Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to papers filed on 02/06/2019. Claims 1-20 are pending. Claims 1, 8, and 15 are independent.  

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/06/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the Examiner.

Claim Objections
Claims 3 and 17 are objected to because of the following informalities: Claims 3 and 17 recite “a second decryption key”. It appears Applicant intended to recite “a second encryption key” since “a first encryption key” is recited prior in the claims (emphasis added).
 Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-3, 5-9, 11-13, 15-17, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Chiroglazov et al., US 2004/0093397 A1 (hereinafter, “Chiroglazov ‘397”), in view of Schmahmann, US 2018/0062852 A1 (hereinafter, “Schmahmann ‘852”).

As per claim 1: Chiroglazov ‘397 discloses: 
A method comprising: 
receiving an executable (software applications 240 that are executed to complete computing jobs; receiving software applications 240 from Company A to be used in set of resources 104 [Chiroglazov ‘397 ¶¶32, 40-42, 51, 91; Fig. 1, Fig. 2A]) and an input parameter for the executable (access-controlled data 260; receiving access-controlled data 260, such as input to an integrated circuit design tool application, from Company B to be executed on software applications 240 from Company A [Chiroglazov ‘397 ¶¶44-45, 86, 93-96; Fig. 1, Fig. 2A]); 
receiving a first and a second authorization of a session descriptor (access control mechanism 106; Company A and Company B each control a portion of the access control mechanism 106, where the access control mechanism 106 describes and enforces authorizations from Company A and Company B to allow/restrict access to specific resources in the set of resources 104 [Chiroglazov ‘397 ¶¶31-35, 78-81, 103; Fig. 1, Fig. 4B]), 
the first authorization communicated via a communications network (secure network connection 108, where the secure network connection 108 is coupled to the access control mechanism 106 to allow Company A to communicate authorizations to allow/restrict resources [Chiroglazov ‘397 ¶¶62-63, 79; Fig. 1]) by a first remote device (Company A uses client machine 302A [Chiroglazov ‘397 ¶¶83, 137; Fig. 3]) and the second authorization communicated via the communications network (secure network connection 108, where the secure network connection 108 is coupled to the access control mechanism 106 to allow Company B to communicate authorizations to allow/restrict resources [Chiroglazov ‘397 ¶¶62-63, 79; Fig. 1]) by a second remote device (Company B uses client machine 302B [Chiroglazov ‘397 ¶¶83, 137; Fig. 3]), the session descriptor indicative of the executable, the input parameter (the access control mechanism 106 indicates which resources in the set of resources 104 are authorized to be accessed, where resources in the set of resources 104 include software applications 240 and access-controlled data 260 to be executed on software applications 240 [Chiroglazov ‘397 ¶¶31-35, 44-45, 93-96; Fig. 1, Fig. 2A, Fig. 4B])
verifying the session descriptor is authorized based on the first authorization and the second authorization (verifying the access control mechanism 106 based on comparing identifying information with authorization information provided by Company A and Company B [Chiroglazov ‘397 ¶¶68, 78-81; Fig. 1]); 
generating, in response to the session descriptor being authorized, a collaboration result (the generated output of a collaborative computing job, such as a generated graphical representation of an execution result [Chiroglazov ‘397 ¶¶91, 95, 98]) based on the input parameter and execution of the executable (in response to the access control mechanism 106 being authorized by Company A and Company B, Company A and Company B gain access specific resources in the set of resources 104 and run software applications on 240 on access-controlled data 260 [Chiroglazov ‘397 ¶¶31-35, 44-45, 51, 93-96; Fig. 1, Fig. 2A])
the collaboration result comprising output data generated by the executable (the generated output of a collaborative computing job is the output of an executed software application 240 [Chiroglazov ‘397 ¶¶51, 84, 91-98])

As stated above, Chiroglazov ‘397 does not explicitly disclose: a “session descriptor indicative of … a target recipient; and controlling access to the collaboration result based on the session descriptor, wherein the target recipient is permitted to access the collaboration result.”
Schmahmann ‘852, however, discloses: 
session descriptor (access control data 360, where the access control data 360 identifies the access permissions for collaborators as well as specific operations that each collaborator is authorized to perform on a collaborative document [Schmahmann ‘852 ¶¶31, 71; Fig. 3A, Fig. 3B, Fig. 3C]) indicative of … a target recipient (a collaborator specified in the access control data 360 with permissions to ; and
controlling access to the collaboration result (a shared collaborative document; the collaboration platform allows multiple collaborators to access or collaborate efforts to produce a shared collaborative document [Schmahmann ‘852 ¶¶31-36; Fig. 2]) based on the session descriptor (controlling access to specific shared collaborative documents based on the access control data 360 that identifies the access permissions for collaborators as well as specific operations that each collaborator is authorized to perform on a collaborative document [Schmahmann ‘852 ¶¶31, 71; Fig. 3A, Fig. 3B, Fig. 3C]), wherein the target recipient is permitted to access the collaboration result (a collaborator with the appropriate permissions is able to receive/modify the shared collaborative documents [Schmahmann ‘852 ¶¶71, 74-75; Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852, namely to have the access control mechanism 106 indicate a specific collaborator that has permission to receive/modify the generated output of a collaborative computing job from a software application 240. The motivation for doing so would be to provide security for sensitive documents/data as well as to prevent unwanted manipulation of collaborative work products (Schmahmann ‘852 ¶¶31-36).

