DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to communication filed 03/08/2021. Claims 1, 6, 8-10, 13, 15-16 and 18-20 are amended and claims 1-16 and 18-20 remain pending.

Remarks
Claim Objections:
In response to corrective amendments, respective claim objections per claims 6, 8, 13 and 15 are withdrawn.

35 U.S.C. 112(f) – Claim Interpretation:
Per claims 1, 4-7 and 12-14, although the indicated means-plus-function claim interpretation of record has not been argued, after further consideration of the scope and specifically in light of the arguments, it is noted and now being clarified on the record that the means-plus-function claim interpretation is improper because a method claim that includes an explicit recitation of “step of” (or an implicit interpretation of it), is nonetheless required to include an explicit recitation of a non-structural term (i.e., a generic placeholder such as means) performing a function to satisfy the required three-prong for a presumption of means-plus-function claim interpretation. 


35 U.S.C. 101:
Per claim 16, the rejections pertaining to software per se and abstract idea rejections are herein withdrawn in response to the filed amendments. Per canceled claim 17, all rejections are moot.

Response to Arguments
Applicant’s arguments, Remarks: page 14-15 filed 03/08/2021, with respect to amended claim(s) 1-16 and 18-20 have been considered fully considered but they are not persuasive.
Applicant argues “Zarchy simply discloses that an access token may be generated that includes an expiration indicator. See, e.g., Zarchy, paragraphs [0031], [0032], [0057] and Fig. 5. The Examiner seems to be equating this expiration indicator to the invalidation flag of claim 1. However, it is not clear what features in Zarchy the Examiner believes are equivalent to the other features in the storing step of claim 1, namely storing at the token storage unit of the client system, and storing ... in response to receiving the rejection message. Thus, Applicant respectfully submits that Zarchy fails to disclose the step of storing, at the token storage unit of the client system, an invalidation flag associated with the stored access token, in response to receiving the rejection message indicating that the stored access token is not valid for receiving the protected resource, as presently claimed” – Remarks: pages 14-15.
“Access-token data 514 may comprise at least a portion of one or more access-tokens generated by server device 104.  Access-token data 514 may include at least a portion of access-token 400, such as expiration indicator 408.  Access-token data 514 may also include an expired expiration indicator. For example, access-token data 514 may include an expiration indicator that was generated by and received from server device 104 prior to user device 102 generating access-token request 300.  The expiration indicator 308 may comprise an expired expiration indicator stored as access-token data 514” – par. 0057, Zarchy additionally discloses that “Expiration indicator 308 may or may not be expired at the time access-token request 300 is transmitted to server device 104” – par. 0044 – Note: the expiration indicator may well be expired at the time an access-token request is submitted, then Zarchy further discloses “if the previously-generated access-token includes an expired expiration indicator…, execution of the program instructions to generate the access-token may include processor 800 modifying the expired expiration indicator (so that it is no longer expired) …, and including the modified expiration indicator … within the access-token being generated” – par. 0077 – Note: The access token maintenance is performed if the previously-generated access-token includes an expired expiration indicator, i.e., after it is established that the expiration indicator is expired at the time an access-token request is submitted. At that point, the previously-generated access token 514 (in the User/Client Device 102) is modified, i.e., re-stored, to include the modified token or the modified portion of the previously-generated access-token. 
Mogaki in view of Zarchy discloses “storing, at the token storage unit of the client system, an invalidation flag associated with the stored access token in response to receiving the rejection message indicating that the stored access token is not valid for receiving the protected resource” because such full or partial modification of access token data 514 (in the User/Client Device 102) is in response to the access token request failure/rejection.

Nonetheless, after further consideration of the amended scope claims 5-8 and 12-15 and an updated search new grounds of rejection have been necessitated.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

1.	Claims 1-4, 9-11, 16 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Mogaki, US2014/0230020 A1 in view of Zarchy, US2010/0251352 A1.

