Prosecution Insights
Last updated: July 17, 2026
Application No. 18/376,789

OWNER-MANAGED PASSWORD BASED FILE ACCESS

Non-Final OA §103
Filed
Oct 04, 2023
Examiner
DHAKAD, RUPALI
Art Unit
2437
Tech Center
2400 — Computer Networks
Assignee
Bank of America Corporation
OA Round
3 (Non-Final)
37%
Grant Probability
At Risk
3-4
OA Rounds
7m
Est. Remaining
67%
With Interview

Examiner Intelligence

Grants only 37% of cases
37%
Career Allowance Rate
13 granted / 35 resolved
-20.9% vs TC avg
Strong +30% interview lift
Without
With
+30.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
27 currently pending
Career history
74
Total Applications
across all art units

Statute-Specific Performance

§101
0.8%
-39.2% vs TC avg
§103
94.0%
+54.0% vs TC avg
§102
3.8%
-36.2% vs TC avg
§112
1.1%
-38.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 35 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Response to Arguments Applicant’s arguments, with respect to the rejection(s) of claim(s) 1-8 and 11-18 under 35 U.S.C. § 103, have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of newly found prior art. Applicant’s arguments, see page 10-11, filed 09/22/2025, with respect to claim 1 and 11 have been fully considered and are persuasive. The Claim Rejections under 35 USC § 112(b) of 06/20/2025 has been withdrawn. Claims 1, 4, 11, 14, are amended. Claims 1-20 are pending. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-8 and 11-18 are rejected under 35 U.S.C. 103 as being unpatentable over Sinha et al. (U. S. Pat. No. 9,773, 119 B2) (hereinafter “Sinha”) in view of Childress et al. (U.S. PGPub. No. 2008/0320574 A1) (hereinafter “Childress”); and further in view of Alain et al. (U. S. Pat. No. 7,729,995 B1) (hereinafter “Alain”); and in further view of Thomas (U. S. PGPub. No. 2009/0025063 A1) (hereinafter “Thomas”) and Tardo et al. (U. S. PGPub. No. 2008/0072280 A1) (hereinafter “Tardo”). Regarding Claim 1, Sinha teaches: configuring the file with a password accessible security setting (Sinha: [Col 1, lines 16-22], Existing solutions allow entire documents to be protected using a password or other authentication. If a user knows the password, he or she is provided access to the document. Users who do not have the knowledge of the password cannot view the document unless the password protection is removed from the document or if the password is supplied. [Col 11, lines 62-67], (43) In a second alternative use case, the electronic document as a whole may be password-protected for initial accessing. In addition to the entire document being password-protected, specific sections of the document may be more sensitive, such that section-specific password(s) as described above may be required to access those specific sections); locking access to the file using the password accessible security setting (Sinha: [Col 11, lines 53-67], (38) For electronic documents where one or more passwords have been applied, upon reopening users may be prompted for a password corresponding to at least one protected section of the document. If the correct password (e.g., np1) is not supplied, only the publicly accessible data, if any, is displayed. Other sections may be shown, for example, as “Protected (=locking)” or “Not Accessible (=locking).” In alternative implementations, indications of protected or not accessible sections may be indicated in other visual, auditory, or other means. For example, a warning icon can be shown or the area may be blurred or otherwise obfuscated. In some instances, information providing a general description of the protected data may be provided, which can allow interested users to seek out and obtain the password for viewing the protected sections). designating a first password as one of a plurality of unlock passwords (Sinha: [Col 11, lines 29-38], After the user selects box 320, a new pop-up box 330 or other suitable entry prompt is presented, providing the user with the option to enter a particular password name (e.g. np1) and corresponding password value. Once the value is entered and the password is submitted, the application generates a key (e.g., K1) from the password using a suitable key generation mechanism and encrypts the section using the generated key. Corresponding entries in the security metadata associated with the electronic document can be updated); Sinha does not explicitly teach: communicating the first password to a first group of users; providing a prompt, to unauthenticated users, to input one of the unlock passwords upon an initial request to access the file; providing access to the file in response to inputting one of the unlock passwords in the prompt; authenticating each unauthenticated user that inputs one of the unlock passwords in the prompt; deactivating the first password as one of the unlock passwords in response to the authentication of every user in the first group of users; designating a second password as one of the unlock passwords in response to the deactivation of the first password; and each user that meets the predetermined condition is prompted to input one of the unlock passwords that corresponds to the second password upon a subsequent request to access the file. However in an analogous art, Childress teaches: communicating the first password to a first group of users (Childress: [0010] An object of the present invention is to better control distribution of group passwords to authorized users [0022] With the foregoing system and process, each administrator/user