Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsOracle International Corporation › 17957146
Last updated: May 29, 2026
Application No. 17/957,146

SINGLE LOGOUT

Final Rejection §103
Filed
Sep 30, 2022
Priority
Sep 30, 2021 — provisional 63/250,713
Examiner
COLIN, CARL G
Art Unit
2493
Tech Center
2400 — Computer Networks
Assignee
Oracle International Corporation
OA Round
4 (Final)
48%
Grant Probability
Moderate
5-6
OA Rounds
8m
Est. Remaining
99%
With Interview

Interview Optional

+54.1% interview lift. Interview already conducted in this application's prosecution history. This examiner has a 48% grant rate with +54.1% interview lift. Since an interview has already been tried, recommend written response with narrowed claims based on precedent claim evolution patterns.
Based on 136 resolved cases, 2023–2026

Examiner Intelligence

COLIN, CARL G View full profile →
Grants 48% of resolved cases
48%
Career Allowance Rate
65 granted / 136 resolved
-10.2% vs TC avg
Strong +54% interview lift
Without
With
+54.1%
Interview Lift
resolved cases with interview
Typical timeline
4y 4m
Avg Prosecution
2 currently pending
Career history
143
Total Applications
across all art units

Statute-Specific Performance

§101
1.7%
-38.3% vs TC avg
§103
87.2%
+47.2% vs TC avg
§102
6.2%
-33.8% vs TC avg
§112
1.7%
-38.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 136 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 2. The response filed on 7/3/2025 was received and considered. Claims 1-5, 8-11, and 13-20 are pending for examination. Continued Examination Under 37 CFR 1.114 3. A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 7/3/2025 has been entered. Information Disclosure Statement 4. The information disclosure statements (IDS) submitted on June 13, 2025 is in compliance with the provisions of 37 CFR 1.97 and have been considered by the examiner. Response to Arguments 5. Applicant’s arguments in the amendment filed on 7/3/2025 with respect to the 112(b) rejection have been fully considered and are persuasive based on the amendments. The rejection has been withdrawn. 6. Applicant’s arguments in the amendment filed 7/3/2025 with respect to the 103 rejection has have been fully considered and are persuasive in view of the amendments. A new ground of rejection is presented below. Claim Rejections - 35 USC § 103 7. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 8. Claims 1-5, 9-11, 13 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Foreign Patent Application CN-108737331-A to Zhu in view of US Patent Publication US 2015/0188906 A1 to Minov et al hereafter Minov. Regarding claim 1, Zhu teaches a method comprising: Utilizing a trust mechanism to log the user out of a second one of the two systems wherein utilizing the trust mechanism to log the user out of the second one of the two systems comprises (See page 3, paragraph 5 disclosing a cross-domain application between the two systems to log the user out of the second system). wherein utilizing the trust mechanisms to log the user out of the second one of the two systems comprises sending a JSON web token (JWT) from a user browser to the second one of the two systems… and sending the JWT to the first system as confirmation of completion of the logout from the second one of the two systems. (See page 9, paragraphs 2-3 disclosing an exit login request from the user browser to third party system B and an exit request submitted to third party system A. See also paragraphs 4-5 disclosing a JSON web token to be used for cross domain. The system also uses authentication with HTTPS suggesting that the JSON can be signed for added security). Zhu does not explicitly disclose receiving a logout request from a user at a first one of two systems; logging the user out of the first one of the two systems; sending a JSON web token (JWT) signed by a private key of the first one of the two systems from a user browser to the second one of the two systems wherein the JWT comprises a post logout redirect URL redirecting the user browser to logout of the second one of the two systems, wherein the redirecting comprises, sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser. However, Minov in an analogous art discloses receiving a logout request from a user at a first one of two systems; logging the user out of the first one of the two systems (see para 42); sending a JSON web token (JWT) signed by a private key of the first one of the two systems from a user browser to the second one of the two systems wherein the JWT comprises a post logout redirect URL (see paragraphs 41-42 Minov does not disclose a JSON which is disclosed by Zhu but discloses a signed token; the login module adding signed request parameters to the logout request which may be digitally signed with the IDP private keys (para 20), the MDS redirects the browser to the IDP). MInov further discloses redirecting the user browser to logout of the second one of the two systems, wherein the redirecting comprises, sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser (see paragraphs 43-44 disclosing the browser sends the logout request to the IDP the IDP encodes the assertion parameter, cookie name and returns the information to the browser). Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Zhu to redirect the browser to log out of the second one of the two systems wherein the redirecting comprises sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser. One of ordinary skill in the art would have been motivated to do so because it allows verification of multiple domains as taught by Minov (see paragraph 44) Regarding claim 2, the references as combined above disclose the method of claim 1. Zhu further discloses: wherein the trust mechanism comprises at least one token (see page 9, paragraph 2). Regarding claim 3, the references as combined above disclose the method of claim 1. Minov further discloses wherein the logout request directs the logging out of the user from the first one of the two systems ( See Minov para 42). Regarding claim 4, the references as combined above disclose the method of claim 3. Minov further discloses wherein logging the user out of the first one of the two systems comprises expiring a session of the user on the first system. (See paragraph 62, session of the one or more domains are invalidated). Claim 4 is rejected on the same rationale as claim 1 above. Regarding claim 5, the references as combined above disclose the method of claim 4 as outlined above. Minov further discloses Wherein utilizing the trust mechanisms to log the user out of the second one of the two systems comprises redirecting the user to the second one of the two systems. (See paragraphs 43-44 disclosing the browser sends the logout request to the IDP the IDP encodes the assertion parameter, cookie name and returns the information to the browser). Claim 5 is rejected on the same rationale as claim 1 above. Regarding claim 9, the references as combined above disclose the method of claim 1 as outlined above. Minov further discloses: Wherein utilizing the trust mechanisms to log the user out of the second one of the two systems comprises clearing cookies and/or tokens of the second one of the two systems from the user browser (See Mivov paragraphs 39-40 disclosing cleaning and removing the session cookies). Claim 9 is rejected on the same rationale as claim 1 above. Regarding claim 10, the