DETAILED ACTION
Examiner's Note: The Examiner has pointed out particular references contained in the prior art of record within the body of this action for the convenience of the Applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply. Applicant, in preparing the response, should consider fully the entire reference as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s remarks filed on 11/13/2025 have been fully considered.
Regarding claim[s] 2 – 16, under the various obviousness rejections, applicant’s remarks are not persuasive, therefore, the examiner will respond to all of applicant’s remarks in the office action below.
Regarding claim[s] 17 – 21, under the various obviousness rejections, applicant’s remarks are not persuasive, therefore, the examiner will respond to all of applicant’s remarks in the office action below.
The examiner will address all other remarks that do not concern the prior art rejections, if any, in the office action below.
Applicant states on page[s] 2 of the remarks as filed:
“The references cited in the Office Action, whether considered alone or in
combination, do not teach or suggest such a combination of elements.
First, page 11 of the Office Action asserts that “claim 17...includes the same or
similar claim language as method claim 2 and is similarly rejected.” Applicant submits
that this is not accurate. Namely, Claim 17 recites “send a query regarding the user
to an identity service,” “receive, in reply to the query, a validation,” and “adjust,
based on... the validation, a reputation score of the user.” (Emphasis added.) Such
emphasized elements are not recited in Claim 2 and were not rejected or alleged as
being taught by any reference in the Office Action. As such, the Office Action has not
maid a prima facie case of obviousness with respect to Claim 17 and the rejection
should be withdrawn.”
In response the examiner points to the prior art combination of Eberle and Bushboom and Nagaratnam.
The examiner will reject claim 17 below with the same prior art mappings of the current prior art that was used to reject base claim[s] 2, and 10 in the non – final rejected dated 08/13/2025.
NO new interpretations of the prior art combination is used below. NO 2nd non-final rejection will be issued. [..emphasis added….]
-------------------------------------------------------------
As claim # 17, Eberle does teach a system [Eberle, paragraph: 0014, lines 1 – 4, The present invention is comprised of systems and methods for the evaluating, measuring and scoring of social relationships and the individuals involved in such relationships in regard to a social network] comprising:
memory configured to store reputation scores [Eberle, ***Applicant’s recited claim limitations of: “memory configured to store reputation scores for the users,” and “microprocessor,” are taught by the prior art of Eberle at paragraph: 0030, and Figure #3, paragraph: 0034, lines 9 — 19, the reputation and relationship scoring processes (220), respectively.]; and
at least one microprocessor [Eberle, ***Applicant’s recited claim limitations of: “memory configured to store reputation scores for the users,” and “microprocessor,” are taught by the prior art of Eberle at paragraph: 0030, and Figure #3, paragraph: 0034, lines 9 — 19, the reputation and relationship scoring processes (220), respectively.] configured to:
receive data regarding a plurality of profile changes of a user [Eberle, Figure # 1, paragraph: 0030, lines 1 – 6, FIG. 1 further shows how a registered user might decide to provide additional profile data that might consist of personal details such as home address, hobbies, and other personal data as well as login credentials for Web sites and social networks that the user might participate in or already maintains membership.] over a period of time [Nagaratnam, paragraph: 0023, lines 1 – 10, In some embodiments, the cognitive psychology processing system 470 has access to some or all of the communication channels of one or more client devices 454 and/or assesses and data collected by some or all services and/or entities. In such embodiments, the subsequently collected data used by the cognitive psychology processing system to track psychological characteristics change of the user over time and keep cognitive psychology profiles updated includes data collected from the communication channels and/or user accounts.];
send a query regarding the user to an identity service [Bushboom, paragraph: 0019, The method proceeds by sending an indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider for requesting the authentication of the user by the identity provider, i.e. the service provider sends from its associated device or an device being, e.g. remotely, accessible by the service provider the one or more selected authentication security profiles as one form of an indication for indicating to the identity provider the authentication security requirement in the form of one or more authentication security profiles based on one of them the authentication is to be executed. In addition, the user identity is sent to the identity provider for the purpose of an identification of the user for the authentication step.];
receive, in reply to the query, a validation [Bushboom, paragraph: 0020, Next, based on the user identity and one of the one or more selected authentication security profiles, the user is authenticated by the identity provider. Authentication can be accomplished by identifying the user, e.g. as previously registered to the identity provider, and verifying the user on base of the user identity according to the one authentication security profile.
