Detailed Action
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in response to Application with case number 18/744,478, filed on 6/14/2024 in which claims 1-6 are presented for examination.
Status of Claims
Claims 1-20 are pending, of which claims 1, 11, and 20 are in independent form.
Specification
The examiner notes that the Specification does not include any URL links and Trademark terms requiring capitalization.
Drawing
Drawings filed on 6/14/2024 are accepted by the examiner.
Priority
Applicant’s claim for benefit of priority based on Chenise patent application CN202310715571.2 filed on 6/16/2023 is acknowledged by the examiner.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claim(s) 1-8, 10-20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Chandra et al. (US 2023/0353575 A1) hereinafter Chandra.
As to claim 1, Chandra teaches an authentication method, comprising:
sending a first workflow viewing request to a service system (see Fig. 1, Agnostic Workflow Platform 120 for receiving a workflow request message 105; see Fig. 4, step 4; see para. [0013] “…receive a workflow request message from the initiator device, wherein the workflow request message is associated with a workflow request; wherein the workflow request message includes: at least one user profile identifier identifying the user profile associated with the user, at least one entity identifier identifying the entity and a actions-sequence identifier identifying the at least one automated processing actions-sequence, including a plurality of instructions corresponding to a plurality of actions”), wherein the service system is configured to return first workflow data and first verification information based on an identity of a sender satisfying a permission requirement (see para. [0066]-[0067] “[0066] …the user and/or the entity may provide electronic activity details, such as, e.g., a third-party identifier, an initiator device identifier, an activity type, an activity operation, an activity value, an activity quantity, among other electronic activity details. In some embodiments, one or more of the electronic activity details may be automatically generated based on data input by the user or entity or both. The authorization request generator 111 may be pre-programmed to generate one or more of the electronic activity details based on certain inputs by the user, entity, or both. For example, the entity may input a physical object effected by or otherwise associated with the electronic activity, and the authorization request generator 111 may automatically generate user-related, activity-related data such as the activity type, activity operation, activity value, and/or any other activity-related parameter (e.g., frequency, quantity, etc.) based on the physical object associated with the electronic activity. [0067] In some embodiments, based on the electronic activity, certain workflows may be advantageous for providing data and information to the user, the entity or both. For example, a status of a transaction for food or for an online purchase may be better communicated to the user through direct contact. In another example, a user profile creation at a website or social network may be made more efficient and secure by data sharing via an account or identity management system. Accordingly, based on, e.g., the activity type or activity operation or other suitable activity-related data item, the authorization request generator 111 may be configured to automatically generate a workflow identifier identifying a requested workflow service, workflow type identifier identifying a workflow type, or both.”; see para. [0117] “ the tokenization service 180 may generate a digital action-sequence token that represents permission to execute a workflow for a user. Thus, in some embodiments, the tokenization service 180 may generate, e.g., a one-time use token, such as, e.g., a one-time password, a cryptographic hash, a message authentication code (MAC), or other limited use token. For example, the tokenization service 180 may tokenize electronic activity-related data from the activity verification request 103 using, e.g., a randomly generated value, a cryptographic hash of the indicator, or a combination of a cryptographic hash with the indicator and the randomly generated value. In an example, the tokenization may also include the third-party identifier, or a device identifier associated with the initiator component 110 in the cryptographic hash to, e.g., ensure the requester requesting a workflow is an authorized requester according to an identifier associated with the requester. Accordingly, the tokenization service 130 may produce tokens of varying security levels.”; see para. [0120] “upon matching the action-sequence tokens, thus validating the workflow request 105 and identifying the user via the user identifier, the tokenization service 180 may generate a workflow execution authorization 109. In some embodiments, the workflow execution authorization 109 may include, e.g., a verification confirmation indicating that the workflow request 105 matches the activity verification request 103 and workflow-related user data”);
displaying the first workflow data returned from the service system (see para. [0062] “In some embodiments, a user data-based workflow may include any suitable actions-sequence formed of a sequence of computational and/or network actions to provide a service to the user. In some embodiments, the actions sequence may include actions for identifying a criterion associated with a particular device and/or particular user and/or particular electronic activity and performing a set of actions based on the criterion to provide a notification, display, service, data, or other service to the particular device and/or particular user. ”);
