DETAILED ACTION
Claims 1-20 are presented for examination on the merits
Notice of Pre-AIA or AIA Status
The present application is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/03/2025 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.
Drawings
The drawings filed on 05/08/2025 are accepted by the examiner.
Priority
The application is filed on 05/08/2025 and claims a priority date 03/15/2013 from respective continuation and provisional application 61/800,548 filed on 03/15/2013
Non-Statutory Double Patenting
1. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement, and there is no statutory double patenting rejection applied to other claim/claims of the set. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
2. Claims 1-20 of instant application are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-13 of Patent No.US 12,323,407 B2, over claims 1-13 of Patent No.US 11,936,639 B2, over claims 1-18, over claims 19-21, and over claims 16-18 of Patent No.US 10,958,636 B2 respectively. Further, claims 1-20 of instant application as being unpatentable over claims 1-20, Claim 21, and over Claim 10 of Patent No. US 10,164,962 B2 respectively. Although the conflicting claims are not identical, they are not patentably distinct from each other because both applications recite similar steps of using client certificates to communicate trusted information.
Claim Comparison Table
Instant Application: 19/203,102
Patent No: US 12,323,407 B2
1. A device comprising a processor implemented on one or more computer chips configured to: authenticate a client certificate, wherein the client certificate is signed by a private certificate authority associated with the device, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes comprise a certificate identifier (ID) attribute and a tenant ID attribute, wherein the certificate ID attribute identifies a client and uniquely identifies the client certificate, wherein the tenant ID attribute is associated with partner data and specifies which partner data is client accessible, and wherein the reformatted attributes can be trusted.
1. A device comprising a processor implemented on one or more computer chips configured to: authenticate a client certificate, wherein the client certificate is signed by a private certificate authority associated with the device, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes comprise a certificate identifier (ID) attribute, a tenant ID attribute, and a role ID attribute, wherein the certificate ID attribute identifies the client and uniquely identifies the client certificate, wherein the tenant ID attribute is associated with partner data and specifies which partner data is client accessible, wherein the role ID attribute helps to implement role-based access control, and wherein the reformatted attributes can be trusted.
2. The device of claim 1, wherein the reformatted attributes further comprise a role ID attribute.
4. The device of claim 1, wherein the reformatted attributes can be trusted because the processor created the message comprising the reformatted attributes.
3. The device of claim 1, wherein the device is a gateway server and wherein the gateway server is configured to receive the client certificate from a client.
2. The device of claim 1, wherein the device is a gateway server and wherein the gateway server is configured to receive the client certificate from a client.
4. The device of claim 2, wherein the device is a gateway server and wherein the gateway server is configured to receive the client certificate from a client.
2. The device of claim 1, wherein the device is a gateway server and wherein the gateway server is configured to receive the client certificate from a client.
5. The device of claim 1, wherein the reformatted attributes can be trusted because of the authentication.
3. The device of claim 1, wherein the reformatted attributes can be trusted because of the authentication.
Claims 6-20
Claims 1-13
Claim Rejections - 35 USC § 103
3. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
4. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
5. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
6. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
7. Claims 1-19 are rejected under 35 U.S.C. 103 as being unpatentable over Shiffer et al. (US 20090198651 A1, hereinafter, Shiffer) in view of Kakii (US 20060020782 A1).
Regarding claim 1, Shiffer discloses A device comprising a processor implemented on one or more computer chips configured to: authenticate a client certificate (Paragraphs 0080: Controller 700 validates the Agent certificate the Controller ensures that it matches the certificate on record), wherein the client certificate is signed by a private certificate authority associated with the device (Paragraphs 0075, 0067, 0038: certificate signing request (CSR) is sent which is digitally signed by the TDCA wherein a trust domain (TD) is maintained by creation of a certificate authority (CA)),
[extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes],
wherein the reformatted attributes comprise a certificate identifier (ID) attribute and a tenant ID attribute (Para 0085, 0189 : the format of the certificate is specified including the X.509 standard whereby the certificate was digitally signed by its own private key associated with a secret/public key pair with a corresponding certificate that encompasses the public key; Para 0189, 0061: data is formatted with attributes/properties wherein agent/tenant is identified in the record for that certificate including network address information),
wherein the certificate ID attribute identifies a client and uniquely identifies the client certificate (Para 0074: X.509 standard is used for certificates including format, and identities associated with subscribing entities and trust domain certificate authority (TDCA); Para 0082, 0175, 0177: uniquely identify subscribing entities in the trust domain (i.e. collaborative paradigm) wherein a unique identifier associated with user/role as a trust domain entity),
wherein the tenant ID attribute is associated with partner data and specifies which partner data is client accessible (Para 0082, 0175, 0177: uniquely identify subscribing entities in the trust domain (i.e. collaborative paradigm) wherein a unique identifier associated with user/role as a trust domain entity, directly authenticates into the controller cluster wherein resources being shared/accessed across the entities/agents.), and
wherein the reformatted attributes can be trusted (Paragraphs 0067, 0074: a trust domain (TD) is maintained by creation of a certificate authority (CA), which is subsequently used to issue credentials to participating entities and to validate that an entity is a member of a given trust domain).