As per claim 2: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Furthermore, Chiroglazov ‘397 discloses: 
storing the executable (software applications 240 that are executed to complete computing jobs [Chiroglazov ‘397 ¶¶32, 40-42, 51, 91; Fig. 1, Fig. 2A]) and the input parameter (access-controlled data 260 [Chiroglazov ‘397 ¶¶44-45, 86, 93-96; Fig. 1, Fig. 2A]) in a data storage (isolated working system 500, where the isolated working system 500 contain set of resources 602 to store software applications 240 and access-controlled data 260 [Chiroglazov ‘397 ¶¶108, 118-123; Fig. 5, Fig. 6]), the executable associated with a first account (Company A [Chiroglazov ‘397 ¶¶108-112; Fig. 5, Fig. 6]) and the input parameter associated with a second account (Company B; Company A and Company B may each have their own isolated working system 500 that is coupled to each Company, where the data/software stored within is associated with the respective Company [Chiroglazov ‘397 ¶¶108-112; Fig. 5, Fig. 6]); 
controlling access to the executable and the input parameter wherein the executable is accessible to a first account and not to a second account (software applications 240 stored within Company A’s isolated working system is limited to Company A and not accessible to Company B [Chiroglazov ‘397 ¶¶108-112, 118-123; Fig. 5, Fig. 6]) and the input parameter is accessible to the second account and not to the first account (access-controlled data 260 stored within Company B’s isolated working system is limited to Company B and not accessible to Company A [Chiroglazov ‘397 ¶¶108-112, 118-123; Fig. 5, Fig. 6])

As stated above, Chiroglazov ‘397 does not explicitly disclose: a “sharing the session descriptor with the first account and the second account”.
Schmahmann ‘852, however, discloses: sharing the session descriptor (access control data 360; access control data 360 identifies the access permissions for collaborators as well as specific operations that each collaborator is authorized to perform on a collaborative document [Schmahmann ‘852 ¶¶31, 71; Fig. 3A, Fig. 3B, Fig. 3C]) with the first account and the second account (sharing the access control .
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 1, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.

As per claim 3: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Furthermore, Chiroglazov ‘397 discloses: 
wherein the executable is encrypted and the input parameter is encrypted (the encryption/decryption mechanism 224 encrypts data that is transmitted by the Companies, where the data transmitted includes software applications 240 and access-controlled data 260; under the broadest reasonable interpretation, the executable and input parameter are encrypted via the encryption of transmissions by the respective accountholders [Chiroglazov ‘397 ¶¶76-77, 85, 88, 103; Fig. 2A, Fig. 2B, Fig. 4B]), the method further comprising: 
decrypting the executable with a first encryption key (a key to decrypt transmitted data authorized by Company A [Chiroglazov ‘397 ¶¶62-63, 76-77]) included in the first authorization (the encrypted transmission of data from Company A includes software applications 240, where the software application 240 can be accessed by using key to decrypt, authorized by Company A, during the transmission; under the broadest reasonable interpretation, the first authorization includes the distribution of any authorized keys by the respective accountholder that transmits the encrypted data [Chiroglazov ‘397 ¶¶62-63, 76-77, 88, 103; Fig. 2A, Fig. 2B, Fig. 4B]); and 
decrypting the input parameter with a second decryption key (a key to decrypt transmitted data authorized by Company B [Chiroglazov ‘397 ¶¶62-63, 76-77]) included in the second authorization (the encrypted transmission of data from Company B includes access-controlled data 260, where the access-controlled data 260 can be accessed by using key to decrypt, authorized by Company B, during the transmission; under the broadest reasonable interpretation, the second authorization includes the distribution of any authorized keys by the respective accountholder that transmits the encrypted data [Chiroglazov ‘397 ¶¶62-63, 76-77, 88, 103; Fig. 2A, Fig. 2B, Fig. 4B]).

