PNG
    media_image1.png
    340
    340
    media_image1.png
    Greyscale
122294
United States Patent and Trademark Office    
        
            
                                
            
        
    

Commissioner for Patents
United States Patent and Trademark Office
P.O. Box 1450
Alexandria, VA 22313-1450
www.uspto.gov











BEFORE THE PATENT TRIAL AND APPEAL BOARD


Application Number: 16/122,294
Filing Date: 5 Sep 2018
Appellant(s): Acharya et al.



__________________
Melanie Grover Reg. No. 63,599
For Appellant


EXAMINER’S ANSWER





This is in response to the appeal brief filed on 11/10/2021 appealing from the office action mailed on 04/06/2021.

04/06/2021 from which the appeal is taken is being maintained by the examiner except for the grounds of rejection (if any) listed under the subheading “WITHDRAWN REJECTIONS.”  New grounds of rejection (if any) are provided under the subheading “NEW GROUNDS OF REJECTION.”

Response to Argument 

A.	The following ground(s) of rejection are applicable to the appealed claims 1, 6-9 and 21 35 U.S.C COATS (WO 2016182555) in view of Gajda et al (hereinafter Gajda) (US 20140137248).

Cited reference Coats 

Coats is directed towards system and method for performing multi-factor authentication including authentication of users and physical location of the user. The system may perform multifactor authentication if the user is not within a particular location and bypass multifactor authentication if the user is within particular space time region.
Coats discloses mobile device receives an authentication request to authentication service provider para [0040]. The authentication request contains credential associated with device para [0042]. Determine based on the request and based on authorized user location whether the user is an authorized space time region [0028-0034] and when it is determined that request is coming from unauthorized location then bypass multifactor authentication is denied. If the user is within authorized space time region then the user is successfully logged in without going to addition authentication (i.e. bypassing multifactor authentication).

ii)	Cited reference Gajda

Gajda discloses generating link for accessing resource [0004, 0020 and 0035]. Generating a token including time stamp, nonce, random number and a user identifier [0021 and 0031]. Embedding the generated token in the link [0021 and 0033-0035] and passing the link containing the token to client browser for loading return scripts from web services.

iii)	 The rejection relies on impermissible hindsight

In response to appellants argument on page 11 of appeal brief that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning.  But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971). In this case Coats teaches performing multifactor authentication process for a user to access secure resource once user is not within authorized location (see para [0017-0020]) and authentication token is generated and the users is validated based on the authentication token to access secure resource once user is outside of the approved location (See on [0034-0037]). In other words Coats teaches accessing secure resource based on authentication token once user is outside of approved location.  Coats fails to teach generating a link for accessing resource as required by the claim. To remedy the deficiency, the teaching of 
	The appellant on page 12 of appeal brief further argues that Coats does not disclose redirection as part of token verification process of multi-factor authentication. Therefore redirection link of Gajda can be issue in a login process when combined with Coats. The examiner acknowledges appellants point of view but respectfully disagrees because the appellant is only looking at one aspect of the return link as redirection from one service from another service during verification process, however Gajda Fig 2 and associated text on [0020-0026] explain the return link for performing action such as loading return script from web service. Furthermore on Fig 3 block 355-390 and text on [0034-0038] teaches after login process extracting token from the return link and performing action once the token matches with the stored token (i.e. this whole process is not a redirection process as argued by the appellant). See on [0024] teaches the action 240 may correspond to loading of scripts, code, or other content associated with action 240 being loaded from the web service 110 to the client browser 130. Therefore return link of Gajda when combined with coats will be used for accessing resources. 
The appellant on page 12 last para of appeal brief further argues that there is no rational reason from protecting against cross-site request forgeries by combining the teaching of transmitting token in a return link for comparison borrowed from Gajda into the teaching of Coats because there is no opportunity for redirection in this manual process. The examiner respectfully disagrees because as explained above the process of generating a link for accessing resource based on matching token when combined with the teaching of coats of accessing resource based on authentication token will result in link (i.e. teaching of Gajda) for accessing resource once token is validated (i.e. teaching of Coats) with the motivation of secure access of resource [Gajda 0001].
 	The appellant on page 13 of remarks further argues that introducing a link (i.e. from Gajda) rather than text message into Coats will introduce XSRF attacks (i.e. from Gajda). Therefore 
	The appellant on page 13 last para of appeal brief further argues that Coats already discloses “securely accessing resource” via two factor authentication without any modification to the Coats. The appellant further on page 14 argues that obviousness cannot be established when both reference independently teach the same function as per the Federal circuit. That is the case with Coats and Gajda both teach “secure access resource”. The examiner acknowledges appellant point of view but respectfully disagree because Coats as explained in Final office action fails to teach generating a link for accessing resource and embedding a token containing timestamp, random number and license resource information in the link. The examiner relied upon Gajda to teach the above elements to establish prima facie obviousness for person of ordinary skills with the motivation of secure exchange of information as explained above. In other words Coats teaches securely accessing resource once the authentication token is validated [0017-0020 and 0030-0035], although Coats inherently teaches accessing resource using link or some kind of channel, but fails to explicitly teach token containing timestamp, random number and license resource information and embedding the token in a link for securely accessing resource. Therefore an authentication token for accessing resource in Coats when modified with token containing timestamp, random number and license resource information embedded in a link (i.e. teaching from Gajda) for accessing the resource results in improving the multi-factor authentication security in Coats.  


