DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to application filed 09/09/2019. Claims 1-14 are pending.

Priority
This application is a 371 of PCT/EP2017/071785 filed 08/30/2017 and claims foreign priority to SE1651182-6 filed 09/02/2016.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/28/2019, 04/10/2019 and 02/28/2020 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(4) because reference characters “62” in Fig. 4 and “67” in par. 0062 of the specification have both been used to designate “I/O interface”.  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement 

Claim Objections
Claims 2 and 8 are objected to because of the following informalities:  
In reciting “wherein each delegation is of the same data structure”, “of the same data structure” has lack of antecedent basis and is read “of same data structure”.  
Appropriate correction is required.

Double Patenting
Claim 1-14 of this application is patentably indistinct from claim 1-19 of Application No. 16/487,163 and claim 1-13 of Application No.16/329,673. Pursuant to 37 CFR 1.78(f), when two or more applications filed by the same applicant or assignee contain patentably indistinct claims, elimination of such claims from all but one application may be required in the absence of good and sufficient reason for their retention during pendency in more than one application. Applicant is required to either cancel the patentably indistinct claims from all but one application or maintain a clear line of demarcation between the applications. See MPEP § 822.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
1.	Claims 1-14 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-19 of copending Application No. 16/487,163 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other because claim 1-19 of the reference application anticipate claims 1-14 of the instant application.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
2.	Claims 1-14 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-13 of copending Application No. 16/329,673 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other because claim 1-13 of the reference application anticipate claims 1-14 of the instant application.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.

Intended Use Limitation
	Claims 1, 7 and 13 recite intended use limitation: 
“to allow the access control device to evaluate whether to grant access to the access object based on a plurality of delegations comprising a sequence of delegations from the access control device to the electronic key device such that, in the sequence of delegations, the delegator of the first delegation is the access control device, and the last delegation is the key delegation, wherein each delegation is a delegation of an access right for the access object from a delegator to a receiver, and each delegation comprises a delegator identifier and a receiver identifier”.
A recitation of the intended use of the claimed invention must result in a structural difference between the claimed invention and the prior art in order to patentably distinguish the claimed invention from the prior art. If the prior art structure is capable of performing the intended use, then it meets the claim. 
For the purpose of examination, intended use functional recitations have been considered but given less patentable weight because they fail to add any steps and are thereby regarded as intended use language. A positive recitation of the limitations is required in order to be given full patentable weight. 


Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) are: 

“sending an access request to a server, the access request comprising an identity of the electronic key device and the identity of the access control device; 
receiving a response from the server, the response comprising a key delegation to the electronic key device; and 
sending a grant access request to the access control device, the grant access request comprising the key delegation” in claim 1.

Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 3, 9 and 12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 3 and 9 recite the limitation “wherein the key delegation is digitally signed by the delegator of the delegation”. Since claims 1 and 7 recites a sequence of delegations, it is not clear the delegator of which delegation is digitally signing the key delegation. For examination, this limitation is read “wherein the key delegation is digitally signed by the delegator of the last delegation”.
Claim 12 recites the limitation “, wherein in the step of receiving a response, the response is….” There is insufficient antecedent basis for this limitation in the claim. For examination, this limitation is read “, wherein the response is”.


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 7-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because:

