Prosecution Insights
Last updated: July 17, 2026
Application No. 17/987,664

SYSTEM AND METHOD FOR AUTHORIZING SERVICES ACCESS TO PROTECTED RESOURCES

Final Rejection §102§112
Filed
Nov 15, 2022
Priority
Nov 15, 2021 — provisional 63/279,567
Examiner
DAVIS, ZACHARY A
Art Unit
2492
Tech Center
2400 — Computer Networks
Assignee
Open Text Corporation
OA Round
2 (Final)
54%
Grant Probability
Moderate
3-4
OA Rounds
9m
Est. Remaining
76%
With Interview

Examiner Intelligence

Grants 54% of resolved cases
54%
Career Allowance Rate
273 granted / 506 resolved
-4.0% vs TC avg
Strong +22% interview lift
Without
With
+22.0%
Interview Lift
resolved cases with interview
Typical timeline
4y 5m
Avg Prosecution
33 currently pending
Career history
568
Total Applications
across all art units

Statute-Specific Performance

§101
1.8%
-38.2% vs TC avg
§103
65.2%
+25.2% vs TC avg
§102
24.8%
-15.2% vs TC avg
§112
7.8%
-32.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 506 resolved cases

Office Action

§102 §112
DETAILED ACTION A response to the notice of non-compliant amendment was received on 02 February 2026. By this response, Claims 1, 3-8, 10-14, and 16-20 have been amended. No claims have been added or canceled. Claims 1-20 are currently pending in the present application. Response to Amendment The amendment is not fully responsive under 37 CFR 1.111(b) which requires that Applicant reply to every ground of objection and rejection in the prior Office action. In particular, Applicant has not clearly acknowledged or addressed the objection to the specification and the corresponding requirement to provide a copy of the material incorporated by reference (see paragraph 0038) as per 37 CFR 1.57(f). As a courtesy, the present response has been entered and treated as though it were fully responsive; however, Applicant is again required to provide a copy of this material in response to the present Office action. Drawings The objection to the drawings is NOT withdrawn because not all issues have been addressed and/or because the amendments have raised new issues, as set forth below. The drawings are objected to because they include informalities. In Figure 4A, reference numeral 420 is described as a “step” but also has a lead line pointing to the deployment tool; it appears that 420 should not be described as a step, as in Figures 4B and 4C. In Figure 4B, it is not clear what the distinctions between various parallel elements are intended to be (e.g. elements 436 and 460; elements 438, 454, 462; and elements 440, 444, 456, 468, and 464), and similarly, in Figure 4C, it is not clear what the distinctions between various parallel elements are intended to be (e.g. elements 470, 478, and 486; elements 472, 480, and 488; elements 474, 482, and 490; and elements 476, 484, and 492). Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. Specification The objection to the abstract is NOT withdrawn because the amended abstract contains additional informalities as noted below. As noted above, Applicant is again required to provide a copy of the material incorporated by reference (see paragraph 0038) as per 37 CFR 1.57(f). The abstract of the disclosure is objected to because it includes informalities. In particular, the comma in line 2 before “storing” and the comma in line 3 before “accessing” should be replaced by semicolons, and a semicolon should be inserted before “and determining” in line 4, to make the distinctions between the list items more clear, because some items in the list also include internal commas. A corrected abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text. See MPEP § 608.01(b). Applicant’s cooperation is again requested in correcting any other errors of which applicant may become aware in the specification. Claim Objections Claims 1, 8, and 14 are objected to because of the following informalities: In Claim 1, lines 11-12, it appears that the second “based on” is redundant and should be deleted so that the phrase reads “based on either the requesting service or a user”. In Claim 8, lines 15-16, it appears that the second “based on” is redundant and should be deleted so that the phrase reads “based on either the requesting service or a user”. In Claim 14, lines 13-14, it appears that the second “based on” is redundant and should be deleted so that the phrase reads “based on either the requesting service or a user”. Appropriate correction is required. Claim Rejections - 35 USC § 112 The rejection of Claims 1-20 under 35 U.S.C. 112(b) as indefinite is NOT withdrawn, because not all issues have been addressed and/or because the amendments have raised new issues, as detailed below. The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 1 recites “the protected resource, including modifying the policy definitions” in line 15. It is grammatically unclear what the phrase “including modifying” is intended to modify. If this is intended to modify the step of modifying as recited in line 14, then this phrase should be amended to recite “wherein modifying the access control model includes modifying the policy definitions” or similar. The above ambiguities render the claim indefinite. Claim 4 recites “policy definitions” in lines 1-2. It is not clear whether this may be intended to refer to the policy definitions as received in the access control model or the modified policy definitions, or to distinct policy definitions. Claim 8 recites “a protected resource” in line 10. It is not clear whether this is intended to refer to the same protected resource as in lines 1-2 and 8, for example. The claim further recites “the protected resource including modifying the policy definitions” in line 20. It is grammatically unclear what the phrase “including modifying” is intended to modify. If this is intended to modify the step of modifying as recited in line 19, then this phrase should be amended to recite “wherein modifying the access control model includes modifying the policy definitions” or similar. The above ambiguities render the claim indefinite. Claim 11 recites “policy definitions” in line 1. It is not clear whether this may be intended to refer to the policy definitions as received in the access control model or the modified policy definitions, or to distinct policy definitions. Claim 13 recites “a protected resource” in line 3. It is not clear whether this is intended to refer to one of the protected resources recited in Claim 8 or to a distinct resource. Claim 13 further recites “the protected resource” in line 3. It is not clear to which of the plural resources this is intended to refer. The claim also recites “service role assignments, a service role delegate, user role assignments, and a user role delegate” in lines 4-5. It is not clear whether