Per claim 1, Mogaki discloses computer-implemented method comprising: 
receiving, at a client system (Note: equivalent to the external service system 103 (client) – par. 0085) from a user device (Note: equivalent to information terminal 102A – par. 0092), a first access request comprising a first instruction to access a protected resource stored at a resource system (FIGS. 12A and 12B show the sequence of authorization processing executed  – Mogaki: par. 0118 – Note: In step S1002, the external service system 103 accepts the form generation instruction from the information terminal 102A.  After that, the external service system 103 confirms whether or not it possesses an access token to the form service system 105 in the authorization information management table 600… If the external service system 103 does not possess any access token to the form service system 105, it transmits an authorization request to the access management service system 104 in step S1003. – par. 0093); 
transmitting, from the client system to an authorisation system, a token request for an access token for accessing the protected resource, in response to the first access request (In step S1012, the external service system 103 stores the received authorization code in the authorization code table 610.  After that, the external service system 103 transmits an access token request as an issuance request of an access token together with the authorization code and a client ID and password stored in the authentication information table 620 to the access management service system 104…In step S1016, the access management service system 104 generates an access token and refresh token – Mogaki: par. 0101 and 0105 – Note: the access management service system 104 redirects the Web browser (not shown) included in the information terminal 102A to the external service system 103, and returns the generated authorization code to the external service system 103 as a response to the request in step S1003 – par. 0100); 
(In step S1016, the access management service system 104 generates an access token and refresh token…the access management service system 104 sets the generation times of the tokens in the access token issuance date and time 902 and refresh token issuance date and time 905.  Also, the access management service system 104 sets a valid period of the access token in the access token valid date and time 903, and that of the refresh token in the refresh token valid date and time 906… the access management service system 104 returns the generated access token and refresh token to the external service system 103 as a response of step S1013 – Mogaki: par. 0105 and 0107); 
storing the access token at a token storage unit of the client system (In step S1017, the external service system 103 stores the received access token and refresh token in the authorization information management table 600 managed by the token manager 305.  More specifically, the external service system 103 sets the received access token in the access token ID 602, and sets the received refresh token in the refresh token ID 603 and initial refresh token ID 604 – Mogaki: par. 0108 – Note: See Fig. 3, wherein token manager 305 is part of the client system, i.e., to the external service system 103 (client) – par. 0085); 
receiving a rejection message, at the client system, indicating that the stored access token is not valid for receiving the protected resource (In step S1007, upon reception of the authentication error, the external service system 103 generates an authentication error screen  In step S1015, the external service system 103 receives the authentication error or authorization error from the access management service system 104.  The external service system 103 generates an authentication or authorization error screen (not shown) corresponding to the received error, and sends that screen to the information terminal 102 – Mogaki: par. 0110 and 0113); and 
Although Mogaki discloses storing, at the token storage unit of the client system, an invalidation flag associated with the stored access token (In step S1401, an access management service system 104 invalidates access tokens corresponding to refresh tokens which are invalidated in steps S1302 and S1303.  More specifically, the access management service system 104 updates a value of access token valid date and time 903 to that of access token issuance date and time 902 in association with data in which invalidated refresh tokens are registered in an authorization information management table 900.  Note that invalidation is attained by updating the valid date and time of an access token, but it may be attained by other methods.  For example, an item of an access token valid flag may be defined in the authorization information management table 900, and invalidation may be attained by updating a value of that item – Mogaki: par. 0157 – Note: The authorization information management table 900 is managed by the access management service system 104 which is part of the authorization server; nonetheless, the latest access token and refresh token are kept synchronized between the external service system 103 (client) and access management service (Expiration indicator 308 may or may not be expired at the time access-token request 300 is transmitted to server device 104…Access-token data 514 may comprise at least a portion of one or more access-tokens generated by server device 104.  Access-token data 514 may include at least a portion of access-token 400, such as expiration indicator 408.  Access-token data 514 may also include an expired expiration indicator. For example, access-token data 514 may include an expiration indicator that was generated by and received from server device 104 prior to user device 102 generating access-token request 300.  The expiration indicator 308 may comprise an expired expiration indicator stored as access-token data 514…if the previously-generated access-token includes an expired expiration indicator and/or a text file, execution of the program instructions to generate the access-token may include processor 800 modifying the expired expiration indicator (so that it is no longer expired) and/or the text file, and including the modified expiration indicator and/or modified text file within the access-token being generated – Zarchy: par. 0044 and 0057 and 0077 – Note: The access token maintenance is performed if the previously-generated access-token includes an expired expiration indicator, i.e., after it is established that the expiration indicator is expired at the time an access-token request is submitted, the previously-generated access token 514 (in the 
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Mogaki in view of Zarchy to include storing, at the token storage unit of the client system, an invalidation flag associated with the stored access token in response to receiving the rejection message indicating that the stored access token is not valid for receiving the protected resource.
One of ordinary skill in the art would have been motivated because it would allow “to render program instructions 512 as executable if processor 500 determines that expiration indicator 408 is not expired, and to render the program instructions 512 as non-executable if processor 500 determines that expiration indicator 408 is expired” – Zarchy: par. 0032 – Note: accomplishes conditional execution of the second set of program instructions, i.e., program instructions 512.  