sending, to the service system, a first operation request in response to detecting a first operation on the displayed first workflow data (see para.[0081] “[0081] In some embodiments, upon receiving the response message 104 indicating authorization of the electronic activity, the initiator component 110 may implement a workflow request generator 112 to request instantiation of a workflow by the agnostic workflow platform 120. In some embodiments, the workflow request generator 112 may track a status of the electronic activity and generate a workflow request 105 based on the status. The workflow request generator 112 may issue the workflow request 105, e.g., periodically, upon at least one trigger condition that triggers the workflow request 105, or by any other trigger or any combination thereof. For example, one or more trigger conditions may include, e.g., without limitation, order status changes based on an electronic activity including an order of a product or service (e.g., food delivery status, reservation status, vehicle maintenance/repair status, product maintenance/repair status, etc.), file download/transfer/upload status changes (e.g., download/transfer/upload start, in progress, complete, etc.), ride share status changes (e.g., en-route to pick-up, nearby to pick-up, waiting for pick-up, en-route to destination, nearby to destination, drop-off complete, etc.), among other trigger conditions in one or more electronic activities, or any combination thereof. In some embodiments, the trigger may be periodic updates according to, e.g., one minute, two-minute, three-minute, four-minute, five-minute, ten-minute, fifteen-minute, twenty-minute, twenty-five-minute, thirty-minute, forty-five-minute, one hour, two-hour, three-hour, four-hour, five-hour, six-hour, eight-hour, ten-hour, twelve-hour, one day or any other suitable period based on the electronic activity or any combination thereof.”; see also para. [0082]), wherein the first operation request comprises the first verification information (see para. [0082]. e.g. workflow identifier), and the first operation request is used for the service system to determine whether the first operation is allowed to be executed based on the first verification information (see para. [0089] “…the tokenization service 130 may extract the indicator of the workflow verification as well as the workflow type or workflow identifier from the workflow request 105. In some embodiments, based on the indicator, the tokenization service 130 may generate a digital actions-sequence token that represents permission to request a workflow and access the workflow functionality. ” ); and
displaying an execution result of the first operation in response to the first operation being allowed to be executed (see para. [0132]-[0135] “[0135] In some embodiments, the workflow engine 143 may alternatively or additionally provide the workflow output 107 to the initiating device. For example, in some scenarios the user may be located at the initiating device. As a result, the workflow output 107 may be advantageously delivered to the initiating device to alert the user while at the initiating device's location, increasing the likelihood that the user receives the workflow output 107.”).
As to claims 11 and 20, claims 11 and 20 include limitations as claim 1 and thus claims 11 and 20 are rejected for the same reason.
As to claims 2 and 12, in view of claims 1 and 11, respectively, Chandra teaches wherein the first verification information comprises at least one of: identity identification information (see para. [0119] “0119] In some embodiments, the action-sequence token produced by the activity verification system 160 may be linked to the electronic activity logged in the profile service 170 for which the token is generated. Thus, in some embodiments, the tokenization service 180 compare the token from the tokenization service 130 to match the workflow request 105 to the activity verification request 103 based on the logged data in the profile service 170 and identify the electronic activity including attributes thereof, such as the user identifier associated therewith.”), or attachment identification information corresponding to the first workflow data, wherein the attachment identification information is used to indicate a duration for obtaining the first workflow data.
As to claims 3 and 13, in view of claims 1 and 11, respectively, Chandra teaches wherein the first verification information comprises identity identification information, and wherein the service system determines that the first operation is allowed to be executed in response to determining that a predefined account comprises a user account indicated by the identity identification information (see para. [0128] “user data related actions may be triggered by the initiating device without the initiating device handling or accessing the user data, maintaining security of the user data. Because the activity verification system validates the workflow request 105 and has an existing relationship with the user, including an existing user profile with, e.g., contact information as well as other user information, the agnostic workflow platform may leverage that relationship to enable the entity to provide services to the user without the entity having the infrastructure or user data to do so, thus improving functionality of the initiating device by operating on its behalf upon receipt of a valid workflow request 105.”; see para. [0144] “In some embodiments, the electronic event authentication message may include the at least one user profile identifier identifying the user profile associated with the user, and the at least one entity identifier identifying the entity, e.g., as specified to execute the electronic event at the initiator device.”).
As to claims 4 and 14, in view of claims 2 and 12, respectively, Chandra teaches wherein the first verification information comprises the attachment identification information corresponding to the first workflow data (e.g., workflow identifier), and wherein the service system determines that the first operation is allowed to be executed in response to determining that the duration indicated by the attachment identification information is less than a preset duration (see para. [0132] “…the secure workflow may generate a status notification including, e.g., a multifactor authentication token, an amount of time left for token validity, among other multifactor authentication token status information. In some embodiments, the secure workflow may also generate the multifactor authentication token in addition to the notification regarding the token. In some embodiments, the secure workflow may look up or reference an externally generated multifactor authentication token.”, e.g., amount of time left for token validity).