Then further of Bushboom, at paragraph: 0021, Finally, the information about a result of the authentication by the identity provider can be send to the service provider. In particular, an assertion indicating the authentication of the user is sent to the service provider, e.g. for indicating that the authentication of the user has been accomplished according to the authentication security requirement as specified by the authentication security profile by the service provider. Depending on the implementation or use case, the assertion can e.g. specify the one authentication profile used for authentication or simply indicate "authentication successful". Other implementations for the assertion are possible]]; and
adjust, based on the data regarding the plurality of profile changes and the validation, a reputation score of the user [Eberle, Figure # 1, paragraph: 0030, lines 11 – 16, Any new data that is collected through the profile process (400) result in profile process score modifiers (500) which will modify the aggregated process score modifiers (230) to alter the relationship and reputation scoring processes (220) of one or more users which score are stored as SOARS scoring data (240).].
Applicant states on page[s] 2 and 3 of the remarks as filed: “
Second, Claim 17 further recites “receive data regarding a plurality of profile changes of a user over a period of time” and “adjust, based on the data regarding the plurality of profile changes...a reputation score of the user.” Page 11 of the Office Action relies on lines 9-19 of paragraph 34 of Eberle as allegedly teaching such elements. Lines 9-19 of paragraph 34 of Eberle state:
Once the user being scored has provided one or more social network logins (405), the scoring process of the present invention as shown in FIG. 3 takes into account the social network profile(s) of the user in such social networks. It also will continuously extract and synchronize the user's profile and activity in such social network (415), store such information in a profile table (1400) and calculate new or amended profile process score modifiers (500) that are used in the reputation and relationship scoring processes (220) that will ultimately affect the SOARS scoring data (240).
As such, Eberle relates to a “scoring process” whereby information extracted
from a user’s profile and activity in [a] social network” is used to “calculate new or amended profile process score modifiers.” In other words, a user provides their login to a social network so their profile and activity can be used to calculate a score.
In contrast, Claim 17 recites “receive data regarding a plurality of profile changes of a user over a period of time” and “adjust, based on the data regarding the plurality of profile changes...a reputation score of the user.” (Emphasis added.)
Eberle does not teach or suggest adjusting a reputation score of a user based
on profile changes. Rather, Eberle only mentions a “user’s profile,” not changes to a user’s profile as claimed.”
In response the examiner points out that applicant's arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
The examiner rejected claim # 1 over the prior art combination of Eberle/Bushboom/Nagaratnam.
Applicant has not addressed this prior art combination as a whole. (..emphasis added…).
Specifically, applicant has not addressed the prior art of Nagaratnam as what the prior art discloses (..emphasis added…).
Specifically, pointing to the prior art of Nagaratnam. At, Figure # 1C and paragraph: 0023, lines 1 – 12, In some embodiments, the cognitive psychology processing system 470 has access to some or all of the communication channels of one or more client devices 454 and/or assesses and data collected by some or all services and/or entities [i.e. applicant’s changes]. In such embodiments, the subsequently collected data used by the cognitive psychology processing system to track psychological characteristics change of the user over time and keep cognitive psychology profiles updated includes data collected from the communication channels and/or user accounts [i.e. applicant’s plurality of changes made to the profile - changes made to a profile of a user over a time period].
Turning now to the prior art of Bushboom, who does disclose paragraph: 0019, The method proceeds by sending an indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider for requesting the authentication of the user by the identity provider, i.e. the service provider sends from its associated device or an device being, e.g. remotely, accessible by the service provider the one or more selected authentication security profiles as one form of an indication for indicating to the identity provider the authentication security requirement in the form of one or more authentication security profiles based on one of them the authentication is to be executed. In addition, the user identity is sent to the identity provider for the purpose of an identification of the user for the authentication step.
Then further of paragraph: 0020, Next, based on the user identity and one of the one or more selected authentication security profiles [i.e. applicant’s determining at least one pattern], the user is authenticated by the identity provider. Authentication can be accomplished by identifying the user, e.g. as previously registered to the identity provider, and verifying the user on base of the user identity according to the one authentication security profile.
