DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The following is a final office action in response to the amendments filed 11/24/2025. Amendments received on 11/24/2025 have been entered. Claims 18-25 and 28-42 are pending.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 18-20, 24, 28-31 and 33-34 are rejected under 35 U.S.C. 103 as being unpatentable over Ouellet (US Pub 2019/0340858) in view of Padgett (US Pub 2018/0139569).
As of claims 18 and 33, Ouellet discloses physical access control (PAC) system, the system comprising:
a gateway (via access controller; see figs. 3 and 4), the gateway device comprising:
physical layer circuitry configured to receive authentication data from a plurality of front-end devices (via readers; see figs. 3 and 4) via one or more communication networks (via access controller receiving encrypted credentials from a plurality of readers hence comprising a physical layer circuitry; see figs. 3 and 4); and
processing circuitry operatively coupled to the physical layer circuitry and comprising an authentication engine configured to:
process the authentication data to determine access to multiple a plurality of physical access portals according to the authentication data (via receiving encrypted credential from the reader to determine access; see paragraph [0037]); and
control access of the multiple plurality of physical access portals according to the authentication data (at the access controller, decrypting the encrypted data and establishing an access permission associated with the access card on the basis of the decrypted encrypted data and on the basis of the establishing an access permission, at the access controller communicating instruction to unlock a door; see paragraphs [0037]-[0038]);
a beacon reader device configured to detect presence of a credential device (via RF interface detecting the RFID card/badge see paragraph [0004] and [0051]. Note event though term “beacon reader” is used claims does not define the “beacon reader”. Claim 18 does not state that the reader is detecting a beacon signal from a credential device. So based on the broadest reasonable interpretation “beacon reader” is interpreted as any reader that detect presence of a credential device);
establish a secure session with both the credential device and the SIG device (via establish an encrypted communication between the RFID card/badge and the access controller; see paragraphs [0052] and [0057]);
receive access credential information to communicate to the SIG device from the credential device using a first available communication protocol (via wireless receiving access credential from the RFID card/badge (see paragraphs [0004] and [0051]). Note the specification does not disclose that the reader devices “checks/determines” that different protocols are available to the reader and then “choose” a protocol to communicate with the credentials. So, in the system of Ouellet reader receiving credentials via radio frequency is interpreted as available communication protocol);
transmitting the access credential information to the SIG device using a second available communications protocol different from the first available communications protocol (via using one or more serial, network connection from the reader to the access controller to transmit credentials which are different from the radio frequency connection used to communicate with the RFID card/badge; see figs. 2A, 2B, 3; also see paragraph [0016] and [0063]).
Even though Ouellet does not disclose that the access controller is an Internet of Things device, this limitation is recited in a preamble and not given patentable weight since the term internet of thigs only describes the invention’s intended use or purpose.
Even if the limitation is given patentable weight, it would still be obvious to one having ordinary skill in the art since it is well known in the art that an access controller can operate as internet of things device (see Carpenter US 2021/0012599 paragraphs [0022] and [0029]).
With regards to the limitations of detecting a beacon signal of a credential device, Padgett discloses an access control system wherien a beacon reader device (sensor 15) detects beacon signals periodically broadcasted by a guest device and establish a communication with the guest device to enable unlocking of doors (see paragraph [0007]).
From the teaching of Padgett it would have been obvious to one having ordinary skill in the art at the time the invention was filed to modify the system of Ouellet to include the function of detecting beacon signals from the guest device/credential device as taught by Padgett in order to allow multiple ways of detecting the credential device to unable unlocking of doors.
As of claim 19, Ouellet discloses that the access controller comprises:
memory to store credential information (via credential database); and
a plurality of secure elements (via smart access modules (SAM)) each configured to open a secure communication channel with a credential device via at least one of the plurality of front end devices and receive encrypted credential information from the credential device as the authentication data (see paragraph [0052]); and
wherein the authentication engine is configured to compare the received credential information and the stored credential information to grant or deny access to one or more of the plurality of physical access portals (at the access controller, decrypting the encrypted data and establishing an access permission associated with the access card on the basis of the decrypted encrypted data and on the basis of the establishing an access permission, at the access controller communicating instruction to unlock a door; see paragraphs [0037]-[0038] and [0073]).
As of claim 20, Ouellet discloses at least one secure element stores one or more cryptographic keys and the access controller is configured to send the one or more cryptographic keys to the credential device via at least one of the plurality of front end devices to establish the secure communication channel with the credential device (via SAM module storing encryption keys and the access controller sending the keys to the smart card via the reader; see paragraph [0006] and [0052]).
