Detailed Action

Acknowledgements 


1.   	This communication is in response to the Request for Continued Examination of Application No.15/248,952, filed on 8/3/2021.
2. 	Claim(s) 1, 3-5, 7-8, 10-11, 13-15, 17-18 and 20-22 are currently pending and have been fully examined.
3.	Claim(s) 2, 6, 9, 12, 16 and 19 have been cancelled by the Applicant.

4.	For the purpose of applying prior art, PreGrant Publications will be referred to 

using a four digit number within square brackets, e. g. [0001].

Notice of Pre-AIA  or AIA  Status
5.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
       . Continued Examination Under 37 C.F.R.- §1.114
6.	A request for continued examination under 37 CFR §1.114, including the fee set forth in 37 CFR §1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR §1.114, and the fee set forth in 37 CFR §1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR §1.114. Applicant's submission filed on 8/2/2021 has been entered. 





Under MPEP 707.02 Analysis

7.	Under MPEP 707.02 analysis, both the Examiner and SPE have reviewed Applicant’s claims limitations and every effort was made to terminate prosecution.  This application was considered “special” by the Examiner.

Response to Applicant’s Comments/Remarks


8.	Applicant’s response, filed on 8/3/2021, has fully been considered, but is not persuasive.

Applicant’s Argument #1:

	Applicant contends that the 35 USC 101 rejection(s) of claim(s) 1, 3-5, 7-11, 13-15 and 17-22, set forth in the prior office action, were improper because Applicant’s claim(s) are not directed to an abstract idea.
Examiner’s Response to Argument #1:

	Applicant’s argument that the 35 USC 101 rejection(s) of claim(s) 1, 3-5, 7-11, 13-15 and 17-22, set forth in the prior office action, were improper because Applicant’s claim are not directed to an abstract idea has fully been considered, but is not persuasive.  The Examiner respectfully disagrees with the Applicant’s contentions.  Applicant’s claim 1, is directed to the abstract idea of “authorizing access to a resource (e.g. DRM),” without significantly more.  
Taking Applicant’s claim elements separately, the functions performed by the computer at each step of the process is purely conventional.  Using computers to perform the functions of, “receive…determine…determine…identify…determine…create…send…” are one receive…determine…determine…identify…determine…create…send…” are functions that can be achieved by a general purpose computer without special programing.  None of these activities are used in some unconventional manner nor do any produce an unexpected result. 
It must be determined if the focus of the claims is on a specific improvement in relevant technology or on a process that itself qualifies as an “abstract idea” for which computers are invoked merely as a tool. 
Here, however, Applicant’s Specification (including the claim language) makes clear that the claims focus on an abstract idea, and not on any improvement to computer technology and/or functionality. 
Claim 1 does not, for example, purport to improve the functioning of the computer itself.  Nor does it effect in the improvement in any other technology or technical field.  Applicant’s claim limitations does not describe any particular improvement in the manner of a computer functions.  
None of Applicant’s limitations reflect an improvement in the functioning of a computer, or an improvement to other technology or technical field, applies or uses a judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception.
Applicant’s limitations simply reflects the “authorizing access to a resource (e.g. DRM),” without significantly more.  
individually and as an ordered combination do not amount to significantly more than the abstract idea of “controlling the access to a resource (e.g. DRM),” without significantly more.
The Federal Circuit has held similar concepts abstract.  Thus, for example, the Federal Circuit has held that abstract idea include the concepts of collecting data, analyzing the data, and displaying the results of the collection and analysis, including when limited to particular content. 
The Examiner finds no indication in the Specification, nor does the Applicant direct the Examiner to any indication, that the operations recited in claim 1 require any specialized computer hardware or other inventive computer components, i.e., a particular machine, invoke any assertedly inventive programing, or that the claimed invention is implemented using other than generic computer components to perform generic computer functions.   
The Examiner finds no indication in the Specification that the claimed invention effects a transformation or reduction of a particular article to a different state or thing.  Additionally, the Examiner fails to find anything of record that attributes an improvement in technology andor a technical field to the claimed invention or that otherwise indicates that the claimed invention integrates the abstract idea into a “practical application,” as that phrase is used in the 2019 Revised Guidance. 
The Examiner would like to point out that “claims for which computers are invoked merely as a tool…use of a computer as a tool – economic task, or method of 
Considered as an ordered combination, the computer functions of Applicant’s claim 1 add nothing that is not already present when the steps are considered separately; hence, the ordering of the steps is therefore, ordinary and conventional.
	Also, the Examiner would like to point out that “an inventive concept that transforms the abstract idea into a patent-eligible invention must be significantly more than the abstract idea itself, and cannot simply be an instruction to implement or apply the abstract idea on a computer.”
In sum, on this record, we find that Applicant’s claim(s) do NOT integrate the
judicial exception into a practical application that improves existing technological processes and computer technology. This concludes the eligibility analysis on this record.  Therefore, the Examiner respectfully disagrees with the Applicant and maintains his rejection. 

