RESTRICTING DATA ACCESS

§103 §112

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant's arguments filed October 3, 2025 have been fully considered but they are not persuasive. On page 1 of the rejections, Applicant argues the rejections of 35 U.S.C. 112(b), 112(a), and claim interpretations under 35 U.S.C. 112(f), Applicant amends the claims 1-19, and 30-31 without conceding to the merits of the rejections. Examiner withdraws the rejections of 112(b), and states that the structure is clarified by identifying the device being used in the claims as a “client computing device” and as a result, overcomes the claim interpretation issues raised previously. However, the rejections made under 112(a) are being maintained, as the Applicant does not clarify the issues with the rejection, or otherwise states where else in the Specification the claim limitations are supported. The rejections made under 112(a) are being maintained by the Examiner. On page 2 of the remarks, Applicant argues the rejections under 35 U.S.C. 103, in particular the rejections of claims 1-3, 6, 10, and 30-31 rejected over Farkash et al. (US 20200169421), in view of Arngren et al. (US 20220191697). Applicant states that in Arngren, a user equipment receives data from a host computer, and is not the device that receives a request for an application executing on the UE to access data, and that Arngren does not suggest that the UE controls an application’s access to data collected by the UE. Examiner disagrees, as the user equipment signs a token stated in [0104] receives the token in view of Farkash’s use of a computer system of a user in Fig. 7 containing application data and controlling access to data, and the combination of Farkash in view of Arngren teaches the limitations present in independent claim 1. Claims 2-3, 6, 10, 30-31 have their rejections maintained under 35 U.S.C. 103 over Farkash in view of Arngren. Finally, the rejections under 35 U.S.C. 103 made to dependent claims 4-5, 7-9, 11-15, and 17-19 over various combinations including the references of Wentz (US 20200112442), Todd (US 9460136), Doddavula (US 20200106610 A1), Chandoor (US 20170201520 A1), Moore (US 20140101722 A1), and Sahraei (US 20190052621 A1) are maintained, as the Applicant appears to have made clarifications to the ‘device’ being a ‘client computer device’ and ‘data’ being a ‘set of data’. As a result, Examiner maintains the rejections made to the claims as dependent claims 4-5, 7-9, 11-15, and 17-19 depend on independent claim 1, without conceding to the merits of the rejections. Claim Rejections - 35 USC § 112(a) The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1-15, 17-19, and 30-31 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. As described above, the disclosure does not provide adequate structure to perform the claimed function of receiving a request for an application executing at a client computing device, a request that the application access data collected by the device, determining an identifier for the application and a declared use for the data, in response to the request and based on a twice-signed data usage token, controlling application data access by the client computing device, providing access to the data collected by the application executing at the device when conditions are met, and preventing access to the data collected by the application executing at the device when any conditions fail to be met. The specification does not demonstrate that applicant has made an invention that achieves the claimed functions because the invention is not described with sufficient detail such that one of ordinary skill in the art can reasonably conclude that the inventor had possession of the claimed invention. Claims 2-15, and 17-19 are dependent claims of independent claim 1, and dependent claims inherit the deficiencies of their respective independent claims. As a result, dependent claims 2-15, and 17-19 are also rejected under 35 U.S.C. 112(a) based on the indefiniteness rejection of independent claim 1. Claim 30 recites similar limitations as in claim 1 above, and as a result, the deficiencies of the independent claim 30 are inherited from independent claim 1. Claim 31 recites similar limitations as in claims 1 and 30 above, and as a result, the deficiencies of the independent claim 20 are inherited from independent claims 1 and 30. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-3, 6, 10, and 30-31 are rejected under 35 U.S.C. 103 as being unpatentable over Farkash et al. (US 20200169421 A1), hereinafter Farkash, in view of Arngren et al. (US 20220191697 A1), hereinafter Arngren. Regarding claim 1, Farkash discloses a computer-implemented method comprising: collecting, by a client computer device, a set of data (Claim 12, system claimed can retrieve data responsive to a request for data, which is further stated to whether allow access to the requested data as stated in paragraph [0007]. [0032] Further states that the computer system 700 containing application data can include a personal computer, corresponding to a client computer device, and application data corresponds to a set of data of the Applicant.); receiving, by an operating system of a client computing device and from an application, a request that the application access the set of data collected by the client computing device ([0027] Fig. 5, runtime process 500 corresponds to receiving a request for access to data for an application, and subsequentially, a device in which the application is installed on. [0028] Fig. 5, step 516, at runtime, application can request access to personal data, and the runtime environment can determine which part of the code made the request.); determining, by the client computing device in response to the request and based on a signed token of the application, an identifier of the application and a declared use of the set of data by the application based on contents of the signed token that has been digitally signed by a data-access authorization system ([0021] Certificate 112A-C comprises purpose information for each application part being a data usage token for the application. [0007] Hash of a program information for each application part corresponds to identifier, and in paragraph [0023], hashes for each application part 104A-C are generated. Paragraph [0027] has a query 504 receives a signed purpose 220A in Fig. 5, and a signed purpose is related to an application part that is requesting data. [0022] Application 102 is sent to application certifier (AC) 108 to verify status of application to obtain a digital certificate 118. Paragraph [0025] further explains that each certificate is signed with a private key 114. [0007] Data responsive to the request is retrieved, alongside the requested purpose for a signed purpose. Claim 12 describes a system that performs this process as well.); controlling, by the client computing device, the application's access to the set of data in response to the request using the identifier of the application, the declared use for the set of data, and an authorized use of the set of data, including ([0007] Identity of application part corresponds to identifier of an application of the applicant. [0038] Task number in the prior art is another way the application is identified. [0027] Requested purpose corresponds to declared use for the data, and signed purpose 220A corresponds to authorized use of the data of the applicant. [0007] Retrieved data is included in response to the request from an application when the purpose is allowed, corresponding to controlling application's access to data. Claim 12 describes a system that performs this process as well.): providing, by the client computing device, the set of data to the application when (i) signatures of the signed token have been validated and (ii) the declared use of the set of data matches an authorized use of the set of data ([0023] AC (application certifier) determines access by confirming token/certificate with signatures. [0028] Fig. 5, block 516, data privacy/consent manager (DPCM) opens purpose with public key to obtain original purpose. [0029] DPCM sends access decision 522 to data access manager (DAM) 506 based on comparison, with DPCM being a part of the system. If the allowed and original purposes match, access decision indicates to application part 104A to allow access to requested data.); and preventing, by the client computing device, the application from accessing the set of from accessing the data when (i) either signature of the signed token has not been validated or (ii) the declared use of the set of data fails to match the authorized use of the set of data ([0029] Fig. 5, If a purpose and request purpose 106A do not match up, access decision 522 may refuse to allow access to requested data for application part 104A.). Farkash discloses only a signed token. Farkash does not disclose, but Arngren teaches the ‘twice-signed’ aspect of the data usage token for an application executing at the device, and ‘(i) a system that receives data generated by the application executing at the client computing device’, along with a twice-signed aspect of the claim limitation ([0066] Validation of double-signed tokens for data usage is performed by the home network operator (HNO) from a visited network operator (VNO), as also shown in