As to claims 5 and 15, in view of claims 2 and 12, respectively, Chandra teaches wherein the first verification information comprises the identity identification information, and the attachment identification information corresponding to the first workflow data (see para. [0086] e.g., user identifier, workflow identifier “at least one workflow request 105 may include a structured data format for recording the data related to the electronic activity for which verification is requested. In some embodiments the tokenization service 130 may parse the data of the workflow request 105 to extract, e.g., the user identifier, the user profile identifier, the entity identifier, the initiator device identifier, the workflow identifier, an electronic activity identifier, an activity verification system identifier associated with the activity verification system 160, and/or other identifier and/or other attributes or any combination thereof.”), and wherein the service system determines that the first operation is allowed to be executed in response to determining that a predefined account comprises a user account indicated by the identity identification information, and that the duration indicated by the attachment identification information is less than a preset duration (see para. [0132]).
As to claims 6 and 16, in view of claims 3 and 13, respectively, Chandra teaches wherein the predefined account comprises at least one of the following types of account: a preset account; and an account with preset permission opened by using the preset account (see para. [0120] “In some embodiments, upon matching the action-sequence tokens, thus validating the workflow request 105 and identifying the user via the user identifier, the tokenization service 180 may generate a workflow execution authorization 109. In some embodiments, the workflow execution authorization 109 may include, e.g., a verification confirmation indicating that the workflow request 105 matches the activity verification request 103 and workflow-related user data. For example, in some embodiments, the workflow authorization request 108 may specify a workflow type and/or workflow data requirements. Thus, the tokenization service 180 may determine the data requirements for workflow-related data based on the workflow type and/or the workflow data requirements. Accordingly, the workflow execution authorization 109 may include the workflow-related data, such as, e.g., user contact information, a user computing device identifier, a user social media account, a user blog, a user address, or other user information necessary for executing the workflow or any combination thereof. The workflow request 105 and the workflow-related data of the workflow execution authorization 109 may then be provided to the workflow management service 140 for identification, orchestration, and execution of the associated workflow on behalf of the initiator component 110.”).
As to claims 7 and 17, in view of claims 1 and 11, respectively, Chandra teaches wherein the viewing request comprises identity identification information, the identity identification information corresponds to a viewing level, and different viewing levels correspond to different first workflow data; and the service system obtains the first workflow data based on the identity identification information (see para. [0098] “In an example, the tokenization may also include the third-party identifier, or a device identifier associated with the initiator component 110 in the cryptographic hash to, e.g., ensure the requester requesting a workflow is an authorized requester according to an identifier associated with the requester. Accordingly, the tokenization service 130 may produce tokens of varying security levels that are specific to the initiator device (device specific), to the user (user specific), to the third-party (entity specific), to the activity verification system (activity verification system specific), or to any other suitable device and/or entity or any combination thereof.”).
As to claims 8 and 18, in view of claims 7 and 17, respectively, Chandra teaches wherein the viewing level corresponds to a rank of a user account indicated by the identity identification information (see para. [0098], e.g., security level).
As to claims 10 and 19, in view of claims 1 and 11, respectively, Chandra teaches wherein the first operation comprises at least one of the following: sharing the first workflow data to a designated platform, commenting on the first workflow data, or accessing or saving an attachment in the first workflow (see para. [0081] “file download/transfer/upload status changes (e.g., download/transfer/upload start, in progress, complete, etc.), ride share status changes (e.g., en-route to pick-up, nearby to pick-up, waiting for pick-up, en-route to destination, nearby to destination, drop-off complete, etc.), among other trigger conditions in one or more electronic activities ”).
Allowable Subject Matter
Claim 9 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter: As to claim 9, prior art(s) of record and further search does not teach the following limitations – “in response to detecting that a first user account sends the first workflow data to a second user account, determining whether a rank of the first user account is greater than a rank of the second user account; in accordance with a determination that the rank of the first user account is greater than the rank of the second user account, displaying at least one type of permission configuration information, wherein the permission configuration information is used to indicate viewing permission; and determining a viewing level of the second user account based on selected permission configuration information”.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HEE K SONG whose telephone number is (571)270-3260. The examiner can normally be reached on M-F 9:00 am – 5:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571)272-3867 . The fax phone number for the organization where this application or proceeding is assigned is 571-273-7291.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HEE K SONG/Primary Examiner, Art Unit 2497