DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
The instant application filed 02/09/2024, is a Continuation of App. S/N. 17/202,263 filed 03/15/2021, now U.S. Pat. No. 11,921,883 B2 which in turn Claims Priority from Provisional App. 62/668,173 filed 05/07/2018.
Information Disclosure Statement
The Information Disclosure Statement (IDS) submitted on 03/19/2024 has been considered by the Examiner. The submission is in compliance with the provisions of 37 CFR 1.97.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1, 6, 8, 13 and 20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1 and 2 of U.S. Patent No. 11,921,883 B2, (hereinafter Patent ’883) in view of Ylonen et al. U.S. Pub. No. 2017/0012953 A1, (hereinafter Ylonen). Although the claims at issue are not identical, they are not patentably distinct from each other because the patent ‘883 claim 1 recites all of the limitations of the instant application claim 1 except the limitations like “receiving a request to make a user account discoverable through the discovery service”; and “identifying, based on the request, at least one property associated with the user account”.
However, Ylonen teaches “receiving a request to make a user account discoverable through the discovery service” (Ylonen teaches in Para. [0965] the management system receives a request to set up public key authentication from a workflow,…,copies the appropriate public key to one or more servers and configures it as an authorized key for one or more user accounts to which login using it should be permitted according to the request,...); and
“identifying, based on the request, at least one property associated with the user account” (Ylonen teaches in Para. [1045] a means for discovering identity keys (i.e., at least one property associated with user account) for at least one user account on at least one host having an SSH client installed further Ylonen teaches in Para. [0299] may be tested using fields in a user record in a local file or directory (e.g., LDAP, Active Directory), such as the value (especially the first character) of a password field or value in a separate field (i.e., at least one property associated with user account) indicating whether the account is enabled or disabled (or active or non active in alternate terminology).).
Therefore, it would have been obvious to one of ordinary skill in the art, at the time of invention, to include the management system which receives a request to set up public key authentication from a workflow and an authorized key for one or more user accounts and a means for discovering identity keys for at least one user account of Ylonen’s invention into Patent ‘883 invention in order to the cost of managing encryption and authentication keys is reduced. The authentication key removals, key renewals, key rotation and proper auditing of existing access rights are enabled. The cost of the deployment project is reduced when a customer starts to automatically manage user keys in their environment.
See the table below which shows only the comparison of limitations between the instant Application claims 1,4,5 and 6 patent ‘883 independent claim 1 and dependent claims 3, 4, 5 (Note that here the bolded limitation of the instant application in the table already addressed by the prior art of record Ylonen above).
Instant Application 18/438,359
Patent No. 11,921,883 B2
Claim 1. A method for registering user accounts with a discovery service that implements privacy aspects, the method comprising, by a server device:
Claim 1.A method for implementing a discovery protocol that includes privacy aspects, the method comprising, by a server device:
receiving a request to make a user account discoverable through the discovery service;
identifying, based on the request, at least one property associated with the user account;
generating a hash value based on the at least one property;
receiving, from a client device, a request that includes an identifier and a key value, wherein: the identifier is generated and stored by the client device in conjunction with the client device seeking to determine, based on a first item of personal information data (PID) for a contact of one or more contacts known to the client device
generating an encrypted payload that includes at least a portion of information associated with the user account;
Portion of claim 1 generating a payload that has been encrypted utilizing an encryption key derived from a second item of PID for a potential contact and further portion of claim 3 when the payload can be decrypted, then the contact matches the potential contact and a decrypted version of the payload includes information associated with a user account for the potential contact in a recognized format
generating, within a data store, an entry that includes (1) at least a portion of the hash value, and (2) the encrypted payload.
Portion of claim 1 generating a payload that has been encrypted utilizing an encryption key derived from a second item of PID for a potential contact and further portion of claim 5. herein the key value is generated by: hashing the first item of PID utilizing a hash algorithm to generate a hash value.
Claim 6. The method of claim 1, wherein: the entry comprises a key-value pair that includes a key value and an entry value; the at least a portion of the hash value comprises the key value; and the encrypted payload comprises the entry value.