Then further of paragraph: 0021, Finally, the information about a result of the authentication by the identity provider can be send to the service provider. In particular, an assertion indicating the authentication of the user is sent to the service provider, e.g. for indicating that the authentication of the user has been accomplished according to the authentication security requirement as specified by the authentication security profile by the service provider. Depending on the implementation or use case, the assertion can e.g. specify the one authentication profile used for authentication or simply indicate "authentication successful". Other implementations for the assertion are possible
Then further turning to the prior art of Eberle, who does disclose at Figure # 1, paragraph: 0030, lines 1 – 6, FIG. 1 further shows how a registered user might decide to provide additional profile data that might consist of personal details such as home address, hobbies, and other personal data as well as login credentials for Web sites and social networks that the user might participate in or already maintains membership.
Then further of Eberle, at Figure # 1, paragraph: 0030, lines 11 – 16, Any new data that is collected through the profile process (400) result in profile process score modifiers (500) which will modify the aggregated process score modifiers (230) to alter the relationship and reputation scoring processes (220) of one or more users which score are stored as SOARS scoring data (240).
Thus combining such teachings of prior art, we arrive at applicant’s claimed/argued feature of “adjust, based on the data regarding the plurality of profile changes...a reputation score of the user.” Specifically, Eberle, discloses a collecting and measuring operation of user data [i.e. social activities, hobbies..etc.] that is added to the social network profile, and thus a score is generated/updated based on the type of data added or additional data added to the profile, combining such teach of Eberle with the teaching of Bushboom, where the collecting of the various types of user data of the user by an identity provider, to select the appropriate authentication profile to authenticate the user appropriately. Such teachings of Eberle and Bushboom are further combined with the features of Nagaratnam, which entails collecting user data from client device from various types of communication channels by a cognitive psychology processing system, that then updates a user profile accordingly.
Combining the features of the individual prior arts as recited above, we arrive at a user profile that is updated based on collected data that is updated in the user profile, where a score is generated based on the updated data of the user profile. [..emphasis added…]
Thus, applicant’s argued/claimed feature [i.e. …. adjusting a reputation score of a user based on profile changes.] is an obvious variation of the prior art teachings as articulated above. More to the point, applicant’s argued/claimed feature is an obvious variation of the prior art over Eberle/Bushboom/Nagaratnam.
The examiner’s articulated explanation meets applicant’s remarks of: “Eberle does not teach or suggest adjusting a reputation score of a user based on profile changes.”
Applicant states on page[s] 3 – 5 of the remarks as filed: “
Claims 2 and 10 have been amended to recite similar subject matter. For example, Claim 2 as amended recites “determining, based on the plurality of changes made to the profile, at least one pattern.” The cited references do not teach determining a pattern based on a plurality of changes made to the profile as recited in Claim 2.
Page 7 of the Office Action relied on paragraphs 19-21 of Busboom as allegedly teaching “determining, based on the data, at least one pattern,” as previously recited in Claim 2. Paragraphs 19-21 of Busboom state, with emphasis from the Office Action:
The method proceeds by sending an indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider for requesting the authentication of the user by the identity provider, i.e. the service provider sends from its associated device or an device being, e.g. remotely, accessible by the service provider the one or more selected authentication security profiles as one form of an indication for indicating to the identity provider the authentication security requirement in the form of one or more authentication security profiles based on one of them the authentication is to be executed. In addition, the user identity is sent to the identity provider for the purpose of an identification of the user for the authentication step.
Next, based on the user identity and one of the one or more selected authentication security profiles, the user is authenticated by the identity provider. Authentication can be accomplished by identifying the user, e.g. as previously registered to the identity provider, and verifying the user on base of the user identity according to the one authentication security profile.
Finally, the information about a result of the authentication by the identity provider can be send to the service provider. In particular, an assertion indicating the authentication of the user is sent to the service provider, e.g. for indicating that the authentication of the user has been accomplished according to the authentication security requirement.as specified by the authentication security profile by the service provider.
Depending on the implementation or use case, the assertion can e.g. specify the one authentication profile used for authentication or simply indicate “authentication successful’. Other implementations for the assertion are possible.
As such, Busboom describes sending a security profile and user identity to an identity provider to identify/authenticate a user, and then a result may be sent back that may indicate a successful authentication.
Such description in Busboom does not at all teach or suggest determining at least one pattern as previously recited in Claim 2. And this description in Busboom certainly does not teach or suggest “determining, based on the plurality of changes made to the profile, at least one pattern,” as recited in amended Claim 2.
