Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Response to Amendment
This Action is responsive to the Applicant’s Amendment/Remarks filed on 11/05/2021.  In the Amendment, applicant amended claims 21 and 31. Claims 30 and 40 are cancelled.   As necessitated by the Amendment, Examiner hereby respectfully withdraws 35 U.S.C § 101 rejections to claims 21-40.

As to Arguments and Remarks filed in the Amendment, please see Examiner’s responses shown after Rejections - 35 U.S.C § 103.
Please note claims 21-29 and 31-39 are pending.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the "right to exclude" granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b).
This is a None-provisional obviousness-type double patenting rejection because the conflicting claims have not in fact been patented.
Claims 21-29 and 31-39 are rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 1-10 of Patent No. 10,606902.  Although the conflicting are not patentably distinct from each other because since the claims of the Patent No. 10,606,902 contains every element of the claims of the instant application, and as such, anticipate the claims of the instant application. (See table below).	

Patent No. 10,606902 claim 1
A method for maintaining user groups, comprising:
 	



making a first determination that a change occurred in a user group repository, wherein the first determination is based on a user being removed from a first user group; 
 	performing an update, based on the first determination, to a user group cache, comprising:
 	removing, from a user cache entry of the user group cache, a plurality of user groups associated with the user; and 
 	modifying, after the update, a user access vector cache.

 A method for servicing document search requests, comprising: 
    receiving, by a document management service, a document search query from a requesting user; 
   injecting, into the document search query, a user access vector, wherein the user access vector specifies, for the requesting user, access control lists that are associated with the requesting user, wherein the user access vector is obtained from a user access vector cache, located on the document management service, and wherein the user access vector cache is populated using content in an access control repository located on a repository server; generating an entry for the requesting user in a user group cache, comprising: 
   associating the ancestor groups with the requesting user; identifying, in a document repository, documents that match the document search query with the injected user access vector, wherein a matching document requires a match of terms in the document search query with terms in the matching document, and a match of at least one access control list specified in the matching document and at least one of the access control lists specified in the user access vector; and making a determination that an added user was added to a user group, in a user group repository, and based on the determination: identifying, in the user group repository, an ancestor group of the added user; associating the ancestor group with the added user, in the user group cache; and purging the entry for the added user, in the user access vector cache.


Claims 1-6 of Patent No.10,606902 satisfies all the elements of claims 21-29 of the instant application, and as such, anticipates the claims of instant application. 
	 

Instant Application claim 31
Patent No. 10,606902 claim 1
A non-transitory computer readable medium comprising instructions which, when executed by a computer processor, enables the computer processor to perform a method for maintaining user groups, the method comprising:
 	making a first determination that a change occurred in a user group repository, wherein the first determination is based on a user being removed from a first user group; 
performing an update, based on the first determination, to a user group cache, comprising:

 	modifying, after the update, a user access vector cache.


    receiving, by a document management service, a document search query from a requesting user; 
   injecting, into the document search query, a user access vector, wherein the user access vector specifies, for the requesting user, access control lists that are associated with the requesting user, wherein the user access vector is obtained from a user access vector cache, located on the document management service, and wherein the user access vector cache is populated 
   associating the ancestor groups with the requesting user; identifying, in a document repository, documents that match the document search query with the injected user access vector, wherein a matching document requires a match of terms in the document search query with terms in the matching document, and a match of at least one access control list specified in the matching document and at least one of the access control lists specified in the user access vector; and making a determination that an added user was added to a user group, in a user group repository, and based on the determination: identifying, in the user group repository, an ancestor group of the added user; associating the ancestor group with the added user, in the user group cache; and purging the entry for the added user, in the user access vector cache.


Claims 1-6 of Patent No.10,606902 satisfies all the elements of claims 31-39 of the instant application, and as such, anticipates the claims of instant application. 
 
