DETAILED ACTION
Election/Restrictions
Applicant’s election without traverse of (Group II: Claims 25-33) in the reply filed on 01/27/2021 is acknowledged.
	Claims 1-24 and 34-40 are canceled by the Applicant.
Claims 26-28 and 30-33 are amended.
Claims 41-51 are newly added.
Claims 5-9, 11-13 and 21-32 are pending in the application.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/09/2019.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 25-45 and 47-51 are rejected under 35 U.S.C. 102(a)(1) and/or 102(a)(2) as being anticipated by Maheshwari et al. (US Patent Application Publication No. 2012/0036558 A1) listed in IDS dated 12/09/2019 hereinafter Maheshwari.

Regarding Claims 25, 41, and 47, Maheshwari discloses a system, method, and medium comprising:
at least one processor (Fig. 5, CPU 502); and
memory (Fig. 5, working memory 518)  including instructions that, as result of execution by the at least one processor (para 0068, working memory 518 may include executable codes and associated data structures for one or more of the design-time or runtime components/services illustrated in FIGS. 1-3) cause the system to:
receive a request for access to a resource in a multi-tenant environment (Fig. 1, Protected Resource 110a-c) (para 0040, The access attempt is intercepted 240 by the Access Gate 108. The Access Gate 108 may then send an authorization request 242 to the Access Manager 112 to establish the permitted level of access of the User 106 to the Protected Resource 110 and para 0054, Fig. 3, step 302, receive user request to access protected resource), 
the request associated with a credential (certificate) (para 0042, The Access Manager 112 may then grant 252 the User 106 a certificate);
the access indicated by the request (para 0040, The process begins with User 106 attempting to access the Protected Resource 110. The access attempt is intercepted 240 by the Access Gate 108);

determine that the credential was previously valid for at least a portion of the access indicated by the request (para 0042, The certificate may include the privileges granted to the User 106 and an expiration time of the certificate. In the present example, the certificate may be granted at a time referred to as T1 and may expire at a time T3, which is later than T1. Between time T1 and T2, the User 106 may access 254 the Protected Resource 110);
determine an amount of access to provide in response to the request (para 0047 The Access Manager 112 may then determine the new set of privileges that should be granted to the User 106, which in this example is a complete lock of the User 106, eliminating all privileges. The Access Manager 112 may then update 268 the Access Gate 108 to indicate the User 106 is now locked. At this point any further attempt by the User 106 to access the Protected Resource 110 is denied 270. As should be clear from FIG. 2(b), the User 106 is denied access to the Protected Resource 110 before the certificate granted in step 252 expires at time T3; and para 0053 In step 256 of FIG. 2(c), rather than the User 106 being locked, the User 106 may be updated to have privileges that are different than those granted in step 252. The level of access granted may be increased or decreased. At step 264, the Access Manager 112 again interacts with the User Data Repository 104 to retrieve the updated privileges, which as indicated in this example show that the User 106 is being restricted); and

Regarding Claims 26, 42, and 48, Maheshwari the computer-implemented method of claim 25, wherein the credential is determined to have been previously valid based at least in part on a prior policy (para 0037, 0042, and 0046 current privileges).
Regarding Claims 27, 43, and 49, Maheshwari the computer-implemented method of claim 25, wherein the credential is determined to be not valid for the access indicated by the request based at least in part on a current policy (para 0038, 0044-0047, 0053, and 0057, new/latest/updated privileges).
Regarding Claims 28 and 50, Maheshwari the computer-implemented method of claim 25, further comprising: as a result of determining that the credential is not valid for the access indicated by the request, determining that a time associated with the request is within a revocation period for the credential (para 0037, 0044 and 0051-0053, certificate expires at T3).
Regarding Claim 29, Maheshwari the computer-implemented method of claim 28, wherein the amount of access to provide is determined based at least in part on at least one access rule for the revocation period (para 0037, 0044 and 0051-0053, access increases or decreases).
Regarding Claim 30, Maheshwari the computer-implemented method of claim 25, wherein the amount of access is determined based at least in part on a time 
Regarding Claim 31, Maheshwari the computer-implemented method of claim 25, further comprising: authenticating an identity of a source of the request prior to providing the amount of the access (para 0041).
Regarding Claims 32 and 51, Maheshwari the computer-implemented method of claim 25, wherein: the request is for information of the resource; and the amount of the access is such that a portion of the information of the request is restricted for the request (para 0031 and 0053).
Regarding Claim 33, Maheshwari the computer-implemented method of claim 25, further comprising: as a result of determining that the credential was previously valid for at least the portion of the access indicated by the request determine a permission currently associated with the credential, wherein the amount of the access to provide in response to the request is determined based at least in part on the permission (para 0014, 0037 and 0042).
Regarding Claim 44,  Maheshwari the system of claim 41, wherein the instructions when executed further cause the system to: as a result of determining that the credential was previously valid for at least a portion of the access indicated by the request, determine an amount of time since a revocation of the credential is within a revocation period for the credential; and determine the level of access based at least in part upon the amount of time that has passed since a revocation of the credential, the 
Regarding Claim 45, Maheshwari the system of claim 41, wherein the amount of access includes at least one of a speed of access, an accessible amount of data, a number of access failures, or a number of accessible resources in the multi-tenant environment (para 0037 and 0053).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 46 is rejected under 35 U.S.C. 103 as being unpatentable over Maheshwari as applied to claim 41 and further in view of Lee et al. (US Patent Application Publication No. 2016/0094548 A1) hereinafter Lee.
Regarding Claim 46,  Maheshwari the system of claim 41, wherein the instructions when executed further cause the system to: consult at least one access rule to determine the level of access (para 0006 and 0011), but does not explicitly disclose the at least one access rule being user configurable. However, Lee discloses the at least one access rule being user configurable (para 0006, the user can configure a device access policy). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of claimed invention to modify Maheshwari’s 
Contact Information
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-892).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BAOTRAN N TO whose telephone number is (571)272-8156.  The examiner can normally be reached on M-F: 7-3.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph P Hirl can be reached on 571-272-3685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 


BAOTRAN N. TO
Primary Examiner
Art Unit 2435



	/BAOTRAN N TO/          Primary Examiner, Art Unit 2435