As per claim 5: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 1, as stated above, from which claim 5 is dependent upon. Furthermore, Schmahmann ‘852 discloses: 
wherein first authorization (a first authorization tuple 380 that grants permissions to access/modify a specific shared collaborative document [Schmahmann ‘852 ¶¶52, 71; Fig. 3C]) comprises a first certification signed by a first device with a first private key (the first authorization tuple includes asymmetric key pairs, where the private key of a first collaborator on a client device is a signing key that signs a specific portion of the authorization tuple in the shared collaborative document [Schmahmann ‘852 ¶46, 64, 71, 76; Fig. 3C]) and 
the second authorization (a second authorization tuple 380 that grants permissions to access/modify a specific shared collaborative document [Schmahmann ‘852 ¶¶52, 71; Fig. 3C]) comprises a second certification is signed by a second device with a second private key (the second authorization tuple includes asymmetric key pairs, where the private key of a second collaborator on a client device is a signing key that signs a specific portion of the authorization tuple in the shared collaborative document [Schmahmann ‘852 ¶46, 64, 71, 76; Fig. 3C]), 
wherein verifying, based on the first authorization and the second authorization, the session descriptor (access control data 360 [Schmahmann ‘852 ¶ 71; Fig. 3C]) is authorized (based on the  further comprises: 
determining, based on a first public key associated with the first device (the public key corresponding to the first collaborator on a client device [Schmahmann ‘852 ¶¶ 72-75; Fig. 3C]), first the certification was signed by the first device (the public key corresponding to the first collaborator is used as a signature verification key to determine whether the specific portion of the authorization tuple in the shared collaborative document was signed by the first collaborator on a client device [Schmahmann ‘852 ¶¶ 72-76; Fig. 3C]); and 
determining, based on a second public key associated with the second device (the public key corresponding to the second collaborator on a client device [Schmahmann ‘852 ¶¶ 72-75; Fig. 3C]), that the second certification was signed by the second device (the public key corresponding to the second collaborator is used as a signature verification key to determine whether the specific portion of the authorization tuple in the shared collaborative document was signed by the second collaborator on a client device [Schmahmann ‘852 ¶¶ 72-76; Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852, namely to sign the authorizations from Company A and Company B with their respective private keys, and verify the authorizations with their respective public keys. The motivation for doing so would be to use asymmetric encryption to provide further protection for sensitive data/documents in a collaborative computing environment (Schmahmann ‘852, ¶¶6-8, 45-46). 

As per claim 6: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claims 1 and 5, as stated above, all from which claim 6 is dependent upon. Furthermore, Schmahmann ‘852 discloses: 
wherein the first public key and the second public key are included in the session descriptor (access control data 360; the signature verification keys, also referred to as public keys, for the first and second collaborators are included in the access control data 360 [Schmahmann ‘852 ¶¶ 71-72; Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 5, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.

As per claim 7: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 1, as stated above, from which claim 7 is dependent upon. Furthermore, Chiroglazov ‘397 discloses: 
wherein generating, in response to the session descriptor being authorized (in response to the access control mechanism 106 being authorized by Company A and Company B, Company A and Company B gain access specific resources in the set of resources 104 and run software applications on 240 on access-controlled data 260 [Chiroglazov ‘397 ¶¶31-35, 44-45, 51, 93-96; Fig. 1, Fig. 2A]), the collaboration result (the generated output of a collaborative computing job, such as a generated graphical representation of an execution result [Chiroglazov ‘397 ¶¶91, 95, 98]) further comprises: 
executing the executable by a task (performing a work task or job includes executing software applications 240 [Chiroglazov ‘397 ¶¶32, 40, 84, 98, 108-111]); and 
communicating the input parameter to the task (communicating the access-controlled data 260 to be used in the work task or job [Chiroglazov ‘397 ¶¶44-45, 86, 98, 116-123]).

