DETAILED ACTION
1. This office action is a response to communication submitted on 11/17/2023.
Information Disclosure Statement
2. The information disclosure statement(s) (IDS) submitted is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
3. Claims 1-15 are presented for examination.
Claim Rejections - 35 USC § 101
4. 35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more, and extra post solution without integrating it into a practical application Claims 1-15 are ineligible. The claim(s) recite(s) “a safety controller (52) arranged to monitor at least one safety condition of the elevator system (20), wherein the gateway device (60) is configured to enable a computing device (64) to establish a connection with the gateway device (60), and wherein the safety controller (52) is configured to: receive first authentication information (600) from the gateway device (60), wherein the first authentication information (600) is gateway authentication information (600); check whether the gateway authentication information (600) meets a first authentication condition; if the gateway authentication information (600) meets the first authentication condition, receive from the computing device (64), via the gateway device (60), second authentication information (640); check whether the second authentication information (640) meets a second authentication condition; and if the second authentication information (640) meets the second authentication condition, authenticate the computing device (64), wherein the authenticated computing device (64) is granted maintenance access to the safety controller (52) including permission to control and/or modify an operation of the safety controller (52).”. This judicial exception is not integrated into a practical application because these data gathering is an extra post solution without integrating it into a practical application. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because:
Claims 1-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to abstract idea (organizing human activity and mental processes) without significantly more.
Regarding claims 1 and 11, the claim(s) recite(s) “wherein the processing unit is configured to: the gateway device (60) is configured to enable a computing device (64) to establish a connection with the gateway device (60), and wherein the safety controller (52) is configured to: receive first authentication information (600) from the gateway device (60)”. The acquire of the data information, as for example, to be configured to: receive first authentication information (600) from the gateway device and check whether the second authentication information could be performed by mental processes and is merely organizing human activity. However, these limitations constitute mental processes, which are recognized judicial exceptions. See Alice Corp. v. CLS Bank Int’l, 573 U.S. 208 (2014); MPEP 2106.04.
The claim further recites additional elements, such as “gateway device”, “a safety controller” and “computing device”, however, these additional elements are not sufficient to amount to significantly more than the judicial exception because: The “gateway device”, “a safety controller” and “computing device” are recited at a high level of generality and serves as a generic computing device for implementing the abstract idea. These “controller” and “computing device” are a well-known device for collecting image data, therefore, it is no more than using well-known generic hardware as a tool to collect data. The courts have held that utilizing well-known and conventional tool to perform abstract tasks do not supply “significantly more”.
The claims recites “wherein the safety controller (52) is configured to: receive first authentication information (600) from the gateway device (60), wherein the first authentication information (600) is gateway authentication information (600); check whether the gateway authentication information (600) meets a first authentication condition; if the gateway authentication information (600) meets the first authentication condition, receive from the computing device (64), via the gateway device (60), second authentication information (640); check whether the second authentication information (640) meets a second authentication condition; and if the second authentication information (640) meets the second authentication condition, authenticate the computing device (64), wherein the authenticated computing device (64) is granted maintenance access to the safety controller (52) including permission to control and/or modify an operation of the safety controller (52).”, These all are all mental steps as evident from the disclosure. The grouping of "mathematical concepts" in the 2019 PEG is not limited to formulas or equations, and in fact specifically includes "mathematical calculations" as an exemplar of a mathematical concept. 2019 PEG Section I, 84 Fed. Reg. at 52. Thus, limitation recites a concept that falls into the "mathematical concept"
Accordingly, the claim does not integrate the abstract idea into a practical application. See Enfish, LLC v. Microsoft Corp., 822 F. 3d 1327 (Fed. Cir. 2016) (improvement to computer architecture); Diehr, 450 U.S. 175 (1981) (transformation); MPEP 2106.05.
Therefore, claims 1-15 are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter.
For purposes of office action, these limitations will be interpreted as a safety controller to stablish connection with a gateway on the bases of multiple authentication conditions to further grant access to control or adjust said safety controller.
Claim Rejections – 35 USC § 103
5. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
6. Claims 1-15 are rejected under 35 U.S.C. 103 as being anticipated/unpatentable by HERKEL et al. (EP 4095079 A1) in view of LITTLE HERBERT et al. (EP 1574001 B1).
In regards to claims 1-15, HERKEL shows (Figs. 1-5) an elevator system (20) and method comprising: a gateway device (60); a safety controller (52) arranged to monitor at least one safety condition of the elevator system (20), wherein the gateway device (60) is configured to enable a computing device (64) to establish a connection with the gateway device (60), check whether the second authentication information meets a second authentication condition; and if the second authentication information meets the second authentication condition, authenticate the computing device (64), wherein the authenticated computing device (64) is granted maintenance access to the safety controller (52) including permission to control and/or modify an operation of the safety controller (52),
and implicitly discloses wherein the safety controller (52) is configured to: receive first authentication information from the gateway device (60), wherein the first authentication information is gateway authentication information; check whether the gateway authentication information meets a first authentication condition; if the gateway authentication information meets the first authentication condition, receive from the computing device (64), via the gateway device (60), second authentication information, (see pars. 5-30, i.e. the first authentication information and/or the second authentication information may be generated by a (trusted) certificate authority. The remote computing device may send a first request and/or a second request containing the first public key and/or the second public key and the first and/or second set of credentials, respectively, to the certificate authority. The certificate authority may verify the information in the request and generate the first authentication information and/or the second authentication information by encrypting the first and/or second request with a certificate authority private key. This first and/or second authentication information may then be sent to the remote computing device, and stored on the remote computing device. The safety controller may confirm that the certificate authority has verified the first authentication information and/or the second authentication information by decrypting the information using a certificate authority public key (i.e. a key corresponding to the certificate authority's private key). Thus, in some examples, the method further comprises the remote computing device encrypting a first set of credentials to provide the first authentication information using a (first) public key or a (first) private key. In some examples, the method further comprises the safety controller decrypting the first authentication information using a (first) private key, stored on the safety controller. Similarly, in some examples, the method further comprises the remote computing device encrypting a second set of credentials to provide the second authentication information using a second public key or a second private key. In some examples, the method further comprises the elevator controller decrypting the second authentication information using a second private key, stored on the elevator controller).
