DETAILED ACTION
This action is response to communication:  response to original application filed on 04/05/2022.
Claims 1-20 are currently pending in this application.  
The IDS filed on 06/10/2022 has been accepted.  
	
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 11,328,052. Although the claims at issue are not identical, they are not patentably distinct from each other because all of the limitations of the present claims are found in the parent patent.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 2, 4-6, 8, 10-12, 14-18, and 20 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Er. et al. US. Patent Application Publication 2010/0325097 (Er)
As per claim 1, Er teaches a system for controlling access to a workstation, the system comprising: a communications interface (Figure 2 wherein system with access agent may communicate with server, applications, etc); at least one memory storing a repository of login credentials, a repository of authorization rules, and instructions (paragraph 59 wherein credentials, attributes, policies, etc are stored); at least one hardware processor interoprably coupled with the at least one memory and the communications interface, the instructions instructing the at least one hardware processor to perform operations comprising (see Figure 2 wherein executed by computing system;): executing an overwatch application associated with the workstation, the overwatch application monitoring logins to the workstation (abstract, paragraph 12 and throughout with access agent; see paragraph 100 with monitoring log on); detecting, by the overwatch application, a login initiated by a limited user associated with a set of credentials (paragraph 100 with attempting login of a user; user login is associated with credentials, as seen in paragraph 59; also see paragraph 64 with access rules, profile engines, credentials, etc; in addition, see paragraph 73 wherein policies may be associated with parameters such as credentials); initializing a lock-down application (throughout the reference with access agent; see paragraph 57, 58, and throughout); identifying, by the lockdown application, unauthorized hardware inputs based on the authorization rules and the set of credentials (paragraph 82-84 with identifying keyboard or mouse inputs; see paragraphs 73, 74 wherein access rules utilize policies, user attributes, security credentials, etc), and blocking, by the lockdown application, the unauthorized hardware inputs associated with the workstation (paragraphs 82-84 with blocking keyboard or mouse input).

	As per claim 2, Er teaches identifying, by the lockdown application and based on the set of credentials, authorized processes, and non-uathoirzed processes, wherein the authorized processes comprise one or more software processes permitted to execute on the workstation during the login of the limited user, and wherein the non-0authorized processes comprise one or more software processes not permitted to execute on the workstation during the login of the limited user (see throughout Er; for example, paragraph 73 with types of data a user can access (whitelist and authorized software processes); see paragraph 89 with examples of unauthorized processes; see paragraphs 73-74 with security credentials and paragraph 98 with access control).  
	As per claim 4, Er teaches wherein the overwatch application and lockdown application are remotely installed on the workstation by a server system (paragraph 87 wherien access agent is installed; see Figure 2 wherein access agent associated with remote server; also see paragraph 50 wherein server providing instructions to the computer system remotely).
	As per claim 5, Err teaches receiving the set of credentials at the workstation; transmitting, via the communications interface, the set of credentials to a server system, wherein the server system verifies the set of credentials as the set of credentials of an authorized, but limited user, and receiving, via the communications interface, a login authorization to the workstation, wherein the login authorization comprises information associated with the authorization rules, and wherein the authorization rules are associated with the set of credentials that match stored credentials in the stored repository of login credentials (Er paragraph 37 wherein server stores user attributes nad policies; see also paragraph 50and Figure 2 wherein the system is performed by the server and paragraph 58 wherein access agent may be on server and the authentication happens at the server; see also paragraph 64; see paragraph 73 wherein the roles/access restrictions may be tied to credentials). 
	As per claim 6, Er teaches wherein the limited user comprises a system user that is authorized to perform a apticular set of tasks, wherein the particular set of tasks require only a subset of functionality associated with the workstation, and wherein the authorized processes correspond to the subset of functionaliy required by the apticular set of tasks (see paragraph 98 wherein suers may perform only certain tasked based on access control rules; see also paragraph 73). 
	 As per claim 8, Er teaches wherein in response to detecting, by the overwatch application, the login by the authorized user, the operations further comprising: allowing full workstation functionality to the authorized user in response to the login (see paragraph 98 with role-based access control; depending on user, a user may be allowed full functionality; see pargraph 75 with administrator access; see also paragraph 64 and 91 with administrator access)
	As per claim 10, Er teaches wherein the unauthorized hardware inputs to the workstation comprise inputs form at least one of: a keyboard, a mouse, a removable memory, a cash register, a touchscreen, or a microphone (paragraph 43 and 84 with mouse and keyboard). 
	Claim 11 is rejected using the same basis of arguments used to reject claim 1 above.
Claim 12 is rejected using the same basis of arguments used to reject claim 2 above.
Claim 14 is rejected using the same basis of arguments used to reject claim 4 above.
Claim 15 is rejected using the same basis of arguments used to reject claim 5 above.
Claim 16 is rejected using the same basis of arguments used to reject claim 6 above.
Claim 17 is rejected using the same basis of arguments used to reject claim 1 above.
Claim 18 is rejected using the same basis of arguments used to reject claim 2 above.
Claim 20 is rejected using the same basis of arguments used to reject claim 4 above.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3, 13, and 19 are rejected under 35 U.S.C. 103 as being obvious over Er as applied above, and further in view of Charles et al. US Patent Application Publication 2005/0273848 (Charles).