iv)	Coats and Gajda fail to disclose or suggest “generating a link for accessing the controlled access resource” 
In response to appellant argument on page 15 para 1 of appeal brief that the examiner fails to properly ascertain the difference between the claimed subject matter and the teaching of Coats and Gajda. Therefore it’s not clear why the claimed invention would have been obvious. The examiner acknowledges appellants point of view but respectfully disagrees because an authentication token for accessing resource in Coats when modified with token containing timestamp, random number and license resource information embedded in a link (i.e. teaching from Gajda) for accessing the resource results in improving the multi-factor authentication security by providing an extra layer of security when accessing resource from outside of approved space time region in Coats. See section (iii) of examiners answer to appeal brief for more detail why the claimed invention would have been obvious. 

In response to appellants argument on page 15 last para of appeal brief that a link configured for carrying the token to the client is not a link configured “for accessing the controlled access resource at a server” while they each be links configured for carrying out different purpose. In other words there are two different links for different purpose. The examiner acknowledges appellants point of view but respectfully disagrees because the claim recites 
“generating a link for accessing the controlled access resource at a server….. including the encrypted token in the link, and providing the link to the client device, the link configured to be used by the client device to request the controlled access resource.” 
only one link for carrying the token and accessing controlled access resource. The claim does not recite two different links for different purpose as argued by the appellant. Furthermore appellant on page 16 that the difference between the cited reference and the claimed invention is not the method for transporting the token, the difference is in the information included in the token and the link how this information is configured to be used. The examiner response Gajda [0021 and 0031] teaches the client browser 130 may generate a token. The generated token may comprise one or more of a random number, a nonce, a pseudorandom number, a user identifier, client identifier, time stamp, date stamp (i.e. equivalent to information included in the token). Gajda Fig 2 and associated text on [0020-0026] explain the return link for performing action such as loading return script from web service (i.e. equivalent to link for accessing resource information). Furthermore on Fig 3 block 355-390 and text on [0034-0038] teaches after login process extracting token from the return link and performing action once the token matches with the stored token (i.e. this whole process is not a redirection process as argued by the appellant). See on [0024] teaches the action 240 may correspond to loading of scripts, code, or other content (i.e. controlled access resource) associated with action 240 being loaded from the web service 110 to the client browser 130. Therefore return link containing token comprising information such a random number, a nonce, a pseudorandom number, a user identifier, client identifier, time stamp, date stamp etc. for accessing scripts or other content taught by Gajda is equivalent to link containing token including timestamp, random number and licensed resource information for accessing resource at server of instant application when combined with the base reference Coats. 
	Appellant further argues that the office fails to explain how a link causing the return script to be loaded taught by Gajda is integrated into multi-factor authentication performed by Coats. The examiner response that since Coats teaches accessing secure resource by performing multi-factor authentication based on token validation (Coats on [0016 and 0020-0029]). Coats further teaches token is carried via 

B.	The following ground(s) of rejection are applicable to the appealed claim 17 35 U.S.C COATS (WO 2016182555) in view of Gajda et al (hereinafter Gajda) (US 20140137248) and further in view of Subramanya et al (hereinafter Subramanya) (US 20170034152).

Coats fails to disclose or suggest “determining that the request includes a token”
The appellant argues that rejection of claim 17 is hindsight because Coats fails to teach the request containing token as required by the claim because token in Coats is generated after the user is authenticated based on the request containing the token. The examiner acknowledges appellants point of view but respectfully disagrees because the claim recites “….and in response to determining that the location is not a recognized location: determining that the request includes a token….” Coats on [0031-0035] teaches determined whether or not the user is in an authorize space-time cube (i.e. equivalent to location is not recognized location). If it is determined that the user is not in an authorized space-time region. The user's location may be determined to be outside of the approved geospatial rectangle and/or outside of the associated schedule range, an authentication token is generated and sent to the user via SMS (i.e. equivalent to request carrying token). The token is submitted to the secured 

