Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Torlak et al. (US 2024/0179181) hereafter Torlak in view of True et al. (US 2024/0112766) hereafter True.
1. Torlak discloses a computing system for implementing hybrid access control management, the computing system comprising:
processing circuitry coupled to memory that stores instructions, which, upon execution by the processing circuitry, cause the processing circuitry to:
receive a request from a user account to access an access-controlled resource (para 38-39);
determine a protection mechanism of the access-controlled resource, wherein the protection mechanism is an attribute-based protection mechanism or a role-based protection mechanism (para 39; para 57-62, a reader of the policy 402 can quickly discern whether the policy 402 is a pure role-based access control policy, a pure attribute-based access control policy, or a mix of a role-based access control policy and an attribute-based access control policy … determine whether an authorization request should be allowed or denied by evaluating only a subset of the entities, attributes, or policies that apply to the authorization request);
validate the request from the user account based on the determination of the protection mechanism (para 39, the authorization engine 102 will allow the authorization request 122 based on authorization policy 112 and authorization policy 114 because Alice is permitted to view the “flower.jpg” photo according to authorization policy 112 and Alice is not forbidden to perform that action on that resource by authorization policy 114), wherein validating the request comprises:
in response to determining that the protection mechanism is a role-based protection mechanism (para 57-62):
determine a role of the user account; and
validate the role of the user account against a role-based access control policy describing one or more roles permitted to access the access-controlled resource (para 57-62);
permit the user account to access the access-controlled resource upon successful validation of the request (para 39; para 57-62).
Torlak does not explicitly disclose wherein the role of the user account was automatically assigned during creation of the user account based on data of the user account. However, in an analogous art, True discloses registering and reporting in a testing program including wherein the role of the user account was automatically assigned during creation of the user account based on data of the user account (para 68). It would have been obvious to a person of ordinary skill in the art before the effective filing date to modify the implementation of Torlak with the implementation of True in order choose from a finite number of identified, predictable solutions (at the time of account registration or upon completion of user profile), with a reasonable expectation of success.
2. Torlak and True disclose the computing system of claim 1, wherein validating the request comprises: in response to determining that the protection mechanism is an attribute-based protection mechanism (Torlak, para 57-62, see above): retrieve attributes associated with an attribute-based access control policy describing attribute values permitted to access the access-controlled resource (Torlak, para 38-39, 57-62); and validate the retrieved attributes against the attribute-based access control policy (Torlak, para 38-39, 57-62).
3. Torlak and True disclose the computing system of claim 2, wherein the attribute-based access control policy and the role-based access control policy are stored in a hybrid policy store database (Torlak, para 65-68).
4. Torlak and True disclose the computing system of claim 3, wherein the hybrid policy store database is managed by a hybrid policy administration point module (Torlak, fig. 1 and corresponding text; fig. 7 and corresponding text).
5. Torlak and True disclose the computing system of claim 4, wherein the attribute-based access control policy and the role-based access control policy are generated by the hybrid policy administration point module (Torlak, fig. 1 and corresponding text, Jane creates groups, authorization policies, etc).
6. Torlak and True disclose the computing system of claim 2, wherein the retrieved attributes comprise one or more of: an attribute associated with the user account, an attribute associated with the access-controlled resource, an attribute associated with an environment, or an attribute associated with an intended operation of the request (Torlak, para 48-56).
7. Torlak and True disclose the computing system of claim 2, wherein the role of the user account was automatically assigned based on data of the user account (Torlak, para 57-62, role corresponds to the account; see also figs 1 and 2 and corresponding text).
8. Torlak and True disclose the computing system of claim 7, wherein the data of the user account and the retrieved attributes are stored in a policy information point database (Torlak, figs 17 and 18 and corresponding text).
9. Torlak and True disclose the computing system of claim 1, wherein the request is received by a policy enforcement point module (Torlak, figs 1 and 2 and corresponding text); and access to the access-controlled resource is enforced by the policy enforcement point module (Torlak, figs 1 and 2 and corresponding text).
10. Torlak and True disclose the computing system of claim 9, wherein determining the protection mechanism of the access-controlled resource is performed by the policy enforcement point module (Torlak, figs 1 and 2 and corresponding text; para 57-62).
Claims 11-20 are similar in scope to claims 1-10 and are rejected under similar rationale.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAMES R TURCHEN whose telephone number is (571)270-1378. The examiner can normally be reached Monday-Friday: 7-3.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JAMES R TURCHEN/ Primary Examiner, Art Unit 2439