Moreover, LITTLE HERBERT discloses a system and method of distributing authentication information for remotely accessing a computer resource. A request for authentication information, including identity information, is received from a user of a remote device and further discloses wherein the safety controller is configured to: receive first authentication information from the gateway device, wherein the first authentication information is gateway authentication information ; check whether the gateway authentication information meets a first authentication condition; if the gateway authentication information meets the first authentication condition, receive from the computing device, via the gateway device, second authentication information ; check whether the second authentication information meets a second authentication condition; and if the second authentication information meets the second authentication condition, authenticate the computing device, wherein the authenticated computing device is granted maintenance access to the safety controller including permission to control and/or modify an operation of the safety controller (see Figs. 1-6 and Description, i.e. a computer network handle user authentication for authentication information distribution and remote access operations, each such system or component may have an associated authentication information store. With reference to Fig. 1, where the data server 26 authenticates a user when a request for stored authentication information is received, the data server 26 may consult a further authentication information store (not shown) to check the authentication information in the request. In addition, authentication information distribution as described herein is also applicable to different types of communication systems than the system 10 of Fig. 1. Although the LAN 18 is remotely accessed via the WAN 12 in Fig. 1, a computer network could also or instead be accessible through one or more other types of networks, including other LANs, Wireless LANs (WLANs), Metropolitan Area Networks (MANs), and Neighbourhood Area Networks (NANs), for example, authentication information used for user authentication during remote access to a computer network differs from the identity information submitted in a request for authentication information. It should be appreciated that identity information and authentication information could include some common information. For example, a password included in identity information in a request could be the same as a network password used as one factor for user authentication in a subsequent remote access operation. In this case, a second authentication factor in the request might be a digital signature or a remote device serial number, whereas a second authentication factor for remote access includes authentication information returned in response to the request, or information generated from the returned authentication information. Thus, the identity information and authentication information include different information, but may also include some common authentication information. Where an authentication information store is protected, a scheme such as shown in Fig. 4 is generally preferred in that communication traffic is avoided when access to the authentication information is denied. Alternatively, when the authentication information is protected via password-based encryption, for example, the authentication information is properly decrypted only when the password is entered correctly. Thus, the password need not be explicitly checked as shown in Fig. 4. The authentication information could be retrieved and decrypted using the password as entered, and sent to the computer network. If the password had not been entered correctly, then the authentication information is not properly decrypted, user authentication at the computer network fails, and remote access to the computer network is denied. 2. The elevator system (20) of claim 1, wherein the first authentication information (600) and/or the second authentication information (640) is generated by a certificate authority).
Hence, given the teaching of LITTLE HERBERT it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to modify the circuit/system of HERKEL in order to authenticate the gateway to the safety controller in order to provide maintenance access to the safety controller, such for example HERKEL already discloses an elevator system, that comprises a gateway device and a computing device in order to perform maintenance work on the safety controller. It is generally known that the gateway device is authenticated when it is connected to the elevator safety controller in order to establish a communication connection (as mention in par. 56 when the gateway device is authenticated, the safety controller may receive the second authentication information from the computing device, while LITTLE HERBERT discloses this authentication information is checked against corresponding authentication information stored for the user or user account to determine whether remote access to the computer network should be granted as to support a higher level of security for the stored authentication information, consequently improving the system security accuracy and reliability.
Note- Based on the rejection under 35 USC § 101, all claims 1-15 are rejected as broadly presented by the rejection mentioned above. The examiner respectfully reminds the that Examiner cites particular columns and line numbers in the references as applied to the claims above for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in its entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner and the additional related prior arts made of record that are considered pertinent to applicant’s disclosure to further show the general state of the art.
Related Prior Arts
7. The following related prior arts made of record are considered pertinent to applicant’s disclosure to further show the general state of the art and may be applied alone or in combination for rejection of the claims.
Rossi et al. (US 11233783 B2) discloses methods and apparatuses for authentication in a computer network system based on security credentials issued for client hosts by a remote security authority are disclosed. In response to detection that a client host is prevented from obtaining security credentials from the remote security authority for use in accessing a target host, the client host can obtain an emergency security credential from a storage of emergency security credentials. The emergency security credential with an error state indication can be send from the client host to the target host for use in the authentication.
Mani e al. (US 20190278955 A1) discloses the physical location of the portable user device 112 interacting with the input device 102 may be determined and used for authentication as well. For example, a physical location (e.g., geolocation, latitude/longitude, etc.) of the access point 104 or input device 102 may be determined and stored in a memory of the authentication processor 122. In some examples, the input device 102 may be immovable and the physical location of the input device 102 may remain static. The physical location of the portable user device 112 may be dynamic and may be determined by a location positioning system (e.g., global positioning system (GPS), etc.)). The location of the portable user device 112 may be identified by the location positioning system and transmitted to one or more secondary devices 114 or to authentication processor 122, either transmission using a wireless communication protocol.
Conclusion
8. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JORGE L CARRASQUILLO whose telephone number is (571)270-7879. The examiner can normally be reached on Monday to Friday (9am to 5pm).
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eduardo Colon-Santana can be reached on (571) 272-2060. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JORGE L CARRASQUILLO/Primary Examiner Engineer, Art Unit 2837