ii)	Coats, Gajda and Subramanya fails to disclose or suggest “determining that a resource accessible using the license resource information [from the token] matches the requested controlled access resource”
	The Appellant argues that Subramanya fails to cure the deficiency of determining that a resource is accessible using the licensed resource information because Subramanya fails to disclose that any of the resources are accessible using any information from a token. The examiner acknowledges appellants point of view but respectfully disagrees because Subramanya explicitly teaches the argued limitation. The claim recites “determining that a resource accessible using the licensed resource information matches the requested controlled access resource, and providing the controlled access resource to the client device” the claim requires accessing the resource based on matching the requested resource using licensed resource information. Subramanya on [0035] teaches user 102 operating client device 104 may attempt to access an application, e.g., application 170. Application 170 may be any one of applications 120 accessible to user 102 upon successful authentication of credential information for user 102 (i.e. equivalent to resource being accessible based on user credential information). Client device 104 may send a request to a resource server to obtain access to application 170 provided by the resource server. Before application 170 is provided to client determine whether the requested resource is within a scope of authentication.  To determine whether a requested resource is within the scope of authentication, the requested resource may be compared to the resources for which access is restricted (i.e. determine if the requested resource is restricted to be accessed). The request for a resource may be denied to client device 202 based on determining that the requested resource matches a resource for which access is restricted. See also on [0079] teaches in response to the authorization message, application 204 may determine whether to permit or deny access to a requested resource through application 204. If access is permitted, application 204 may provide the resource in application 204.
	The appellant on page 18 last para of appeal brief further argues that adding “a resource accessible using the licensed resource information” into Coats adds complexity to the system without adding benefit therefore the rejection is hindsight. The examiner respectfully disagrees because Coats teaches user is allowed to access the resource once authentication token has been validated see [0030-0035]. In order to access a resource for which the access is not restricted (i.e. resource permitted to be accessed) by the system the requested resource needs to be compared with the accessible resource based on licensed resource information or credential information in Subramanya’s case which does not increase complexity to the system. The system will benefit by only having access to the resource which are not restricted after token is validated and user access is granted only to those resource for which the access is not restricted, thereby preventing leakage of sensitive data from unauthorized access.

C.	The following ground(s) of rejection are applicable to the appealed claims 3-5 35 U.S.C COATS (WO 2016182555) in view of Gajda et al (hereinafter Gajda) (US 20140137248) and further in view of Buhler et al (hereinafter Buhler) (US 20160316365).

i)	Claim 3 
	Claim 3 recites “wherein the state data includes a time stamp, the client device identifier and the licensed resource information” the combination of Coats and Gajda fails to explicitly teach state data having time stamp, client device identifier and licensed resource information. The examiner relied upon Buhler (i.e. third reference).

Cited reference Buhler 
Buhler is directed towards authentication of a user computer which is connectable to a mobile network, to a verifier server in the vicinity of the user computer, by retrieving an attribute credential, the attribute credential certifying a set of user attributes and a device identifier for identifying the user computer to the mobile network.  The computing device requesting a location credential, the location credential certifying a device identifier and location data indicating a current location of the user computer determined by the mobile network. The computing device producing an authentication token comprising the attribute credential, the location credential, the location data and a proof for proving that the device identifier in the attribute credential equals the device identifier in the location credential. The above method offers an elegantly simple authentication method with a high level of user privacy. It can be confirmed that the user computer is at the correct location, i.e. in the vicinity of a verifier server, but the device identifier need not be revealed by the user computer because the proof demonstrates that the location credential certifies the same identifier as the attribute credential.
A request for accessing resource is sent by the user computer. The verification server of Buhler determines whether the current location of user computer indicated by location data loc is within vicinity of the verifier server for verification process and when the user computer requesting the access to the resource is not within the vicinity of the verifier server the authentication process fails and the 

Buhler fails to disclose a state data record that includes licensed resource information.
The appellant on page 21 last para of appeal brief argues that why a person of ordinary skills in the art would understand current device location of Buhler as licensed resource information of the instant application. The examiner response that the licensed resource information of instant application is interpreted in view of [0023-0024] of instant application which discloses “a recognized location as licensed resource information” and “For example, the licensed resource information 220 may be an IP address”. See also Claim 5 “the licensed resource information represents the recognized location”. Similarly Buhler on [0027-0028 and 0032] teaches generating location credential (i.e. state data record) which includes current device location (i.e. licensed resource information) along with other elements. Further on [0059] teaches the location credential generated by MNO server 6 certifies the device identifier sid, the location data l′, and a timestamp t′ which indicates the issue time for the location credential C.sub.loc. The location credential C.sub.loc, which is received by user computer. It’s clear based on the above rationales that Buhler’s current device location is equivalent to licnese resource information of the instant application. 
Now coming to the point that why a person of ordinary skill in the art would understand current device location credential as a licensed resource information. Since both the current device location and the licensed information function as location of the device and are tracking or representing the location of the device from where the request is initiated therefore a person of ordinary skill in the art do not need special skills to understand current device location as a licensed resource information. See Buhler on [0027] teaches determine if the current location of user computer 2 indicated by the location data C.sub.loc is in the vicinity of the verifier server 4. The current user computer 2 location identified by 