Applicant’s Argument #2:

Applicant contends that the amended/cancelled claims of 1, 3-5, 7-11, 13-15 and 17-22 

are obviated of the 35 USC 112(a) rejections set forth in the prior office action.

Examiner’s Response to Argument #2:

Applicant’s argument that the amended/cancelled claims of 1, 3-5, 7-11, 13-15 and 17-

22 are obviated of the 35 USC 112(a) rejections set forth in the prior office action has 

fully been considered and is persuasive; therefore, the rejections are withdrawn.

Applicant’s Argument #3:

Applicant contends that the amended/cancelled claims of 1, 3-5, 7-11, 13-15 and 17-22 

are obviated of the 35 USC 112(b) rejections set forth in the prior office action.

Examiner’s Response to Argument #3:

Applicant’s argument that the amended/cancelled claims of 1, 3-5, 7-11, 13-15 and 17-

22 are obviated of the 35 USC 112(b) rejections set forth in the prior office action has 

fully been considered and is persuasive; therefore, the rejections are withdrawn.


Claim Rejections – 35 USC § 101

9.	35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. 

10.	Claim(s) 1, 3-5, 7-8, 10-11, 13-15, 17-18 and 20-22 is/are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. 
An invention is patent-eligible if it claims a “new and useful process, machine, manufacture, or composition of matter.” 35 U.S.C. § 101. However, the Supreme Court has long interpreted 35 U.S.C. § 101 to include implicit exceptions: “[ljaws of nature, natural phenomena, and abstract ideas” are not patentable. E.g., Alice Corp. v. CLS Banklnt’l, 573 U.S. 208, 216 (2014).
organizing human activity, such as fundamental economic practices {Alice, 573 U.S. at 219-20; Bilski, 561 U.S. at 611); mathematical formulas {Parker v. Flook, 437 U.S. 584, Appeal 2018-002948 Application 13/009,053 594-95 (1978)); and mental processes (Gottschalkv. Benson, 409 U.S. 63, 69 (1972)).
Specifically, claim(s) 1, 3-5, 7-8, 10-11, 13-15, 17-18 and 20-22 are directed toward at least one judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea), without significantly more.  In accordance with the 2019 PEG, the rationale for this determination is explained below.
Step 1 Statutory Categories (streamlined analysis):
Establishing the broadest reasonable interpretation of the claim as a whole, does it fall under one of the four patentable categories of 35 U.S.C. § 101: 
(1) process; 
(2) machine; 

