Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1. 	Claims 1-5, 9-13, 16-19 are presented for the examination. Claims 6-8, 14-15 are canceled.
                                  Continued Examination Under 37 CFR 1.114  2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 08/27/2021 has been entered. 

                                                      Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

3. Claims 1, 2, 4, 10, 11, 16, 17, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Brebner (US 20200007615 Al) in view of Ahuja (US 20190327236 Al) in view of Spencer (US 20130019149 Al) and further in view of Fultz (US 9271110 B1).

As to claim 1, Brehner teaches receiving are quest to perform a task from a device (
device] instance to serve[task] other client
application instances (or the first client application instance) when the same or similar
resource call is received, para[0349], In 33-49/ In embodiments, the resources 210 (e.g., internal
resources 216 and/or external resources 218) may be leveraged by a client application via a
resource call, para [0356], in 47-50), the performance of the task at an electronic destination (A resource call may refer to a mechanism by which a software component requests one or
more assets from another component. Examples of resource calls may include API calls
(e.g., RESTful API calls, SOAP API calls), HTTP requests, Socket requests, FTP requests, and
the like. Typically, a resource provider defines one or more APIs that a client application can
leverage one or more assets of the resource provider. Each resource provider may have different
protocols that expose their respective resources 210. Traditionally, a client application instance
issues an API call directly to a resource, which exposes both the resource provider and the client
application (and by proxy the client device 214). The server kit 200, however, deploys one or
more server instances 204 that marshal resource calls made by a client application instance.
Marshalling may refer to the process by which one or more server instances 204
handle [performance] a resource call, para [0356], In 46-53); authenticating the device; should the device be authenticate (The client application instance may authenticate in any suitable manner, depending on the configuration of the client application. For example, the client
application may be configured to prompt the user for a username and password or the client
application may authenticate without a username and password but rather only information
relating to the device (e.g., IP address, device identifier, and/or the like). In response to a request
to authenticate the user and/or the client application instance, the server instance may perform a
 suitable authentication process. The authentication process may be performed internally (e.g.,

IDAPP). Once authenticated, the server instance may establish a communication session with the
client application instance. In embodiments, the server instance may further issue a security
token (or other suitable security mechanism) to the client application instance. The client
application instance may use the security token in future communications with the server
instance, para [0412], In 14-50/ from a client application instance. In embodiments, the received
resource call may initially be nested within a resource call to the server kit instance, may include
the session token of the authentication device, and may identify the implicated resource and
related data. For example, the client application instance may issue an API call to the sever
instance 204, such that the API call adheres to the server kit's API protocol and includes the
session token that was issued to the client application instance. The API call may include a
nested API call, where the nested API call identifies the implicated resource 210 and includes the
parameter values that the implicated resource 210 needs in order to service the API call. In
response to receiving the resource call, the resource call module 288 may marshal the nested
resource call. Marshalling the nested resource call may include determining whether to allow the
nested resource call, updating analytics relating to the user based on the nested resource call, and,
if permitted, executing the nested resource call. In embodiments, determining whether to allow
the nested resource call can include determining whether the user associated with the client
application instance has been granted adequate permissions to make the resource call based on
the rights 276 of the user. Determining whether to allow the client application instance to make
the call may further include examining analytics relating to the client application instance/user to
ensure that the nested resource call is not malicious. For example, the resource call module 288
 may obtain analytics data that indicates how many times a client application instance associated

exceeds a threshold, the resource call module 288 may deny the nested resource call.
Furthermore, in some embodiments, if the resource call module 288 denies the nested resource
call the client application instance and/or the user may be flagged or black listed. If the nested
resource call is not denied by the resource call module 288, para [0386], In 1-45); and,
generating an Application Program Interface (API) command for performing the task of
the request, and causing the device to perform the request to provide access to features of
the electronic destination at the computer system, (the resource call module may generate a
pass through resource call [Application Program Interface (API) command]. In embodiments,
the resource call module 288 may generate the pass through resource call [Application
Program Interface (API) command] based on the nested resource call provided by the
application instance and a security mechanism (e.g., a token) issued to the server instance 204 (or
server kit 200) by the resource 210 indicated in the resource call, para [3086], in 83-94),
Resources 210 can include internal resources 216 and/or third party resources 218. Internal
resources 216 may be resources that are proprietary and under control of the application provider
to which the server kit 200 corresponds. Put another way, internal resources 216 may include the
application provider's databases, files, and services (e.g., proprietary search services, video
streaming, photo editing, and the like). The internal resources 216 may reside in the same cloud
services system 142 as the server kit 200 and/or may be hosted on another cloud services system
142. Third party resources 218 may refer to assets (e.g., databases, services, files, and the like)
that are controlled by an entity other than the provider of the client application. Put another way,
third party resources can include services, databases, and files that are maintained and/or
 provided by organizations not closely associated with the application provider, para [0356], In

