ACCESS CONTROL SYSTEM AND METHOD

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments with respect to claim(s) are rejected under 35 USC 103 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Applicant argued in the remark that provide emphasis, distinction, and clarity for prosecution regarding the physical access control, claim 98 has been amended to clarify that the access point in question "corresponds to a physical entry point to the premises". Thus, the claimed access points do not refer to Wi-Fi or similar wireless networking access points or the like (which is the sense in which "access point" is used in the cited references), but to a physical entry point to a premises (for example, doors or gates). See paragraph 0198 of the present application. Examiner respectfully disagrees. Examiner is considering the BRI for examine the claim limitations in light of the specification. So, access point can be interpreted as a Wi-Fi. Wherein the Wi-Fi actively identifies the location of mobile devices using a technique called Wi-Fi Positioning System (WPS). It maps the strength of signals from nearby access points against a database of known Wi-Fi locations to triangulate your position. Your phone scans for nearby Wi-Fi access points (using their SSID and MAC addresses) and reports them to services like Google or Apple, which then determine your location, even if you are not connected to those networks. Applicant argued in the remark that prior arts do not tech "in response to the access request, identifying one or more possible locations of the access point based on the mobile device location data in the access request" in para. Examiner respectfully disagrees. Shay discloses fig.3, [0057] A user request for access may be received 301 from the user's mobile device for access to a secure facility such as a security protected location, facility, or other physical location, etc. The user request may be sent by a message or other communication form from the user's mobile device. and 0060] The location of the mobile device may be determined 304 [0032] The choice of fixed sensor devices 121, 122 to be monitored may be determined either by the type of access requested (e.g. "east door of building 5") or by location information, i.e. mobile device location (e.g. GPS) provided by the mobile device as part of the access request. Applicant argued in the remark that Scahill does not determine a learned location of the access point from the mobile device location data included in the plurality of access request. Examiner respectfully disagrees. Youssef discloses 0020 determining that the first or second wireless device is a wireless access point based upon the transmitted packets; determining an estimated location of the wireless access point; and assigning a confidence value to the estimated location. And 0024 the processor is operable to estimate the location of the access point device using the data packet information for multiple data packets sent to or received from the access point device. The processor is further operable to rank the data packet information for each of the multiple data packets to obtain approximate distances based upon each such packet. In one example, the processor estimates the location using a centroid of the approximate distances. In another example, the processor is further operable to assign a confidence in the estimated location of the access point device. The confidence may represent a likelihood that the access point device is within a given area. Optionally, the confidence is based upon at least one of spatial diversity of selected devices associated with the access point device, receiver characteristics of the selected devices, transmitter characteristics of the selected devices, and freshness of information stored in memory or the data packet information sent to or received from the access point device. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 98 -104,114-115,117-120, 122 and 125 are rejected under 35 U.S.C. 103 as being unpatentable over Shay et al US 2013/0127591 in view of Youssef et al US 2010/0020776. As per claim 98, Shay discloses a method of monitoring a premises having at least one access point, the method comprising learning the location of an access point based on a plurality of access requests, wherein learning the location includes, for each access request: receiving the access request from a mobile device, wherein the access request includes mobile device location data indicative of the location of the mobile device ( fig.3, [0057] A user request for access may be received 301 from the user's mobile device for access to a secure facility such as a security protected location, facility, or other physical location, etc. The user request may be sent by a message or other communication form from the user's mobile device. and 0060] The location of the mobile device may be determined 304 [0032] The choice of fixed sensor devices 121, 122 to be monitored may be determined either by the type of access requested (e.g. "east door of building 5") or by location information, i.e. mobile device location (e.g. GPS) provided by the mobile device as part of the access request. ) and data identifying an access point at the premises, wherein the access point corresponds to a physical entry point to the premises; ([0061] A sensor mapping may select 305 the closest fixed sensor devices, i.e. an access point, to the position, i.e. data identifying, of the mobile device. the closest fixed sensor devices may be determined from the content of the user's access request which may specify the location, i.e. data identifying, of the access requested. And 0062] Data from one or more of the fixed sensor devices is received 306. This data may include context information such as time and location ) in response to the access request, identifying one or more possible locations of the access point based on the mobile device location data in the access request ( [0063] A cross-validation may be carried out 307 between the data from the mobile device and the fixed sensor data. For example, the voice inputs from the mobile device and a fixed sensor device may be compared, or a face image from both sources may be compared. The cross-validation may include certain signal processing steps in order align the inputs in space and time followed by a cross-correlation procedure, which produces a score on how similar the inputs are from the two sources. [0064] It is determined 308 if the data corresponds. If it does not correspond, access may be denied 309 or further authentication required. If it does correspond, access may be granted or an optional additional challenge process carried out). updating, in response to the access request, stored access point location data indicative of the location of the access point based on the identified one or