DETAILED ACTION

Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The present office action is responsive to communications received on 12/19/2018. Claims 1-12 are pending.

Priority
Receipt is acknowledged of papers submitted under 35 U.S.C. 119(a)-(d), which papers have been placed of record in the file.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/19/2018 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Examiner's Notes
Applicant amended claim 1 by “strike-through” single character as in “a relay configured to relayrelay. See MPEP § 714(c)(2).

Claim Objections
Claim 1 is objected to because of the following informalities: 
Claim 1 recites “an user authentication information management” and “an user authentication”, which should use “a user authentication…” instead.
Claim 1 recites “a relay configured to relay communication … with regard to a user authenticated by the user authentication unit.” However, dependent claims 4, 8 and 9 recite “…with regard to a user authorized by the user authentication unit”. The expression “a user” in claims 4, 8 and 9 has already been defined previously in claim 1 and should therefore be referred to using a definite article.
Appropriate correction is required.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support 

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 

Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) are: 
“an user authentication information management configured to …”, “an user authentication configured to …”, “a target system acquisition configured to …”, and “a relay configured to …” in claim 1.
“user authentication information management unit configured to …” in claim 6.
“user authentication information management unit configured to …” in claim 7.



If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

s 1-12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

Claim limitation “an user authentication information management configured to …”, “an user authentication configured to …”, “a target system acquisition configured to …”, “a relay configured to …”, and “user authentication information management unit configured to …” in claim 1, 6, and 7 invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. Therefore, the claims are indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.

Claim 1 recites the limitation "the user authentication information management unit" and “the user authentication unit”. Claims 4, 5, 8-12 recite the limitation "the relay unit". There is insufficient antecedent basis for this limitation in the claims.
Claim 1 recites "an user authentication information management…for using each of one or more available systems; an user authentication …for an arbitrary authentication target system among the systems from a terminal…; a target system acquisition…representing a target system among the systems;" There is insufficient antecedent basis for the limitation “among the systems” in the claim, because it is not clear these “available systems” and “the systems” are the same or different. Similar rejection applies for claim 6 and 7 as well.
Claim 1, 3, 4 and 6-9 recites "an arbitrary authentication target system among the systems", “the authentication target system”, “a target system among the systems” and “the target system”. It is not clear these various “target system” are the same or different.
 one or more available systems;” while claim 5 and 10-12 recite “when the user authentication information management unit stores and manages the user authentication information for each of a plurality of systems”. It is not clear these are the same or different systems.
Claims 5 and 10-12 recite “wherein, when the user authentication information management unit stores and manages the user authentication information for each of a plurality of systems, when the relay unit detects update processing of user information relating to the user, which is used in the system, in communication that the relay unit is relaying between the terminal and the system, the relay unit transmits, based on the user information in the detected update processing, information of requesting update of user information that is used in each of the other systems to each of the other systems, using the user authentication information for each of the other systems stored in the user authentication information management unit with regard to the user.” It is not clear the relationship among “a plurality of systems”, “the system” and “the other systems”.
Claim 7 recites the limitation "relaying communication between the terminal and the target system using user authentication information for the target system stored in the user authentication information management means with regard to a user authenticated at the user authentication". There is insufficient antecedent basis for the limitation “the user authentication information management means” in the claim.

The dependent claims included in the statement of rejection but not specifically addressed in the body of the rejection have inherited the deficiencies of their parent claim and have not resolved the 

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1, 2, 4 and 6-8 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Ohara (US 20130321859 A1).

Regarding claim 1, Ohara teaches a user authentication integration device comprising:
an user authentication information management configured to store and manage, for each user, user authentication information for using each of one or more available systems; ([0005] the relay server to execute: registering first combination information in an information memory, the first 

an user authentication configured to, when receiving user authentication information for an arbitrary authentication target system among the systems from a terminal, performs user authentication relating to the authentication target system, using the received user authentication information; ([0030, 0031] FIG. 2 shows a communication process executed by a relay server. In S10 the control unit 30 monitors whether a login is executed by a communication apparatus. In a case where the login is executed (YES in S10), the process proceeds to S12. In S12 the control unit 30 executes an authentication process.)

a target system acquisition configured to, when the user authentication is successful, acquires, from the terminal, information representing a target system among the systems; and ([0031, 0032, 0034] the control unit 30 determines that authentication succeeded (YES in S12), and the process proceeds to S14. In S14 the control unit 30 sends a service list to the communication apparatus that is the sending source of the login information. In S16 the control unit 30 monitors whether a service is selected by the user of the MFP 90.) Here a service selected by the user is analogous to claim limitation “acquiring information representing a target system from the terminal”.

a relay configured to relay communication between the terminal and the target system using user authentication information for the target system stored in the user authentication information management unit with regard to a user authenticated by the user authentication unit. ([0034-0036, 

