DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 7-11 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.


Regarding claim 7, the claim recites the limitation "said process control system asset management component" in lines 7-8.  There is insufficient antecedent basis for this limitation in the claim.
	Regarding claims 8-11, the claims depend from claim 7 and are rejected as incorporating the rejection of claim 7 under 35 USC 112(b), by dependency. 
Regarding claim 12, the claim recites the limitation "the system" in lines 2.  There is insufficient antecedent basis for this limitation in the claim.
	Regarding claim 13, the claim depends from claim 12 and is rejected as incorporating the rejection of claim 12 under 35 USC 112(b), by dependency. 
Regarding claim 12, the claims recites “A method for restricting physical access to at least one process control component inside an enclosure, the system comprising the enclosure, an electronic lock installed with the enclosure, a process control system having an access management component and an asset management component stored on a computer readable medium having computer readable instructions thereon that when executed by a processor, comprising:”
	Therefore, the claim is directed to “a method for restricting physical access to at least one process control component inside an enclosure” and “the system comprising the enclosure, an electronic lock, exc.” it is unclear if the claim is a method or an apparatus claim. See MPEP 2173.05(p)(II).
	Regarding claim 13, the claim depends from claim 12 and is rejected as incorporating the rejection of claim 12 under 35 USC 112(b), by dependency. 


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 14-18, 20, 22 and 23 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Clark, et al. (US Pre Grant Publication No. 2014/0298490 A1).

Regarding claim 14, Clark discloses a system comprising: 

a. a first enclosure having a first component for a computer system disposed therein, a first electronic lock configured to control physical access to the first component within the first enclosure and a first set of access permissions associated with the first electronic lock; (The system of Clark discloses a two layer security system [paragraphs 0044-0045]. As a part of the first layer of security, the user must gain access to a first component for a computer system [fig. 3, element 330 – a computer system cabinet housings in the room/first enclosure are the first component] that is contained in a first enclosure [fig. 3, element 300 – first enclosure is a computer room] by using a first electronic lock on the door [fig. 3, elements 310, 30] [paragraphs 0044-0045]. Access to any secure enclosures starts with the user sending a change order and identification data/user credentials [paragraphs 0015, 0022, 0023] which are used to authenticate the requested change order, which defines a set of access permissions for the user with respect to that change order, such as access to a particular room/first enclosure/first component and further access to a second enclosure/computing equipment in the first room/enclosure [see (b), infra] [paragraph 0021, 0022, 0032-0034, 0040]. The user access permissions of the change order related to allowed room/first enclosure access are then compared to a first set of access permissions comprising the requested access permission of the first enclosure/room and associated first electronic lock and access is allowed if they match [paragraphs 0032-0037; see also paragraph 0044].)
 
b. a second enclosure disposed within the first enclosure, the second enclosure having a second component for a computer system disposed therein, a second electronic lock configured to control physical access to the second component within the second enclosure and a second set of access permissions associated with the second electronic lock. (The system of Clark further discloses that the first enclosure/computer room [fig. 3, element 300] contains a second enclosure [fig. 2, element 330 – second enclosure is a specific one of the cabinet/housings in the room] comprising a housing for computer equipment comprising a second component [fig. 2, element 340 – the computing equipment in the second enclosure/housing] [paragraphs 0044-0045]. Access to the second enclosure/housing and associated second computer component is then determined by comparing the portion of the user access permissions related to access to the second computer component and associated second enclosure and housing and the second set of access permissions comprising the requested access permissions of the second enclosure/computing equipment and associated second electronic lock [paragraphs 0037-0043 and 0045].)