pass through resource call to the resource by, for example, transmitting the pass through resource
call to the implicated resource. In some embodiments, the server instance may query a cache of
the server kit (either at the server instance or another server instance) prior to making a pass
through resource call to determine whether the requested data is available on the cache, and if
not, may execute the pass through resource call. If the data is available at the cache, the server
instance may forgo issuing the pass through resource call and may return the cached data
corresponding to the nested resource call, para [0416]/ generating an destination at a different
electronic destination since the generated pass through resource call can access the resource
which is located, in another cloud services system 142 as described above).
Brebner does not teach receiving a request and a linked token issued to the device, the
request to perform a task from a the device, the performance of the tasks   electronic
destination; authenticate the device; should the device be authenticated; the token providing
the computer system access to the electronic destination, the performance of the task at an electronic destination, including at least one of a web page, a server, and a computer. However, Ahuja teaches receiving a request and a linked token issued to the device, the request to perform a task from a the device, the performance of the task at an electronic destination; authenticating the device; should the device be authenticated; the token providing the computer system access to the electronic destination, the performance of the task at an electronic destination, including at least one of a web page, a server, and a computer (FIG. 1, authentication of the user is accomplished by a software module running on the workstation 10[device] sending authentication request 11 to authentication server AQ to ensure the user is a valid user in the datacenter, and has presented correct credentials to execute the selected operation, parafG020}, linked token identifying the user]. Several suitable multi-factor authentication procedures may be used. As such procedures are known to those skilled in the art, they will not be detailed here. The software module running on the workstation 10 then signs the request at 13 using the token 12, para[0021], In 1-10/ The software module running on the workstation 10 then sends the signed request 14 to front-end server 20 that is accessible over the OCE's network, para[0022], In 1-5/ Upon receipt of the signed request 14 via the RESTful interface, the front-end server 20 extracts the user ID and authentication token and authorizes the request at 15, e.g., the front-end server 20 uses role based access control to ensure that the user is authorized to perform the operation requested at the time. For example, the user ID may be compared to a list identifying who is authorized to access the request file/server and only authorizing the user if the user is so authorized. In this manner, every access request is authorized [authenticated] before access is granted and the command executed. Once authorization is successful, the front-end server 20 then forwards the authorized and signed request 16 to one or more back-end servers 30 for execution as a local (e.g., POWERSHELL.RTM.) command. The back-end server(s) 30 execute the operation by extracting parameters from the authorized and signed request 16 and executing the extracted parameters in the identified datacenter management command at 17 and returns the response 18 to the front-end server 20, which passes the response 19 along to the workstation 10 via the RESTful interface, para [0025]/ As illustrated in FIG. 1, the secure workstation 10 sends a request to execute a datacenter management operation in the datacenter. Examples of such operations are adding a record in a database, configuring software installed on a datacenter machine, installing binaries on a datacenter machine, rebooting a datacenter machine, and the  In RESTful systems, each request from any client contains all the information necessary to service the request and the session state is held in the client. The session state can be transferred by the server to another service such as a database to maintain a persistent state for a period to allow authentication, such as the authentication by authentication server 40 described above, para [0024], ln 1-30/ The software module running on the workstation 10 then signs the request at 13 using the token 12. This authentication procedure authenticates the OCE (user) so that the datacenter may authorize the OCE, as appropriate, to perform the requested database management operation selected from the user's, para [0021], ln 7-20).
It would have been obvious to one of the ordinary skill in the art before the effective
filing date of the claimed invention was made to modify the teaching Brebner with Ahuja to
incorporate the feature of receiving a request and a linked token issued to the device, the request
for perform a task from a the device, the performance of the task of electronic destination; 
authenticating the device: should the device be authenticated: the token provoking the computer
 system access to the electronic destination because this introduces significant costs when
customizing it to support specific performance and security needs.
Brebner and Ahuja do not teach storing the request. However, Spencer teaches storing the
request (As illustrated in FIG. 4 incoming requests are stored in an Incoming Request Queue
502).

