Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
This action is in response to the correspondence filed 11/12/2024.
Claims 1-10, 12, 13 and 15-22 are presented for examination.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-6, 10, 12, 13 and 15-19 are rejected under 35 U.S.C. 103 as being unpatentable over US 20060259954 A1 to Patrick in view of US 20210306346 A1 to Han et al. (hereinafter Han).
As to claims 1, 12 and 13, Patrick teaches a document access method comprising: in response to determining that a user has a first access permission to a first document (paragraph 77, when it is determined that the requestor is authorized to access one or more resources), displaying the first document (paragraph 77, resources are accessed, wherein data to which the requestor is not authorized to view is redacted).
Patrick does not explicitly teach in response to receiving an access request for target information displayed in the first document, determining whether the user has a second access permission; and in response to the user not having the second access permission, refusing to display an associated content of the target information; wherein the target information comprises at least one of the following: a link of a second document, a collaborator of the first document, or a user identifier displayed in the first document.
However, Han teaches in response to receiving an access request for target information displayed in the first document (paragraphs 110-112, after being authenticated to access the first page and a second request is received for a restricted action from the first page leading to a second page), determining whether the user has a second access permission (paragraph 112, an authentication challenge associated with the second authentication tier is performed); and in response to the user not having the second access permission (paragraph 125, second page is provided to the client based on the particular session identifier being associated with the second authentication tier, therefore when the user does not have the second access permission the second page is not provided), refusing to display an associated content of the target information (paragraph 125, second page is provided to the client based on the particular session identifier being associated with the second authentication tier, therefore when the user does not have the second access permission the second page is not provided); wherein the target information comprises at least one of the following: a link of a second document, a collaborator of the first document, or a user identifier displayed in the first document (paragraph 68, reference links to a second page; FIG. 10A and paragraph 202, partial account number, account nickname and/or email address).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Patrick with the additional authentication steps taught by Han in order to prevent cyber-attacks, such as credential stuffing attacks that use known credentials to get unauthorized access to authentication-based applications, therefore optimizing the overall security of the system (paragraph 4).
As to claims 2 and 15, Han teaches wherein the target information comprises the link of the second document (paragraph 68, reference links to a second page); and in response to the user not having the second access permission, the refusing to display the associated content of the target information comprising: refusing to display a permission application portal corresponding to the link of the second document (paragraph 125, second page is provided to the client based on the particular session identifier being associated with the second authentication tier, therefore when the user does not have the second access permission the second page is not provided, further a permission application portal is not displayed).
As to claims 3 and 16, Han teaches wherein the permission application portal comprises a permission application control displayed in an associated area of the link of the second document in the first document or a permission application page corresponding to the link of the second document (wherein because the permission application portal is not displayed, the scope of the claim was not limited by the portal and therefore not further limited by what is included in the portal. The Examiner suggest possibly claiming in response to the user having the second access permission, displaying the permission application portal, then it could be further limited by what it includes).
As to claims 4 and 17, Patrick teaches wherein the target information comprises the link of the second document, and in response to the user not having the second access permission, the method further comprises at least one of: modifying a display state of the link of the second document; and or setting the link of the second document to a non-triggerable state (paragraph 77, data is redacted and is either redacted from the response or encrypted in the response).
As to claims 5 and 18, Han teaches wherein the target information comprises the collaborator of the first document (FIG 10A users email displayed); the in response to the user not having the second access permission, refusing to display associated content of the target information comprises: refusing to display an identifier of the collaborator of the first document; or, displaying at least one of an identifier of an owner of the first document and/or a number of collaborators, while refusing to display identifiers of collaborators other than the owner (paragraph 125, second page is provided to the client based on the particular session identifier being associated with the second authentication tier, therefore when the user does not have the second access permission the second page is not provided, further a permission application portal is not displayed; paragraph 161, wherein authentication is needed for PII which includes the email address).
