DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
	
This Office action is in response to the application filed on 10/29/2019.

Claims 1-12 are presented for examination.

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). The certified copy has been filed in parent Application No. 201710297689.2, filed on 04/29/2017.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/29/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 


As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 

Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. 
Claim 10 recite “a model building unit”, “a workflow control unit”, and “an approval operation unit”; and claim 11 recites “a role creation submodule”, “a role authorization submodule”, and “a user-role relation submodule”.
The claim limitations use the generic placeholders “unit”, and “submodule” that are coupled with functional languages without reciting sufficient structure to perform the recited function and the means are not preceded by a structural modifier.  
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 10-12 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because claims 10-12 are directed toward a system comprising “a model building unit”, “a workflow control unit”, “an approval operation unit”, “a role layer”, “a permission layer”, “a user layer”, “start node”, “approval node”, “end node”, “a role creation submodule”, “a role authorization submodule”, and “a user-role relation submodule”, all of which may be interpreted as software per se. System claims are primarily defined by their structural elements, but the recited model building unit, workflow control unit, an approval operation unit, a role layer, a permission layer, a 

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claims 1-12 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
i.  Claim 1 recites the limitation "the same period" in line 6. There is insufficient antecedent basis for this limitation in the claim.
ii.  Claim 9 recites the limitation "the original department" in line 4. There is insufficient antecedent basis for this limitation in the claim.
ii.  Claim 10 recites the limitation "the same period" in line 8. There is insufficient antecedent basis for this limitation in the claim.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-12 are rejected under 35 U.S.C. 103 as being unpatentable over Versteeg et al. (US 2014/0129273), in view of TONG et al. (US 2017/0277900).

As to claims 1 and 10, Versteeg discloses the invention as claimed, including a workflow control method based on a one-to-one correspondence between roles and users (Fig. 3), comprising the following steps: 
S1: building a three-layer structure model of user-role-permission (¶0011, “a hierarchical role model generated”; ¶0039, “method 10 used to generate a hierarchical role model”) that comprises: 
a role layer, wherein an operation subject of process approval in a workflow is a role (Fig. 3 shows “engineering role, manager role, sales role, consulting role”), each role is an independent individual rather than a group or class (Fig. 3; Fig. 4E; page 5, Table 7 shows Rose has one role, engineering; ¶0028, “users with assigned a single role”), one role can only be related to a unique user during the same period, and one user is related to one or more roles (Fig. 3; Fig. 4E; page 5, Table 7 shows Rose has one role, engineering, Table 9 shows Rose has two roles, engineering and management; , a permission layer comprising a permission required to be used in the execution of the workflow, wherein the permission is directly granted to a role, and a user layer (Fig. 3; ¶0023, “The permission sets for each user include one or more access control permissions that define the resources or services in a network that the user is permitted to access”; ¶0037, “a single user with a single permission”; ¶0043, “there is only one person associated with a single access control permission”), wherein a user determines an approval task in the workflow through a related role, and performs an approval operation with the permission of the related role (¶0021, “Computer algorithms are used to visually present the access entitlement information in such a way as to allow a human to easily identify the roles that are affiliated with those permissions”; ¶0037, “the role engineer may create a role for the single remaining user and assign to it the permissions of the remaining user. The role model created may then be passed to an enterprise workflow engine for approval”); 
S2: using the three-layer structure model to control the workflow (Fig. 1), wherein one approval process comprises: at least one approval node selecting an approval role (Abstract, “assign permissions to the role”; ¶0002, “Each "role" is associated with a set of permissions that allow a person assigned to the role to perform those job functions”); and 
S3: determining, according to a user's related role, an approval task to be processed, and performing an approval operation with the permission of the related role (Tables 1-5; ¶0029, “User permission data for this example is shown in Table 1. This user permission data, as stated above, is provided as input into a computing device used 

Although Versteeg discloses the role model created may then be passed to an enterprise workflow engine for approval (Fig. 1; ¶0028; ¶0037; ¶0043), Versteeg does not specifically disclose one start node initiating or requesting or submitting the workflow, authorizing the approval role; and one end node, to which the approval process comes and then is ended. 
However, TONG disclose one start node initiating or requesting or submitting the workflow (Fig. 2; Fig. 4; ¶0041, “when initializing the workflow, the user initiating the request”; ¶0055, “Step 1: A user initiates a workflow”),  and authorizing the approval role (Fig. 2; Fig. 4; ¶0052, “The role and operation permission that the task has is valid only in the life cycle of the task… permissions and dynamic authorization”); and one end node, to which the approval process comes and then is ended (Fig. 2; Fig. 4; ¶0002, “an automation of an approval process within an enterprise is achieved with a use of the workflow”; ¶0008, “RBAC is that the access permission granted to users”; ¶0026, “grant and revoke the operation permission in a timely and accurate manner”; ¶0046, “the operation permission corresponding to each of the tasks in the group of tasks may be revoked when the life cycle expires”). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the system of Versteeg to include one start node initiating or requesting or submitting the workflow, 

As to claim 2, it is rejected for the same reasons set forth in claim 1 above. In addition, Versteeg discloses wherein only a role having the permission to start a workflow can initiate or request or submit the workflow (Fig. 3; ¶0037, “a single user with a single permission”; ¶0043, “At this point, there is only one person associated with a single access control permission”). 