Regarding claim 2, Ohara teaches all the features with respect to claim 1, as outlined above. Ohara further teaches wherein the user authentication unit performs the user authentication by collating the received user authentication information with information stored in the user authentication information management unit. ([0031] In S12 the control unit 30 executes an authentication process. The authentication process is a process determining whether combination information (called “target combination information” below) that includes the relay account information (the user ID and password) and the device ID included in the login information is registered in the 

Regarding claim 4, Ohara teaches all the features with respect to claim 1, as outlined above. Ohara further teaches wherein the relay unit relays communication between the terminal and the target system, when the relay unit transmits user authentication information for the target system, which is stored in the user authentication information management unit with regard to a user authorized by the user authentication unit, to the target system and receives information representing successful user authentication from the target system. ([0035, 0036] In S20 the relaying unit 72 sends, to the service providing server that has the target service ID (e.g., the service providing server 80), the service account information included in the one target combination information that, from among the one or more target combination information, includes the target service ID. In a case where the service account information is sent to the service providing server 80, the service providing server 80 executes an authentication process upon receiving the service account information. In a case where the service account information is registered in the service providing server 80, the service providing server 80 determines that authentication succeeded. In a case of determining that authentication succeeded, the service providing server 80 sends the news stored in the service providing server 80 to the relay server 10. Moreover, in a case of determining that authentication failed, the service providing server 80 sends information indicating authentication failure to the relay server 10.)

Regarding claim 6 and 7, the scope of the claim is similar to that of claim 1. Accordingly, the 

Regarding claim 8, the scope of the claim is similar to that of claim 4. Accordingly, the claim is rejected using a similar rationale.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 3 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Ohara (US 20130321859 A1) in view of Yamauchi (JP 2014154112 A).

Regarding claim 3, Ohara teaches all the features with respect to claim 1, as outlined above. But Ohara does not teach wherein the user authentication unit performs the user authentication by transmitting the received user authentication information to the authentication target system and receiving information representing whether the user authentication is successful from the authentication target system. This aspect of the claim is identified as a difference.
However, Yamauchi in an analogous art explicitly teaches wherein the user authentication unit performs the user authentication by transmitting the received user authentication information to the authentication target system and receiving information representing whether the user authentication is successful from the authentication target system. ([p. 4, ¶15-17] FIG. 4: the authentication relay unit 217 of the relay device 210 transmits an authentication request (authentication information) from any of the clients 101 to 103 to all servers (here, the server 201 and the server 202) that are targets of single sign-on. Next, when the relay device 210 receives the session information (access qualification information) together with the result of the successful authentication from the server (here, the server 201 and the server 202) by the communication control unit 216, the respective session information (access qualification information). Is recorded in the EPROM 212. After receiving the authentication success results from all the servers (here, the server 201 and the server 202), the relay device 210 transmits the authentication success result and the session to the client that has transmitted the authentication request by the communication control unit 216.)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “relay server” concept of Ohara, and the “communication data relay” approach of Yamauchi, to realize single sign-on login method that allows a user to use a plurality of information systems requiring authentication by performing a login operation once and receiving authentication without modifying existing authentication system (Yamauchi [p. 2, Description ¶4&7]).

Regarding claim 9, Ohara in view of Yamauchi teaches all the features with respect to claim 3, as outlined above. The combination further teaches wherein the relay unit relays communication between the terminal and the target system, when the relay unit transmits user authentication information for the target system, which is stored in the user authentication information management unit with regard to a user authorized by the user authentication unit, to the target system and receives information representing successful user authentication from the target system. ([Ohara 0035, 0036] In S20 the relaying unit 72 sends, to the service providing server that has the target service ID (e.g., the service providing server 80), the service account information included in the one target combination information that, from among the one or more target combination information, includes the target service ID. In a case where the service account information is sent to the service providing server 80, the service providing server 80 executes an authentication process upon receiving the service account information. In a case where the service account information is registered in the service providing server 80, the service providing server 80 determines that authentication succeeded. In a case of determining that authentication succeeded, the service providing server 80 sends the news stored in the service providing server 80 to the relay server 10. Moreover, in a case of determining that authentication failed, the service providing server 80 sends information indicating authentication failure to the relay server 10.)

Claims 5, 10 and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Ohara (US 20130321859 A1) in view of Hitchcock (US 10475018 B1).