Shiffer does not explicitly states but Kakii from the same or similar fields of endeavor teaches extract (Kakii, Para 0198: a serial number of a certificate, a certificate content, a validated date, a device number of an issuance subject device, an issued date of the certificate are extracted/stored),
in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes (Kakii, Para 0180: a message is written in an XML format; Para 0134; a format of the public key certificate shown in FIG. 8 is used wherein the public key itself, in the format, information such as an issuer of a certificate, a validated date of the certificate, a subject (a device or a user as an issuance destination of the certificate) to be certified. In detail, for example, the public key certificate can be created in accordance with a format called an X.509 format)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes as taught by Kakii in the teachings of Shiffer for the advantage of public key certificate transmission to communication partners each having a communication function are mutually connected through a network to protect contents of the confidential information (Kakii, Para 0002, 0005).
Regarding claim 2, the combination of Shiffer and Kakii discloses The device of claim 1, wherein the reformatted attributes further comprise a role ID attribute (Shiffer Para 0068, 0175: subscribing entity role in a trust domain associated with a unique identifier).
Regarding claim 3, the combination of Shiffer and Kakii discloses the device of claim 1, wherein the device is a gateway server and wherein the gateway server is configured to receive the client certificate from a client (Shiffer Fig 1 and associated texts: a data controller 30 and middleware; Para 0067: a trust domain (TD) is maintained by creation of a certificate authority (CA), which is subsequently used to issue credentials to participating entities and to validate that an entity is a member of a given trust domain).
Regarding claim 4, the combination of Shiffer and Kakii discloses the device of claim 2, wherein the device is a gateway server and wherein the gateway server is configured to receive the client certificate from a client. (Shiffer Fig 1 and associated texts: a data controller 30 and middleware; Para 0067: a trust domain (TD) is maintained by creation of a certificate authority (CA), which is subsequently used to issue credentials to participating entities and to validate that an entity is a member of a given trust domain).
Regarding claim 5, the combination of Shiffer and Kakii discloses the device of claim 1, wherein the reformatted attributes can be trusted because of the authentication (Shiffer Para 0074: X.509 standard is used for certificates including format, and identities associated with subscribing entities and trust domain certificate authority (TDCA); Para 0082, 0175, 0177: uniquely identify subscribing entities in the trust domain (i.e. collaborative paradigm) wherein a unique identifier associated with user/role as a trust domain entity).
Regarding claim 6, the combination of Shiffer and Kakii discloses the device of claim 2, wherein the reformatted attributes can be trusted because of the authentication. (Shiffer Para 0074: X.509 standard is used for certificates including format, and identities associated with subscribing entities and trust domain certificate authority (TDCA); Para 0082, 0175, 0177: uniquely identify subscribing entities in the trust domain (i.e. collaborative paradigm) wherein a unique identifier associated with user/role as a trust domain entity).
Regarding claim 7, the combination of Shiffer and Kakii discloses The device of claim 1, wherein the reformatted attributes can be trusted because the processor created the message comprising the reformatted attributes (Kakii, Para 0180: a message is written in an XML format; Para 0134; a format of the public key certificate shown in FIG. 8 is used wherein the public key itself, in the format, information such as an issuer of a certificate, a validated date of the certificate, a subject (a device or a user as an issuance destination of the certificate) to be certified. In detail, for example, the public key certificate can be created in accordance with a format called an X.509 format).
Regarding claim 8, the combination of Shiffer and Kakii discloses the device of claim 1, the device of claim 2, wherein the reformatted attributes can be trusted because the processor created the message comprising the reformatted attributes. (Kakii, Para 0180: a message is written in an XML format; Para 0134; a format of the public key certificate shown in FIG. 8 is used wherein the public key itself, in the format, information such as an issuer of a certificate, a validated date of the certificate, a subject (a device or a user as an issuance destination of the certificate) to be certified. In detail, for example, the public key certificate can be created in accordance with a format called an X.509 format).
Regarding claim 9, the combination of Shiffer and Kakii discloses The device of claim 1, wherein the reformatted attributes are included in Hypertext Transfer Protocol (HTTP) or HTTP Secure (HTTPS) headers (Kakii Para 0108-0110: HTTPS client function part 31 includes a function for requesting a communication with respect to a device having a function of an HTTPS server using an HTTPS protocol in accordance with the SSL).