The claimed invention is directed to abstract idea without significantly more as follows.
Per 2019 PEG:
Step 1) claims 1 and 7 are directed to at least one of the four subject matter eligible categories of invention and claim 13 is directed to “software per se” which is not one of the four subject matter eligible categories of invention. 
Step 2A) prong one: claims 1, 7 and 13 recite limitations that are construed as abstract idea per mental processes grouping defined in 2019 PEG, is directed to mentally processed sequence or chain of access right assignment/delegation using data/information which can well be performed in human mind and/or by using pen and paper. 
Step 2A) prong two: based on the broadest reasonable interpretation, claims 1, 7 and 13 are reciting additional elements that integrate the abstract idea into a practical application because steps of “communicating…,” “sending…,” “receiving…,” and “sending…” are generically performed by a generic computer over network, wherein this feature may well be construed as an administrator providing data/information using generic computer which is accessible over the network by other parties. It is noted claim 1 is invoking 112 (f) and therefore narrows the scope beyond broadest reasonable interpretation and to the functions and structures in the specification that are part of the claimed steps. As the result, at the conclusion of Step 2A) prong two, claims 1-6 are determined patent “eligible”. 
Per claims 7-12, it is noted that none of functions performed by “a server” and “an access control device” has been positively claimed as applicant’s invention because the claimed electronic key device is not being practically used for “controlling access to an access object”. In this light, it is reasonable to conclude that the abstract idea has not been integrated into a practical application.   
Per claims 13-14, the claimed computer program and the computer program product not only are not subject matter eligible, they don’t integrate the abstract idea into a practical application for the same reasons set forth above in the analysis of claims 7-12. 
Step 2B) it is noted that claims 7-14 do not amount to significantly more because they do not positively recite an element or combination of elements that is unconventional. 
As an option and with the assumption of sufficient support in the specification, an amendment to positively claim the evaluation performed by the access control device that allows or disallows access to the access object would integrate the abstract idea into a practical application which would at least obviate the 101 abstract idea rejection of claims 7-12.    
At the conclusion of the analysis, claims 1-6 are patent “eligible” and claims 7-14 are patent “ineligible”.

Additionally, claim 13 is directed to “a computer program” which is code/computer instructions/software. Although “an electronic key device” includes an I/O interface and therefore is inherently a hardware component (see specification: par. 0062), it is not a positively claimed feature of the claimed program. As such, claim 13 is directed to software per se which is not one of the four subject matter eligible categories of invention. 

Per claim 14, a computer program product comprising a transitory computer readable mean has not been explicitly excluded from the disclosure and in fact an optional embodiment features “the access control device 1 is integrated with the access object 12, whereby the grant signal is transmitted internally, which may even occur as a software signal between different software modules of the combined access control device 1/access object 12” – Specification: par. 0033. As such, a computer readable means of claim 14 encompasses signal per se which is not one of the four subject matter eligible categories of invention. 
As an option, a recitation of “a non-transitory computer readable media” as part of the claimed product would obviate the signal per se. rejection.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1, 4-7 and 10-14 are rejected under 35 U.S.C. 102 (a) (2) as being anticipated by Matsugashita, US2017/0171201A1.

