DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is the responsive to the communication filed on 07/23/2021.


Examiner’s statement of reason of allowance

The following is an examiner's statement of reasons for allowance: In interpreting the claims, in light of the Specification and the applicant's amendments filed on 07/23/2021, the Examiner finds the claimed invention to be patentably distinct from the prior art of record.
 	The present relates to a method of an authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and15 receives an authentication token generated by the authentication IdP. The redirecting of the resource request comprises transmission of an authentication request to the authentication IdP. The authentication request includes user identity information (e.g., a unique identifier previously registered with the authentication IdP) along with other trusted information (e.g., one-time password, digital certificate, etc.) that allows the20 user's identity to be authenticated by the IdP, but does 

 	Independent claims 11 and 18, recite the uniquely distinct features of “wherein the remote desktop software service comprises: a gateway configured to receive authenticated connection information and handle communication with a resource identity provider, wherein the resource identity provider comprises an active directory; and a session host configured to provide application functionality for the client computing device via the authenticated connection; receiving an authentication token generated by the authentication identity provider; in response to receiving the authentication token, creating a shadow account with the remote desktop software service; in response to creating the shadow account, generating authenticated connection information for the remote desktop software service; and transmitting the authenticated connection information to the client computing device, wherein the authenticated connection information enables the client computing device to access the remote desktop software service via an authenticated connection.

The closest prior art, (Sim et al US 2018/0234464), discloses authentication brokering systems where an authentication broker issues security tokens that represent its authentications of users. Client devices operated by the users store the security tokens and send them to resource providers. The resource providers authenticate and grant access to the users based on validation of the security tokens. Authentication related messages exchanged between the resource providers and the authentication broker are used to exchange authentication risk data that is obtained or derived by the resource providers and the authentication broker. The resource providers obtain authentication risk data directly from the authentication broker and indirectly, via the authentication broker, from each other. As security tokens are used or managed, authentication risk data is shared among the participants in the authentication brokering system. The participants are able to modify their authentication procedures or make authentication decisions based on shared authentication risk data.

The closest prior art, (Ahmed et al US 9,734321 ) discloses provided for determining that a user has been authenticated for an access to at least one service using a federated identity (401). The approach also comprises determining federated account information associated with the user based, at least in part, on one or more user accounts associated with the federated identity, the at least one service, the at least one or more other services, or a combination thereof (403). The approach further comprises determining one or more functions of the at least one service, the at least one or more other services, or a combination thereof to make available to the user based, at least in part, on the federated account information.

The closest prior art (Shen et al US 9853968) disclose providing an unregistered user with access to a network in a secure and efficient manner. A random, on-demand password is generated and the password is associated with an account that permits the user to access the network for a single session only. The account is also associated with a specific IP address. Entry of the password permits access to the network on the IP address associated with the account. At the conclusion of the single session, the password is disposed of such that it will no longer enable access to the network. An access point associated with the network can also be configured to collect marketing information by pairing the IP address with a virtual IP address, in which a user's demographic information is embedded. Such configuration can be used to aggregate data concerning the network activities of users with similar demographic characteristics.
 	
However, the prior art of record, either individually or in a reasonable combination, fails to disclose or suggest the underline limitations when in combination with the remaining limitations currently recited in the independent claims 11 and 18. In addition, updated search also did not yield any new applicable prior art with respect to the underlined limitations.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance." 

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU S SHOLEMAN whose telephone number is (571)270-7314.  The examiner can normally be reached on EST: 9am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/ABU S SHOLEMAN/Primary Examiner, Art Unit 2495