Fig. 2. [0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). and ‘(i) a system that has data for the application executing at the one or more computers’ and a limitation of ‘application executing at the one or more computers’ in claim 1 ([0326] Client application QQ532 can provide a service to a user of a UE (user equipment) QQ530, with application QQ532 requesting data from host application QQ512 on host computer QQ510, which corresponds to the applicant's limitation of a token for an application executing at the one of more computers. With Fig. 2 showing a user equipment signing a token, both systems must sign a token for a process to proceed.), Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash and Arngren before them, to include Arngren’s ‘twice-signed’ aspect of the data usage token for an application executing at the device and ‘(i) a system that receives data generated by the application executing at the client computing device’ in Farkash’s computer-implemented method of ‘receiving, by a device and for an application, a request for access to data collected by the device’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Regarding claim 2, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash discloses the method of claim 1, wherein controlling, by the client computing device, application access to the set of data comprises controlling, by the operating system of the device, application access to the set of data ([0038] Task number being a way in which the prior art identifies the application. [0028] Runtime environment determines purpose of an application, and corresponds to controlling application access to data with a task number identifying an application, as stated by [0028] of Farkash. Runtime environment can be a part of process 200, itself a part of the system of the invention.). Regarding claim 3, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash discloses the elements of the method of claim 1, reciting a signed token ([0025] Signing of a digital certificate 112A-C with a private key 114 of the application certifier 108 corresponds to signing by a data-access authorization system.). Farkash discloses a signed token. Farkash does not expressly teach, but Arngren teaches the ‘twice-signed data usage token’ limitation in claim 3 ([0169] As seen in Fig. 3, the user equipment (UE) device provides the double-signed data usage token via a VNO for HNO to identify the token.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash and Arngren before them, to include Arngren’s ‘twice-signed data usage token’, ‘the method of claim 1, wherein receiving the request comprises receiving a request that identifies the twice-signed data usage token’ in Farkash’s “the method of claim 1, wherein receiving the request comprises receiving a request that identifies the signed token’, and 'a computer-implemented method comprising: receiving, by a device and for an application, a request for access to data collected by the device'. One would have been motivated to make such a combination to increase security to ensure that the “double-signed token may thus be validated by verifying the cryptographic signatures based on a corresponding public key associated with the home network and a corresponding public key of the user equipment” for validity purposes, as taught by Arngren [0128]. Regarding claim 6, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash also discloses ‘determining one or more requested data types identified by the signed data usage token, wherein: controlling the application’s access to the set of data comprises controlling, by the device, application’s access to the set of data using the identifier of the application, the declared use for the set of data, the one or more requested data types, and a data type of the set of data requested’ ([0023] Application certificate 110 corresponds to the usage token for a purpose 220A-C. [0027] Fig. 5, signed purposes 220A corresponding to the declared use of the data, data subject ID corresponds to the one or more requested data types, and data retrieved from a database 508 corresponds to data type of data requested of the applicant. Application data of data requested corresponds to the set of data of the Applicant, stated in [0032]. [0007] Shows data being responsive to data requested, and information for subject of retrieved data can be shown.): providing, by the device and to the application, the set of data when (i) signatures of the signed token have been validated, (ii) the declared use of the set of data matches an authorized use of the set of data, and (iii) the one or more requested data types include the data type of the set of data requested ([0028] Fig. 5, block 516, data privacy/consent manager (DPCM) opens purpose with public key to obtain original purpose, corresponding to signatures of a signed data usage token being validated, and a data subject ID is present to determine purpose and type of data requested. [0029] DPCM sends access decision 522 to data access manager (DAM) 506 based on comparison. If the allowed and original purposes match, access decision indicates to application part 104A to allow access to requested data.); preventing the application from accessing the set of data when (i) either signature of the signed token has not been validated or (ii) the declared use of the set of data fails to match the authorized use of the set of data or (iii) the one or more requested data types do not include the data type of the set of data requested ([0029] Fig. 5, If a purpose and request purpose 106A do not match up, access decision 522 may refuse to allow access to requested data for application part 104A.). Farkash discloses a signed token. Farkash does not expressly disclose, but Arngren teaches the limitation of ‘twice-signed usage data token’ ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash and Arngren before them, to include Arngren’s ‘signatures of the twice-signed data usage token” aspect of the data usage token in Farkash’s ‘the method of claim 1, comprising: determining one or more requested data types identified by the signed token, wherein: controlling the application’s access to the set of data comprises controlling, by the device, application’s access to the set of data using the identifier of the application, the declared use for the set of data, the one or more requested data types, and a data type of the set of data requested’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Regarding claim 10, Farkash in view of Arngren teaches the elements of claims 1 and 8 above. Farkash discloses the method of claim 8, wherein the public key for the publisher indicates the declared use of the set of data by the application, the system that receives data generated by the application, or both ([0026] Indicates the public key 204 for the publisher that the system has data to open application 120, in this case, the application code including application parts 104A-C, application parts corresponding to a set of data by the application.). Regarding claim 30, Farkash discloses limitations similar to independent claim 1 above, and shares the rejections of claim 1 stated above, and also discloses a system comprising one or more computers ([0032] Fig. 7, computer system 702.); and one or more storage devices on which are stored instructions that, when executed by the one or more computers, cause the one or more computers to perform operations comprising: receiving, for an application, a request that the application access data collected by the device ([0039] Fig. 7, memory 708 has instructions for a program and the various routines for executing the functions of the claimed invention. [0027] Fig. 5, runtime process 500 corresponds to receiving a request for access to data for an application, and subsequentially, a device in which the application is installed on. [0028] Fig. 5, step 516, at runtime, application can request access to personal data, and the runtime environment can determine which part of the code made the request.); Regarding claim 31, Farkash discloses limitations similar to independent claim 1 above, and shares the rejections of claim 1 stated above, and also discloses one or more non-transitory computer readable medium storing instructions that, upon execution by one or more data processing apparatus, cause the one or more data processing apparatus to perform operations comprising ([0039] Computer program product can include a computer readable storage medium/media with program instructions that can be executed by a processor. [0001] Data is collected by a device in Farkash.): Claims 4-5, 8-9, and 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren as applied to claims 1-3, 6-7, and 10 above, and further in view of Wentz (US 20200112442 A1). Regarding claim 4, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash discloses the elements of the method of claim 1, comprising: in response to receiving the request, determining an identifier of the application, and the signed token using the identifier of the application ([0005] Purpose for application needs to be verified for an application that can serve multiple purposes and determine the correct purpose for each data access. [0038] Task number in the prior art is another way the application is identified. [0021] Certificate 112A-C comprises purpose information for each application part being a data usage token for the application.). Farkash discloses a single-signed usage token. Farkash does not expressly teach, but Arngren also teaches the ‘twice-signed” aspect of the data usage token ([0042] The double-signed token is retrieved from the user device to another device, such as an HNO in Fig. 3 for verification.