IN-CLIENT AUTHORIZATION

§102 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 11/03/25 has been entered. Claims 1-20 are presented for examination. Response to Arguments Applicant’s arguments and amendments, filed 11/03/25, with respect to the rejection of claims 1-20 under Trang in view of Pugh have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground of rejection is made in view of Feijoo. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1-2, 7, 8, 14, 15 and 20 are rejected under 35 U.S.C. 102(a)(1)/(a)(2) as being anticipated by Feijoo et al, US 2019/0058706. Regarding claim 1, Feijoo discloses a method of securely authorizing an application, the method comprising: receiving, by client software executed by a client device, a first request to access an application within the client software (Fig. 8A, 801 request. Paragraph 0117: the user may attempt to log into a virtual desktop, web application or mobile application to access a virtual, cloud-based enterprise system where enterprise server 720 may be integrated with an enterprise identity service provided by enterprise identity provider server 710). obtaining, from a user of the client device an authorization for the application to access user information maintained by a virtual service provider (0117: enterprise server 720 may forward such requests on behalf of user devices 730 and 740 to enterprise identity server 710 for authentication); transmitting the authorization to the virtual service provider (0117: enterprise server 720 may forward such requests on behalf of user devices 730 and 740 to enterprise identity server 710 for authentication); launching the application within the client software (0080: The application management framework 614 may “pair” with client agent 604 on first launch of an application 610 to initialize the Secure IPC channel 612 and obtain the policy for that application. See 0065: application launcher 518 ); receiving a second request for authorization from the application (0119: a single authentication may provide access to multiple applications, services and resources by passing the first authentication token seamlessly in the enterprise system integrated with enterprise identity provider server 710. As such, enterprise server 720 may be provisioned with the first authentication token.); transmitting the second request for authorization to the virtual conference provider (Fig. 8, 804: send request to access third party system. 805: redirect the request ); receiving an authorization response from the virtual conference provider (Fig. 8, 806L generate second token); and providing the authorization response to the application (Fig. 8, 807: send the second token). Regarding claim 2, Feijoo, discloses the method of claim 1, wherein receiving the first request to access the application within the client software occurs without the application being launched (0067: secure applications 514 may access data stored in a secure data container 528 in the managed partition 510 of the mobile device 502. The data secured in the secure data container may be accessed by the secure native applications 514, secure remote applications 522 executed by a secure application launcher 518, virtualization applications 526 executed by a secure application launcher 518, and the like). Regarding claim 7, Feijoo, discloses the method of claim 1, receiving, from an additional instance of the application executing on an additional client device, a second request for authorization; transmitting the second request for authorization to the virtual conference provider, wherein the second request includes a first session identifier associated with the additional instance of the application; receiving a second authorization from the virtual conference provider, the second authorization including a second session identifier; verifying the first session identifier against the second session identifier; and responsive to the verifying, granting permission to access the one or more resources to the additional instance of the application (Fig. 8A, First authentication token and second authentication token). As per claims 8 and 14, this is a system version of the claimed method discussed above in claims 1-2 and 7 wherein all claimed limitations have also been addressed and/or cited as set forth above. As per claims 15 and 20, this is a non-transitory computer-readable medium version of the claimed method and system discussed above in claims 1-2 and 7, and 8 and 14 wherein all claimed limitations have also been addressed and/or cited as set forth above. Claims 3, 6, 9, 12, 16, 19 are rejected under 35 U.S.C. 103 as being unpatentable over Feijoo as applied to claims 1, 8 and 15 above, and further in view of VAN OS, EP 3467695. Regarding claim 3, 9 and 16, Feijoo lacks or fails to expressly disclose displaying on a user interface. However, VAN OS discloses displaying, on a user interface of the client software, an indication of the one or more resources; and receiving the authorization from the user and via the user interface (abstract and page 53, number 26 teaches a requesting device transmits a selected option to access a resource via a display). It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Feijoo with VAN OS to include a display for user selection via user interface, in order to display a menu of applications, as taught by VAN OS, (page 5, Fig. 4A). Regarding claims 6, 12 and 19, Feijoo discloses determining a need for a third request for authorization from the application based on additional resources requested by the application ( 0126: the enterprise identity provider server may store in its memory additional instructions that, when executed by the at least one processor, cause the enterprise identity provider server to store, in the token store, the second authentication token and a reference associating the second authentication token with the first authentication token.) Feijoo lacks or fails to expressly disclose displaying on a user interface. However, VAN OS; displaying, on a user interface of the client software, an indication that the additional resources are requested (abstract and page 53, number 26 teaches a requesting device transmits a selected option to access a resource via a display). It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Feijoo with VAN OS to include a display for user selection via user interface, in order to display a menu of applications, as taught by VAN OS, (page 5, Fig. 4A). Feijoo, discloses receiving, via the user interface and from the user of the client device, an approval for access to the additional resources; based on the approval, transmitting a third authorization to the virtual conference provider, wherein the third authorization is associated with the application; and receiving the third authorization from the virtual conference provider in response to a request by the application for the additional resources (Fig. 8B 810-814.). Claims 4, 5, 10, 11, 13, 17, 18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Feijoo as applied to claims 1, 8 and 15 above, and further in view of Patter et al., US 2021/0258298. Regarding claims 4, 10 and 17, Feijoo discloses the method of claim 1, further comprising: transmitting a third request for authorization to the virtual conference provider, wherein the third request for authorization is for additional resources not included in the one or more resources; and receiving, from the virtual conference provider (Fig. 8B). Feijoo lacks or does not expressly disclose a denial of a request for resources. However, Patter discloses a denial of the third request for authorization (paragraph 0114, claim 1: upon determining that the second session identifier does not match the session identifier associated with the client application identifier stored in the data store, denying, by the computer system, the user access to the protected resource). It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Feijoo with Patter to include denying a request for a resource in order to maintain a valid session and secure access to protected resources, as taught by Patter, abstract. Regarding claims 5, 11 and 18, Feijoo, discloses the method of claim 1, wherein the second request includes a first session identifier associated with the application, the method further comprising: receiving a second authorization from the virtual conference provider, the second authorization including a second session identifier (Fig. 8). Feijoo lacks or does not expressly disclose denying permission. However, Patter discloses responsive to determining that the first session identifier does not match the second session identifier, denying permission for the application to access the one or more resources (paragraph 0114, claim 1: upon determining that the second session identifier does not match the session identifier associated with the client application identifier stored in the data store, denying, by the computer system, the user access to the protected resource). It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Feijoo with Patter to include denying a request for a resource in order to maintain a valid session and secure access to protected resources, as taught by Patter, abstract. Regarding claims 13 and 20, Feijoo discloses the system of claim 8 but lacks or does not expressly disclose wherein the resources comprise one or more of a name, an email address, a calendar, or one or more documents. However, Patter discloses resources comprise one or more of a name, an email address, a calendar, or one or more documents (0028: the protected resources may include applications, documents, files, web pages, web content, computing resources and so on within computing environment 100). It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify Feijoo with Patter to include resources such as documents within the computing environment in order to maintain a secure computing environment, as taught by Patter, abstract. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUBREY H WYSZYNSKI whose telephone number is (571)272-8155. The examiner can normally be reached M-F 9-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMBIZ ZAND can be reached on 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /AUBREY H WYSZYNSKI/Examiner, Art Unit 2434