DETAILED ACTION

Currently pending claims are 1 – 20.


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 12 & 20 are  rejected under 35 U.S.C. 101 because the claimed invention may be directed to software per se which is directed to non-statutory subject matter.  Examiner notes for a system / device claim, at least one recited element, in the claim body, must be a hardware component; however, the claim recited as (i) a functional unit (i.e. a data processing unit) may be reasonably interpreted as being not limited to hardware elements and (ii) a computer readable medium, as recited in the claim, may be reasonably interpreted as being intended to include communication media that include signals / carrier waves which “bear" instructions as claimed according to the disclosure of the specification (SPEC: Para [0085]) and as such, the claim may be merely directed to software per se as a non-statutory subject matter for an apparatus claim.  It is respectfully suggested by the Examiner to amend the claim limitation in the claim body, for example, to explicitly include (comprise) “at least one hardware processor (or processor device)”.   Any other claims not addressed are rejected by virtue of their dependency

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1 – 20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Tan et al. (U.S. Patent 2017/0235490). 

As Claim 1, Tan teaches a method for controlling access to data stored in a cloud-based storage service, the method comprising: 
storing, at the cloud-based storage service, data associated with a user account (Tan: Para [0056] Line 2 – 8: securely storing digital content in a cloud network system using a protected user account w.r.t. an authorized session); 
associating a portion of the data with a heightened authentication protocol (Tan: see above & Figure 2A / E-225 & E-260 and Para [0080]: a process to enable multiple layers of authentication tiers of protection for securely stored digital content constitutes a heightened authentication protocol); 
receiving, at the cloud-based storage service, a request for an application to access data that is associated with the heightened authentication protocol (Tan: see above & Figure 2A and Para [0073]: starting an authentication session to access data upon receiving user’s username and password for an access request);
authenticating the request based on the heightened authentication protocol (Tan: see above & Figure 2A and Para [0073] – [0077]: including a primary and a secondary authentocation sessions); 
in response to authenticating the request, granting permission to the application to access the data that is associated with the heightened authentication protocol, wherein the permission is time-limited (Tan: see above, Figure 2A & Para [0058] and Para [0077] / [0073]: (a) granting the access permission w.r.t. the heightened authentication protocol in response to authenticating the user request and (b) a session timer can be started to allow the user to access the shared digital content, wherein the session timer is set to limit / control access time w.r.t. accessing the requested digital content); 
determining that a time limit has been reached (Tan: see above & Para [0057]: the access timer has expired); 
in response to determining that the time limit has been reached, determining that the application is editing the data that is associated with the heightened authentication protocol (Tan: see above & Para [0199] / [0266] and Para [0057] / [0058] / [0077]: (a) a chain of grouping digital content (containing one or more files / folders) can be created and accordingly, associated usage restrictions on resources are applied such as copying, editing and transferring the files and (b) the access timer w.r.t. the usage restrictions can be extended once the access timer has expired); and 
temporarily extending the permission for the application to access the data while the application is editing the data (see above).  

As per claim 12 & 20, the claim limitations are met as the same reasons as that set forth in the paragraph above regarding to claim 1 with the exception of the feature(s) of opening a new session to allow the application to continue editing the data (Tan: see above, Para [0057] Last sentence, Para [0199] / [0266] and Para [0058] / [0077]: (a) a chain of grouping digital content (containing one or more files / folders) can be created and accordingly, associated usage restrictions on resources are applied such as copying, editing and transferring the files and (b) an extended (NEW) session can be started, with each time increment such as 5 minutes, to limit / control the access of the digital content).

As Claim 2, Tan teaches wherein extending the permission comprises generating a child token associated with a secondary policy that is derived from an original token associated with the request (Tan: see above, Figure 1 / E-115 & E-125, Figure 7B / E-712 & Para [0057] / [0058] / [0077] and Para [0058]: including a token timer as per the tier 2 secondary autentication policy, which can be extended, with a time increment such as 5 minutes, to another session construed as a child token timer).  

As Claim 3, Tan teaches wherein the secondary policy of the child token is disjoint from the original token (Tan: see above, Figure 1 / E-115 & E-125, Figure 7B / E-712 & Para [0057] / [0058] / [0077] and Para [0058]: each token timer when extended is disjoint from the parent (original) token timer). 

As Claim 4, 15 and 17, Tan teaches wherein the secondary policy of the child token is derived from the original token (Tan: see above, Figure 1 / E-115 & E-125, Figure 7B / E-712 & Para [0057] / [0058] / [0077] and Para [0058]: once the original token is expired, a child token can be started accordingly and thus, the child token is derived from the original token).  

As Claim 5, 16 and 18, Tan teaches wherein a lifetime for the secondary policy of the child token is disjoint from the original token (Tan: see above and Para [0057] Last sentence: a total number of sessions (i.e. the lifetime of token timer), with each time increment such as 5 minutes, can be limited to access the digital content).

As Claim 6 and 19, Tan teaches wherein a lifetime for the secondary policy of the child token is tied to the original token (Tan: see above and Para [0057] Last sentence: (a) a total number of sessions (i.e. the lifetime of token timer) to access the digital content can be limited as well and (b) once the original token is expired, a child token can be started with a limited (total) number of sessions, with each time increment such as 5 minutes, accordingly and thus, the child token is derived from the original token).  

As Claim 7 – 8 and 13, Tan teaches wherein the permission is limited to the data being edited (Tan: see above & Para [0199] / [0266] and Para [0057] / [0058] / [0077]: (a) a chain of grouping digital content (containing one or more files / folders) can be created and accordingly, associated usage restrictions on resources are applied such as copying, editing and transferring the files).  

As Claim 9, Tan teaches wherein the permission is temporarily extended without requiring a new authentication (Tan: see above & Para [0073] Line 1 – 4 and Para [0080]).  

As Claim 10, Tan teaches wherein the permission is temporarily extended for a time increment (Tan: see above & Para [0057]: with a time increment such as 5 minutes).  

As Claim 11, Tan teaches wherein temporarily extending the permission is limited to a maximum total extension time (Tan: see above and Para [0057] Last sentence: a maximum total extension time, with each time increment such as 5 minutes, can be limited to access the digital content).  





Allowable Subject Matter
Claim 14 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788.  The examiner can normally be reached on Monday - Friday 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.










Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


---------------------------------------------------
                  /Longbit Chai/
           Longbit Chai E.E. Ph.D.
    Primary Examiner, Art Unit 2431
                   No. #2271 – 2021
---------------------------------------------------