more possible locations ( 0046 the mobile device 111 may present the challenge information provided by the challenge component 143 of the server 130 and the fixed surveillance system 120 may capture the mobile device 111 output and send it back to the server 130 for comparison wherein server update the location data of the mobile and data from the fix sensors, fig.3, numeral 306 for validation, 0048, The comparison between the captured information and original or expected information may be carried out by a comparison unit of the challenge component 143,); wherein the method comprises performing the steps of receiving an access request, identifying one or more possible locations and updating stored access point location data for each of the plurality of access requests to thereby determine a learned location of the access point from the mobile device location data included in the plurality of access requests ([0063] A cross-validation may be carried out 307 between the data from the mobile device and the fixed sensor data. For example, the voice inputs from the mobile device and a fixed sensor device may be compared, or a face image from both sources may be compared. The cross-validation may include certain signal processing steps in order align the inputs in space and time followed by a cross-correlation procedure, which produces a score on how similar the inputs are from the two sources); determining whether the learned location of the access point can be used to validate an access request based on one of: whether the plurality of access requests used to learn the location of the access point comprises at least a predetermined number of access requests, or ([0063] A cross-validation may be carried out 307 between the data from the mobile device and the fixed sensor data. For example, the voice inputs from the mobile device and a fixed sensor device may be compared, or a face image from both sources may be compared. The cross-validation may include certain signal processing steps in order align the inputs in space and time followed by a cross-correlation procedure, which produces a score on how similar the inputs are from the two sources); and using the learned location of the access point to validate a subsequent access request in response to a positive determination( 0064 It is determined 308 if the data corresponds. If it does not correspond, access may be denied 309 or further authentication required. If it does correspond, access may be granted or an optional additional challenge process carried out 310). Shay does not disclose whether a confidence level of the learned location of the access point is above a predetermined confidence level. However, Youssef et al discloses a confidence level of the learned location of the access point is above a predetermined confidence level ( 0020 determining that the first or second wireless device is a wireless access point based upon the transmitted packets; determining an estimated location of the wireless access point; and assigning a confidence value to the estimated location. And 0024 the processor is operable to estimate the location of the access point device using the data packet information for multiple data packets sent to or received from the access point device. The processor is further operable to rank the data packet information for each of the multiple data packets to obtain approximate distances based upon each such packet. In one example, the processor estimates the location using a centroid of the approximate distances. In another example, the processor is further operable to assign a confidence in the estimated location of the access point device. The confidence may represent a likelihood that the access point device is within a given area. Optionally, the confidence is based upon at least one of spatial diversity of selected devices associated with the access point device, receiver characteristics of the selected devices, transmitter characteristics of the selected devices, and freshness of information stored in memory or the data packet information sent to or received from the access point device). Shay and Youssef are both considered to be analogous to the claimed invention because they are in the same field of wireless technology. Therefore, it would have been obvious to someone of ordinary skill in the art before the effective filing date of the claimed invention to have modified Youssef to incorporate the teachings of Shay and estimating AP locations as well as estimating the confidence and accuracy for such locations. Doing so would protect the access device, thereby increasing of access control. As per claim 99. Shay and Youssef discloses a method according to claim 98, Youssef discloses wherein the mobile device location data indicative of the location of the mobile device comprises one or more of: geolocation data; and data derived from a wireless local area network(0049 the client device 306 is located a first distance 310 from the AP 302, while the client device 308 is located a second distance 312 from the AP. And the client device 306 is located a third distance 316 from the client device 308. The client device 308 performs geolocation using its GPS receiver or by other means to accurately determine its location.). As per claim 100. Shay and Youssef discloses a method according to claim 98, Youssef discloses wherein the stored access point location data indicative of the location of the access point comprises a stored set of one or more possible locations for the access point, and wherein the method further comprises: comparing the stored set of one or more possible locations with the identified one or more possible locations ([0048] The comparison between the captured information and original or expected information may be carried out by a comparison unit of the challenge component 143 ); and wherein the updating of stored access point location data is based on the comparison( 0023 the data packet information for a given data packet includes a data rate of the given data packet. Here, the information stored in the memory includes distance estimates associated with different data rates. The processor determines the location estimate of the access point device by comparing the data rate of the given data packet to the different data rates and distance estimates stored in the memory and Shay discloses 0038 The cross-validation authentication component 141 may cross-correlate the data from the mobile device 111 such as the user's voice, image or video with the local signals from the closest fixed sensor devices 121, 122. This may include certain signal processing steps in order to align the inputs in space and time followed by a cross-correlation procedure, which produces a score on how similar the inputs are from the two sources. The cross-validation authentication component 141 may