references as combined above disclose the method of claim 9 as outlined above. Minov further discloses: Wherein utilizing the trust mechanism to log the user out of the second one of the two systems comprises logging the user out of applications of the second one of the two systems. (See paragraphs 60-63 disclosing in a single logout request from the user the browser requests the SLO service to logout from all the domains). Claim 10 is rejected on the same rationale as claim 1 above. Regarding claim 11, the references as combined above disclose the method of claim 10 as outlined above. Zhu further discloses: Wherein utilizing the trust mechanisms to log the user out of the second one of the two systems comprises sending a confirmation of logout from the second one of the two systems to the user browser, the confirmation of logout comprising the JWT. (See page 9, paragraphs 2-3 disclosing an exit login request from the user browser to third party system B and an exit request submitted to third party system A. See also paragraphs 4-5 disclosing a JSON web token to be used for cross domain. The system also uses authentication with HTTPS suggesting that the JSON can be signed for added security). Regarding claim 13, the references as combined above disclose the method of claim 9 as outlined above. Minov further discloses logging out other applications of the first system via communication of a front channel logout URL. (See paragraphs 60-63 disclosing in a single logout request from the user the browser requests the SLO service to logout from all the domains). Claim 10 is rejected on the same rationale as claim 1 above. Regarding claim 18, Zhu discloses a system comprising: a first access control system having a first login protocol ,the first access control system comprising: at least one first processor (see page 5 last two paragraphs to page 6 first two paragraphs); and a memory comprising a plurality of instructions executable by the at least one first processor, (see abstract, and background the cross domain communication system comprises computers with memory and processor) and a second access control system, wherein the second access control system has a second login protocol independent of the first login protocol, wherein the first access control system is configured to: (see page 5 last two paragraphs to page 6 first two paragraphs). Utilizing a trust mechanism to log the user out of a second one of the two systems wherein utilizing the trust mechanism to log the user out of the second one of the two systems comprises (See page 3, paragraph 5 disclosing a cross-domain application between the two systems to log the user out of the second system). wherein utilizing the trust mechanisms to log the user out of the second one of the two systems comprises sending a JSON web token (JWT) from a user browser to the second one of the two systems… and sending the JWT to the first system as confirmation of completion of the logout from the second one of the two systems. (See page 9, paragraphs 2-3 disclosing an exit login request from the user browser to third party system B and an exit request submitted to third party system A. See also paragraphs 4-5 disclosing a JSON web token to be used for cross domain. The system also uses authentication with HTTPS suggesting that the JSON can be signed for added security). Zhu does not explicitly disclose receiving a logout request from a user at a first one of two systems; logging the user out of the first one of the two systems; sending a JSON web token (JWT) signed by a private key of the first one of the two systems from a user browser to the second one of the two systems wherein the JWT comprises a post logout redirect URL redirecting the user browser to logout of the second one of the two systems, wherein the redirecting comprises, sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser. However, Minov in an analogous art discloses receiving a logout request from a user at a first one of two systems; logging the user out of the first one of the two systems (see para 42); sending a JSON web token (JWT) signed by a private key of the first one of the two systems from a user browser to the second one of the two systems wherein the JWT comprises a post logout redirect URL (see paragraphs 41-42 Minov does not disclose a JSON which is disclosed by Zhu but discloses a signed token; the login module adding signed request parameters to the logout request which may be digitally signed with the IDP private keys (para 20), the MDS redirects the browser to the IDP). MInov further discloses redirecting the user browser to logout of the second one of the two systems, wherein the redirecting comprises, sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser (see paragraphs 43-44 disclosing the browser sends the logout request to the IDP the IDP encodes the assertion parameter, cookie name and returns the information to the browser). Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Zhu to redirect the browser to log out of the second one of the two systems wherein the redirecting comprises sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser. One of ordinary skill in the art would have been motivated to do so because it allows verification of multiple domains as taught by Minov (see paragraph 44) Regarding claim 19, the references as combined above disclose the method of claim 9 as outlined above. Minov further discloses wherein the logout request directs the logging out of the user from the first access control system, wherein logging the user out of the first access control system comprises expiring a session of the user on the first access control system, (See paragraph 62, session of the one or more domains are invalidated) wherein utilizing the trust mechanism to log the user out of the second access control system comprises redirecting the user to the second access control system (see paragraphs 43-44 disclosing the browser sends the logout request to the IDP the IDP encodes the assertion parameter, cookie name and returns the information to the browser). Claim 19 is rejected on the same rationale as the rejection of claim 1 above. Regarding claim 20, Zhu discloses a non-transitory computer-readable storage medium storing a plurality of instructions executable by one or more processors, the plurality of instructions when executed by the one or more processors cause the one or more processors to: wherein utilizing the trust mechanisms to log the user out of the second one of the two systems comprises sending a JSON web token (JWT) from a user browser to the second one of the two systems… and sending the JWT to the first system as confirmation of completion of the logout from the second one of the two systems. (See page 9, paragraphs 2-3 disclosing an exit login request from the user browser to third party system B and an exit request submitted to third party system A. See also paragraphs 4-5 disclosing a JSON web token to be used for cross domain. The system also uses authentication with HTTPS suggesting that the JSON can be signed for added security). Zhu does not explicitly disclose receive a logout request from a user at a first one of two systems; logging the user out of the first one of the two systems; sending a JSON web token (JWT) signed by a private key of the first one of the two systems from a user browser to the second one of the