can acquire the current group password when needed) providing a prompt, to unauthenticated users, to input one of the unlock passwords upon an initial request to access the file (Childress 2008/0320574 A1): [0019], The user then attempts to log on to the production server 40a (or other computers) with the Group ID and corresponding group password (step 140). providing access to the file in response to inputting one of the unlock passwords in the prompt (Childress: [0019], In response, password authentication and authorization program 141a in the production server 40a determines based on table 39a if the combination of GroupID and group password (=unlock password) are valid. i.e. is the user authentic (decision 150). If so (decision 150, yes branch), then the user requests access to the sensitive file (step 152). authenticating each unauthenticated user that inputs one of the unlock passwords in the prompt (Childress: [0019], The user then attempts to log on to the production server 40a (or other computers) with the Group ID and corresponding group password (step 140). In response, password authentication and authorization program 141a in the production server 40a determines based on table 39a if the combination of GroupID and group password are valid. i.e. is the user authentic (decision 150). If so (decision 150, yes branch), then the user requests access to the sensitive file (step 152). deactivating the first password as one of the unlock passwords (Childress: [0019], The security compliance officer or network administrator changes the group password at authentication server 20 by invoking the password management program 30 and supplying the soon-to-expire group password (=deactivation of first password) and GroupID for authentication of the security compliance officer or network administrator as well as the new group password for the same GroupID….) in response to the authentication of every user in the first group of users (Childress: [0019], the password management program 30 in authentication server 20 determines if the individual UserID is authorized to receive the group password for the GroupID by reference to an access list 34 (=list of previously authenticated user)(decision 120). designating a second password as one of the unlock passwords in response to the deactivation of the first password (Childress: [0016], Password management program 30 can periodically generate the new password automatically or periodically prompt an authorized user (such as an administrator or network security compliance officer) to enter a new group password (=second password). and each user that meets the predetermined condition (Childress: [0009], in the case of a group User ID and group password, typically one person in the group (a "super administrator") changes the group password periodically (by furnishing the current or expired password for authentication) as required by the security policy) is prompted to input one of the unlock passwords that corresponds to the second password upon a subsequent request to access the file (Childress: [0019], The security compliance officer or network administrator changes the group password at authentication server 20 by invoking the password management program 30 and supplying the soon-to-expire group password and GroupID for authentication of the security compliance officer or network administrator as well as the new group password for the same GroupID. Periodically, each production server 40a,b,c,d (or other computer) allowing access by a Group ID to a respective sensitive file such as file 48a requests from the authentication server 20 the current group password for the Group ID (step 102). Alternately, whenever the security compliance officer or network administrator at the authentication server 20 changes the group password for the Group ID (or the authentication server automatically changes the group password for the GroupID) the authentication server 20 sends the group password for the Group ID to each production server (or other computer) 40a,b,c,d allowing access to the respective sensitive files in production servers 40a,b,c,d based on the Group ID and corresponding group password (step 102). It would be obvious to a person having ordinary skill in the art, before the effective filing date of the invention, to modify Sinha’s method of securing the documents applying passwords to the entire document or to the section of the document by applying Childress of obtaining new group password by periodically changing the previous group password upon expiring the previous group password, in order to fulfill the security compliance requirement. The motivation to distribution of group passwords to authorized users (Childress: [0010]) The Sinha in view of Childress doesn’t explicitly disclose: removing the authentication from a user in response to the user meeting a predetermined condition; wherein: authenticated users are provided access to the file upon a subsequent request to access the file, without providing the prompt to the authenticated user; However, in an analogous art, Alain disclose: and removing the authentication from a user in response to the user meeting a predetermined condition (Alain: [Col 19, lines 24-28], In operation, once a user has been authenticated to access a secured document, authentication of the user would not be required. Also, once the user is authenticated, he/she can access other secured documents without being authenticated again as