DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to communication filed on 10/29/2020.
Status of claims in the instant application:
Claims 1-20 are pending.
Claims 1, 2, 5, 8, 9, 12, 15, 16 and 19 have been amended.
No claim has been canceled.
No new claim has been added.
Response to Arguments
Applicant’s arguments, see pages [9-10] of the remarks filed on 10/29/2020, regarding objection to drawings have been considered in view of the corrected drawing filed for FIGS. 6 and 8, and they are persuasive. Therefore, the drawing objection are withdrawn.
Applicant’s arguments, see page [10] of the remarks filed on 10/29/2020, regarding claims 15-20 that were rejected under 35 USC 101 for the claims being software per se have been considered in view of the claim amendments, and they are persuasive. Therefore, the claim rejections are withdrawn.
Applicant’s arguments, see pages [10-16] of the remarks filed on 10/29/2020, regarding claims 1-20 that were rejected under 35 U.S.C. 103 as being unpatentable over Pub. No.: US 2018/0081983 A1 to CARRU et al. (hereinafter “CARRU”) in view of Pub. No.: US 2016/0234186 A1 to LEBLOND et al. (hereinafter “LEBLOND”), have 
Allowable Subject Matter
Claims 1-20 are allowed.
The following are examiner's statement of reasons for allowance: The following prior arts were yielded during the examination of applicant’s amended claim set filed on 10/29/2020 in response to office action mailed on 07/29/2020. They do not explicitly teach the applicant’s claimed invention, in view of the amended claims, but are in general realm of applicant’s field of endeavor:
CARRU et al., [US PGPUB: 20180081983], this is considered the closest prior art of the instant application, that generally teaches a system that provides cloud based identity management, at a first microservice, saves a current state on a cookie that is stored on a browser, where the current state is saved in a format specific to the first microservice. The system performs an operation on the first microservice that generates a first portion of information and a second portion of information. The system stores the first portion of information related to the operation on the cookie, the first portion including the current state. The system provides a second portion of information related to the operation to a second microservice as a query parameter on a redirect Uniform Resource Locator ("URL"), where the second portion is removed from the cookie.
Embodiments of CARRU discloses an Identity Cloud Service ("IDCS") that is a multi-tenant, cloud-scale, IAM platform. IDCS provides authentication, authorization, auditing, and federation. IDCS manages access to custom applications and services running on the public cloud, and on-premise systems. In an alternative or additional 
Carru, in one specific embodiment user login flow in a multi-tenant cloud environment for an SSO functionality provided by IDCS in one embodiment. When a user uses a browser to access a client (e.g., a browser-based application or a mobile/native application), Cloud Gate acts as an application enforcement point and enforces a policy defined in a local policy text file. If Cloud Gate 1104 detects that the user has no local application session, it requires the user to be authenticated. In order to do so, cloud gate 1104 redirects browser running on user device to OAuth2 microservice to initiate OpenID Connect login flow against the OAuth2 microservice (3-legged AZ Grant flow with scopes="openid profile").
Forster et al., [US PGPUB: 20150012751], generally teaches systems and methods for securely communicating authentication information in a networked environment such as one involving a client device, a cloud based computing platform, and an enterprise computing environment. Some embodiments may include encrypting, by a client device using a public key, authentication information provided by a user. The encrypted authentication information is sent to a cloud based service which then sends it to an on-premises component residing behind a firewall of an enterprise. The on-premises component decrypts the authentication information using a private key, validates the authentication information, and returns the result to the cloud based service over a network. If validated, the cloud based service establishes a secure connection between the client device and the on-premises component such that the 
Forster’s disclosure relates generally to systems and methods for security in a networked environment. More particularly, this disclosure relates to systems and methods for the management of authentication information. Even more particularly, this disclosure relates to the management of authentication information in a shared software-as-a-service (SaaS) environment, including the management of authentication information such as passwords related to the use of third-party applications such as SaaS applications.
GANGADHARAPPA et al., [US PGPUB: 20160036855], generally teaches a cloud-based method, a system, and a cloud-based security system include receiving a request from a user for a cloud application at a proxy server; determining whether the user is authenticated based on a presence of cookies in the request; if the cookies are present, un-transforming the cookies by the proxy server and forwarding the request with the un-transformed cookies to the cloud application; and, if the cookies are not present, forwarding the request to the cloud application by the proxy server for authentication and transforming the cookies subsequent to the authentication prior to sending the cookies to the user. The present disclosure relates generally to computer networking systems and methods. More particularly, the present disclosure relates to systems and methods for cloud application control using man-in-the-middle identity brokerage.
Jiang et al., [US PGPUB: 20170104639], generally teaches a Management-as-a-Service (MaaS) agent running on a SOPS creates collecting management statistics 
Adams et al., [US PGPUB: 20130254847], generally discloses systems and methods for establishing single identity/single-sign on (SSO) on a cloud computing platform. In an embodiment, a user is validated to the cloud computing platform, and identifies a domain. After establishing that the user has control of the domain, the cloud computing platform configures a directory service for the domain. The user may then use the directory service on the cloud computing platform to log in to his or her computer, as well as software services hosted on the cloud computing platform. The primary embodiment of the invention described herein is for SSO. It may be appreciated that the invention may be used to implement cloud-based single identity in a similar fashion. Embodiments of the invention provide for SSO to services in the cloud in ways that combine both on-premises and cloud SSO, and improve the reliability of SSO. An embodiment of the invention implements SSO in the cloud where there is no on-premises directory. A user is validated to the cloud platform though the use of 
However, none of the prior arts of record, alone or in combination, discloses all the limitations of the independents claims 1, 8 and 15. Therefore, the independent claims are allowable over the prior arts. The dependent claims being definite, further limiting, and fully enabled by the specification are also allowed by virtue of their dependence on the independent claims.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAHABUB S AHMED whose telephone number is (571)272-0364.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MAHABUB S AHMED/Examiner, Art Unit 2434
/KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434