As per claim 8: Chiroglazov ‘397 discloses: A system (an isolated system associated with inter-company collaboration environment [Chiroglazov ‘397 ¶26; Fig. 1]) comprising: 
a processor (processor 904 executing stored instructions [Chiroglazov ‘397 ¶138; Fig. 9]), the processor configured to: 
store a session descriptor (access control mechanism 106; access control mechanism 106 may be a program stored in the collaboration environment 102 that describes and enforces authorizations from Company A and Company B to allow/restrict access to specific resources in the set of resources 104, where Company A and Company B each control a portion of the access control mechanism 106 [Chiroglazov ‘397 ¶¶31-35, 78-81, 103; Fig. 1, Fig. 4B]), the session descriptor indicative of an executable (software applications 240 that are executed to complete computing jobs; receiving software applications 240 from Company A to be used in set of resources 104 [Chiroglazov ‘397 ¶¶32, 40-42, 51, 91; Fig. 1, Fig. 2A]), an input parameter for the executable (access-controlled data 260, such as an input to integrated circuit design tool application, from Company B to be executed on software applications 240 from Company A; the access control mechanism 106 indicates which resources in the set of resources 104 are authorized to be accessed, where resources in the set of resources 104 include software applications 240 and access-controlled data 260 to be executed on software applications 240 [Chiroglazov ‘397 ¶¶31-35, 44-45, 93-96; Fig. 1, Fig. 2A, Fig. 4B])
control access to the executable and the input parameter, wherein a first account (Company A [Chiroglazov ‘397 ¶¶108-112; Fig. 5, Fig. 6]) is permitted to access the executable and not the input parameter (software applications 240 stored within Company A’s isolated working system 500 is limited to Company A, while the access-controlled data 260 stored in Company B’s isolated working system 500 is limited to Company B and not accessible to Company A [Chiroglazov ‘397 ¶¶108-112, 118-123; Fig. 5, Fig. 6]), 
wherein a second account (Company B [Chiroglazov ‘397 ¶¶108-112; Fig. 5, Fig. 6]) is permitted to access the input parameter and not the executable (access-controlled data 260 stored within Company B’s isolated working system 500 is limited to Company B, while the software applications 240 stored in Company A’s isolated working system 500 is limited to Company A and not accessible to Company B [Chiroglazov ‘397 ¶¶108-112, 118-123; Fig. 5, Fig. 6]); 
receive a first and second authorization of the session descriptor, the first authorization corresponding to the first account and the second authorization corresponding to the second account (receive authorizations from Company A and Company B, respectively, of the access control mechanism 106, where the access control mechanism 106 describes and enforces authorizations from Company A and Company B to allow/restrict access to specific resources in the set of resources 104 [Chiroglazov ‘397 ¶¶31-35, 78-81, 103; Fig. 1, Fig. 4B]); 
verify the session descriptor is authorized based on the first authorization and the second authorization (verifying the access control mechanism 106 based on comparing identifying information with authorization information provided by Company A and Company B [Chiroglazov ‘397 ¶¶68, 78-81; Fig. 1]); 
generate, in response to the session descriptor being authorized, a collaboration result (the generated output of a collaborative computing job, such as a generated graphical representation of an execution result [Chiroglazov ‘397 ¶¶91, 95, 98]) based on the executable and the input parameter (in response to the access control mechanism 106 being authorized by Company A and Company B, Company A and Company B gain access specific resources in the set of resources 104 and run software applications on 240 on access-controlled data 260 [Chiroglazov ‘397 ¶¶31-35, 44-45, 51, 93-96; Fig. 1, Fig. 2A])

a target recipient; and control access to the collaboration result based on the session descriptor, wherein the target recipient is permitted to access the collaboration result.”
Schmahmann ‘852, however, discloses: 
session descriptor (access control data 360, where the access control data 360 identifies the access permissions for collaborators as well as specific operations that each collaborator is authorized to perform on a collaborative document [Schmahmann ‘852 ¶¶31, 71; Fig. 3A, Fig. 3B, Fig. 3C] indicative of … a target recipient (a collaborator specified in the access control data 360 with permissions to access or perform certain operations, such as receiving a shared collaborative document [Schmahmann ‘852 ¶¶71, 74-75; Fig. 3C]); and
control access to the collaboration result (a shared collaborative document; the collaboration platform allows multiple collaborators to access or collaborate efforts to produce a shared collaborative document [Schmahmann ‘852 ¶¶31-36; Fig. 2]) based on the session descriptor (controlling access to specific shared collaborative documents based on the access control data 360 that identifies the access permissions for collaborators as well as specific operations that each collaborator is authorized to perform on a collaborative document [Schmahmann ‘852 ¶¶31, 71; Fig. 3A, Fig. 3B, Fig. 3C]), wherein the target recipient is permitted to access the collaboration result (a collaborator with the appropriate permissions is able to receive/modify the shared collaborative documents [Schmahmann ‘852 ¶¶71, 74-75; Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 1, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.

As per claim 9: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 8, as stated above, from which claim 9 is dependent upon. Furthermore, Chiroglazov ‘397 discloses:
wherein to generate the collaboration result (the generated output of a collaborative computing job, such as a generated graphical representation of an execution result [Chiroglazov ‘397 ¶¶91, 95, 98]), the processor (processor 904 executing stored instructions [Chiroglazov ‘397 ¶138; Fig. 9]) is further configured to: 
generate a task for the executable (software application 240; where work tasks or jobs are generated to be executed with software application 240 [Chiroglazov ‘397 ¶¶95, 98, 109-111]); 
provide the input parameter to the task (parameters, derived from access-controlled data 260, are provided to the work tasks or jobs [Chiroglazov ‘397 ¶¶93-95, 98, 109-111]); and 
receive the collaboration result from the task (receiving the generated output of a collaborative computing job or work task [Chiroglazov ‘397 ¶¶95-96, 98, 109]).