Portion of claim 1 generating a payload that has been encrypted utilizing an encryption key derived from a second item of PID for a potential contact further portion of claim 5. wherein the key value is generated by: hashing the first item of PID utilizing a hash algorithm to generate a hash value; and producing a truncated hash value by truncating the hash value to select N most significant bits of the hash value as the key value.
Regarding claims 8 and 15.
Similarly, claims 8 and 15 incorporate substantively all the limitations of independent claim 1 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale.
Regarding claims 13 and 20.
Similarly, claims 13 and 20 incorporate substantively all the limitations of dependent claim 6 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale.
Claims 2-5, 9-12 and 16-19 are rejected on the ground of nonstatutory double patenting as being unpatentable over Patent ’883 in view of Ylonen further in view of Fasoli et al. U.S. Pub. No. 2018/0069871, (hereinafter Fasoli).
Regarding claim 2. Patent ’883 in view of Ylonen teaches the method of claim 1.
Patent ’883 in view of Ylonen does not explicitly teach wherein: the request includes a token associated with the user account, and the token comprises a user identifier of the user account or a client device identifier of a client device associated with the user account.
However, Fasoli teaches wherein: the request includes a token associated with the user account, and the token comprises a user identifier of the user account or a client device identifier of a client device associated with the user account (Fasoli teaches in Para. [0032] remote server 210 can transmit a request for the identifier or token to user account management system 220 that includes at least part of the information).
Therefore, it would have been obvious to one of ordinary skill in the art, at the time of invention, to include the token in a request and an identifier in a user account of Fasoli’s invention into Patent ‘883 in view of Ylonen invention in order to the device allows a user can conveniently find information to define customized information on a separate device that has a larger interface and transfer the customized information to user device through a synchronization operation while a user interface supports data-entry operations. The device regulates power consumption of components of the user device based on source and amount of available power and monitors stored power in a battery and generates user alerts if the stored power drops below a minimum level.
Regarding claim 3.
Patent ’883 in view of Ylonen further teaches wherein the method further comprises, prior to receiving the request: receiving a user account creation request to create the user account, wherein the user account creation request includes the at least one property (Patent ‘883 claim 1 receiving, from a client device, a request that includes an identifier and a key value, wherein: the identifier corresponds to a first item of personal information data (PID) for a contact of one or more contacts known to the client device, and the key value is derived from the first item of PID for the contact);
generating the user identifier (Patent ‘883 claim 1 wherein, when the client device determines that the identifier generated by the client device matches the identifier included in the response, the client device attempts to decrypt the payload utilizing a decryption key derived from the second item of PID for the contact). Further, Ylonen teaches storing the user identifier and the at least one property in a manner that associates the user identifier with the at least one property (Ylonen teaches in Para. [1034] causes each of a plurality of hosts to convey information about authorized keys configured for user accounts on the host to a management system where records derived from the information are stored in a database).
Therefore, it would have been obvious to one of ordinary skill in the art, at the time of invention, to include the user account management system record to be stored in a database of Ylonen’s invention into Fasoli invention in order to the cost of the deployment project is reduced when a customer starts to automatically manage user keys in their environment. The differences caused by key addition, key removal, or key rotation requests are eliminated.
Regarding Claim 4.
Patent ‘883 teaches the method of claim 2, further comprising: including, within the entry, at least one of (3) the user identifier or (4) the hash value (Patent ‘883 Portion of claim 1. Teaches (a request that includes an identifier and a key value, and providing, to the client device, a response that includes the payload and the identifier further, claim 5. herein the key value is generated by: hashing the first item of PID utilizing a hash algorithm to generate a hash value. Note that here, the claim lists features in the alternative. While the claim lists a number of optional limitations only one limitation from the list is required and needs to be met by the prior art. However, the Patent ‘883 claims 1 and 5 addressed the recited both limitation).
Regarding claim 5.
Patent ‘883 teaches the method of claim 2, wherein the user identifier comprises an email address or a phone number (Patent ‘883 claim 4 teaches the first item of PID comprises a phone number or an email address associated with the contact, and the second item of PID comprises a phone number or an email address associated with the potential contact).
