CTNF 19/171,767 CTNF 90576 DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. In communications filed on 04/07/2025. Claims 1-20 are pending in this examination. 07-06 AIA 15-10-15 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. This examination is in response to US Patent Application No. 19/171,767. Examiner notes The Claims 16-18 recite “computer-readable storage media” and has been cited in Paragraph 78 of specification as in some implementations, the memory 510 may include multiple different types of memory, such as static random-access memory (SRAM), dynamic random-access memory (DRAM) or ROM. The first user device 114 may also include additional storage 516, such as either removable storage or non-removable storage including, but not limited to, magnetic storage, optical disks, and/or tape storage. The disk drives and their associated computer-readable media may provide non-volatile storage of computer-readable instructions, data structures, program modules, and other data for the computing devices. Claim Objections 07-29-01 AIA Claim s 19, and 20 objected to because of the following informalities: Claims 19 and 20 refer to the computer-implemented method of claim 16 which refers to one or more computer-readable storage media. The claim category of claims 19 and 20 have to be adapted accordingly . Appropriate correction is required. Claim Rejections - 35 USC § 112 07-30-02 AIA The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 4, 14, and 18 recite the limitation "the second device ". There is insufficient antecedent basis for this limitation in the claim. The term "the device" in claims 12-15 should be amended to refer to 'the first device' in order to establish proper antecedent basis. Claim Rejections - 35 USC § 102 07-07-aia AIA 07-07 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – 07-08-aia AIA (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. 07-15 AIA Claim s 1-3, 5, 9-13, 15-20 are rejected under 35 U.S.C. 102( a) (1 ) as being anticipated by Tseng (US2017/0261589) (filed in IDS 07/17/2025) . Regarding claims 1, 11, and 16, Tseng discloses a computer-implemented method, comprising [0043] FIG. 5 illustrates an example computer system 500 . In particular embodiments, one or more computer systems 500 perform one or more steps of one or more methods described or illustrated herein. In particular embodiments, one or more computer systems 500 provide functionality described or illustrated herein]; and receiving, by a first device connected to a network from a user device, a first locality credential indicating that the user device is within a first locality [0004] The location of a user may be verified by accessing at least two determined locations of the user or a mobile device associated with the user. For example, a user's location may be determined by a GPS reading associated with the user's mobile device]; and obtaining, by the first device, a second locality credential indicating that the user device is within a second locality [0004]…by a radio-frequency identification between the mobile device and a kiosk at a known location. The two determinations may be compared with each other, and a functionality associated with user or a mobile device may be allowed or prohibited based on whether the compared locations correspond to each other]; and determining, by the first device, whether the first locality credential is trusted based at least in part on a comparison of the first locality to the second locality [0042]… allowing or prohibiting a functionality may be based on the trust factors associated with each of two compared determined locations…]; and and in accordance with a determination that the first locality credential is trusted, enabling, by the first device, the user device to access the network associated with the first device. [0004]….For example, a credit card swipe or access to a secure network may be allowed or denied based on the comparison]. Regarding claims 2, 12, and 17, Tseng discloses wherein the first locality credential is trusted in accordance with the first locality being a same location as the second locality. [0004, The location of a user may be verified by accessing at least two determined locations of the user or a mobile device associated with the user. For example, a user's location may be determined by a GPS reading associated with the user's mobile device and by a radio-frequency identification between the mobile device and a kiosk at a known location. The two determinations may be compared with each other, and a functionality associated with user or a mobile device may be allowed or prohibited based on whether the compared locations correspond to each other], and [0042]… allowing or prohibiting a functionality may be based on the trust factors associated with each of two compared determined locations…]. Regarding claims 3, and 13, Tseng discloses wherein the first locality credential is not trusted if the first locality is not a same locality as the second locality; and wherein the method further comprises in accordance with a second determination that the first locality credential is not trusted, disabling, by the first device, the access to the networ k [0042] In particular embodiments, allowing or prohibiting a functionality may be based on trust factors associated with determined locations. For example, each determined location may have