Indeed, the cited portions of Busboom do not relate to changes made to a profile at all, much less determining a pattern based on those profile changes.
In light of the above, independent Claims 2, 10, and 17 are patentable.
Applicant’s other claims depend, directly or indirectly, from Applicant's independent claims and are believed to distinguish over the prior art at least for the reasons discussed above.
In view of the above, Applicant respectfully requests the reconsideration of this application and the allowance of all pending claims. It is respectfully submitted that the Examiner’s rejections have been successfully traversed and that the application is now in order for allowance. Applicant believes that the Examiner’s other arguments not discussed above are moot in light of the above arguments, but reserves the right to later address these arguments. Accordingly, reconsideration of the application and allowance thereof is courteously solicited.”
In response the examiner points out that applicant's arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
The examiner rejected claim # 1 over the prior art combination of Eberle/Bushboom/Nagaratnam.
Applicant has not addressed this prior art combination as a whole. (..emphasis added…).
Specifically, applicant has not addressed the prior art of Nagaratnam as what the prior art discloses (..emphasis added…).
Specifically, pointing to the prior art of Nagaratnam. At, Figure # 1C and paragraph: 0023, lines 1 – 12, In some embodiments, the cognitive psychology processing system 470 has access to some or all of the communication channels of one or more client devices 454 and/or assesses and data collected by some or all services and/or entities [i.e. applicant’s changes]. In such embodiments, the subsequently collected data used by the cognitive psychology processing system to track psychological characteristics change of the user over time and keep cognitive psychology profiles updated includes data collected from the communication channels and/or user accounts [i.e. applicant’s plurality of changes made to the profile - changes made to a profile of a user over a time period].
Turning now to the prior art of Bushboom, who does disclose paragraph: 0019, The method proceeds by sending an indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider for requesting the authentication of the user by the identity provider, i.e. the service provider sends from its associated device or an device being, e.g. remotely, accessible by the service provider the one or more selected authentication security profiles as one form of an indication for indicating to the identity provider the authentication security requirement in the form of one or more authentication security profiles based on one of them the authentication is to be executed. In addition, the user identity is sent to the identity provider for the purpose of an identification of the user for the authentication step.
Then further of paragraph: 0020, Next, based on the user identity and one of the one or more selected authentication security profiles [i.e. applicant’s determining at least one pattern], the user is authenticated by the identity provider. Authentication can be accomplished by identifying the user, e.g. as previously registered to the identity provider, and verifying the user on base of the user identity according to the one authentication security profile.
Then further of paragraph: 0021, Finally, the information about a result of the authentication by the identity provider can be send to the service provider. In particular, an assertion indicating the authentication of the user is sent to the service provider, e.g. for indicating that the authentication of the user has been accomplished according to the authentication security requirement as specified by the authentication security profile by the service provider. Depending on the implementation or use case, the assertion can e.g. specify the one authentication profile used for authentication or simply indicate "authentication successful". Other implementations for the assertion are possible
Then further turning to the prior art of Eberle, who does disclose at Figure # 1, paragraph: 0030, lines 1 – 6, FIG. 1 further shows how a registered user might decide to provide additional profile data that might consist of personal details such as home address, hobbies, and other personal data as well as login credentials for Web sites and social networks that the user might participate in or already maintains membership.
Then further of Eberle, at Figure # 1, paragraph: 0030, lines 11 – 16, Any new data that is collected through the profile process (400) result in profile process score modifiers (500) which will modify the aggregated process score modifiers (230) to alter the relationship and reputation scoring processes (220) of one or more users which score are stored as SOARS scoring data (240).
Thus combining such teachings of prior art, we arrive at applicant’s claimed/argued feature of “adjust, based on the data regarding the plurality of profile changes...a reputation score of the user.” Specifically, Eberle, discloses a collecting and measuring operation of user data [i.e. social activities, hobbies..etc.] that is added to the social network profile, and thus a score is generated/updated based on the type of data added or additional data added to the profile, combining such teach of Eberle with the teaching of Bushboom, where the collecting of the various types of user data of the user by an identity provider, to select the appropriate authentication profile to authenticate the user appropriately. Such teachings of Eberle and Bushboom are further combined with the features of Nagaratnam, which entails collecting user data from client device from various types of communication channels by a cognitive psychology processing system, that then updates a user profile accordingly.