Regarding claims 9 and 16.
Similarly, claims 9 and 16 incorporate substantively all the limitations of dependent claim 2 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale.
Regarding claims 10 and 17.
Similarly, claims 10 and 17 incorporate substantively all the limitations of dependent claim 3 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale.
Regarding claims 11 and 18.
Similarly, claims 11 and 18 incorporate substantively all the limitations of dependent claim 4 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale.
Regarding claims 12 and 19.
Similarly, claims 12 and 19 incorporate substantively all the limitations of dependent claim 5 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale.
Claims 7 and 14 are rejected on the ground of nonstatutory double patenting as being unpatentable over Patent ’883 in view of Ylonen further in view of Nair et al. U.S. Pat. No. 9,787, 662 B1, (hereinafter Nair).
Regarding claim 7. Patent ’883 in view of Ylonen teaches the method of claim 1.
Patent ’883 teaches wherein: the at least one property comprises contact information associated with the user account (Patent ’883 teaches in claim 1. “the identifier corresponds to a first item of personal information data (PID) for a contact of one or more contacts known to the client device, and the key value is derived from the first item of PID for the contact”).
Patent ’883 in view of Ylonen does not explicitly teach the at least a portion of information comprises contact information, an image, or some combination thereof, associated with the user account.
However, Nair teaches the at least a portion of information comprises contact information, an image, or some combination thereof, associated with the user account (Nair teaches in [Col. 5, lines 63-67] when the account was opened, IP address used to open the account, geographical location from which the account was opened, etc.), image or photograph, user profile information (e.g., education, employment, licensures, professional affiliations, etc.)).
Therefore, it would have been obvious to one of ordinary skill in the art, at the time of invention, to include the user account opened with image or photograph, user profile information of Nair’s invention into Patent ‘883 in view of Ylonen invention in order to the computerized method involves receiving an identifier in an online social network, where web browser identifier is associated with a member and a graphical element visually depicts the account information of the member, and thus enables to provide easy visualization of information.
Regarding claim 14.
Similarly, claim 14 incorporates substantively all the limitations of dependent claim 5 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1, 6, 8, 13, 15 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Ylonen et al. U.S. Pub. No. 2017/0012953 A1, (hereinafter Ylonen) in view of Singler U.S. Pub. No. 2016/0034692 A1, (hereinafter Singler).
Regarding claim 1.
Ylonen teaches a method for registering user accounts with a discovery service that implements privacy aspects, the method comprising, by a server device: (Ylonen teaches in Para. [0079] in Fig. 27 shows the discovering information about the user account and further in Para. [0645] an account creator element 3604 used to create (i.e., registering the user account)):
receiving a request to make a user account discoverable through the discovery service (Ylonen teaches in Para. [0965] the management system receives a request to set up public key authentication from a workflow, change control, or other system, creates …, copies the appropriate public key to one or more servers and configures it as an authorized key for one or more user accounts to which login using it should be permitted according to the request... (i.e., note that here create an account based on the public key indicates the claimed “make a user account”).Also, see Para. [ 0388] and [0645] how the user accounts can be created);
identifying, based on the request, at least one property associated with the user account;
(note that here the term “at least one property” is not clearly defined and thus, the Examiner has interpreted this term based on the broadest reasonable interpretation using the plain meaning of the claim language, such meaning includes “public key”, “private key”, finger print” and/or such as the value (especially the first character) of a password field or value in a separate field. Ylonen teaches in Para. [1045] a means for discovering identity keys for at least one user account on at least one host having an SSH client installed and further Ylonen teaches in Para. [0299] may be tested using fields in a user record in a local file or directory (e.g., LDAP, Active Directory), such as the value (especially the first character) of a password field or value in a separate field (i.e., at least one property associated with user account) indicating whether the account is enabled or disabled (or active or non active in alternate terminology).).