Regarding claim 5, Ohara teaches all the features with respect to claim 1, as outlined above. Ohara further teaches wherein, when the user authentication information management unit stores and manages the user authentication information for each of a plurality of systems. ([0005] the relay server to execute: registering first combination information in an information memory, the first combination information including specific account information for a specific user who uses the specific communication device and first account information for the specific user, the first account information being registered in the first service providing server.) But Ohara does not teach when the relay unit detects update processing of user information relating to the user, which is used in the system, in 
However, Hitchcock in an analogous art explicitly teaches when the relay unit detects update processing of user information relating to the user, which is used in the system, in communication that the relay unit is relaying between the terminal and the system, the relay unit transmits, based on the user information in the detected update processing, information of requesting update of user information that is used in each of the other systems to each of the other systems, using the user authentication information for each of the other systems stored in the user authentication information management unit with regard to the user. ([col. 2, ll.9-16; col. 7, ll.11-14] Account management logic that manages the security credentials for each account is configured to communicate with each account provider automatically and provide the updated account information. In various embodiments, the account management logic may be embodied within the user's client device, within a proxy server or other intermediate network device, or within a server that performs the account management functions. The user may enter the updated information one time, with the updates being automatically propagated for multiple accounts with potentially multiple account providers via the account management logic 230.) In summary, Hitchcock discloses account management logic, which can be the relay server taught by Ohara and can determine that personal information associated with a user has been updated. Multiple accounts of the user that may use the personal information are determined. The accounts are with multiple account providers. Corresponding account update requests for the accounts are sent to the account providers. The account update requests specify the personal 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “relay server” concept of Ohara, and the “updating account data with multiple account providers” approach of Hitchcock, to facilitate automatic updates of account data for multiple account providers. Otherwise user has to log in manually with each account provider and use differing processes in order to update for the respective account provider. Such procedures are burdensome, and may lead to communication failure, payment failure, fraud if user delays or forgets to visit separate network sites for each account to update the information manually (Hitchcock [col. 1, l.61 - col. 2, l.7]).

Regarding claim 10 and 12, the scope of the claim is similar to that of claim 5. Accordingly, the claims are rejected using a similar rationale.

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Ohara (US 20130321859 A1) in view of Yamauchi (JP 2014154112 A) and Hitchcock (US 10475018 B1).

Regarding claim 11, Ohara in view of Yamauchi teaches all the features with respect to claim 3, as outlined above. Ohara in view of Yamauchi and Hitchcock further teaches 
wherein, when the user authentication information management unit stores and manages the user authentication information for each of a plurality of systems, ([Ohara 0005] the relay server to execute: registering first combination information in an information memory, the first combination information including specific account information for a specific user who uses the specific communication device and first account information for the specific user, the first account information 
when the relay unit detects update processing of user information relating to the user, which is used in the system, in communication that the relay unit is relaying between the terminal and the system, the relay unit transmits, based on the user information in the detected update processing, information of requesting update of user information that is used in each of the other systems to each of the other systems, using the user authentication information for each of the other systems stored in the user authentication information management unit with regard to the user. ([Hitchcock col. 2, ll.9-16; col. 7, ll.11-14] Account management logic that manages the security credentials for each account is configured to communicate with each account provider automatically and provide the updated account information. In various embodiments, the account management logic may be embodied within the user's client device, within a proxy server or other intermediate network device, or within a server that performs the account management functions. The user may enter the updated information one time, with the updates being automatically propagated for multiple accounts with potentially multiple account providers via the account management logic 230.) In summary, Hitchcock discloses account management logic, which can be the relay server taught by Ohara and can determine that personal information associated with a user has been updated. Multiple accounts of the user that may use the personal information are determined. The accounts are with multiple account providers. Corresponding account update requests for the accounts are sent to the account providers. The account update requests specify the personal information that has been updated.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US 20170013524 A1, "Methods and system in user service enhancement for roaming in wireless mesh networks", by Ho, teaches exemplary flow of process for propagation of user profile. User updates are generated and/or detected from network. User Service Monitor detects and generates User updates. User Service Propagation Engine receives User updates. User Service Propagation Engine accesses User Profile Storage to determine and create a set of User updates. User Service Propagation Engine updates User Profile Storage. User Service Operator accesses User Profiles and User Service Rules to operate on User Services. User Service Propagation Engine accesses User Service Propagation Schemes and WMR Profile Storage to determine a set of WMR to propagate the User updates.
US 9544293 B2, "Global unified session identifier across multiple data centers", by Mathew, teaches when a user first accesses a data center and an initial session is created for the user in the data center, a session identifier is generated for the user session. Because the initial session is the first session created for that user, the initial session identifier is designated as the global unified session identifier for all sessions that may be created for the user in other data centers within the enterprise network. Other data centers may then map the global unified session identifiers to locally generated session identifiers for the user. Using a global unified session identifier enables various user session actions to be performed globally across the data centers, including global logout, global session termination, global session updates.
US 9282098 B1, "Proxy server-based network site account management", by Hitchcock, teaches a first request for a secured resource on a network site is received from a client. It is determined whether stored account information is available for the secured resource. A second request for the secured resource is generated based at least in part .

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAN YANG whose telephone number is (408)918-7638.  The examiner can normally be reached on Monday to Friday, 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/H.Y./Examiner, Art Unit 2493


/Kevin Bechtel/Primary Examiner, Art Unit 2491