an associated trust factor indicating the trustworthiness of the determined location…]. Regarding claim 5, Tseng discloses determining, by the first device and before the network is accessed by the user device via the network, whether the second locality credential is trusted [0042] In particular embodiments, allowing or prohibiting a functionality may be based on trust factors associated with determined locations. For example, each determined location may have an associated trust factor indicating the trustworthiness of the determined location…]. Regarding claim 9, Tseng discloses wherein the first locality credential is associated with a score and the first locality credential is trusted if the score is above a predefined threshold scor e [0042… For example, a functionality may be allowed if each determined location in a comparison has a sufficiently high trust factor associated with the determination. As another example, a functionality may be allowed when a certain number of percentage of the comparisons include determined locations having a sufficiently high trust factor associated with the determination. In particular embodiments, allowing or prohibiting a functionality may be based on a degree of correspondence between comparisons. For example, an overall trust factor may be determined based on how well two or more comparisons agree with each other. In particular embodiments, allowing or prohibiting a functionality may be based on an overall trust factor having a higher (or lower) value than a predetermined trust-factor threshold. For example, the overall trust factor may be based on the trust factors associated with the trust factors of the compared determined locations and the results of those comparisons…]. Regarding claim 10, Tseng discloses wherein the first locality credential or the second locality credential is received using infrared communication or radio communication. [0042, … In particular embodiments a location determination method may involve radio-frequency identification (RFID) communication….], and [0004]. Regarding claim 15, Tseng discloses wherein obtaining the second locality credential comprises executing the computer-executable instructions to: receive, by the first device, from a second device, the second locality credential [0004] The location of a user may be verified by accessing at least two determined locations of the user or a mobile device associated with the user. For example, a user's location may be determined by a GPS reading associated with the user's mobile device and by a radio-frequency identification between the mobile device and a kiosk at a known location. The two determinations may be compared with each other, and a functionality associated with user or a mobile device may be allowed or prohibited based on whether the compared locations correspond to each other. For example, a credit card swipe or access to a secure network may be allowed or denied based on the comparison. Regarding claim 18, wherein the first device manages the access to network; and wherein the second device is located at a known second locality indicated by the second locality credential. [0004] The location of a user may be verified by accessing at least two determined locations of the user or a mobile device associated with the user. For example, a user's location may be determined by a GPS reading associated with the user's mobile device and by a radio-frequency identification between the mobile device and a kiosk at a known location. The two determinations may be compared with each other, and a functionality associated with user or a mobile device may be allowed or prohibited based on whether the compared locations correspond to each other. For example, a credit card swipe or access to a secure network may be allowed or denied based on the comparison], and [0042-0043]. Regarding claim 19, Tseng discloses wherein the first locality credential includes at least one of: a first coordinate, first image data, a first device identifier, a first locality credential identifier, a first user identifier, a first timestamp, a first indication of a type of communication, or first sound data, and wherein the second locality credential includes at least one of a second coordinate, second image data, a second device identifier, a second locality credential identifier, a second user identifier, a second timestamp, a second indication of a type of communication, or second sound data [0004] The location of a user may be verified by accessing at least two determined locations of the user or a mobile device associated with the user. For example, a user's location may be determined by a GPS reading associated with the user's mobile device and by a radio-frequency identification between the mobile device and a kiosk at a known location. The two determinations may be compared with each other, and a functionality associated with user or a mobile device may be allowed or prohibited based on whether the compared locations correspond to each other. For example, a credit card swipe or access to a secure network may be allowed or denied based on the comparison]. Regarding claim 20, Tseng discloses wherein the first locality credential is received based at least in part on at least one of: a near-field communication (NFC) signal, a password entry, a personal identification number (PIN) entry, a Bluetooth signal, a Wi- Fi signal, or an out of band signal [0032, In particular embodiments, a location determination method may include interaction between a user's mobile device and another device, such as a Bluetooth device, a near-field communication (NFC) system,] . Claim Rejections - 35 USC § 103 07-20-aia AIA The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 07-23-aia AIA The factual inquiries set forth in Graham v. John Deere Co. , 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. 