INSPECTING REQUESTS FOR SECRETS USED FOR AUTHENTICATIONS WITH RESOURCES BY AN INTERMEDIARY SERVER

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 1. The following is a Final Office Action in response to applicant’s arguments/filing filed on January 6, 2026 Claims 1, 8 and 15 are amended Claims 1-21 are pending Response to Arguments Applicant’s amendment to claims 1, 8, and 15 filed on 1/6/2026 regarding, “identifying a secret associated with the first HTTP request, the secret for authenticating the client with the requested resource;“, necessitated the new ground(s) of rejection presented in this Office action. Therefore, Applicant's arguments with respect to claims 1-21 have been considered but are moot in view of the new ground(s) of rejection. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 1.) Claims 1, 3, 8, 10, 15 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160164861, Treleaven in view of US 9356845, Dugan and further in view of US 20230403279, Gnanaprakasam In regards to claim 1, Treleaven teaches a computer-implemented method comprising: receiving a first HTTP request from a client to access a resource(US 20160164861, Treleaven, para. 0040, With each subsequent request to protected resources within the domain, the login cookie is presented to the protected resource. Each protected resource of the domain checks the login cookie to ensure that the user that entered the login credentials is the sender of the request for access to the protected resource. Each protected resource compares the verification data in the cookie against HTTP[i.e. note: HTTP request].); identifying a secret associated with the first HTTP request, the secret for authenticating the client with the requested resource(US 20160164861, Treleaven, para. 0040, With each subsequent request to protected resources within the domain, the login cookie is presented to the protected resource. Each protected resource of the domain checks the login cookie to ensure that the user that entered the login credentials is the sender of the request for access to the protected resource.); applying a hashing algorithm to the identified secret to generate a hashed version of the identified secret(US 20160164861, Treleaven, para. 0059, The authentication server 360 checks that the login cookie is valid, the authentication For example, when creating the limited-distribution cookie, a Hash-Based Message Authentication Code (HMAC) can be created based on a secret-key stored included in the limited-distribution cookie.); Treleaven does not teach updating a data structure with a client identifier associated with the first HTTP request, a resource identifier associated with the resource, the hashed version of the identified secret, and a time of the first HTTP request However, Dugan teaches updating a data structure with a client identifier associated with the first HTTP request, a resource identifier associated with the resource, the hashed version of the identified secret, and a time of the first HTTP request (US 9356845, Dugan, col. 7, lines 8-21, the aforesaid process 300 for recognizing a user 402 of an inbound HTTP request message 204 is used to create (e.g., a new user) or update (e.g., an existing user) a profile record 400[i.e. note: data structure] for the user 402 in database 210. As mentioned above, information to be recorded in the user's profile record in database 210 includes whether the user is a new user (step 324), an existing user (steps 326 or 344), uses a firewall (steps 318, 330 or 334), is a roamer (338), and has changed their web browser (step 342). Additionally, as depicted in FIG. 4, each user's profile record 400 in database 210 will preferably include content metadata fields 410[i.e. note: time of creation information is inherently included in metadata information], referring data sources 412, 414 and 416, user geographic data 418 and system identification information 420 relating to the user 402.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Treleaven with the teaching of Dugan because a user would have been motivated to enhance the robustness of the HTTP request, taught by Treleaven, by including a hash ID in the event the cookie is not present in the request message(Dugan, col. 2, lines 1-10) and the combination of Treleaven and Dugan do not teach generating a dashboard interface based on data stored in the data structure, the dashboard interface displaying a history of requests for resources by clients However, Gnanaprakasam teaches generating a dashboard interface based on data stored in the data structure, the dashboard interface displaying a history of requests for resources by clients (US 20230403279, Gnanaprakasam, para. 0054, the computing device may receive, from a first user device, a first request to access a resource. For example, the first user device may be similar to the computing devices 110 and may send a first request to access data stored in the cloud database platform via a dashboard application that may display the data. The first user device may request access to all records[e.g. note: historical] stored by the database.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven and Dugan with the teaching of Gnanaprakasam because a user would have been motivated to protect data resources, taught by Gnanaprakasam, by denying an HTTP requests, taught by the combination of Treleaven and Dugan, when it is determined that the requesting entity is unwanted or unauthenticated(Gnanaprakasam, para. 0010) In regards to claim 3, the combination of Treleaven, Dugan and Gnanaprakasam teach the computer-implemented method of claim 1, wherein updating the data structure further comprises: generating an entry in the data structure for a client-resource pair corresponding to the client identifier and the resource identifier(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and appending the hashed version of the identified secret to the entry in the data structure(US 9356845, Dugan, col. 6, lines 4-11, If it is determined the user of the inbound HTTP request message 204 is a new user (the user hash ID was not previously recorded in database 210), then a new profile record for the user is created in the database 210 (step 324), as mentioned further below. And if it is determined the user of the inbound HTTP request message 204 is an existing user, then the user's preexisting profile record is accordingly updated (step 326),[i.e. note: where a profile record{i.e. data structure} is updated to include the new hash ID]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven and Gnanaprakasam with the teaching of Dugan because a user would have been motivated to enhance the robustness of the HTTP request, taught by Treleaven, by including a hash ID in the event the cookie is not present in the request message(Dugan, col. 2, lines 1-10) In regards to claim 8, Treleaven teaches a non-transitory machine-readable storage medium that provides instructions that, if executed by a processor, will cause said processor to perform operations comprising, comprising: receiving a first HTTP request from a client to access a resource(US 20160164861, Treleaven, para. 0040, With each subsequent request to protected resources within the domain, the login cookie is presented to the protected resource. Each protected resource of the domain checks the login cookie to ensure that the user that entered the login credentials is the sender of the request for access to the protected resource. Each protected resource compares the verification data in the cookie against HTTP[i.e. note: HTTP request].); identifying a secret associated with the first HTTP request, the secret for authenticating the client with the requested resource(US 20160164861, Treleaven, para. 0040, With each subsequent request to protected resources within the domain, the login cookie is presented to the protected resource. Each protected resource of the domain checks the login cookie to ensure that the user that entered the login credentials is the sender of the request for access to the protected resource.); applying a hashing algorithm to the identified secret to generate a hashed version of the identified secret(US 20160164861, Treleaven, para. 0059, The authentication server 360 checks that the login cookie is valid, the authentication For example, when creating the limited-distribution cookie, a Hash-Based Message Authentication Code (HMAC) can be created based on a secret-key stored included in the limited-distribution cookie.); Treleaven does not teach updating a data structure with a client identifier associated with the first HTTP request, a resource identifier associated with the resource, the hashed version of the identified secret, and a time of the first HTTP request However, Dugan teaches updating a data structure with a client identifier associated with the first HTTP request, a resource identifier associated with the resource, the hashed version of the identified secret, and a time of the first HTTP request(US 9356845, Dugan, col. 7, lines 8-21, the aforesaid process 300 for recognizing a user 402 of an inbound HTTP request message 204 is used to create (e.g., a new user) or update (e.g., an existing user) a profile record 400[i.e. note: data structure] for the user 402 in database 210. As mentioned above, information to be recorded in the user's profile record in database 210 includes whether the user is a new user (step 324), an existing user (steps 326 or 344), uses a firewall (steps 318, 330 or 334), is a roamer (338), and has changed their web browser (step 342). Additionally, as depicted in FIG. 4, each user's profile record 400 in database 210 will preferably include content metadata fields 410, referring data sources 412, 414 and 416, user geographic data 418 and system identification information 420 relating to the user 402.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Treleaven with the teaching of Dugan because a user would have been motivated to enhance the robustness of the HTTP request, taught by Treleaven, by including a hash ID in the event the cookie is not present in the request message(Dugan, col. 2, lines 1-10) and the combination of Treleaven and Dugan do not teach generating a dashboard interface based on data stored in the data structure, the dashboard interface displaying a history of requests for resources by clients However, Gnanaprakasam teaches generating a dashboard interface based on data stored in the data structure, the dashboard interface displaying a history of requests for resources by clients (US 20230403279, Gnanaprakasam, para. 0054, the computing device may receive, from a first user device, a first request to access a resource. For example, the first user device may be similar to the computing devices 110 and may send a first request to access data stored in the cloud database platform via a dashboard application that may display the data. The first user device may request access to all records[e.g. note: historical] stored by the database.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven and Dugan with the teaching of Gnanaprakasam because a user would have been motivated to protect data resources, taught by Gnanaprakasam, by denying an HTTP requests, taught by the combination of Treleaven and Dugan, when it is determined that the requesting entity is unwanted or unauthenticated(Gnanaprakasam, para. 0010) In regards to claim 10, the combination of Treleaven, Dugan and Gnanaprakasam teach the non-transitory machine-readable storage medium of claim 8, wherein updating the data structure further comprises: generating an entry in the data structure for a client-resource pair corresponding to the client identifier and the resource identifier(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and appending the hashed version of the identified secret to the entry in the data structure(US 9356845, Dugan, col. 6, lines 4-11, If it is determined the user of the inbound HTTP request message 204 is a new user (the user hash ID was not previously recorded in database 210), then a new profile record for the user is created in the database 210 (step 324), as mentioned further below. And if it is determined the user of the inbound HTTP request message 204 is an existing user, then the user's preexisting profile record is accordingly updated (step 326),[i.e. note: where a profile record{i.e. data structure} is updated to include the new hash ID]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven and Gnanaprakasam with the teaching of Dugan because a user would have been motivated to enhance the robustness of the HTTP request, taught by Treleaven, by including a hash ID in the event the cookie is not present in the request message(Dugan, col. 2, lines 1-10) In regards to claim 15, Treleaven teaches a server, comprising: a processor(US 20160164861, Treleaven, para. 0104, The implementation can, for example, be a programmable processor, a computer, and/or multiple computers.); and a non-transitory machine-readable storage medium that provides instructions that, if executed by the processor, will cause the server to perform