 

Examiner Notes
Examiner cites particular columns, paragraphs, figures and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in their entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
 
Claims 21-29 and 31-39 are rejected under 35 U.S.C. 103 as being unpatentable over Donahue et al. (US PGPUB 2013/0212707, hereinafter Donahue), in view of Pugh (US PGPUB 2012/0278903, hereinafter Pugh) and further in view of Johnson et al. (US PGPUB 2006/0282900, hereinafter Johnson).
As per as claim 1, Donahue discloses:
 (Currently Amended) A method for maintaining user groups, comprising:
 	Making, by a document management service, a first determination that a change occurred in a user group repository located on a repository server, wherein the first determination is based on a user being removed from a first user group (Donahue, e.g., [0018-0019], [0086], (access expiration for particular user and granted permission for different users or group to view document) (the examiner asserts that access expired =  change occurred in a user group and removed from a first group) 
 	performing an update, based on the first determination, to a user group cache located on the document management service, comprising:
 	removing, from a user cache entry of the user group cache, a plurality of user groups associated with the user (Donahue, e.g., [0101-0102], [0135], [0140], “…User or Group membership modification--If a user's key is revoked (e.g., because they leave the company) or if the user is removed from a group…”); and 
 	modifying, after the update, a user access vector cache (Donahue, e.g., [0091-0093], [0101-0102], “…ACLs are created or modified (e.g., at the time of securing, or when ACL definitions are changed). Once ACLs are in canonical form, it can be much simpler to evaluate ACLs on both the clients 980 and the server 900 since determining membership within groups as well as determining relevant authorizations for specific authenticated users …”), located on the document management service, wherein modifying the user access vector is based on a document search query that requests the user access vector cache.
	To make records clearer regarding to the languages of “modifying, after the update, a user access vector cache, located on the document management service, wherein modifying the user access vector is based on a document search query that requests the user access vector cache” (although as stated above, Donahue functional discloses the features of modifying, after the update, a user access vector cache). 
Pugh, in an analogous art, discloses “modifying, after the update, a user access vector cache, located on the document management service, wherein modifying the user access vector is based on a document search query that requests the user access vector cache” (Pugh, e.g., [abstract], [0029], “…receives changes to a user's status or a group's status and propagates the changes through the system to generate flat tables that describe to which computer resources a given entity is entitled. An administrator can then perform certain management tasks with ease, such as querying "which computer resources does entity X have access to?" or "which entities are members of Y group?"…”) and  [0036-0038], “…modifies the rule trees 500 and 501 to point to the new group 502 by replacing the logic clauses 506 and 508 with the new clause "In Group Managers" 520 to the rule tree 500 to yield new rule tree 500a and similarly replacing the logic clauses 512 and 514 with the new clause "In Group Managers" 520 in rule tree…” and further see [0072] and [0092], “…Administrator Administrator explicitly modifies the User/Group a User- AppEntitlement to add an entitlement for a user activated or group. entitlement The Request Process will modify the AppEntitlement table 1020. The UserEntitlements sync 1014 will update the UserEntitlement table 1026 with any changes, and will execute any state changes as a result. Giving a Administrator Administrator explicitly modifies the User/Group an AppEntitlement 1020 table to add an entitlement Auto-activated for a user or group. entitlement The Request Process will modify the AppEntitlement 1020 table. The UserEntitlements sync 1014 will update the UserEntitlement 1026 table with any changes, and will execute any state changes as a result. Removing an Administrator Administrator explicitly modifies the entitlement from a AppEntitlement 1020 table to add Pugh and Donahue to update a user group that belong to the group data repository to archiving in better protect/secure user file/work/system from unauthorized access to the system (Pugh, e.g., [abstract], [0029] and [0049]).
	To further clarify the language of “updating a user group cache” and “local/private/member user cache”.
	However Pugh, in an analogous art, discloses “updating a user group cache” and “local/private/member user cache” (Johnson, e.g., figs. 1A-B and 2A, associating with texts description, [0024-0032] and [0039-0044], “…control list might indicate what user secrets can be read, or cached locally… updates of indicia between an originating computer system and another computer system can help ensure that the other computer system only provides access to authorized update… managing computer system A 100 comprises at least Group A 110, Group B 115, and Group C 120, which each include a variety of User objects 10, 20, 30, 40, 50, 60, and 70, and at least one resource control list ("RCL") 15, 25, 35 for each group. In one implementation, for example, a group is a status of resources, such as network administrator objects or branch manager objects that are allowed to access computer systems in a given network domain…”). Thus, it would have been obvious to one of ordinary skill in the art BEFORE the effective filling date of the claimed invention to combine the teaching of Johnson, Pugh and Donahue to control over how resources are shared is often     

As per as claim 22, the combination of Johnson, Pugh and Donahue discloses:
(Previously presented) The method of claim 21, wherein the plurality of user groups comprises the first user group and a second user group (Donahue, e.g., [0018-0019], [0086], (plurality groups)) and further see [0091-0093])..