As to claim 3, it is rejected for the same reasons set forth in claim 1 above. In addition, Versteeg discloses a system determines an approval process according to a form submitted (Tables 1-5; ¶0021, “Computer algorithms are used to visually present the access entitlement information in such a way as to allow a human to easily identify the roles that are affiliated with those permissions”; ¶0037, “the role engineer may create a role for the single remaining user and assign to it the permissions of the remaining user. The role model created may then be passed to an enterprise workflow engine for approval”). 

As to claim 4, it is rejected for the same reasons set forth in claim 1 above. In addition, Versteeg discloses one or more approval processes are designed for a form that requires a workflow, but one role can only select one approval process under the form (Tables 1-5; ¶0021, “Computer algorithms are used to visually present the access entitlement information in such a way as to allow a human to easily identify the roles that are affiliated with those permissions”; ¶0037, “the role engineer may create a role for the single remaining user and assign to it the permissions of the remaining user. The role model created may then be passed to an enterprise workflow engine for approval”). 

As to claim 5, Versteeg discloses the workflow control method based on a one-to-one correspondence between roles and users according to claim 1, wherein one or more approval roles are selected at said approval node, one role can exist at different approval nodes in one approval process, and the approval role may own different permissions for viewing and modifying a form field at different approval nodes (Tables 1-5; ¶0023, “the permission sets of the users are modified during the role engineering process”; ¶0036; ¶0041, “The user list is then updated to delete the permissions assigned to the management and consultant roles”). 

As to claim 6, Versteeg discloses the workflow control method based on a one-to-one correspondence between roles and users according to claim 1, wherein one or more approval roles are selected at said approval node, an approval role's permission is set at said approval node, and the permission can be independently set for each approval role of each approval node (Tables 1-5; ¶0021, “Computer algorithms are used to visually present the access entitlement information in such a way as to allow a human to easily identify the roles that are affiliated with those permissions”; 

As to claim 7, it is rejected for the same reasons set forth in claim 1 above. In addition, Versteeg discloses the workflow control method based on a one-to-one correspondence between roles and users according to claim 1, wherein step S1 comprises the following sub-steps: S101: creating a role, wherein each role is an independent individual rather than a group or class (¶0037, “the role engineer may create a role for the single remaining user and assign to it the permissions of the remaining user. The role model created may then be passed to an enterprise workflow engine for approval”). 

As to claim 8, Versteeg discloses the workflow control method based on a one-to-one correspondence between roles and users according to claim 1, wherein said role belongs to a certain department, said role is unique under the department, and said role is authorized according to work content of said role (Fig. 3; ¶0002, “Role Based Access Control (RBAC) is an access control model widely used to administer access permissions in large organizations…A department manager in charge of the people in these roles may be assigned to an "administrative" role that allows him/her to perform administrative functions”). 
the workflow control method based on a one-to-one correspondence between roles and users according to claim 8, further comprising a step of managing cross-department transfer of a user, which specifically comprises: (1) cancelling the user's relation to the role in the original department (Table 7 shows revised user list; ¶0040, “Persons having a single role and an empty permission set (i.e., Bill, Nancy, Agnes, and Jack) are removed from the user list”); and (2) relating the user to a role in a new department (¶0028, “After a new role is created, the user list is then updated to remove permissions that have been assigned to a role from the permission sets of the users represented by the selected cluster”). 

As to claim 11, it is rejected for the same reasons set forth in claim 7 above. 

As to claim 12, Versteeg discloses the workflow control system based on a one-to-one correspondence between roles and users according to claim 11, wherein said system role is composed of: a post name + a post number (¶0023, “the creation of a user list including each user in a group of users and corresponding permissions sets assigned to each user (box 12). The list may, for example, comprise the identities or usernames of people”).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Krishnan et al. (US 2020/0076818), Smith (US 2006/0090208), Kapadia et al. (US 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUNGWON CHANG whose telephone number is (571)272-3960.  The examiner can normally be reached on 8:30-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, GLENTON BURGESS can be reached on (571)272-3949.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 





/JUNGWON CHANG/Primary Examiner, Art Unit 2454                                                                                                                                                                                                        September 14, 2021