As per claim 11: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 8, as stated above, from which claim 11 is dependent upon. Furthermore, Chiroglazov ‘397 discloses:
wherein the processor (processor 904 executing stored instructions [Chiroglazov ‘397 ¶138; Fig. 9]) is further configured to: 
store a plurality of input parameters (access-controlled data 260; where access controlled data is stored in the set of resources 104 [Chiroglazov ‘397 ¶¶44-45, 86, 93-96; Fig. 1, Fig. 2A]) associated with different accounts holders (the access-controlled data 260 within the set of resources 104 may be from a plurality of Companies [Chiroglazov ‘397 ¶¶31-35; Fig. 1]), respectively, wherein to generate the collaboration result (the generated output of a collaborative computing job; access-controlled data 260, , 
the processor (processor 904 executing stored instructions [Chiroglazov ‘397 ¶138; Fig. 9]) is further configured to: 
generate a task for the executable (software application 240; where work tasks or jobs are generated to be executed with software application 240 [Chiroglazov ‘397 ¶¶95, 98, 109-111]);  25 RCA12229USPRIPATENT Atty. Dkt. No. 15448-674 (RCA12229USPRI) 
provide the input parameters to the task (parameters, derived from access-controlled data 260 from a plurality of Companies, are provided to the work tasks or jobs [Chiroglazov ‘397 ¶¶93-95, 98, 109-111; Fig. 1]); and 
receive the collaboration result from the task (receiving the generated output of a collaborative computing job or work task [Chiroglazov ‘397 ¶¶95-96, 98, 109]).

As per claim 12: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 8, as stated above, from which claim 12 is dependent upon. Furthermore, Schmahmann ‘852 discloses: 
wherein the processor (processor 107 executing stored instructions [Schmahmann ‘852 ¶133; Fig. 9]) is further configured to: transmit the collaboration result (a shared collaborative document; the collaboration platform allows multiple collaborators to access or collaborate efforts to produce a shared collaborative document [Schmahmann ‘852 ¶¶31-36; Fig. 2]) to the target recipient (a collaborator specified in the access control data 360 with permissions to access or perform certain operations, such as receiving a shared collaborative document [Schmahmann ‘852 ¶¶71, 74-75; Fig. 3C]) after the collaboration result is generated (after a shared collaborative document is generated, it is transmitted and distributed to a collaborator specified in the access control data 360 with permissions to access the shared collaborative document [Schmahmann ‘852 ¶¶31-33, 66-71; Fig. 1]).


As per claim 13: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 8, as stated above, from which claim 13 is dependent upon. Furthermore, Chiroglazov ‘397 discloses: 
wherein the input parameter is encrypted based on a first encryption key and the executable is encrypted based on a second encryption key (the encryption/decryption mechanism 224 encrypts data that is transmitted by the Companies, where the data transmitted includes software applications 240 and access-controlled data 260 that are encrypted by a first and second encryption key provided by Companies A and B, respectively; under the broadest reasonable interpretation, the executable and input parameter are encrypted via the encryption of transmissions by the accountholders with their respective encryption keys [Chiroglazov ‘397 ¶¶76-77, 85, 88, 103; Fig. 2A, Fig. 2B, Fig. 4B])
wherein the processor (processor 904 executing stored instructions [Chiroglazov ‘397 ¶138; Fig. 9]) is further configured to: 
decrypt the input parameter based on the first encryption key (the encrypted transmission of data from Company B includes access-controlled data 260, where the access-controlled data 260 can be accessed by using key to decrypt, authorized by Company B, during the transmission; under the broadest reasonable interpretation, the first encryption key includes the authorized key to decrypt provided the respective accountholder via the transmission of the encrypted data [Chiroglazov ‘397 ¶¶62-63, 76-77, 88, 103; Fig. 2A, Fig. 2B, Fig. 4B]); and 
decrypt the executable based on the second encryption key (the encrypted transmission of data from Company A includes software applications 240, where the software application 240 can be accessed by using key to decrypt, authorized by Company A, during the transmission; under the broadest reasonable interpretation, the second encryption key includes the authorized key to decrypt provided by the respective accountholder via the transmission of the encrypted data [Chiroglazov ‘397 ¶¶62-63, 76-77, 88, 103; Fig. 2A, Fig. 2B, Fig. 4B]).

