IDENTITY AUTHENTICATION METHOD, APPARATUS, DEVICE, MEDIUM AND PRODUCT

§103 §112

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detail Action 2. This office action is response to the application filed on . Claims 1-22 are pending in this communication. Drawings 3. The drawings are objected to as failing to comply with 37 CFR 1.84(l) because in Figure 1-5, the numbers and letters of the text are not durable, clean, black (except for color drawings), sufficiently dense and dark, and uniformly thick and well-defined. Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 4. Claim 22 recites the limitation “…. corresponding to the first user“. There is insufficient antecedent basis for this limitation in the claim. This rejection may be overcome by amending the claim to “…. corresponding to a first user“. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 5. Claims 1,7,9-10,17 are rejected under AIA 35 U.S.C. 103 as being unpatentable over WHITCOMB et al (US 20220351204 A1) in view of Xiao-qiang et al. (CN 117751553 A) Regarding Claim 1: WHITCOMB discloses: a. An identity authentication method, (Abstract; “A method includes authenticating a user into a first environment associated with a first core processing system”) comprising: acquiring a pre-configured first field of a first platform and a pre-configured second field of a second platform; (Para.0127, Para.0036, Para.0034, Para.0042; “determine a first identifier for a first account for the user with the first core processing system 122a…. determine a different identifier for a different account for the user with the second core processing system 122n” first identifier for first account for the user with the first core processing system 122a is construed as first field of a first platform, a different identifier for a different account for the user with the second core processing system 122n is construed as second field of a second platform, “identifiers may be different for the different account/…. core processing systems 122a-n….”, “configured …. multiple account/…. core processing systems 122a-n, providing a user …. with …. different identifiers…. or other electronic credentials”, “determine ….. user's electronic credentials …..for one or more … core processing systems 122a-n” configured multiple account for core processing systems 122a-n, different identifiers or electronic credentials associated with different account/core processing systems 122a-n of the user are construed as pre-configured first field of a first platform and pre-configured second field of a second platform) receiving a first field …. of the first field sent by the first platform, the first field ….. being obtained after a first account passes identity authentication on the first platform; (FIG. 5/Para.0127, Para.0134, Para.0034; “500 begins …. authenticates …. a user with electronic credentials for the user…. …. 504…. determine a first identifier for a first account for the user with the first core processing system 122a”, “method ….begins …. authenticates ….. a user into a first environment associated with a first core processing system 122a with first electronic credentials for the user”, “core processing systems 122a-n, providing a user ….. with …. access to each account…. different identifiers….. used for the same user for the different cores 122a-n……”from FIG. 5, it is seen that at step 502, the user is authenticated into a first environment associated with a first core processing system 122a/a first account with first electronic credentials for the user and then at step 504, a first identifier for a first account for the user is determined, the identifiers are provided by core processing systems 122a-n.Thus construed as receiving a first field sent by the first platform, the first field being obtained after a first account passes identity authentication on the first platform) b. determining …. the first account according to the first field …. (Para.0129; “determine a first identifier for a first account for the user with the first core processing system 122a”) and c. in response to …. the …..result of the first account …… there is a second field ….. with the first field ….. (FIG. 6/Para.0129, Para.0130; “queries 604 ….determine a first identifier for a first account for the user with the first core processing system 122a…. associates 610 the first set of electronic credentials with the user and with the first account and stores 612 the first set of electronic credentials …… of the user”, “queries 614 a second core processing system 122n to determine a different identifier for a different account for the user with the second core processing system 122n” from FIG.6 it is seen that, at step 604, a first identifier for a first account for the user with the first core processing system 122a is determined, consequently at step 610 the first set of electronic credentials associated with the first account of the user is stored, then at step 614 a different identifier [claimed ‘second field’] for a different account [claimed ‘second account’] for the user with the second core processing system 122n is determined, which is construed as in response to the result of the first account……there is a second field …… with the first field ) passing