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash and Arngren before them, to include Arngren’s ‘twice-signed’ aspect of the data usage token in Farkash’s 'the method of claim 1, comprising: in response to receiving the request, determining an identifier for the application; the signed token using the identifier for the application’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Farkash in view of Arngren does not expressly teach but Wentz teaches the limitation of “and retrieving, by the client computing device and from a token database, the data usage token’ aspect of the claim ([0070] Fig. 1, cryptographic evaluator 104 retrieves a token 124 by the device and from the database. [0083] Fig. 1, authorization listing 136 listing tokens corresponds to the token database. [0032] Computer system 700 containing application data can include a personal computer, corresponding to a client computer device). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Wentz before them, to include Arngren’s and Wentz’s ‘the method of claim 1, comprising: in response to receiving the request, determining an identifier of the application; and retrieving, by the client computing device and from a token database, the twice-signed data usage token using the identifier of the application” in Farkash’s ‘a computer-implemented method comprising: receiving, by a device and for an application, a request for access to data collected by the device. One would have been motivated to make such a combination to improve security by having the “authorization listing 136 may include any data structure suitable for storage and/or retrieval of data records, including any distributed storage data structure such as a distributed hash table and/or any temporally sequential listing”, as taught by Wentz [0083], and ensuring that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Regarding claim 5, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash discloses the method of claim 1, wherein: controlling the application’s access to the data comprises controlling, by the client computing device, the application’s access to the set of data using the identifier of the application, the declared use for the set of data, one or more requested data types, and a data type of the set of data requested, including ([0027] Fig. 5, runtime process 500 corresponds to receiving a request for access to data for an application from an application part, and is part of a device in which the application is installed on. There is also a query 504 that receives a signed purpose 220A in Fig. 5, with a data subject ID indicating a subject of retrieved data, which corresponds to requested data types of the applicant, and is used with an application part that is requesting process in the prior art. [0038] Task number being a way in which the prior art identifies the application. [0032] Computer system 700 containing application data can include a personal computer, corresponding to a client computer device.); providing, by the device and for the application, access to the set of data when (i) a signature of the signed token has been validated, and (ii) the declared use of the data matches an authorized use of the set of data. ([0028] Fig. 5, block 516, data privacy/consent manager (DPCM) opens purpose with public key to obtain original purpose. [0029] DPCM sends access decision 522 to data access manager (DAM) 506 based on comparison. If the allowed and original purposes match, access decision indicates to application part 104A to allow access to requested data.); preventing the application from accessing the set of data when (i) either signature of the twice-signed data usage token has not been validated or (ii) the declared use of the set of data fails to match the authorized use of the set of data or (iii) either signature has expired ([0029] Fig. 5, If a purpose and request purpose 106A do not match up, access decision 522 may refuse to allow access to requested data for application part 104A.). Farkash discloses a signature of the single signed usage token. Farkash does not disclose, but Arngren teaches the limitation of ‘both signatures of the twice-signed data usage token’ ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash and Arngren before them, to include Arngren’s ‘signatures of the twice-signed data usage token’ aspect of the data usage token in Farkash’s ‘providing, by the device and for the application, access to the set of data when (i) a signature of the signed token has been validated, and (ii) the declared use of the data matches an authorized use of the set of data’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the datain the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Farkash in view of Arngren teaches the previous conditions of ‘(i) both signatures of the twice-signed data usage token have been validated, and (ii) the declared use of the data matches an authorized use of the data’. Farkash in view of Arngren do not expressly teach, but Wentz also teaches the additional limitation of ‘(iii) neither signature has expired’ for the data usage token in claim 5 ([0071] Token can be time limited, and re-authenticated before expiration, corresponding to a requirement that a signature has not expired by the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Wentz before them, to include Wentz’s “(iii) neither signature has expired” in Farkash’s 'providing, by the device and for the application, access to the set of data when (i) a signature of the signed token has been validated, and (ii) the declared use of the data matches an authorized use of the set of data'. One would have been motivated to make such a combination to improve security by having the use of the time data that has the token expiring after some time, so that the reauthentication to the service is necessary if the user has not taken action after the elapsed time, and so that “a temporal attribute 132 such as a time limit may be based on the confidence level of cryptographic evaluator 104... Confidence level, as an indication of trustworthiness and/or robustness to compromise by malicious actors of cryptographic evaluator 104, may impact a temporal attribute 132 of the authorization token 1247, such that the level of trust in a token of an application or a cryptographic evaluator determining how long the token is good for, as taught by Wentz [0076]. Regarding claim 8, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash in view of Arngren do not expressly teach, but Wentz teaches the limitation of ‘wherein the signed token comprises one or more of a link to a privacy policy for a publisher of the application, an identifier of the publisher, a public key of the publisher, or time data that represents when the twice-signed data usage token expires’ ([0071] Token can be time limited, and re-authenticated before expiration, corresponding to a requirement that a signature has not expired by the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Wentz before them, to include Wentz’s ‘the method of claim 1, wherein the signed token comprises one or more of a link to a privacy policy for a publisher of the application, an identifier of the publisher, a public key of the publisher, or time data that represents when the twice-signed data usage token expires’ in Farkash’s 'a computer-implemented method comprising: receiving, by a device and for an application, a request for access to data collected by the device’. One would have been motivated to make such a combination to improve security by having the use of the time data that has the token expiring after some time, so that the re-authentication to the service is necessary if the user has not taken action after the elapsed time, and so that “a temporal attribute 132 such as a time limit may be based on the confidence level of cryptographic evaluator 104... Confidence level, as an indication of trustworthiness and/or robustness to compromise by malicious actors of cryptographic evaluator 104, may impact a temporal attribute 132 of the authorization token 124”, such that the level of trust in a token of an application or a cryptographic evaluator determining how long the token is good for, as taught by Wentz [0076]. Farkash discloses a signature of the signed token. Farkash does not expressly teach, but Arngren teaches the limitation of the “twice-signed usage data token’ ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed data access token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash and Arngren before them, to include Arngren’s ‘twice-signed data usage token’ aspect of the data usage token in Farkash’s 'the method of claim 1, wherein the signed token comprises one or more of a link to a privacy policy for a publisher of the application, an identifier of the publisher, a public key of the publisher, or time data that represents when the twice-signed data usage token expires’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Regarding claim 9, Farkash in view of Arngren in further view of Wentz teaches the elements of claims 1 and 8 above. Farkash in view of Arngren do not expressly teach, but Wentz teaches the limitation of ‘wherein the time data comprises (a) a signature date that indicates when the publisher signed the signed token after which the signed token will expire upon an end of a predetermined period of time or (b) an expiration date that indicates when the signed token expires’ ([0071] Counter value corresponds to a temporal attribute 132 in Fig. 1 of Wentz. [0086] The temporal attribute 132 in an authorization token 124 corresponding to the predetermined period of time or the expiration date of the claim.