Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

	DETAILED ACTION
Response to Amendment
This action is in response to an amendment filed October 28, 2021. Claims 1-20 have been amended. Claims 1-20 remain pending in this application.

Response to Arguments
Applicant’s arguments, see Remarks, filed October 28, 2021, with respect to the rejection(s) of the claim(s) have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Davis et al. (US 2020/0125713 A1).

Claim Objections
Claims 3-9, 11-16, and 18-20 remain objected to because of the following informalities:  A comma is missing after the number in each preamble.  For example, claim 3 recites, “The method of claim 1 wherein receiving…”. The missing comma produces a run-on sentence. Please see the differences between claim 2, wherein Applicant(s) added the comma after the number 1, and claim 3, wherein Applicant(s) did not. Appropriate correction is required.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 8-11, and 16-17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Moreh et al. (US 2003/0046391 A1), in view of Davis et al. (US 2020/0125713 A1).

With respect to claim 1, Moreh discloses a method of dynamic authentication scheme selection in a distributed computing system executing instructions to provide multiple computing services including an authentication service (Abstract), the method comprising:
receiving, at the authentication service, data representing an authentication request from a computing service ([0044], client contacts an authentication agent and passes along user’s name, authentication scheme, and other data to the agent); and
in response to receiving the authentication request, 
analyzing, at the authentication service, the received data representing the authentication request for an indicator of an authentication scheme that is supported by the computing service submitting the authentication request ([0044]-[0046], successful interaction between client and agent confirms an 
upon successful authentication, transmitting, from the authentication service, a security token to the computing service useful for authenticating the computing service to other computing services in the distributed computing system, thereby dynamically selecting the authentication scheme from ‘the’ one or more authentication schemes supported at the authentication service for providing the security token in response to the received authentication request ([0026]-[0027], [0040], [0048], and [0065], upon successful authentication, protocol proxy creates a name assertion (credential) and passes it to client for identity verification of the client);
Moreh does not explicitly disclose:
determining, at the authentication service, whether the authentication scheme of the indicator matches one of one or more authentication schemes supported by the authentication service; and
in response to determining that the authentication scheme that is supported by the computing service matches one of the one or more authentication schemes supported by the authentication service, initiating, with the authentication service, an authentication process with the computing service according to the authentication scheme that is supported by both the computing service and the authentication service; 	However, Davis discloses: 
determining, at the authentication service, whether the authentication scheme of the indicator matches one of one or more authentication schemes supported by the authentication service ([0039], [0042], and [0047]-[0050], add-in 
in response to determining that the authentication scheme that is supported by the computing service matches one of the one or more authentication schemes supported by the authentication service ([0039], [0042], and [0047]-[0050], determining if authentication method is suitable for communication with web service), initiating, with the authentication service, an authentication process with the computing service according to the authentication scheme that is supported by both the computing service and the authentication service ([0083]-[0084], authenticate client side program for interaction with server side software);
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Moreh with the teachings of Davie and determine whether an authentication scheme of an indicator matches that of an authentication service, in order to efficiently adapt authentication schemes of a client side service and a service side service for seamless communication.