As of claim 24, Ouellet discloses that the beacon reader device configured to detect a beacon signal transmitted by the credential device and establish the secure session with the credential device and the SIG in response to the detection of the beacon signal (via RF interface detecting a signal from the RFID card/badge and establishing the secure session with the credential device and the access controller; see paragraph [0004], [0037]-[0038] and [0051]). Note: the claim language does not state that the beacon signal. Based on the broadest reasonable interpretation, any signal transmitted from the RFID badge/card to the reader that enables the reader to detect the RFID badge/card is interpreted as beacon signal. If applicant intends that the “beacon signal” is a signal that is repeatedly broadcasted by the credential device that limitation should be included in the claim language.
As of claim 28, Ouellet discloses that the SIG device includes a trusted platform module (via access controller includes SAM module (see abstract).
As of claim 29, Ouellet discloses that the processing circuitry of the SIG device is operatively coupled with the plurality of secure elements and further configured to: balance establishment of the plurality of authentication sessions across the plurality of secure elements; and transmit information granting access to one or more of the plurality of access portals according to the access authorization (“…access controller then determines if one of its SAM's is available. The access controller can keep a list or table of SAM availability data in its memory for this purpose. If no SAM is available, namely all of the SAM's are handling authentication transactions, then the request can be placed in a queue. When the status of a SAM changes to available, then the request is assigned to the newly available SAM. If a SAM had been available, the available SAM is marked in the list as busy in the list or table. The list or table can also record which reader is assigned to the SAM so that the processor in the access controller can determine how the data is relayed.” See paragraphs [0076]-[0077]).
As of claim 30, Ouellet discloses that each of the plurality of secure elements comprises a Hardware Security Module (HSM) (via secure access modules; see fig. 4; also see paragraph [0050]- [0051]).
As of claim 31, Ouellet the authentication engine comprises authentication logic for determining the access authorization for the one or more credentials, and wherein updating the authentication logic updates an access policy for all the plurality of physical access portals (In the system of Ouellet once credentials are updated in a central credential database or local store of credentials (fig. 2B) it will update access policy for all the doors connected to the central controller; see paragraphs [0056]-[0057]).
Padgett further discloses that the updating server 21 updates an access policy for the access panels 705 (see paragraph [0087]).
As of claim 34, Ouellet discloses receiving a beacon detection message from a beacon reader device of the PAC system, wherein the beacon detection message indicates detection of the credential device; sending an activation message to wake the credential device from a low power mode in response to the beacon detection message; and requesting the communication session between the credential device and the beacon reader subsequent to sending the activation message (see paragraph [0051], “When a card is detected, the RF interface transmits a signal that delivers power to the smart card, thus powering its processor for operation. The RF interface is configured to modulate and demodulate data transmitted between the smart card and the reader”).
Padgett discloses that the guest engagement system 10 using sensor 15 detects beacon signal from the guest device (medallion) and then transmit a signal for bi-direction communication to the guest device, wherein in the beacon transmitting mode medallion uses less power (lower power mode) and uses high power in bi-directional model (see paragraph [0072]).
Claims 21-23 and 38-41 are rejected under 35 U.S.C. 103 as being unpatentable over Ouellet, Padgett and further in view of Zhou et al. (US Pub 2017/0032601).
As of claims 21-22 and 38, combination of Ouellet and Padgett discloses all the limitations of the claimed invention as mentioned in claim 18 above, however it does not explicitly disclose the use of sensors to detect video data and performing biometric/facial recognition to control access.
Zhou discloses an access control system wherien an access passage comprises a collection device 210 (sensors) to capture and send video data to access control system wherien the access control system performs facial recognition using the received data and registered biometric information to grant or deny access to access passage (see figs. 1 and 2; also see paragraphs [0042], [0045]-[0046]).
From the teaching of Zhou, it would have been obvious to one having ordinary skill in the art at the time the invention was filed to modify the combination of Ouellet and Padgett to include the function of using facial recognition as taught by Zhou in order to enhance security of the access control system.
As of claim 39, Zhou discloses that authenticating the user includes authenticating the user by an authentication device that includes a server having a memory to store biometric information (via disclosing that the identification device is located in a cloud server; see paragraph [0047]).
