DETAILED ACTION
The instant application having Application No. 16/837324 filed on April 1, 2020 is presented for examination by the examiner.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Oath/Declaration
The applicant’s oath/declaration has been reviewed by the examiner and is found to conform to the requirements prescribed in 37 C.F.R. 1.63.

Information Disclosure Statement
As required by M.P.E.P. 609(C), the applicant’s submission of the Information Disclosure Statements submitted on 04/01/2020, and 05/03/2020 are acknowledged by the examiner and the cited references have been considered in the examination of the claims now pending. As required by M.P.E.P. 609(C), a copy of the PTOL-1449 initialed and dated by the examiner is attached to the instant office action.
Drawings
The applicant’s drawings submitted on 04/01/2020 are acceptable for examination purposes.

Specification
The applicant’s Specification submitted on 04/01/2020 is acceptable for examination purposes.

Claim Objections
Claims 1, 8, and 15 are objected to because of the following informalities:
Regarding claims 1, 8, and 15 the claims recite “responsive to the second system node not having the user with second set of the user credentials …" which should be “responsive to the second system node not having the user with the second set of the user credentials …" as “the second set of the user credential” has previously been defined in the “determine if the second system node has a user with the second set of the user credentials” step. Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Regarding claims 1, 8, and 15 the limitation includes “responsive to the second system node not having the user with second set of the user credentials”. It is unclear if the limitation is referring to a user in the authenticating step or a user in the determining step. Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 8-13, and 15-19 are rejected under 35 U.S.C. 103 as being unpatentable over Yim et al. (US Pub 2018/0159687), hereinafter referred to as Yim, and in view of Esaki et al. (US Pub 2013/0219461), hereinafter referred to as Esaki.

Regarding claims 1-6, 8-13, and 15-19
Regarding claim 1, Yim teaches a system, comprising: 
a processor of a first system node (Yim, par 45, multiple identity management system, and/or one or more components thereof, may be implemented via one or more general purpose and/or special purpose components, such as one or more discrete circuits, digital signal processing chips, integrated circuits, application specific integrated circuits, microprocessors, processors, programmable arrays, field programmable arrays, instruction set processors, and/or the like); 
(Yim, par 46, one or more memories (not shown) including code (e.g., instructions) configured to cause multiple identity management system,): 
authenticate a user based on a first set of user credentials (Yim, par 57, User authentication unit 22 receives an access token for user authentication through communication with first service server 30 in response to a user authentication request from user terminal … For example, when there is a login request for external authentication from an application installed in user terminal 10, user authentication unit 22 communicates with corresponding first service server 30 to authenticate the user ID, Examiner submits an access token and the user ID are a “first set of user credentials”); 
compute a second set of user credentials for a second system node (Yim, par 58, Identification number authentication unit 23 receives the user ID through communication with first service server 30 to generate or verify a user identification number and transmits the verified user identification number to second service server 40, generating identification number is mapped to “compute a second set of user credentials”).
determine if the second system node has a user with the second set of the user credentials (Yim, par 58, when the user identification number corresponding to the user ID exists, identification number authentication unit 23 authenticates the corresponding user identification number, discloses checking whether second node has a user with the second of credentials and authenticating user based on the identification number mapped to the second set of credentials).
However, Yim does not expressly teach following limitations:
responsive to the second system node not having the user with second set of the user credentials, delete an existing user of the second system node.
Esaki teaches responsive to the second system node not having the user with second set of the user credentials (Esaki, par 23, Specifically, after the service provider receives a service request from the user, the service provider checks that information sufficient to register the user's account is not held. After checking, the service provider requests the ID provider to provide a user attribute, and the ID provider provides the service provider with a desired user attribute. As a result, the data processing system executes account registration and collaboration in the process of the SSO), delete an existing user of the second system node (Esaki, par 70, For example, it is an instruction “a request for “registering a new user” is permitted, but “ID of idle user is deleted” has to be reliably executed”, Examiner submits ID of idle user is “an existing user” which is being deleted. Esaki, Fig. 4, further discloses there’s an upper limit of user accounts in the service provider, and when reached, it deletes one or more accounts in the service provider. Esaki, par 179, it is determined whether or not the number of users of the service provider ID (here, SP (1)) in the account collaboration received in the service use status information acquired from the IDP service use status store 202 by the authentication collaboration policy evaluating unit 210 in step S32 reaches the upper limit, and when the number of users of SP (1) reaches the upper limit, discloses the situation when a previously registered user is deleted).
	Yim and Esaki are from a similar field of technology, respectively related to: (i) having a system which manages user identity credentials using Single Sign On scheme; (ii) allowing a user to access to other service provider through identity management system. Therefore, it would have been obvious to one ordinary skilled in the art before the effective filing date of the claimed invention to incorporate the teaching of Yim with the system and method of Esaki to delete users when the number of users of service provider reaches the upper limit before register a new user to the service provider (Esaki, par 179).
	