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Wentz before them, to include Wentz’s “wherein the time data comprises (a) a signature date that indicates when the publisher signed the twice-signed data usage token after which the signed token will expire upon an end of a predetermined period of time or (b) an expiration date that indicates when the twice-signed data usage token expires’ in Farkash’s 'a computer-implemented method comprising: receiving, by a device and for an application, a request for access to data collected by the device'. One would have been motivated to make such a combination to improve security by “attested time is the property that a device incorporating a local reference clock may hash data, e.g. sensor data, along with the local timestamp of the device”, as taught by Wentz [0088]. Farkash and Wentz discloses a signature of the single signed usage token. Farkash and Wentz does not expressly teach, but Arngren teaches the limitation of ‘twice-signed usage data token’ in claim 9 ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Wentz, and Arngren before them, to include Arngren’s “twice-signed data usage token’ aspect of the data usage token in Farkash’s and Wentz’s 'the method of claim 8, wherein the time data comprises (a) a signature date that indicates when the publisher signed the signed token after which the signed token will expire upon an end of a predetermined period of time or (b) an expiration date that indicates when the signed token expires. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Regarding claim 11, Farkash in view of Arngren teach the elements of claim 1 above. Farkash in view of Arngren do not expressly teach, but Wentz teaches the limitation of ‘wherein a first signature for the system that receives data generated by the application verifies the contents of a first part of the signed token and a second signature for the data-access authorization system verifies the contents of an entirety of the signed token’ ([0085] Second proof corresponds to second signature for data access, and allow for access to information in a cryptographic evaluator 104, which corresponds to a data access authorization system of the applicant. [0092] First digitally signed assertation corresponds to first signature of the applicant, and the signed assertation has is verified for the information in a secure proof. Cryptographic evaluator is configured to generate a first digitally signed assertion as a function, and is for a system receiving data of an application, corresponding to the Applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Wentz before them, to include Wentz’s ‘wherein a first signature for the system that receives data generated by the application verifies the contents of a data usage token and a second signature for the data-access authorization system verifies the contents of an entirety of the signed token’ in Farkash’s 'a computer-implemented method comprising: receiving, by a device and for an application, a request for access to data collected by the device'. One would have been motivated to make such a combination to increase security such that the first signature or the first digitally signed assertion is used to verify the actions that are contained within to then move on to the second assertion, and that “where first secure proof includes a zero-knowledge proof, first digitally signed assertion 200 may include verification data useable to verify zero-knowledge proof”, as taught by Wentz [0092]. Farkash and Wentz discloses a signature of the single signed usage token. Farkash and Wentz does not expressly teach, but Arngren teaches the limitation of ‘twice-signed usage data token’ in claim 11 ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Wentz, and Arngren before them, to include Arngren’s ‘twice-signed data usage token’ aspect of the data usage token in Farkash’s and Wentz’s ‘the method of claim 1 wherein a first signature for the system that receives data generated by the application verifies the contents of a first part of the signed token and a second signature for the data-access authorization system verifies the contents of an entirety of the signed token’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Regarding claim 12, Farkash in view of Arngren in further view of Wentz teaches the elements of claims 1 and 11 above. Farkash discloses the method of claim 11, wherein it contains verification of the identifier of the application and the declared use of the set of data by the application ([0038] Task number being a way in which the prior art identifies the application. [0007] Hash of a program information for each application part corresponds to identifier. [0023] Hashes for each application part 104A-C are generated, and AC (application certifier) determines access by confirming token/certificate with signatures.). Farkash discloses verification of the identifier for the application. Farkash in view of Arngren does not expressly teach, but Wentz also teaches the ‘first signature for the system that has data for the application’ aspect of the method claim ([0092] First digitally signed assertation corresponds to first signature of the applicant, and the signed assertation has is verified for the information in a secure proof.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Wentz before them, to include Wentz’s “first signature for the system that has data for the application” in Farkash’s 'wherein it contains verification of the identifier of the application and the declared use of the set of data by the application'. One would have been motivated to make such a combination to increase security by having the first signature for the system that has data for the application verify the identifier and further the signing and/or verification process, and so that the “first dataset may include any data suitable for inclusion in a digitally signed assertion 200”, including the data from the application that would be crucial for verification, as taught by Wentz [0085]. Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren as applied to claim 1-3, 6, 10 and 30-31 above, and further in view of Todd (US 9460136 A1). Regarding claim 7, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash in view of Arngren does not appear to teach ‘wherein: the declared use of the set of data by the application is from a predetermined set of declared data uses; and one or more requested data types are from a predetermined set of data types’. However, Todd teaches the elements of ‘wherein: the declared use of the set of data by the application is from a predetermined set of declared data uses; and one or more requested data types are from a predetermined set of data types’ ([Col. 4, lines 39-46] Different kinds of data operations in a host corresponds to the predetermined set of declared data uses, the one or more data requests corresponds to the one or more requested data types and the read or write operation corresponds to the declared use of the data by the application.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Todd before them, to include Todd's ‘the method of claim 1, wherein: the declared use of the set of data by the application is from a predetermined set of declared data uses; and one or more requested data types are from a predetermined set of data types’ in Farkash’s 'a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device’. One would have been motivated to make such a combination to improve efficiency by having fewer actions that can be more easily processed and to “the CAS software layer of the data storage system may use information contained in metadata and/or object content in order to make a determination as to whether to accept/reject a write operation to write the object content”, as taught by Todd [Col. 8, lines 41-45]. Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren as applied to claims 1-3, 6, 10 and 30-31 above, and further in view of Doddavula (US 20200106610 A1), Todd, and Chandoor (US 20170201520 A1). Regarding claim 13, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash in view of Arngren do not appear to teach the limitation of ‘receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access a second set of data collected by the client computing device’; However, Doddavula teaches the limitation of ‘receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access a second set of data collected by the client computing device’ ([0051] Second request is received by the device via a different application, but still requests a second set of data. [0081] Fig. 4D, first application is authorized to access user data from a second application, and user data corresponds to the second data of the applicant, and the second application being authorized to access user data corresponds to the second request of the applicant. [0047] Client devices can communicate via application to dedicated authentication servers.