Combining the features of the individual prior arts as recited above, we arrive at a user profile that is updated based on collected data that is updated in the user profile, where a score is generated based on the updated data of the user profile. [..emphasis added…]
Thus, applicant’s argued/claimed feature [i.e. …. adjusting a reputation score of a user based on profile changes.] is an obvious variation of the prior art teachings as articulated above. More to the point, applicant’s argued/claimed feature is an obvious variation of the prior art over Eberle/Bushboom/Nagaratnam.
The examiner’s articulated explanation meets applicant’s remarks of: “Eberle does not teach or suggest adjusting a reputation score of a user based on profile changes.”
Response to Amendment
Status of the instant application:
Claim[s] 2 – 21, are pending in the instant application.
Claim[s] 2 – 16, under the obviousness rejections, applicant’s claim amendments have been considered, however, they are not persuasive. Therefore, the examiner has addressed such newly added claim amendments in the office action below.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim(s) 2, 3, 5, 10, 11, 17 - 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Eberle [US PGPUB # 2008/0120411] in view of Bushboom et al. [US PGPUB # 2006/0053296], further in view of Nagaratnam et al. [US PGPUB # 2019/0158477]
As per claim 2. Eberle does teach a method [paragraph: 0014, lines 1 – 4, The present invention is comprised of systems and methods for the evaluating, measuring and scoring of social relationships and the individuals involved in such relationships in regard to a social network] comprising:
receiving, by a server, data regarding changes made to a profile of a user [Figure # 1, paragraph: 0030, lines 1 – 6, FIG. 1 further shows how a registered user might decide to provide additional profile data that might consist of personal details such as home address, hobbies, and other personal data as well as login credentials for Web sites and social networks that the user might participate in or already maintains membership.]; and
adjusting, based on the pattern, a reputation score of the user [Figure # 1, paragraph: 0030, lines 11 – 16, Any new data that is collected through the profile process (400) result in profile process score modifiers (500) which will modify the aggregated process score modifiers (230) to alter the relationship and reputation scoring processes (220) of one or more users which score are stored as SOARS scoring data (240).].
While Eberle does not clearly teach determining, based on the…….at least one pattern.
However, Bushboom does teach determining, based on the……….at least one pattern [paragraph: 0019, The method proceeds by sending an indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider for requesting the authentication of the user by the identity provider, i.e. the service provider sends from its associated device or an device being, e.g. remotely, accessible by the service provider the one or more selected authentication security profiles as one form of an indication for indicating to the identity provider the authentication security requirement in the form of one or more authentication security profiles based on one of them the authentication is to be executed. In addition, the user identity is sent to the identity provider for the purpose of an identification of the user for the authentication step.
Then further of paragraph: 0020, Next, based on the user identity and one of the one or more selected authentication security profiles [i.e. applicant’s determining at least one pattern], the user is authenticated by the identity provider. Authentication can be accomplished by identifying the user, e.g. as previously registered to the identity provider, and verifying the user on base of the user identity according to the one authentication security profile.
Then further of paragraph: 0021, Finally, the information about a result of the authentication by the identity provider can be send to the service provider. In particular, an assertion indicating the authentication of the user is sent to the service provider, e.g. for indicating that the authentication of the user has been accomplished according to the authentication security requirement as specified by the authentication security profile by the service provider. Depending on the implementation or use case, the assertion can e.g. specify the one authentication profile used for authentication or simply indicate "authentication successful". Other implementations for the assertion are possible].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Eberle and Bushboom in order for the social network server-service that adjusts the relationship and reputation score of the user based on the additional profile data added to their social network profile of Eberle to include authenticating the user by an identity provider before the user is able to add items to their user profile and adjust the reputation score of the user of Bushboom. This would allow for the social network server-service operations to stay secure and to mandate that the requesting user be authenticated according to social media servicer profiles at the identity provider in a secure manner. See paragraph: 0022, lines 1 – 12 of Bushboom.
Eberle and Bushboom do not clearly teach the claim limitation of: “…a plurality of……over a period of time.”
“..plurality of changes made to the profile….”
