Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsGoogle LLC › 18059239
Last updated: April 19, 2026
Application No. 18/059,239

Software Defined Community Cloud

Final Rejection §103
Filed
Nov 28, 2022
Examiner
GEE, JASON KAI YIN
Art Unit
2495
Tech Center
2400 — Computer Networks
Assignee
Google LLC
OA Round
4 (Final)
78%
Grant Probability
Favorable
5-6
OA Rounds
3y 1m
To Grant
99%
With Interview

Interview Optional

+22.9% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 752 resolved cases, 2023–2026

Examiner Intelligence

GEE, JASON KAI YIN View full profile →
Grants 78% — above average
78%
Career Allow Rate
584 granted / 752 resolved
+19.7% vs TC avg
Strong +23% interview lift
Without
With
+22.9%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
31 currently pending
Career history
783
Total Applications
across all art units

Statute-Specific Performance

§101
14.5%
-25.5% vs TC avg
§103
43.9%
+3.9% vs TC avg
§102
8.5%
-31.5% vs TC avg
§112
25.9%
-14.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 752 resolved cases

Office Action

§103
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This action is response to communication: response to amendments/arguments filed on 09/23/2025. Claims 1-4, 6, 7, 9-16, 18, 19, and 21-24 are currently pending in this application. Claims 5, 8, 17, and 20 have been cancelled. No new IDS has been filed for this application. Response to Arguments Applicant’s arguments have been fully considered but are not found persuasive. Applicants argue that the references do not teach dynamically defining the zero trust access control policy based on an observable state of an identity of the first requestor, an observable state of the project data, and one or more environmental attributes. However, this would have been obvious over the applied references. As seen in Brannon paragraph 35, access to the resources may be based on compliance rules and further whether the user is allowed to perform particular actions. Compliance rules may include the identity of the user (paragraph 32) and further traits of the user such as age, gender, etc (paragraph 50). The identity of the user and the actions he is allowed to take are examples of an observable state of an identity of the requestor and dynamically define the access policies. Brannon paragraph 32 further teaches that the compliance rules are based on the sensitivey and nature of the resource, which different compliance rules. Further, paragraph 32 teaches time windows for particular content. Such examples dynamically define the access polices based on the project data. Further, as seen in paragraph 32 of Brannon, Brannon teaches compliance rules based on geographic areas. This is an example of dynamically defining the access policies based on environmental attributes. Therefore, as seen in the cited areas, the claimed limitations are obvious over the prior art. See rejection below. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1, 6, 7, 9, 12, 13, 18, 19, 21, and 24 are rejected under 35 U.S.C. 103 as being obvious over Brannon US Patent Application Publication 2014/0201816 (Brannon) in view of Siavoshy et al. US Patent Application Publication 2019/0303546 (Siavoshy), and further in view of Aoki et al. US Patent Application Publication 2004/0260699 (Aoki) As per claim 1, Brannon teaches a method comprising: receiving, by a computer system and from a first request, a first access request requesting access to a first project of a plurality of projects hosed by the distribute computing system (paragraph 68, 69, Figure 4, and throughout with user request to access resources); each project of the plurality of projects comprising respective project data governed by a respective compliance regime (see paragraph 32 and throughout with resources/projects having compliance rules); each respective compliance regime enforcing one or more respective compliance requirements for accessing the respective project data (see paragraph 33, with compliance rules including hardware requirements, device functionality, etc; see also paragraph 32 with compliance including time or geographical); dynamically defining, by the computing system and based on an observable state of an identity of the first requestor, the respective project data, and one or more environmental attributes, a zero trust access control policy (see paragraph 32 with different compliance rules/policy; see paragraph 32, 35, and 50 with compliance rules based on user features, user actions, user attributes, sensitivity of data, time of access, and environmental features such as geographic areas); for each respective compliance requirement of the one or more respective compliance requirements of the first project, determining, by the computing system, whether the first access request satisfies the respective compliance requirement by at least applying the zero trust access control policy to the first access request (see paragraphs 34, 35, and throughout with system determining whether user is in compliance; see paragraph 35 wherein system makes decision to grant or deny the request based on compliance; see also paragraph 67 with determining whether user is in compliance based on request). Brannon further teaches a second access request requesting access to a second project of the plurality of projects; for one of the one or more respective compliance requirements of the second project, determining that the second access request fails to satisfy the one of the more respective compliance requirements; and responsive to determining that the second access request fails to satisfy the one of the one or more respective compliance requirements of the second project, denying the second requestor access to the second project (paragraph 35, 36, and throughout, wherein in the instance a user device does not comply, the resources/projects are denied. Brannon does not explicitly teach a “second requestor” although this would have been obvious, if not inherent. Brannon teaches throughout the reference that there are plurality of users and user devices (see paragraph 18 and 19). Thus, in a system taught by Brannon with an access control management server that provides multiple resources to different users, it would have been obvious to one of ordinary skill in the art, if not inherent, that the access control system would teach granting access or denying access to multiple users based on compliance as a system providing access control should include more than a single user. However, for a further teaching on multiple users accessing a system, see Siavoshy (abstract and throughout with users requesting access to resources). Siavoshy further teaches determining, by the computing system, that the one or more respective compliance requirements of the first project comprises an access justification having a validity, wherein the validity of the access justification is based on an identity of the first requestor (abstract and throughout, with users requesting access to resource; access depends on use cases which are dependent on user’s qualifications to access the resource; further see paragraphs 63-65) At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Siavoshy with Brannon. One of ordinary skill in the art would have been