DETAILED ACTION

Notice of Pre-AIA  or AIA  Status

The present application is being examined under the pre-AIA  first to invent provisions.

This Final Office Action is responsive to Applicant's amendment filed on 28 December 2020.  Applicant’s amendment on 28 December 2020 amended Claims 2-6.  Currently Claims 2-7 are pending and have been examined, claims 1, 8, and 9 were previously withdrawn.  The Examiner notes that the 101 rejection has been withdrawn.  .  

Examiner’s Note

The claim recites the combination of additional elements of requesting, receiving, identifying and analyzing automatically and dynamically without human intervention the management of authority and access between multiple computing environment elements. The claim as a whole integrates the mental process into a practical application. Specifically, the additional elements recite a specific manner of automatically determining the management and authority and access between computing environments which provides a specific improvement over prior systems, resulting in an improved user interface for electronic devices. Thus, the claim is eligible because it is not directed to the recited judicial exception. 

Response to Arguments

Applicant's arguments filed 28 December 2020 have been fully considered but they are moot in view of new grounds of rejection as necessitated by amendment.


Claim Rejections - 35 USC § 102

The following is a quotation of the appropriate paragraphs of pre-AIA  35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this or a foreign country, before the invention thereof by the applicant for a patent.

Claim(s) 2-7 is/are rejected under pre-AIA  35 U.S.C. 102(a)(1) as being anticipated by Bernardi et al. (U.S. Patent Publication 2006/0174037 A1) (hereafter Bernardi).

	Referring to Claim 2, Bernardi teaches a method to:

manage authority and within a computing environment having a plurality of elements with attributes and at least one activity that a first computing environment element can perform that includes a second computing environment element, and having at least one rule specifying use of at least one attribute of the second computing environment element to automatically and dynamically without human intervention determine whether the activity is allowed to be performed by the first computing environment element, the method comprising: (see; par. [0285] of Bernadi teaches the management of authority to access to multiple devices based on each device, user and application, par. [0011]-[0014] that use composite identity to provide different elements with attributes for different elements, par. [0167] that provides allowances based on identifiers, and further uses par. [0245] roles to determine what policy settings are used).

requesting, by the first computing environment element, an activity that includes the second computing environment element from the plurality of computing environment elements, wherein the first computing environment element is selected from a first group consisting of a user, a process, an application, a function, a device, a machine, a team, and a group and wherein the second computing environment element is selected from a second group consisting of a user, a file, a page, a web site, a document, data, a function, a process, an application, a device, a machine, a team, a group, a resource, a rule, and a task (see; par. [0285] of Bernadi teaches the management of authority to access to multiple devices based on each device, where the devices are viewed as multiple possible elements par. [0016] which can include a second computing device (i.e. element) denoted by an end point, par. [0167] and can allow access to one of thousands of devices, and provides a par. [0285] an example of a computing environment and multiple elements interacting to determine allowing a specific user on a specific device to access data (i.e. different elements)).

receiving, by a processor within the computing environment, the request by the first computing environment element to perform an activity that includes the second computing environment element (see; par. [0285] of Bernadi teaches a computing environment including multiple elements interacting to determine an allowance for a specific user on a specific device and includes par. [0046] presented data from (i.e. presenting) an environment that takes into account the device and user at one or many possible devices, par. [0167] and includes thousands of devices).

identifying, by a processor within the computing environment, the activity requested by the first computing environment element (see; par. [0046] of Bernardi presented data from (i.e. presenting) an environment that takes into account the device and user at one or many possible devices, par. [0011]-[0014] which is used to determine the devices users can access as endpoints).

identifying, by a processor within the computing environment, the at least one rule specifying use of at least one attribute of at least the second computing environment element to automatically and dynamically without human intervention determine whether the activity requested by the first computing environment element is allowed to be performed by the first computing environment element (see; par. [0156] of Bernardi determining the authorization to perform with elements in the environment, par. [0167] and can allow access to one of thousands of devices, and provides a par. [0285] an example of a computing environment and multiple elements interacting to determine allowing a specific user on a specific device to access data (i.e. different elements), and par. [0245] utilizing specific rules to determine the policy of applying sessions between users and devices, including specifically a par. [0016] second computing device (i.e. element)).

analyzing, by a processor within the computing environment, the identified at least one rule specifying use of at least one attribute of at least the second computing environment element to identify the at least one attribute of at least the second computing environment element that is to be evaluated by the identified at least one rule (see; par. [0010]-[0014] of Bernardi the use of policy rules, par. [0077] to make authorization determinations, par. [0099] determine attributes as to what can be performed and par. [0245] utilizing specific rules to determine the policy of applying sessions between users and devices, including specifically a par. [0016] second computing device (i.e. element)).

dynamically collecting, by a processor within the computing environment, the current value of the identified at least one attribute of at least the second computing environment element that is to be evaluated by the identified at least one rule (see; par. [0167] of Bernardi can allow access to one of thousands of devices, and provides a par. [0285] an example of a computing environment and multiple elements interacting to determine allowing a specific user on a specific device to access data (i.e. different elements, and par. [0077] to make authorization determinations, par. [0099] including determining using attributes as to what can be performed and par. [0245] utilizing specific rules to determine the policy of applying sessions between users and devices, including specifically a par. [0016] second computing device (i.e. element)).


determining in real time, by a processor within the computing environment automatically and dynamically without human intervention analyzing the identified at least one rule using the collected current value of the identified at least one attribute of at least the second computing environment element. If the requested activity is allowed to be performed by the first computing environment element (see; par. [0099] of Bernardi teaches determining using attributes as to what can be performed and par. [0245] utilizing specific rules to determine the policy of applying sessions between users and devices, including specifically a par. [0016] second computing device (i.e. element), par. [0285] a computing environment including multiple elements interacting to determine an allowance for a specific user on a specific device (i.e. first environment)).