Per claim 16, Mogaki discloses an article of manufacture (FIG. 2 shows the logical arrangement of an information processing function of a server computer which executes software programs such as a Web site, Web application, and Web service that configure various servers shown in FIG. 1 – Mogaki: par. 0061) comprising:
a non-transitory computer processor readable medium (Mogaki: Fig. 2 – 204 and 205); and instructions stored on the medium (A CPU 203 executes programs loaded from a ROM 204, RAM 205, secondary storage device 206, and the like, and implements various services.  The ROM 204 is a storage device which records embedded programs and data.  The RAM  – Mogaki: par. 0062); wherein the instructions are configured to be readable from the medium by at least one computer processor (Mogaki: Fig. 2 – 203) and thereby cause the at least one computer processor to operate the method steps in accordance with the method of claim 1. 
Therefore, claim 16 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 1 above. 

Per claim 18, it recites a computer readable medium comprising instructions which, when executed by a computer, cause the computer to carry out the method of claim 1. 
Therefore, claim 18 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 1 above. 

Per claim 19, it recites a client system (Note: client system is equivalent to the external service system 103 (client) and information terminal 102A in the disclosure by Mogaki and is equivalent to intermediary device 112 and user device 102 in the disclosure by Zarchy) comprising processing circuitry configured to perform the method of claim 1. 
Therefore, claim 19 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 1 above. 

Per claim 20, it recites a client system (Note: client system is equivalent to the external service system 103 (client) and information terminal 102A in the disclosure by Mogaki and is equivalent to intermediary device 112 and user device 102 in the disclosure by Zarchy) comprising: a receiver and a transmitter (Note: a receiver and a transmitter is equivalent to the 
Therefore, claim 20 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 1 above. 

Per claim 2, Mogaki-Zarchy discloses the computer-implemented method of claim 1 further comprising: transmitting the stored access token from the client system to the resource system and, in response, receiving the rejection message (In step S1202, the external service system 103 sends a form generation request to the form service system 105 using the access token which is stored in the authorization information management table 600 and is required to use the form service system.  That is, the client transmits an access request required to request a service to the resource server.  Note that use is to transmit, together with a service request message, an access token indicating that a request source has been authorized in association with that request to a request destination.  Assume that the external service system 103 passes an access token "IJKL9012". [0121] In step S1203, the form service system 105 requests the access management service system 104 to verify the access token sent together with the form generation request. [0122] In step S1204, the access management service system 104 verifies the received access token…If the access token is not registered or if the access token is registered but it falls outside the valid period, the access management service system 104 returns an access token invalid message as a response – Mogaki: par. 0120-0122).

Per claim 3, Mogaki-Zarchy discloses the computer-implemented method of claim 1 further comprising: determining that the stored access token is associated with the invalidation flag and, in response, preventing the stored access token from being transmitted to the resource system (Intermediary device 112 may then transmit the expiration indicator with or without the rest of the access-token to user device 102.  After receiving the access-token, user device 102 may execute the first set of program instructions (or at least a portion of the first set of program instructions) so as to determine whether the expiration indicator is expired.  Based on the determination, user device 102 may thereafter render the second set of program instructions as executable or non-executable – Zarchy: par. 0032 – Note: rendering the second set of program instructions non-executable upon determining that the access token is expired reads on “preventing the stored access token from being transmitted to the resource” as part of a service or resource inquiry).
The same motivation to modify Mogaki in view of Zarchy applied to claim 1 above applies here.

Per claim 4, Mogaki-Zarchy discloses the computer-implemented method of claim 1.
Mogaki discloses “In step S1013, the access management service system 104 receives the access token request, and authenticates the external service system 103…the access management service system 104 returns the generated access token and refresh token to the external service system 103 as a response of step S1013. [0108] In step S1017, the external service system 103 stores the received access token and refresh token in the authorization  – Mogaki: par. 0102 and 0107-0108.
Mogaki is not relied on to disclose but in view Zarchy discloses further comprising: in response to the token request, receiving and storing an expiry time indicator in association with the access token at token storage unit (In accordance with an embodiment in which access-token request 300 includes a previously-generated access-token, execution of the program instructions to generate an access-token may include processor 800 modifying the previously-generated access-token (or at least a portion of the previously-generated access-token), and to include the modified token (or at the modified portion of the previously-generated access-token) within the access-token being generated.  In this regard, if the previously-generated access-token includes an expired expiration indicator and/or a text file, execution of the program instructions to generate the access-token may include processor 800 modifying the expired expiration indicator (so that it is no longer expired) and/or the text file, and including the modified expiration indicator and/or modified text file within the access-token being generated  – Zarchy: par. 0077); wherein the expiry time indicator is indicative of a time at which the corresponding access token will not be valid (Expiration indicator 408 may comprise any of a variety of computer-readable identifiers that allow user device 102 to determine whether expiration identifier 408 is expired, …  As an example, expiration identifier 408 may comprise data that represents an amount of time (e.g., 72 hours, 4,320 minutes, or 259,200 seconds) – Zarchy: par. 0047).