Per claim 1, Matsugashita discloses a method for controlling access to an access object, the method being performed in an electronic key device and comprising the steps of: 
communicating with an access control device to obtain an identity of the access control device (In S3.1, the web browser 410 or 510 transmits an authority delegation start request to the access token provider 530.  In S3.2, the access token provider 530 having received the authority delegation start request transmits an authorization request to the authorization server module 210 via the web browser 410 or 510 – Matsugashita: par. 0104 – Note: identity/URI is obtained so that the request may be sent to the authorization server module via the web browser); 
sending an access request to a server, the access request comprising an identity of the electronic key device and the identity of the access control device (In S3.3, the authorization server module 210 having received the authorization request from the web browser 410 or 510 verifies whether a valid authentication token as the HTTP Cookie is included in the information from the web browser 410 or 510 – Matsugashita: par. 0105 – Note: The authorization request includes at least the vendor client ID "c001@xx.com", the redirect URI https://xx/res, and the scope "resource" which are stored in the access token provider 530); 
receiving a response from the server, the response comprising a key delegation to the electronic key device (In S3.8, the authorization server module 210 having received the authorization request including the authentication token verifies whether the set of the client ID and the redirect URL is correct in the received authorization request in S3.9.  More specifically, the authorization server module 210 verifies whether the set of the client ID and the redirect URI in the received authorization request matches a set of a client ID and a redirect URI registered in the client management table…When the set of the client ID and the redirect URI in the received authorization request matches a set of a client ID and a redirect URI registered in the client management table, the authorization server module 210 transmits an authorization confirmation screen as a response to the web browser 410 or 510 in S3.10 – Matsugashita: par. 0106 – Note: also see Fig. 8A and 8B and a depiction of permit button as key delegation, wherein The authorization confirmation screen 8000 includes a permit button 8003 for causing the user to perform an authorization operation on details of the information and a refuse button 8004 for causing the user to refuse – par. 0108); and 
sending a grant access request to the access control device, the grant access request comprising the key delegation (In S3.11, the user pushes the permit button 8003 to perform an authorization operation. In S3.12, the web browser 410 or 510 transmits an authorization confirmation result to the authorization server module 210  – Matsugashita: par. 0109), to allow the access control device to evaluate whether to grant access to the access object based on a plurality of delegations comprising a sequence of delegations from the access control device to the electronic key device such that, in the sequence of delegations, the delegator of the first delegation is the access control device, and the last delegation is the key delegation (In S3.13, the authorization server module 210 issues an authorization code.  More specifically, the authorization server module 210 issues a token ID "cd_000001." The authorization server module 210 registers the vendor client ID "c001@xx.com," the redirect URI "https://xx/res," the scope "resource," and the UUID "10000001" included in the authorization request in the token management table…In S3.14 and S3.15, the authorization server module 210 allocates the token ID "cd_000001" of the issued authorization code.  The authorization server module 210 transmits an authorization response to the access token provider 530 via the web browser 410 or 510.  More specifically, the authorization server module 210 transmits a redirect response to the web browser 410 or 510 so as to redirect the redirect URI "https://xx/res" acquired at the time of transmitting the authorization request. [0111] In S3.16, the access token provider 530 transmits an authorization token request to the authorization server module 210.  The authorization token request includes at least the authorization code "cd_000001," the vendor client ID "c001@xx.com," the secret "xxxxxxxxxx," and the redirect URI "https://xx/res" transmitted at the time of transmitting the authorization request. [0112] In S3.17, the authorization server module 210 authenticates the client using a set of the acquired vendor client ID "c001@xx.com" and the acquired secret "xxxxxxxxxx." More specifically, when the set of the vendor client ID and the secret is present in the client table, the client authentication succeeds.  When the client authentication fails, the authorization server module 210 transmits an authentication error as a response to the access token provider 530.  When the client authentication succeeds, the process of S3.18 is performed. [0113] In S3.18, the authorization server module 210 verifies the acquired authorization code "cd_000001." – Matsugashita: par. 0109 and 0111-0113 - Note: A sequence when the authority delegation is started is described in Fig. 7), wherein each delegation is a delegation of an access right for the access object from a delegator to a receiver (The processes to S3.12 are the same as in the second mode.  The user instructs permission of delegation of authority to create a tenant-dedicated client to the device 500 by pushing the permit button 8003.  In this embodiment, the tenant corresponding to the tenant-dedicated client is a tenant to which the user having delegated the authority to create the tenant-dedicated client belongs – Matsugashita: par. 0142), and each delegation comprises a delegator identifier and a receiver identifier (Note: vendor client ID is the identifier of the delegator and the URI is the identifier of the receiver of the delegation).
Per claim 7, it recites an electronic key device for controlling access to an access object (FIG. 2 is a diagram illustrating a hardware configuration of the authorization server, the resource server, the terminal, and the device – Matsugashita: par. 0037 – Note: Examples of a device 500 include a printer and a mobile terminal referred to as a smartphone – par: 0034), the electronic key device comprising: 
a processor (Matsugashita: Fig. 2, CPU 2001); and 
a memory storing instructions (Matsugashita: Fig. 2, ROM 2002 and 2003) that, when executed by the processor, causes the electronic key device to perform the steps recited in claim 1. 
Therefore, claim 7 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 1 above. 

Per claim 13, it recites a computer program for controlling access to an access object, the computer program comprising computer program code which (Matsugashita: Fig. 3C), when run on an electronic key device causes the electronic key device to perform the steps recited in claim 1. 
Therefore, claim 13 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 1 above. 

Per claims 4 and 10, Matsugashita discloses features according to claims 1 and 7, wherein the key delegation comprises a time constraint (A date and time of a deadline in which the authorization code is valid may be registered as a validated period – Matsugashita: par. 0109).

Per claims 5 and 11, Matsugashita discloses features according to claims 1 and 7, wherein the key delegation comprises an operation constraint (A status indicating whether the token is valid may be registered – Matsugashita: par. 0109 – Note: device registration is an operation requirement/constraint – par. 0069).