As to claims 6 and 19, Han teaches wherein the target information comprises the user identifier displayed in the first document (FIG. 10A, account nickname, account number and email); the in response to the user not having the second access permission, the refusing to display the associated content of the target information comprises: refusing to display user information corresponding to the user identifier in response to a triggering operation of the user on the user identifier (paragraph 125, second page is provided to the client based on the particular session identifier being associated with the second authentication tier, therefore when the user does not have the second access permission the second page is not provided, further a permission application portal is not displayed; paragraph 161, wherein authentication is needed for PII which includes the account nickname, account number and email).
As to claim 10, Han teaches wherein the user identifier displayed in the first document comprises at least one of the following: a user identifier in a comment area, a user identifier in text of the first document, a user identifier in a content component of the first document, and a user identifier in a collaborator interface, or a user identifier in a real-time collaboration interface area (paragraph 68, reference links to a second page; FIG. 10A and paragraph 202, partial account number, account nickname and/or email address).
Claims 7 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Patrick in view of Han in further view of US 20250200516 A1 to Clifton et al. (hereinafter Clifton).
As to claims 7 and 20, Patrick and Han do not explicitly teach wherein the method further comprises: in response to a triggering operation of the user on a preset control in an interface of the first document, displaying a collaborator interface of the first document, and at least one of the following is displayed in the collaborator interface: an identifier of the owner of the first document, an identifier of the collaborator of the first document, a number of collaborators, or a fold control.
However, Clifton teaches displaying a collaborator interface of the first document, and at least one of the following is displayed in the collaborator interface: an identifier of the owner of the first document, an identifier of the collaborator of the first document, a number of collaborators, or a fold control (FIG. 7, all collaborators 718).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teachings of Patrick and Han with the collaborator interface taught by Clifton in order to enable users to assign projects, tasks or other assignments and to enable users to understand to work in a more organized and efficient manner (paragraph 2).
Relevant Prior Art
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US 10068100 B2 to Fay et al. (Applicant’s IDS) teaches a facility for interacting with an electronic document is described. The facility causes to be displayed a visual representation of the document, and receives input representing a painting interaction with a portion of the displayed visual representation of the document that corresponds to a portion of the document. In response to receiving the first input, the facility imposes on the corresponding portion of the document a distinguished content classification level.
US 20180285591 A1 to Thayer et al. teaches a data security framework can be designed that allows separation of sensitive values from non-sensitive values while substituting obfuscation values for the sensitive values in a document that originally contained both. The data security framework detects a document/form being submitted to a server and determines those values of the document that are sensitive or confidential. The data security framework redacts the document to protect the sensitive values. The data security framework redacts the document by substituting the sensitive values in the document with obfuscation values. The data security framework stores the document or the values of the document (i.e., payload) with the substitute obfuscation values. The data security framework stores the sensitive values in a secure repository distinct from the repository in which the payload or document is stored.
Allowable Subject Matter
Claims 8, 9, 21 and 22 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:
Dependent claims 8 and 21 are allowable over the prior art of record, including Patrick, Han Clifton, Fay and the references cited by the Examiner and the Applicant’s IDS, taken individually or in combination, because the prior art of record fails to particularly disclose, fairly suggest or render obvious wherein the in response to the user not having the second access permission, refusing to display the associated content of the target information comprises: displaying the identifier of the owner of the first document and the number of collaborators in the collaborator interface, and hiding the identifier of the collaborator, in view of the other limitations of their respective independent claims 1 and 12, as to claims 8 and 21;
Dependent claims 9 and 22 are allowable over the prior art of record, including Patrick, Han Clifton, Fay and the references cited by the Examiner and the Applicant’s IDS, taken individually or in combination, because the prior art of record fails to particularly disclose, fairly suggest or render obvious wherein the in response to the user not having the second access permission, refusing to display the associated content of the target information comprises: the fold control displayed in the collaborator interface is in a non-triggerable state, in view of the other limitations of their respective independent claims 1 and 12, as to claims 9 and 22.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MALCOLM CRIBBS whose telephone number is (571)270-1566. The examiner can normally be reached Monday-Friday 930a-330p; 430p-630p.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached at (571)272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
MALCOLM . CRIBBS
Examiner
Art Unit 2497
/MALCOLM CRIBBS/Primary Examiner, Art Unit 2497