DETAILED ACTION
This Office Action is in response to Applicant’s Arguments /Remarks filed on
11/28/2025.
In the instant Amendment, claims 1, 8 and 15 are independent claims. Claims 1-20 have been examined and are pending. This Action is made FINAL.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/08/2025 was filed after the mailing date of the Non-Final Rejection on 08/28/2025. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Response to Arguments
Applicant’s arguments in the instant Amendment, filed on 11/28/2025, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant’s arguments: “Neither Singh nor Purnell, either individually or in combination, disclose or suggest, inter alia, "receiving, at a first public key as a credential (PKAAC) access control reader with enrollment capabilities, a PKAAC authentication request from a PKAAC-enabled client application of a client device; ... and providing, via a second PKAAC access control reader, access to the access point based on the authorization information,"” as recited in independent claim.
The Examiner disagrees with the Applicants. The Examiner respectfully submits
that Singh does disclose ‘receiving, at a first public key as a credential (PKAAC) access control reader with enrollment capabilities, a PKAAC authentication request from a PKAAC-enabled client application of a client device’ (See Sec.: Core Concept: Webauthn at the core depends on public private key pair and the challenge response system. The challenge response system creates a challenge and sends to the authenticator and ultimately validates the response received from authenticator in form of signature. The private key is stored in the external authenticator, while the Public key is stored in the authentication module of the Relying Party. In this case the authentication module will be Keycloak. Keycloak will store the public key as a credential for the user. To authenticate the user should have the external authenticator with associated private key.).
Singh does disclose:’ providing, via a second PKAAC access control reader, access to the access point based on the authorization information.’ (See Sec.: Key Registraction and Authentication using Webauth.: Second we need to enable “Webauthn Register Passwordless” Required action if not enabled. Go to Authentication → Required Actions → Register → Select “Webauthn Register Passwordless”. Sec. Authentication: When performing user authentication, we have to plug in the external authenticator, or use the platform based authenticator in the system. The same authenticator that was used during registration process. When user access the account console of Keycloak and tries to sign-in, user is asked for the username. Once the username is passed, we get an option to select from the available credentials. Here we have password as credential and the Webauthn based security key registered during registration process. Once we select the option of Security key, the authentication process is initiated by passing challenge, credential ID and Relying party ID to the external authenticator. Keycloak receives the Assertion, credential ID and the signature from external authenticator. With Assertion, signature and credential Id Keycloak authenticates the user, verifying through stored public key credential.).
Examiner, however, in light of the above submission maintains the previous rejections while considering the amendments to the claims as follows:
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over NPL Webauthn based authentication in Keycloak, by Rishabh Singh, oct. 5, 2022 in view of Purnell, Pub. No.: US 2004/0059953.
Referring to claim 1, Singh teaches a method comprising:
receiving, at a first public key as a credential (PKAAC) access control reader with enrollment capabilities, a PKAAC authentication request from a PKAAC-enabled client application of a client device (section: Registration: user initial registration; and Core Concept: Keycloak will store the public key as a credential/(corresponding to :PKAAC) for the user.);
determining that the PKAAC authentication request corresponds to an identity that is unenrolled (sec. Registration: creates the challenge);
providing, via a second PKAAC access control reader, access to the access point based on the authorization information (sec. Authentication: Relying party authentication module verifies the assertion, signature and authenticates the user; and see also the entire sec: “Keycloak Registration and Authentication using Webauthn:” ).
Singh does not explicitly disclose:
collecting pre-enrollment information in response to the PKAAC authentication request corresponding to the identity that is unenrolled;
generating enrollment information based upon the pre-enrollment information, the enrollment information including authorization information indicating that the identity is authorized to access an access point.
However, in an analogous art, Purnell teaches a collecting pre-enrollment information in response to the PKAAC authentication request corresponding to the identity that is unenrolled (abstract, paras. 0013-0017, 0091 and figs. 3-4, step S320);
generating enrollment information based upon the pre-enrollment information, the enrollment information including authorization information indicating that the identity is authorized to access an access point (abstract, paras. 0045-0046, 0076-0079 and figs. 2-3, pre-enrollment and authentication).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention (AIA ) to combine the teachings of Singh with the method and system of Purnell, wherein collecting pre-enrollment information in response to the PKAAC authentication request corresponding to the identity that is unenrolled; generating enrollment information based upon the pre-enrollment information, the enrollment information including authorization information indicating that the identity is authorized to access an access point to provide with a means for verifying the identity of passengers using various modes of transportation, and verifying the identity of employees and workers of the transportation industry (Purnell: para. 0003).