well). wherein: authenticated users are provided access to the file upon a subsequent request to access the file, without providing the prompt to the authenticated user (Alain: [Col 19, lines 24-28], In operation, once a user has been authenticated to access a secured document, authentication of the user would not be required. Also, once the user is authenticated, he/she can access other secured documents without being authenticated again as well). [Col 19, lines 38-41], Once the user is authenticated, a user key associated with the user can be activated or authenticated. The user can now use the client machine and subsequently access secured documents. [Col 32, lines 27-35], In general, the specific time is manually entered or selected while the user's identity is automatically entered since the user typically has been previously authenticated and the client machine has the user's identity); the removing the authentication comprising preventing the user from accessing the file (Alain: [Col 3, lines [Col 1, lines 61-66], it has been reported that many unauthorized accesses to proprietary information occur from the inside, as opposed to from the outside. An example of someone gaining unauthorized access from the inside is when restricted or proprietary information is accessed by someone within an organization who is not supposed to do so), A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress by applying the well-known technique as disclosed by Alain of restricting unauthorized access to the sensitive documents in order to protect digital assets. The motivation is to protecting data in an enterprise environment and prevent improper access and usage by unauthorized users within or outside a supposedly protected perimeter (Alain: [Col 2, lines 3-5]). Sinha in view of Childress and Alain does not explicitly disclose; the predetermined condition comprising a change in a clearance level of the user and an elapse of a second predetermined time period from the authentication of the user, However in an analogous art, Thomas teaches: the predetermined condition comprising a change in a clearance level of the user (Thomas: [0070], Another advantage of "lazy unlocking" is that in the event of a sudden change to the user's role status (=change in clearance level), the keytable service could end the session immediately as a way of revoking the user's privileges on the document in real time.) and an elapse of a second predetermined time period from the authentication of the user (Thomas: [0045] 4. Ability for the author to specify a session-based time-to-live value for redacted content during a viewing session. For example, the author may decide that a given piece of redacted content, once unlocked, should remain unlocked for no more than 30 minutes at a time, such that if the viewer of the document leaves his desk (to go to lunch, say) without closing the document, the restricted content "times out" and reverts to its fully redacted appearance. [0071] J. If any redaction was given (by its author) a time-to-live value, e.g., FIG. 10, the client-side logic will enforce that constraint by reverting "timed out" content to the fully redacted state upon reaching the expiration limit). A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress and Alain by applying the well-known technique as disclosed by Thomas of presenting fully-redacted states of sensitive document upon reaching the expiration limit/timeout and based on change in user-role status. The motivation is to authoring and accessing redacted content based on user roles (Thomas: [0001]). The Sinha in view of Childress, Alain and Thomas does not explicitly disclose: wherein the user is not a member of the first group of users. However, in an analogous art, Tardo teaches: wherein the user is not a member of the first group of users (Tardo: (2008/0072280 A1): [0079], In step E.4 access to the secondary endpoints 12 are programmed to deny access to the functionality (=[0018], The term "functionality" is defined herein as an aspect, capability of a accessing secure asset.…[0003] These assets include, information technology applications, software structures, programs, and databases) of the first endpoint 10 by any secondary endpoint 12 whose user is not identified as a member of the first user group); A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress, Alain and Thomas by applying the well-known technique as disclosed by Tardo of denying access to the functionality of the first endpoint by any secondary endpoint whose user is not identified as a member of the first user group. The motivation is to securely protect and these accessible assets from damage, misuse and unauthorized access while enabling accessibility these same assets to authorized users under preferred terms and conditions of service and use (Tardo: [0003]). Regarding Claim 2, Sinha in view of Childress, Alain, Thomas and Tardo teaches: The method of claim 1 (see rejection of claim 1 above), wherein the prompt further includes a first prompt to input one of the unlock passwords (Childress 2008/0320574 A1): [0019], The user then attempts to log on to the production server 40a (or other computers) with the Group ID and corresponding group password (step 140). and a second prompt to input a unique identifier (Alain: [Col 25, lines 19-27], the user may login (=login screen =second prompt) to enter on any time from a client machine when he/she needs to access a secured document. When such contact