Regarding claim 10, the combination of Shiffer and Kakii discloses the device of claim 1, wherein the message is in an Extensible Markup Language (XML) or JavaScript Object Notation (JSON) format. (Kakii Para 0108: he requirement for formal schema and storage syntax is met by using Extensible Markup Language (XML). Wherein assigning URIs to every data object within the system, representing those objects as XML documents, and utilizing the Hypertext Transfer Protocol (HTTP) over SSL)
Regarding claim 11, Claim 11 is similar in scope to claim 1, and is therefore rejected under similar rationale.
Regarding claim 12; Claim 13 is similar in scope to claim 2, is therefore rejected under similar rationale.
Regarding claim 13; Claim 13 is similar in scope to claims 2 and 5, and is therefore rejected under similar rationale.
Regarding claim 14; Claim 14 is similar in scope to claim 3, and is therefore rejected under similar rationale.
Regarding claim 15; Claim 15 is similar in scope to claim 10, and is therefore rejected under similar rationale.
Regarding claim 16; Claim 16 is similar in scope to claim 1, and is therefore rejected under similar rationale.
Regarding claim 17; Claim 17 is similar in scope to claim 2, and is therefore rejected under similar rationale.
Regarding claim 18; Claim 18 is similar in scope to claim 2, and is therefore rejected under similar rationale.
Regarding claim 19; the combination of Shiffer and Kakii discloses the method of claim 18, further comprising transmitting the message (public key certificate transmission to communication partners each having a communication function are mutually connected through a network to protect contents of the confidential information (Kakii, Para 0002, 0005).
Examiner Notes
8. Examiner notes that independent claims 11 and 16 do not recite limitations similar to those recited in claim 1. Accordingly, the scope/embodiment of independent claims 11 and 16 appears different from the scope of claim 1. It is suggested that Applicant consider revising the independent claims to include corresponding limitations, where appropriate, so that the claims maintain consistent scope across the independent claims.
Allowable Subject Matter
9. Claim 20 would be allowable if rewritten or amended to overcome the rejection(s) under double patenting, set forth in this office action and to include all of the limitations of the base claim and any intervening claims.
Reasons for Allowance
10. The following is an examiner’s statement of reasons for placing claim 20 under allowable subject matters:
The limitation of dependent claim 20 are allowed and the corresponding dependent claims including respective and any intervening claims are not disclosed by the any of the prior art of record. For example, the limitations in claim 20 recites “reformatted attributes further comprise a role ID attribute.... wherein the role ID attribute specifies a role of the device…. transmitting the message….receiving, in response to the transmitting, a resource associated with the shareable service....” which are not are not taught or fairly suggested by the prior art of record.
The allowable subject matters in above dependent claims are novel and non-obvious in scope over the prior art of record as the prior-art references fail to teach each and every features of the aforesaid dependent claim(s) including the limitations set forth above.
In view of the foregoing, the scope of claimed subject matters renders the invention patentably distinct as none of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the invention of the present application at or before the time it was filed.
Furthermore, the Examiner performed updated search which does not yield other specific references that reasonably, either alone or in combination, would result a proper rejection of all the claimed features presented in each of the dependent claim 20 under 35 U.S.C 102 or 35 U.S.C.103 with proper motivation.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."
Conclusion
11. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Logue (US 20060212520 A1) discloses authentication methods for the authentication portion can include, for example, checksums, salts, hashes and digital signatures. Once a federated token is authenticated by decrypting the authentication portion according to one or more of these authentication methods, the federated token is validated by determining the defined use-base and determining whether the receipt of the federated token satisfies the defined use.
Faibish et al. (US 8719590 B1) discloses a cloud infrastructure is configured to receive a processing job from a tenant, to obtain a first key specific to the tenant, to determine a second key utilizing information supplied by the tenant, and to encrypt one or more results of the processing job utilizing a combination of the first key and the second key. .
12. In an effort to advance compact prosecution, with respect to any amendments to the claimed invention, the applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention.
Moreover with respect to advancing compact prosecution, if the applicant intends to make numerous amendments, the examiner respectfully requests that applicant submit a clean copy of the claims in addition to the marked up copy of the claims in order to expedite the examination process by allowing for accurate optical character recognition (OCR) of the claims.
The prior art made of record and not relied upon, if any, is considered pertinent to applicant’s disclosure and would be listed under PTO-Form 892.
13. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAHFUZUR RAHMAN whose telephone number is (571)270-7638. The examiner can normally be reached on Monday thru Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MAHFUZUR RAHMAN/Primary Examiner, Art Unit 2498