Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	This action is responsive to communication filed on: 23 December 2020 with acknowledgement of an original application filed on 2 May 2018 and a 371 of PCT filed 13 November 2015 in Sweden.
2.	1-3, 5-18, 21, 23, and 25-27, are currently pending.  Claims 1, 21, and 23, are independent claims.  Claims 4, 19, 20, 22, and 24, have been cancelled.  
Response to Arguments

3.	Applicant's arguments filed 23 December 2020 have been fully considered however they are not persuasive where noted below.
I)	In response to Applicant’s argument beginning on page 7, “Independent claim 1 further recites, in relevant part, the operation of “disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained…However, Applicant respectfully maintains that Er fails to disclose or suggest independent claim 1’s recitation of “disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained” … Er does not disclose or suggest “disabling or limiting access” to the “access agent” in response to “verification of at least one of the log entry and the new aggregate is not obtained”.  Rather Applicant respectfully submits that the Office Action gets the casual relationship backward by asserting the Er’s alleged disclosure of a user or system trying to circumvent or disable the access agent (which allegedly corresponds to claims 1’s disabling or limiting access to the service”) results in the inability to obtain verification of a log entry or a new aggregate.  Claim 1, though recites the opposite casual relationship – i.e., a failure to obtain “verification of at least one of the log entry and the new aggregate” results in “disabling or limiting access to the service”.
	The Examiner disagrees with the argument.  Below is independent claim 1: 
“A method for verifying a log entry in a communications system, the method being performed by a host server, the method comprising: 
obtaining a log entry of a service access tracker, the log entry indicating access to a service during a client session, the service being tracked by the service access tracker;	providing the log entry to a trusted third party for digital signing thereof using a digital trusted timestamping scheme;
verifying that the log entry has been digitally signed by the trusted third party;
	providing a new aggregate comprising the digitally signed log entry and a previous aggregate of previously digitally signed and aggregated log entries to the trusted third party for digital signing thereof using the digital trusted timestamping scheme;
	verifying that the new aggregate has been digitally signed by the trusted third party; and
	disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained.”

To reject the independent claims a 103 rejection was made in the previous and present office action with the combination of Buldas et al. U.S. Patent Application Publication No. 2014/0245020 (hereinafter ‘020)  and  Er et al. U.S. Patent Application Publication No. 2010/0325097 (hereinafter ‘097).
Buldas/’020 is directed to a verification system for verifying event logs using hash values and digitally signing the logs, see the Abstract, paragraphs 23-25 and 27.  The Abstract states “A 
Er/’097 is directed to a method for controlling electronic access to applications by audit logging, note the Abstract states “The present system, software, and methods allow for implementation of complex access audit and control rules even when the continued use of legacy application and data are required”.

It is the combination that teaches the claimed invention.  The Buddas/’020 reference teaches the underlined limitations of claim 1 below, see Buddas/’020 paragraphs 8-12, 23-24, 27, 35-37, 58-60 and 74-75.
The Er/’097 reference was utilized to teach the bolded limitations below, see paragraphs 39, 53, 57, 63, 104, 108.
“A method for verifying a log entry in a communications system, the method being performed by a host server, the method comprising: 
obtaining a log entry of a service access tracker, the log entry indicating access to a service during a client session, the service being tracked by the service access tracker;	providing the log entry to a trusted third party for digital signing thereof using a digital trusted timestamping scheme;
verifying that the log entry has been digitally signed by the trusted third party;
	providing a new aggregate comprising the digitally signed log entry and a previous aggregate of previously digitally signed and aggregated log entries to the trusted third party for digital signing thereof using the digital trusted timestamping scheme;
verifying that the new aggregate has been digitally signed by the trusted third party; and
	disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained.”

Note the Applicant’s representative argues the Examiner ‘However, Applicant respectfully maintains that Er fails to disclose or suggest independent claim 1’s recitation of “disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained” …Applicant submits that the Office Action gets the casual relationship backwards by asserting that Er’s alleged disclosure of a user or system trying to circumvent or disable the access agent’

The Examiner disagrees with this argument the claim states “disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained”.  Er teaches an access agent that tracks and controls user access to applications (i.e. provides log entries), throughout the disclosure for example see paragraphs 12-13, 18, 20, and 39.
In the previous rejections as well as below the Office Action cites paragraphs 39, 57, 104, and 108 of the Er/’097 reference to more explicitly teach the limitation “disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained” because Er/’097 teaches not allowing a user to bypass the access agent, therefore if the access agent is disabled a log entry would not be obtained.