generating, by a processor, the first element authority to access the second element if the requested activity is allowed to be performed by the first computing environment element (see; par. [0167] of Bernardi teaches can allow access to one of thousands of devices, and provides a par. [0285] an example of a computing environment and multiple elements interacting to determine allowing a specific user on a specific device to access data (i.e. different elements, and par. [0077] to make authorization determinations, par. [0099] including determining using attributes as to what can be performed and par. [0245] utilizing specific rules to determine the policy of applying sessions between users and devices, including specifically a par. [0016] second computing device (i.e. element)).

generating, by a processor, the first element access to the second element if the requested activity is allowed to be performed by the first computing environment element based at least on the at least one attribute of at least the second element (see; a par. [0285] of Bernardi teaches an example of a computing environment and multiple elements interacting to determine allowing a specific user on a specific device to access data (i.e. different elements), and par. [0077] to make authorization determinations, par. [0099] including determining using attributes as to what can be performed, par. [0167] and can allow access to one of thousands of devices (i.e. first and second element)).

generating, by a processor, the first element authority to perform the requested activity if the requested activity is allowed to be performed by the first computing environment element (see; a par. [0285] of Bernardi teaches an example of a computing environment and multiple elements interacting to determine allowing a specific user on a specific device to access data (i.e. different elements)).

Automatically implementing, by a processor within the computing environment, the activity requested by the first computing environment element if the at least one rule analyzing at least the collected current value of the identified at least one attribute of at least the second computing environment element determined that the activity is allowed to be performed by the first computing environment element (see; par. [0156] of Bernardi teaches assigning policy roles for management activities, that include par. [0237] rules to allow interaction of roles, par. [0215] that determines who and what may register as part of the authentication, par. [0245] that identify using rules as to what policy setting are used, as well as the par. [0011]-[0014] use of a composite identity to provide different elements with attributes for different elements).

	Referring to Claim 3, see discussion of claim 2 above, while Bernardi teaches the method above, Bernardi further discloses a method having the limitations of:

the second computing environment element is the resource the first computing environment element is requesting to act upon (see; par. [0167] of Bernardi teaches allowing access to one of thousands of devices (i.e. environment, and provides a par. [0285] an example of a computing environment and multiple elements interacting to determine allowing a specific user on a specific device to access data (i.e. different elements)).


	Referring to Claim 4, see discussion of claim 2 above, while Bernardi teaches the method above, Bernardi further discloses a method having the limitations of:

the access includes view privileges as determined by rules evaluating the attributes of at least the second element (see; par. [0136] of Bernardi teaches allowing different levels of trust and access during authentication based on rules, par. [0245] utilizing specific rules to determine the policy of applying sessions between users and devices (i.e. level of privileges are different)).


	Referring to Claim 5, see discussion of claim 2 above, while Bernardi teaches the method above, Bernardi further discloses a method having the limitations of:

the authority to perform the requested activity includes create, modify, move, and delete privileges as determined by rules evaluating the attributes of at least the second element (see; par. [0093] of Bernardi teaches the creating, modifying, and deleting of identities for devices, users, and applications, par. [0094] where there are credentials for the different identities (i.e. attributes)).


	Referring to Claim 6, see discussion of claim 2 above, while Bernardi teaches the method above, Bernardi further discloses a method having the limitations of:

routing, when the rule determines that the activity is not allowed by the first element, a request for approval to implement the activity to another element having the authority to implement the activity as determined by rule (see; par. [0099] of Bernardi teaches the routing using policy rules between multiple, that include par. [0136]-[0140] gaining access to devices based on permission and trust levels, where par. [0191]-[0193] requests are used in order to route for the registration for the different devices (i.e. elements)).


	Referring to Claim 7, see discussion of claim 2 above, while Bernardi teaches the method above, Bernardi further discloses a method having the limitations of:

actively managing, upon implementing the allowed activity, attributes of each element to be modified by the allowed activity according to rules associated with the allowed activity (see; par. [0215] of Bernardi teaches the managing of a registration request that specifies the rules for the identity, specifically to par. [0245] utilize specific rules to determine the policy of applying sessions between users and devices, to perform par. [0285] of Bernadi the ability with authority to access to multiple devices based on each device and perform the desired activity). 

Conclusion

The prior art made of record and not relied upon considered pertinent to Applicant’s disclosure.
Delany et al. (U.S. Patent Publication 2002/0138572 A1) discloses determining a user’s groups.
Ward et al. (U.S. Patent Publication 2003/0163686 A1) discloses a system and method for Ad Hoc management of credentials, trust relationships and trust history in computing environments.
McNabb et al. (U.S. Patent 6,289,462 B1) discloses a trusted compartmentalized computer operating system.
Spoute (U.S. Patent Publication 2004/0133876 A1) discloses a system and method for the composition, generation, integration and execution of business processes over a network.
Goodman et al. (U.S. Patent 7,020,697 B1) discloses architectures for netcentric computing systems.
Corley et al. (U.S. Patent Publication 2007/0094711 A1) discloses method and system for dynamic adjustment of computer security based on network activity of users.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to STEPHEN S SWARTZ whose telephone number is (571)270-7789.  The examiner can normally be reached on Mon-Fri 9:00 - 6:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Gart Matthew can be reached on 571 272-3955.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/SSS/
Patent Examiner, Art Unit 3623

/ANDRE D BOYCE/Primary Examiner, Art Unit 3623