these elements are intended to refer to the same assignments and delegates as recited in lines 2-3 or to distinct assignments and delegates. Claim 14 recites steps of “modifying” and “accessing” in lines 16-18 if it is determined to grant the requesting service access; however, these steps are not linked by a conjunction (e.g. “and” or “or”) and therefore it is not clear whether both are required or if they are alternatives. The claim additionally recites “the protected resource including modifying the policy definitions” in line 17. It is grammatically unclear what the phrase “including modifying” is intended to modify. If this is intended to modify the step of modifying as recited in line 19, then this phrase should be amended to recite “wherein modifying the access control model includes modifying the policy definitions” or similar. The above ambiguities render the claim indefinite. Claim 17 recites “policy definitions” in lines 1-2. It is not clear whether this may be intended to refer to the policy definitions as received in the access control model or the modified policy definitions, or to distinct policy definitions. Claims not explicitly referred to above are rejected due to their dependence on a rejected base claim. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. Claims 1-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Kjelstrup et al, US Patent 11968241 (cited in the previous Office action). In reference to Claim 1, Kjelstrup discloses a method for authorizing access to a protected resource, comprising: receiving an access control model comprising policy definitions for access by services and users to the protected resource and storing the access control model in a database (see column 8, lines 46-67, access control policy, i.e. model, received and stored to be auto-tuned); at a requesting service, generating a request to access the protected resource (column 9, lines 1-42, generating requests to access services and resources); at an authorization service coupled to the database, receiving the request to access the protected resource (column 9, lines 1-42, receiving requests to access services and resources); accessing, by the authorization service, the access control model and determining, based on the access control model, whether to grant the requesting service access to the protected resource based on either the requesting service or a user (column 9, line 43-column 10, line 2, performing access analysis, i.e. determining whether to grant access based on the policy); and if it is determined to grant the requesting service access: modifying the access control model to allow access by the requesting service to the protected resource, including modifying the policy definitions (column 10, lines 3-64, modifying policy, adding or removing permissions, see also Figure 3); and accessing, by the requesting service, the protected resource (see column 10, lines 3-32, granting access; see also Figure 5 and column 11, line 48-column 12, line 15, describing permissions including granting permissions); and if it is determined to not to grant the requesting service access: denying the requesting service access (see column 10, lines 33-64, restricting access; see also Figure 5 and column 11, line 48-column 12, line 31, describing permissions including denying access). In reference to Claim 2, Kjelstrup further discloses that subsequent requests by the requesting service to access the protected resource are based on the modified policy definitions (column 10, lines 3-64, modifying policy, adding or removing permissions). In reference to Claim 3, Kjelstrup further discloses deploying the access control model, wherein the deploying comprises: receiving the access control model at the authorization service, and the authorization service storing the access control model in the database (column 8, lines 46-67, access control policy received and stored). In reference to Claim 4, Kjelstrup further discloses that policy definitions of the access control model for at least one of the services are received from a development tool (column 9, lines 1-16, input from developer). In reference to Claim 5, Kjelstrup further discloses that the policy definitions as received comprise at least one delegate control model comprising delegate policy definitions, and wherein the determining to grant the requesting service access to the protected resource is further based on the at least one delegate control model (see column 11, line 48-column 12, line 15, and column 12, lines 42-64, delegation policy permissions). In reference to Claim 6, Kjelstrup further discloses that the access control model comprises a namespace comprising: service role assignments, a service role delegate, user role assignments, a user role delegate, and the protected resource, where the protected resource further comprises: a first service role assignment, a first service role delegate, a first user role assignment, and a first user role delegate (see column 11, line 48-column 14, line 29, describing Figure 5 and numerous types of roles and delegates/delegation in the policy, i.e. model, which constitute the claimed namespace). In reference to Claim 7, Kjelstrup further discloses that the policy definitions as received comprise workflow policy definitions, the services include a workflow service and a plurality of task services, and the receiving the access control model further comprises: receiving, from an administration tool, the workflow policy definitions for the workflow service and for the plurality of task services, wherein the authorization service determines whether to grant access between and among the workflow service and the plurality of task services and the protected resource based on the workflow policy definitions (see Figure 3, policy manager corresponds to administrator; see also column 13, lines 7-21, administration role; see also column 13, line 65-column 14, line 29, policy includes workflow and other tasks to be performed). Claims 8-13 are directed to systems having functionality corresponding to the methods of Claims 1-6, and are rejected by a similar rationale, mutatis mutandis. Claims 14-20 are directed to software implementations of the methods of Claims 1-7, and are rejected by a similar rationale. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Zachary A Davis whose telephone number is (571)272-3870. The examiner can normally be reached Monday-Friday, 9:00am-5:30pm, Eastern Time. Examiner interviews are available via telephone and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rupal D Dharia can be reached at (571) 272-3880. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Zachary A. Davis/Primary Examiner, Art Unit 2492
Read full office action

