the processing module determines whether the credential matches an approved credential from a local authentication list. The determination may be based on whether the credential matches an approved credential in the local authentication list and whether the credential in the local authentication list has not expired (e. g., from a time perspective). The local authentication list includes one or more previously approved credentials (e. g., received from an authentication authority) and an associated one or more timestamps such that a timestamp is paired with each approved credential.”); and 
downloading an up-to-date copy of the authentication-list to the first worker system, from the master system (Leggette, Parag. [0117]; “FIG . 6D is a flowchart illustrating an example of refreshing a local authentication list. The method begins with step 116 where a processing module (e. g., of a dispersed storage (DS) processing unit) identifies an expired approved credential in a local authentication list. The identification may be based on comparing an expiration time stamp associated with the approved credential to a current time. For example, the processing module determines that the approved credential is expired when the current time is greater than the expiration timestamp. The method continues at step 118 where the processing module determines whether a remote authentication list is accessible. The determination may be based on whether an authorization authority containing the remote authentication list is accessible (e. g., online).”). 
Danielsson, Scheja, Hochrieser, Tussy and Leggette are from similar field of technology. Prior to the instant application’s effective filling date, there was a need to provide user authentication using a previously stored copy of the authentication list at the first worker system. The authentication includes facial recognition that is performed on detected face images.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Leggette system into Danielsson-Scheja-Hochrieser-Tussy system, with a motivation to perform authentication using an update authentication list when the server is on-line (Leggette, Parag. [0099-0117]).

As per claim 8, the combination of Danielsson, Scheja, Hochrieser, Tussy and Leggette teaches the method of claim 7.  Leggette further teaches the method comprising repeating authentication (Leggette, Parag. [0103]; “As a specific example of the credential, a credential 1 113 includes a hash of “5943J J2134”, a soft timeout of 3 minutes, an extension with condition of 5 minutes from a last recorded connection with an authentication server, a hard timeout of 15 minutes, and a timestamp of 07:33:21. The soft timeout indicates how often (e. g., a first time period) the computing device must contact the authentication server to re-validate the credential. For example, at times 07:36:21, 07:39:21, 07:42:21 and 07:45:21 the computing device must re-authenticate the credential for it to remain current (e. g., valid).”) using the up-to-date copy of the authentication-list at the first worker system (Leggette, Parag. [0117]; “FIG . 6D is a flowchart illustrating an example of refreshing a local authentication list. The method begins with step 116 where a processing module (e. g., of a dispersed storage (DS) processing unit) identifies an expired approved credential in a local authentication list. The identification may be based on comparing an expiration time stamp associated with the approved credential to a current time. … The method continues at step 118 where the processing module determines whether a remote authentication list is accessible. The determination may be based on whether an authorization authority containing the remote authentication list is accessible (e. g., online).”).

As per claim 9, the combination of Danielsson, Scheja, Hochrieser, Tussy and Leggette teaches the method of claim 8. Danielsson further teaches the method comprising issuing an alert responsive to a determination that the repeated authentication has a different result from authentication performed using the previously stored copy of the authentication-list (Danielsson, Parag. [0011]; “In other embodiments, this is further developed generating an alert if the calculated confidence score corresponding to the identification profile with the highest correlation to the set of identification characteristics of the detected object is smaller than the first predetermined threshold. As the poor match may be due to a detected intruder, that has entered the defined area without proper identification using valid credentials and hence is not part of the list of persons tracked in the area, generating an alert will improve the security of the defined area.”).

As per claim 10, it is a method claim that recites similar limitations to those of claims 1 and 7-9, and therefore it is rejected for the same rationale applied to claims 1 and 7-9.

As per claim 17, the rejection of claim 11 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 7, and therefore it is rejected for the same rationale applied to claim 7.

As per claim 18, the rejection of claim 17 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 8, and therefore it is rejected for the same rationale applied to claim 8.

As per claim 19, the rejection of claim 18 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 9, and therefore it is rejected for the same rationale applied to claim 9.