operations(US 20160164861, Treleaven, para. 0106, Method steps can be performed by one or more programmable processors executing a computer program to perform functions of the invention by operating on input data and generating output.) including: receiving a first HTTP request from a client to access a resource(US 20160164861, Treleaven, para. 0040, With each subsequent request to protected resources within the domain, the login cookie is presented to the protected resource. Each protected resource of the domain checks the login cookie to ensure that the user that entered the login credentials is the sender of the request for access to the protected resource. Each protected resource compares the verification data in the cookie against HTTP[i.e. note: HTTP request].); identifying a secret associated with the first HTTP request, the secret for authenticating the client with the requested resource(US 20160164861, Treleaven, para. 0040, With each subsequent request to protected resources within the domain, the login cookie is presented to the protected resource. Each protected resource of the domain checks the login cookie to ensure that the user that entered the login credentials is the sender of the request for access to the protected resource.); applying a hashing algorithm to the identified secret to generate a hashed version of the identified secret(US 20160164861, Treleaven, para. 0059, The authentication server 360 checks that the login cookie is valid, the authentication For example, when creating the limited-distribution cookie, a Hash-Based Message Authentication Code (HMAC) can be created based on a secret-key stored included in the limited-distribution cookie.); Treleaven does not teach updating a data structure with a client identifier associated with the first HTTP request, a resource identifier associated with the resource, the hashed version of the identified secret, and a time of the first HTTP request However, Dugan teaches updating a data structure with a client identifier associated with the first HTTP request, a resource identifier associated with the resource, the hashed version of the identified secret, and a time of the first HTTP request (US 9356845, Dugan, col. 7, lines 8-21, the aforesaid process 300 for recognizing a user 402 of an inbound HTTP request message 204 is used to create (e.g., a new user) or update (e.g., an existing user) a profile record 400[i.e. note: data structure] for the user 402 in database 210. As mentioned above, information to be recorded in the user's profile record in database 210 includes whether the user is a new user (step 324), an existing user (steps 326 or 344), uses a firewall (steps 318, 330 or 334), is a roamer (338), and has changed their web browser (step 342). Additionally, as depicted in FIG. 4, each user's profile record 400 in database 210 will preferably include content metadata fields 410, referring data sources 412, 414 and 416, user geographic data 418 and system identification information 420 relating to the user 402.); It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Treleaven with the teaching of Dugan because a user would have been motivated to enhance the robustness of the HTTP request, taught by Treleaven, by including a hash ID in the event the cookie is not present in the request message(Dugan, col. 2, lines 1-10) and the combination of Treleaven and Dugan do not teach generating a dashboard interface based on data stored in the data structure, the dashboard interface displaying a history of requests for resources by clients However, Gnanaprakasam teaches generating a dashboard interface based on data stored in the data structure, the dashboard interface displaying a history of requests for resources by clients (US 20230403279, Gnanaprakasam, para. 0054, the computing device may receive, from a first user device, a first request to access a resource. For example, the first user device may be similar to the computing devices 110 and may send a first request to access data stored in the cloud database platform via a dashboard application that may display the data. The first user device may request access to all records[e.g. note: historical] stored by the database.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven and Dugan with the teaching of Gnanaprakasam because a user would have been motivated to protect data resources, taught by Gnanaprakasam, by denying an HTTP requests, taught by the combination of Treleaven and Dugan, when it is determined that the requesting entity is unwanted or unauthenticated(Gnanaprakasam, para. 0010) In regards to claim 17, the combination of Treleaven, Dugan and Gnanaprakasam teach the server of claim 15, wherein updating the data structure further comprises: generating an entry in the data structure for a client-resource pair corresponding to the client identifier and the resource identifier(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and appending the hashed version of the identified secret to the entry in the data structure(US 9356845, Dugan, col. 6, lines 4-11, If it is determined the user of the inbound HTTP request message 204 is a new user (the user hash ID was not previously recorded in database 210), then a new profile record for the user is created in the database 210 (step 324), as mentioned further below. And if it is determined the user of the inbound HTTP request message 204 is an existing user, then the user's preexisting profile record is accordingly updated (step 326),[i.e. note: where a profile record{i.e. data structure} is updated to include the new hash ID]). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven and Gnanaprakasam with the teaching of Dugan because a user would have been motivated to enhance the robustness of the HTTP request, taught by Treleaven, by including a hash ID in the event the cookie is not present in the request message(Dugan, col. 2, lines 1-10) 2.) Claims 2, 9 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160164861, Treleaven in view of US 9356845, Dugan and further in view of US 20230403279, Gnanaprakasam and further in view of US 20200007531, Koottayi In regards to claim 2, the combination of Treleaven, Dugan and Gnanaprakasam teach the computer-implemented method of claim 1. The combination of Treleaven, Dugan and Gnanaprakasam do not teach wherein identifying the secret associated with the first HTTP request comprises: performing a pattern recognition on attributes of the first HTTP request, the attributes including an authorization header However, Koottayi teach wherein identifying the secret associated with the first HTTP request comprises: performing a pattern recognition on attributes of the first HTTP request, the attributes including an authorization header (US 20200007531, Koottayi, para. 0077, the security agent checks an access item provided in the HTTP header of the request. The access item may be either a single character (always matches) or may be multiple characters such as a domain with one or more wildcards (e.g., at the start and/or end) and optionally a scheme and specified port. The access item is compared to a predefined syntax (e.g., an extended Backus-Naur form) that may be stored in a protection policy of the security agent for the resource. Defining and storing the syntax for pattern recognition may be an administrative activity while seeding the protection policies in the access manager system.