Detailed Action
Claims 1-12 are pending in this application.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/25/24 has been considered.
Drawings
The Drawings filed on 11/25/24 are acceptable.
Claim Objections
Claims 2-6, 8-12 objected to because of the following informalities:
As per claims 2-6,8-12 recites “the user” which lack antecedent basis, should be “the accessing user”.
As per claims 3-5, 9-11, recites “the content of the listing” which lack antecedent basis should be either “a content of the listing” or “content of the listing”.
Appropriate correction is required.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-12 rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claims recites
As per claims 1,7, receive a request, from an accessing user, to access a listing within a sharing economy;
determine the accessing user’s user type, wherein the user type is selected from a government type and a contractor type;
retrieve stored permissions for the listing, determine, for the accessing user’s user type, based on the stored permissions for the listing, what permissions the accessing user has for the listing; and
As per claims 3,9, method for use in a sharing economy according to claim 1,7, based on the type of permissions the user has, allow the user to download the content of the listing.
As per claims 4,10, method for use in a sharing economy according to claim 1,7, wherein based on the type of permissions the user has, to allow the accessing user to use the content of the listing.
As per claims 5,11, method for use in a sharing economy according to claim 1,7, wherein, based on the type of permissions the user has, to allow the accessing user to make changes to the content of the listing.
As per claims 6,12, method for use in a sharing economy according to claim 1,7, wherein based on the type of permissions the user has, to allow the accessing user to share the listing with another user or users.
The claims are directed towards certain privileged users are given access to certain information for use, downloading, changing, or sharing.
Therefore the claims is drawn to certain methods of organizing human activity(in particular commercial or legal interactions, For example, a security officer with the government determines a users privilege and/or clearance(ie Secret or Top Secret) and gives that person access to certain information, a person with Secret clearance would legally have access to only information that is considered Secret but not access to Top Secret information) and/or mental processes(the steps of receiving a request, determining the user type, retrieving permission, and determining permission can be performed mentally and/or with the aid of pen and paper). If the claim under broadest reasonable interpretation covers limitation that is drawn to certain methods of organizing human activity and mental processes but for recitation of a generic computer and/or generic computer components described at a high level of generality or linking the use of the judicial exception to a particular technological environment or field of use, then it falls within the grouping of abstract ideas. Accordingly, the claim recites an abstract idea. (Step 2A, prong 1).
This judicial exception is not integrated into a practical application. In particular, the claims recites additional elements such as
As per claims 1,7, A hub system for use in a sharing economy, the hub system comprising a memory device and a processing device, in operative communication with the memory device, and wherein the processing device is configured to:
from the memory device;
display, to the accessing user, the permissions the accessing user has for the listing.
As per claims 2,8, the hub system/method for use in a sharing economy according to claim 1,7, wherein the processing device is further configured to, based on the type of permissions the user has, display the listing to the user.
As per claims 3,9, the hub system, wherein the processing device is further configured to
As per claims 4,10, the hub system, wherein the processing device is further configured
As per claims 5,11, the hub system, wherein the processing device is further configured
As per claims 6,12, the hub system, wherein the processing device is further configured
The claim does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the limitations of A hub system for use in a sharing economy, the hub system comprising a memory device and a processing device, in operative communication with the memory device, and wherein the processing device is configured to. from the memory device; wherein the processing device is further configured to are generic computer components described at a high level of generality and limitations amounts to mere instructions to implement the abstract idea on a computer and/or adding the words “apply it”(or an equivalent) with the judicial exception, or merely uses a computer as a tool to perform an abstract idea. MPEP 2106.05(f).
The additional limitations of display, to the accessing user, the permissions the accessing user has for the listing and , display the listing to the user based on the type of permissions the user has are interpreted as insignificant extra-solution activity (pre and post-solution activity) to the judicial exception. The steps for displaying of the permission and the listing is merely the post-solution activity of data output and/or presenting data. Accordingly, the additional limitation/elements does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Even considering all the additional element in combination, they are just providing a computerized system to perform the invention, but doesn’t improve the computing technology as the additional elements do not integrate the invention into a practical application. The claims is directed to an abstract idea and with the addition of insignificant extra-solution activity, which is not patent eligible and directed to an abstract idea. (MPEP 2106.05(g)).
Therefore the additional limitation/elements does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. Even considering all the additional element in combination, they are just providing a computerized system to perform the invention, but doesn’t improve the computing technology as the additional elements do not integrate the invention into a practical application. The claims is directed to an abstract idea and merely reciting generic computer components described at a high level of generality and limitations amounts to mere instructions to implement the abstract idea on a computer and/or adding the words “apply it”(or an equivalent) with the judicial exception, or merely uses a computer as a tool to perform an abstract idea MPEP 2106.05(f) with insignificant extra-solution activity (pre and post-solution activity) to the judicial exception. MPEP 2106.05(g). Therefore the claims are not patent eligible. (Step 2A, prong2).