Regarding claim 15, Clark discloses the first set of access permissions is different from the second set of access permissions. (Clark discloses that the first set of access permissions comprise the requested access permission of the first enclosure/room and associated first electronic lock [paragraphs 0032-0037; see also paragraph 0044] and the second set of access permissions comprise the requested access permissions of the second enclosure/computing equipment and associated second electronic lock [paragraphs 0037-0043 and 0045]. These are different permissions to different equipment.)
Regarding claim 16, Clark discloses user credentials operable to define access permissions for a user. (Clark discloses access to any secure enclosures starts with the user sending a change order and identification data/user credentials which are used to authenticate the requested change order, which defines a set of access permissions for the user with respect to that change order, such as access to a particular room/first enclosure/first component  and further access to a second enclosure/computing equipment in the first room/enclosure [paragraphs 0015, 0022, 0023].)
Regarding claim 17, Clark discloses physical access to the first and second enclosures is determined based on comparisons between the access permissions of the first and second sets respectively and the access permissions defined by the user credentials. (Clark discloses access to any secure enclosures starts with the user sending a change order and identification data/user credentials which are used to authenticate the requested change order, which defines a set of access permissions for the user with respect to that change order, such as access to a particular room/first enclosure/first component  and further access to a second enclosure/computing equipment in the first room/enclosure [paragraphs 0015, 0022, 0023], the user credentials are then compared to first set of access permissions for access to the first electronic lock (see the independent claim, (a), supra) (paragraphs 0032-0037; see also paragraph 0044) and the second set of access permission s(see the independent claim, (b), supra) (paragraphs 0037-0043 and 0045).
Regarding claim 18, Clark discloses wherein physical access to the component in the second enclosure is permitted if the access permission defined by the user credentials satisfies the permission requirements of the first and second sets of enclosure permissions. (To access a particular second enclosure/computer equipment, the user credentials of the change order must satisfy the requirements for access to the first enclosure [paragraphs 0032-0037; see also paragraph 0044] and the second enclosure [paragraphs 0037-0043 and 0045].)	Regarding claim 20, Clark discloses comprising additional enclosures with additional computer components disposed within the first enclosure. (The first enclosure/room may include multiple second enclosures/housings and associated equipment [fig. 3 – multiple housings in room 300; see also paragraphs 0044-0045].)
Regarding claim 22, Clark discloses a control system an access management component defined in the control system configured to tie the first enclosure, the first component and the first electronic lock to a first logical representation within the control system. (Clark discloses a control system [fig. 1, element 50] and an access management component in the control system [fig. 1, change authorization database] that receive a first facility access request/first logical representation that ties together the first component, enclosure and electronic lock into a single facility access request representing a request to authorize access to all 3 [paragraphs 0028-0037].)
Regarding claim 23, Clark discloses the access management component of the control system is configured to tie the second enclosure, the second component and the second electronic lock to a second logical representation. (Clark discloses a control system [fig. 1, element 50] and an access management component in the control system [fig. 1, change authorization database] that receive a second equipment access request that ties together the second enclosure, electronic lock and component into a single equipment access request that requests access to all three [paragraphs 0038-0042].)

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.


Claim(s) 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Clark, et al. (US Pre Grant Publication No. 2014/0298490 A1) as applied to claim 14 and further in view of Gengler, et al. (US Pre Grant Publication No. 2016/0217637 A1)

Regarding claim 21, Clark discloses audit system operable for logging data related to unsuccessful access events into the first enclosure. (Clark logs unsuccessful access attempts into first/room/facility enclosures [paragraph 0029].)
Clark fails to disclose logging data related to successful and unsuccessful access events of the enclosures. In the same field of endeavor, Gengler discloses logging data related to successful and unsuccessful access events of the enclosures. (Gengler discloses that an electronic lock logging service can log successful and failed attempts to authenticate and unlock the lock [paragraphs 0058 and 0063; see also 62/108,955, paragraphs 0054 and 0059].)
Therefore, since Gengler discloses logging failed and successful attempts to open an electronic lock, it would have been obvious to a person of ordinary skill in the art at the time of the invention to combine the logging of Gengler with the system of Clark by extending the auditing system to log all successful and unsuccessful attempts to open an electronic lock, including the successful and unsuccessful access attempts/events to access the electronic locks of the first and second enclosure. The motive to combine is to allow total monitoring and auditing of access to all enclosures. 

Allowable Subject Matter

Claims 7-13 would be allowable if rewritten or amended to overcome the rejection(s) under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), 2nd paragraph, set forth in this Office action.

The following is a statement of reasons for the indication of allowable subject matter: 

Regarding claim 7, the closest prior art of Clark discloses a method for controlling physical access to at least one component of a system, comprising: 

a. receiving user credentials by an electronic lock installed with an enclosure housing at least one component of said system. (The system of Clark discloses a security system used for controlling access to an enclosure [fig. 3, element 300 –enclosure is a computer room] using an electronic lock [fig. 3, element 30] with the enclosure housing multiple components of a system [fig. 3, element 330 – note multiple housings for computer components contained in the room/enclosure] [paragraphs 0044-0045]. To allow access to the housing/room the electronic lock transmits a facility access request to the access request authorization program/access management component [paragraphs 0018-0020, 0026-0028] the facility access request may include identification data/user credentials [paragraph 0028; see also paragraphs 0015, 0022, 0023], a change order [paragraphs 0028], and metadata describing the facility and/or component that are sought to be accessed [paragraphs 0034, 0040]. The metadata describing the facility and or component form the physical access permissions, as they represent the physical enclosure and or component in the enclosure to which the associated electronic lock controls physical access.)