generating a hash value based on the at least one property (Ylonen teaches in Para. [0017] are several known ways to convert a public key into a key fingerprint, including computing a hash value of an encoded representation of the public key, and representing the hash value in hex. Several different methods for generating fingerprints from a key are in use by different implementations and further, Ylonen teaches in Para. [0982] that the management system receives a public key from a managed host and generates from the public key a key fingerprint in at least two different formats (e.g., the format used by OpenSSH and the format used by Tectia SSH); and
generating, within a data store, an entry that includes (1) at least a portion of the hash value, and (2) the encrypted payload. (Ylonen teaches in Para. [0982] generates from the public key a key fingerprint in at least two different formats (e.g., the format used by OpenSSH and the format used by Tectia SSH) and stores the generated fingerprints in a database and further, Ylonen teaches in Para. [0461] a private key file may be encrypted by a key derived from the passphrase with the algorithm optionally indicated in the key file (i.e., encrypted payload). Typically the encrypted key file itself does not contain a key fingerprint in plaintext…, fingerprint is typically a hash of the (plaintext) private key in some format that depends on the SSH implementation…).
Ylonen does not explicitly teach generating an encrypted payload that includes at least a portion of information associated with the user account.
However, Singler teaches the term payload and does not explicitly teach generating an encrypted payload that includes at least a portion of information associated with the user account (Singler teaches in FIG. 3 and in Para. [0054]. Then... the server sends back said medium-size, longer (say m=64 bits) hash values to the client further Singler teaches in Para. [0055] the server preferably keeps... the medium-sized hash value... in the database, for quick construction (i.e., generating a payload for a potential contact) of the answer further teaches in Para. [0057]. The client device and the server computer communicate with an encrypted connection as narrated in Para. [0039]... in an encrypted transmission channel). Therefore, Ylonen and Singler are analogues arts and they are in the same field of endeavor as they both are directed to creation of user account in a secured manner to protect private user information data.
It would have been obvious to one of ordinary skill in the art before the effective filing date of the
claimed invention to modify the teachings of using a server to manage the generating of the hash value in a quick construction (i.e., encrypted a payload) ([0054]-[0055], [0057] and [0039]) as taught, by Singler into the teachings of Ylonen invention. One would have been motivated to do so in order to the client computing device iteratively applies the hash value calculation in a multiply repeated form, thus provides a higher degree of privacy and the contacts are not exposed to eavesdroppers. The brute force attacks are prevented, thus provides reliable contact matching, and thus optimizes privacy versus bandwidth requirements.
Regarding claim 6.
Ylonen teaches wherein: the entry comprises a key-value pair that includes a key value and an entry value (Ylonen teaches in Para. [0017] a key fingerprint is an identifier for a key that essentially uniquely identifies a key pair. It may be, e.g., a hash value computed from a public key);
the at least a portion of the hash value comprises the key value (Ylonen teaches in Para. [0017] fingerprint, including computing a hash value of an encoded representation of the public key, and representing the hash value in hex. Several different methods for generating fingerprints from a key are in use by different implementations. Also, see Para. [0238] and [0982]).
Ylonen does not explicitly teach the encrypted payload comprises the entry value.
However, Singler teaches the encrypted payload comprises the entry value (Singler teaches in FIG. 3 and in Para. [0054]. Then... the server sends back said medium-size, longer (say m=64 bits) hash values to the client further Singler teaches in Para. [0055] the server preferably keeps... the medium-sized hash value... in the database, for quick construction (i.e., generating a payload for a potential contact) of the answer further teaches in Para. [0057]. The client device and the server computer communicate with an encrypted connection as narrated in Para. [0039]... in an encrypted transmission channel).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the
claimed invention to modify the teachings of using a server to manage the generating of the hash value in a quick construction (i.e., encrypted a payload) ([0054]-[0055], [0057] and [0039]) as taught, by Singler into the teachings of Ylonen invention. One would have been motivated to do so in order to the client computing device iteratively applies the hash value calculation in a multiply repeated form, thus provides a higher degree of privacy and the contacts are not exposed to eavesdroppers. The brute force attacks are prevented, thus provides reliable contact matching, and thus optimizes privacy versus bandwidth requirements.