does happen, the server will receive the credential information from the user to ensure that the user is who he/she claims to be. After the user is authenticated, the new keys are encrypted with the credential information at 524.), the unique identifier is an email identity, a phone number identity, an enterprise network identity, a biometric identifier or personal identifiable information (Alain: [Col 25, lines 19-27], The credential information is provided by the user when requesting for authentication and may include a set of username and password or a biometric feature (e.g., a fingerprint) of the user. [Col 13, lines 51-55], The security information block 226 includes one or more user IDs 228, access rules 229, at least one file key 230 and other information 231. The user IDs 228 maintain a list of authorized users who may be measured against by the access rules 229 before the file key 230 can be retrieved. The access rules 229 determine at least who and how the encrypted document 224 can be accessed). A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress by applying the well-known technique as disclosed by Alain of receiving credential information from the user. The motivation is to protecting data in an enterprise environment and prevent improper access and usage by unauthorized users within or outside a supposedly protected perimeter (Alian: [Col 2, lines 3-5]). Regarding Claim 3, Sinha in view of Childress and Alain teaches: The method of claim 2 (see rejection of claim 2 above), wherein the authenticating further comprises (Alain: [Col 28, lines 9-17], (151) FIG. 6A shows a flowchart of a user authentication process 600 that may be implemented in the central server 500 or the local server 570. As described above, there are at least two situations that will call upon the process 600--initial login to a networked client machine and first access to a secured document. When either of these situations happens, a client module in the client machine initiates a request that is transmitted to a server running a module providing the access control management to start the process 600): recording the unique identifier input in the second prompt by each unauthenticated user attempting to access the file (Alain: [Col 28, lines 37, the credential information may be a set of username and password or biometric information of the user and must be received from the user at 608 before the authentication may proceed forward); and placing the unique identifier, in response to the user associated with the unique identifier inputting the unlock password in the first prompt, in a list of authenticated users stored with the file (Alain: [Col 13, lines 49-59], The security information block 226 includes one or more user IDs (=unique identifier) 228, access rules 229, at least one file key 230 and other information 231. The user IDs 228 maintain a list of authorized users who may be measured against by the access rules 229 before the file key 230 can be retrieved. The access rules 229 determine at least who and how the encrypted document 224 can be accessed. Depending on an implementation, the other information 231 may be used to include other information facilitating a secure access to the encrypted document 224, the example may include version numbers or author identifier A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress by applying the well-known technique as disclosed by Alain of maintaining a list of authenticated users corresponds with user’s ID in order to determine at least who and how the encrypted document can be accessed. The motivation is to protecting data in an enterprise environment and prevent improper access and usage by unauthorized users within or outside a supposedly protected perimeter (Alain: [Col 2, lines 3-5]). Regarding Claim 4, Sinha in view of Childress, Alain, Thomas and Tardo teaches: The method of claim 1 (see rejection of claim 1 above), wherein the predetermined condition includes at least one of the following an elapse of a first predetermined time period from the deactivation of the first password (Alain: [Col 4, lines 30-38], According to one embodiment, the AC server may provide amended or tentative access rules, access privileges or a user key that will automatically expire (=deactivation) when a predetermined time ends (=elapse of a predetermined time) or become invalid the next time the client machine is connected to the AC server. As a result, the user can access some or all the secured documents in the client machine and, at the same time, create secured documents, all accessed or secured with the tentative access rules, access privileges or the user key); A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress by applying the well-known technique as disclosed by Alain of a user security key is automatically expired when a predetermined time ends. The motivation is to protecting data in an enterprise environment and prevent improper access and usage by unauthorized users within or outside a supposedly protected perimeter (Alain: [Col 2, lines 3-5]). Regarding Claim 5, Sinha in view of Childress, Alain, Thomas and Tardo teaches: The method of claim 1 (see rejection of claim 1 above), generating an alert in response to the authentication of each unauthenticated user (Alain: [Col 21, lines 33-40], At 466, the access rules are compared to (or measured against) the access privileges associated with the user. If the measurement fails, which means that the user is