Detailed Action
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending in the application.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on November 11, 2024 is in compliance with the provisions of 37 CFR 1.97, and accordingly, the IDS has been considered by the examiner.
Claim Objections
Claim 19 is objected to because of the following:
There is a second period following the end of the claim, between claims 19 and 20,
Appropriate correction is required.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim 1, 19, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Yang et al. US Patent Publication No. 2013/0174234 (“Yang”) in view of Magen et al. US Patent Publication No. 2023/0089407 (“Magen”).
Regarding claim 1, Yang teaches a computer-implemented method comprising:
receiving, from an authorisation server, an access credentials modification request to modify one or more access credentials associated with a user, the access credentials modification request comprising one or more modified access credentials values (para. [0032] first system 210 may be responsible for authenticating and authorizing users. para. [0069] second system 211 may receive a request to update credentials for an entity that is mapped to the second system);
appending the one or more modified access credentials values as one or more access credentials values to a first event log (para. [0070] credentials manager 223 may find a record that matches an identifier sent by the proxy 224. para. [0071] record is updated such that the first credentials in the record are updated to the second credentials. after the credentials manager 223 finds the record, it may update the credentials as requested).
While Yang discloses appending the access credentials to the first event log, Yang does not teach creating a first event object comprising the one or more modified access credentials values as one or more access credentials values and appending the first event object to a first event log.
Magen discloses creating a first event object and appending the first event object to a first event log (para. [0064] generate an entry including an event identifier…, a recorded time, a received time, and event data included in the received message. control adds the entry to an event logging database). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Magen’s disclosure of creating and appending an object, i.e., entry, to a log such that that the credentials of Yang are comprised in an object that is added to the log. One of ordinary skill in the art would have been motivated to do so in order to have similarly logged events including maintained a history of entries of events with additional data such as time.
Regarding claim 19, Yang teaches a system comprising: one or more processors; and memory comprising computer executable instructions, which when executed by the one or more processors, cause the system to perform operations including:
receiving, from an authorisation server, an access credentials modification request to modify one or more access credentials associated with a user, the access credentials modification request comprising one or more modified access credentials values (para. [0032] first system 210 may be responsible for authenticating and authorizing users. para. [0069] second system 211 may receive a request to update credentials for an entity that is mapped to the second system);
appending the one or more modified access credentials values as one or more access credentials values to a first event log (para. [0070] credentials manager 223 may find a record that matches an identifier sent by the proxy 224. para. [0071] record is updated such that the first credentials in the record are updated to the second credentials. after the credentials manager 223 finds the record, it may update the credentials as requested).
While Yang discloses appending the access credentials to the first event log, Yang does not teach creating a first event object comprising the one or more modified access credentials values as one or more access credentials values and appending the first event object to a first event log.
Magen discloses creating a first event object and appending the first event object to a first event log (para. [0064] generate an entry including an event identifier…, a recorded time, a received time, and event data included in the received message. control adds the entry to an event logging database). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Magen’s disclosure creating and appending an object to a log such that that the credentials of Yang are comprised in an object that is added to the log. One of ordinary skill in the art would have been motivated to do so in order to have similarly logged events including maintained entries of events with additional data such as time.
Regarding claim 20, Yang teaches a non-transient computer-readable storage medium storing instructions that, when executed by a computer, cause the computer to perform operations including:
receiving, from an authorisation server, an access credentials modification request to modify one or more access credentials associated with a user, the access credentials modification request comprising one or more modified access credentials values (para. [0032] first system 210 may be responsible for authenticating and authorizing users. para. [0069] second system 211 may receive a request to update credentials for an entity that is mapped to the second system);
appending the one or more modified access credentials values as one or more access credentials values to a first event log (para. [0070] credentials manager 223 may find a record that matches an identifier sent by the proxy 224. para. [0071] record is updated such that the first credentials in the record are updated to the second credentials. after the credentials manager 223 finds the record, it may update the credentials as requested).
While Yang discloses appending the access credentials to the first event log, Yang does not teach creating a first event object comprising the one or more modified access credentials values as one or more access credentials values and appending the first event object to a first event log.
Magen discloses creating a first event object and appending the first event object to a first event log (para. [0064] generate an entry including an event identifier…, a recorded time, a received time, and event data included in the received message. control adds the entry to an event logging database). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Magen’s disclosure creating and appending an object to a log such that that the credentials of Yang are comprised in an object that is added to the log. One of ordinary skill in the art would have been motivated to do so in order to have similarly logged events including maintained entries of events with additional data such as time.
Claim 5-6 are rejected under 35 U.S.C. 103 as being unpatentable over Yang in view of Magen and Rouland et al. US Patent Publication No. 2025/0244997 (“Rouland”).