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Koottayi because a user would have been motivated to protect access to both API resources and WEB resources, taught by Koottayi, by denying an HTTP request command, taught by Dugan, when a bearer token lacks sufficient permissions(Koottayi, para. 0006 and 0060) In regards to claim 9, the combination of Treleaven, Dugan and Gnanaprakasam teach the non-transitory machine-readable storage medium of claim 8. The combination of Dugan and Gnanaprakasam do not teach wherein identifying the secret associated with the first HTTP request comprises: performing a pattern recognition on attributes of the first HTTP request, the attributes including an authorization header However, Koottayi teaches wherein identifying the secret associated with the first HTTP request comprises: performing a pattern recognition on attributes of the first HTTP request, the attributes including an authorization header (US 20200007531, Koottayi, para. 0077, the security agent checks an access item provided in the HTTP header of the request. The access item may be either a single character (always matches) or may be multiple characters such as a domain with one or more wildcards (e.g., at the start and/or end) and optionally a scheme and specified port. The access item is compared to a predefined syntax (e.g., an extended Backus-Naur form) that may be stored in a protection policy of the security agent for the resource. Defining and storing the syntax for pattern recognition may be an administrative activity while seeding the protection policies in the access manager system.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Koottayi because a user would have been motivated to protect access to both API resources and WEB resources, taught by Koottayi, by denying an HTTP request command, taught by Dugan, when a bearer token lacks sufficient permissions(Koottayi, para. 0006 and 0060) In regards to claim 16, the combination of Treleaven, Dugan and Gnanaprakasam teach the server of claim 15. The combination of Treleaven, Dugan and Gnanaprakasam do not teach wherein identifying the secret associated with the first HTTP request comprises: performing a pattern recognition on attributes of the first HTTP request, the attributes including an authorization header However, Koottayi teaches wherein identifying the secret associated with the first HTTP request comprises: performing a pattern recognition on attributes of the first HTTP request, the attributes including an authorization header(US 20200007531, Koottayi, para. 0077, the security agent checks an access item provided in the HTTP header of the request. The access item may be either a single character (always matches) or may be multiple characters such as a domain with one or more wildcards (e.g., at the start and/or end) and optionally a scheme and specified port. The access item is compared to a predefined syntax (e.g., an extended Backus-Naur form) that may be stored in a protection policy of the security agent for the resource. Defining and storing the syntax for pattern recognition may be an administrative activity while seeding the protection policies in the access manager system.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Koottayi because a user would have been motivated to protect access to both API resources and WEB resources, taught by Koottayi, by denying an HTTP request command, taught by Dugan, when a bearer token lacks sufficient permissions(Koottayi, para. 0006 and 0060) 3. Claims 4, 11 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160164861, Treleaven in view of US 9356845, Dugan and further in view of US 20230403279, Gnanaprakasam and further in view of US 20160295566, Morper In regards to claim 4, the combination of Treleaven, Dugan and Gnanaprakasam teach the computer-implemented method of claim 3, further comprising: receiving a second HTTP request from the client to access the resource(US 9356845, Dugan, col. 1, lines 62- 67, In one aspect, a system and method for audience segment profiling and targeting is described in which an aspect of the invention relates to a computer implemented method for identifying a user from selected content extracted from inbound HTTP request messages sent to a Web server from remotely located Web browsers via the Internet.); identifying the secret associated with the second HTTP request(US 9356845, Dugan, col. 4, lines 43-51, The Web server system 208 processes[i.e. note: identifies message info.] request and response messages which are received and sent using the Hypertext Transfer Protocol (HTTP), an application-level protocol used by the World-Wide Web global information system. The HTTP protocol is a request/response protocol. A client sends a request to the server in the form of a request method, URI, and protocol version, followed by a MIME-like message containing request modifiers, client information[e.g. note: password secret], and possible body content over a connection with a server.); applying the hashing algorithm to the identified secret to generate the hashed version of the identified secret(US 9356845, Dugan, col. 5, lines 49-59, With continuing reference to FIG. 3, on the server-side (e.g., Web server 208) for the inbound HTTP request message 204, a determination is then made as to whether the inbound HTTP request message 204 contained a user ID (e.g., a LSO or Cookie) (step 315). If there was no user ID, then a “hash ID” is to be used for the inbound HTTP request message 204 preferably consisting of the IP address and UserAgent associated with the inbound HTTP request message 204. A determination is then made as to whether the user (as identified by the aforesaid hash