identity authentication of a second account corresponding to the second field …… (Para.0130; “authenticates ….the user with the second core processing system 122n using the different set of electronic credentials….. associates …..the different set of electronic credentials with the user and with the different account”) however, WHITCOMB does not explicitly disclose: a. receiving a first field value ….. sent by the first platform, the first field value being obtained…. b. determining a binding result of the ….. account according to the first field value; c. in response to that the binding result of ….. a second ….. value …..bound with the first …..value, passing identity authentication of a ….. account corresponding to the second …..value. [WHITCOMB discloses ‘in response to …. the …..result of the first account …… there is a second field ….. with the first field ….. passing identity authentication of a second account corresponding to the second field ……’, but WHITCOMB does not disclose ‘in response to that the binding result of ….. a second ….. value …..bound with the first …..value, passing identity authentication of a ….. account corresponding to the second …..value‘] In an analogous reference Xiao-qiang discloses: a. receiving a first field value ….. sent by the first platform, the first field value being obtained….. (Description/Page 14; “In operation 505…..the first cloud platform sends the first access token….the second cloud platform receives the first access token”) b. determining a binding result of the ….. account according to the first field value; (Description/Page 15, Description/Page 29; “the account number binding …. comprises a first access token ….”, “the account number binding …. indicating the first cloud platform to bind the …..account number with the ….. access token”) c. in response to that the binding result of ….. a second ….. value …..bound with the first …..value, (Description/Page 15, Description/Page 37, Description/Page 38, Description/Page 16; “Step 506:…. the account number binding ….comprises a first access token and a second access token”, “… the first access token and an expiration time of the first access token ….”, “….the second access token and the expiration time of the second access token …..”, “the expiration time … include an effective time point and an effective time length of the corresponding access token” the account number binding comprises a first access token and a second access token, the first and second access token contain an expiration time [claimed ‘first and second value’], which is construed as the binding result of a second value bound with the first value) passing identity authentication of a ….. account corresponding to the second …..value. (Description/Page 18, “In operation 512 …..cloud platform binds the server …..with the …..account ….. after passing the authentication of the second access token”) Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify WHITCOMB’s method of authenticating a user into a first environment associated with a first core processing system by enhancing WHITCOMB’s method to include Xiao-qiang’s method for account association. The motivation: if a user wants to manage the server devices in the different cloud platforms through an application program, the association relation between the account numbers of the user in the multiple cloud platforms is established among the multiple cloud platforms and access token is transmitted through the program modules in the application program so as to realize the secure account association. With respect to independent claims 9 and 10, a corresponding reasoning was given earlier in this section with respect to claim 1; therefore, claims 9 and 10 rejected, for similar reasons, under the grounds as set forth for claim 1. Regarding Claim 7: WHITCOMB in view of Xiao-qiang discloses: The method according to claim 1, wherein the first field …. is used to uniquely identify the first account in the first platform, and the second field ….is used to uniquely identify the second account in the second platform. (WHITCOMB, Para.0127; “a first core processing system 122a to determine a first identifier for a first account for the user ….. a second core processing system 122n to determine a different identifier for a different account for the user”) …..the first ….value is used to …. identify the ….. account in the …..platform, and the second …..value is used to ….. identify the …… account in the …..platform. (Xiao-qiang, Description/Page 36-37, “sending a first access token ….. to the second cloud platform ….. receiving an account number binding ….. sent by the second cloud platform, wherein the account number binding …. includes the first access token and the second access token”) With respect to dependent claim 17, a corresponding reasoning was given earlier in this section with respect to claim 7; therefore, claim 17 rejected, for similar reasons, under the grounds as set forth for claim 7. Claims 2-6, 12-16,18-22 are rejected under AIA 35 U.S.C. 103 as being unpatentable over WHITCOMB et al (US 20220351204 A1) in view of Xiao-qiang et al. (CN 117751553 A) and further in view of Liu Guannan et al. (An Investigation of Identity-Account Inconsistency in