DETAILED ACTION
Claims 1-20 are pending.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 07/04/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5-13, and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Chang et al. (US PGPUB US 2014/0208119 A1) in view of Chambliss et al. (US PGPUB US 2017/0093844 A1).

Regarding claim 1, Chang teaches a method performed by a server in a computing system, the method comprising: 
receiving a request for a task token from a computing node (¶ [0007]: a user may be an actual person or another requesting process (i.e., task); ¶ [0021-22]; ¶ [0026]: a user first logs wherein the task token is a token specific to a task scheduled for execution on the computing node, and wherein the request for the task token includes a task identifier (ID) that identifies the task (¶ [0021]; ¶ [0022]: when a user requests services of a server, the user first authenticates (151) to the server process using authentication credentials such as user ID and password. After a successful authentication, at least one security token is issued to represent the user identity (152).); 
digitally signing at least the task ID to obtain a digital signature, and incorporating the task ID and the digital signature into the task token (¶ [0028]: when a user passes (101) his her or its credentials (e.g. user id/password) to an inlet server or owning process (OP) to request services from a targeted server, the first token (OP Token) is generated with the uid/password in its payload, and the first token is signed using the OP's key.); 
transmitting the task token to the computing node (Fig. 2, Step 105; ¶ [0026]: a User Token, which is returned (104, 105) to the owning process.).
 subsequently receiving a request for a data access token from the computing node, wherein the data access token is a token required to access data stored in a data storage system, and wherein the request for the data access token includes the task token (Abstract: Exposure of sensitive information to users is controlled using a first security token containing 
verifying the digital signature of the task token received in the request for the data access token (¶ [0043]: The target process accepts a multiple-hop request if one or more, and preferably all of the following are determined to be true: ¶ [0045]: 2. the endorsement token is valid, e.g., token is signed by its issuer and the digital signature is verified, and that the token is within its expiration time).
 
Chang does not expressly disclose extracting the task ID from the task token received in the request for the data access token; 
transmitting a message to a computing device, the message including the task ID and the message querying whether the task identified by the task ID is still being executed by the computing node receiving a response from the computing device, the response indicating that the task identified by the task ID is still being executed by the computing node; 
subsequent to receiving the response, sending the data access token to the computing node.  

However, Chambliss teaches a method for utilizing a token to issue request for data handling (See at least ¶ [0033] and ¶ [0056-57]: I/O request against a data object (i.e., access token)). Further, Chambliss teaches extracting the task ID from the task token received in the request for the data access token (¶ [0060]: If the I/O driver 206 determines that the data object 108 is protected (YES branch from step 606), then the I/O driver searches (step 608) in the tokens table 212 for a valid token. The search is based on the process ID generating the request and the identifiers of the data object 108.); 
transmitting a message to a computing device, the message including the task ID and the message querying whether the task identified by the task ID is still being executed by the computing node receiving a response from the computing device, the response indicating that the task identified by the task ID is still being executed by the computing node (¶ [0060]: If a token is found in the tokens table 212, the found token is validated by comparing the executable signature in the token with the executable signature associated with the process of the access program 202… The token may also have a limited span of validity. For example the span may limit the token to a number of I/Os or a definite lifetime and if the span is exhausted then the token is invalid; ¶ [0061]: In step 610, the I/O driver 206 determines whether the I/O driver 206 has a valid token); 
subsequent to receiving the response, sending the data access token to the computing node (¶ [0063]: If step 610 determines that the I/O driver 206 has a valid token (YES branch from step 610), then in step 618 the I/O driver 206 constructs an I/O request, which must be signed in order to be valid, which is sent by the client node 104 to the storage server 107. The I/O request contains the fields that would be contained in a native I/O request, as well as signature fields which are data values that are recognized by the storage server 107 as evidence of a valid certificate on the client node 104. In this embodiment using a token, the signature fields comprise a session validation field derived from the valid token. The session validation field is recognized by the storage server 107 as evidence of a valid token on the client node 104, and the presence of the token is recognized as evidence of a valid certificate. The session validation field may comprise a session identifier taken from the token, a code value drawn from a list contained in the token, and a code index indicating which element in the list is used.).  

