DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. Responsive to the communication dated 12/27/2022. Claims 1 – 6 are presented for examination. Priority The earliest claimed priority in the ADS dated 12/27/2022 is to a CIP dated 12/31/2015. Information Disclosure Statement IDS dated 12/17/2022 has been reviewed. See attached. Drawings The drawings dated 12/27/2022 has been reviewed. They are accepted. Specification The abstract dated 12/27/2022 has 46 words, 4 lines, and no legal phraseology. The abstract is accepted. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.— The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claim s 1 – 6 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 1 recites limitation s of " the memory” and “the processor” and “the computing device” and “the internal network” . There is insufficient antecedent basis for th ese limitation s in the claim. Additionally, the claim recites “the data comprising” however it is unclear as to whether “the data” is referring to previously recited “received authentication data” or “receive data”. Claim 4 recites limitations of “the internal network” but there is insufficient antecedent basis for this limitation in the claim. Additionally, the claim recites “the data comprising” however it is unclear as to whether “the data” is referring to previously recited “received authentication data” or “receive data”. Claims 2, 3, 5, and 6 are rejected due to their dependence from rejected claims 1 and 4. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim s 1 - 6 are rejected under 35 U.S.C. 103 as being unpatentable over Hofmann_2012 (US 8,316,422 B2) in view of Active_Directory_2015 (Download from Wikipedia Archive dated 11/24/2015) in view of Badger_2012 (Cloud Computing Synopsis and Recommendations, Recommendations of the National Institute of Standards and Technology, U.S. Department of Commerce, Special Publication 800-146, May 2012). Claim 1. Hofmann_2012 makes obvious “ A system for midserver facilitation of cross-boundary single sign on ( abstract: “a system may include… an intermediary component… the intermediary component may receive the first authentication data and secondary authentication data… perform authentication…”; FIG. 1 “intermediary component” COL 2 lines 27 – 35: “… authentication data 112 may identify a principal use r under whom sender 110 is executing. Intermediary component 120 may therefore transmit authentication data 112 to receiver 130 in order to log the principal user into receiver 130…”) , comprising: a midserver comprising a first plurality of programming instructions stored in the memory and operating on the processor, wherein the first plurality of programming instructions, when operating on the processor, cause the computing device to: ( COL 3 lines 33 – 50: “… intermediary component 120 executes program code to perform process 200… embodied in a processor-executable program code read from one or more of a computer-readable medium…”; COL 6 lines 20 – 24: “… FIG. 4 executes program code to perform process 500…”; COL 7 lines 58 – 60: “… an intermediary component that includes a process to execute program code…”) Receive authentication data for a user (FIG. 1: auth. Data 1, 2; FIG. 2: “receive first authentication data...”; FIG. 4: Auth Data, certificate) ; r eceive data from a plurality of computing devices on the internal network, the data comprising at least an interaction associated with the user (COL 1 lines 23 – 35: “… the message may include serve data on which the receiver is to perform a service as well as authentication data identifying a user… the receiver executes code under the user to perform the service on the service data…”) ; p rocess the received data to produce a single output data stream with the authentication data attached ( FIG. 1 items 112 output from the intermediary component to the receiver computer; FIG. 2 S230: “transmit the first authentication data to a receiver computing system” ; FIG. 4 message 460 sent to the receiver computer; FIG. 5 : S545 “include the second assertion in the processed message” S550 “transmit processed message and second assertion to a receiver computing system” ) ; a nd s ecurely transmit the output data stream to an external resource ” ( COL 2 lines 40 – 55: “… username/password… a signature and associated X.509 certificate, and a signed assertion (e.g., an SAP logon ticket, a Security Assertion Markup Language assertion…” ; COL 5 20 – 25: “… operate in conjunction with certificate attester 440 to provide system 410 with the ability to secure messages using digital signatures and attester certificates…” EXAMINER NOTE: the transmission of message 460 also has a certificate attester 426 to provide system 430 with the ability to secure messages using digital signatures and attester certificates. Accordingly, the messages are securely transmitted. ). While Hofmann_2012 teaches to log onto a receiving computer system and while this may properly imply “single” sign on, Hofmann_2012 does not explicitly recite “single sign on.” Also, Hofmann_2012 does not explicitly illustrate “a plurality of” computing devices. Active_Directory_2015 , however, makes obvious “single sign on” ( page 2: “ Active Directory Domain Services (AD DS) is the cornerstone of every Windows domain network… the server (or the cluster of servers) running this service is called a domain controller … Active Directory Certificates (AD CS) establishes an on-premises public infrastructure. It can create, validate and revoke public key certificates … these certificates can be used to encrypt files (when used with Encrypting File systems… when used by virtual private networks … AD CS predates Windows 2008… AD CS requires an AD DS infrastructure… Active Directory Federation Services (AD FS) is a single sign-on service … AD FS’s purpose is an extension of that of AD DS … AD FS requires an AD DS infrastructure …” EXAMINER NOTE: the above citation explicitly teaches to have single sign-on service so that user don’t need to have dedicated credentials for each individual service and that this can be done by AD FS which is an extension of AD DS which requires AD DS and AD DS runs on a domain controller and is “the cornerstone of Windows Operating System predating Windows OS 2008. EXAMINER NOTE: the above also teaches the AD CS encrypts files and virtual private network