Single Sign-On, April, 2021) Regarding Claim 2: WHITCOMB in view of Xiao-qiang discloses: The method according to claim 1, wherein the method further comprises: ….. the binding result of the first account ….. (disclosed in claim 1) however, WHITCOMB in view of Xiao-qiang does not explicitly disclose: in response to that the binding …. of the …. account represents that there is no second field value in the second field bound with the first field value, searching the second field for a second field value associated with the first field value to obtain a search result; and in response to that the search result represents that there is a second field value in the second field that is associated with the first field value, generating a binding relationship of the first field value and the second field value. In an analogous reference Liu Guannan discloses: in response to that the binding …. of the ….. account represents that there is no second field value in the second field bound with the first field value, searching the second field for a second field value associated with the first field value to obtain a search result; (Page.5/Page.7/Figure 1; “to identify an existing account associated with the given user identity…. checks the UserID (stored in the "sub" field) to search for a matching account….. If there is no matching account found with the given UserID…. performs another search …. on the "email" field”, “a unique UserID (e.g., " 111. 222. 3 3 3" in the "sub " field”, “element Account A and Account B” UserID (stored in the "sub" field) is construed as first field value, "email" field with Account A and Account B are construed as second field value) and in response to that the search result represents that there is a second field value in the second field that is associated with the first field value, (Page.4; “searches … to locate a specific account with the matched information based on the user identity containing a UserID and an email address ….permit the access to the recognized account without any security concerns given a match on both UserID and email address”) generating a binding relationship of the first field value and the second field value. (Page.5; “Once a matching account ….. is recognized…. performs a …. check to determine ….with a matching User ID is allowed. If it is permitted….the information stored in the user account …. align with the user identity”) Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify WHITCOMB in view of Xiao-qiang’s method of authenticating a user into a first environment associated with a first core processing system by enhancing WHITCOMB in view of Xiao-qiang’s method to include Liu Guannan’s method for reducing the occurrence of identity-account inconsistency. The motivation: end-users should be aware of the existence of email address reuse and use proper authentication method with caution. With respect to dependent claims 12 and 18, a corresponding reasoning was given earlier in this section with respect to claim 2; therefore, claims 12 and 18 rejected, for similar reasons, under the grounds as set forth for claim 2. Regarding Claim 3: WHITCOMB in view of Xiao-qiang and further in view of Liu Guannan discloses: The method according to claim 2, wherein the method further comprises: in response to that the search result represents that there is no second field value in the second field associated with the first field value, issuing an error prompt. (Liu Guannan, Page.5; “If there is no matching account found with the given UserID….. with a matching email address…. If denied, the user authentication fails, and an error message is shown on the website”) With respect to dependent claims 13 and 19, a corresponding reasoning was given earlier in this section with respect to claim 3; therefore, claims 13 and 19 rejected, for similar reasons, under the grounds as set forth for claim 3. Regarding Claim 4: WHITCOMB in view of Xiao-qiang discloses: The method according to claim 1, wherein the determining a binding result of the first account according to the first field value comprises: ….. a binding result that…..(disclosed in claim 1) however, WHITCOMB in view of Xiao-qiang does not explicitly disclose: in response to that a binding relationship corresponding to the first field value is found from a set of binding relationships according to the first field value, obtaining a binding …. that there is a second field value in the second field that is bound with the first field value; and in response to that a binding relationship corresponding to the first field value is not found from the set of binding relationships according to the first field value, obtaining a binding ….. that there is no second field value in the second field that is bound with the first field value. In an analogous reference Liu Guannan discloses: in response to that a binding relationship corresponding to the first field value is found from a set of binding relationships according to the first field value, (Page.5/Page.7/Figure 1; “to identify an existing account associated with the given user identity…. checks the UserID (stored in the "sub" field) to search for a matching account…. on the "email" field”, “a unique UserID (e.g., " 111. 222. 