DETAILED ACTION
This Office action is in reply to correspondence filed 10 December 2024 in regard to application no. 17/984,090. Claims 1-18 are pending and are considered below.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 2, 6, 7, 11 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Shelley (U.S. Patent No. 10,548,001) in view of Wang et al. (U.S. Publication No. 2018/0091490) further in view of Yin et al. (U.S. Publication No. 2018/0060954).
In-line citations are to Shelley.
With regard to Claim 1:
Shelley teaches: A method comprising:
receiving, by an identity network computing device from a relying party computing device, a request to authenticate an identity of a user; [Col. 4, lines 48-50; the system may "allow users of the connection system to request or access user assistance and other support services" which may require, Col. 6, lines 60-62, "login credentials which may then be used for ongoing secure access to their user account"]
in response to the request, providing, by the identity network computing device to a user device associated with the user, a plurality of identity providers…
receiving, by the identity network computing device from the user device, a selection of a first identity provider of the plurality of identity providers; [Col. 6, line 62 to Col. 7, line 2; "user account management module 116 may be configured to additionally or alternatively be responsive to a third party authentication service for secure user login, wherein a user may establish login capability by logging in through a third party service such as logging in through a Google account, a Facebook account or other third party service providing such authentication services”]
in response to the first identity provider authenticating the identity of the user, receiving, by the identity network computing device from an identity provider computing device associated with the first identity provider, a plurality of identity attributes associated with the user... [Col. 7, lines 15-21; "the login process may include an additional, one or more, authentication steps, such as in two-factor authentication or multi-factor authentication, wherein an additional one or more authentication steps beyond a submitting of a username and password are required to complete the account login process"]
Shelley does not explicitly teach providing, by the identity network computing device to the relying party computing device, at least some identity attributes of the plurality of identity attributes, but it is known in the art. Wang teaches an authentication framework [title] in which an "authentication server device" retrieves a list of "identity providers" and registers certain "client identifiers" with at least one of the identity providers. [0018] The process may "involve redirecting an authorization code generated by the identity provider to an authentication server device rather than directly to the application". [0013] Wang and Shelley are analogous art as each is directed to electronic means for managing authentication services.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Wang with that of Shelley in order to maintain privacy, as taught by Wang; [abstract] further, it is simply a substitution of one known part for another with predictable results, simply sharing the data of Wang in place of, or in addition to, that of Shelley; the substitution produces no new and unexpected result.
Shelley does not explicitly teach the relying party computing device is distinct from the user device, but it is known in the art. Yin teaches a mobile device messaging system [title] in which a “content provisioning system” communicates with a “mobile user device”, and in which the “content provisioning system” may perform “authentication” of the user. [0041] Yin and Shelley are analogous art as each is directed to electronic means for authenticating users.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Yin with that of Shelley in order to improve security, as taught by Yin; [0037] further, it is simply a substitution of one known part for another with predictable results, simply using Yin’s authentication topology in place of that of Shelley; the substitution produces no new and unexpected result.
With regard to Claim 2:
The method of claim 1, further comprising, after receiving the selection of the identity provider, directing the user device to a page of the identity provider. [Wang, 0013 as cited above in regard to claim 1]
With regard to Claim 6:
Shelley teaches: A non-transitory computing-device readable storage medium on which computing-device readable instructions of a program are stored, the instructions, when executed by one or more processors of an identity network computing device, cause the identity network computing device to perform a method, [Col. 12, lines 52-53, 58; "software" is stored in a "non-transitory computer-readable medium"; line 39; the software is executed by a “processor”; Col. 13, line 14; the system includes a “network interface”] comprising:
receiving, by an identity network computing device from a relying party computing device, a request to authenticate an identity of a user; [Col. 4, lines 48-50; the system may "allow users of the connection system to request or access user assistance and other support services" which may require, Col. 6, lines 60-62, "login credentials which may then be used for ongoing secure access to their user account"]
in response to the request, providing, by the identity network computing device to a user device associated with the user, a plurality of identity providers…
receiving, by the identity network computing device from the user device, a selection of a first identity provider of the plurality of identity providers; [Col. 6, line 62 to Col. 7, line 2; "user account management module 116 may be configured to additionally or alternatively be responsive to a third party authentication service for secure user login, wherein a user may establish login capability by logging in through a third party service such as logging in through a Google account, a Facebook account or other third party service providing such authentication services”]
in response to the first identity provider authenticating the identity of the user, receiving, by the identity network computing device from an identity provider computing device associated with the first identity provider, a plurality of identity attributes associated with the user... [Col. 7, lines 15-21; "the login process may include an additional, one or more, authentication steps, such as in two-factor authentication or multi-factor authentication, wherein an additional one or more authentication steps beyond a submitting of a username and password are required to complete the account login process"]
Shelley does not explicitly teach providing, by the identity network computing device to the relying party computing device, at least some identity attributes of the plurality of identity attributes, but it is known in the art. Wang teaches an authentication framework [title] in which an "authentication server device" retrieves a list of "identity providers" and registers certain "client identifiers" with at least one of the identity providers. [0018] The process may "involve redirecting an authorization code generated by the identity provider to an authentication server device rather than directly to the application". [0013] Wang and Shelley are analogous art as each is directed to electronic means for managing authentication services.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Wang with that of Shelley in order to maintain privacy, as taught by Wang; [abstract] further, it is simply a substitution of one known part for another with predictable results, simply sharing the data of Wang in place of, or in addition to, that of Shelley; the substitution produces no new and unexpected result.