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren and Doddavula before them, to include Doddavula’s ‘the method of claim 1 comprising: receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access a second set of data collected by the client computing device’ in Farkash’s 'a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device’. One would have been motivated to make such a combination to enhance security by ensuring that the “the check of whether first application is authorized to access to the intended data of a user may also be performed by the second application at the time of validation of the authorization token received from the first application” so that the second application also has to be authorized to access the data in the same vein as the first application, as taught by Doddavula [0058]. Doddavula also teaches ‘controlling, by the client computing device, the second application's access to the second set of data using the data access settings’ ([0046] User controls second application’s access to second data, corresponding to a device controlling a second application’s access to second data with settings of the applicant. [0047] Client devices can communicate via application to dedicated authentication servers.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren and Doddavula before them, to include Doddavula’s method of ‘controlling, by the device, the second application's access to the second set of data using the data access settings’ in Farkash’s 'a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device’. One would have been motivated to make such a combination to enhance security such that only the required data for the process or application is needed to execute or access the data for further processing, and “the client associated with the first application, through the authorization sever, may determine whether the first application is authorized to have access to intended data of a user from the second application... [and/or] the check of whether first application is authorized to access to the intended data of a user may also be performed by the second application”, as taught by Doddavula [0058]. Farkash in view of Arngren in further view of Doddavula does not expressly teach, but Todd teaches the method of ‘determining, by the client computing device, that the client computing device includes data access settings for the application’ ([Col. 9, lines 14-17] Fig. 4, step 106, settings for an application’s data access privileges are stored in a storage system, and step 108 corresponds to determining that a device has data access settings stored for an application. [Col. 1, lines 20-24] Client systems have client software for user to interface with server software, in which the client system corresponds to the client computing device.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Doddavula, and Todd before them, to include Todd's ‘the method of determining, by the client computing device, that the client computing device includes data access settings for the application’ in Doddavula’s “the method of claim 1 comprising: receiving, by the client computing device and from an application that is a different application from the application, a second request that the second application access to second set of data collected by the client computing device” and Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to increase efficiency by having the “specified by a user as a customization (e.g., as an input provided with the provisioning request) or using best practice application-specific defaults as described above in connection with other settings”, as taught by Todd [Col. 8, line 67-Col. 9, line 3]. Farkash in view of Arngren, Doddavula, and Todd do not expressly teach, but Doddavula teaches the ‘second application’ aspect of the claim in relation to data settings for accessing data ([0051] Second request is received by the device via a different application and its data, but still requests a second data corresponding to the second application aspect of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Doddavula, and Todd before them, to include Doddavula’s ‘second application’ in Todd's ‘the method of determining, by the client computing device, that the client computing device includes data access settings for the application’ and Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to increase security by ensuring that the “user authorization permissions created by the user may be one or more rules which allows one or more applications to access user data... the second application is authorized to access the user data”, as an instance of obtaining data goes, as taught by Doddavula [0081]. Todd teaches that ‘in response to determining that the client computing device includes data access settings for the application’ ([Col. 9, lines 15-21] Fig. 4, customized settings that may be specified for an application to provision data storage corresponds to the data access settings for an application of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Doddavula, and Todd, before them, to include Todd's ‘in response to determining that the client computing device includes data access settings for the application’ in Doddavula’s ‘the method of claim 1 comprising: receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access to second data collected by the device’ and Farkash’s ‘a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device'. One would have been motivated to make such a combination to improve efficiency by having the user be able to change the settings “in relation to configuring and/or provisioning storage and provide different levels of automation and varying levels of exposure to details, options and the like associated with performing a requested application specific operation such as configuring and/or provisioning storage for the application”, such that data access can be altered based on user needs, as taught by Todd [Col 7, lines 60-66]. Farkash, Argren, Doddavula, and Todd do not expressly teach, but Chandoor teaches the ‘determining, by the client computing device, to skip analysis of any data usage token for the second application’ aspects of the method claim ([0081] Bypassing of the authentication step corresponds to the skipping of the analysis of the token, and the provisioning for the access data in the storage is related to the provisioning for data storage as stated in Todd [Col. 9, lines 15-21]. [0082] User of a communication device interacts with first application, shown in step S402, communication device corresponds to client computing device.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Doddavula, Todd, and Chandoor before them, to include Chandoor’s “determining, by the client computing device, to skip analysis of any data usage token for the second application’ in Todd's “determining that the client computing device includes data access settings for the application’, Doddavula’s “the method of claim 1 comprising: receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access to second data collected by the device’, and Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to improve efficiency by having access settings to provision access data such that the “user can avoid entering information required for access data provisioning in each individual application residing on the mobile device. As such, an addition step up process to authenticate the user can be avoided and thereby reducing friction in the user experience”, as taught by Chandoor [0019]. Farkash, Doddavula, and Todd discloses the method of including ‘data access settings for an application’. Farkash, Doddavula, and Todd do not expressly teach, but Arngren teaches the limitation of ‘twice-signed data usage token for the application’ in claim 13 ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Doddavula, Todd, Chandoor, and Arngren before them, to include Arngren’s ‘twice-signed data usage token’ aspect of the data usage token in Todd’s “determining that the client computing device includes data access settings for the application”. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures’ to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren as applied to claims 1-3, 6, 10 and 30-31 above, and further in view of Doddavula. Regarding claim 14, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash discloses the limitation of ‘determining, by the client computing device, that the client computing device does not have a signed token for the second application’ ([0007] Sending a request for data from an application part and signed purpose information, and a response is received. [0019] Where the revocation of the certificate will correspond to the application not having a token, as without a signed purpose, an application part cannot request or access information. [0032] Computer system 700 containing application data can include a personal computer, corresponding to a client computer device.); ‘in response to determining that the client computing device does not have a twice-signed data usage token for the second application, determining, by the client computing device, default data access settings for the second application’ ([0031] Fig. 6, embodiment 600 checks capability for an application for purposes of data collection, and can use pre-configured user preferences correspond to the default data access settings.). Farkash and Doddavula do not expressly teach, but Arngren teaches the limitation of ‘twice-signed usage data token’ in claim 14 ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Doddavula, and Arngren before them, to include Arngren’s ‘twice-signed data usage token’ aspect of the data usage token in Farkash’s and Doddavula’s 'determining, by the client computing device, that the client computing device does not have a signed token for the second application’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Farkash in view of Arngren do not appear to teach ‘receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access a second set of data collected by the client computing device’. However, Doddavula teaches the limitation of ‘receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access a second set of data collected by the client computing device’ ([0081] Fig. 4D, first application is authorized to access user data from a second application, and user data corresponds to the second data of the applicant, and the second application being authorized to access user data corresponds to the second request of the applicant. [0047] Client devices can communicate via application to dedicated authentication servers.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Doddavula before them, to include Doddavula’s ‘the method of claim 1 comprising: receiving, by the client computing device and from a second application that is a different application from the application, a second request that the second application access a second set of data collected by the client computing device’ in Farkash’s 'a computer-implemented method comprising: receiving, by a device and for an application, a request for access to data collected by the device’. One would have been motivated to make such a combination to enhance security by ensuring that the “the check of whether first application is authorized to access to the intended data of a user may also be performed by the second application at the time of validation of the authorization token received from the first application” so that the second application also has to be authorized to access the data in the same vein as the first application, as taught by Doddavula [0058]. Doddavula also teaches ‘controlling, by the client computing device, the second application's access to the second set of data using the default data access settings’ ([0046] User controls second application’s access to second data, corresponding to a device controlling a second application’s access to second data with settings of the applicant.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Doddavula before them, to include Doddavula’s ‘controlling, by the client computing device, the second application's access to the second set of data using the default data access settings’ in Farkash’s 'a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device’. One would have been motivated to make such a combination to enhance security such that only the required data for the process or application is needed to execute and/or access the data for further processing, and such that the “method and/system of the present disclosure enables selective disclosure of information across applications by restricting access to unnecessary data... [and it] also enables building applications that provide ownership of data to the end user thereby empowering them to control how their personal data is used”, as taught by Doddavula [0106]. Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren and Doddavula as applied to claim 14 above, and further in view of Moore (US 20140101722 A1). Regarding claim 15, Farkash in view of Arngren in further view of Doddavula teaches the elements of claim 1 above. Farkash discloses the elements of ‘receiving, by the client computing device and from a second application that is a different application from the application, a first request (a) requesting access to a set of data collected by the device (b) that identifies a first token with a first declared use’ ([0005] Purpose for application needs to be verified for an application that can serve multiple purposes and determine the correct purpose for each data access, and verification depends on what data the application requests access to and what the data will be used for, and each application part has a different purpose. [0027] Fig. 5, runtime process 500 corresponds to receiving a request for access to data for an application, and subsequentially, a device in which the application is installed on.) Farkash in view of Arngren discloses data collected by the device and a first token with first declared use. Farkash in view of Arngren does not appear to teach, but Doddavula teaches the ‘application’, ‘a first request (a) for access to second set of data’, “the second application that is different from the application’, and ‘second set of data by the second application’ ([0081] Fig. 4D, first application is authorized to access user data from a second application, and user data corresponds to the second data of the applicant, and the second application being authorized to access user data corresponds to the second request of the applicant, and first request for access to second set of data is performed by a first application in Doddavula.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Doddavula before them, to include Doddavula’s ‘the method of claim 1 comprising: receiving, by the client computing device and from a second application that is a different application from the application, a second request requesting access to a second set of data collected by the client computing device’, ‘the second application’, and ‘second set of data by the second application’ in Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to enhance security by ensuring that the “the check of whether first application is authorized to access to the intended data of a user may also be performed by the second application at the time of validation of the authorization token received from the first application” so that the second application also has to be authorized to access the data in the same vein as the first application, as taught by Doddavula [0058]. Farkash in view of Doddavula discloses identifying a second data usage token for the second application with a second declared use of the second data by the second application. Farkash in view of Doddavula does not expressly teach, but Arngren teaches the limitation of “twice-signed usage data token’ in claim 15 ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Wentz, and Arngren before them, to include Amgren’s ‘twice-signed data usage token’ aspect of the data usage token in Farkash’s and Doddavula’s 'the method of claim 1 comprising: receiving, by the client computing device and from a second application that is a different application from the application, a first request (a) requesting access to a second set of data collected by the device (b) that identifies a first token first declared use'. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Arngren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Farkash discloses the method of ‘determining, by the client computing device, an authorized use of the second set of data; determining, by the client computing device, that the first declared use of the second set of data by the second application fails to match the authorized use of the second set of data; in response to determining that the first declared use of the second set of data by the second application fails to match the authorized use of the second set of data, preventing the second application from accessing the second set of data’ ([0029] Fig. 5, If a purpose and request purpose 106A do not match up, access decision 522 may refuse to allow access to requested data for application part 104A.); Farkash discloses ‘determining, by the client computing device, that the second declared use of the second data by the second application matches the authorized use of the second set of data; in response to determining that the second declared use of the second set of data by the second application matches the authorized use of the second set of data, enabling, by the device and for the second application, access to the second set of data’ ([0029] If allowed purpose and requested original purpose 106A match, access decision 522 indicates that requesting application part 104A is allowed access to requested data. [0032] Computer system 700 containing application data can include a personal computer, corresponding to a client computer device.). Doddavula also teaches receiving, by the client computing device and from the second application, a second request (a) requesting access to the second set of data collected by the device (b) that identifies a twice-signed data usage token for the second application with a second declared use of the second set of data