As per claim 15: Chiroglazov ‘397 discloses: 
A non-transitory computer readable storage medium (main memory 906 [Chiroglazov ‘397 ¶138; Fig. 9]) comprising: 
a plurality of instructions executable by a processor, the instructions configured to cause the processor to (main memory 906 contains instructions to be executed by a processor 904 [Chiroglazov ‘397 ¶138; Fig. 9]): 
receive a session descriptor (access control mechanism 106; receive the access control mechanism 106 that describes and enforces authorizations from Company A and Company B to allow/restrict access to specific resources in the set of resources 104, where Company A and Company B each control a portion of the access control mechanism 106 [Chiroglazov ‘397 ¶¶31-35, 78-81, 103; Fig. 1, Fig. 4B]), the session descriptor indicative of an executable (software applications 240 that are executed to complete computing jobs; receiving software applications 240 from Company A to be used in set of resources 104 [Chiroglazov ‘397 ¶¶32, 40-42, 51, 91; Fig. 1, Fig. 2A]), an input parameter for the executable (access-controlled data 260, such as an input to integrated circuit design tool applications, from Company B to be executed on software applications 240 from Company A; the access control mechanism 106 indicates which resources in the set of resources 104 are authorized to be accessed, where resources in the set of resources 104 include software applications 240 and access-
control access to the executable and the input parameter, wherein a first accountholder (Company A [Chiroglazov ‘397 ¶¶108-112; Fig. 5, Fig. 6]) is permitted to access the executable and not the input parameter (software applications 240 stored within Company A’s isolated working system 500 is limited to Company A, while the access-controlled data 260 stored in Company B’s isolated working system 500 is limited to Company B and not accessible to Company A [Chiroglazov ‘397 ¶¶108-112, 118-123; Fig. 5, Fig. 6]), 
wherein a second accountholder (Company B [Chiroglazov ‘397 ¶¶108-112; Fig. 5, Fig. 6]) is permitted to access the input parameter and not the executable (access-controlled data 260 stored within Company B’s isolated working system 500 is limited to Company B, while the software applications 240 stored in Company A’s isolated working system 500 is limited to Company A and not accessible to Company B [Chiroglazov ‘397 ¶¶108-112, 118-123; Fig. 5, Fig. 6]); 
receive a first and second authorization of the session descriptor, the first authorization corresponding to the first accountholder and the second authorization corresponding to the second accountholder (receive authorizations from Company A and Company B, respectively, of the access control mechanism 106, where the access control mechanism 106 describes and enforces authorizations from Company A and Company B to allow/restrict access to specific resources in the set of resources 104 [Chiroglazov ‘397 ¶¶31-35, 78-81, 103; Fig. 1, Fig. 4B]); 
determine, based on the first authorization and the second authorization, the session descriptor is authorized (verifying the access control mechanism 106 based on comparing identifying information with authorization information provided by Company A and Company B [Chiroglazov ‘397 ¶¶68, 78-81; Fig. 1]); 
generate, in response to the session descriptor being authorized (the generated output of a collaborative computing job, such as a generated graphical representation of an execution result [Chiroglazov ‘397 ¶¶91, 95, 98]), a collaboration result based on the executable and the input parameter (in response to the access control mechanism 106 being authorized by Company A and Company B, Company A and Company B gain access specific resources in the set of resources 104 and run software applications on 240 on access-controlled data 260 [Chiroglazov ‘397 ¶¶31-35, 44-45, 51, 93-96; Fig. 1, Fig. 2A]

As state above, Chiroglazov ‘397 does not explicitly disclose: a “session descriptor indicative of … a target recipient; and control access to the collaboration result based on the session descriptor, wherein the target recipient is permitted to access the collaboration result.”
Schmahmann ‘852, however, discloses: 
session descriptor (access control data 360, where the access control data 360 identifies the access permissions for collaborators as well as specific operations that each collaborator is authorized to perform on a collaborative document [Schmahmann ‘852 ¶¶31, 71; Fig. 3A, Fig. 3B, Fig. 3C] indicative of … a target recipient (a collaborator specified in the access control data 360 with permissions to access or perform certain operations, such as receiving a shared collaborative document [Schmahmann ‘852 ¶¶71, 74-75; Fig. 3C]); and
control access to the collaboration result (a shared collaborative document; the collaboration platform allows multiple collaborators to access or collaborate efforts to produce a shared collaborative document [Schmahmann ‘852 ¶¶31-36; Fig. 2]) based on the session descriptor (controlling access to specific shared collaborative documents based on the access control data 360 that identifies the access permissions for collaborators as well as specific operations that each collaborator is authorized to , wherein the target recipient is permitted to access the collaboration result (a collaborator with the appropriate permissions is able to receive/modify the shared collaborative documents [Schmahmann ‘852 ¶¶71, 74-75; Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 1, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.

As per claim 16: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 15, as stated above, from which claim 16 is dependent upon. Furthermore, Schmahmann ‘852 discloses: 
wherein the instructions further cause the processor (processor 107 executing stored instructions [Schmahmann ‘852 ¶133; Fig. 9]) to transmit the session descriptor with the first accountholder and the second accountholder (transmitting the access control data 360 to a first and second collaborator; collaborators can access, view, and update the access control data 360 [Schmahmann ‘852 ¶¶71-73, 83-84; Fig. 3A, Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 1, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.

As per claim 17: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 15, as stated above, from which claim 17 is dependent upon.
Claim 17 defines a non-transitory computer readable storage medium that recites substantially similar subject matter as the method of claim 3. Claim 17 is directed to a non-transitory computer readable storage medium comprising instructions configured to cause a processor to perform the method of claim 3. Thus, the rejection of claim 3 is equally applicable to claim 17.