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chambliss with the teachings of Chang to determine based on token validity whether to allow access to particular data objects. The modification would have been motivated by the desire ensuring specific access programs to have privileged handling of data objects.

Regarding claim 2, Chang teaches wherein the task originates from a user, wherein the request for the task token also includes information that identifies the user, wherein the information that 51S&B Ref: 6000152-7 identifies the user is also digitally signed by the server to obtain the digital signature, and wherein the information that identifies the user is also incorporated into the task token (¶ [0008]: a first security token containing user identity and user credentials 

Regarding claim 3, Chambliss teaches wherein the computing system is a distributed computing system, wherein the computing node is one of a plurality of computing nodes in the distributed computing system (¶ [0021]: The storage server 107 is distributed across one or more hardware servers), and wherein the computing device is a resource manager responsible for scheduling tasks on the computing nodes (¶ [0015]: enables a data storage system to recognize privileged access to data by certified access programs, and offers only degraded access to data by non-certified programs.).  

Regarding claim 5, Chambliss teaches further comprising: 
extracting the information identifying the user from the task token received in the request for the data access token (¶ [0060]: If the I/O driver 206 determines that the data object 108 is protected (YES branch from step 606), then the I/O driver searches (step 608) in the 
using the information identifying the user to determine a restriction on the user in relation to accessing the data in the data storage system (¶ [0061]: In step 610, the I/O driver 206 determines whether the I/O driver 206 has a valid token); and 
indicating the restriction in the data access token and/or in information sent to the computing node along with the data access token (¶ [0015]: enables a data storage system to recognize privileged access to data by certified access programs, and offers only degraded access to data by non-certified programs; ¶ [0062]; ¶ [0063]).  
Regarding claim 6, Chambliss teaches wherein the restriction comprises at least one of the following: 
the user does not have permission to read the data in the data storage system; and/or 
the user does not have permission to write data to the data storage system; and/or 
the user has access to only certain data in the data storage system (¶ [0015] The present invention enables a data storage system to recognize privileged access to data by certified access programs, and offers only degraded access to data by non-certified programs; ¶ [0018] In this manner, even an authorized user who can access a given type of data could not access the data through the tool of the user's choice but just through certified programs; otherwise the access will be denied or degraded (e.g., rate-limited).).  

Regarding claim 7, Chambliss teaches further comprising also using the task ID to determine the restriction, and wherein the restriction comprises the user only being able to access certain data in the data storage system for the task identified by the task ID (¶ [0062]: If step 610 determines that the I/O driver 206 has no valid token (NO branch from step 610), then the I/O driver 206 posts (step 612) a work item to request a token. The work item includes the process ID, the current executable signature, and the identifiers of the data object 108. Then in step 614, the I/O driver 206 submits a native I/O request or command. For example, the native I/O request may be a READ-10 or READ-12 or READ-16 SCSI command containing a logical block address, a block count, and identifiers of the logical unit. The storage server 107 processes (step 616) the native request with degraded handling if the data object 108 is protected; ¶ [0063]).  

Regarding claim 8, Chang teaches wherein the digital signature is obtained by: 
the server using a private key to digitally sign a data block that includes at least the task ID and the information that identifies the user (¶ [0021]: one security token which contains user identity and user credentials to represent the user who is requesting services from a server, where the term "user" may refer to a device being operated by a human user or it may refer to another process. The security token (or tokens) contains two other identities, an identity of the token issuer, and an identity of the owning process. ¶ [0022]: the user first authenticates (151) to the server process using authentication credentials such as user ID and password. After a successful authentication, at least one security token is issued to represent the user identity (152). Typically, the owning process of a security token is the server process that received the user 
wherein the task token comprises the digital signature, the task ID, and the information that identifies the user (Fig. 1, Token contains: user identity, user credentials, identity of the token issuer, and identity of the owning process, and is signed by token services private key).  