two systems wherein the JWT comprises a post logout redirect URL redirecting the user browser to logout of the second one of the two systems, wherein the redirecting comprises, sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser. However, Minov in an analogous art discloses receive a logout request from a user at a first one of two systems; log the user out of the first one of the two systems (see para 42); sending a JSON web token (JWT) signed by a private key of the first one of the two systems from a user browser to the second one of the two systems wherein the JWT comprises a post logout redirect URL (see paragraphs 41-42 Minov does not disclose a JSON which is disclosed by Zhu but discloses a signed token; the login module adding signed request parameters to the logout request which may be digitally signed with the IDP private keys (para 20), the MDS redirects the browser to the IDP). Minov further discloses redirecting the user browser to logout of the second one of the two systems, wherein the redirecting comprises, sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser (see paragraphs 43-44 disclosing the browser sends the logout request to the IDP the IDP encodes the assertion parameter, cookie name and returns the information to the browser). Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Zhu to redirect the browser to log out of the second one of the two systems wherein the redirecting comprises sending by the second one of the two systems, the JWT that was previously sent to the second one of the two systems to the user browser. One of ordinary skill in the art would have been motivated to do so because it allows verification of multiple domains as taught by Minov (see paragraph 44) 9. Claims 8 is rejected under 35 U.S.C. 103 as being unpatentable over Foreign Patent Application CN-108737331-A to Zhu in view of US Patent Publication US 2015/0188906 A1 to Minov et al hereafter Minov, as applied to claim 1 above and further in view of US Patent Publication US 2017/0331802 to Keshava et al hereafter Keshava. Regarding claim 8, the references as combined above disclose the method of claim 1. Zhu does not explicitly disclose wherein the JWT further comprises an Identity and Access Management (“IAM”) login private key. However, Keshava discloses wherein the JWT further comprises an Identity and Access Management (“IAM”) login private key (see paragraph 238 disclosing signing JWT using a private key and paragraph 229 disclosing a client application requests the key or credential from the IAM platform. Therefore, it would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Zhu and Minov to use an IAM login private key. One of ordinary skill in the art would have been motivated to do so because the key can be requested from the IAM platform for added security as taught by Keshava (see paragraph 229). 10. Claims 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Foreign Patent Application CN-108737331-A to Zhu in view of US Patent Publication US 2015/0188906 A1 to Minov et al hereafter Minov as applied to claim 1 above, and further in view of Lander et al. (Pub No.: US 2017/0331832 A1), hereafter Lander. Regarding claim 14, the references as combined above disclose the method of claim 1. Minov does not explicitly disclose wherein the second one of the two systems comprises a role-based access control (RBAC) system, and wherein the first one of the two systems comprises an attribute-based access control (ABAC) system. However, Lander discloses: wherein the first one of the two systems comprises an attribute-based access control (ABAC) system, and wherein the second one of the two systems comprises a role-based access control (RBAC) system. (Lander [0218] teaches "One embodiment provides fine-grained authorization policies for protecting the IDCS service resources described herein that are based on role-based access control ('RBAC') and attribute-based access control ('ABAC')." Here Lander teaches providing not only RBAC services but ABAC services to systems using Lander's IDCS.) Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to modify Zhu and Minov, to use resources that comprise RBAC and ABAC. One would have been motivated to make such a combination to more efficiently provide fine-grained authorization policies for protecting system resources as taught by Lander (see Lander [0218]). Regarding claim 15, the references as combined above disclose the method of claim 1. Lander further discloses wherein the first one of the two systems comprises a role-based access control (RBAC) system, and wherein the second one of the two systems comprises an attribute-based access control (ABAC) system. (Previously stated above, Lander [0218] teaches providing not only RBAC services but ABAC services as well to systems/applications using Lander's IDCS). Claim 15 is rejected on the same rationale as the rejection of claim 14 above. 11. Claims 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Foreign Patent Application CN-108737331-A to Zhu in view of US Patent Publication US 2015/0188906 A1 to Minov et al hereafter Minov as applied to claim 1 above, in view of Lander et al. (Pub No.: US 2017/0331832 A1), hereafter Lander as applied to claim 15 above and further in view of US Patent Publication US 2014/0082715 A1 to Grajek et al hereafter Grajek. Regarding claim 16, the references as combined above disclose the method of claim 15 but does not explicitly disclose wherein the first one of the two systems identifies other applications of the first system to which the user is logged in; and logs the user out of those other applications. Grajek discloses wherein the first one of the two systems identifies other applications of the first system to which the user is logged in; and logs the user out of those other applications (See paragraphs 120-121 disclosing identifying application through the mapping to log out the user of those applications). Therefore, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention, to modify Zhu, Minov, Lander wherein the first system identifies other applications of the first system to which the user is logged in and logs the user out of those other applications. One would have been motivated to do so because all client applications currently logged in may be logged out from using client app identities that were associated with a specific token as suggested by Grajek (see paragraph [0124]). Regarding claim 17, the references as combined above disclose the method of claim 16. Grajek further discloses Wherein the second one of the two systems: identifies other applications of the second system to which the user is logged in; receives front channel logout URLs for the other applications of the second system to which the user is logged in; and directs loading of the front channel logout URLs by the other applications of the second system to which the user is logged in. (See paragraphs 124-125). Claim 17 is rejected on the same rationale as the rejection of claim 16 above. Conclusion 12. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Carl G Colin whose telephone number is (571)272-3862. The examiner can normally be reached Monday-Thursday 8:00-5:00 PM, Friday 8-12 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amy Cohen Johnson can be reached at 571-272-2238. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493
Read full office action