Per claims 6 and 12, Matsugashita discloses features according to claims 1 and 7, wherein in the step of receiving a response, the response is based on the server verifying the existence of a user account associated with the identity of the electronic key device (The login application 520 has a function of authenticating a user of a device.  The login application 520 displays a screen (not illustrated) for receiving a user ID and a password from a user.  The login application 520 verifies whether a set of the user ID and the password input via the screen matches data stored in advance in the device 500 – Matsugashita: par. 0051).

Per claim 14, Matsugashita discloses a computer program product comprising a computer program according to claim 13 and a computer readable means on which the computer program is stored (Embodiments of the present invention can also be realized by a computer of a system or apparatus that reads out and executes computer executable instructions (e.g., one or more programs) recorded on a storage medium (which may also be referred to more fully as a `non-transitory computer-readable storage medium`) to perform the functions of one or more of the above-described embodiments and/or that includes one or more circuits (e.g., application specific integrated circuit (ASIC)) for performing the functions of one or more of the above-described embodiments – Matsugashita: par. 0194).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

1.	Claims 2 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Matsugashita, US2017/0171201A1 in view of McLaughlin, US2015/0222517A1.

Per claims 2 and 8, Matsugashita discloses features according to claims 1 and 7.
Matsugashita is not relied on to explicitly disclose but Matsugashita in view of McLaughlin discloses wherein each delegation is of the same data structure (FIGS. 27A-27D together show an accessory object 2700 for IP camera accessory 2402 according to an embodiment of the present invention.  In this example, accessory object 2700 is expressed in JSON and is similar in structure to accessory object 300 of FIGS. 3A-3C – McLaughlin: par. 0461).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Matsugashita in view of McLaughlin to include wherein each delegation is of the same data structure.
One of ordinary skill in the art would have been motivated because it would allow “to uniform communication protocols for communicating between controllers and accessories” by defining message formats usable by a controller to send command-and-control messages (requests) to the accessory and for the accessory to send response messages “Accordingly, any type of accessory, regardless of function, can be controlled by sending appropriate requests” – McLaughlin: par. 0002 and 0007.

2.	Claims 3 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Matsugashita, US2017/0171201A1 in view of Gunter, US2002/0162001A1.

Per claims 3 and 9, Matsugashita discloses features according to claims 1 and 7.
Matsugashita is not relied on to explicitly disclose but Matsugashita in view of Gunter discloses wherein the key delegation is digitally signed by the delegator of the delegation (A permission chain is a sequence of permission links, each of which consist of a permission link component and a signature.  The permission link component contains data that describes the permission, including the delegatee, the delegator, terms of the permission such as time limits, and other optional information.  Each time a permission is delegated, the delegator constructs a new permission link and appends it to the permission chain.  The signature cryptographically binds the identity of delegator to the existing permission chain and to the data in the new permission link component – Gunter: par. 0055).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Matsugashita in view of Gunter to include wherein the key delegation is digitally signed by the delegator of the delegation.
One of ordinary skill in the art would have been motivated because it would allow “providing a method for managing access to services under an access control system while preserving adequate security” – Gunter: par. 0011.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Tamura (US2012/0102548A1) is directed to an authentication apparatus that receives an authority delegating request from an apparatus, acquires information of authorities possessed by the user from a storage unit, presents information of the acquired authorities to the user, and receives an instruction indicating which of the authorities possessed by the user is delegated to the apparatus.  A storage unit stores, when the instruction to delegate the authority to the apparatus is received, an identifier required to uniquely identify the instruction and the authority instructed by the user to delegate, in association with each other.  Authentication information indicating delegation of the authority is transmitted to the apparatus based on the instruction from the user.
O’Neill (US8769642B1) in at least one embodiment is directed to ensuring that a delegatee in a chain of delegators is not granted more access than the original delegator or, generally, any delegators higher in the chain than a delegatee using one or more session credentials in connection with attempting to access one or more computing resources.  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to AREZOO SHERKAT whose telephone number is (571)272-8533.  The examiner can normally be reached on Monday - Friday 8:30-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571 - 272 - 3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/AREZOO SHERKAT/Examiner, Art Unit 2434