DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This office action is responsive to amendment filed on 11/13/2025. Claims 1, 3, 4, 9, 11, and 17 are amended. Claims 2, 10 are cancelled. Consequently, claim 1, 3-9, and 11-20 are pending examination.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1, 3-9, and 11-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
Claim1 is drawn to a system, claim 9 is drawn to a method, claim 17 is drawn to computer program product. As such, claims 1,13, and 17 are drawn to one of the statutory categories of invention.
Claims 1, 3-9, and 11-20 are directed to abstract idea of multi-admin verification. Specifically, the claims recite accessing, by a device operatively coupled to a processor, an electronic request and an electronic approval of the electronic request from at least one computing device, wherein the electronic request is issued by a first credential and indicates a data operation to be performed on a data object stored in a data store, and wherein the electronic approval is issued by a second credential, wherein the electronic request includes the data object, the data operation and a timestamp of when the electronic request was made by the first credential and wherein the electronic approval includes the second credential and an approving timestamp of when the electronic approval was issued by the second credential; identifying, by the device, a multi-admin verification rule that protects the data object from the data operation, wherein the multi-admin verification rule is electronically stored and specifies a set of approver credentials that are authorized to electronically approve the electronic request; rejecting, by the device and notwithstanding that the second credential embedded in the electronic approval is within the set of approver credentials, the electronic approval as invalid in response to a determination that the second credential embedded in the electronic approval matches the first credential; accepting, by the device, the electronic approval as valid, in response to a determination that the second credential is within the set of approver credentials and does not match the first credential; and facilitating an application of the data operation to the data object based on whether the electronic approval is accepted as valid or whether the electronic approval is rejected as invalid, which is grouped within the Methods Of Organizing Human Activity and is similar to the concept of (fundamental economic principles or practices including hedging insurance, mitigating risk) OR (commercial or legal interactions including agreements in the form of contracts, legal obligations, advertising, marketing or sales activities or behaviors business relations) OR (managing personal behavior or relationships or interactions between people including social activities teaching, and following rules or instructions) OR Mental Processes and is similar to the concept of (concepts performed in the human mind (including an observation, evaluation, judgement, opinion) grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 54 (January 7, 2019)). Accordingly, the claims recite an abstract idea (See pages 7, 10, Alice Corporation Pty. Ltd. v. CLS Bank International, et al., US Supreme Court, No. 13-298, June 19, 2014; 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 53-54 (January 7, 2019)).
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 54-55 (January 7, 2019)), the additional element(s) of the claim(s) such as processor, computer readable memory, device merely use(s) a computer as a tool to perform an abstract idea and/or generally link(s) the use of a judicial exception to a particular technological environment. Specifically, the processor, computer readable memory, device, perform(s) the steps or functions of accessing, by a device operatively coupled to a processor, an electronic request and an electronic approval of the electronic request from at least one computing device, wherein the electronic request is issued by a first credential and indicates a data operation to be performed on a data object stored in a data store, and wherein the electronic approval is issued by a second credential, wherein the electronic request includes the data object, the data operation and a timestamp of when the electronic request was made by the first credential and wherein the electronic approval includes the second credential and an approving timestamp of when the electronic approval was issued by the second credential; identifying, by the device, a multi-admin verification rule that protects the data object from the data operation, wherein the multi-admin verification rule is electronically stored and specifies a set of approver credentials that are authorized to electronically approve the electronic request; rejecting, by the device and notwithstanding that the second credential embedded in the electronic approval is within the set of approver credentials, the electronic approval as invalid in response to a determination that the second credential embedded in the electronic approval matches the first credential; accepting, by the device, the electronic approval as valid, in response to a determination that the second credential is within the set of approver credentials and does not match the first credential; and facilitating an application of the data operation to the data object based on whether the electronic approval is accepted as valid or whether the electronic approval is rejected as invalid.. The use of a processor/computer as a tool to implement the abstract idea and/or generally linking the use of the abstract idea to a particular technological environment does not integrate the abstract idea into a practical application because it requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)), the claims do not apply or use the abstract idea to effect a particular treatment or prophylaxis