Regarding claim 9, Chang teaches wherein the digital signature is a first digital signature, wherein the task ID is bound to an identity of the computing node using a second digital signature, wherein 52S&B Ref: 6000152-7 the second digital signature is received from the computing node, and wherein the second digital signature is verified by the server prior to sending the data access token to the computing node (¶ [0024] Assuming that a request message and a security token is received by a downstream server process, and that the validity and integrity of the request message and the security token is verified, and the request is authorized, the receiving server process can make downstream requests (152) on behalf of the original requester by sending the received security token along with its own server security token, and endorse the downstream request by digitally signing (second digital signature) the request message by using its server private key that is identified by the owing process private key in its owner server security token.).  

Regarding claim 10, Chang teaches wherein the server incorporates the task ID and/or the information identifying the user into the data access token (¶ [0023]: During operation, a process receiving a security token can use the issuer process name and the issuer key 

Regarding claim 11, it is a system type claim having similar limitations as of claim 1. Therefore, it is rejected under the same rationale. The additional limitations a processor, a memory, at least one network interface are taught by Chang in at least ¶ [0064]: “The "hardware" portion of a computing platform typically includes one or more processors (504) accompanied by, sometimes, specialized co-processors or accelerators, such as graphics accelerators, and by suitable computer readable memory devices (RAM, ROM, disk drives, removable memory cards, etc.). Depending on the computing platform, one or more network interfaces (505) may be provided, as well as specialty interfaces for specific applications.”

Regarding claim 12, it is a system type claim having similar limitations as of claim 2. Therefore, it is rejected under the same rationale.

Regarding claim 13, it is a system type claim having similar limitations as of claim 3. Therefore, it is rejected under the same rationale.

Regarding claim 15, it is a system type claim having similar limitations as of claim 5. Therefore, it is rejected under the same rationale.

Regarding claim 16, it is a system type claim having similar limitations as of claim 6. Therefore, it is rejected under the same rationale.

Regarding claim 17, it is a system type claim having similar limitations as of claim 7. Therefore, it is rejected under the same rationale.

Regarding claim 18, it is a system type claim having similar limitations as of claim 8. Therefore, it is rejected under the same rationale.

Regarding claim 19, it is a system type claim having similar limitations as of claim 9. Therefore, it is rejected under the same rationale.

Regarding claim 20, it is a system type claim having similar limitations as of claim 10. Therefore, it is rejected under the same rationale.

Claims 4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Chang and Chambliss, as applied to claim 1, in further view of Gilpin et al. (US PGPUB US 2018/0295126 A1).

Regarding claim 4, Chang teaches storing a user/token index table for future use (See at least ¶ [0039]) but neither Chang nor Chambliss do not expressly disclose further comprising storing the task token in memory for retrieval during an audit.  

further comprising storing the task token in memory for retrieval during an audit (¶ [0025]: relevant information about the transaction can be stored for future reference, use, auditing and/or other purposes. For example, the user identity associated with the submitted token can be stored by access layer 135 (operation 250) for future use (e.g., in an access layer storage unit 138).).  

	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gilpin with the teachings of Chang and Chambliss to further utilize stored user/token relationships for auditing purposes. The modification would have been motivated by the desire of understanding how access to resources was previously managed.

Regarding claim 14, it is a system type claim having similar limitations as of claim 4. Therefore, it is rejected under the same rationale.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Mortimore Jr. (US PGPUB US 2016/0072839 A1) FACILITATING DYNAMIC MANAGEMENT OF PARTICIPATING DEVICES WITHIN A NETWORK IN AN ON-DEMAND SERVICES ENVIRONMENT. See at least ¶ [0045], [0068], and [0069].
Ananthapur Bache et al. (US PGPUB US 2018/0324173 A1) STATEFUL SESSION MANAGER

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Meng-Ai T An can be reached on (571)-272-3756.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/JORGE A CHU JOY-DAVILA/Primary Examiner, Art Unit 2195