As per claim 19: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claim 15, as stated above, from which claim 19 is dependent upon. Furthermore, Schmahmann ‘852 discloses:
wherein the first authorization (a first authorization tuple 380 that grants permissions to access/modify a specific shared collaborative document [Schmahmann ‘852 ¶¶52, 71; Fig. 3C]) comprises a first certification digitally signed by a first private key paired with a first public key (the first authorization tuple includes asymmetric key pairs, where the private key of a first collaborator on a client device is a signing key that signs a specific portion of the authorization tuple in the shared collaborative document [Schmahmann ‘852 ¶46, 64, 71, 76; Fig. 3C]), 
wherein the second authorization (a second authorization tuple 380 that grants permissions to access/modify a specific shared collaborative document [Schmahmann ‘852 ¶¶52, 71; Fig. 3C]) comprises a second certification digitally signed by a second private key paired with a second public key (the second authorization tuple includes asymmetric key pairs, where the private key of a second collaborator on a client device is a signing key that signs a specific portion of the authorization tuple in the shared collaborative document [Schmahmann ‘852 ¶46, 64, 71, 76; Fig. 3C]), 
wherein the first public key is associated with the first accountholder (the first public key of the asymmetric key pair corresponds to the first collaborator on a client device [Schmahmann ‘852 ¶¶ 72-75; Fig. 3C]) and 
the second public key is associated with the second accountholder (the second public key of the asymmetric key pair corresponds to the second collaborator on a client device [Schmahmann ‘852 ¶¶ 72-75; Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 5, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.

As per claim 20: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claims 15 and 19, as stated above, all from which claim 20 is dependent upon. Furthermore, Schmahmann ‘852 discloses:
wherein to determine, based on the first authorization and the second authorization (a first and second authorization tuple 380 that grants permissions to access/modify a specific shared collaborative document [Schmahmann ‘852 ¶¶52, 71; Fig. 3C]), the session descriptor (access control data 360 [Schmahmann ‘852 ¶ 71; Fig. 3C]) is authorized (based on the authorization tuples 380, verify whether the operations granted in the access control data 360 are authorized [Schmahmann ‘852 ¶¶ 71-74; Fig. 3C]), 
the instructions further cause the processor (processor 107 executing stored instructions [Schmahmann ‘852 ¶133; Fig. 9]) to: 
decrypt the first certification with the first public key (the public key corresponding to the first collaborator is used as a signature verification key to decrypt and determine whether the specific portion of the authorization tuple in the shared collaborative document was signed by the first collaborator on a client device [Schmahmann ‘852 ¶¶ 72-76; Fig. 3C]); and 








Atty. Dkt. No. 15448-674 (RCA12229USPRI)decrypt the second certification with the second public key (the public key corresponding to the second collaborator is used as a signature verification key to decrypt and determine whether specific portion of the authorization tuple in the shared collaborative document was signed by the second collaborator on a client device [Schmahmann ‘852 ¶¶ 72-76; Fig. 3C]).
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 5, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.

Claims 4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Chiroglazov ‘397 in view of Schmahmann ‘852 and further in view of Ting et al., 2006/0212714 A1 (hereinafter, “Ting ‘714”).

As per claim 4: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claims 1 and 3, as stated above, all from which claim 4 is dependent upon.  Chiroglazov ‘397 in view of Schmahmann ‘852 does not explicitly disclose the limitations of claim 4. 
Ting ‘714, however, discloses: re-encrypting the executable and the input parameter after generating the collaboration result (the decrypted application operates on decrypted data in a secure project room 38 of a distributed project environment; once the operations are complete, the application and data leaves the secure project room 38 and is again encrypted [Ting ‘714 ¶¶23, 28-29, 32-33; Fig. 3, Fig. 4]).
Chiroglazov ‘397 (modified by Schmahmann ‘852) and Ting ‘714 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. Prior to the effective filing date of the claimed invention, it would have been obvious to one of 

As per claim 14: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claims 8 and 13, as stated above, all from which claim 14 is dependent upon.  Chiroglazov ‘397 in view of Schmahmann ‘852 does not explicitly disclose the limitations of claim 14. 
Claim 14 defines a system that recites substantially similar subject matter as the method of claim 4. Claim 14 is directed to a system comprising a processor configured to perform the method of claim 4. Thus, the rejection of claim 4 is equally applicable to claim 14.

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Chiroglazov ‘397 in view of Schmahmann ‘852 and further in view of Coven et al., 2019/0108419 A1 (hereinafter, “Coven ‘419”).

As per claim 10: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claims 8, as stated above, from which claim 10 is dependent upon.  Furthermore, Chiroglazov ‘397 discloses:
wherein the processor (processor 904 executing stored instructions [Chiroglazov ‘397 ¶138; Fig. 9]) is further configured to: 
store a plurality of executables (software applications 240; where a plurality of software applications 240 are stored in the set of resources 104 [Chiroglazov ‘397 ¶¶32, 39-42, 91; Fig. 1, Fig. 2A]) associated with different accounts holders (software applications 240 within the set of resources 104 , respectively, wherein to generate the collaboration result (the generated output of a collaborative computing job; software applications 240, such as an integrated circuit design tool applications, from a plurality of Companies are executed to produce output [Chiroglazov ‘397 ¶¶39-42, 93-96; Fig. 1, Fig. 2A]), the processor (processor 904 executing stored instructions [Chiroglazov ‘397 ¶138; Fig. 9]) is further configured to: 
generate a plurality of tasks for each of the executables (software applications 240; where a plurality of work tasks or jobs are generated for each software application 240 [Chiroglazov ‘397 ¶¶40, 49-51, 93-98, 109-111]); 