Regarding claim 8, it is a method claim that encompasses limitations similar to those of system claim 1. Therefore, claim 8 is rejected with the motivation and rational as applied against claim 1.

Regarding claim 15, it is a non-transitory computer readable medium claim that encompasses limitations similar to those of system claim 1. Therefore, claim 15 is rejected with the motivation and rational as applied against claim 1.

Regarding claim 2, Yim and Esaki teach the system of claim 1. Esaki further teaches wherein the instructions further cause the processor to create a user of the second system node with the second set of the user credentials (Esaki, par 123, issuing a new SP side user ID when the operation information is “account registration,” and registering the issued SP side user ID and the user attribute partial information 302a included in the account collaboration request message to the SP user repository 302 in association with each other, Examiner submits SP side user ID and the user attribute partial information are the second sets of the user credentials, which are used to register new user in the second system).

Regarding claim 9, it is a method claim that encompasses limitations similar to those of system claim 2. Therefore, claim 9 is rejected with the motivation and rational as applied against claim 2.

Regarding claim 16, it is a non-transitory computer readable medium claim that encompasses limitations similar to those of system claim 2. Therefore, claim 16 is rejected with the motivation and rational as applied against claim 2.

Regarding claim 3, Yim and Esaki teach the system of claim 2. Esaki further teaches wherein the instructions further cause the processor to authenticate the user with the second system node based on the second set of the user credentials to access services of the second system node (Esaki, par 148, upon receiving the service request from the user, the SP authentication collaborating unit 306 determines whether or not the service request includes the authentication token, discloses SP authentication unit checking user whether the service request includes the authentication token. Esaki, par 149, when it is checked that the authentication token is present, that is, when authentication collaboration is finished, the service provider device 300 provides the user with a service requested, discloses authentication token is required for the service provider to provide a service requested. Esaki, par 199, when permission is decided in step S55, the SP authentication collaborating unit 306 issues the authentication token. The authentication token may be stored in a temporary storage unit (not illustrated) of the service provider device 300 in association with the authentication collaboration ID and the user ID, discloses authentication token is issued when permission is decided to provide the service to a user, and the authentication token is associated with the authentication collaboration ID and the user ID, granting access to access services to users with user ID associated with the authentication token only).

Regarding claim 10, it is a method claim that encompasses limitations similar to those of system claim 3. Therefore, claim 10 is rejected with the motivation and rational as applied against claim 3.

Regarding claim 17, it is a non-transitory computer readable medium claim that encompasses limitations similar to those of system claim 3. Therefore, claim 17 is rejected with the motivation and rational as applied against claim 3.

Regarding claim 4, Yim and Esaki teach the system of claim 1. Esaki further teaches wherein the second system node has a limited pool of users available for use by the first system node (Esaki, par 179, it is determined whether or not the number of users of the service provider ID (here, SP (1)) in the account collaboration received in the service use status information acquired from the IDP service use status store 202 by the authentication collaboration policy evaluating unit 210 in step S32 reaches the upper limit, and when the number of users of SP (1) reaches the upper limit, Examiner submits IDP service and service provider are first system node and second system node respectively, and service provider has a upper limit is mapped to “the second system node has a limited pool of users”).

Regarding claim 11, it is a method claim that encompasses limitations similar to those of system claim 4. Therefore, claim 11 is rejected with the motivation and rational as applied against claim 4.

Regarding claim 5, Yim and Esaki teach the system claim of 4. Esaki further teaches wherein the instructions further cause the processor to determine if the pool of the users has been filled (Esaki, par 179, it is determined whether or not the number of users of the service provider ID (here, SP (1)) in the account collaboration received in the service use status information acquired from the IDP service use status store 202 by the authentication collaboration policy evaluating unit 210 in step S32 reaches the upper limit). 

Regarding claim 12, it is a method claim that encompasses limitations similar to those of system claim 5. Therefore, claim 12 is rejected with the motivation and rational as applied against claim 5.

Regarding claim 18, it is a non-transitory computer readable medium claim that encompasses limitations similar to those of system claim 5. Therefore, claim 18 is rejected with the motivation and rational as applied against claim 5.