filing date of the claimed invention was made to modify the teaching Brebner and Ahuja with
Spencer because this storing the request because this allows computing devices configured to
access remote media over the computer network.
	Brebner, Ahuja and Spencer do not teach the token active during a session which is open for a predetermined time period. However, Fultz teaches the token active during a session which is open for a predetermined time period( generates a token for the application level session wherein the token is time limited and location limited such that the application level session will expire at the end of a specified period of time, col 1, ln 35-50). 
	It would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention was made to modify the teaching Brebner, Ahuja and Spencer with Fultz to incorporate the feature of the token active during a session which is open for a predetermined time period because this maintains the session life for the other ones of the plurality of application level sessions.
As to claim 2, Spence teaches the request is received via audio (para [0037J, In 1-15) for
the same reason as to claim 1 above.
As to claim 4, Brebner teaches transmitting the API command to the device for execution
by the device) para [0356], In 46-53).
As to claims 10, 11, 16, 17, 19, they are rejected for the same reasons as to claims 1,
2, 4 above.

4. Claims 3, 5, 9, 12, 13, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over
Brebner (US 20200007615 Al) in view of Ahuja (US 20190327236 A1) in view of Spencer (US


As to claim 3, Brebner, Ahuja, Spencer and Fultz do not teach the request is received via at least one of text or menu selection. However, Mohammad teaches the request is received via at
least one of text or menu selection (FIG. 1. The interface server 140 can host an interface (e.g., a
 website or API for a custom client-side application) that enables a client device 120 to submit an
input text and a request to generate one or more variations of the input text, para [0054], In 1-
20).
It would have been obvious to one of the ordinary skill in the art before the effective
filing date of the claimed invention was made to modify the teaching Brebner, Ahuja and
Spencer and of Fultz with Mohammad because this provides the output text representing the problem statement and having a second level of search-ability lower than the first level of search-ability.
As to claim 5, Brebner teaches the device includes at least one of: a smartphone, a
computer, a desktop computer, a tablet computer, and a laptop computer (para [0648], In 20-30)
As to claim 9, Brebner teaches the at least one of the web page, server or computer are
associated with social medial para [0066], In 1-20) for the same reason as to claim 3 above.
As to claims 12, 13, 18, they are rejected for the same reasons as to claims 3, 4 above.
                                          Response to the argument:
A. 	Applicant amendment filed on 08/07/20121 has been considered but they are not
persuasive:
Applicant argued in substance that:

 
B.	 Examiner respectfully disagreed with Applicant's remarks:
As to the point (1), Ahuja teaches  As illustrated in FIG. 1, the secure workstation 10 sends a request to execute a datacenter management operation in the datacenter. Examples of such operations are adding a record in a database, configuring software installed on a datacenter machine, installing binaries on a datacenter machine, rebooting a datacenter machine, and the like. The operation is selected from a menu of commands (e.g. WINDOWS.RTM. POWERSHELL.RTM. commands) for which proxy commands have been deployed on the secure workstation. As explained below, the operation may only be invoked if the user is authorized, which is checked at the datacenter after the command is invoked. In FIG. 1, the datacenter is represented by front-end server 20 and back-end server 30, para[0020], ln 1-27/ In RESTful systems, each request from any client contains all the information necessary to service the request and the session state is held in the client. The session state can be transferred by the server to another service such as a database to maintain a persistent state for a period to allow authentication, such as the authentication by authentication server 40 described above, para[0024], ln 1-30/ The software module running on the workstation 10 then signs the request at 13 using the token 12. This authentication procedure authenticates the OCE (user) so that the datacenter may authorize the OCE, as appropriate, to perform the requested database management operation selected from the user's, para[0021], ln 7-20/The software module running on the workstation 10 then signs the request at 13 using the token 12. This authentication 
                                               Conclusion
Any inquiry concerning this communication or earlier communications from the examiner
should be directed to LeChi Truong whose telephone number is (571) 272-3767. The examiner
can normally be reached on 10-8PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor,
Chow, Dennis canbe reached on (571) 272-7767 =. The faxphone number for the
organization where this application or proceeding is assigned is 703-872-9306.
Information regarding the status of an application may be obtained from the Patent Application
Information Retrieval (PAIR) system. Status information for published applications may be
 obtained from either Private PAIR of Public PAIP. Status information for
unpublished applications is available through Private PAIR only. For more information about the
PAIR system, see http://pair-direet.uspto.gov. Should you have questions on access to the Private
PAIP system, contact the Electronic Business Center (EBC) at 866-217-9197(toll-free).
 /LECHI TRUONG/ Primary Examiner, Art Unit 2194