As per as claim 23, the combination of Johnson, Pugh and Donahue discloses:
(Previously presented) The method of claim 22, wherein the update further comprises:
 	making an identification, in the user group repository, that the user is a member of the second user group (Donahue, e.g., [0091-0093], [0101-0102], “…ACLs are created or modified (e.g., at the time of securing, or when ACL definitions are changed). Once ACLs are in canonical form, it can be much simpler to evaluate ACLs on both the clients 980 and the server 900 since determining membership within ; and
 	associating, based on the identification, the second user group with the user cache entry (Donahue, e.g., [0091-0093], [0101-0102]) and further see (Pugh, e.g., [0032-0034], (access control tree)).

As per as claim 24, the combination of Johnson, Pugh and Donahue discloses:
(Previously presented) The method of claim 23, wherein modifying the user access vector cache comprises:
 	removing a user access entry from the user access vector cache (Donahue, e.g., [0101-0102], [0135], [0140], “…User or Group membership modification--If a user's key is revoked (e.g., because they leave the company) or if the user is removed from a group…”);
 	 generating, based on the removing, a new user access entry (Donahue, e.g., [0101-0102], [0135], [0140], “…User or Group membership modification--If a user's key is revoked (e.g., because they leave the company) or if the user is removed from a group…”); and 
 	adding, to the user access vector cache, the new user access entry (Donahue, e.g., [0091-0093], [0101-0102]) and see (Pugh, e.g., [0036-0038], “…adding a new group or modifying group or user information…”).

As per as claim 25, the combination of Johnson, Pugh and Donahue discloses:

(Previously presented) The method of claim 24, wherein generating the new user access entry comprises:
 	associating a first access control list with the new user access entry, wherein the first access control list specifies the second user group (Donahue, e.g., [0091-0093], [0101-0102]) and see (Pugh, e.g., [0017], [0029] and [0030]).

As per as claim 26, the combination of Johnson, Pugh and Donahue discloses:
(Previously presented) The method of claim 23, wherein modifying the user access vector cache comprises:
 	making a second determination that a first access control list of a user access entry of the user access vector cache specifies the first user group (Donahue, e.g., [0091-0093], [0101-0102]) and see (Pugh, e.g., [0017], [0029] and [0030]); and
 	removing, based on the second determination, the first access control list from the user access entry (Donahue, e.g., [0101-0102], [0135], [0140], “…User or Group membership modification--If a user's key is revoked (e.g., because they leave the company) or if the user is removed from a group…”).

As per as claim 27, the combination of Johnson, Pugh and Donahue discloses:
(Previously presented) The method of claim 26, wherein prior to removing the first access control list from the user access entry, modifying the user access vector cache further comprises:
 	making a third determination that the first access control list does not specify the second user group (Donahue, e.g., [0018-0019], [0086], (access expiration for particular user and granted permission for different users or group to view document), and
 	wherein removing the first access control list from the user access entry is further based on the third determination (Donahue, e.g., [0101-0102], [0135], [0140]).

As per as claim 28, the combination of Johnson, Pugh and Donahue discloses:
(Previously presented) The method of claim 26, wherein modifying the user access vector cache further comprises:
 	making a third determination that a second access control list of the user access entry specifies the second user group (Donahue, e.g., [0018-0019], [0086]); and
 	leaving, based on the third determination, the second access control list in the user access entry (Donahue, e.g., [0101-0102], [0135], [0140]).

As per as claim 29, the combination of Johnson, Pugh and Donahue discloses:
(Previously presented) The method of claim 21, wherein modifying the user access vector cache is based on the update (Donahue, e.g., [0091-0093], [0101-0102]) and (Pugh, e.g., [abstract], [0029], [0036-0038], [0072], [0092],  “…modifies the rule trees 500 and 501 to point to the new group 502 by replacing the logic clauses 506 and 508 with the new clause "In Group Managers" 520 to the rule tree 500 to yield new .

Claims 31-39 are  essentially the same as claims 21-29 except that they set forth the claimed invention as a non-transitory computer readable medium rather a method, respectively and correspondingly, therefore is rejected under the same reasons set forth in rejections of claims 21-29.