With respect to claim 2, the combination of Moreh and Davis discloses the method of claim 1, wherein Moreh teaches:
accessing, with the authentication service, a database containing records of authentication configuration indicating the one or more authentication schemes supported by the authentication service ([0060], database with authentication mechanism); and
Davis further discloses wherein determining, at the authentication service,  whether the authentication scheme of the indicator matches one of one or more 
With respect to claim 3, the combination of Moreh and Davis discloses the method of claim 1, wherein Moreh teaches receiving the data representing the authentication request from the computing service includes receiving the data representing the authentication request from the computing service at an authentication interface of the authentication service that is configured to facilitate the initiated authentication process with the computing service irrespective of the authentication scheme according to which the authentication process is initiated ([0044] and [0047], authentication request for access to server application is sent by the client using standard secure protocol).
With respect to claim 8, the combination of Moreh and Davis discloses the method of claim 1, wherein Moreh teaches the authentication request is formatted as a Hypertext Transport Protocol (HTTP) packet ([0167]);
analyzing, at the authentication service, the received data representing the authentication request includes analyzing, at the authentication service, the received HTTP packet of the authentication request with an HTTP listener of the authentication service ([0044] and [0167]); and 
initiating, with the authentication service, the authentication process includes:
, at the authentication service, an authentication handler corresponding to the authentication scheme that is supported by both the computing service and the authentication service ([0045]-[0046]); and
instructing the selected authentication handler to initiate the authentication process with the computing service ([0045]-[0046]).
With respect to claim 9, the combination of Moreh and Davis discloses the method of claim 1 wherein Moreh teaches: 
the authentication request is a first authentication request ([0044]-[0046]); 
the authentication scheme is a first authentication scheme ([0044]-[0046]); 
the computing service is a first computing service ([0044]-[0046]); 
the method further includes, upon receiving a second authentication request from a second computing service, 
upon successful authentication, transmitting, from the authentication service,  another security token to the second computing service useful for authenticating the second computing service to other computing services in the distributed computing system ([0044]-[0046]); and 
	Davis further discloses:
analyzing, at the authentication service, the received second authentication request for an indicator of a second authentication scheme that is supported by the second computing service, the second authentication scheme being different than the first authentication scheme ([0039], [0042], and [0047]-[0050], add-in which includes module 20 interrogates web service for common 
determining, at the authentication service, whether the second authentication scheme is supported by the authentication service ([0039], [0042], and [0047]-[0050], determining if authentication method is suitable for communication with web service); and
in response to determining that the second authentication scheme is supported by the authentication service, initiating, with the authentication service, another authentication process with the second computing service according to the second authentication scheme ([0083]-[0084], authenticate client side program for interaction with server side software); and
	With respect to claim(s) 10-11 and 16-17, the computing device and method of claim(s) 10-11 and 16-17 does/do not limit or further define over the method of claim(s) 1, 3, and 8. The limitations of claim(s) 10-11 and 16-17 is/are essentially similar to the limitations of claim(s) 1, 3, and 8. Therefore, claim(s) 10-11 and 16-17 is/are rejected for the same reasons as claim(s) 1, 3, and 8. Please see rejection above.	