Regarding claim 6, Yim and Esaki teach the system claim of 5. Esaki further teaches wherein the instructions further cause the processor to, responsive to the determining that the pool of the users has been filled, delete the existing user of the second system node (Esaki, par 179, it is determined whether or not the number of users of the service provider ID (here, SP (1)) in the account collaboration received in the service use status information acquired from the IDP service use status store 202 by the authentication collaboration policy evaluating unit 210 in step S32 reaches the upper limit, and when the number of users of SP (1) reaches the upper limit, discloses the checking whether the number of users reaches the upper limit Esaki, par 70, it is an instruction “a request for “registering a new user” is permitted, but “ID of idle user is deleted” has to be reliably executed”. Esaki, par 179, when the number of users of SP (1) reaches the upper limit, the search of step S43 may be performed. Esaki, par 182, adding a “deletion” instruction to the deletion target account acquired in step S43 as an operation instruction, and transmits the generated account collaboration request message to the SP account provisioning unit 308 of the service provider device, Examiner submits ID of idle user is a “existing user”, and discloses when reaching the upper limit, S43 search for the target deletion account, and targeted account will be deleted in order to request to register a new user).

Regarding claim 13, it is a method claim that encompasses limitations similar to those of system claim 6. Therefore, claim 13 is rejected with the motivation and rational as applied against claim 6.

Regarding claim 19, it is a non-transitory computer readable medium claim that encompasses limitations similar to those of system claim 6. Therefore, claim 19 is rejected with the motivation and rational as applied against claim 6.

Claims 7, 14, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Yim et al. (US Pub 2018/0159687), hereinafter referred to as Yim, and in view of Esaki et al. (US Pub 2013/0219461), hereinafter referred to as Esaki, and in further view of Uhr (WO 2020189927), hereinafter referred to as Uhr.

Regarding claim 7, 14, and 20
Regarding claim 7, Yim and Esaki teach the system of claim 1, wherein the instructions further cause the processor [to execute a smart contract] to delete the existing user of the second system node (Esaki, par 70, For example, it is an instruction “a request for “registering a new user” is permitted, but “ID of idle user is deleted” has to be reliably executed”, Examiner submits ID of idle user is “an existing user” which is being deleted. Esaki, Fig. 4, further discloses there’s an upper limit of user accounts in the service provider, and when reached, it deletes one or more accounts in the service provider). 
However, Yim and Esaki does not expressly teach to execute a smart contract. 
Uhr teaches wherein the instructions further cause the processor to execute a smart contract to delete the existing user of the second system node (Uhr, par 58, user identities may include all user-related characteristic information such as user name. Uhr, par 125, Then, at least one blockchain node 300 of the blockchain network verifies the first specific user signature value and, if the first specific user signature value is valid, executes the specific user smart contract to correspond to the specific user specific identity claim ID A specific user-specific identity claim deletion transaction for deleting a specific user-specific identity claim is registered in the distributed ledger, discloses execution of a smart contract to delete user identity claim, which includes user-related characteristic information). 
Yim, Esaki, and Uhr are from a similar field of technology, respectively related to: (i) having a system which manages user identity credentials using Single Sign On scheme; (ii) allowing a user to access to other service provider through identity management system. Yim in view of Esaki teaches deleting an existing user account in order to create a new user account once the upper limit has been reached. Uhr teaches using a smart contract to execute deletion of user identity which includes user-related characteristic information. Therefore, it would have been obvious to have improved upon the teachings of Yim in view of Esaki by adding the teachings of Uhr for the purpose of using a smart contract to automatically delete an existing user account in 

Regarding claim 14, it is a method claim that encompasses limitations similar to those of system claim 7. Therefore, claim 14 is rejected with the motivation and rational as applied against claim 7.

Regarding claim 20, it is a non-transitory computer readable medium claim that encompasses limitations similar to those of system claim 7. Therefore, claim 20 is rejected with the motivation and rational as applied against claim 7.

Related Prior Art

The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure includes:
Cage (US Pub 2021/0185091) – teaches SSO and smart contract which manages identity of users
Sundaresan (US Pub 2019/0190724) – teaches generating set of credentials which is used by multi-party platform
Cicchtto (US Pub 2016/02487526) – teaches remote user creating account on third-party application
Barriga (US Pub 2005/0154913) – teaches Single Sign-On authentication for different service providers
Nishio (US Pub 2002/0107810) – teaches predetermined number of users that have access to the service

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUNGWOO LEE whose telephone number is (571)272-1332. The examiner can normally be reached Monday - Friday 8:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571)272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 



/J.L./Examiner, Art Unit 2498                                                                                                                                                                                                        

/JOHN B KING/Primary Examiner, Art Unit 2498