(4) composition of matter. 
Step 1:
Representative claim 1 is directed toward an apparatus, which is a statutory category of invention.
Representative claim 11 is directed toward a method, which is a statutory category of invention.
The claim(s) recite(s) the “authorizing access to a resource (e.g. DRM),” which is an “abstract idea,” without significantly more.
Revised Step 2A; Prong One of Two Prong Inquiry:
Although claim 1 recite a method/apparatus that falls within one of the four patentable categories of 35 U.S.C. § 101, the Supreme Court has "long held that this provision contains an important implicit exception" that "[l]aws of nature, natural phenomena, and abstract ideas are not patentable." Mayo Collaborative Servs. v. Prometheus Labs., Inc., 566 U.S. 66, 70 (2012) (quotation omitted). To determine patentable subject matter a revised determination will be made using the 2019 PEG.
"First, we determine whether the claims at issue are directed to one of those patent-ineligible concepts" of "laws of nature, natural phenomena, and abstract ideas." Alice Corp. v. CLS Bank int'l, 134 S. Ct. 2347, 2355 (2014). "The inquiry often is whether the claims are directed to 'a specific means or method' for improving technology or whether they are simply directed to an abstract end-result."  To determine 
The grouping of abstract ideas, as recited in the 2019 PEG, comprises: 
Mathematical Concepts/Formulas;
mathematical relationships;
a mathematical formula or equation;
a mathematical calculation;
formula;
Mental Processes; and 
concepts performed by the human mind or by pen and paper (e.g. observation, evaluation, judgement, opinion);
(3) Certain Methods of Organizing Human Activity (e.g. fundamental economic practice);
a. fundamental economic principles or practices (e.g. hedging, insurance, mitigating risk);
b. commercial or legal interactions (e.g. contracts, legal obligations, business relations, advertising;
	c. managing personal behavior or relationships;
d. interactions between people (e.g. social activities, teaching);
Claim Analysis:
Identifying the specific limitation(s) in the claim that recites an abstract idea (note: abstract idea is highlighted bold);
1. (Currently Amended) An apparatus comprising a processor and a memory, the apparatus further including computer-executable instructions stored in the memory of the apparatus which, when executed by the processor of the apparatus, implement a service layer entity of a communication network and cause the apparatus to:
receive, by the service layer entity, from a requesting entity on the communication network, a request to access a resource hosted by the service layer entity;
determine, by the service layer entity, based on an access control policy associated with the resource, that the requesting entity does not have privileges to access the resource;
determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity;
identify, based on the dynamic authorization policy and in response to determining that the requesting entity does not have the privileges, another service layer entity of the communications network to consult in performing the dynamic authorization of the requesting entity;
determine, based on communication with the another service layer entity, new privileges for the requesting entity to access the resource;
create a new access control policy associated with the resource indicating that the requesting entity has the new privileges to access the resource; and
send a message to the requesting entity indicating, based on the new privileges, that the request is approved.

Determine whether the identified specific limitation(s) falls within at least one of the groupings of abstract ideas enumerated in 2019 PEG;
Claim Analysis:
The claim recites the limitation(s), “receive…determine…determine…identify…determine…create…send….”
Thus the limitation, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components.  That is, other than reciting, “by the service layer entity,” nothing in the claim element precludes the step from falling under the, “certain methods of organizing human activity,” prong. 

The Examiner identifies that the Applicant’s claim limitations full under 2019 PEG group(s) of abstract idea is/are: (3) Certain Methods of Organizing Human Activity;
Because the claims are directed to “authorizing access to a resource (e.g. DRM),” it is an abstract idea.  Since the identified limitations(s) fall within any of the groupings of abstract ides enumerated in the 2019 PEG, the analysis should proceed to Revised Step 2A, Prong Two.
	We must now examine the elements of the claim to determine whether it contains an “inventive concept” sufficient to “transform” the claimed abstract idea into a patent eligible application.  A claim that recites an “abstract idea” must include “additional features” to ensure the claim is more than a drafting effort designed to monopolize the “abstract idea.”

