DETAILED ACTION
A response was received on 08 December 2025. By this response, Claims 1, 3, 4, 9, 11, 12, and 17-19 have been amended. No claims have been added or canceled. Claims 1-20 are currently pending in the present application.
Response to Arguments
Applicant's arguments filed 08 December 2025 have been fully considered but they are not persuasive.
Regarding the rejection of Claims 1-20 under 35 U.S.C. 112(a) for failure to comply with the written description requirement, Applicant argues that support for “selectively providing access by the first requesting entity to the first resource using the routing information” is found in paragraph 0038 of the application as published (page 8 of the present response). However, there is no mention of routing information in this paragraph, so this paragraph does not provide clear support for selectively providing access using the routing information as claimed.
Regarding the rejection of Claims 1-3, 9-11, 17, and 18 under 35 U.S.C. 103 as unpatentable over Johnson et al, US Patent Application Publication 2020/0051127, in view of Bernat et al, US Patent Application Publication 2019/0391855; the rejection of Claims 4, 12, and 19 under 35 U.S.C. 103 as unpatentable over Johnson in view of Bernat, and further in view of Herbach et al, US Patent Application Publication 2013/0239230; and the rejection of Claims 5-8, 13-16, and 20 under 35 U.S.C. 103 as unpatentable over Johnson in view of Bernat, and further in view of Melo et al, US Patent Application Publication 2019/0318068, and with particular reference to amended independent Claims 1, 9, and 17, Applicant first repeats the argument that Johnson, individually, does not disclose or suggest that the first resource is included in resources that are from or included in an IoT environment (pages 9-10 of the present response, citing Johnson, paragraph 0011). In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). The outstanding rejections acknowledged that Johnson does not explicitly disclose that the first resource originates from entities in an IoT environment and instead relied on Bernat to show this feature.
Applicant further argues that Bernat, individually, does not disclose the newly added limitation that selectively providing access using the routing information “avoids limitations associated with application of a tenancy model”, because Bernat relies on tenant keys (page 10 of the present response, citing Bernat, paragraph 0019). However, as detailed below, this new limitation is indefinite because it is not clear what limitations are being avoided, and because “avoiding” is a term of degree that is not clearly defined (i.e. it is not clear if the vague limitations are always avoided without fail or if it is sufficient to attempt but fail to avoid the limitations). It is also not clear how using the routing information would avoid any tenancy related limitations. Because this limitation cannot be clearly construed, for purposes of applying the prior art, this indefinite limitation has been treated as though it was not present in the claims. It is again noted that at least Bernat discloses accessing and using routing information to determine access to resources (see paragraphs 0037-0038).
Therefore, for the reasons detailed above, the Examiner maintains the rejections as set forth below.
Specification
The objection to the specification for failure to provide proper antecedent basis for the claimed subject matter is NOT withdrawn for the reasons detailed above and because the amendments have raised new issues, as detailed below.
The specification is objected to as failing to provide proper antecedent basis for the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01(o). Correction of the following is required: Claims 1, 9, and 17 were previously amended to recite “routing information for accessing the first resource” and have further been amended to recite “selectively providing access… to the first resource based on the routing information”. However, although the specification generally mentions routing information, there is not clear discussion of the more detailed use of routing information for accessing the first resource. Therefore, there is not clearly proper antecedent basis for the claimed subject matter in the specification. For further detail, see below with respect to the rejection under 35 U.S.C. 112(a) for failure to comply with the written description requirement.
Claim Rejections - 35 USC § 112
The rejection of Claims 1-20 under 35 U.S.C. 112(a) for failure to comply with the written description requirement is NOT withdrawn for the reasons detailed above and because the amendments have raised new issues, as detailed below. The rejection of Claims 1-20 under 35 U.S.C. 112(b) as indefinite is NOT withdrawn because not all issues have been addressed and/or because the amendments have raised new issues, as detailed below.
The following is a quotation of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.