Regarding claims 8 and 15.
Claims 8 and 15 incorporate substantively all the limitations of independent claim 1 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale. Furthermore, regarding the claim limitations of a computing device and non-transitory computer-readable storage medium, the prior art of record Ylonen teaches in Para. [0006] and [1241].
Regarding claims 13 and 20.
Claims 13 and 20 incorporate substantively all the limitations of independent claim 6 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale. Furthermore, regarding the claim limitations of a computing device and non-transitory computer-readable storage medium, the prior art of record Ylonen teaches in Para. [0006] and [1241].
Claims 2-5, 9-12 and 16-19 are rejected under 35 U.S.C. 103 as being unpatentable over Ylonen in view of Singler further in view of Fasoli et al. U.S. Pub. No. 2018/0069871, (hereinafter Fasoli).
Regarding claim 2. Ylonen in view of Singler teaches the method of claim 1.
Ylonen in view of Singler does not explicitly teach wherein: the request includes a token associated with the user account, and the token comprises a user identifier of the user account or a client device identifier of a client device associated with the user account.
However, Fasoli teaches wherein: the request includes a token associated with the user account, and the token comprises a user identifier of the user account or a client device identifier of a client device associated with the user account (Fasoli teaches in Para. [0032] remote server 210 can transmit a request for the identifier or token to user account management system 220 that includes at least part of the information. Note that here, the claim lists features in the alternative. While the claim lists a number of optional limitations only one limitation from the list is required and needs to be met by the prior art and thus, the prior art of record Fasoli addressed the limitation of “the token comprises a user identifier of the user account”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the
claimed invention to modify the teachings of using the token in a request and an identifier in a user account ([0032]) as taught, by Fasoli into the teachings of Ylonen in view of Singler invention. One would have been motivated to do so in order to the device allows a user can conveniently find information to define customized information on a separate device that has a larger interface and transfer the customized information to user device through a synchronization operation while a user interface supports data-entry operations. The device regulates power consumption of components of the user device based on source and amount of available power and monitors stored power in a battery and generates user alerts if the stored power drops below a minimum level.
Regarding claim 3.
Ylonen teaches wherein the method further comprises, prior to receiving the request: receiving a user account creation request to create the user account, wherein the user account creation request includes the at least one property (note that here the term “at least one property” is not clearly defined and thus, the Examiner has interpreted this term based on the broadest reasonable interpretation using the plain meaning of the claim language, such meaning includes “public key”, “private key”, finger print” and/or such as the value (especially the first character) of a password field or value in a separate field. Ylonen teaches in Para. [0079] in Fig. 27 shows the discovering information about the user account and further in Para. [0645] an account creator element 3604 used to create (i.e., registering the user account) Ylonen further teaches in Para. [0965] the management system receives a request to set up public key authentication from a workflow, and configures it as an authorized key for one or more user accounts to which login using it should be permitted according to the request... (i.e., note that here create an account based on the public key indicates the claimed “make a user account”).Also, see Para. [ 0388] and [0645] how the user accounts can be created)) ;
generating the user identifier (Ylonen teaches in Para. [0017] different methods for generating fingerprints from a key (i.e., at least one property of the user account) are in use by different implementations. Also, see Para. [0346], [0972] and [1017] the generation of identifier); and
storing the user identifier and the at least one property in a manner that associates the user identifier with the at least one property (Ylonen teaches in Para. [1034] a management system where records derived from the information are stored in a database which includes each of a plurality of hosts to convey information about authorized keys configured for user accounts on the host).
Regarding claim 4.
Ylonen teaches within the entry, at least one of (3) the user identifier or (4) the hash value (Ylonen teaches in Para. [0425] the process identifier together with the server identity indicate they belong to the same session and further in Para. [0427] the management system ensures that the forced command is included in all entries in authorized keys files added for that connection and Ylonen also teaches in Para. [0238] about a hash value is computed from a destination host and user (2001). The last successfully used private key is looked up from a database saved across client invocations using the hash (2002). Note that here, the claim lists features in the alternative. While the claim lists a number of optional limitations only one limitation from the list is required and needs to be met by the prior art and thus, the prior art of record Ylonen addressed both of the limitations above).