The rejection relies on impermissible hindsight 
In response to appellants argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning.  But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971). In this case Coats and Gajda are modified with Buhler to teach that a state data record can include time stamp, client identifier and the licensed resource information with the motivation of identifying users for accessing resources based on valid information included in the request which further validates the request by validating the information included in the request is not expired based on the time stamp, validate the location of the device if it is within the approved location. To make it simple Coats validates the user by performing multi-factor authentication based on a token in order to grant access to the controlled resource. Coats fails to explicitly disclose providing a link including the token having time stamp, random number and licensed resource information to the client device for accessing the resource, the deficiency in Coats is overcome by the Gajda which teaches a link is provided to the device containing the token having time stamp, random number and licensed resource information In order to securely access controlled resource based on validating the token against its elements as explained above on page 8-9. The combination of Coats and Gajda does not explicitly teach state data comprising at least three things a time stamp, client device identifier, and the licensed resource information. The deficiency is overcome a person of ordinary skill in the art can secure the access of resource based on authentication token (i.e. teaching of Coats), validating the the authentication token based on time stamp and providing link for accessing the resource (i.e. teaching of Gajda) and validating the request based on time stamp included in the state data record (i.e. teaching of Buhler) which result in multi-factor authentication of Coats. For at least these reasons the rejection on claim 3 is proper and is not hindsight. 

ii)	 Claim 4
In response to appellants argument that the examiner's conclusion of obviousness is based upon improper hindsight reasoning, it must be recognized that any judgment on obviousness is in a sense necessarily a reconstruction based upon hindsight reasoning.  But so long as it takes into account only knowledge which was within the level of ordinary skill at the time the claimed invention was made, and does not include knowledge gleaned only from the applicant's disclosure, such a reconstruction is proper.  See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 1971). In this case Coats and Gajda are modified with Buhler to teach that a state data record can include time stamp, client identifier and the licensed resource information with the motivation of identifying users for accessing resources based on valid information included in the request which further validates the request by validating the information included in the request is not expired based on the time stamp, validate the location of the device if it is within the approved location. Claim 4 recites the licensed resource information represents the recognized location. Similarly Buhler on [0027-0028 and 0032] teaches generating location credential (i.e. state data record) which includes current device location (i.e. licensed resource information) along with other elements. Further on [0059] teaches the location credential generated by 

To make it simple Coats validates the user by performing multi-factor authentication based on a token in order to grant access to the controlled resource. Coats fails to explicitly disclose providing a link including the token having time stamp, random number and licensed resource information to the client device for accessing the resource, the deficiency in Coats is overcome by the Gajda which teaches a link is provided to the device containing the token having time stamp, random number and licensed resource information In order to securely access controlled resource based on validating the token against its elements as explained above on page 8-9. The combination of Coats and Gajda does not explicitly teach state data comprising at least three things a time stamp, client device identifier, and the licensed resource information. The deficiency is overcome by Buhler discloses location credential (i.e. state data record) includes time stamp, device identifier and current device location from where the request is initiated. So the access to the resource is further secured by the state record. Therefore a person of ordinary skill in the art can secure the access of resource based on authentication token (i.e. teaching of Coats), validating the the authentication token based on time stamp and providing link for accessing the resource (i.e. teaching of Gajda) and validating the request based on time stamp included in the state data record (i.e. teaching of Buhler) which result in multi-factor authentication of Coats. For at least these reasons the rejection on claim 4 is proper and is not hindsight. 



Conclusion
For the above reasons, it is believed that the rejections should be sustained.
Respectfully submitted,
/MOEEN KHAN/Examiner, Art Unit 2436                                                                                                                                                                                                        
Conferees:
/KENDALL DOLLY/Primary Examiner, Art Unit 2436            

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436                                                                                                                                                                                                                                                                                                                                                                                                    
Requirement to pay appeal forwarding fee.  In order to avoid dismissal of the instant appeal in any application or ex parte reexamination proceeding, 37 CFR 41.45 requires payment of an appeal forwarding fee within the time permitted by 37 CFR 41.45(a), unless appellant had timely paid the fee for filing a brief required by 37 CFR 41.20(b) in effect on March 18, 2013.16