not permitted to access this particular document, a notification or alert message may be generated by the DSM module to be displayed to the user at 467. Alternatively, the application itself can display an alerting message when it fails to open the selected document. [Col 28, lines 49-54], If the match fails, namely the user is unauthorized, the process 600 goes back to the beginning to continue waiting for a request. In other words, the current request to access the secured documents or login to the system is abandoned). A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress by applying the well-known technique as disclosed by Alain of generating a alert message if authentication of the user fails. The motivation is to protecting data in an enterprise environment and prevent improper access and usage by unauthorized users within or outside a supposedly protected perimeter (Alain: [Col 2, lines 3-5]). Regarding Claim 6, Sinha in view of Childress, Alain, Thomas and Tardo teaches: The method of claim 1 (see rejection of claim 1 above), wherein the file can be accessed through the cloud, a local network or a local hard drive (Sinha: [Col 6, lines 52-56], In some instances, one or more of the illustrated components may be included within network 140 as one or more cloud-based services (=cloud network) or operations…. In some instances, a portion of the network 140 may be a virtual private network (VPN)). [Col 7, lines 2-6], he network 140 may also include one or more local area networks (LANs)(=local network), radio access networks (RANs), metropolitan area networks (MANs), wide area networks (WANs), all or a portion of the Internet, and/or any other communication system or systems at one or more locations). Regarding Claim 7, Sinha in view of Childress, Alain, Thomas and Tardo teaches: The method of claim 2 (see rejection of claim 2 above), wherein the designating the first password further comprises: designating a third password as one of the unlock passwords (Sinha [Col 4, lines 46-52], an electronic document (whether sensitive as a whole or not) may include two or more sensitive sections, where different sections are viewable by different users by using different passwords. A fourth use case involves the application of hierarchical sensitivity levels. In this use case, an electronic document may include multiple levels of passwords for different users. [Col 14, lines 3-6], four named passwords (np1, np2, np3, and np4…) are created, with their associated passwords (P1, P2, P3, and P4…) being distributed to groups G1, G2, G3, and G4 in a suitable manner. [Col 12, lines53-54], the bottom-left quadrant 520 can be protected with a third password); designating a fourth password as one of the unlock passwords (Sinha: [Col 4, lines 46-52], an electronic document (whether sensitive as a whole or not) may include two or more sensitive sections, where different sections are viewable by different users by using different passwords. A fourth use case involves the application of hierarchical sensitivity levels. In this use case, an electronic document may include multiple levels of passwords for different users. [Col 12, lines 54-55], the bottom-right quadrant 525 can be protected with a fourth password); designating a fifth password as one of the unlock passwords (Sinha: [Col 4, lines 46-52], an electronic document (whether sensitive as a whole or not) may include two or more sensitive sections, where different sections are viewable by different users by using different passwords. A fourth use case involves the application of hierarchical sensitivity levels. In this use case, an electronic document may include multiple levels of passwords for different users. (Sinha [Col 14, lines 3-6], four named passwords (np1, np2, np3, and np4…) are created, with their associated passwords (P1, P2, P3, and P4…) being distributed to groups G1, G2, G3, and G4 in a suitable manner.); and designating a sixth password as one of the unlock passwords (Sinha: [Col 4, lines 46-52], an electronic document (whether sensitive as a whole or not) may include two or more sensitive sections, where different sections are viewable by different users by using different passwords. A fourth use case involves the application of hierarchical sensitivity levels. In this use case, an electronic document may include multiple levels of passwords for different users. [Col 14, lines 3-6], (57) As in previous example, four named passwords (np1, np2, np3, and np4…) are created, with their associated passwords (P1, P2, P3, and P4…) being distributed to groups G1, G2, G3, and G4 …in a suitable manner) Regarding Claim 8, Sinha in view of Childress, Alain, Thomas and Tardo teaches: The method of claim 7 (see rejection of claim 7 above), wherein the communicating the first password comprises: communicating the third password to a second group of users (Sinha: [Col 10, lines 1-3], the defined password P1 can be distributed (=communicating) to individuals in a defined group (e.g., G1) through an external means (e.g., email, messaging, verbally, etc.), as the password is not stored in the document); communicating the fourth password to a third group of users (Sinha: [Col 14, lines 3-6], (57) As in previous example, four named passwords (np1, np2, np3, and np4) are created, with their associated passwords (P1, P2, P3, and P4) being distributed (=communicating) to groups G1, G2, G3, and G4 in a suitable manner. [Col 10, lines 1-3], the defined password P1 can be