Per claim 9, Mogaki-Zarchy discloses the computer-implemented method of claim 1 further comprising: receiving, at the client system, a refresh token corresponding to the access token, wherein the refresh token is for use in obtaining a valid access token at the client system (In step S1013, the access management service system 104 receives the access token request, and authenticates the external service system 103… In step S1016, the access management service system 104 generates an access token and refresh token, and stores the generated tokens in the authorization information management table 900 managed by the authorization data manager 404… the access management service system 104 returns the generated access token and refresh token to the external service system 103 as a response of step S1013 – Mogaki: par. 0102-0107); and storing the refresh token at the token storage unit (In step S1017, the external service system 103 stores the received access token and refresh token in the authorization information management table 600 managed by the token manager 305 – Mogaki: par. 0108).

Per claim 10, Mogaki-Zarchy discloses the computer-implemented method of claim 9 further comprising, receiving a rejection message, at the client system, indicating that the refresh token is not valid for obtaining a valid access token (In step S1209, upon reception of the access token invalid message, the external service system 103 requests the access management service system 104 to execute refresh processing…If the received refresh token  – Mogaki: par. 0128-0134); and storing, at the token storage unit, an invalidation flag associated with the stored refresh token (In step S1215, the access management service system 104 invalidates the refresh token used in verification.  More specifically, the access management service system 104 updates a value of the refresh token valid date and time 906 to a value of the refresh token issuance date and time 905 in association with the corresponding refresh token in the authorization information management table 900.  Note that this embodiment invalidates the refresh token by updating the refresh token valid date and time, but the refresh token may be invalidated by other methods.  For example, an item of a refresh token valid flag may be defined in the authorization information management table 900, and the refresh token may be invalidated by updating a value of that item.  After that, the access management service system 104 returns the newly issued access token and refresh token to the external service system 103 as a response of step S1210 – Mogaki: par. 0136-0137 – Note: in the processes of step S1216, the external service system (client) receives the access token and refresh token and updates the values of the access token and refresh token of the form service system, which are registered in its table, i.e., the authorization information management table 600).

Per claim 11, Mogaki-Zarchy discloses the computer-implemented method of claim 10 further comprising: determining that the stored refresh token is associated with the invalidation (Since the external service system 103 stores the latest refresh token, if the valid period has expired without any refresh processing, all refresh tokens for the form service system should be invalid – Mogaki: par. 0151 – Note: For example, an item of a refresh token valid flag may be defined in the authorization information management table 900, and the refresh token may be invalidated by updating a value of that item – par. 0136) and, in response, preventing the stored refresh token from being transmitted to the authorisation system (By invalidating refresh tokens by the method described in the first embodiment, refresh processing from an illicit external service system can be prevented – Mogaki: par. 0159 – Note: transmitting the stored refresh token to the authorisation system is equivalent to “refresh processing”).

2.	Claims 5-6 and 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over Mogaki, US2014/0230020 A1 in view of Zarchy, US2010/0251352 A1 as applied to claims 4 and 11 above, and further in view of Matsugashita, US2017/0026376 A1.

Per claim 5, Mogaki-Zarchy discloses the computer-implemented method of claim 4.
Mogaki-Zarchy is not relied on to disclose but further in view of Matsugashita discloses wherein storing the invalidation flag comprises: setting the stored expiry time indicator associated with the access token to indicate a time that is before a current time (the token category would be a refresh token, and the time and date of the period that the refresh token is valid is registered as the period of validity … in a method of OAuth 2.0, the refresh token is controlled so as to be used only once.  Accordingly, in S612, the state of the refresh token of the token ID "rt_000001" is set as "invalid".  Note that as a process to set "invalid", – Matsugashita: par. 0086 and 0106).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Mogaki-Zarchy further in view of Matsugashita to include setting the stored expiry time indicator associated with the access token to indicate a time that is before a current time.
One of ordinary skill in the art would have been motivated because it would allow “invalidating the unnecessary refresh token … enables eliminating the state in which the third party can fraudulently use the API published by the resource server module 303” – Matsugashita: par. 0137.  