Regarding claim 5. Ylonen in view of Singler further in view of Fasoli teaches the method of claim 2.
Ylonen in view of Fasoli does not explicitly teach wherein the user identifier comprises an email address or a phone number.
However, Singler teaches wherein the user identifier comprises an email address or a phone number (Singler teaches in Para. [0071] contact identification means other than the before-mentioned phone numbers, e. g. email addresses).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the
claimed invention to modify the teachings of using user phone number or email address ([0071]) as taught, by Singler into the teachings of Ylonen in view of Fasoli invention. One would have been motivated to do so since the universe of possible email addresses is much larger by number, and is easier to administrate due to absence of analogous communication interfaces than the universe of phone numbers. So, attacks are even less likely to be successful.
Regarding claims 9 and 16.
Claims 9 and 16 incorporate substantively all the limitations of independent claim 2 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale. Furthermore, regarding the claim limitations of a computing device and non-transitory computer-readable storage medium, the prior art of record Ylonen teaches in Para. [0006] and [1241].
Regarding claims 10 and 17.
Claims 10 and 17 incorporate substantively all the limitations of independent claim 3 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale. Furthermore, regarding the claim limitations of a computing device and non-transitory computer-readable storage medium, the prior art of record Ylonen teaches in Para. [0006] and [1241].
Regarding claims 11 and 18.
Claims 11 and 18 incorporate substantively all the limitations of independent claim 4 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale. Furthermore, regarding the claim limitations of a computing device and non-transitory computer-readable storage medium, the prior art of record Ylonen teaches in Para. [0006] and [1241].
Regarding claims 12 and 19.
Claims 12 and 19 incorporate substantively all the limitations of independent claim 5 of the instant application in a computing device and a non-transitory computer-readable storage medium form and are rejected under the same rationale. Furthermore, regarding the claim limitations of a computing device and non-transitory computer-readable storage medium, the prior art of record Ylonen teaches in Para. [0006] and [1241].
Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Ylonen in view of Singler further in view of Nair et al. U.S. Pat. No. 9,787, 662 B1, (hereinafter Nair).
Regarding claim 7. Ylonen in view of Singler teaches the method of claim 1.
Ylonen in view of Singler does not explicitly teach wherein: the at least one property comprises contact information associated with the user account; and the at least a portion of information comprises contact information, an image, or some combination thereof, associated with the user account.
However, Nair teaches wherein: the at least one property comprises contact information associated with the user account (Nair teaches in [Col. 13, lines 4-6] account content accessed…,or account contact information); and
the at least a portion of information comprises contact information, an image, or some combination thereof, associated with the user account (Nair teaches in [Col. 5, lines 63-67] when the account was opened, IP address used to open the account, geographical location from which the account was opened, etc.), image or photograph, user profile information (e.g., education, employment, licensures, professional affiliations, etc.)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of using contact information and include the user account opened with image or photograph, user profile information ([Col. 13, lines 4-6] and [Col. 5, lines 63-67]) as taught, by Nair into the teachings of Ylonen in view of Singler invention. One would have been motivated to do so in order to the computerized method involves receiving an identifier in an online social network, where web browser identifier is associated with a member and a graphical element visually depicts the account information of the member, and thus enables to provide easy visualization of information.
Regarding claim 14.
Claim 14 incorporates substantively all the limitations of independent claim 7 of the instant application in a non-transitory computer-readable storage medium form and is rejected under the same rationale. Furthermore, regarding the claim limitation of a non-transitory computer-readable storage medium, the prior art of record Ylonen teaches in Para. [1241].
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BERHANU SHITAYEWOLDETSADIK whose telephone number is (571)270-7142. The examiner can normally be reached M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emmanuel Moise can be reached at 5712723865. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BERHANU SHITAYEWOLDETADIK/Examiner, Art Unit 2455