The Applicant indicates the “Office Action gets the casual relationship backwards”, the Examiner disagrees and notes the claim itself seems backwards, the log entry is initiated upon 

(Examiner’s Amendment Suggestion) A method for verifying a log entry in a communications system, the method being performed by a host server, the method comprising: 
obtaining a log entry of a service access tracker, the log entry indicating access to a service during a client session, the service being tracked by the service access tracker;	providing the log entry during the client session to a trusted third party for digital signing thereof using a digital trusted timestamping scheme;
verifying that the log entry has been digitally signed by the trusted third party, during the client session;
	providing a new aggregate comprising the digitally signed log entry and a previous aggregate of previously digitally signed and aggregated log entries to the trusted third party for digital signing thereof using the digital trusted timestamping scheme, during the client session;
	verifying that the new aggregate has been digitally signed by the trusted third party; and
	disabling or limiting during the client session access to the service in case verification of at least one of the log entry and the new aggregate fails verification.

The Examiner notes an updated search was performed with the suggested amendment, however it appears Makower et al. U.S. Patent Application 2002/0184507, paragraphs 36, 38and 44-45 
Claim Rejections – 35 USC § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


5.	Claims 1-3, 6-18, 21, and 23 rejected under 35 U.S.C. 103 as being unpatentable over Buldas et al. U.S. Patent Application Publication No. 2014/0245020 (hereinafter ‘020) in view of Er et al. U.S. Patent Application Publication No. 2010/0325097 (hereinafter ‘097).

	As to independent claim 1, “A method for verifying a log entry in a communications system, the method being performed by a host server, the method comprising: obtaining a log entry of a service access tracker, the log entry indicating access to a service during a client session, the service being tracked by the service access tracker” is taught in ‘020 paragraphs 23-24, 27, note the invention provides a digital data-signing scheme in context of signing event logs / wherein the logs consists of blocks / wherein a new block (log entry) is started upon the occurrence of one or more starting events …such as …execution of chosen process;

	“providing a new aggregate comprising the digitally signed log entry and a previous aggregate of previously digitally signed and aggregated log entries to the trusted third party for digital signing thereof using the digital trusted timestamping scheme” is disclosed in ‘020 paragraph 29; 
	“and verifying that the new aggregate has been digitally signed by the trusted third party” is taught in ‘020 paragraphs 8-12, 35-37, 58-60 and 74-75;

the following is not explicitly taught in ‘020: 
	“providing the log entry to a trusted third party for digital signing thereof using a digital trusted timestamping scheme” however ‘097 teaches an access agent that includes an audit logging module that sends audit logs to a server (i.e. trusted third party) and provides reports that include time/date of the event as well as real-time tracking of events in paragraphs 39, 53, 57, and 63;
	“disabling or limiting access to the service in case verification of at least one of the log entry and the new aggregate is not obtained” however ‘097 teaches in paragraph 104, since the access agent is central to the tracking and controlling of application and data, some embodiments of the invention incorporate safeguards to block attempts to circumvent and/or disable (herein, "kill") the access agent / also see ‘097 paragraphs 39 and 57. If a user or system tries to circumvent and/or disable the access agent verification of at least one of the log entries or new aggregate would not be able to be attained. The measures or safeguards taken in Er to prevent the circumventing and/or disabling are interpreted equivalent to "limiting access to service" also note 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a verification system and security system for records (i.e. logs) taught in ‘020 to include a means to provide the log to a trusted third party.  One of ordinary skill in the art would have been motivated to perform such a modification to gain the ability to effectively track the use of application as well as control access to applications see ‘097 paragraphs 7-9. 
	As to dependent claim 2, “The method according to claim 1, wherein the service is run on a virtual machine hosted by the host server” is taught in ‘020 paragraph 21.
	As to dependent claim 3, “The method according to claim 1, further comprising: obtaining an indication that the service tracked by the service access tracker has been accessed; and determining, in response thereto, whether to obtain the log entry or not” is shown in ‘020 paragraph 27.
	As to dependent claim 7, “The method according to claim 1, wherein the log entry comprises at least one of a boot timestamp, a timestamp of start of access to the service, and a random number having been generated at the start of the service” is taught in ‘020 paragraphs 66-67.
	As to dependent claim 8, “The method according to claim 1, wherein the log entry comprises at least one of a virtual hardware identifier, a Media Access Control, MAC, address, and an Internet Protocol, IP, address of a virtual machine running the service” is shown in ‘097 paragraphs 73-74.