Per claim 6, Mogaki-Zarchy discloses the computer-implemented method according to claims 4.
Mogaki-Zarchy is not relied on to disclose but further in view of Matsugashita discloses further comprising token storage maintenance steps performed at the client system comprising: comparing the time indicated by the stored expiry time indicator with a current time (a case that the refresh token to be verified has reached the period of validity and is thereby invalid – Matsugashita: par. 0086 – Note: confirming the refresh token as invalid because has reached/passed the period of validity anticipates “comparing the time indicated by the stored expiry time indicator with a current time”);  
 (in a method of OAuth 2.0, the refresh token is controlled so as to be used only once.  Accordingly, in S612, the state of the refresh token of the token ID "rt_000001" is set as "invalid".  Note that as a process to set "invalid", not only using the state but methods such as updating the period of validity to a date and time in the past so that it can be treated as invalid, or deleting the record itself from the table so as to be invalid may be usedthe state of the refresh token of the token ID "rt_000001" is set as "invalid".  Note that as a process to set "invalid", not only using the state but methods such as updating the period of validity to a date and time in the past so that it can be treated as invalid, or deleting the record itself from the table so as to be invalid may be used – Matsugashita: par. 0106 – Note: wherein “rt_000001” is the token ID of the refresh token and the state of the refresh token set/stored as “invlaid” anticipates the stored expiry time indicator).  
The same motivation to modify Mogaki-Zarchy further in view of Matsugashita applied to claim 5 above applies here.

Per claim 12, Mogaki-Zarchy discloses the computer-implemented method of claim 11 wherein storing the invalidation flag comprises: setting the stored expiry time indicator associated with the refresh token to indicate a time that is before a current time as set forth in the rejection of claim 5 for the access token.
Therefore, claim 12 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 5 above. 

Per claim 13, Mogaki-Zarchy discloses the computer-implemented method of claim 11 further comprising token storage maintenance steps performed at the client system comprising: comparing the time indicated by the stored expiry time indicator with a current time; deleting the refresh token corresponding with the stored expiry time indicator, if the time indicated by the stored expiry time indicator is after the current time as set forth in the rejection of claim 6 for the access token.
Therefore, claim 13 is rejected based on the same analysis and motivation to combine as set forth in the rejection of claim 5 above. 

3.	Claims 7-8  and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over Mogaki, US2014/0230020 A1 and Zarchy, US2010/0251352 A1 and Matsugashita, US2017/0026376 A1 as applied to claims 6 and 13 above, and further in view of Pishinov, US2018/0139192 A1.

Per claim 7, Mogaki-Zarchy-Matsugashita discloses the computer-implemented method of claim 6, wherein the token storage maintenance steps are executed intermittently or according to a predetermined schedule is rendered obvious by Mogaki-Zarchy-Matsugashita because in accordance with KSR (MPEP: 2141 – III) Rationales Supporting Rejections under 35 U.S.C. 103), choosing from a finite number of identified predictable solutions with a reasonable expectation of success, i.e., intermittent or scheduled maintenance, is “Obvious to try”.
Furthermore, Mogaki-Zarchy-Matsugashita is not relied on to explicitly disclose but further in view of Pishinov discloses wherein the token storage maintenance steps are executed (Although described primarily as heuristically calculated, the token renewal request interval can also correspond to a defined period of time.  In some examples the token renewal request interval may be defined by a user, by a policy federated by an administrator, or some other defined amount of time, such as twice the configured lifetime of the token – Pishinov: par. 0029).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Mogaki-Zarchy-Matsugashita further in view of Pishinov to include wherein the token storage maintenance steps are executed intermittently or according to a predetermined schedule. 
One of ordinary skill in the art would have been motivated because it would allow “to facilitate a more efficient, adaptive token management system” wherein “expiration of the tokens is anticipated and renewal of the tokens is performed in anticipation of the expiration of the tokens” – Pishinov: par. 0014 – Note: Further and advantageously, by utilizing the disclosed heuristic approach for auto token renewal, tokens that fail the heuristic criteria are evicted from the cache. 