As of claim 40, Zhou discloses that granting or denying access includes controlling access to the physical access portal using a controller at the physical access portal according to authentication by an authentication device that is remote from the physical access portal and includes an authentication policy (via system control device 230 sending control instruction to the access operating device 240 to open the access passage, which are remote from the identification device 220 which is in a cloud server; see paragraphs [0047] and [0066]-[0067]).
As of claims 23 and 41, Zhou discloses that using the sensor data to determine access intent of a user of the credential device (in the system of Zhou when a user presents him/her to the collection device to gain access it is interpreted as access intent of the user; see paragraph [0042]).
Claims 25 and 35-37 are rejected under 35 U.S.C. 103 as being unpatentable over Ouellet, Padgett and further in view of Stitt et al. (US 9,794,753).
As of claim 25 and 35-37, combination of Ouellet and Padgett discloses all the limitations of the claimed invention as mentioned in claim 23 above, however it does not explicitly disclose that credential device is a smartphone operating as a Bluetooth Peripheral device.
Stitt discloses an access control system wherien a portable device 10 acts as Bluetooth peripheral and reader acts as Bluetooth central device (see col. 6, lines 29-35, col. 7, lines 30-40, col. 20, lines19-35).
From the teaching of Stitt, it would have been obvious to one having ordinary skill in the art at the time the invention was filed to modify the combination of Ouellet and Padgett to use the key/credential as a Bluetooth Peripheral device since it is well known in the art that in access control system locks or phones(key) can connect using Bluetooth and based on the design one device can act as peripheral and the other as master (see col. 20, lines 19-30).
Claims 32 and 42 are rejected under 35 U.S.C. 103 as being unpatentable over Ouellet, Padgett, Zhou and further in view of Madzhunkov et al. (US Pub 2019/0147676).
As of claims 32 and 42, combination of Ouellet, Padgett and Zhou discloses all the limitations of the claimed invention as mentioned in claim 23 above, however it does not explicitly disclose opening a first portion of multiple portions of the physical access portal using a controller of the PAC system according to the determined access intent of the user of the credential device.
Madzhunkov discloses that the invention comprises systems and methods for determining, in the case of a location with a plurality of separately controlled entry points, which of those entry points a user seeks to enter. By capturing and analyzing the trajectory and gaze of the potential entrant, the subject invention may be used to predict the door the users seek to enter, and unlock only that door.
From the teaching of Madzhunkov, it would have been obvious to one having ordinary skill in the art at the time the invention was filed to modify the combination of Ouellet, Padgett and Zhou to include the function of determining user intent as taught by Madzhunkov in order to enhance security of the access control system since opening multiple doors unnecessary create security vulnerabilities.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 18-25 and 28-42 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. 12,022,288.
Present Application
(18/301,427) Claim 18
Patent 12,254,732 Claims 1
Comments
A physical access control (PAC) system comprising a Secure Internet of things Gateway (SIG) device, the SIG device comprising: physical layer circuitry configured to receive authentication data from a plurality of front end devices via one or more communication networks; and processing circuitry operatively coupled to the physical layer circuitry and comprising an authentication engine configured to: process the authentication data to determine access to a plurality of physical access portals according to the authentication data; and control access of the plurality of physical access portals according to the authentication data; and a beacon reader device configured to detect presence of a credential device; establish a secure session with both the credential device and the SIG device receive access credential information to communicate to the SIG device from the credential device using a first available communications protocol: and transmit the access credential information to the SIG device using a second available communications protocol different from the first available communications protocol.
A physical access control (PAC) system controlling access to a physical access portal, the PAC system comprising: an authentication device remote from the physical access portal comprising: physical layer circuitry configured to transmit and receive radio frequency electrical signals with a radio access network; and processing circuitry operatively coupled to the physical layer circuitry and comprising an authentication engine configured to: determine presence of a credential device local to the physical access portal; activate an application of the of the credential device without user input to the credential device in response to the determined presence of the credential device; open a secure communication session with the application of the credential device using a cloud-based messaging service via the radio access network; retrieve access credential information from memory of the credential device using the secure communication session; authenticate the access credential information; and authorize access for the credential device to the physical access portal according to the access credential information.
The patent claims include all of the limitations of the instant application claims, however it does not explicitly disclose the use of the term “Secure Internet of Things Gateway device”. This limitation is disclosed by Carpenter ( US 2021/0012599) as disclosed in the rejection above.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NABIL H SYED whose telephone number is (571)270-3028. The examiner can normally be reached 8:00-5:00 M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Brian Zimmerman can be reached at 571-272-3059. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/NABIL H SYED/Primary Examiner, Art Unit 2686