Claims 3-4 and 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Danielsson et al. (US 2018/0107880) hereinafter Danielsson (included in IDS) in view of Scheja et al. (US 10,089,804) hereinafter Scheja; Hochrieser et al. (US 10,606,993) hereinafter Hochrieser and Tussy et al. (US 2020/0042685) hereinafter Tussy as applied to claim 1, and further in view of Trani (US 2018/0102007).
As per claim 3, the combination of Danielsson, Scheja, Hochrieser and Tussy teaches the method of claim 2.
However, the combination of Danielsson, Scheja, Hochrieser and Tussy does not expressly teaches: 
wherein the first worker system and the second worker system are connected via a second network that is distinct from the first network. 
But, Trani teaches:
wherein the first worker system and the second worker system are connected via a second network that is distinct from the first network (Trani, Fig. 1 and Parag. [0036]; “In general, the system 100 also includes a verification and tracking system 115, a mesh network of door nodes 160 and positioning nodes 162, and may further include additional components such as a fingerprint reader kiosk, display devices, and door controllers 112. These components primarily communicate with one another over an enterprise data network 113, which may include wired and/or wireless portions. For example, the door nodes 160 and positioning nodes 162 communicate wirelessly via wireless local area network utilizing WIFI protocols, for example.” … Parag. [0038]; “Additionally, according to the present invention, the door nodes 160 in combination with the positioning nodes 162 form a self-organized mesh network for tracking users 104 throughout the building 102”.  Parag. [0048]; “Typically, the data network 113 is an enterprise network such as a Local Area Network (LAN), e. g., wired and/or wireless Ethernet. The door nodes 160 can also communicate with the verification and tracking system 115 via serial connections, in another example”.  Parag. [0058]; “In the illustrated example, the door node 160 also includes a network interface controller 202, a Wi-Fi antenna 212, a node controller 204, an antenna controller 206 and BLE chipsets 208, and a camera 210. … The BLE controller 206 directs the function of the BLE chipsets 208, which in turn interpret the radio frequency signals received from the antennas 150, 152. The network interface controller 202 provides an interface with the network 113. This enables the door node 160 to communicate with the verification and tracking system 115 and the door controllers 112. The network interface controller 202 also connects to a Wi-Fi antenna 212, which provides an alternative means of connecting to the network 113 and allows the door node 160 to communicate with other nodes 160, 162.”).
Danielsson, Scheja, Hochrieser, Tussy and Trani are from similar field of technology. Prior to the instant application’s effective filling date, there was a need to provide user authentication using a previously stored copy of the authentication list at the first worker system. The authentication includes facial recognition that is performed on detected face images.
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teachings of Train’s system into Danielsson-Scheja-Hochrieser-Tussy system, with a motivation to provide an access control system that includes a mesh network of nodes for tracking and authenticating users throughout a building. The nodes include wireless interfaces. The user devices send user information to the nodes, which send the user information to a verification and tracking system, which returns authentication status information (Trani, Abstract).

As per claim 4, the combination of Danielsson, Scheja, Hochrieser, Tussy and Trani teaches the method of claim 3. Trani teaches wherein the second network is a mesh network (Trani, Abstract; “An access control system includes a mesh network of nodes for tracking and authenticating users throughout a building. The nodes include wireless interfaces.” … Parag. [0038]; “Additionally, according to the present invention, the door nodes 160 in combination with the positioning nodes 162 form a self-organized mesh network for tracking users 104 throughout the building 102.”).

As per claim 13, the rejection of claim 12 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 3, and therefore it is rejected for the same rationale applied to claim 3.

As per claim 14, the rejection of claim 13 it is incorporated. In addition, it is a system claim that recites similar limitations to those of claim 4, and therefore it is rejected for the same rationale applied to claim 4.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Prokupets et al. (US 2003/0023874): A system for integrating security and access for facilities and information systems is provided including a computer server, information systems, and facility protection systems. Facility protection systems represent an access control system for controlling entry/exit to areas of buildings, such as with badges or other ID Credentials and other systems, such as intrusion detection and fire systems, to provide protection in facility environments. The computer server has a central database which stores at least information defining users and their access privileges to the information systems and to areas of facilities controlled by access control system. Each of the information systems and facility protection systems sends event data to the computer server when an event occurs on its respective system, and an event transaction processor in the computer server determines action(s), if any, to take in response to one or more received events and accordingly sends action data to other information systems and facility protection systems to instruct such systems to automatically respond to security risks representing by such events in real-time.
Barry, et al. (US 2016/0308859): Provided are a device, system, and method for multi-factor multi-biometric access control that authenticate a user based on at least one of what the user knows, what the user possesses and what unique physical, biological and physiological or biometric traits the user has, wherein the device includes a single sensor from which multi-biometric data is derived.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALEX D CARRASQUILLO whose telephone number is (571)270-5045. The examiner can normally be reached Monday - Friday 9:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/A.D.C./Examiner, Art Unit 2498

/JOHN B KING/Primary Examiner, Art Unit 2498