DETAILED ACTION
This office action is in response to the RCE filed on 09/03/2021. After the examiner’s amendment shown below, claims 1, 9 and 17 are independent. Claims 2, 7, 8, 10 and 18-23 are cancelled. Claims 1, 3, 5, 6, 9, 11, 13, 14 and 17 are amended. Thus, claims 1, 3-6, 9 and 11-17 are pending and being considered after entry of this amendment filed on 09/22/2021.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 09/03/2021 for application number 16/685,685 has been entered.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 09/03/2021 was filed on or after the mailing date of the application no.16/685,685 filed on 11/15/2019. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner and an initialed 

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with the applicant’s representative- Mr. Paul A. Durdik (Reg. No. 37,819) on 09/22/2021. The summary of the interview is attached.

Amendments to the Claims
The application has been amended as followed:
1. (currently amended) A method for managing access by a server to client account records for use of a client application in cooperation with a supervisor application having supervisor account records identifying a set of client accounts under supervision, the method including: 
receiving, at a server, from the supervisor application executing on a first platform a request to enable the client application executing on a second platform to access a particular client account of the set of client accounts under supervision; 
generating, at the server and responsive to the request by the supervisor application, a one-time verification code for use by the client application; 
one-time verification code for use by the client application as generated, thereby enabling the client application executing on the second platform to access, without providing personally identifying information to the server, the particular client account, such that anonymity of a client user of the client application is preserved by not providing the personally identifying information to the server; 
receiving, at the server and from the client application, a login request providing the one-time verification code to login the client application to the particular client account; and 
in response to receiving from the client application the login request providing the one-time verification code to login the client application to the particular client account, authorizing, at the server, the client application to access the client account records for the particular client account[[;]], thereby securely linking the client application to the server while preserving anonymity of the client user without the personally identifying information being communicated from the client user to the server;
retrieving, from the server, for display a set of electronic documents available to the supervisor application for assignment to client accounts under supervision;
receiving, at the server and from the supervisor application, an input indicating selection of a particular electronic document; and 
in response to receiving, at the server, the input indicating selection of the particular electronic document, assigning the particular electronic document to the particular client account under supervision. {00818865.DOCx }Page 2Application No.: 16/685,685Attorney Docket: SPRD 1000-4 

2. (cancelled) 

3. (currently amended) The method of claim 1, wherein the one-time verification code further comprises a time limit during which the one-time verification code can be utilized.  

4. (original) The method of claim 1, including determining whether the client application to be enabled is to be executed on a same platform as the supervisor application, or is to be executed on a different platform.  

5. (currently amended) The method of claim 4, wherein whenever the client application is to be executed on the same platform as the supervisor application, automatically entering the one-time verification code into a client application login procedure.  

6. (currently amended) The method of claim 4, wherein whenever the client application is to be executed on a different platform from the supervisor application, providing the one-time verification code for display; thereby enabling the one-time verification code to be communicated to the client application.  

7. – 8. (cancelled) 

9. (currently amended) A non-transitory computer readable memory storing computer instructions for managing access by a server to client account records for use of a client application in cooperation with a supervisor application having supervisor account records identifying a set of client accounts under supervision, which instructions when executed by one or more processors perform a method including: {00818865.Docx }Page 3Application No.: 16/685,685Attorney Docket: SPRD 1000-4

generating, at the server and responsive to the request by the supervisor application, a one-time verification code for use by the client application; 
providing, by the server, to the supervisor application on the first platform and in response to the request from the supervisor application, the one-time verification code for use by the client application as generated, thereby enabling the client application executing on the second platform to access, without providing personally identifying information to the server, the particular client account, such that anonymity of the client user of the client application is preserved by not providing the personally identifying information to the server; 
receiving, at the server and from the client application, a login request providing the one-time verification code to login the client application to the particular client account; and 
in response to receiving from the client application the login request providing the one-time verification code, authorizing, at the server, the client user of the client application to access the client account records for the particular client account[[;]], thereby securely linking the client application to the server while preserving anonymity of the client user without the personally identifying information being communicated from the client user to the server;
selecting, by the supervisor application, content to be experienced by an anonymous client user accessing the particular client account using the client application; and 
controlling, by the supervisor application, a rate that content is to be experienced by the anonymous client user accessing the particular client account using the client application. {00818865.DOCx }Page 2Application No.: 16/685,685Attorney Docket: SPRD 1000-4 

10. (cancelled) 

11. (currently amended) The non-transitory computer readable memory of claim 9, wherein the one-time verification code further comprises a time limit during which the one-time verification code can be utilized.  