links and accordingly secures the data/link making data transmission secure .) Hofmann_2012 and Active_Directory_2015 are analogous art because they are from the same field of endeavor called computers/interconnected computers/computer log-on. Before the effective filing date, it would have been obvious to a person of ordinary skill in the art to combine Hofmann_2012 and Active_Directory_2015. The rationale for doing so would have been that Hofmann_2012 teaches to use certificates to authenticate users when sending data between computer systems. Active_Directory_2015 teaches that it has been known in the art predating 2008 to use Domain Servers running Active Directory Domain Services (AD DS) to provide certificates to secure data/networks /log-on through AD CS which can also be extended to provide single sign-on by using AD FS and that doing these things (1) secures the network/data/user rights and (2) enables users to authenticate for multiple devices/services using only one set of credentials rather than being required to have dedicated set of credentials for each device/service. Therefore, it would have been obvious to combine Hofmann_2012 and Active_Directory_2015 for the benefit of (1) secures the network/data/user rights and (2) enables users to authenticate for multiple devices/services using only one set of credentials rather than being required to have dedicated set of credentials for each device/service to obtain the invention as specified in the claims. Hofmann_2012 and Active_Directory_2015 does not explicitly illustrate a “plurality” of computing devices. Badger_2012, however, makes obvious a “plurality” of computing devices ( Figure 4: Outsourced Privat Cloud Figure 5: “On-site Community Cloud”; Figure 6: “Outsourced Community Cloud”; Figure 8: “hybrid Cloud” ). Badger_2012 also makes obvious to “ securely transmit the output data stream to an external resource” ( page 19: “… the consumers, being clients need a working and secure network to access a cloud … access the cloud from on-site consumer-managed client systems that must be maintained, secure, etc …”; page 20: “… security permitter… can be used, for instance, to describe the boundaries between different privilege levels… perimeter controls are important building blocks for secure s ystems . Typical boundary controller include … virtual private network s…”; page 38: “… necessary to connect consumer browsers securely to the network …”). Hofmann_2012 and Badger_2012 are analogous art because they are from the same field of endeavor called computer. Before the effective filing date, it would have been obvious to a person of ordinary skill in the art to combine Hofmann_2012 and Badger_2012. The rationale for doing so would have been that Hofmann_2012 teaches to use an intermediary authenticate and establish a connection between a sending and receiving computer. Badger_2012 teaches for sending and receiving computers to establish a communication channel that requires user authentication. Therefore, it would have been obvious to combine Hofmann_2012 and Badger_2012 for the benefit of establishing user authentication when establishing communication between computer when the computers include multiple computer in, for example, a cloud computing service and an organization accessing the data/services of the cloud computing service to obtain the invention as specified in the claims. Claim 4. The limitations of claim 4 are substantially the same as those of claim 1 and are therefore rejected due to the same reasons as outlined above for claim 1. Additionally, Badger_2012 makes obvious the additional limitations of “ A method for ingestion of data into a cloud-based service from an external network comprising the steps of ” ( Figure 4: Outsourced Private Cloud Figure 6: Outsourced Community Cloud; Figure 8: Hybrid Cloud ). Claim 2, 5. Active_Directory_2015 makes obvious “ wherein the authentication data is received from a domain controller ” ( page 2: “ Active Directory Domain Services (AD DS) is the cornerstone of every Windows domain network… the server (or the cluster of servers) running this service is called a domain controller … Active Directory Certificates (AD CS) establishes an on-premises public infrastructure. It can create, validate and revoke public key certificates … these certificates can be used to encrypt files (when used with Encrypting File systems… when used by virtual private networks … AD CS predates Windows 2008… AD CS requires an AD DS infrastructure… Active Directory Federation Services (AD FS) is a single sign-on service … AD FS’s purpose is an extension of that of AD DS … AD FS requires an AD DS infrastructure …”). Claim 3, 6. Badger_2012 makes obvious “ wherein the authentication data is received from a third-party service ” ( page 55 : “… establishment of a secure session with IaaS cloud provider resources, the onus for verifying the identity of the provider’s Web site still rests with the consumer through means, e.g., c hecking with a third party credential service …” page 71: “… account management controls for privileged user in an IaaS cloud… the consumer’s organization is often fully responsible for managing the accounts, unless the consumer outsources the responsibility to a third-party ID management broker …” EXAMINER NOTE: Hofmann_2012 teaches to verify identity by receiving authentication data such as certificates during establishment of a session with a receiving computer. Badger_2012 teaches that when establishing a session with a receiving computer in a cloud that a third-party ID management broker or third-party credentialling service may be used. Therefore, it would have been obvious to use a third party service to obtain authentication data such as certificates when establishing a connection with a cloud computing system.). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to FILLIN "Examiner name" \* MERGEFORMAT BRIAN S COOK whose telephone number is FILLIN "Phone number" \* MERGEFORMAT (571)272-4276 . The examiner can normally be reached FILLIN "Work Schedule?" \* MERGEFORMAT 8:00 AM - 5:00 PM . Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FILLIN "SPE Name?" \* MERGEFORMAT Emerson Puente can be reached at FILLIN "SPE Phone?" \* MERGEFORMAT 571-272-3652 . The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /BRIAN S COOK/ Primary Examiner, Art Unit 2187