	As per claim 3, Er teaches the operations further comprising: in response to detecting, by the lockdown application, an attempt to initate a process that is not an authorized process: transmitting, via the communications interface, an alert to a central server (paragraph 70 with sending alert to administrator and submitting audit log to server).  However, Er does not explicitly teach executing a forced logout of the limited user.  This would have been obvious to one of ordinary skill in the art.  As seen in paragraph 48 and 86 of Er, Er teaches wherein administrators may define actions and that any type of action may be performed.  It is notoriously well known in the art to log-off unauthorized users, and it would have been obvious to one of ordinary skill in the art as it creates security by having only authorized users being logged on.  By having unauthorized users being logged off, it would increase security as they are not able to perform unauthorized actions.  However, for a further showing of obviousness, see Charles (paragraph 155 with disconnecting a user and triggering an alarm for unauthorized user).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Er with Charles.  One of ordinary skill in the art would have been motivated to perform such an addition to increase security by allowing network operators to maintain access control of the network (paragraph 7 of Charles). 
Claim 13 is rejected using the same basis of arguments used to reject claim 3 above.
Claim 19 is rejected using the same basis of arguments used to reject claim 3 above.

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Er as applied above, in view of Phan US Patent No. 7,240,360 (Phan)
	As per claim 7, Er does not explicitly teach wherein the workstation is associated with a cash dispenser, and wherein the particular set of tasks comprises refilling the cash dispenser.  However, this would have been obvious.  Er already teaches that triggers and actions may be unlimited.  Thus, it would have been obvious to one of ordinary skill in the art to include access controls such as refilling cash dispensers, as such actions would require secure access to increase security.  However, for another teaching of utilizing access control in cash dispensers, see Phan (col. 2 line 15-35 with electronic cash register with access control based on user.
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine Er with Phan.  One of ordinary skill in the art would have been motivated to perform such an addition to provide flexibility by allowing different clerks to access different functions in the cash register (col. 2 line 15-35).

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Er as applied above, in view of Indeck US Patent No. 5,428,683 (Indeck).
	As per claim 9, Er does not explicitly teach wherein the authorized user is a bank teller associated with the workstation.  However, this would have been obvious.  For example, see Indeck (col. 7 line 3-65 with access control of a bank teller).
	At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Er with Indeck.  One of ordinary skill in the art would have been motivated to perform such an addition to create more security by preventing teller fraud (col. 7 lines 30-35).


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON KAI YIN GEE whose telephone number is (571)272-6431.  The examiner can normally be reached on Monday-Friday 8:30-5:00 PST Pacific.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/JASON K GEE/Primary Examiner, Art Unit 2495