12. (previously presented) The non-transitory computer readable memory of claim 9, including determining whether the client application to be enabled is to be executed on a same platform as the supervisor application, or is to be executed on a different platform.  

13. (currently amended) The non-transitory computer readable memory of claim 12, wherein whenever the client application is to be executed on the same platform as the supervisor application, automatically entering the one-time verification code into a client application login procedure. {00818865.DOCx }Page 4Application No.: 16/685,685Attorney Docket: SPRD 1000-4  

14. (currently amended) The non-transitory computer readable memory of claim 12, wherein whenever the client application is to be executed on a different platform from one-time verification code for display; thereby enabling the one-time verification code to be communicated to the client application.
  
15. (original) The non-transitory computer readable memory of claim 9, including retrieving for display a set of electronic documents available to the supervisor application for assignment to client accounts under supervision.  

16. (original) The non-transitory computer readable memory of claim 15, further including: receiving from the supervisor application an input indicating selection of a particular electronic document; and 
upon receiving input indicating selection of a particular electronic document, assigning the particular electronic document to a specific client account under supervision. 

17. (currently amended) A system, including: 
one or more platforms including a hardware processor executing computer instructions that implement a supervisor application and one or more client applications; and 
a server including one or more processors and a memory, wherein the memory stores computer instructions for managing access to client account records for use of a client application in cooperation with the supervisor application having supervisor account records identifying a set of client accounts under supervision, which instructions when executed by the one or more processors perform: 
receiving, at the server, from the supervisor application executing on a first platform a request to enable the client application executing on a second platform by a 
generating, at the server and responsive to the request by the supervisor application, a one-time verification code for use by the client application; 
providing, by the server, to the supervisor application on the first platform and in response to the request from the supervisor application, the one-time verification code for use by the client application {00818865.DOCx }Page 5Application No.: 16/685,685Attorney Docket: SPRD 1000-4 as generated, thereby enabling the client application executing on the second platform to access, without providing any personally identifiable information to the server, the particular client account, such that anonymity of the client user of the client application is preserved by not providing the personally identifying information to the server; 
receiving, at the server and from the client application, a login request providing the one-time verification code to login the client application to the particular client account; and 
in response to receiving from the client application the login request providing the one-time verification code to login the client application to the particular client account, authorizing, at the server, the client application to access the client account records for the particular client account[[;]], thereby securely linking the client application to the server while preserving anonymity of the client user without the personally identifying information being communicated from[[of]] the client user to the server;
selecting, by the supervisor application, content to be experienced by a plurality of anonymous users accessing particular client accounts using the client application; and 
controlling, by the supervisor application, access to selections of the content arranged for the plurality of anonymous users accessing the particular client accounts using the client application.  

18. - 23. (cancelled).  

Allowable Subject Matter
The following is an examiner’s statement of reasons for allowance: 
After further search and consideration, the claims 1, 3-6, 9 and 11-17 are allowed over the cited prior art(s) of record. 
The following references/prior arts disclose the general subject matter recited in the independent claims 1, 9 and 17 before/after the current amendment is made and/or submitted.

A.	Noguchi, Tetsuya et al. (US 2003/0005333 A1), discloses a mechanism for access control based on remote procedure calls. Such as, a first client, which has an access right to a server via a network, can issue a remote procedure call to the server. The first client can also communicate with a second client, which doesn't have an access right to the server. The first client requests the server to issue a token, which is a data set for permitting the second client a limited access to the server, and subsequently the token prepared by the server is transmitted to the second client. The second client originally has no access rights relative to the server. However, if the second client transmits a remote procedure call using the received token, limited access is granted. The server performs a process designated by the remote procedure call from the second client. The token 