The claim does not include additional elements/limitations that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements/limitations is drawn to limitations that use a computer as a tool, and includes well-understood, routine, and conventional activities(ie. Outputting/presenting data MPEP 2106.05(d)(II)) that amount to no more than implementing the abstract idea with a computerized system. The claim is not patent eligible(Step 2B).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 4-5, 7-8, 10-11 rejected under 35 U.S.C. 103 as being unpatentable over US 2019/0364051 issued to Ferrans et al.(Ferrans) in view of US 2012/0060030 issued to Lamb in view of US 2017/0149829 issued to Oshurkov et al.(Oshurkov).
As per claims 1,7, Ferrans teaches a hub system for use in a sharing economy, the hub system comprising a memory device and a processing device, in operative communication with the memory device, and wherein the processing device(Fig.1,11, para.25) is configured to: receive a request, from an accessing user, to access listing within a sharing economy([0019] In an ABAC system, when a user requests access to a resource, the ABAC system makes an access control decision based on a policy defined in terms of attributes (name/value pairs). Attributes describe the user, the resource, and the environment (or context) of the access control decision (things like the time of day, day of week, physical location of the user as determined by IP address, etc.). For example, a user might be granted access to a patient's medical record if (a) the user has the job title “MD” or “Registered Nurse”, and (b) the medical record includes a signed privacy agreement Like the RBAC system, the ABAC can grow increasingly complicated when there are many users and many resources, and access to those resources does not follow a regular pattern. [0027] In one embodiment, a permission may be a grouping of an action and a resource. For example, “read document/db/es/orders/123” may be considered a permission with “read” being the action and “document/db/es/orders/123” being the resource. Accounting for permissions, an access control system may provide responses to queries such as, Does Bob have the permission “read document/db/es/orders/123”?; and Does Alice have the permission “get endpoint/service/auth/users”? Thus, in one embodiment, a policy may be a group of permissions.; Note: para.8 of spec. defines the “listing” as content or a link to content).;
determine the accessing user’s user type(Fig.3,5,9; [0123] Referring to FIG. 9, at block 902 processing logic receives, from a client device, a request for a resource of a computer system. In one embodiment, the request for the resource includes a resource path. In another embodiment, the resource path includes at least one of: a variable or a textual pattern. At block 904, processing logic determines one or more roles of a user associated with the client device... role is interpreted as “a user type”);
retrieve, from the memory device, stored permissions for the listing([0028] In one embodiment, if the rules forming an access control policy are too specific then a large number of rules may be required to be maintained. Disadvantageously, the policy may become harder to maintain as rules continue to be added. Auditing such a policy may also prove difficult and time consuming. In one embodiment, such a policy may include many very specific rules of the form: Subject S has permission to perform action A on resource R. Whenever a new user is added to the policy, then the policy administrator has to create a rule for every permission with which the user should be entitled. Likewise, whenever a user is dropped from the policy, the administrator has to delete the permissions of that user. In one embodiment, a policy graph representing such a policy may appear similar to policy graph 201 in FIG. 2. In policy graph 201, Permissions 204a-f are assigned to Users 202a-c, according to individual authorization allowances. For example, as shown, User 1 202a is not assigned any Permissions 204a-f and therefore is not authorized to perform any actions in the system. User 2 202b is assigned Permissions 1, 2, 4, and 5 (204a, 204b, 204d, and 204e, respectively), while User 3 202c is assigned each of the Permissions 204a-f, allowing each user to perform actions corresponding to their respective permissions),
determine, for the accessing user’s user type, based on the stored permissions for the listing, what permissions the accessing user has for the listing(Fig.3,9, [0017] In general, each access control system supports a policy governing what permissions each user of the system has. Permissions may involve an action on a resource (possibly composed of many smaller resources). For example, one user could be granted a permission to “read” all records in a table of a relational database, while another could be granted a permission to “read”, “create”, “update,” and “delete” those records. The range of actions and resources is unbounded and very general: they can be virtual or physical, coarse- or fine-grained, etc, [0124] In one embodiment, at block 910, processing logic determines an access permission based on the one or more roles of the user and the resource….).
Ferrans however does not explicitly teach listing, wherein the user type is selected from a government type and a contractor type and display, to the accessing user, the permissions the accessing user has for the listing.
Lamb wherein the user type is selected from a government type and a contractor type([0134] For example, there are many embodiments that can be tailored for a specific industry or service provider, including for government use. These can include direct government use (such as by military officers, government employees, contractors, foreign government liaisons, etc.) or indirect government use (such as by airplane passengers)….)