Prosecution Timeline

Nov 15, 2022
Application Filed
May 21, 2025
Non-Final Rejection mailed — §102, §112
Aug 14, 2025
Examiner Interview Summary
Aug 14, 2025
Applicant Interview (Telephonic)
Aug 20, 2025
Response Filed
Aug 20, 2025
Response after Non-Final Action
Feb 02, 2026
Response Filed
Jun 03, 2026
Final Rejection mailed — §102, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12676750
Methods, Systems, and Devices for Server Control of Client Authorization Proof of Possession
4y 5m to grant Granted Jul 07, 2026
Patent 12676751
Methods, Systems, and Devices for Server Control of Client Authorization Proof of Possession
4y 5m to grant Granted Jul 07, 2026
Patent 12659750
ULTRA-WIDEBAND UNLOCK DEVICE
3y 8m to grant Granted Jun 16, 2026
Patent 12592929
TECHNIQUE FOR COMPUTING A BLOCK IN A BLOCKCHAIN NETWORK
4y 9m to grant Granted Mar 31, 2026
Patent 12566840
Systems And Methods For Creating Trustworthy Orchestration Instructions Within A Containerized Computing Environment For Validation Within An Alternate Computing Environment
3y 7m to grant Granted Mar 03, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
54%
Grant Probability
76%
With Interview (+22.0%)
4y 5m (~9m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 506 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month