Prosecution Timeline

Show 6 earlier events
Mar 07, 2025
Final Rejection mailed — §103
Jul 03, 2025
Request for Continued Examination
Jul 09, 2025
Response after Non-Final Action
Sep 19, 2025
Non-Final Rejection mailed — §103
Nov 06, 2025
Examiner Interview Summary
Nov 06, 2025
Applicant Interview (Telephonic)
Jan 12, 2026
Response Filed
May 27, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/627,961
Patent 12634114
RECURRENT NEURAL NETWORK-BASED USER IDENTITY MISAPPROPRIATION PREVENTION FROM PUBLIC DOMAINS AND CONNECTIONS
2y 1m to grant Granted May 19, 2026
18/183,983
Patent 12608469
SYSTEMS AND METHODS FOR STORAGE SYSTEM ATTACK DETECTION AND RESPONSE
3y 1m to grant Granted Apr 21, 2026
18/031,616
Patent 12592963
DETECTION DEVICE, DETECTION METHOD, AND DETECTION PROGRAM
2y 11m to grant Granted Mar 31, 2026
18/499,817
Patent 12554808
PUBLIC KEY EMBEDDED IN CONTENT FOR VERIFICATION OF AUTHORSHIP
2y 3m to grant Granted Feb 17, 2026
18/198,625
Patent 12547704
AUTOMATED DEPLOYMENT OF RELOCATABLE CODE BLOCKS AS AN ATTACK COUNTERMEASURE IN SOFTWARE
2y 9m to grant Granted Feb 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

5-6
Expected OA Rounds
48%
Grant Probability
99%
With Interview (+54.1%)
4y 4m (~8m remaining)
Median Time to Grant
High
PTA Risk
Based on 136 resolved cases by this examiner. Grant probability derived from career allowance rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month