distributed (=communicating) to individuals in a defined group (e.g., G1) through an external means (e.g., email, messaging, verbally, etc.), as the password is not stored in the document); communicating the fifth password to a fourth group of users (Sinha: [Col 14, lines 3-6], (57) As in previous example, four named passwords (np1, np2, np3, and np4) are created, with their associated passwords (P1, P2, P3, and P4) being distributed to groups G1, G2, G3, and G4 in a suitable manner. [Col 10, lines 1-3], the defined password P1 can be distributed (=communicating) to individuals in a defined group (e.g., G1) through an external means (e.g., email, messaging, verbally, etc.), as the password is not stored in the document); and communicating the sixth password to a fifth group of users (Sinha: [Col 14, lines 3-6], (57) As in previous example, four named passwords (np1, np2, np3, and np4) are created, with their associated passwords (P1, P2, P3, and P4) being distributed to groups G1, G2, G3, and G4 in a suitable manner. [Col 10, lines 1-3], the defined password P1 can be distributed (=communicating) to individuals in a defined group (e.g., G1) through an external means (e.g., email, messaging, verbally, etc.), as the password is not stored in the document). Regarding Claim 11, Sinha teaches: One or more non-transitory computer-readable media storing computer- executable instructions (Sinha: [Col 3, lines 9-14], (11) While generally described as computer-implemented software embodied on non-transitory, tangible media that processes and transforms the respective data, some or all of the aspects may be computer-implemented methods or further included in respective systems or other devices for performing this described functionality), which when executed by a processor on a computer system (Sinha: [Col 7, lines 7-17], (21) As illustrated in FIG. 1, the content provider system 102 includes a processor 108. Although illustrated as a single processor 108 in FIG. 1, two or more processors may be used according to particular needs, desires, or particular implementations of the environment 100. Each processor 108 may be a central processing unit (CPU), an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA), or another suitable component. Generally, the processor 108 executes instructions and manipulates data to perform the operations of the content provider system 102), perform a method of managing access to a file, the method comprising (Sinha: [Col 7, lines 17-24], Specifically, the processor 108 executes the algorithms and operations described in the illustrated figures, including the operations performing the functionality associated with the content provider system 102 generally, as well as the various software modules (e.g., the business application 111), including the functionality for sending communications to and receiving transmissions from client(s) 150) This claim contains identical limitations found within that of claim 1 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 11. Regarding Claim 12, this claim contains identical limitations found within that of claim 2 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 12. Regarding claim 13, this claim contains identical limitations found within that of claim 3 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim13. Regarding Claim 14, this claim contains identical limitations found within that of claim 4 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 14. Regarding Claim 15, this claim contains identical limitations found within that of claim 5 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 15. Regarding Claim 16, this claim contains identical limitations found within that of claim 6 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 16. Regarding Claim 17, this claim contains identical limitations found within that of claim 7 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 17. Regarding Claim 18, this claim contains identical limitations found within that of claim 8 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 18. Claims 9-10 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Sinha et al. (U. S. Pat. No. 9,773, 119 B2) (hereinafter “Sinha”) in view of Childress et al. (U.S. PGPub. No. 2008/03205574 A1) (hereinafter “Childress”) and Alain et al. (U. S. Pat. No. 7,729,995 B1) (hereinafter “Alain”); and in further view of Thomas (U. S. PGPub. No. 2009/0025063 A1) (hereinafter “Thomas”) and Tardo et al. (U. S. PGPub. No. 2008/0072280 A1) (hereinafter “Tardo”); and further in view of Panchbudhe et al. (U. S. PGPub. No. 2016/0180107 A1) (hereinafter “Panchbudhe”). Regarding Claim 9, Sinha in view of Childress, Alain, Thomas and Tardo teaches: The method of claim 8 (see rejection of claim 8 above), associating the unique identifier of each user which input the third password with a first status (Alian: [Col 14, lines 41], User A can only read (=read only access =first status) the document. [Col 14, lines 50-53], when User A is requesting the secured document 236, only the header 240 designated to User A is decrypted with a user key (e.g., key A) belonging to the user A and authenticated with the user ) associating the unique identifier of each user which input the fourth password with a second status(=reading and commenting) (Alain: [Col 14, lines 41], user D can edit and read the document (=reading and commenting = a second status). [Col 8, lines 31-39], In general, an access privilege or access privileges for a