motivated to perform such an addition to provide efficient and sufficient ways for protecting and auditing access to computer resources (paragraph 6 of Siavoshy). Although the Brannon combination teaches access justifications based on an identity of the first requestor, the combination does not explicitly teach whether the access justification corresponds to the requested access to the first project via the first access request. However, checking whether an access request justification corresponds to a requested access of a particular resource would have been obvious (see Aoki paragraph 35, 63, 64, and throughout with access request includes data usage type and business purpose type, and access is granted based on access control rules). At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of the Brannon combination with Aoki. One of ordinary skill in the art would have been motivated to perform such an addition to increase security by providing privacy and high rlieability with a high security level (Aoki paragraph 5). As per claim 6, Brannon teaches wherein the zero trust access control policy requires each access request comprise: two-factor rauthentication (see paragraph 50 with username/password; see also paragraph 51 with management identifier required to gain access as well, which may require combinations of string, word, certificate, tokens, etc) As per claim 7, Brannon teaches wherein determining that the first access request satisfies the respective compliance requirement comprises determining that the access justification of the first access request is a valid justification for the requested access (see paragraph 50 with user data which may include access levels, roles, policy groups, etc; see paragraph 35 wherein compliance may be based on user data such as those taught in paragraph 50). As per claim 9, Brannon teaches wherein the distributed computing system provides a community cloud environment for the first request and the second requestor (paragraph 24 and throughout with resource server over cloud based providers; see paragraph 29 with cloud-based solutions). As per claim 12, Brannon teaches wherein each respective compliance regime specifies at least one of: a geographical region for storage of the respective project data; an encryption requirement for the respective project data; or a usage requirement constraining use of the respective project data (see paragraph 32 with compliance rules including resource/project restricted to use during certain times and geographical areas). Claim 13 is rejected using the same basis of arguments used to reject claim 1 above. Claim 18 is rejected using the same basis of arguments used to reject claim 6 above. Claim 19 is rejected using the same basis of arguments used to reject claim 7 above. Claim 21 is rejected using the same basis of arguments used to reject claim 9 above. Claim 24 is rejected using the same basis of arguments used to reject claim 12 above. Claim(s) 2-4, 10, 11, 14-16, 22, and 23 are rejected under 35 U.S.C. 103 as being obvious over the Brannon combination as applied above, and further in view of Astete et al. US Patent Application Publication 2009/0288084 (Astete) As per claim 2, the Brannon combination does not explicitly teach wherein each project comprises a plurality of infrastructure primitives, each infrastructure primitive representing an atomic unit of capacity of the distributed computing system. However, this would have been obvious. For example, see Astete (abstract, paragraph 54, and throughout with access control for each MTVMI environment; see also paragraph 33 and 46). At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Brannon with Astete. One of ordinary skill in the art would have been motivated to perform such an addition to provide more security and efficiency by providing adequately isolated or independent network services or storage services for users (paragraph 9). As per claim 3, the Brannon combination teaches wherein each infrastructure primitive comprises one of: a virtual machine; a persistent storage disk; or a storage bucket (see Astete abstract, paragraph 33, 54 and throughout with access to different virtual machines, or also establishing access control to storage space of different users). As per claim 4, the Brannon combination teaches wherein each project of the plurality of projects is isolated from the infrastructure primivites of each other project (obvious over Astete; see paragraph 9 of system providing isolated services for virtual machines; paragraph 33, 40, and throughout with isolation of network services for some or all of its tenants). As per claim 10, it would have been obvious wherein the first request comprises a first user of a first organization and the second requestor comprises a second user of a second organization different from the first organization (see throughout Brannon with resource server over a cloud network; it would have been obvious that users may come from other organizations; see paragraph 19 wherein access is to at least one enterprise, which implies there are more than one). However, for a further teaching on a cloud network with different users from different organizations, see Astete (paragraph 33 wherein MTVMI utilizies multipole tenants, with each tenant being a single company). At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Brannon with Astete. One of ordinary skill in the art would have been motivated to perform such an addition to provide more security and efficiency by providing adequately isolated or independent network services or storage services for users (paragraph 9). As per claim 11, it would have been obvious wherein the first requestor is an administrator of the first project (Brannon paragraph 23 teaches an administrator; see paragraph 83 with enterprise/employee and wherein am employee of the IT team may be an administrator; obvious to one of ordinary skill in the art that a member of an IT team will need to access resoruces and request documents). However, for a further teaching on users being administrators, see paragraph 38 (users may have administrative privileges). At the time the invention was filed, it would have been obvious to one of ordinary skill in the art to combine the teachings of Brannon with Astete. One of ordinary skill in the art would have been motivated to perform such an addition to provide more security and efficiency by providing adequately isolated or independent network services or storage services for users (paragraph 9). Claim 14 is rejected using the same basis of arguments used to reject claim 2 above. Claim 15 is rejected using the same basis of arguments used to reject claim 3 above. Claim 16 is rejected using the same basis of arguments used to reject claim 4 above. Claim 22 is rejected using the same basis of arguments used to reject claim 10 above. Claim 23 is rejected using the same basis of arguments used to reject claim 11 above. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JASON KAI YIN GEE whose telephone number is (571)272-6431. The examiner can normally be reached on Monda-Friday 8:30-5:00 PST Pacific. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /JASON K GEE/Primary Examiner, Art Unit 2495
Read full office action