for a disease or medical condition (Vanda Memo), the claims do not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)), the claims do not effect a transformation or reduction of a particular article to a different state or thing (MPEP 2106.05(c)), and the claims do not apply or use the abstract idea in some other meaningful way beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claims do not, for example, purport to improve the functioning of a computer. Nor do they effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under step 2B of the Alice/Mayo test (See 2019 Revised Patent Subject Matter Eligibility Guidance, 84 Fed. Reg. 50, 52, 56 (January 7, 2019)), the additional element(s) of using processor, computer readable memory, device to perform the steps amounts to no more than using a computer or processor to automate and/or implement the abstract idea of multi-admin verification. As discussed above, taking the claim elements separately, the processor, computer readable memory, device, perform(s) the steps or functions of accessing, by a device operatively coupled to a processor, an electronic request and an electronic approval of the electronic request from at least one computing device, wherein the electronic request is issued by a first credential and indicates a data operation to be performed on a data object stored in a data store, and wherein the electronic approval is issued by a second credential, wherein the electronic request includes the data object, the data operation and a timestamp of when the electronic request was made by the first credential and wherein the electronic approval includes the second credential and an approving timestamp of when the electronic approval was issued by the second credential; identifying, by the device, a multi-admin verification rule that protects the data object from the data operation, wherein the multi-admin verification rule is electronically stored and specifies a set of approver credentials that are authorized to electronically approve the electronic request; rejecting, by the device and notwithstanding that the second credential embedded in the electronic approval is within the set of approver credentials, the electronic approval as invalid in response to a determination that the second credential embedded in the electronic approval matches the first credential; accepting, by the device, the electronic approval as valid, in response to a determination that the second credential is within the set of approver credentials and does not match the first credential; and facilitating an application of the data operation to the data object based on whether the electronic approval is accepted as valid or whether the electronic approval is rejected as invalid. These functions correspond to the actions required to perform the abstract idea. Viewed as a whole, the combination of elements recited in the claims merely recite the concept of multi-admin verification. Therefore, the use of these additional elements does no more than employ the computer as a tool to automate and/or implement the abstract idea. The use of a computer or processor to merely automate and/or implement the abstract idea cannot provide significantly more than the abstract idea itself (MPEP 2106.05(I)(A)(f) & (h)). Therefore, the claim is not patent eligible.
Dependent claims 3-8,11-16, and 18-20 further describe the abstract idea of multi-admin verification. The dependent claims do not include additional elements that integrate the abstract idea into a practical application or that provide significantly more than the abstract idea. Therefore, the dependent claims are also not patent eligible.
Response to Arguments
Applicant's arguments filed have been fully considered but they are not persuasive.
The applicant argues that the amended claims are directed to improvement in computer security and improves the functioning of the computer and a technique represents a novel technical solution to computer centric security problem. The is not a mental process or generic rule for approval of data operation and amended claim 1 clearly improves computer functionality and therefore the claims qualify as eligible subject matter.
In response, Although the applicant asserts that the claims improve computer security and computer functionality, the claims do not recite ay specific technological security mechanism, such as cryptography, authentication protocols, secure hardware, on an improvement to how a computer verifies credentials. Instead, the claims simply apply business rule logic to determine whether a requester may approve or execute its own request (e.g. rejecting approvals where the approver credential matches the requester credentials). This is policy based on separation of duty rule, not a technological improvement. The steps of accessing an electronic request, comparing credentials, counting approvals and authorizing or rejecting an execution command are purely logical operations that can be performed mentally or with pen and paper, and do not improve the way the computer itself operates.
The claimed components, such as processor, access, approval execution logic, are purely functional, generic computer elements performing routine data access and comparison. There is no recited unconventional hardware, no new data structures and no improved credential format, and no enhancement to computer ‘s authentication capabilities.
For these reasons the rejection under 35 USC § 101 directed to non-statutory subject matter set forth in this office action is maintained.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SARGON N NANO whose telephone number is (571)272-4007. The examiner can normally be reached 7:30 AM-3:30 PM. M.S.T..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas Taylor can be reached on 571 272 3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SARGON N NANO/Primary Examiner, Art Unit 2443
Prosecution Insights