However, Nagaratnam does teach the claim limitation of: “…a plurality of……over a period of time [paragraph: 0023, lines 1 – 10, In some embodiments, the cognitive psychology processing system 470 has access to some or all of the communication channels of one or more client devices 454 and/or assesses and data collected by some or all services and/or entities. In such embodiments, the subsequently collected data used by the cognitive psychology processing system to track psychological characteristics change of the user over time and keep cognitive psychology profiles updated includes data collected from the communication channels and/or user accounts.].
“..plurality of changes made to the profile…. [Figure # 1C and paragraph: 0023, lines 1 – 12, In some embodiments, the cognitive psychology processing system 470 has access to some or all of the communication channels of one or more client devices 454 and/or assesses and data collected by some or all services and/or entities [i.e. applicant’s changes]. In such embodiments, the subsequently collected data used by the cognitive psychology processing system to track psychological characteristics change of the user over time and keep cognitive psychology profiles updated includes data collected from the communication channels and/or user accounts [i.e. applicant’s plurality of changes made to the profile].]”
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Eberle as modified and Nagaratnam in order for the social network server-service that adjusts the relationship and reputation score of the user based on the additional profile data added to their social network profile of Eberle as modified to include authenticating the user by an multi – factor authentication operations before the user is able to add items to their user profile and adjust the authentication score of the user of Nagaratnam. This would allow for the social network server-service operations to stay secure and to mandate that the requesting user be authenticated multiple different times according to social media servicer-based security specific authentication policies. See paragraph: 0003 of Nagaratnam.
As per claim 3. Eberle as modified does teach the method of claim 2, wherein at least one of the plurality of changes to the profile is made after a successful login by the user [Bushboom, paragraph: 0021, Finally, the information about a result of the authentication by the identity provider can be send to the service provider. In particular, an assertion indicating the authentication of the user is sent to the service provider, e.g. for indicating that the authentication of the user has been accomplished according to the authentication security requirement as specified by the authentication security profile by the service provider. Depending on the implementation or use case, the assertion can e.g. specify the one authentication profile used for authentication or simply indicate "authentication successful". Other implementations for the assertion are possible].
As per claim 5. Eberle does teach the method of claim 2, wherein each change to the profile is made using a computing device that has requested access to a site [Eberle, Figure # 1, paragraph: 0030, lines 1 – 6, FIG. 1 further shows how a registered user might decide to provide additional profile data that might consist of personal details such as home address, hobbies, and other personal data as well as login credentials for Web sites and social networks that the user might participate in or already maintains membership].
As per system claim 10 that includes the same or similar claim limitations as method claim 2, and is similarly rejected.
***Applicant’s recited claim limitations of: “network interface configured to communicate with computing devices,” “computing devices of users,” “memory configured to store reputation scores for the users,” and “microprocessor,” are taught by the prior art of Eberle at Figure # 7, paragraph: 0046, lines 1 – 16, and paragraph: 0030, one or more users scores are stored as SOARS scoring data, and Figure # 3, paragraph: 0034, lines 9 – 19, the reputation and relationship scoring processes (220), respectively.
As per claim 11. Eberle as modified does teach the system of claim 10, wherein the microprocessor is further configured to receive contextual information regarding an access request by the first user, and the pattern is determined further based on the contextual information [Bushboom, paragraph: 0019, The method proceeds by sending an indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider for requesting the authentication of the user by the identity provider, i.e. the service provider sends from its associated device or an device being, e.g. remotely, accessible by the service provider the one or more selected authentication security profiles as one form of an indication for indicating to the identity provider the authentication security requirement in the form of one or more authentication security profiles based on one of them the authentication is to be executed [i.e. applicant’s pattern is determined further based on the contextual information]. In addition, the user identity is sent to the identity provider for the purpose of an identification of the user for the authentication step..].
As per system claim 17 that includes the same or similar claim language as method claim 2 and is similarly rejected.
***Applicant’s recited claim limitations of: “memory configured to store reputation scores for the users,” and “microprocessor,” are taught by the prior art of Eberle at paragraph: 0030, and Figure # 3, paragraph: 0034, lines 9 – 19, the reputation and relationship scoring processes (220), respectively.