Response to Arguments
The Examiner respectfully reminds applicant of the broadest reasonable interpretation standard (See MPEP 2111), "During examination, the claims must be interpreted as broadly as their terms reasonably allow." In re American Academy of Science Tech Center, 367 F.3d 1359, 1369, 70 USPQ2d 1827, 1834 (Fed. Cir. 2004) (The USPTO uses a different standard for construing claims than that used by district courts; during examination the USPTO must give claims their broadest reasonable interpretation.) In Phillips v. AWH Corp., 415 F.3d 1303, 75 USPQ2d 1321 (Fed. Cir. 2005), the court further elaborated on the “broadest reasonable interpretation" standard and recognized that “The Patent and Trademark Office (“PTO") determines the scope of claims in patent applications not solely on the basis of the claim language, but upon giving claims their broadest reasonable construction."  Thus, when interpreting claims, the courts have held that Examiners should (1) interpret claim terms as broadly as their terms reasonably allows and 
Applicant’s arguments filed 11/05/2021 with respect to claims 21-29 and 31-39 have been considered but are moot in view of the new ground(s) of rejection necessitated by applicant's amendment to the claims.  Applicant's newly amended features are taught implicitly, expressly, or impliedly by the prior art of record (See the new ground(s) of rejection set forth herein above). 

Issue I:  Applicant argued on pages 8-16 (Remarks/Argument) regarding to 101 rejection.
Response I:  As necessitated by the Amendment, Examiner hereby respectfully withdraws 35 U.S.C § 101 rejections to claims 21-40.

Issue II:   Regarding to Double Patenting rejection to claims 21-29 and 31-39 on the ground of non-statutory double patenting as being unpatentable over claims 1-10 of U.S Patent No. 10,606,902.
Response II:   The Applicant requests holds the rejection in abeyance until all other issues on the merits have been resolved for the patent application. 

Issue III:  Applicant argued on pages 18-20 (Remarks/Argument) that the combination of Pugh and Donahue fail to disclose “modifying, after the update, a user access vector cache, located on the document management service, wherein modifying the user access vector is based on a document search query that requests the user access vector cache”.
Response III:   After review and consideration unless the applicant provide the detailing of each steps “modifying after updating”, otherwise the examiner asserts the administration can modify/change/refine the access for the group or specific of user and so on after the system has been updated, therefore the examiner respectfully submits Pugh, e.g., [abstract], [0029], “…receives changes to a user's status or a group's status and propagates the changes through the system to generate flat tables that describe to which computer resources a given entity is entitled. An administrator can then perform certain management tasks with ease, such as querying "which computer resources does entity X have access to?" or "which entities are members of Y group?"…”) and  [0036-0038], “…modifies the rule trees 500 and 501 to point to the new group 502 by replacing the logic clauses 506 and 508 with the new clause "In Group Managers" 520 to the rule tree 500 to yield new rule tree 500a and similarly replacing the logic clauses 512 and 514 with the new clause "In Group Managers" 520 in rule tree…” and further see [0072] and [0092], “…Administrator Administrator explicitly modifies the User/Group a User- AppEntitlement to add an entitlement for a user activated or group. entitlement The Request Process will modify the AppEntitlement table 1020. The UserEntitlements sync 1014 will update the UserEntitlement table 1026 with any changes, and will execute any state changes as a result. Giving a Administrator Administrator explicitly modifies the User/Group an AppEntitlement 1020 table to add an entitlement Auto-activated for a user or group. entitlement The Request Process will modify the AppEntitlement 1020 table. The UserEntitlements sync 1014 will update the UserEntitlement 1026 table with any 

The Examiner respectfully submits that, with respect to the totally newly amended subject matter, the Examiner respectfully cited proper paragraphs from cited reference to reject the claim in responsive to the newly amended, please refer to the corresponding section of the office action.

Additional Art Considered
The prior art made of record and not relied upon is considered pertinent to the Applicants’ disclosure.
The following patents and papers are cited to further show the state of the art at the time of Applicants’ invention with respect to access control lists that are associated with the requesting user and control specified group/user access particular documents.

a.	Hazelwood et al.; (US PGPUB 2006/0235850, herein after Hazelwood) “Method and system for access authorization involving group membership across a distributed 
Hazelwood further teaches access control list (ACL) for specific users and groups, and the access control list refers to specific user (private) and groups (public)   ([0009-0010]).
Hazelwood also teaches cache group and specific user ([0069]). 

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
The prior art made of record, listed on form PTO-892, and not relied upon, if any, is considered pertinent to applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TUAN A PHAM whose telephone number is (571)270-3173.  The examiner can normally be reached on M-F 7:45 AM - 6:30 PM
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi can be reached on 571-272-4078.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/TUAN A PHAM/Primary Examiner, Art Unit 2163