Regarding claim 5, Yang does not teach the method of claim 1, further comprising: responsive to receiving a failure notification indicative of a failed attempt to modify the one or more access credential values: creating a third event object indicative of the failed attempt; and appending the third event object to a second event log associated with the user.
Rouland discloses responsive to receiving a failure notification indicative of a failed attempt to modify one or more access credential values: creating a third event object indicative of the failed attempt (para. [0104] management system 103 stores the record of failure to change credentials). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang and Magen with Rouland’s disclosure. One of ordinary skill in the art would have been motivated to do so in order to have maintained records of different types of events.
Magen discloses creating a first event object and appending the first event object to a first event log (para. [0064] generate an entry including an event identifier…, a recorded time, a received time, and event data included in the received message. control adds the entry to an event logging database). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Magen’s disclosure creating and appending an object to a log such that the object as disclosed by Rouland is added to the log. One of ordinary skill in the art would have been motivated to do so in order to have similarly maintained a history of entries of events with additional data such as time.
Regarding claim 6, Yang does not teach the method of claim 5, wherein the second event log is the first event log.
Magen discloses creating a first event object and appending the first event object to a first event log (para. [0064] generate an entry including an event identifier…, a recorded time, a received time, and event data included in the received message. control adds the entry to an event logging database). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Magen’s disclosure creating and appending an object to a log such the failed attempt to modify the one or more access credential values as disclosed by Rouland is logged as an object that is added to the log. One of ordinary skill in the art would have been motivated to do so in order to have similarly logged events including maintained entries of events.
Claim 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Yang in view of Magen and Fan et al. US Patent Publication No. 2017/0155641 (“Fan”).
Regarding claim 13, Yang does not teach the method of claim 1, further comprising: receiving, from the authorisation server, an access credentials read request associated with a user, the access credentials read request comprising one or more access credential identifiers; traversing the first event log associated with the user to determine one or more access credential values for the respective access credential identifiers in the first event log; transmitting, to the authorisation server, the one or more access credential values; creating a second event object for recording an occurrence of the access credentials read request; and appending the second event object to a second event log.
Fan discloses receiving, from a server, an access credentials read request associated with a user, the access credentials read request comprising one or more access credential identifiers; traversing the first event log associated with the user to determine one or more access credential values for the respective access credential identifiers in the first event log; transmitting, to the server, the one or more access credential values (para. [0074] device service management system 306 includes a credential return engine 314, a credential datastore credential return engine 314 functions to return user credentials to the credential retrieval engine 308. credential return engine 314 can return user credentials stored in the credential datastore 316 to the credential retrieval engine 308 based on a user credential query message received from the credential retrieval engine 308). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Fan’s disclosure. One of ordinary skill in the art would have been motivated to do so in order to have provided capability to determine and retrieve stored access credentials.
Magen discloses creating a second event object; and appending the second event object to a second event log (para. [0064] generate an entry including an event identifier…, a recorded time, a received time, and event data included in the received message. control adds the entry to an event logging database). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Magen’s disclosure of creating and appending an object to a log such that that the event disclosed by Fan, access credential read request, is comprised in an object that is added to the log. One of ordinary skill in the art would have been motivated to do so in order to have similarly logged events including maintained entries of events with additional data.
Regarding claim 14, Yang does not teach the method of claim 13, wherein the second event log is the first event log.
Magen discloses creating a first event object and appending the first event object to a first event log (para. [0064] generate an entry including an event identifier…, a recorded time, a received time, and event data included in the received message. control adds the entry to an event logging database). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Yang with Magen’s disclosure creating and appending an object to a log such the failed attempt to modify the one or more access credential values as disclosed by Rouland is logged as an object that is added to the log. One of ordinary skill in the art would have been motivated to do so in order to have similarly logged events including maintained entries of events with additional data such as time.
Allowable Subject Matter
Claims 2-4, 7-12, 15-18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Examiner’s Note
The following prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
Jones et al. US Patent Publication No. 2019/0190933 (para. [0013] password is changed, the activity is logged into a database log. para. [0029] server logs the activity request corresponding to a monitored activity. activity request from a user to change his or her password is monitored and subsequently logged at 305. logging includes logging activity information such as the user or initiator of the activity, an activity identifier or type, an activity context, an activity time, and/or a source for the activity time. logging includes request information such as the IP address and country of the request)
Philyaw et al. US Patent Publication No. 2020/0119904 (para. [033] system logs are thus append-only data objects. Aspects of the present disclosure describe that system logs are also append-only data objects)
Conclusion
A shortened statutory period for reply to this Office action is set to expire THREE MONTHS from the mailing date of this action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Joshua Joo whose telephone number is 571 272-3966. The examiner can normally be reached on Monday-Friday 7am-3pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached on 571 270-1684. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JOSHUA JOO/Primary Examiner, Art Unit 2445