3 3 3" in the "sub " field”, “element Account A and Account B”) obtaining a binding ….. that there is a second field value in the second field that is bound with the first field value; (Page.5; “Once a matching account ….. is recognized…. performs a …. check to determine ….with a matching User ID is allowed. If it is permitted….the information stored in the user account …. align with the user identity”) and in response to that a binding relationship corresponding to the first field value is not found from the set of binding relationships according to the first field value, obtaining a binding ….. that there is no second field value in the second field that is bound with the first field value. (Page.5; “Bob ….change his email address to Alice's email…. her online account holds an identical "email" with … an empty "sub"…. unknown UserID. Another scenario is that Alice registers her account …. using an email alias … as his primary email address….online account have the same "email" but different "sub"….happens when Bob deletes his email address …. and another user obtains this email address …. and reuses it …..”) Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify WHITCOMB in view of Xiao-qiang’s method of authenticating a user into a first environment associated with a first core processing system by enhancing WHITCOMB in view of Xiao-qiang’s method to include Liu Guannan’s method for reducing the occurrence of identity-account inconsistency. The motivation: same as claim 2. With respect to dependent claims 14 and 20, a corresponding reasoning was given earlier in this section with respect to claim 4; therefore, claims 14 and 20 rejected, for similar reasons, under the grounds as set forth for claim 4. Regarding Claim 5: WHITCOMB in view of Xiao-qiang and further in view of Liu Guannan discloses: The method according to claim 4, wherein binding relationships in the set of binding relationships are obtained by at least one of: pre-configuring a binding relationship of the first field value and the second field value; or, in response to that a second field value in the second field that is associated with the first field value is found for the first time, generating a binding relationship of the first field value and the second field value. (Liu Guannan, Page.5/Page.7/Figure 1; “User Bob registers the account …. for the first time getting access to …. both UserID and email address (e.g., bob@example.com) … are recorded (as Account B in Figure 1)”, “a unique UserID (e.g., " 111. 222. 3 3 3" in the "sub " field”, “element Account A and Account B”) With respect to dependent claims 15 and 21, a corresponding reasoning was given earlier in this section with respect to claim 5; therefore, claims 15 and 21 rejected, for similar reasons, under the grounds as set forth for claim 5. Regarding Claim 6: WHITCOMB in view of Xiao-qiang and further in view of Liu Guannan discloses: The method according to claim 2, wherein the first field value being associated with the second field value comprises: the first field …. being consistent with the second field ….. or, (WHITCOMB, Para.0077, Para.0036, Claim 5; “in a format …. compatible with …. core processing system 122a-n”, “user ….. identifiers … different for the different ….core processing systems 122a-n”, “access the first account for the user with the first core processing system using a first identifier for the user …. access the different account for the user with the second core processing system using a different identifier for the user”) ….. the ….. value being consistent with the …… value…. or, (Xiao-qiang, Description/Page 18; “comparing the …..second access token with the second access token ….. in the ….. binding request, if the two are consistent, determining that the authentication is passed”) the first field value becoming the second field value after a preset transformation. With respect to dependent claim 16, a corresponding reasoning was given earlier in this section with respect to claim 6; therefore, claim 16 rejected, for similar reasons, under the grounds as set forth for claim 6. Regarding Claim 22: WHITCOMB in view of Xiao-qiang and further in view of Liu Guannan discloses: The device according to claim 18, wherein the first field value being associated with the second field value comprises: the first field value being consistent with the second field value; or, (disclosed in claim 6) the first field value becoming the second field value after a preset transformation. ……the service order ….. corresponding to the first user. (WHITCOMB, Para.0033; “A core processing system 122….. comprises …… one or more users…..connect one or more core processing systems 122a-n to ….. one or more ….. services”) sending the …… to a first client corresponding to the first user. (Xiao-qiang, Description, Page.20; “provide the identification …. to the client device”) Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAYEDA SALMA NAHAR whose telephone number is (703)756-4609. The examiner can normally be reached M-F 12:00 PM to 6:00 PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached on (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SAYEDA SALMA NAHAR/Examiner, Art Unit 2435 /AMIR MEHRMANESH/Supervisory Patent Examiner, Art Unit 2491