ID) for inbound HTTP request message 204 resides behind a firewall (step 318).); identifying the entry in the data structure for the client-resource pair corresponding to the client identifier and the resource identifier(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and The combination of Treleaven, Dugan and Gnanaprakasam do not teach incrementing a counter associated with the entry in the data structure for the client-resource pair However, Morper teaches incrementing a counter associated with the entry in the data structure for the client-resource pair (US 20160295566, Morper, para. 0116, If a contract will be established, the details of the contract (records of matching resource request and resource offer, merchant trader ID and client trader ID, the certificate that was used may be stored in yet another database which are referenced by an index that allows to point to the according database entry. This index could be a transaction index which is an incremented counter (incremented with each new entry)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Morper because a user would have been motivated to use resource policies, taught by Morper, in order to modify the managing of resources in accordance with the specific needs for each HTTP request command(Morper, para. 0037) In regards to claim 11, the combination of Treleaven, Dugan and Gnanaprakasam teach the non-transitory machine-readable storage medium of claim 10, wherein the operations further comprise: receiving a second HTTP request from the client to access the resource(US 9356845, Dugan, col. 1, lines 62- 67, In one aspect, a system and method for audience segment profiling and targeting is described in which an aspect of the invention relates to a computer implemented method for identifying a user from selected content extracted from inbound HTTP request messages sent to a Web server from remotely located Web browsers via the Internet.); identifying the secret associated with the second HTTP request(US 9356845, Dugan, col. 4, lines 43-51, The Web server system 208 processes[i.e. note: identifies message info.] request and response messages which are received and sent using the Hypertext Transfer Protocol (HTTP), an application-level protocol used by the World-Wide Web global information system. The HTTP protocol is a request/response protocol. A client sends a request to the server in the form of a request method, URI, and protocol version, followed by a MIME-like message containing request modifiers, client information[e.g. note: password secret], and possible body content over a connection with a server.); applying the hashing algorithm to the identified secret to generate the hashed version of the identified secret(US 9356845, Dugan, col. 5, lines 49-59, With continuing reference to FIG. 3, on the server-side (e.g., Web server 208) for the inbound HTTP request message 204, a determination is then made as to whether the inbound HTTP request message 204 contained a user ID (e.g., a LSO or Cookie) (step 315). If there was no user ID, then a “hash ID” is to be used for the inbound HTTP request message 204 preferably consisting of the IP address and UserAgent associated with the inbound HTTP request message 204. A determination is then made as to whether the user (as identified by the aforesaid hash ID) for inbound HTTP request message 204 resides behind a firewall (step 318).); identifying the entry in the data structure for the client-resource pair corresponding to the client identifier and the resource identifier(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and The combination of Treleaven, Dugan and Gnanaprakasam do not teach incrementing a counter associated with the entry in the data structure for the client-resource pair However, Morper teaches incrementing a counter associated with the entry in the data structure for the client-resource pair (US 20160295566, Morper, para. 0116, If a contract will be established, the details of the contract (records of matching resource request and resource offer, merchant trader ID and client trader ID, the certificate that was used may be stored in yet another database which are referenced by an index that allows to point to the according database entry. This index could be a transaction index which is an incremented counter (incremented with each new entry)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Morper because a user would have been motivated to use resource policies, taught by Morper, in order to modify the managing of resources in accordance with the specific needs for each HTTP request command(Morper, para. 0037) In regards to claim 18, the combination of Treleaven, Dugan and Gnanaprakasam teach the server of claim 17, wherein the operations further comprise: receiving a second HTTP request from the client to access the resource(US 9356845, Dugan, col. 1, lines 62- 67, In one aspect, a system and method for audience segment profiling and targeting is described in which an aspect of the invention relates to a computer implemented method for identifying a user from selected content extracted from inbound HTTP request messages sent to a Web server from remotely located Web browsers via the Internet.); identifying the secret associated with the second HTTP request(US 9356845, Dugan, col. 4, lines 43-51, The Web server system 208 processes[i.e. note: identifies message info.] request and response messages which are received and sent using the Hypertext Transfer Protocol (HTTP), an application-level protocol used by the World-Wide Web global information system. The HTTP protocol is a request/response protocol. A client sends a request to the server in the form of a request method, URI, and protocol version, followed by a MIME-like message containing request modifiers, client information[e.g. note: password secret], and possible body content over a connection with a server.); applying the hashing algorithm to the identified secret to generate the hashed version of the identified secret(US 9356845, Dugan, col. 5, lines 49-59, With continuing reference to FIG. 3, on the server-side (e.g., Web server 208) for the inbound HTTP request message 204, a determination is then made as to whether the inbound HTTP request message 204 contained a user ID (e.g., a LSO or Cookie) (step 315). If there was no user ID, then a “hash ID” is to be used for the inbound HTTP request message 204 preferably consisting of the IP address and UserAgent associated with the inbound HTTP request message 204. A determination is then made as to whether the user (as