Referring to claim 2, Singh and Purnell teach the method of claim 1. Signh further teaches wherein receiving the PKAAC authentication request comprises receiving the authentication request including a PKAAC credential corresponding to a public key generated by the client device (Singh: sec.: Registratio, User initiates registration in the Relying party authentication module (Keycloak)).
Referring to claim 3, Singh and Purnell teach the method of claim 1. Signh further teaches wherein the enrollment information is first enrollment information, and determining that the PKAAC authentication request corresponds to the identity that is unenrolled, comprising comparing a PKAAC credential of the authentication request to second enrollment information generated before the first enrollment information (Singh: sec.: Core concept: challenge and response system).
Referring to claim 4, Singh and Purnell teach the method of claim 1. Purnell further teaches wherein collecting the pre-enrollment information comprises: receiving the pre-enrollment information via the PKAAC-enabled client application of the client device (Purnell: abstract, paras. 0013-0017, 0091 and figs. 3-4, step S320).
Referring to claim 5, Singh and Purnell teach the method of claim 1. Purnell further teaches wherein generating enrollment information based upon the pre-enrollment information comprises: transmitting a confirmation request to one or more confirmation devices associated with the pre-enrollment information; receiving, from the one or more confirmation devices, one or more confirmation responses confirming the pre-enrollment information; and generating the enrollment information based at least in part on the one or more confirmation responses confirming the pre-enrollment information (Purnell: abstract, paras. 0091 and figs. 3-4, step S320; paras. 0045-0046, 0076-0079 and figs. 2-3, pre-enrollment and authentication).
Referring to claim 6, Singh and Purnell teach the method of claim 1. Purnell further teaches wherein generating enrollment information based upon the pre-enrollment information comprises: verifying the pre-enrollment information received from the client device; and generating the enrollment information based at least in part on the verifying (Purnell: abstract, paras. 0091 and figs. 3-4, step S320; paras. 0045-0046, 0076-0079 and figs. 2-3, pre-enrollment information).
Referring to claim 7, Singh and Purnell teach the method of claim 1. Purnell further teaches wherein the pre-enrollment information identifies at least one of a particular physical location associated with the access point, a host and/or event associated with the access point, and/or an intended use associated with the access point (Purnell: abstract, paras. 0013-0017, 0044, 0091 and figs. 3-4, step S320; paras. 0045-0046, 0076-0079 and figs. 1-3, pre-enrollment information).
Referring to claim 8, This claim is similar in scope to claim 1, and is therefore rejected under similar rationale.
Referring to claim 9, This claim is similar in scope to claim 2, and is therefore rejected under similar rationale.
Referring to claim 10, This claim is similar in scope to claim 3, and is therefore rejected under similar rationale.
Referring to claim 11, This claim is similar in scope to claim 4, and is therefore rejected under similar rationale.
Referring to claim 12, This claim is similar in scope to claim 5, and is therefore rejected under similar rationale.
Referring to claim 13, This claim is similar in scope to claim 6, and is therefore rejected under similar rationale.
Referring to claim 14, This claim is similar in scope to claim 7, and is therefore rejected under similar rationale.
Referring to claim 15, This claim is similar in scope to claim 1, and is therefore rejected under similar rationale.
Referring to claim 16, This claim is similar in scope to claim 2, and is therefore rejected under similar rationale.
Referring to claim 17, This claim is similar in scope to claim 3, and is therefore rejected under similar rationale.
Referring to claim 18, This claim is similar in scope to claim 4, and is therefore rejected under similar rationale.
Referring to claim 19, This claim is similar in scope to claim 5, and is therefore rejected under similar rationale.
Referring to claim 20, This claim is similar in scope to claim 6, and is therefore rejected under similar rationale.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Please see the attached PTO-892.
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YONAS A BAYOU whose telephone number is (571)272-7610. The examiner can normally be reached Monday-Friday 7AM-4PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached at 571-272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/YONAS A BAYOU/Primary Examiner, Art Unit 2499 01/15/2026