Claims 1, 9, and 17 were previously amended to recite “routing information for accessing the first resource” and have further been amended to recite “selectively providing access… to the first resource based on the routing information”. However, although the specification generally mentions routing information (e.g. paragraph 0037), there is not clear discussion of the more detailed use of routing information for accessing the first resource as recited in the claims. Further, although Applicant has pointed to paragraph 0038 for support of the claims as amended (page 8 of the present response), there is no mention of routing information in this paragraph. Therefore, there is not clearly sufficient written description of the claimed subject matter in the specification.
Claims not explicitly referred to above are rejected due to their dependence on a rejected base claim.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites “wherein the graph-based database models identifies the plurality of resources” in line 9. It is grammatically unclear what the subject of the verb “identifies” is intended to be, since “models” also appears to be a verb in this context. The claim further recites “wherein selectively providing the access using the routing information avoids limitations associated with application of a tenancy model” in lines 19-20. However, it is not clear what limitations of a tenancy model are being avoided. Further, “avoiding” is a relative or subjective term which does not require a particular result but only an attempt, i.e. it is not clear if the undefined “limitations” are always avoided without fail or if it is sufficient to attempt but fail to avoid the limitations. See MPEP § 2173.05(b). It is also not clear how using the routing information would avoid any tenancy related limitations. Because this limitation cannot be clearly construed, for purposes of applying the prior art, this indefinite limitation has been treated as though it was not present in the claims. The above ambiguities render the claim indefinite.
Claim 9 recites “the first resource originating from the other entities” in line 11. It is not grammatically clear how this phrase relates to the remainder of the claim, although it appears that it may be intended to be a “wherein” clause or similar. The claim further recites “wherein the graph-based database models identifies the plurality of resources” in lines 11-12. It is grammatically unclear what the subject of the verb “identifies” is intended to be, since “models” also appears to be a verb in this context. The claim additionally recites “wherein selectively providing the access using the routing information avoids limitations associated with application of a tenancy model” in lines 23-24. However, it is not clear what limitations of a tenancy model are being avoided. Further, “avoiding” is a relative or subjective term which does not require a particular result but only an attempt, i.e. it is not clear if the undefined “limitations” are always avoided without fail or if it is sufficient to attempt but fail to avoid the limitations. See MPEP § 2173.05(b). It is also not clear how using the routing information would avoid any tenancy related limitations. Because this limitation cannot be clearly construed, for purposes of applying the prior art, this indefinite limitation has been treated as though it was not present in the claims. The above ambiguities render the claim indefinite.
Claim 17 recites “wherein the graph-based database models identifies the plurality of resources” in line 8. It is grammatically unclear what the subject of the verb “identifies” is intended to be, since “models” also appears to be a verb in this context. The claim further recites “wherein selectively providing the access using the routing information avoids limitations associated with application of a tenancy model” in lines 24-25. However, it is not clear what limitations of a tenancy model are being avoided. Further, “avoiding” is a relative or subjective term which does not require a particular result but only an attempt, i.e. it is not clear if the undefined “limitations” are always avoided without fail or if it is sufficient to attempt but fail to avoid the limitations. See MPEP § 2173.05(b). It is also not clear how using the routing information would avoid any tenancy related limitations. Because this limitation cannot be clearly construed, for purposes of applying the prior art, this indefinite limitation has been treated as though it was not present in the claims. The above ambiguities render the claim indefinite.
Claims not explicitly referred to above are rejected due to their dependence on a rejected base claim.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 9-11, 17, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Johnson et al, US Patent Application Publication 2020/0051127, in view of Bernat et al, US Patent Application Publication 2019/0391855.