identified by the aforesaid hash ID) for inbound HTTP request message 204 resides behind a firewall (step 318).); identifying the entry in the data structure for the client-resource pair corresponding to the client identifier and the resource identifier(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and The combination of Treleaven, Dugan and Gnanaprakasam do not teach incrementing a counter associated with the entry in the data structure for the client-resource pair However, Morper teaches incrementing a counter associated with the entry in the data structure for the client-resource pair (US 20160295566, Morper, para. 0116, If a contract will be established, the details of the contract (records of matching resource request and resource offer, merchant trader ID and client trader ID, the certificate that was used may be stored in yet another database which are referenced by an index that allows to point to the according database entry. This index could be a transaction index which is an incremented counter (incremented with each new entry)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Morper because a user would have been motivated to use resource policies, taught by Morper, in order to modify the managing of resources in accordance with the specific needs for each HTTP request command(Morper, para. 0037) 4.) Claims 5, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160164861, Treleaven in view of US 9356845, Dugan and further in view of US 20230403279, Gnanaprakasam and further in view of US 11159550, Wawda In regards to claim 5, the combination of Treleaven, Dugan and Gnanaprakasam teach the computer-implemented method of claim 1, wherein updating the data structure further comprises: identifying an entry in the data structure for a client-resource pair corresponding to the client identifier and the resource identifier of the first HTTP request(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and The combination of Treleaven, Dugan and Gnanaprakasam do not teach updating a timestamp value for the entry with the time of the first HTTP request However, Wawda teaches updating a timestamp value for the entry with the time of the first HTTP request (US 11159550, Wawda, col. 11, line 62-col. 12, line 2, (58) If any one of the correlated events described above includes a reliable timestamp, then the timestamp engine can use that reliable timestamp to modify the timestamps for the other correlated events. For example, if the HTTP request event had unreliable timestamp data but the correlated DNS look-up event had reliable timestamp data, the timestamp engine 115 can modify time zone information of the timestamp for the HTTP request event according to the timestamp of the DNS look-up event.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Wawda because a user would have been motivated to enhance network security, taught by Wawda, by assuring accurate recording of timestamps on network event occurrences in order to determine if anomalous activities are occurring in the network taught by the combination of Treleaven, Dugan and Gnanaprakasam(Wawda, col. 1, lines 31-48) In regards to claim 12, the combination of Treleaven, Dugan and Gnanaprakasam teach the non-transitory machine-readable storage medium of claim 8, wherein updating the data structure further comprises: identifying an entry in the data structure for a client-resource pair corresponding to the client identifier and the resource identifier of the first HTTP request(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and The combination of Treleaven, Dugan and Gnanaprakasam do not teach updating a timestamp value for the entry with the time of the first HTTP request However, Wawda teaches updating a timestamp value for the entry with the time of the first HTTP request (US 11159550, Wawda, col. 11, line 62-col. 12, line 2, (58) If any one of the correlated events described above includes a reliable timestamp, then the timestamp engine can use that reliable timestamp to modify the timestamps for the other correlated events. For example, if the HTTP request event had unreliable timestamp data but the correlated DNS look-up event had reliable timestamp data, the timestamp engine 115 can modify time zone information of the timestamp for the HTTP request event according to the timestamp of the DNS look-up event.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Wawda because a user would have been motivated to enhance network security, taught by Wawda, by assuring accurate recording of timestamps on network event occurrences in order to determine if anomalous activities are occurring in the network taught by the combination of Treleaven, Dugan and Gnanaprakasam(Wawda, col. 1, lines 31-48) In regards to claim 19, the combination of Treleaven, Dugan and Gnanaprakasam teach the server of claim 15, wherein updating the data structure further comprises: identifying an entry in the data structure for a client-resource pair corresponding to the client identifier and the resource identifier of the first HTTP request(US 9356845, Dugan, col. 2, lines 6-13, A hash ID is generated from the extracted data to uniquely identify each user associated with inbound request messages which is used to augment traditional means for identifying a user such as using a LSO or Cookie when such a LSO or Cookie are not present. In further, optional aspects, the foregoing method can include the additional step of analyzing the generated hash ID to determine if the user is using a firewall[i.e. note: resource].); and The combination of Treleaven, Dugan and Gnanaprakasam do not teach updating a timestamp value for the entry with the time of the first HTTP request However, Wawda teaches updating a timestamp value for the entry with the time of the first HTTP request (US 11159550, Wawda, col. 11, line 62-col. 12, line 2, (58) If any one of the correlated events described above includes a reliable timestamp, then the timestamp engine can use that reliable timestamp to modify the timestamps for the other correlated events. For example, if the HTTP request event had unreliable timestamp data but the correlated DNS look-up event had reliable timestamp data, the timestamp engine 115 can modify time zone information of the timestamp for the HTTP request event according to the timestamp of the DNS look-up event.