07-20-aia AIA The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 07-21-aia AIA Claim s 4, 8, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. 2017/0261589 issued to Tseng(filed in IDS 07/17/2025), and in view of US Patent Application No. (20170289806) issued to Girdhar (filed in IDS 07/17/2025) . Regarding claims 4, and 14, wherein the first device manages the access to a third device that is connected to the network; wherein the third device is accessed by the first device in accordance with the determination that the first locality credential is trusted; and wherein the second device is located at a known second locality indicated by the second locality credential. While Tseng discloses [0004, The location of a user may be verified by accessing at least two determined locations of the user or a mobile device associated with the user. For example, a user's location may be determined by a GPS reading associated with the user's mobile device and by a radio-frequency identification between the mobile device and a kiosk at a known location. The two determinations may be compared with each other, and a functionality associated with user or a mobile device may be allowed or prohibited based on whether the compared locations correspond to each other], and [0042] In particular embodiments, allowing or prohibiting a functionality may be based on trust factors associated with determined locations. For example, each determined location may have an associated trust factor indicating the trustworthiness of the determined location…… allowing or prohibiting a functionality may be based on the trust factors associated with each of two compared determined locations…]. Tseng does not explicitly disclose, however, Girdhar discloses this limitation as:[see fig, 1, [0022] Also, geographical areas described in the geo-fence parameters 105 may be associated with a single device of the IOT devices 101 or a group of one or more of the IOT devices 101 . For example, a user may define a geographical area in the geo-fence parameters 105 that applies to the IOT device 101 A and a different geographical area that applies to the IOT device 101 B. Or, the geo-fence parameters 105 may apply to a specified group of the IOT devices 101 . For example, a user may define a geographical area that applies to the IOT device 101 A and the IOT device 101 B as a group. The geo-fence parameters 105 may associate geographical areas with the IOT devices 101 using the device identifiers 102 . For example, the geo-fence parameters 105 may indicate a geographical area associated with the device identifier 102 A and geographical area associated with the device identifier 102 B. Additionally, the geo-fence parameters 105 may apply to a set of IOT devices defined based on an IOT device type. For example, medical IOT device types, such as weight scales, blood pressure monitors, etc., may be one grouping of the IOT devices 101 . The geo-fence parameters 105 may also be adjusted based on one or more IOT device types. For example, data from smart home IOT device types, such as thermostats, door locks, etc., may be accessed primarily within a limited geographical area such as a home, whereas data from fitness tracker IOT device types may be accessed within a broader geographical area such as a running trail or gym. As a result, fitness tracker device types may be associated with a larger radial distance in the geo-fence parameters 105 than smart home device types], and [ see Fig. 2, [0033] At stage D, the geo-fence authenticator 212 authenticates the geo-location of the user device 203 based on the geo-fence policy 209 . The geo-fence authenticator 212 determines whether the geo-location of the user device 203 received with the data request 204 falls within any of the data access areas described in the geo-fence policy 209 . For example, the geo-fence authenticator 212 may determine whether the location is within boundaries indicated by geographical coordinates by determining whether the latitude and longitude of the location are between the latitudes and longitudes of the geographical boundaries. As described above, the geo-fence policy 209 may include an equation or set of equations that describe the geographical boundaries. The geo-fence authenticator 212 may evaluate the geo-location against the equations to determine whether the geo-location is within any of the geographical boundaries. The geo-fence authenticator 212 also determines whether other parameters in the geo-fence policy 209 , such as time-based parameters, are satisfied by the user device 203 or the data request 204 . For example, the geo-fence authenticator 212 may determine whether the data request 204 was received or submitted within a time window indicated in the geo-fence policy 209 . In some implementations, the geo-location may not be received with the data request 204 . Instead, the geo-fence authenticator 212 may request the geo-location from the user device 203 or may determine a location of the user device 203 based on the access point 206 . After determining that the geo-location satisfies the geo-fence policy 209 , the geo-fence authenticator 212 indicates a successful authentication to the IOT data interface 210]. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Tseng by incorporating “ geographically based access management for IOT device data”, as taught by Girdhar. One could have been motivated to do so in order to establish an account via the user device for association with the IOT devices by defining a geographical area in the geo-fence parameters, and implementing a Geo-Fence policy and Geo-Fence authenticator [ Girdhar, see FIG. 1 0017, 0022]. Regarding claim 8, Tseng does not explicitly disclose, however, Girdhar discloses wherein in accordance with the determination that the first locality credential is trusted, enabling, by the first device, the user device to access a third device via the network, wherein the third device comprises a smart accessory configured as at least one of: a television, an audio device, a light fixture, a garage door opener, an architectural covering, a camera, a lock, an alarm system, or an air conditioning un it. [see fig, 1, [0022] Also, geographical areas described in the geo-fence parameters 105 may be associated with a single device of the IOT devices 101 or a group of one or more of the IOT devices 101 . For example, a user may define a geographical area in the geo-fence parameters 105 that applies to the IOT device 101 A and a different geographical area that applies to the IOT device 101 B. Or the geo-fence parameters 105 may apply to a specified group of the IOT devices 101 . For example, a user may define a geographical area that applies to the IOT device 101 A and the IOT device 101 B as a group. The geo-fence parameters 105 may associate geographical areas with the IOT devices 101 using the device identifiers 102 . For example, the geo-fence parameters 105 may indicate a geographical area associated with the device identifier 102 A and geographical area associated with the device identifier 102 B. Additionally, the geo-fence parameters 105 may apply to a set of IOT devices defined based on an IOT device type. For example, medical IOT device types, such as weight scales, blood pressure monitors, etc., may be one grouping of the IOT devices 101 . The geo-fence parameters 105 may also be adjusted based on one or more IOT device types. For example, data from smart home IOT device types, such as thermostats, door locks, etc., may be accessed primarily within a limited geographical area such as a home, whereas data from fitness tracker IOT device types may be accessed within a broader geographical area such as a running trail or gym. As a result, fitness tracker device types may be associated with a larger radial distance in the geo-fence parameters 105 than smart home device types], and [0002, 0012, 0043]. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Tseng by incorporating “ geographically based access management for IOT device data”, as taught by Girdhar. One could have been motivated to do so in order to establish an account via the user device for association with the IOT devices by defining a geographical area in the geo-fence parameters and implementing a Geo-Fence policy and Geo-Fence authenticator [ Girdhar, see FIG. 1 0017, 0022] . 07-21-aia AIA Claim s 6, and 7 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. 2017/0261589 issued to Tseng (filed in IDS 07/17/2025), and in view of US Patent Application No. (2022/0210655) issued to Feldmann (filed in IDS 07/17/2025) . Regarding claim 6, Tseng does not explicitly disclose, however, Feldmann discloses receiving, by the first device, an indication that the user device has left the first locality; and after receiving the indication that the user device has left the first locality, disabling, by the first device, the access of the user device to the network [0035] Such applications, services, etc., may remain available while UE 101 remains within region 100 , and may become unavailable once UE 101 leaves region 100 . Continuing the example above, as shown in FIG. 3, UE 101 may exit (at 320 ) geographical region 100 . For example, UE 101 may be physically moved, and/or a reference point (e.g., a location of mobile equipment or some other device or system) associated with region 100 may move such that UE 101 is no longer located within region 100 . Network 103 may continue to monitor (at 322 ) the location of UE 101 , and provide (at 324 ) location information associated with UE 101 to GTACS 105 . Based on the received location information, GTACS 105 may determine (at 326 ) that UE 101 is outside of region 100 specified by policy 107 , and may revoke the previously granted access, for example, by providing restriction information that indicates the UE 101 is no longer allowed to access applications and/or services associated with policy 107 . How the restriction information is provided may depend on the implementation used, as noted above. For example, where restriction is through authentication requests, the restriction information may be provided in response to an authentication process. Where restriction is through initial/continuing access, the restriction may be provided to the system to terminate/degrade any current access to the system and/or to block/degrade future access by the UE 101 . Based on the revocation, in some implementations, UE 101 may indicate to a user via a user interface that UE 101 is no longer permitted access. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Tseng by incorporating “ a technique for selectively granting or revoking/denying access to applications to a User Equipment (“UE”) based on location-based policies”, as taught by Feldmann. One could have been motivated to do so in order to allow the user equipment to access the application while remains within the region and maybe unavailable when user equipment leaves the region such as the UE moved out of the region and no longer located within the region.[ Feldmann, Abstract, 0035]. Regarding claim 7, Tseng does not explicitly disclose, however, Feldmann discloses in further accordance with determining that the first locality credential is trusted, setting a time to live, wherein the network is accessible until the time to live expires; receiving, by the first device, a third locality credential; and adjusting the time to live [0041-0042] In some embodiments, as noted above, GTACS 105 may allow or restrict access to one or more applications, services, etc. based on time-based criteria. FIG. 6 illustrates an example or a time-based restriction. For example, assume that UE 101, shown in FIG. 6, remains stationary. In this example, GTACS 105 may maintain a set of policies 107, which include time-based criteria (e.g., in addition to location-based criteria). For example, a first policy 107 may be associated with a first set of access parameters during a first time period (e.g., between times t.sub.0 and t.sub.1), a second policy 107 may be associated with a second set of access parameters during a second time period (e.g., between times t.sub.1 and t.sub.2), a third policy 107 may be associated with a third set of access parameters during a third time period (e.g., between times t.sub.2 and t.sub.3), and a fourth policy 107 may be associated with a fourth set of access parameters during a third time period (e.g., starting at time t.sub.3). A particular policy 107 may specify a time period in various ways, such as a start time, an end time, a duration, etc. As shown, at time t.sub.0, GTACS 105 may grant (at 602) first access to UE 101, based on the time-based criteria associated with the first policy 107. At time t.sub.1, GTACS 105 may revoke (at 604) the first access due to first policy 107 and grant second access to UE 101 due to second policy 107. As further shown in FIG. 6, GTACS 105 may revoke (at 606) the second set of access parameters at time t.sub.2 based on the second policy 107 and may grant a third set of access parameters at time t.sub.2 based on the third policy 107. Similarly, GTACS 105 may revoke (at 608) the third access parameters at time t.sub.3 based on the third policy 107 and grant fourth access parameters at time t.sub.4 based on the fourth policy 107. As discussed above, different access parameters may be associated with different applications or functions at UE 101, different services or data that may be provided to UE 101 (e.g., by an application server or some other device or system), or the like. As also discussed above, granting or revoking access may include one or more indications provided by GTACS 105 to UE 101 and/or to one or more other devices or systems that are communicatively coupled with UE 101. Based on such indications, UE 101 may enable or disable, activate or deactivate, etc. applications, services, devices, or the like], and [0023]. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Tseng by incorporating “ Time-based Access Control System (“GTACS”)”, as taught by Feldmann. One could have been motivated to do so in order to monitor a geographical location of UE , which may include a periodic, continuous, intermittent, event-based, and/or other type of monitoring of the geographical location of UE , and allow or restrict access to one or more applications, services, etc. based on time-based criteria. [ Feldmann, [0022], [0041]]. Conclusion 07-96 The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See submitted 892 for more relevant references. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached at 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SHAHRIAR ZARRINEH/Primary Examiner, Art Unit 2496 Application/Control Number: 19/171,767 Page 2 Art Unit: 2496 Application/Control Number: 19/171,767 Page 3 Art Unit: 2496 Application/Control Number: 19/171,767 Page 4 Art Unit: 2496 Application/Control Number: 19/171,767 Page 5 Art Unit: 2496 Application/Control Number: 19/171,767 Page 6 Art Unit: 2496 Application/Control Number: 19/171,767 Page 7 Art Unit: 2496 Application/Control Number: 19/171,767 Page 8 Art Unit: 2496 Application/Control Number: 19/171,767 Page 9 Art Unit: 2496 Application/Control Number: 19/171,767 Page 10 Art Unit: 2496 Application/Control Number: 19/171,767 Page 11 Art Unit: 2496 Application/Control Number: 19/171,767 Page 12 Art Unit: 2496 Application/Control Number: 19/171,767 Page 13 Art Unit: 2496 Application/Control Number: 19/171,767 Page 14 Art Unit: 2496 Application/Control Number: 19/171,767 Page 15 Art Unit: 2496 Application/Control Number: 19/171,767 Page 16 Art Unit: 2496 Application/Control Number: 19/171,767 Page 17 Art Unit: 2496