Therefore it would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to modify Ferran’s teaching of particular roles have certain access permission for a resource such as read, create, update, delete, etc to use the teaching of Lamb of military officers, government employees, contractors, etc in order to provide the predictable result of particular roles such as military officers, government employees, contractors, etc have certain access permission for a resource such as read, create, update, delete, etc
One ordinary skill in the art would have been motivated to combine the teachings in order to tailor access permission and roles for government user(Lamb, para.134) and also to provide security to information.
Ferrans in view of Lamb does not explicitly teach display, to the accessing user, the permissions the accessing user has for the listing.
Oshurkov explicitly teaches display, to the accessing user, the permissions the accessing user has for the listing(Fig.11, [0047] …. For each notified user, e.g., Amy, Brian, etc., the information displayed by the first web-based tool is different, based on the access permissions the notified user has for the document. More specifically, if the notified user is granted a certain type of permission to the document (e.g. read, print, etc.), then he/she will be shown information indicating which other users have that type of permission; if the notified user is not granted a certain type of permission to the document, then he/she will not be shown information indicating which other users have that type of permission. In the illustrated example in FIG. 11, user Amy has read, print and copy permissions for document Doc_001 (see FIG. 6), so the content of the first web-based tool displayed to Amy (the top panel in FIG. 11) shows which other users have read, print and copy permission. On the other hand, user Brian has read and print but not copy permissions for Doc_001, so the content of the first web-based tool displayed to Brian (the middle panel in FIG. 11) shows which other users have read and print permissions, but does not show which other users have copy permissions, as indicated by the gray areas in the display. User Frank only has read permission, so the display for him only shows which other users have read permission (the bottom panel in FIG. 11) and also teaches listing(Fig.10, shows link to the document; Note: para.8 of spec. defines the “listing” as content or a link to content)
Therefore it would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to modify Ferran in view of Lamb’s of particular roles such as military officers, government employees, contractors, etc have certain access permission for a resource such as read, create, update, delete, etc to apply the teaching of Oshurkov of displaying permissions to a user in order to provide the predictable result of particular roles such as military officers, government employees, contractors, etc have certain access permission for a resource such as read, create, update, delete, etc which is displayed to the user.
One ordinary skill in the art would have been motivated to combine the teachings in order to inform the users of what actions/permissions they have.
As per claims 2,8, Ferran in view of Lamb of Oshurkov teaches the hub system/method for use in a sharing economy according to claim 1,7, wherein the processing device is further configured to, based on the type of permissions the user has, display the listing to the user(Ferran, [0017] … For example, one user could be granted a permission to “read” all records in a table of a relational database, while another could be granted a permission to “read”, “create”, “update,” and “delete” those records. The range of actions and resources is unbounded and very general: they can be virtual or physical, coarse- or fine-grained, etc, [0124] In one embodiment, at block 910, processing logic determines an access permission based on the one or more roles of the user and the resource….[0027] In one embodiment, a permission may be a grouping of an action and a resource. For example, “read document/db/es/orders/123” may be considered a permission with “read” being the action and “document/db/es/orders/123” being the resource. Accounting for permissions, an access control system may provide responses to queries such as, Does Bob have the permission “read document/db/es/orders/123”?; and Does Alice have the permission “get endpoint/service/auth/users”? Thus, in one embodiment, a policy may be a group of permissions.; it is obvious to one ordinary skill in the art before the effective filing date of the claimed invention that in order to read a document it has to be displayed; also Oshurkov, Fig.10, shows the displaying the URL link to the document which teaches displaying the listing(para.8 of spec. defines the “listing” as content or a link to content)). Motivation to combine set forth in claim 1,7 above.
As per claims 4,10, Ferran in view of Lamb of Oshurkov teaches the hub system/method for use in a sharing economy according to claim 1,7, wherein the processing device is further configured, based on the type of permissions the user has, to allow the accessing user to use the content of the listing(Ferran, [0017… For example, one user could be granted a permission to “read” all records in a table of a relational database, while another could be granted a permission to “read”, “create”, “update,” and “delete” those records. The range of actions and resources is unbounded and very general: they can be virtual or physical, coarse- or fine-grained, etc, [0124] In one embodiment, at block 910, processing logic determines an access permission based on the one or more roles of the user and the resource….[0027] In one embodiment, a permission may be a grouping of an action and a resource. For example, “read document/db/es/orders/123” may be considered a permission with “read” being the action and “document/db/es/orders/123” being the resource. Accounting for permissions, an access control system may provide responses to queries such as, Does Bob have the permission “read document/db/es/orders/123”?; and Does Alice have the permission “get endpoint/service/auth/users”? Thus, in one embodiment, a policy may be a group of permissions.; reading and updating is “using” the document also Oshurkov, Fig.11, shows print and copy which also is “using”). Motivation to combine set forth in claim 1,7 above.