In reference to Claim 1, Johnson discloses a method that includes managing receipt of a request from a first requesting entity to request a first resource (paragraph 0048); generating and submitting a query for a graph-based database to determine one or more relationships between the first requesting entity and other entities covered by a security policy (paragraphs 0048-0049, determining path through graph); and determining based on the determined relationships and policy whether the first entity is allowed to access the first resource, and allowing access or not allowing access based on whether it is determined that access is allowed (paragraph 0049, access granted based on path). However, Johnson does not explicitly disclose that the first resource is from or is included in an IoT environment to which the first requesting entity is coupled nor does Johnson explicitly disclose accessing routing information for accessing the first resource.
Bernat discloses a method that includes a first application requesting access to data collected by an IoT device (see paragraphs 0017, 0019, application; paragraph 0022, IoT device), as well as accessing routing information for accessing the first resource and allowing access based on the routing information (see paragraphs 0037-0038). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Johnson to include the IoT environment and routing information of Bernat, in order to gain the benefit of the efficiencies of edge computing (see Bernat, paragraph 0022).
In reference to Claim 2, Johnson and Bernat further disclose a method that includes a first application requesting access to data collected by an IoT device (see Bernat, paragraphs 0017, 0019, application; paragraph 0022, IoT device).
In reference to Claim 3, Johnson and Bernat further disclose determining whether relationships satisfy conditions defined by the policy (see Johnson, paragraph 0049).
Claims 9-11 are directed to software implementations of the methods of Claims 1-3, and are rejected by a similar rationale, mutatis mutandis.
Claim 17 and 18 are directed to systems having functionality corresponding to the methods of Claims 1-3, and are rejected by a similar rationale, mutatis mutandis.
Claims 4, 12, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Johnson in view of Bernat as applied to Claims 1, 9, and 17 above, and further in view of Herbach et al, US Patent Application Publication 2013/0239230.
In reference to Claim 4, Johnson and Bernat disclose everything as detailed above with respect to Claim 1, and Johnson and Bernat further disclose that determining whether the first entity is allowed to access the first resource is based on a determined identity, a resource type, and a connection type (see Johnson, paragraphs 0013, 0048, and 0050). However, neither Johnson nor Bernat explicitly discloses that the determining is based on a time or location. Herbach discloses a method in which determining whether an entity is allowed to access a resource is based on a time at which the request to access was received and a location of the requesting entity (see paragraphs 0073 and 0088). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the method of Johnson and Bernat to include the time and location restrictions of Herbach, in order to provide persistent security (see Herbach, paragraph 0039).
Claim 12 is directed to software implementations of the methods of Claim 4, and is rejected by a similar rationale, mutatis mutandis.
Claim 19 is directed to a system having functionality corresponding to the method of Claim 4, and is rejected by a similar rationale, mutatis mutandis.
Claims 5-8, 13-16, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Johnson in view of Bernat as applied to Claims 1, 9, and 17 above, and further in view of Melo et al, US Patent Application Publication 2019/0318068.
In reference to Claims 5 and 8, Johnson and Bernat disclose everything as detailed above with respect to Claim 1. However, while Johnson and Bernat generally disclose policy rules, Johnson and Bernat do not explicitly disclose an individual access control policy or the relationships in the rules. In reference to Claims 5-7, Melo discloses a method that includes an individual access control policy defining how individuals can interact with elements of the environment and permissions (paragraph 0062) as well as an application/service access control policy (paragraph 0059) and an access governance policy (paragraph 0059). In reference to Claim 8, Melo discloses a method in which a security policy includes a plurality of rules defining a principal and relationships determining whether access to a specified resource is allowed (paragraph 0059). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to further modify the method of Johnson and Bernat to include the more detailed policies of Melo, in order to allow dynamic adjustment of relationships in policies (see Melo, paragraph 0018).
Claims 13-16 are directed to software implementations of the methods of Claims 5-8, and are rejected by a similar rationale, mutatis mutandis.
Claim 20 is directed to a system having functionality corresponding to the methods of Claims 5-8 in combination, and is rejected by a similar rationale, mutatis mutandis.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:00am-5:30pm, Eastern Time.
Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal D Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Zachary A. Davis/Primary Examiner, Art Unit 2492