AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This is in response to applicant’s Amendment filed on 12/27/2021 to Application #16/561,645 filed on 09/05/2019 in which Claims 1-4, 6-13, 15-22 are pending.

Status of Claims
Claims 1-4, 6-13, 15-22 are pending, of which Claims 1-4, 6-13, 15-22 are allowable via Examiner’s Amendment.

Applicant’s Most Recent Claim Set of 12/27/2021
Applicant’s most recent claim set of 12/27/2021 is considered to be the latest claim set under consideration by the examiner.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Joaquin Hernandez on January 27, 2022.
 
The application has been amended as follows:

In the Claims:

Claim 1: (Currently Amended)
An apparatus, comprising:
a communications interface;
a memory storing instructions; and
at least one processor coupled to the communications interface and the memory, the at least one processor being configured to execute the instructions to:
receive, via the communications interface, a first request for an element of data, the first request comprising an access token, an application identifier, and first credential data associated with an application program;
load, from the memory, one or more ledger blocks of a distributed ledger, and based on the 
establish a correspondence between the first credential data and the second credential data;
when the first credential data corresponds to the second credential data, determine that the requested data element is accessible to the application program and perform operations that validate the access token;
based on the validation of the access token, obtain and encrypt the requested data element; and
transmit the encrypted data element to a device via the communications interface, the device comprising an additional processor.


Claim 2: (Currently Amended)
The apparatus of claim 1, wherein the at least one processor is further configured to execute the instructions to receive the first request from the device, the device is configured to execute the application program, and the first request being generated by the executed application program.


Claim 4: (Currently Amended)
The apparatus of claim 1, wherein:
the first request further comprises the application identifier; and
 the at least one processor is further configured to execute the instructions to

based on the established correspondence, determine that the requested data element is accessible to the application program.


Claim 7: (Currently Amended)
The apparatus of claim 1, wherein: 
the first request further comprises an application identifier associated with the application program; and
the at least one processor is further configured to execute the instructions to:
generate a second request that includes the application identifier and the first credential data;
transmit, via the communications interface, the second request to a computing system associated with a centralized authority, the second request causing the computing system to execute additional instructions included within a first ledger block[[s]] of a distributed ledger, the executed additional instructions further causing the computing system to obtain the second credential data from a second ledger block of the distributed ledger based on the application identifier and establish a correspondence between the first 
receive, via the communications interface, a response to the second request from the computing system, the response being indicative of the established correspondence between the first credential data and the second credential data; and
determine that the requested data element is accessible to the application program based on the established correspondence.


Claim 10: (Currently Amended)
The apparatus of claim 1, wherein the at least one processor is further configured to execute the instructions to:
determine that the requested data element is inaccessible to the application program 
generate an error message indicative of the inaccessibility of the requested data element to the application program; and
transmit the error message to the device via the communications interface.


Claim 11: (Currently Amended)
A computer-implemented method, comprising:
receiving, using at least one processor, a first request for an element of data, the first request comprising an access token, an application identifier, and first credential data associated with an application program;
obtaining, using the at least one processor, one or more ledger blocks of a distributed ledger from a data repository, and based on the
establishing, using the at least one processor, a correspondence between the first credential data and the second credential data;
when the first credential data corresponds to the second credential data, determining, using the at least one processor, that the requested data element is accessible to the application program and performing, using the at least one processor, operations that validate the access token;
based on the validation of the access token, obtaining and encrypting the requested data element using the at least one processor; and
using the at least one processor, transmitting the encrypted data element to a device, the device comprising an additional processor.


Claim 13: (Currently Amended)
The computer-implemented method of claim 11, wherein:
the first request further comprises the application identifier; and
 the computer-implemented method further comprises

determining, using the at least one processor, that the requested data element is accessible to the application program based on the established correspondence.


Claim 20: (Currently Amended)
A tangible, non-transitory computer-readable medium storing instructions that, when executed by at least one processor, cause the at least one processor to perform a method, comprising:
receiving a first request for an element of data, the first request comprising an access token, an application identifier, and first credential data associated with an application program;
obtaining one or more ledger blocks of a distributed ledger from a data repository, and based on the 
establishing a correspondence between the first credential data and the second credential data;
when the first credential data corresponds to the second credential data, determining that the requested data element is accessible to the application program and performing operations that validate the access token;
based on the validation of the access token, obtaining and encrypting the requested data element; and
transmitting the encrypted data element to a device via a communications interface, the device comprising an additional processor.


Reasons For Allowance
The following is an examiner’s statement of reasons for allowance:
Claims 1-4, 6-13, 15-22 are considered allowable.

The instant invention is directed to an apparatus, method, and medium for utilizing access tokens to provide access to data between unrelated third party applications.

The closest prior art, as recited, Pellegrini et al. US Patent Application Publication 2019/0380020 and Cole US Patent Application Publication 2018/0115551, are also generally directed to various aspects of providing access to data between third party applications.  However, Pellegrini et al. or Cole does not teach or suggest, either singularly or in combination, the particular combination of steps or elements as recited in the independent claim(s) 1, 11, 20.  For example, none of the cited prior art teaches or suggests the steps of:
Regarding Claim 1:
receiving a first request including an access token, an application identifier, and first credential data associated with an application program, for an element of data, obtaining one or more ledger blocks of a distributed ledger from a data repository, and based on the application identifier, obtaining second credential data associated with the application program from the one or more ledger blocks of the distributed ledger, establishing a correspondence between the first credential data and the second credential data, when the first credential data corresponds to the second credential data, determining that the requested data element is accessible to the application program and executing operations that validate the access token, based on the validation of the access token, obtaining and encrypting the requested data element and transmitting the encrypted data element to a device
When combined with the additional limitations found in Claim 1.

Regarding Claim 11:
receiving a first request including an access token, an application identifier, and first credential data associated with an application program, for an element of data, obtaining one or more ledger blocks of a distributed ledger from a data repository, and based on the application identifier, obtaining second credential data associated with the application program from the one or more ledger blocks of the distributed ledger, establishing a correspondence between the first credential data and the second credential data, when the first credential data corresponds to the second credential data, determining that the requested data element is accessible to the application program and executing operations that validate the access token, based on the validation of the access token, obtaining and encrypting the requested data element and transmitting the encrypted data element to a device
When combined with the additional limitations found in Claim 11.

Regarding Claim 20:
receiving a first request including an access token, an application identifier, and first credential data associated with an application program, for an element of data, obtaining one or more ledger blocks of a distributed ledger from a data repository, and based on the application identifier, obtaining second credential data associated with the application program from the one or more ledger blocks of the distributed ledger, establishing a correspondence between the first credential data and the second credential data, when the first credential data corresponds to the second credential data, determining that the requested data element is accessible to the application program and executing operations that validate the access token, based on the validation of the access token, obtaining and encrypting the requested data element and transmitting the encrypted data element to a device
When combined with the additional limitations found in Claim 20.

Therefore Claims 1-4, 6-13, 15-22 of the instant application are allowable over the cited prior art.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Lu - US_20140189799_A1_I: Lu teaches the authorization of a third party application to utilize a resource by multi-factor authorization.
Ashley et al - US_20050154889_A1_I: Ashley et al teaches a lightweight public key based procedure utilized by a GSS protocol to enhance flexibility.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789.  The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw, can be reached on 571-272-8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2498