Shelley does not explicitly teach the relying party computing device is distinct from the user device, but it is known in the art. Yin teaches a mobile device messaging system [title] in which a “content provisioning system” communicates with a “mobile user device”, and in which the “content provisioning system” may perform “authentication” of the user. [0041] Yin and Shelley are analogous art as each is directed to electronic means for authenticating users.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Yin with that of Shelley in order to improve security, as taught by Yin; [0037] further, it is simply a substitution of one known part for another with predictable results, simply using Yin’s authentication topology in place of that of Shelley; the substitution produces no new and unexpected result.
With regard to Claim 7:
The non-transitory computing-device readable storage medium of claim 6, further comprising additional computer-executable instructions that, when executed by the one or more processors, cause the identity network computing device to, after receiving the selection of the first identity provider, direct the user device to a page of the identity provider. [Wang, 0013 as cited above in regard to claim 6]
With regard to Claim 11:
Shelley teaches: An identity network computing device, comprising: a memory comprising computer-executable instructions; and a processor configured to access the memory and execute the computer- executable instructions to perform operations [Col. 12, lines 52-53, 58; "software" is stored in a "non-transitory computer-readable medium"; line 39; the software is executed by a "processor"; Col. 13, line 14; the system includes a "network interface"] comprising:
receive, by an identity network computing device from a relying party computing device, a request to authenticate an identity of a user; [Col. 4, lines 48-50; the system may "allow users of the connection system to request or access user assistance and other support services" which may require, Col. 6, lines 60-62, "login credentials which may then be used for ongoing secure access to their user account"]
in response to the request, provide, by the identity network computing device to a user device associated with the user, a plurality of identity providers…
receive, by the identity network computing device from the user device, a selection of a first identity provider of the plurality of identity providers; [Col. 6, line 62 to Col. 7, line 2; "user account management module 116 may be configured to additionally or alternatively be responsive to a third party authentication service for secure user login, wherein a user may establish login capability by logging in through a third party service such as logging in through a Google account, a Facebook account or other third party service providing such authentication services”]
in response to the first identity provider authenticating the identity of the user, receive, by the identity network computing device from an identity provider computing device associated with the first identity provider, a plurality of identity attributes associated with the user... [Col. 7, lines 15-21; "the login process may include an additional, one or more, authentication steps, such as in two-factor authentication or multi-factor authentication, wherein an additional one or more authentication steps beyond a submitting of a username and password are required to complete the account login process"]
Shelley does not explicitly teach provide, by the identity network computing device to the relying party computing device, at least some identity attributes of the plurality of identity attributes, but it is known in the art. Wang teaches an authentication framework [title] in which an "authentication server device" retrieves a list of "identity providers" and registers certain "client identifiers" with at least one of the identity providers. [0018] The process may "involve redirecting an authorization code generated by the identity provider to an authentication server device rather than directly to the application". [0013] Wang and Shelley are analogous art as each is directed to electronic means for managing authentication services.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Wang with that of Shelley in order to maintain privacy, as taught by Wang; [abstract] further, it is simply a substitution of one known part for another with predictable results, simply sharing the data of Wang in place of, or in addition to, that of Shelley; the substitution produces no new and unexpected result.
Shelley does not explicitly teach the relying party computing device is distinct from the user device, but it is known in the art. Yin teaches a mobile device messaging system [title] in which a “content provisioning system” communicates with a “mobile user device”, and in which the “content provisioning system” may perform “authentication” of the user. [0041] Yin and Shelley are analogous art as each is directed to electronic means for authenticating users.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Yin with that of Shelley in order to improve security, as taught by Yin; [0037] further, it is simply a substitution of one known part for another with predictable results, simply using Yin’s authentication topology in place of that of Shelley; the substitution produces no new and unexpected result.