As per claim 18. Eberle does teach the system of claim 17, wherein the microprocessor is further configured to receive details from a site being accessed by a computing device of the user [Eberle, Figure # 1, paragraph: 0030, lines 1 – 6, FIG. 1 further shows how a registered user might decide to provide additional profile data that might consist of personal details such as home address, hobbies, and other personal data as well as login credentials for Web sites and social networks that the user might participate in or already maintains membership], and the reputation score is adjusted further based on the details [Eberle, Figure # 1, paragraph: 0030, lines 11 – 16, Any new data that is collected through the profile process (400) result in profile process score modifiers (500) which will modify the aggregated process score modifiers (230) to alter the relationship and reputation scoring processes (220) of one or more users which score are stored as SOARS scoring data (240). ].
As per claim 19. Eberle does teach the system of claim 17, wherein the data regarding the plurality of profile changes is received from at least one site being accessed by a computing device of the user [Eberle, Figure # 1, paragraph: 0030, lines 1 – 6, FIG. 1 further shows how a registered user might decide to provide additional profile data that might consist of personal details such as home address, hobbies, and other personal data as well as login credentials for Web sites and social networks that the user might participate in or already maintains membership ].
Claim(s) 6, 7, 8, 20, 21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Eberle [US PGPUB # 2008/0120411] in view of Bushboom et al. [US PGPUB # 2006/0053296] and Nagaratnam et al. [US PGPUB # 2019/0158477] as applied to claim[s] 2 above, and further in view of Martin et al. [US PAT # 11838309]
As per claim 6. Eberle and Bushboom do teach what is taught in the rejection of claim 2 above.
While Eberle and Bushboom do not clearly teach the method of claim 2, wherein determining the pattern comprises determining a count of the plurality of changes made to the profile.
However, Martin does teach the method of claim 2, wherein determining the pattern comprises determining a count of the plurality of changes made to the profile [Col. 2, lines 43 – 54, The one or more processors may be further configured to scan connected account content associated with at least some of the connected social media accounts, the connected account content including at least one of profile metadata and content metadata. Collected data relating to the account content and the connected account content may be stored, within the memory, by the one or more processors. The collected data relating to the account content may be analyzed by the one or more processors by determining at least one of: one of more characteristics of the image, one or more parameters of the at least one comment or image caption, and changes in the list of connected social media accounts].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Eberle as modified and Martin in order for the social network server-service that adjusts the relationship and reputation score of the user based on the additional profile data added to their social network profile of Eberle as modified to include authenticating the user by an identity leverage database before the user is able to add items to their user profile and adjust the reputation score of the user of Martin. This would allow for the social network server-service operations to stay secure by warning the social network server – service of the reputation of the user requesting access to the profile and or social network. See col. 2, lines 3 – 20 of Martin.
As per claim 7. Eberle as modified does teach the method of claim 2, wherein determining the pattern comprises determining that a threshold number of profile changes have occurred [Martin, col. 3, lines 66 – 67 and col. 4, lines 1 – 10, The one or more processors are further configured to generate a risk assessment report including risk information, the risk information including one or more of: post characterization information identifying at least one of the plurality of posts as including textual or image content of defined types, traffic change information identifying changes in user traffic associated with the social media account greater than a first defined threshold within a first defined time period, and new connected account information identifying increases in a number of the connected social media accounts exceeding a second defined threshold within a second defined time period.].
As per claim 8. Eberle as modified does teach the method of claim 2, wherein the plurality of changes made to the profile are associated with patterns determined for a plurality of accounts of the user [Martin, Col. 2, lines 43 – 54, The one or more processors may be further configured to scan connected account content associated with at least some of the connected social media accounts, the connected account content including at least one of profile metadata and content metadata. Collected data relating to the account content and the connected account content may be stored, within the memory, by the one or more processors. The collected data relating to the account content may be analyzed by the one or more processors by determining at least one of: one of more characteristics of the image, one or more parameters of the at least one comment or image caption, and changes in the list of connected social media accounts].