Per claim 8, Mogaki-Zarchy-Matsugashita-Pishinov discloses the computer-implemented method of claim 7 wherein the predetermined scheduled defines a time interval between adjacent executions of the token storage maintenance steps (At operation 302, the authentication module configures the lifetime of the token.  The lifetime may be based on user input, or other factors.  The duration of the lifetime of the token, and thus the time remaining before the token expires, is maintained in the token cache as part of the token data. This data is the lifetime for the token may be five minutes and the minimal remaining configurable lifetime is thirty seconds.  In this example, the interval may be scheduled to be three and a half minutes given a one-minute acquisition duration – Pishinov: par. 0028 and 0029 and 0030).
The same motivation to modify Mogaki-Zarchy-Matsugashita further in view of Pishinov applied to claim 7 above applies here.

Per claim 14, Mogaki-Zarchy-Matsugashita discloses the computer-implemented method of claim 13. Mogaki-Zarchy-Matsugashita is not relied on to explicitly disclose but further in view of Pishinov discloses wherein the token storage maintenance steps are executed intermittently or according to a predetermined schedule (Although described primarily as heuristically calculated, the token renewal request interval can also correspond to a defined period of time.  In some examples the token renewal request interval may be defined by a user, by a policy federated by an administrator, or some other defined amount of time, such as twice the configured lifetime of the token – Pishinov: par. 0029 – Note: as described in 
The same motivation to modify Mogaki-Zarchy-Matsugashita further in view of Pishinov applied to claim 7 above applies here.

Per claim 15, Mogaki-Zarchy-Matsugashita-Pishinov discloses the computer-implemented method of claim 14 wherein the predetermined scheduled defines a time interval between adjacent executions of the token storage maintenance steps (At operation 302, the authentication module configures the lifetime of the token.  The lifetime may be based on user input, or other factors.  The duration of the lifetime of the token, and thus the time remaining before the token expires, is maintained in the token cache as part of the token data. This data is relied upon by the authentication module to determine a token renewal request interval for the token. [0029] At operation 304, the authentication module schedules the token renewal request interval based upon the token data.  The token renewal request interval is based upon various token data stored in the token cache.  As an example, the token renewal request interval is a function of the remaining configurable lifetime of the token and the acquisition duration of the token…In some examples, the lifetime for the token may be five minutes and the minimal remaining configurable lifetime is thirty seconds.  In this example, the interval may be scheduled to be three and a half minutes given a one-minute acquisition duration – Pishinov: par. 0028 and 0029 and 0030).
.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 

Mogaki (US2014/0304837A1) discloses an authorization information management table 600 shown in FIG. 6 stored on/by the external service system construed as part of the (client) coordinated system and distinct from access management service system. The table 600 stores  an authorization token ID which anticipates a valid AT indicator for the client and a refresh token ID which anticipates a valid RT indicator for the client.

Karr (US8042163B1) discloses a storage device that associates an expiration time with a revocable token identifier, wherein the access server coordinates with storage device to specify the expiration time associated with a particular revocable token identifier.  Thus, in such an embodiment, access token 120 may not need to revoke a token identifier by sending a request to storage device 130 at the desired expiration time, but instead may be able to coordinate with storage device 130 to assign or associate the desired expiration time with the revocable token identifier and therefore allow storage device 130 to revoke the token identifier, and any access token including the token identifier, automatically at the appropriate time.



Lau (US6182124B1) discloses an expiring requirement that includes a grace period, wherein a future job to delete only the token on expiry of the deadline, without deactivating the token record in the token database is scheduled.  The Gateway schedules the job to deactivate the record to execute on expiry of the grace period, then, tokens will no longer be available to submitters on expiry of the deadline, but submissions legitimately packaged with tokens can continue to be accepted and checked at the Electronic Submissions Gateway up to expiry of the grace period.

Nishida (US2013/0003106A1) discloses wherein an operation flow is periodically executed at a predetermined execution interval in order to maintain the validity of the authentication token for a job registered in an execution job.  The execution interval is determined on the basis of the validity time period until the authentication token is invalidated after the elapse of a predetermined time from the date/time of last access to session information.  For example, when the validity time period of the authentication token is 30 minutes, the processing shown in FIGS. 7A and 7B is executed at 15 minutes interval (i.e., the value obtained by dividing the validity time period by two) in the present embodiment.

.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AREZOO SHERKAT whose telephone number is (571)272-8533.  The examiner can normally be reached on Monday - Friday 8:30-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571 - 272 - 3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/AREZOO SHERKAT/Examiner, Art Unit 2434    

/DANT B SHAIFER HARRIMAN/Primary Examiner, Art Unit 2434