With regard to Claim 12:
The identity network computing device of claim 11, the memory comprises additional computer-executable instructions and the processor is further configured to, after receiving the selection of the first identity provider, direct the user device to a page of the identity provider. [Wang, 0013 as cited above in regard to claim 11]
Claim(s) 3, 4, 8, 9, 13 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Shelley in view of Wang et al. further in view of Yin et al. further in view of Smith et al. (U.S. Publication No. 2019/0349372, filed 1 November 2018).
Claims 3, 8 and 13 are similar so are analyzed together.
With regard to Claim 3:
The method of claim 1, further comprising, prior to providing the at least some of the identity attributes to the relying party:
providing a consent request to the user device to share the identity attributes; and
receiving a consent approval to share the identity attributes with the relying party.
With regard to Claim 8:
The non-transitory computing-device readable storage medium of claim 6, further comprising additional computer-executable instructions that, when executed by the one or more processors, cause the identity network computing device to, prior to providing the at least some of the identity attributes to the relying party:
provide a consent request to the user device to share the identity attributes; and
receive a consent approval to share the identity attributes with the relying party.
With regard to Claim 13:
The identity network computing device of claim 11, the memory comprises additional computer-executable instructions and the processor is further configured to, prior to providing the at least some of the identity attributes to the relying party:
provide a consent request to the user device to share the identity attributes; and
receive a consent approval to share the identity attributes with the relying party.
Shelley, Wang and Yin teach the method of claim 1, medium of claim 6, and device of claim 11, but do not explicitly teach receiving consent to share data, but it is known in the art. Smith teaches an online verification system [title] which includes an "identity verification platform" [abstract] in which, after a person requesting a data transaction sends a "list of validators", the "user must give consent before any identify verification transaction between validator 100 and requester 116 can be completed". [0084] Thereafter "the platform creates a custom badge representing the relationship between the first individual and the entity for display on the entity's website". [abstract] Smith and Shelley are analogous art as each is directed to electronic means for verifying an identity.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Smith with that of Shelley, Wang and Yin in order to improve security, as taught by Smith; [0011] further, it is simply a substitution of one known part for another with predictable results, simply sending data conditionally as in Smith rather than without this condition as in Wang; the substitution produces no new and unexpected result.
With regard to Claim 4:
The method of claim 3, wherein providing the consent request to the user device includes providing the identity attributes to the user device for display. [Smith, abstract as cited above in regard to claim 3]
This claim is not patentably distinct from claim 3. Claim 3, depending as it does from claim 1, already provides content to the user device. The limitations here disclose at most the content of what is sent and the purpose for which it is sent. The content of information which is merely transmitted or displayed and then not further processed by the claimed substrate consists entirely of nonfunctional printed matter which is considered but given no patentable weight. The purpose for which it is sent is at most a statement of manner-of-use which imparts neither structure nor functionality to the claimed method and so is considered but given no patentable weight. The reference is provided for the purpose of compact prosecution.
With regard to Claim 9:
The non-transitory computing-device readable storage medium of claim 8, wherein providing the consent request to the user device includes providing the identity attributes to the user device for display. [Smith, abstract as cited above in regard to claim 8]
This claim is not patentably distinct from claim 8. Claim 8, depending as it does from claim 6, already provides content to the user device. The limitations here disclose at most the content of what is sent and the purpose for which it is sent. The content of information which is merely transmitted or displayed and then not further processed by the claimed substrate consists entirely of nonfunctional printed matter which is considered but given no patentable weight. The purpose for which it is sent is at most a statement of intended use which imparts neither structure nor functionality to the claimed method and so is considered but given no patentable weight. The reference is provided for the purpose of compact prosecution.
With regard to Claim 14:
The identity network computing device of claim 13, wherein providing the consent request to the user device includes providing the identity attributes to the user device for display. [Smith, abstract as cited above in regard to claim 13]
This claim is not patentably distinct from claim 13. Claim 13, depending as it does from claim 11, already provides content to the user device. The limitations here disclose at most the content of what is sent and the purpose for which it is sent. The content of information which is merely transmitted or displayed and then not further processed by the claimed substrate consists entirely of nonfunctional printed matter which is considered but given no patentable weight. The purpose for which it is sent is at most a statement of intended use which imparts neither structure nor functionality to the claimed method and so is considered but given no patentable weight. The reference is provided for the purpose of compact prosecution.
Claim(s) 5, 10 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Shelley in view of Wang et al. further in view of Yin et al. further in view of Kolls (U.S. Patent No. 11,144,927).
These claims are similar so are analyzed together.