also check other factors such as a current GPS location of the mobile device 111 compared to the second physical location 123). As per claim 101. Shay and Youssef discloses A method according to claim 98, wherein the premises has a plurality of access points and wherein the mobile device location data indicative of the location of the mobile device access point comprises: step data indicative of a number of steps taken by a user of the mobile device between the time of a previous access request for one other access point at the premises and the time of the access request, wherein the previous access request was received from the mobile device (Shay 0009 receiving an access request from a mobile device to access a secure facility; authenticating a user using multifactor biometric authentication data from the mobile device; obtaining data from one or more fixed sensor devices at a location in the physical vicinity of the secure facility; cross-validating data from the mobile device with data from the one or more fixed sensor devices; granting access to the secure facility if the authentication of the user and the cross-validation are successful. ); and wherein identifying one or more possible locations of the access point comprises: using the step data to estimate the position of the access point relative to the other access point ( Shay 0038 The cross-validation authentication component 141 may cross-correlate the data from the mobile device 111 such as the user's voice, image or video with the local signals from the closest fixed sensor devices 121, 122. This may include certain signal processing steps in order to align the inputs in space and time followed by a cross-correlation procedure, which produces a score on how similar the inputs are from the two sources. The cross-validation authentication component 141 may also check other factors such as a current GPS location of the mobile device 111 compared to the second physical location 123.). As per claim 102. Shay and Youssef discloses a method according to claim 101, further comprising: retrieving stored access point location data indicative of the location of the other access point ( 0007 receive an access request from a mobile device to access a secure facility; authenticate a user using multifactor biometric authentication with data from the mobile device; obtain data from one or more fixed sensor devices at a location in the physical vicinity of the secure facility; cross-validate data from the mobile device with data from the one or more fixed sensor devices; grant access to the secure facility if the authentication of the user and the cross-validation are successful. And col 10 obtain data from one or more fixed sensor devices at a location in the physical vicinity of the secure facility; cross-validate data from the mobile device with data from the one or more fixed sensor devices; grant access to the secure facility if the authentication of the user and the cross-validation are successful.); and determining one or more possible locations for the access point based on the stored access point location data indicative of the location of the other access point and the position of the access point relative to the other access point (Shay [0023] Referring to FIG. 1, a block diagram shows an embodiment of the described system for secure facilities access. A user 110 may arrive at a first location 112 and the user 110 may have a mobile device 111 such as a mobile phone, smartphone, or other portable electronic device. [0024] The first location 112 may be in close proximity to a second location 123 of a secure facility to which the user 110 wishes to gain access, such as an entrance or access point to a secure location or facility or to security protected equipment. [0025] The second location 123 may have one or more fixed sensor devices 121, 122. For example, these may be a camera, a microphone, or more sophisticated sensor devices. The second location 123 may have a fixed surveillance system 120 at the location through which data from the fixed sensor devices 121, 122 may be transmitted, or the fixed sensor devices 121, 122 may transmit data directly to a remote server, such as a authentication server 130. [0026] An authentication server 130 is described providing cross-validation of the user 110 at the first location 112. [0027] The authentication server 130 may include a mobile device request receiving component 131 for receiving a request from the user 110 via his mobile device 111 to obtain access through the security protection). As per claim 103. Shay and Youssef disclose a method according to claim 98, Youssef discloses wherein updating stored access point location data comprises: updating one or more previously stored possible location for the access point (0020 obtaining one or more packets of data transmitted from a first wireless device to a second wireless device; determining that the first or second wireless device is a wireless access point based upon the transmitted packets; determining an estimated location of the wireless access point; and assigning a confidence value to the estimated location. ). As per claim 104. Shay and Youssef disclose A method according to claim 98, Shay discloses wherein the premises has a plurality of access points, the method comprising: repeating the steps of claim 98 for at least one access request for each of the plurality of access points ( see the rejection above 98); and building a map of the locations or possible locations of each of the plurality of access points at the premises( Shay [0033] A sensor mapping component 136 may be provided to map the determined second location 123 of the user 110 to local fixed sensor devices 121, 122 at the second location 123.). As per claim 114. Shay and Youssef disclose method according to claim 98, Shay discloses wherein the mobile device has an application for generating access requests, and wherein the application is configured to monitor for receipt of one or more access control beacons, or advertisements ( [0031] The first location 112 may be determined by GPS data of the mobile device 111. A location detector 135 may optionally be provided at the authentication server 130 to detect the second location 123, for example, using the user's request which may provide the second location 123 due to the access requested, or using GPS data of the mobile device 111 at the first location 112 and deducing that the user 110 is in close proximity to the second location 123.). As per claim 115. Shay and Youssef disclose a method according to claim 98, Shay discloses wherein the access request is received from the mobile device via device-to-device communication ( [0029] A mobile device data receiving component 132 may be provided at the authentication server 130 for receiving the user's captured signals as well as other entered