user may include, but not be limited to, a viewing permit…an editing permit…); associating the unique identifier of each user which input the fifth password with a third status (Alain: [Col 22, lines 9-10], The privileges may include, but not be limited to: open, edit, write, print, copy, download and others (=reading, commenting, editing = a third status)); associating the unique identifier of each user which input the sixth password with a fourth status (Alain: [Col 22, lines 8-9], User A may be an executive or a branch supervisor who has all (=reading, commenting and editing access to the file, viewing and editing = fourth status) the access privileges to any secured documents); and storing all the associations in a list of authenticated users (Alain: [Col 13, lines 49-59], The security information block 226 includes one or more user IDs 228, access rules 229, at least one file key 230 and other information 231. The user IDs 228 maintain a list of authorized users who may be measured against by the access rules 229 before the file key 230 can be retrieved. The access rules 229 determine at least who and how the encrypted document 224 can be accessed. Depending on an implementation, the other information 231 may be used to include other information facilitating a secure access to the encrypted document 224, the example may include version numbers or author identifier); wherein: each user with the first status is granted read-only access to the file (Alain: [Col 22, lines 9-11], User B has limited access (=can be read-only access) privileges while everyone in user group C shares the same access privileges); each user with the second status is granted reading and commenting access to the file (Alain: [Col 14, lines 41], user D can edit and read the document. [Col 8, lines 31-39], In general, an access privilege or access privileges for a user may include, but not be limited to, a viewing permit…an editing permit…); each user with the third status is granted reading, commenting and editing access to the file (Alain: [Fig. 5B. 1 provides for access privileges for user C includes as Open, Edit, write, download (=third status); each user with the fourth status is granted reading, commenting and editing access to the file, viewing and editing access to the list of authenticated users and access to view details about each user that accessed the file (Alain: [Col 22, lines 6-9], as shown in FIG. 5B.1, different users can be assigned to different access privileges. User A may be an executive or a branch supervisor who has all the access privileges to any secured documents. The privileges may include, but not be limited to: open, edit, write, print, copy, download and others ((=forth status))); The Sinha in view of Childress, Alain, Thomas and Tardo does not explicitly: the details are stored with the file and the details include a length of time each user accessed the file, the number of times each user accessed the file, comments each user made on the file and edits each user made to the file. However, in an analogous art Panchbudhe teaches: the details are stored with the file (Panchbudhe: [0037] The file system 202 may be further configured to store metadata and policies which can be used for providing restricted data access for users. [0057], The database may further comprise of information related to access permission allowed for each user corresponding to each file/file folder the user (s) is attributed to. Based on the information stored in the database, the file system 202 checks (304) access permissions of the user to the requested file/file folder); and the details include a length of time each user accessed the file, the number of times each user accessed the file (Panchbudhe: [0037], A few examples of the meta data that may be used for providing restricted data access for users are…. [0043] Date, and Time (=a length of time) based file access permissions), comments each user made on the file and edits each user made to the file (Panchbudhe: [0057],The permission/access setting may refer to the type of action (s) the user may perform, on that particular file/file folder. For example, if the user is permitted access to the requested file with read & edit options, the file system fetches the file data from the file server and presents it to the user with at least one read & edit option. A few examples of the edit permission are, but not limited to browse, create, view, edit, upload, delete, share, comment, download, refresh, offline access, approval, self-destruct, attach, forward, and expire). A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress, Alain, Thomas and Tardo by applying the well-known technique as disclosed by Panchbudhe of storing a metadata, policies, information related to access permission of the files/folders in a database. The motivation is preventing confidential data from security and compliance issues and protect confidential data from unauthorized access (Panchbudhe: [0005]). Regarding Claim 10, Sinha in view of Childress, Alain, Thomas and Tardo and Panchbudhe teaches: The method of claim 9 (see rejection of claim 9 above), wherein each user with the fourth status is further granted access to view and edit the first group of users and the predetermined conditions (Alain: [Col 22, lines 6-9], as shown in FIG. 5B.1, different users can be assigned to different access privileges. User A may be an executive or a branch supervisor who has all the access privileges to any secured