As per claim 20. Eberle as modified does teach the system of claim 17, wherein the microprocessor is further configured to send, based on the data regarding the plurality of profile changes and the validation [Martin, Col. 2, lines 43 – 54, The one or more processors may be further configured to scan connected account content associated with at least some of the connected social media accounts, the connected account content including at least one of profile metadata and content metadata. Collected data relating to the account content and the connected account content may be stored, within the memory, by the one or more processors. The collected data relating to the account content may be analyzed by the one or more processors by determining at least one of: one of more characteristics of the image, one or more parameters of the at least one comment or image caption, and changes in the list of connected social media accounts], a notification to a computing device of the user [Martin, col. 2, lines 3 – 20, Disclosed herein is a system and method for risk evaluation and reputational scoring of social media accounts. The system may be implemented as, for example, an Internet-based service enabling parents to monitor and be informed of risks associated with their child's social media account. The system may utilize artificial intelligence to analyze public photos, comments, hashtags, likes, and other public-facing aspects of a child's social media account in order to detect risky and suspicious activity [i.e. applicant’s changes in profile]. The system is configured to identify, on the basis of expert research relating to the behavior of online predators and their potential victims, common predatory tactics and the types of posts that attract the attention of an online predator. Results of the analysis are then summarized and alerts based upon known predatory risk provided so parents or guardians can easily identify the concerning posts and accounts [i.e. applicant’s notification].].
As per claim 21. Eberle as modified does teach the system of claim 17, wherein the microprocessor is further configured to determine, based on the data regarding the plurality of profile changes, that a threshold number of profile changes have occurred [Martin, col. 3, lines 66 – 67 and col. 4, lines 1 – 10, The one or more processors are further configured to generate a risk assessment report including risk information, the risk information including one or more of: post characterization information identifying at least one of the plurality of posts as including textual or image content of defined types, traffic change information identifying changes in user traffic associated with the social media account greater than a first defined threshold within a first defined time period, and new connected account information identifying increases in a number of the connected social media accounts exceeding a second defined threshold within a second defined time period.].
Claim(s) 9 is/are rejected under 35 U.S.C. 103 as being unpatentable over Eberle [US PGPUB # 2008/0120411] in view of Bushboom et al. [US PGPUB # 2006/0053296] and Nagaratnam et al. [US PGPUB # 2019/0158477] as applied to claim[s] 2 above, and further in view of Seiver et al. [US PGPUB # 2017/0078322].
As per claim 9. Eberle and Bushboom and Nagaratnam do teach what is taught in the rejection of claim 2 above.
While Eberle and Bushboom and Nagaratnam do not clearly teach the method of claim 2, further comprising receiving data regarding login attempts of the user, wherein determining the pattern is further based on the data regarding login attempts.
However, Seiver does teach the method of claim 2, further comprising receiving data regarding login attempts of the user, wherein determining the pattern is further based on the data regarding login attempts [paragraph: 0311, For example, a metric can have an effect (e.g., on a compromise likelihood) upon determining that a password of a user account was last changed greater than a threshold amount of time prior (e.g., 30 days prior). In determining a compromise likelihood of a particular user account, the system can determine a value associated with the example metric, which can be based on a distance of a measured aspect of the particular user account (e.g., a time associated with a most recent password change) from the threshold amount of time. For instance, if the particular user account changed his/her password 60 days prior, the value of the example metric can be proportional to the difference from the threshold (e.g., 30 days prior). In this way, the system can increase a compromise likelihood of the particular user account, since the particular user account will have had proportionally more time for his/her password to be compromised (e.g., skimmed). Optionally, the value can be modified differently than proportionally, and can include any arbitrary function (e.g., a square root of the value, logarithm of the value, and so on, such as a square root of 60 days minus the threshold of 30 days).].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Eberle as modified and Seiver in order for the social network server-service that adjusts the relationship and reputation score of the user based on the additional profile data added to their social network profile of Eberle as modified to include authenticating the user for compartmentalized access to the social service network of Seiver. This would allow for the social network server – service to allow the user to access designated portions only of the social network based on authenticated attributes of the user’s profile. See paragraph: 0003 of Seiver.
Claim(s) 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Eberle [US PGPUB # 2008/0120411] in view of Bushboom et al. [US PGPUB # 2006/0053296] and Nagaratnam et al. [US PGPUB # 2019/0158477] as applied to claim[s] 10 above, and further in view of Cashman et al. [US PGPUB # 2013/0125211]
As per claim 12. Eberle and Bushboom and Nagaratnam do teach what is taught in the rejection of claim 10 above.
While Eberle and Bushboom and Nagaratnam do not clearly teach the system of claim 10, wherein the plurality of profile changes include an email address change for the first user.
However, Cashman does teach the system of claim 10, wherein the plurality of profile changes include an email address change for the first user [paragraph: 0121, The profile utility 518 invokes the role management service to add or remove rol