Claims 4-7, 12-15 and 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Moreh et al. (US 2003/0046391 A1), in view of Davis et al. (US 2020/0125713 A1), and further in view of James et al. (US 2010/0251345 A1), from Applicant(s)’ IDS.

With respect to claim 4, the combination of Moreh and Davis discloses the method of claim 1, but does not explicitly teach wherein analyzing, at the authentication service,  the received data representing the authentication request includes:
parsing, at the authentication service,  a header of the authentication request;
determining, at the authentication service,  whether the parsed header contains a value representing an indication that Windows authentication is enabled; and
in response to determining that the parsed header contains a value representing an indication that Windows authentication is enabled, indicating, at the authentication service,  that the computing service supports Windows authentication;
However, James discloses analyzing, at the authentication service,  the received data representing the authentication request includes:
parsing, at the authentication service,  a header of the authentication request ([0027], parsing the HTTP authorization header containing scheme identifier);
determining, at the authentication service,  whether the parsed header contains a value representing an indication that Windows authentication is enabled ([0027], scheme identifier); and
in response to determining that the parsed header contains a value representing an indication that Windows authentication is enabled, indicating, at the authentication service,  that the computing 
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Moreh and Davis with the teachings of James and parse a header of an authentication request to indicate support for authentication, in order to obtain information on which authentication scheme is supported by the client device for performing authentication of the client device.
With respect to claim 5, the combination of Moreh and Davis discloses the method of claim 1, but does not explicitly teach wherein analyzing, at the authentication service,  the received data representing the authentication request includes:
parsing, at the authentication service,  a header of the authentication request;
determining, at the authentication service,  whether the parsed header contains a value representing an indication that an authentication token is included with the authentication request; and 
in response to determining that the parsed header contains a value representing an indication that an authentication token is included with the authentication request, indicating, at the authentication service,  that the computing service supports bearer authentication;
However, James discloses wherein analyzing, at the authentication service,  the received data representing the authentication request includes:
parsing, at the authentication service,  a header of the authentication request ([0027], parsing the HTTP authorization header containing scheme identifier);
determining, at the authentication service,  whether the parsed header contains a value representing an indication that an authentication token is included with the authentication request ([0027], scheme identifier); and
, at the authentication service,  that the computing service supports bearer authentication ([0027], determining support for authentication scheme);
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Moreh and Davis with the teachings of James and parse a header of an authentication request to indicate support for authentication, in order to obtain information on which authentication scheme is supported by the client device for performing authentication of the client device.
With respect to claim 6, Moreh discloses the method of claim 1, wherein analyzing the received data representing the authentication request includes:
….determining, at the authentication service,  whether the authentication request is digitally signed with a digital signature ([0066], signature verification); and 
in response to determining that the authentication request is digitally signed with a digital signature, indicating that the computing service supports certificate authentication ([0067] and [0069], verification of digital certificates);
The combination of Moreh and Davis does not explicitly teach wherein analyzing, at the authentication service,  the received data representing the authentication request includes:
parsing, at the authentication service,  a payload of the authentication request; and
based on the parsed payload….; 
However, James discloses analyzing, at the authentication service,  the received data representing the authentication request includes parsing, at the authentication service,  a payload of the authentication request ([0027], parsing the HTTP authorization header containing scheme identifier);

Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Moreh and Davis with the teachings of James and parse a header of an authentication request to indicate support for authentication, in order to obtain information on which authentication scheme is supported by the client device for performing authentication of the client device.
With respect to claim 7, the combination of Moreh and Davis discloses the method of claim 1, but does not explicitly teach wherein analyzing, at the authentication service,   the received data representing the authentication request includes:
parsing, at the authentication service,   a header of the authentication request;
determining, at the authentication service,   whether the header of the authentication request contains an authentication scheme selected by the computing service; and 
in response to determining that the authentication request contains an authentication scheme selected by the computing service, indicating, at the authentication service, that the computing service supports the authentication scheme selected by the computing service;
However, James discloses wherein analyzing, at the authentication service, the received data representing the authentication request includes:
parsing, at the authentication service, a header of the authentication request ([0027], parsing the HTTP authorization header containing scheme identifier);
, at the authentication service, whether the header of the authentication request contains an authentication scheme selected by the computing service ([0027], scheme identifier); and
in response to determining that the authentication request contains an authentication scheme selected by the computing service, indicating, at the authentication service, that the computing service supports the authentication scheme selected by the computing service ([0027], determining support for authentication scheme);
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Moreh and Davis with the teachings of James and parse a header of an authentication request to indicate support for authentication, in order to obtain information on which authentication scheme is supported by the client device for performing authentication of the client device.
	With respect to claim(s) 12-15 and 18-20, the computing device and method of claim(s) 12-15 and 18-20 does/do not limit or further define over the method of claim(s) 4-7. The limitations of claim(s) 12-15 and 18-20 is/are essentially similar to the limitations of claim(s) 4-7. Therefore, claim(s) 12-15 and 18-20 is/are rejected for the same reasons as claim(s) 4-7. Please see rejection above.	


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ESTHER B. HENDERSON whose telephone number is (571)270-3807.  The examiner can normally be reached on Monday-Friday 6a-2p ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kevin T. Bates can be reached on 571-272-3980.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

/ESTHER B. HENDERSON/Primary Examiner, Art Unit 2458                                                                                                                                                                                                        February 4, 2022