As per claims 5,11, Ferran in view of Lamb of Oshurkov teaches the hub system/method for use in a sharing economy according to claim 1,7, wherein the processing device is further configured, based on the type of permissions the user has, to allow the accessing user to make changes to the content of the listing(Ferran, [0017… For example, one user could be granted a permission to “read” all records in a table of a relational database, while another could be granted a permission to “read”, “create”, “update,” and “delete” those records. The range of actions and resources is unbounded and very general: they can be virtual or physical, coarse- or fine-grained, etc, ..updating is making changes)
Claims 3, 6, 9, 12 rejected under 35 U.S.C. 103 as being unpatentable over US 2019/0364051 issued to Ferrans et al.(Ferrans) in view of US 2012/0060030 issued to Lamb in view of US 2017/0149829 issued to Oshurkov et al.(Oshurkov) in view of US 2015/0143466 issued to Zacher et al.(Zacher).
As per claims 3,9, Ferran in view of Lamb of Oshurkov teaches the hub system/method for use in a sharing economy according to claim 1,7 teach wherein the processing device is further configured to, based on the type of permissions the user has( Ferran, [0017… For example, one user could be granted a permission to “read” all records in a table of a relational database, while another could be granted a permission to “read”, “create”, “update,” and “delete” those records. The range of actions and resources is unbounded and very general: they can be virtual or physical, coarse- or fine-grained..) however does not explicitly allow the user to download the content of the listing, which is taught by Zacher, [0020] …. Other operations also can be made available, such as uploading, deleting, modifying and downloading files and folders, defining collections of files, sharing files and collections of files with other users, accessing files and collections of files shared by other users, and searching for files and folders, according to a user's access privileges. …. The server computers maintain, store, update and access account information 140 about a user 142, including information indicative of access privileges 144, such as whether the account is enabled, whether sharing of files is enabled and the like.
Therefore it would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to modify Ferran in view of Lamb in view of Oshurkov of particular roles have certain access permissions such as read, create, update, delete to apply the teachings of Zacher of downloading files based on user’s access privileges in order to provide the predictable result of a particular role have permission to download files.
One ordinary skill in the art would have been motivated to combine the teachings in order to certain users can download files which provides security for the files.
As per claims 6,12, Ferran in view of Lamb of Oshurkov teaches the hub system/method for use in a sharing economy according to claim 1,7, wherein the processing device is further configured, based on the type of permissions the user has( Ferran, [0017… For example, one user could be granted a permission to “read” all records in a table of a relational database, while another could be granted a permission to “read”, “create”, “update,” and “delete” those records. The range of actions and resources is unbounded and very general: they can be virtual or physical, coarse- or fine-grained..) however does not explicitly teach to allow the accessing user to share the listing with another user or users which is taught by Zacher, [0020] …. Other operations also can be made available, such as uploading, deleting, modifying and downloading files and folders, defining collections of files, sharing files and collections of files with other users, accessing files and collections of files shared by other users, and searching for files and folders, according to a user's access privileges. …. The server computers maintain, store, update and access account information 140 about a user 142, including information indicative of access privileges 144, such as whether the account is enabled, whether sharing of files is enabled and the like.
Therefore it would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to modify Ferran in view of Lamb in view of Oshurkov of particular roles have certain access permissions such as read, create, update, delete to apply the teachings of Zacher of sharing files based on user’s access privileges in order to provide the predictable result of a particular role have permission to share files.
One ordinary skill in the art would have been motivated to combine the teachings in order to certain users can share files which provides security for the files.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892.
US 2017/0353466 issued to Weaver et al., teaches automatically sharing a document with user access permissions is provided. Automatic sharing of a document is performed in response to a trigger entry within the document. When a trigger entry and a user identifier entry is received, an auto-share system automatically resolves user access permissions in the background, detects sharing permissions, and shares the document with user access permissions without requiring the user who is sharing the document to manually input data.
US 2004/0261025 issued to Rizk et al., teaches storing, organizing, managing and remotely accessing documents in a secure environment. Various levels of security control access to documents and specific information on the system based on user access privileges defined by roles of a user. A cover sheet including a standard set of identification data characterizing each document is created. A digital version of each contract is created and stored by scanning each document.
US 2008/0244736 issued to Lampson et al., teaches policies or permissions is provided based on a created model. A security policy is abstracted and can be independent of a mechanism used to protect resources. An abstract model of a potential user, user role and/or resource is created without associating a specific individual and/or resource with a model.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BACKHEAN TIV whose telephone number is (571)272-5654. The examiner can normally be reached on Mon.-Thurs. 5:30-3:30. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, TONIA DOLLINGER can be reached on (571) 272-4170. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BACKHEAN TIV/
Primary Examiner
Art Unit 2459