documents. The privileges may include, but not be limited to: open, edit write, print, copy, download and others ((=forth status))); A person having ordinary skill in the art, before the effective filing date of the invention, would have found it obvious to modify Sinha in view of Childress by applying the well-known technique as disclosed by Alain of assigning different access privileges to different users for accessing any secured documents. The motivation is to protecting data in an enterprise environment and prevent improper access and usage by unauthorized users within or outside a supposedly protected perimeter (Alain: [Col 2, lines 3-5]). Regarding Claim 19, this claim contains identical limitations found within that of claim 9 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 19. Regarding Claim 20, this claim contains identical limitations found within that of claim 10 above albeit directed to a different statutory category (non-transitory medium). For this reason the same grounds of rejection are applied to claim 20. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Refer to PTO-892, Notice of References Cited for a listing of analogous art. Metzer et al. (U. S. PGPub. No. 2008/0072290 A1): Systems and/or methods for controlling access to a plurality of records and/or documentary materials to be persisted in an electronic archives system are provided. The plurality of records and/or documentary material and all preserved information may be stored and accessed on the basis of user and/or object attributes. The user attributes include group affiliation, ownership, and state (e.g., workflow step and time of day). The object attributes include group affiliation, business role, clearance or access level, and network address from which access is requested. Access to the plurality of records and/or documentary material can be obtained both from within a single security domain as well as across more than one security domain. Allababidi et al. (U. S. Pat. No. 9,558,341 B1): A computer system is provided including a single sign-on system with applications and a data store storing user profiles, each including a user ID, wherein each of the user profiles has a corresponding application password for one or more of the applications, and a user profile administration tool. The user profile administration tool includes a password provisioning section where an administrator selects a user profile and further selects an application type. The application type includes an application type wherein the administrator resets the password for one or more of the applications. The application type also includes a stand-alone application type wherein the administrator resets a password for a stand-alone application. The user profile administration tool further includes a password synchronizing section wherein the user profile administration tool automatically synchronizes the application passwords with each of the corresponding user profiles. Kinghorn et al. (U. S. Pat. No. 7,921,284 b1): Even with proper access privilege, when a secured file is classified, at least security clearance (e.g. a clearance key) is needed to ensure those who have the right security clearance can ultimately access the contents in the classified secured file. According to one embodiment, referred to as a two-pronged access scheme, a security clearance key is generated and assigned in accordance with a user's security access level. A security clearance key may range from most classified to non-classified. Depending on implementation, a security clearance key with a security level may be so configured that the key can be used to access secured files classified at or lower than the security level or multiple auxiliary keys are provided when a corresponding security clearance key is being requested. The auxiliary keys are those keys generated to facilitate access to secured files classified respectively less than the corresponding security or confidentiality level. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to RUPALI DHAKAD whose telephone number is (571)270-3743. The examiner can normally be reached M-F 8:30-5:30. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached at 5712705143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /R.D./Examiner, Art Unit 2437 /ALEXANDER LAGOR/Supervisory Patent Examiner, Art Unit 2437
Read full office action

Prosecution Timeline

Oct 04, 2023
Application Filed
Jun 20, 2025
Non-Final Rejection mailed — §103
Sep 22, 2025
Response Filed
Dec 22, 2025
Final Rejection mailed — §103
Mar 23, 2026
Request for Continued Examination
Apr 06, 2026
Response after Non-Final Action
Jun 02, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12592937
Method For Protection From Cyber Attacks To A Vehicle, And Corresponding Device
3y 10m to grant Granted Mar 31, 2026
Patent 12587544
METHOD AND SYSTEM TO REMEDIATE A SECURITY ISSUE
4y 5m to grant Granted Mar 24, 2026
Patent 12513154
BLOCKCHAIN-BASED DATA DETECTION METHOD, APPARATUS, AND COMPUTER-READABLE STORAGE MEDIUM
3y 7m to grant Granted Dec 30, 2025
Patent 12495039
INTEGRATED AUTHENTICATION SYSTEM AND METHOD
3y 2m to grant Granted Dec 09, 2025
Patent 12468826
METHOD FOR OPERATING A PRINTING SYSTEM
3y 5m to grant Granted Nov 11, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
37%
Grant Probability
67%
With Interview (+30.0%)
3y 5m (~7m remaining)
Median Time to Grant
High
PTA Risk
Based on 35 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month