by the second application ([0058] Token gets identified and the second application can be authorized to access the second data. [0081] Fig. 4D, first application is authorized to access user data from a second application, and user data corresponds to the second data of the applicant, and the second application being authorized to access user data corresponds to the second request of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Doddavula before them, to include Doddavula’s ‘receiving, by the client computing device and from the second application, a second request (a) requesting access to the second set of data collected by the device (b) that identifies a twice-signed data usage token for the second application with a second declared use of the second set of data by the second application’ in Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to enhance security to allow for “the check of whether first application is authorized to access to the intended data of a user may also be performed by the second application at the time of validation of the authorization token received from the first application” so that the second application also has to be authorized to access the second data, in this case the user data, in the same vein as the first application, as taught by Doddavula [0058]. Farkash in view of Arngren, and Doddavula discloses identifying a twice-signed data usage token for the second application with a second declared use. Farkash in view of Arngren, and Doddavula do not appear to teach, but Moore teaches the ‘second token’ limitation of the claim ([0003] Second token substitutes the authorization token as stated in Doddavula.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Doddavula, and Moore before them, to include Doddavula’s ‘second token’ in Doddavula’s ‘receiving, by the client computing device and from the second application, a second request (a) requesting access to the second set of data collected by the device (b) that identifies a twice-signed data usage token for the second application with a second declared use of the second set of data by the second application’, and Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to enhance security so that “with the two tokens, separate entities may be used for delivering and authorizing requests for content”, preferably for two different applications that request access to different sets of data, as taught by Moore [0003]. Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren as applied to claims 1-3, 6, 10 and 30-31 above, and further in view of Sahraei (US 20190052621 A1). Regarding claim 17, Farkash in view of Arngren teaches the elements of claim 1 above. Farkash discloses the limitation of ‘creating an entry in an access database that identifies the application and the set of data collected by the client computing device that was accessed by the application’ ([0019] Correct purpose is chosen based on a function, module, or URL, and allows the application part to access data, and in [0024], a hash of an application part allowed access and a certified purpose are stored on a device, which can correspond to an access database of the applicant. [0027] A query 504 receives a signed purpose 220A in Fig. 5, and a signed purpose is related to an application part that is requesting data. [0032] Computer system 700 containing application data can include a personal computer, corresponding to a client computer device.); Farkash in view of Arngren in further view of Doddavula does not appear to teach, but Sahraei teaches the limitation of ‘receiving, by the client computing device, user input requesting presentation of a user interface that identifies the set of data collected by the device that was accessed by the application’ ([0053] Fig. 3, media output component 315 is capable of displaying information to a user, with input to show data collected by a device by output component 315. [0055] A client application allows user to interact with a server application from a server system.); and ‘providing, by the client computing device and using the access database, instructions to cause presentation of the user interface that identifies the set of data collected by the device that was accessed by the application’ ([0055] Fig. 3, memory 310 has instructions for output component 315 to display to user 301 of the user interface the identifies the data via an input 320. [0056] Fig. 4 has server system 401 and includes database server 216 in Fig. 2, and SC computing device 250, which is a part of the system as in Fig. 3.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Sahraei before them, to include Sahraei‘s ‘receiving, by the client computing device, user input requesting presentation of a user interface that identifies the set of data collected by the device that was accessed by the application’ and ‘providing, by the client computing device and using the access database, instructions to cause presentation of the user interface that identifies the set of data collected by the device that was accessed by the application’ in Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to increase efficiency by having “a user interface [that] may include, among other possibilities, a web browser and client application. Web browsers enable users, such as user 301, to display and interact with media and other information typically embedded on a web page or a website from server system 2127 to have a graphical interface to show how the data is being collected, as taught by Sahraei [0055]. Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren as applied to claims 1-3, 6, 10 and 30-31 above, and further in view of Sahraei and Todd. Regarding claim 18, Farkash in view of Arngren in further view of Sahraei teaches the elements of claims 1 and 17 above. Farkash in view of Arngren in further view of Sahraei does not teach the elements of the method of claim 17, comprising: receiving, by the client computing device and while the user interface is presented, second user inputing that indicates a request for custom data access settings for the application. However, Todd teaches the elements of the method of claim 17, comprising: receiving, by the client computing device and while the user interface is presented, second user input requesting custom data access settings for the application ([Col. 4, lines 57-58] Fig. 1, hosts 14a-14n of Todd are able to provide data and further information to a data storage system 12, and looking at Fig. 4, additional user inputs can be taken in. [Col. 9, lines 4-21] Fig. 4, step 102 has a request that is received by data storage system, and additional user inputs in step 104 can be taken in. At steps 106 and 108, settings are changed and stored, and where the one or more other inputs from a user to change the settings for an application. [Col. 1, lines 20-24] Client systems have client software for user to interface with server software, in which the client system corresponds to the client computing device.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Todd before them, to include Todd's “the method of claim 17, comprising: receiving, by the device and while the user interface is presented, second user input that indicates a request for custom data access settings for the application” in Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to increase efficiency by “A graphical user interface 61 (hereinafter “GUI”") may provide functionality so that a user may interact with the data storage system at any one of a plurality of levels when performing data storage management operations... provide the user with different levels of automation and varying levels of exposure to details in connection with performing an operation such as for a storage provisioning request”, as taught by Todd [Col. 6, line 31-41]. Todd does not appear to teach updating, by the client computing device, data access settings for the application using the request of the custom data access settings for the application. However, Sahraei teaches updating, by the device, data access settings for the application using the request for custom data access settings for the application ([0057] Fig. 4, settings can be updated for the application, which is data stored in storage, by a processor 405 of a server system 401, for accessing data from an application. [0055] A client application allows user to interact with a server application from a server system.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Todd, and Sahraei before them, to include Sahraei’s “updating, by the client computing device, data access settings for the application using the request of the custom data access settings for the application” in Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to increase efficiency by having “a user interface [that] may include, among other possibilities, a web browser and client application. Web browsers enable users, such as user 301, to display and interact with media and other information typically embedded on a web page or a website from server system 212” to change settings that are associated with the applications and/or how data is collected, as taught by Sahraei [0055]. Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Farkash in view of Arngren as applied to claims 1-3, 6, 10 and 30-31 above, and further in view of Sahraei, Todd, Chandoor and Doddavula. Regarding claim 19, Farkash in view of Arngren in further view of Sahraei and Todd teaches the elements of claims 1, 17, and 18 above. Farkash in view of Arngren in further view of Sahraei and Todd does not appear to teach the elements of the method of claim 18, comprising: receiving, by the client computing device and the application, a second request for access to the set of data collected by the client computing device. However, Doddavula teaches the method of claim 18, comprising: receiving, by the client computing device and the application, a second request for access to the set of data collected by the client computing device ([0081] Fig. 4D, first application is authorized to access user data from a second application, and user data corresponds to the second data of the applicant, and the second application being authorized to access user data corresponds to the second request of the applicant. [0047] Client devices can communicate via application to dedicated authentication servers.); Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Doddavula, and Todd before them, to include Todd's ‘determining, by the device, that the device includes data access settings for the application; in response to determining that the device includes data access settings for the application’ in Doddavula’s method of claim 18, comprising: 'receiving, by the a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device device and for the application, a second request for access to data collected by the device’, and Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to improve efficiency by having the user be able to change the settings “in relation to configuring and/or provisioning storage and provide different levels of automation and varying levels of exposure to details, options and the like associated with performing a requested application specific operation such as configuring and/or provisioning storage for the application” such that data access can be altered based on user needs, as taught by Todd [Col 7, lines 60-66]. Doddavula also teaches ‘controlling, by the client computing device, the application's access to the set of data using the data access settings’ ([0046] User controls second application’s access to second data, corresponding to a device controlling an application’s access to data with access settings of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, and Doddavula before them, to include Doddavula’s “receiving, by the client computing device and from the application, a second request for access to the set of data collected by the client computing device” and ‘controlling, by the client computing device, the application's access to the set of data using the data access settings’ in Farkash’s 'a computer-implemented method comprising: receiving, by a client computing device and from an application, a request for access to the set of data collected by the client computing device'. One would have been motivated to make such a combination to enhance security by ensuring that the “the check of whether first application is authorized to access to the intended data of a user may also be performed by the second application at the time of validation of the authorization token received from the first application” so that a second request for another application also has to be authorized to access the data in the same vein as the first application from a previous request, as taught by Doddavula [0058]. Farkash in view of Arngren in further view of Sahraei and Doddavula does not expressly teach, but Todd teaches the method of ‘in response to determining that the client computing device includes data access settings for the application’ ([Col. 9, lines 15-21] Fig. 4, customized settings that may be specified for an application to provision data storage corresponds to the data access settings for an application of the applicant. [Col. 1, lines 20-24] Client systems have client software for user to interface with server software, in which the client system corresponds to the client computing device.). And ‘determining, by the client computing device, that the device includes data access settings for the application’ ([Col. 9, lines 14-17] Fig. 4, step 106, settings for an application’s data access privileges are stored in a storage system, and step 108 corresponds to determining that a device has data access settings stored for an application.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Sahraei, and Todd before them, to include Todd's ‘in response to determining that the device includes data access settings for the application’ and ‘the method of determining, by the device, that the device includes data access settings for the application’ in Doddavula’s “the method of claim 1 comprising: receiving, by the client computing device and from an application that is a different application from the application, a second request for access to second set of data collected by the client computing device” and Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to increase efficiency by having the “specified by a user as a customization (e.g., as an input provided with the provisioning request) or using best practice application-specific defaults as described above in connection with other settings”, as taught by Todd [Col. 8, line 67-Col. 9, line 3]. Farkash in view of Arngren in further view of Doddavula, Sahraei and Todd, does not expressly teach, but Chandoor teaches the limitations of “skip analysis of the data usage token’ of claim 19 ([0081] Bypassing of the authentication step corresponds to the skipping of the analysis of the token, and the provisioning for the access data in the storage is related to the provisioning for data storage as stated in Todd [Col. 9, lines 15-21].). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Arngren, Doddavula, Todd and Chandoor before them, to include Amgren’s “twice-signed data usage token’, Chandoor’s “skip analysis of the data usage token’ , and Todd's “determining, by the client computing device, that the client computing device includes data access settings for the application; in response to determining that the client computing device includes data access settings for the application, determining, by the device, to skip analysis of the twice-signed data usage token for the application’ in Doddavula’s ‘the method of claim 18, comprising: receiving, by the client computing device and from the application, a second request for access to the set of data collected by the client computing device’, and Farkash’s “a computer-implemented method comprising: receiving, by an operating system of a client computing device and from an application, a request for access to the set of data collected by the client computing device”. One would have been motivated to make such a combination to improve efficiency by having access settings to provision access data such that the “user can avoid entering information required for access data provisioning in each individual application residing on the mobile device. As such, an addition step up process to authenticate the user can be avoided and thereby reducing friction in the user experience”, as taught by Chandoor [0019]. Farkash, Sahraei, Todd, Chandoor and Doddavula do not expressly teach, but Arngren teaches the limitation of ‘twice-signed usage data token’ in claim 19 ([0104] Token originates from HNO 20, and also signs the token, and then sends to a user equipment (UE) 10 and requests the UE to sign the token as well, which constitutes a double-signed token, and in conjunction with the prior art of Farkash to allow data to be accessed, constitutes with the double-signed data access token of the applicant.). Accordingly, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, having the teachings of Farkash, Wentz, and Arngren before them, to include Amgren’s ‘twice-signed data usage token’ aspect of the data usage token in Farkash’s, Doddavula’s, Todds, and Chandoor’s 'determining, by the client computing device, that the client computing device includes data access settings for the application; in response to determining that the client computing device includes data access settings for the application, determining, by the client computing device, to skip analysis of the signed token for the application’. One would have been motivated to make such a substitution of the certificate from Farkash with the digitally signed assertions from Amgren to increase security by making sure that “the double-signed token may have cryptographic signatures generated by the private key associated with the home network and the private key associated with the user equipment, and the double-signed token may thus be validated by verifying the cryptographic signatures” to ensure that the data in the signatures match with each other to obtain access to data, as taught by Arngren [0128]. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to TOMMY MARTINEZ whose telephone number is (703)756-5651. The examiner can normally be reached Monday thru Friday ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached at (571) 272-7624 on Monday thru Friday, 7AM-7PM ET. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /T.M./ Examiner, Art Unit 2496 /SHAHRIAR ZARRINEH/ Primary Examiner, Art Unit 2496