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Wawda because a user would have been motivated to enhance network security, taught by Wawda, by assuring accurate recording of timestamps on network event occurrences in order to determine if anomalous activities are occurring in the network taught by the combination of Treleaven, Dugan and Gnanaprakasam(Wawda, col. 1, lines 31-48) 5.) Claims 6, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160164861, Treleaven in view of US 9356845, Dugan and further in view of US 20230403279, Gnanaprakasam and further in view of US 20250190900, Mande In regards to claim 6, the combination of Treleaven, Dugan and Gnanaprakasam teach the computer-implemented method of claim 1. the combination of Treleaven, Dugan and Gnanaprakasam do not teach further comprising: receiving, from a customer device, configuration data defining a policy associated with secrets for accessing the resource; determining that the secret has been in use for longer than a maximum time limit established in the policy; and transmitting a notification message in response to determining that the secret has been in use for longer than the maximum time limit established in the policy However, Mande teaches further comprising: receiving, from a customer device, configuration data defining a policy associated with secrets for accessing the resource(US 20250190900, Mande, para. 0043, The network interface circuit 134 is structured to receive communications from and provide communications to the governing institution computing system 110 and/or user device 121. In this regard, the network interface circuit 134 is structured to exchange data, communications, instructions, and the like with the governing institution computing system 110 and/or user device 121. For example, the network interface circuit 134 may transmit resource information (e.g., resource quantities such as a particular numbers of counted denominations), a device identifier of the device storing the resource (e.g., a serial number, a labeled number by an administrator), a timestamp associated with when the resource information was obtained/retrieved, information regarding a user who accessed the resource (e.g., user device identifier, etc.), and the like to the governing institution computing system 110 and/or user device 121.); determining that the secret has been in use for longer than a maximum time limit established in the policy(US 20250190900, Mande, para. 0069, The GUI 400 may also display an elapsed time that the device has been flagged. In some embodiments, if the duration of elapsed time satisfies a threshold, the dashboard circuit 115 uses the rule circuit 103 to map an action to the closest threshold.); and transmitting a notification message in response to determining that the secret has been in use for longer than the maximum time limit established in the policy(US 20250190900, Mande, para. 0105, a user assigned to a flagged device may be transmitted a notification/message via the user device 121 containing an action to restock one or more resources of the flagged device (e.g., restock $1 bills) if a timer/counter assigned to the flagged device exceeds a predefined duration of time (e.g., timer).). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Mande because a user would have been motivated to use resource tracking devices, taught by Mande, in order to efficiently manage the availability of resources being requested in the system taught by the combination of Treleaven, Dugan and Gnanaprakasam(Mande, para. 0003) In regards to claim 13, the combination of Treleaven, Dugan and Gnanaprakasam teach the non-transitory machine-readable storage medium of claim 8. The combination of Treleaven, Dugan and Gnanaprakasam do not teach wherein the operations further comprise: receiving, from a customer device, configuration data defining a policy associated with secrets for accessing the resource; determining that the secret has been in use for longer than a maximum time limit established in the policy; and transmitting a notification message in response to determining that the secret has been in use for longer than the maximum time limit established in the policy However, Mande teaches wherein the operations further comprise: receiving, from a customer device, configuration data defining a policy associated with secrets for accessing the resource(US 20250190900, Mande, para. 0043, The network interface circuit 134 is structured to receive communications from and provide communications to the governing institution computing system 110 and/or user device 121. In this regard, the network interface circuit 134 is structured to exchange data, communications, instructions, and the like with the governing institution computing system 110 and/or user device 121. For example, the network interface circuit 134 may transmit resource information (e.g., resource quantities such as a particular numbers of counted denominations), a device identifier of the device storing the resource (e.g., a serial number, a labeled number by an administrator), a timestamp associated with when the resource information was obtained/retrieved, information regarding a user who accessed the resource (e.g., user device identifier, etc.), and the like to the governing institution computing system 110 and/or user device 121.); determining that the secret has been in use for longer than a maximum time limit established in the policy(US 20250190900, Mande, para. 0069, The GUI 400 may also display an elapsed time that the device has been flagged. In some embodiments, if the duration of elapsed time satisfies a threshold, the dashboard circuit 115 uses the rule circuit 103 to map an action to the closest threshold.); and transmitting a notification message in response to determining that the secret has been in use for longer than the maximum time limit established in the policy(US 20250190900, Mande, para. 0105, a user assigned to a flagged device may be transmitted a notification/message via the user device 121 containing an action to restock one or more resources of the flagged device (e.g., restock $1 bills) if a timer/counter assigned to the flagged device exceeds a predefined duration of time (e.g., timer).). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Mande because a user would have been motivated to use resource tracking devices, taught by Mande, in order to efficiently manage the availability of resources being requested in the system taught by the combination of Treleaven, Dugan and Gnanaprakasam(Mande, para. 0003) In regards to claim 20, the combination of Treleaven, Dugan and Gnanaprakasam teach the server of claim 15. The combination of Treleaven, Dugan and Gnanaprakasam do not teach wherein the operations further comprise: receiving, from a customer device, configuration data defining a policy associated with secrets for accessing the resource; determining that the secret has been in use for longer than a maximum time limit established in the policy; and transmitting a notification message in response to determining that the secret has been in use for longer than the maximum time limit established in the policy However, Mande teaches wherein the operations further comprise: receiving, from a customer device, configuration data defining a policy associated with secrets for accessing the resource(US 20250190900, Mande, para. 0043, The network interface circuit 134 is structured to receive communications from and provide communications to the governing institution computing system 110 and/or user device 121. In this regard, the network interface circuit 134 is structured to exchange data, communications, instructions, and the like with the governing institution computing system 110 and/or user device 121. For example, the network interface circuit 134 may transmit resource information (e.g., resource quantities such as a particular numbers of counted denominations), a device identifier of the device storing the resource (e.g., a serial number, a labeled number by an administrator), a timestamp associated with when the resource information was obtained/retrieved, information regarding a user who accessed the resource (e.g., user device identifier, etc.), and the like to the governing institution computing system 110 and/or user device 121.); determining that the secret has been in use for longer than a maximum time limit established in the policy(US 20250190900, Mande, para. 0069, The GUI 400 may also display an elapsed time that the device has been flagged. In some embodiments, if the duration of elapsed time satisfies a threshold, the dashboard circuit 115 uses the rule circuit 103 to map an action to the closest threshold.); and transmitting a notification message in response to determining that the secret has been in use for longer than the maximum time limit established in the policy(US 20250190900, Mande, para. 0105, a user assigned to a flagged device may be transmitted a notification/message via the user device 121 containing an action to restock one or more resources of the flagged device (e.g., restock $1 bills) if a timer/counter assigned to the flagged device exceeds a predefined duration of time (e.g., timer).). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Mande because a user would have been motivated to use resource tracking devices, taught by Mande, in order to efficiently manage the availability of resources being requested in the system taught by the combination of Treleaven, Dugan and Gnanaprakasam(Mande, para. 0003) 6.) Claims 7, 14 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160164861, Treleaven in view of US 9356845, Dugan and further in view of US 20230403279, Gnanaprakasam and further in view of US 20170213272, Mowatt In regards to claim 7, the combination of Treleaven, Dugan and Gnanaprakasam teach the computer-implemented method of claim 1. the combination of Treleaven, Dugan and Gnanaprakasam do not teach wherein the history of the requests for the resources by the clients includes a list of client-resource pairs with least recent secret rotations However, Mowatt teaches wherein the history of the requests for the resources by the clients includes a list of client-resource pairs with least recent secret rotations(US 20170213272, Mowatt, para. 0042, This list generation can include generating affinity strength values for each such user profile-computer resource pair from the usage data.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Mowatt because a user would have been motivated to enhance rankings between resources and user profiles based on a user’s affinity for said resources as determined by the number of HTTP requests for the resources taught by the combination of Treleaven, Dugan and Gnanaprakasam(Mowatt, para. 0013) In regards to claim 14, the combination of Treleaven, Dugan and Gnanaprakasam teach the non-transitory machine-readable storage medium of claim 8. The combination of Treleaven, Dugan and Gnanaprakasam do not teach wherein the history of the requests for the resources by the clients includes a list of client-resource pairs with least recent secret rotations However, Mowatt teaches wherein the history of the requests for the resources by the clients includes a list of client-resource pairs with least recent secret rotations(US 20170213272, Mowatt, para. 0042, This list generation can include generating affinity strength values for each such user profile-computer resource pair from the usage data.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Mowatt because a user would have been motivated to enhance rankings between resources and user profiles based on a user’s affinity for said resources as determined by the number of HTTP requests for the resources taught by the combination of Treleaven, Dugan and Gnanaprakasam(Mowatt, para. 0013) In regards to claim 21, the combination of Treleaven, Dugan and Gnanaprakasam teach the server of claim 15. The combination of Treleaven, Dugan and Gnanaprakasam do not teach wherein the history of the requests for the resources by the clients includes a list of client-resource pairs with least recent secret rotations However, Mowatt teaches wherein the history of the requests for the resources by the clients includes a list of client-resource pairs with least recent secret rotations (US 20170213272, Mowatt, para. 0042, This list generation can include generating affinity strength values for each such user profile-computer resource pair from the usage data.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of the combination of Treleaven, Dugan and Gnanaprakasam with the teaching of Mowatt because a user would have been motivated to enhance rankings between resources and user profiles based on a user’s affinity for said resources as determined by the number of HTTP requests for the resources taught by the combination of Treleaven, Dugan and Gnanaprakasam(Mowatt, para. 0013) CONCLUSION Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREGORY LANE whose telephone number is (571)270-7469. The examiner can normally be reached on 571 270 7469 from 8:00 AM to 6:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Taghi Arani, can be reached on 571 272 3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). /GREGORY A LANE/ Examiner, Art Unit 2438 /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438