Prosecution Timeline

Nov 28, 2022
Application Filed
Sep 20, 2024
Non-Final Rejection — §103
Nov 26, 2024
Response Filed
Jan 21, 2025
Final Rejection — §103
Mar 21, 2025
Interview Requested
Mar 31, 2025
Applicant Interview (Telephonic)
Apr 16, 2025
Request for Continued Examination
Apr 18, 2025
Examiner Interview Summary
Apr 24, 2025
Response after Non-Final Action
Jun 24, 2025
Non-Final Rejection — §103
Sep 01, 2025
Interview Requested
Sep 10, 2025
Applicant Interview (Telephonic)
Sep 10, 2025
Examiner Interview Summary
Sep 23, 2025
Response Filed
Oct 08, 2025
Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/684,996
Patent 12591697
PRIVACY SENSITIVE ESTIMATION OF DIGITAL RESOURCE ACCESS FREQUENCY
2y 5m to grant Granted Mar 31, 2026
18/626,234
Patent 12585479
ANALYTICS SEARCH ON WORKSPACE CONTENT
2y 5m to grant Granted Mar 24, 2026
18/464,985
Patent 12563019
LOW-OBSERVABLE ENCRYPTION DEVICE FOR FACILITATING COMMUNICATIONS
2y 5m to grant Granted Feb 24, 2026
18/520,919
Patent 12561475
PROTECTING MEMBERSHIP FOR SECURE COMPUTATION AND COMMUNICATION
2y 5m to grant Granted Feb 24, 2026
18/521,480
Patent 12547698
HOST-DEVICE INTERFACE FOR DEBUG AUTHENTICATION
2y 5m to grant Granted Feb 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

5-6
Expected OA Rounds
78%
Grant Probability
99%
With Interview (+22.9%)
3y 1m
Median Time to Grant
High
PTA Risk
Based on 752 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month