B.	Canard; Sebastien et al. (US 2006/0155985 A1), the invention in Para. [0065] proposes an anonymous authentication mechanism that is based on the use of anonymous certificates, an economical and effective session maintaining mechanism that guarantees non-repudiation, and a global solution combining the anonymous authentication mechanisms (e.g. group signature, anonymous certificate) and the session maintaining mechanism to solve the following problems: [0066] User anonymity: the invention relies on strong authentication mechanisms that preserve the anonymity of users, not only from other users, but also from servers. [0067] Effectiveness and portability: the authentication session maintaining mechanism that the invention proposes does not necessitate any calculation at the user end, as all the necessary information is calculated beforehand, during the authentication stage. [0068] Non-repudiation: the invention guarantees non-repudiation because the server can revoke the anonymity of a user at any time by interrogating the trusted third party (ACA) and because the server can prove each of the actions of a user, and [0069] Ergonomics: the user registers only once with a trusted third party anonymous certification authority (ACA). 

C.	Ananian, John Allen (US 2003/0028451 A1), the invention relates to a method of creating an interactive and enhanced digital catalog of products, services, and information that is personalized or personally profiled, to each 

D.	Laurie; Bennet et al. (US 8,28,1149 B2), systems and methods are disclosed for privacy-preserving flexible user-selected anonymous and pseudonymous access at a relying party (RP), mediated by an identity provider (IdP). Anonymous access is unlinkable to any previous or future accesses of the user at the RP. Pseudonymous access allows the user to associate the access to a pseudonym previously registered at the RP. A pseudonym system is disclosed. The pseudonym system allows a large number of different and unlinkable pseudonyms to be generated using only a small number of secrets held by the user. The pseudonym system can generate tokens capable of including rich semantics in both a fixed format and a free format. The tokens can be used in obtaining from the IdP, confirmation of access privilege and/or of selective partial disclosure of user characteristics required for access at the RPs. The pseudonym system and associated protocols also support user-enabled linkability between pseudonyms.



F.	Prajakta Solapurkar (Building Secure Healthcare Services Using OAuth 2.0 and JASON Web Token in IOT Cloud Scenario, Published in Dec. 2016), this paper relates to OAuth 2.0 which is a delegated authorization framework enabling secure authorization for applications running on various kinds of platforms. In healthcare services, OAuth allows the patient (resource owner) seeking real time clinical care to authorize automatic monthly payments from his bank account (resource server) without the patient being required to supply his credentials to the clinic (client app). OAuth 2.0 achieves this with the help of tokens issued by an authorization server which enables validated access to a protected resource. To ensure security, access tokens have an expiry time and are short-lived. So the clinical app may use a refresh token to obtain a new access token to cash monthly payments for rendering real time health care 

G.	Shuai Shao (A Remote User authentication Scheme Preserving User Anonymity and Traceability; Date of Conference: 24-26 September 2009), this paper propose a remote authentication scheme to achieve both user anonymity and traceability. Such as, many smart card based remote authentication schemes have been proposed to preserve user privacy against eavesdropper. However, none of the existing scheme provides both users’ anonymity to server and traceability to the malicious user. This paper presents a scheme that preserves user anonymity not only against outside attackers, but also against the remote server. When a malicious user was found, server can trace the user with the help of the trusted third party.

H.	See the other cited prior arts.



The dependent claims 3-6 and 11-16 which are dependent on the above independent claim(s) being further limiting to the independent claims, definite and enabled by the specification are also allowed.

Furthermore, the applicant’s replies make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule 37 CFR 1.104(e). The grounds of claim rejection was reconsidered and withdrawn based on the substance of applicant’s amendments, remarks and arguments (see arguments/remarks, filed on 09/03/2021, pages 9-17), as such the reasons for allowance are in all probability evident from the record.	

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submission should be clearly labeled “Comments on Statement of Reasons for Allowance.” In event of any post-allowance papers (e.g. IDS, 312 amendment, petition, etc.), Applicant is exhorted to mail papers to the Production Control Branch in Publications or faxed to post-allowance papers correspondence branch at (703) 308-5864 to expedite issuing process or call PUB’s Customer service if any questions at (703) 305-8497.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALI CHEEMA, whose contact number is 571-272-1239. The examiner can normally be reached on Mon-Fri: 8AM – 4PM. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALI CHEEMA/
Examiner, Art Unit 2433	

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498