user data such as a password or personal information. The received data may also include biometric data that has been already extracted on the mobile device 111.). As per claim 116. Shay and Youssef disclose a method according to claim 98, wherein the access request is sent from the mobile device to an access control server, the method further comprising: receiving, at the access control server, the access request from the mobile device (0057] A user request for access may be received 301 from the user's mobile device for access to a secure facility such as a security protected location, facility, or other physical location, etc. The user request may be sent by a message or other communication form from the user's mobile device); and transmitting, from the access control server, the access request to a plurality of access control devices or to a plurality of access control devices including the access control device( [0025] The second location 123 may have one or more fixed sensor devices 121, 122. For example, these may be a camera, a microphone, or more sophisticated sensor devices. The second location 123 may have a fixed surveillance system 120 at the location through which data from the fixed sensor devices 121, 122 may be transmitted, or the fixed sensor devices 121, 122 may transmit data directly to a remote server, such as a authentication server 130.). As per claim 117. Shay and Youssef disclose a method according to claim 98, Youssef discloses wherein the access control beacon or advertisement and/or the access request comprises an identifier (or encrypted or hashed version thereof) of the access control device or access point ( 0071 determine whether the device of interest is really an AP. This may be done by evaluating different types of frames sent to (or received from) the device of interest. Depending upon the protocol of the WLAN, there may be management frames, control frames, data frames, etc. which are sent and received by devices in the network. In the example of FIG. 3, if the client device 308 decodes a management frame such as a beacon frame). As per claim 118. Shay and Youssef disclose a method according to claim 98, Shay discloses further comprising: making an access control decision based on the access request ([0024] The first location 112 may be in close proximity to a second location 123 of a secure facility to which the user 110 wishes to gain access, such as an entrance or access point to a secure location or facility or to security protected ). As per claim 119, this claim is rejected based on the same rational set forth in the claim 98. As per claim 120. Shay and Youssef disclose An access control system comprising: at least one access control device or access control server comprising: a memory; a communication interface; and a processor (Shay 0019 system and computer program product are described in which secure facilities access is governed by a multifactor biometric authentication system accessed by a mobile device and locally validated to confirm that that the person being authenticated is indeed at that location. This cross-validation may be carried out by allowing a biometric authentication server real-time secure access to audio and video inputs from on site cameras and microphones. The inputs from such on site cameras and microphones may be cross-correlated with the audio and video captured at the same time by the mobile device. ); wherein the at least one access control device or access control server is configured to perform the method of claim 98( see the rejection in the claim 98). As per claim 122. Shay and Youssef disclose an access control system Shay discloses according to claim 120, further comprising a mobile device (0006 receiving an access request from a mobile device to access a secure facility; authenticating a user using multifactor biometric authentication with data from the mobile device ). As per claim 123. Shay and Youssef disclose a method according to claim 103, Shay discloses wherein the previous locations have been identified from one or more previous access requests (0006 authenticating a user using multifactor biometric authentication with data from the mobile device; obtaining data from one or more fixed sensor devices at a location in the physical vicinity of the secure facility; cross-validating data from the mobile device with data from the one or more fixed sensor devices; and granting access to the secure facility if the authentication of the user and the cross-validation are successful. ). As per claim 124. Shay and Youssef disclose a method according to claim 118, Shay discloses wherein making the access control decision is selected from the group comprising: not authorizing access to the access point based on the access request; and allowing access to the access point based on the access request (Shay [0064] It is determined 308 if the data corresponds. If it does not correspond, access may be denied 309 or further authentication required. If it does correspond, access may be granted or an optional additional challenge process carried). As per claim 125. Shay and Youssef disclose a method according to claim 98, wherein updating stored access point location data comprises one or more of: adding one or more possible locations to a stored list of possible locations ( [0025] The second location 123 may have one or more fixed sensor devices 121, 122. For example, these may be a camera, a microphone, or more sophisticated sensor devices. The second location 123 may have a fixed surveillance system 120 at the location through which data from the fixed sensor devices 121, 122 may be transmitted, or the fixed sensor devices 121, 122 may transmit data directly to a remote server, such as a authentication server 130); removing one or more possible locations from the stored list of possible locations; updating a probability or likelihood value for one or more stored possible locations of the access point; and updating a confidence level for the stored access point location data (0023] Referring to FIG. 1, a block diagram shows an embodiment of the described system for secure facilities access. A user 110 may arrive at a first location 112 and the user 110 may have a mobile device 111 such as a mobile phone, smartphone, or other portable electronic device. [0024] The first location 112 may be in close proximity to a second location 123 of a secure facility to which the user 110 wishes to gain access, such as an entrance or access point to a secure location or facility or to security protected equipment ). Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314. The examiner can normally be reached EST: 9am-5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JORGE ORTIZ CRIADO can be reached at 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ABU S SHOLEMAN/Primary Examiner, Art Unit 2496