generate the collaboration result (generate output of a collaborative computing job or work task [Chiroglazov ‘397 ¶¶95-96, 98, 109])
As state above, Chiroglazov ‘397 does not explicitly disclose: “provide output data from a first one of the tasks to a second one of the tasks; and generate the collaboration result based on output data from the second one of the tasks.”
Coven ‘419, however, discloses: provide output data from a first one of the tasks (a first Skill, where a Skill is a processing application within a collaboration platform that receives input and produces output [Coven ‘419 ¶¶31, 97; Fig. 8A]) to a second one of the tasks (a second Skill; receive output from the first Skill and use the output as input to the second Skill [Coven ‘419 ¶97; Fig. 8A]); and generate the collaboration result based on output data from the second one of the tasks (generating a result based on the output from the second Skill, where each Skill is associated with a collaborative entity within the collaboration platform [Coven ‘419 ¶¶31, 94-98; Fig. 8A]).
Chiroglazov ‘397 (modified by Schmahmann ‘852) and Coven ‘419 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. Prior to the effective filing date of the claimed invention, it would have been .

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Chiroglazov ‘397 in view of Schmahmann ‘852 and further in view of McCarthy et al., 2015/0163206 A1 (hereinafter, “McCarthy ‘206”).

As per claim 18: Chiroglazov ‘397 in view of Schmahmann ‘852 discloses all limitations of claims 15, as stated above, from which claim 18 is dependent upon.  Furthermore, Chiroglazov ‘397 discloses:
wherein the executable is encrypted and the input parameter is encrypted (the encryption/decryption mechanism 224 encrypts data that is transmitted by the Companies, where the data transmitted includes software applications 240 and access-controlled data 260; under the broadest reasonable interpretation, the executable and input parameter are encrypted via the encryption of transmissions by the respective accountholders [Chiroglazov ‘397 ¶¶76-77, 85, 88, 103; Fig. 2A, Fig. 2B, Fig. 4B])

(access-controlled data 260 [Chiroglazov ‘397 ¶¶44-45, 86, 93-96; Fig. 1, Fig. 2A]) and the executable (software applications 240 that are executed to complete computing 
As state above, Chiroglazov ‘397 does not explicitly disclose: a “wherein the instructions further cause the processor to: transmit the collaboration result to the target recipient; and delete … after the collaboration result is transmitted to the target recipient.”
Schmahmann ‘852, however, discloses: wherein the instructions further cause the processor (processor 107 executing stored instructions [Schmahmann ‘852 ¶133; Fig. 9]) to: transmit the collaboration result (a shared collaborative document; the collaboration platform allows multiple collaborators to access or collaborate efforts to produce a shared collaborative document [Schmahmann ‘852 ¶¶31-36; Fig. 2]) to the target recipient (a collaborator specified in the access control data 360 with permissions to access or perform certain operations, such as receiving a shared collaborative document [Schmahmann ‘852 ¶¶71, 74-75; Fig. 3C])
Chiroglazov ‘397 and Schmahmann ‘852 are analogous art because they are from the same field of endeavor, namely that of controlling the access of data on a collaborative platform. For the reasons detailed with respect to claim 1, it would have been obvious to one of ordinary skill in the art, having the teachings of Chiroglazov ‘397 and Schmahmann ‘852 before them, to modify the method in Chiroglazov ‘397 to include the teachings of Schmahmann ‘852.
As stated above, Chiroglazov ‘397 in view of Schmahmann ‘852 does not explicitly disclose: “… and delete … after the collaboration result is transmitted to the target recipient.”
McCarthy ‘206, however, discloses: delete … after the collaboration result is transmitted to the target recipient (after the collaborative project is completed and the finished collaborative project is transmitted to the relevant parties, all files used during the collaboration are automatically deleted [McCarthy ‘206, ¶¶171-172; Fig. 10A]).


Conclusion
The prior art made of record and not relied upon but is considered pertinent to applicant's disclosure:
Seshadri, US 2004/0221179 A1: Secure “Design Zones” within a collaborative computing environment that allows collaborators to work together without compromising Intellectual Property protection.
Rexer et al., US 2013/0311894 A1: A system that allows fine-tuning of access controls for a plurality applications used within a collaboration environment. 
Phatak et al.
Lee et al., US 2013/0014023 A1: Collaboration sessions for workspaces within a collaboration environment, where the sessions define specific permissions for each collaborator within the workspace.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/ALAN LINGQIAN KONG/Examiner, Art Unit 2494   

/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494