With regard to Claim 5:
The method of claim 1,
further comprising receiving a request for particular identity attributes from the relying party; and
wherein providing the at least some of the identity attributes to the relying party includes providing the particular identity attributes requested by the relying party.
With regard to Claim 10:
The non-transitory computing-device readable storage medium of claim 6, further comprising additional computer-executable instructions that, when executed by the one or more processors, cause the identity network computing device to
receive a request for particular identity attributes from the relying party; and
wherein providing the at least some of the identity attributes to the relying party includes providing the particular identity attributes requested by the relying party.
With regard to Claim 15:
The identity network computing device of claim 11,
the memory comprises additional computer-executable instructions and the processor is further configured to receive a request for particular identity attributes from the relying party; and wherein providing the at least some of the identity attributes to the relying party includes providing the particular identity attributes requested by the relying party.
Shelley, Wang and Yin teach the method of claim 1, medium of claim 6, and device of claim 11, but do not explicitly teach this dialogue, but it is known in the art. Kolls teaches an authorization system [title] in which a "transaction request" includes certain "characteristics" such as "merchant information", [Col. 15, line 28] and the request is complied with subject to successful receipt and verification of "authentication information". [Col. 15, lines 44-45] Kolls and Shelley are analogous art as each is directed to electronic means for authenticating an entity before providing information.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Kolls with that of Shelley, Wang and Yin in order to improve system functionality, as taught by Kolls; [Col. 3, lines 21-22] further, it is simply a combination of known parts with predictable results, simply performing Kolls' steps after the others. Each part works independently of the other, and each works in combination identically to how it works when not combined, with no new and unexpected result inherent or disclosed.
Claim(s) 16 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Shelley in view of Wang et al. further in view of Yin et al. further in view of Nakagawa et al. (U.S. Publication No. 2021/0234858).
These claims are similar so are analyzed together.
With regard to Claim 16:
The method of claim 1, wherein authenticating the identity of the user by the identity network computing device includes authenticating the identity of the user by the identity network computing device in response to the first identity provider using authentication information provided by the user device to authenticate the identity of the user.
With regard to Claim 18:
The identity network computing device of claim 11, wherein authenticating the identity of the user by the identity network computing device includes authenticating the identity of the user by the identity network computing device in response to the first identity provider using authentication information provided by the user device to authenticate the identity of the user.
Shelley, Wang and Yin teach the method of claim 1 and device of claim 11, but do not explicitly teach this configuration, but it is known in the art. Nakagawa teaches an authentication system [title] in which an "authentication server" authenticates a user based in a "login form" which the user has filled out using a "mobile terminal". [0045] Nakagawa and Shelley are analogous art as each is directed to electronic means for authenticating users over a network.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Nakagawa with that of Shelley, Wang and Yin in order to improve the ease of certain login processes, as taught by Nakagawa; [0005] further, it is simply a substitution of known parts for others with predictable results, simply using Nakagawa's arrangement of parts in place of that of Shelley; the substitution produces no new and unexpected result.
Claim(s) 17 is rejected under 35 U.S.C. 103 as being unpatentable over Shelley in view of Wang et al. further in view of Yin et al. further in view of Smith et al. further in view of Nakagawa et al.
With regard to Claim 17:
The non-transitory computing-device readable storage medium of claim 8, wherein authenticating the identity of the user by the identity network computing device includes authenticating the identity of the user by the identity network computing device in response to the first identity provider using authentication information provided by the user device to authenticate the identity of the user.
Shelley, Wang, Yin and Smith teach the medium of claim 8, but do not explicitly teach this configuration, but it is known in the art. Nakagawa teaches an authentication system [title] in which an "authentication server" authenticates a user based in a "login form" which the user has filled out using a "mobile terminal". [0045] Nakagawa and Shelley are analogous art as each is directed to electronic means for authenticating users over a network.
It would have been obvious to one of ordinary skill in the art just prior to the filing of the claimed invention to combine the teaching of Nakagawa with that of Shelley, Wang, Yin and Smith in order to improve the ease of certain login processes, as taught by Nakagawa; [0005] further, it is simply a substitution of known parts for others with predictable results, simply using Nakagawa's arrangement of parts in place of that of Shelley; the substitution produces no new and unexpected result.
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-18 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. The arguments focus on language added by amendment and for which the teaching of Yin has been incorporated herein.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SCOTT C ANDERSON whose telephone number is (571)270-7442. The examiner can normally be reached M-F 9:00 to 5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Bennett Sigmond can be reached at (303) 297-4411. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SCOTT C ANDERSON/Primary Examiner, Art Unit 3694