	As to dependent claim 10, “The method according to claim 1, wherein the aggregate of previously digitally signed log entries comprises previously digitally signed log entries having been aggregated during a predefined time period” is taught in ‘020 paragraph 27.
	As to dependent claim 11, “The method according to claim 1, wherein verifying that the log entry has been digitally signed by the trusted third party comprises: identifying a hash of the log entry in a top hash of a hash tree provided by the trusted third party” is shown in ‘020 Abstract, paragraphs 29-31.
	As to dependent claim 12, “The method according to claim 1, wherein verifying that the new aggregate has been digitally signed by the trusted third party comprises: identifying a hash of the new aggregate in a top hash of a hash tree provided by the trusted third party” is shown in ‘020 paragraphs 29-31.
	As to dependent claim 13, “The method according to claim 1, wherein the verifying that the new aggregate has been digitally signed is performed within a predefined time duration from having provided the new aggregate to the trusted third party for digital signing” is disclosed in ‘020 paragraphs 7 and 112.
	As to dependent claim 14, “The method according to claim 1, further comprising: providing an indication of the log entry to a service utilization analyzer” is taught in ‘097 paragraphs 12 and 19-20.
	As to dependent claim 15, “The method according to claim 14, wherein the indication is the digitally signed log entry” is shown in ‘097 paragraphs 39, 57, 63, 96, and 112.

	As to dependent claim 17, “The method according to claim 1, wherein the digital trusted timestamping scheme is a hash-linking based digital timestamping scheme” is taught in ‘020 paragraphs 27 and 29-31.
	As to dependent claim 18, “The method according to claim 17, wherein the hash-linking based digital timestamping scheme is a hash calendar” is shown in ‘0202 paragraphs 31, 107, 109, and 111-113.
	As to independent claim 21, this claims is directed to a host server executing the method of claim 1; therefore it is rejected along similar rationale.
	As to independent claim 23, this claim is directed to a computer program executing the method of claim 1; therefore it is rejected along similar rationale.
6.	Claims 5 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Buidas et al. U.S. Patent Application Publication No. 2014/0245020 (hereinafter ‘020) in view of Er et al. U.S. Patent Application Publication No. 2010/0325097 (hereinafter ‘097) in further view of Rasmusson et al. WO 2012/112095 (hereinafter ‘095).
	As to dependent claim 5, the following is not explicitly taught in ‘020 and ‘097: “The method according to claim 1, further comprising: obtaining an indication of how many times the service has been accessed; and disabling or limiting access to the service if the service has been accessed more times than defined by a predefined threshold” however ‘095 teaches ‘in some instances rules include counters of how many times (i.e. threshold) certain events have occurred and action that should be taken when the counted events occurred in a present number of times 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a verification system and security system for records (i.e. logs) taught in ‘020 and ‘097 to include a means to disable or limit access to a service when a threshold has been reached.  One of ordinary skill in the art would have been motivated to perform such a modification to improve the security and access control when using virtual machines see ‘095 paragraphs 2-7-9. 
	As to dependent claim 6, “The method according to claim 5, further comprising: obtaining an indication of configuration of the predefined threshold” is taught in ‘095 paragraphs 6, 14, 32, and 38; 
	“and providing the indication to the trusted third party for digital signing thereof using the digital trusted timestamping scheme” is shown in ‘097 31, 107, 109, and 111-113.
7.	Claims 25-27 are rejected under 35 U.S.C. 103 as being unpatentable over Buidas et al. U.S. Patent Application Publication No. 2014/0245020 (hereinafter ‘020) in view of Er et al. U.S. Patent Application Publication No. 2010/0325097 (hereinafter ‘097) in further view of Chien U.S. Patent Application Publication No. 2007/0220605 (hereinafter ‘605).
	As to dependent claim 25, the following is not explicitly taught in ‘020 and ‘097: “The method of claim 1, wherein: the trusted third party comprises a local trusted party and a global trusted third party; the local trusted third party and the global trusted third party are separated by a firewall and the local trusted third party is logically located at the same side of the firewall as the host server” however ‘605 teaches an online service that logs when a user account is accessed and provides a copy of the log to the user so that the user has a local log file maintained on the 
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention of a verification system and security system for records (i.e. logs) taught in ‘020 and ‘097 to include a means to utilize local and global trusted parties.  One of ordinary skill in the art would have been motivated to perform such a modification to improve online accounts so that the account owners can detect unauthorized access see ‘605 paragraph 3.
	As to dependent claims 26 and 27, these claims contain substantially similar subject matter as claim 25; therefore they are rejected along similar rationale. 

Conclusion
THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
  The examiner can normally be reached from M-F 9 AM to 6PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
		If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeff Pwu can be reached at 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ELLEN TRAN/Primary Examiner, Art Unit 2433                                                                                                                                                                                                        1 March 2021