b. transmitting said user credentials from said electronic lock to an access management component of a said system; (see (a), supra – the facility access request includes identification data/user credentials and is sent to the access request authorization program/access management component [paragraphs 0018-0020, 0026-0028].)

c. requesting user granted permissions by said access management component from said system asset management component; (Clark discloses that the access request authorization program/access management component verifies the user identification data/user credentials [paragraph 0029] and then requests user granted permissions for the indicated change request from the change authorization database/system asset management component [paragraph 0030] with the user granted permissions indicating the timeframe and equipment which is authorized to be accessed by the user(s) indicated in the change request [paragaphrs 0030-0037].)

d. receiving physical access permissions of said enclosure by said asset management component from said electronic lock; (To allow access to the housing/room the electronic lock transmits a facility access request to the access request authorization program/access management component [paragraphs 0018-0020, 0026-0028] the facility access request may include identification data/user credentials [paragraph 0028; see also paragraphs 0015, 0022, 0023], a change order [paragraphs 0028], and metadata describing the facility and/or component that are sought to be accessed [paragraphs 0034, 0040]. The metadata describing the facility and or component form the physical access permissions, as they represent the physical enclosure and or component in the enclosure to which the associated electronic lock controls physical access.)

e. validating by said asset management component whether said received physical access permissions are equivalent to said user granted permissions in said control system; (The access request authorization program/access management component compares the metadata describing the facility and/or component/enclosure that is sought to be accessed [i.e. physical access permissions] and the user granted permissions from the change request identifying the facility/enclosure to identify them as equivalent by both indicating a particular enclosure/facility [paragraphs 0034, see also 0031-0033].)

f. providing access to the at least one component inside said enclosure if said user is validated for access to said enclosure contents, and preventing access if said user is not validated for access to said enclosure. (If the access is validated, then access is granted to the enclosure contents, including the at least one component [paragraph 0036-0037] and if not, access is denied [paragraphs 0035].)

	However, Clark fails to disclose the component is of a process control system an enclosure housing at least one component of said process control system, an access management component of a said process control system. In the same field of endeavor, other art such as Bugaris, et al (US Pre Grant Publication No. 2017/0269128) disclose using electronic locks in conjunction with process control system enclosures such that the he component is of a process control system an enclosure housing at least one component of said process control system, an access management component of a said process control system (paragraph 0101- electronic lock used on enclosure; paragraphs 0096 can contain industrial controllers such as PLCs, controllers, network switches, exc.)
	However, no art teaching identifying said enclosure by using said locking system network address or transmitting a lock address from said electronic lock to an access management component could be located. Therefore, the prior art fails to teach, suggest or disclose all elements of claim 7
	Regarding claims 8-11, the claims depend from claims 7 and are therefore allowable for at least the reasons stated with respect to claim 7, supra. 
	Regarding claim 12, Clark, when the change request is viewed as assigning a user role to repair a process control component in the enclosure discloses all elements claimed in a similar manner to that presented with respect to claim 7, with the exception of disclosing of the reception and transmission occurring using an application programming interface (“API”), and receiving, by the access management system through an application programming interface the corresponding electronic lock address and receiving, by the asset management system the electronic lock address from the access management component. 
	Although the use of APIs for transmitting and receiving information is well known in the art (for example well known TCP/IP API interfaces) no art could be found which discloses receiving, by the access management system through an application programming interface the corresponding electronic lock address and receiving, by the asset management system the electronic lock address from the access management component. Therefore, the prior art fails to teach, suggest or disclose all elements of the claimed invention
	Regarding claim 13, the claim depends from claim 12 and is therefore allowable for at least the reasons stated with respect to claim 12, supra. 

Claim 19 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

	Regarding claim 19, the prior art fails to teach, suggest or disclose the user credentials operate to permit the user to electronically access the computer component located within the enclosure. That is, art could be found in which security credentials and network login/access credentials are shared could be located, but this is different from a teaching that the same user credential that us used to unlock the enclosure is also used to access the computer component located in the enclosure. Therefore, the prior art fails to teach, suggest or disclose all elements of the claimed invention. 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:

a. Claes, et al. (US Pre Grant Publication No. 2016/0357993 A1) – disclosing linking rack security access to particular tasks

b. Payson, et al. (US Pre Grant Publication No. 2011/0012709 A1) – disclosing an electronic lock for an enclosure.

c. Morrison, et al. (US Pre Grant Publication No. 2014/0375421 A1) – disclosing an electronic lock system with user credentialing

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER M CRUTCHFIELD whose telephone number is (571)270-3989. The examiner can normally be reached 9am-5pm M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Faruk Hamza can be reached on (571) 272-7969. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTOPHER M CRUTCHFIELD/Primary Examiner, Art Unit 2466