Revised Step 2A, Prong Two of Two Prong Inquiry:
The Examiner then makes a determination if there are there any additional element(s) or a combination of elements that apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception, such that it is more than a drafting effort designed to monopolize the exception.  Therefore, the additional element(s) or a combination of elements, recited in the claim, is beyond the judicial exception(s), and
	Does the claim recite additional elements that integrate the judicial exception into a “practical application” of the exception?  Requires an additional element or a combination of additional elements in the claim to apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception, such that the claim is more than a drafting effort designed to monopolize the exception.
	Because the Examiner has found that the claims are directed to abstract ideas/judicial exception, the claims must include an “inventive concept” in order to be patent-eligible, i.e., there must be an element or combination of elements that is sufficient to ensure that the claim in practice amounts to significantly more than the abstract idea itself.  
The relevant question is whether the claims here do more than simply instruct the practitioner to implement the abstract idea…on a generic computer.
Claim Analysis:
Identifying the specific limitation(s) in the claim that recites additional element(s) or a combination of elements;
1. (Currently Amended) An apparatus comprising a processor and a memory, the apparatus further including computer-executable instructions stored in the memory of the apparatus which, when executed by the processor of the apparatus, implement a service layer entity of a communication network and cause the apparatus to:
receive, by the service layer entity, from a requesting entity on the communication network, a request to access a resource hosted by the service layer entity;
determine, by the service layer entity, based on an access control policy associated with the resource, that the requesting entity does not have privileges to access the resource;
determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity;
identify, based on the dynamic authorization policy and in response to determining that the requesting entity does not have the privileges, another service layer entity of the communications network to consult in performing the dynamic authorization of the requesting entity;
determine, based on communication with the another service layer entity, new privileges for the requesting entity to access the resource;
create a new access control policy associated with the resource indicating that the requesting entity has the new privileges to access the resource; and
send a message to the requesting entity indicating, based on the new privileges, that the request is approved.

Does the claim as a whole integrates the mental process into a practical application?

practical application:
Improvements to the functioning of a computer, or to any other technology or technical field, as discussed in MPEP 2106.05(a);

Applying or using a judicial exception to effect a particular treatment or prophylaxis for disease or medical condition;

Applying the judicial exception with, or by use of, a particular machine, as discussed in MPEP 2106.05(b); 

Effecting a transformation or reduction of a particular article to a different state or thing, as discussed in MPEP 2106.05(c); and

Applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception;
The Examiner considers whether the claimed invention pertains to an improvement in:
(1) The functioning of the computer itself; or 
(2) Any other technology or technical field.  
This is also referred to as a technological solution to a technological problem.  
	Determine, by the Examiner, that there is a technical explanation as to how to implement the invention in the Specification and the claim itself reflects the improvement in technology.  In determining to identify the “improvement” the Examiner searches both: 
The Specification; and 
The Claims;
The Specification must provide sufficient details such that one of ordinary skill in the art would recognize the claimed invention as pertaining to an improvement in technology.  For example, the Specification could identify a technical problem and explain how the Specification provides a technical solution.
	As to the claims, after the Examiner has consulted the Specification and determined the disclosed invention pertains to an improvement in technology, the claim must be evaluated to ensure the claim itself reflects the improvement in technology.  It must be determined whether the claim covers a particular solution to a problem or a particular way to achieve a desired outcome, as opposed to merely claiming the idea of a solution or outcome.
	Under a “particular machine” consideration, a claim limitation can integrate a judicial exception by implementing a judicial exception with, or using a judicial exception in conjunction with, a particular machine or manufacture that is integral to the claim.
This consideration is discussed in MPEP 2106.05(b).
A claim to add a generic computer or generic computer components and asserts that the claim integrates a judicial exception because the generic computer is 'specially programmed, or is a 'particular machine, the Examiner should look at whether the added elements integrate the judicial exception.  Merely adding a generic computer, generic computer components, or a programmed computer to perform generic computer functions does not automatically overcome an eligibility rejection.
particular transformation” consideration, a claim limitation can integrate a judicial exception by effecting a transformation or reduction of a particular article to a different state or thing.  This consideration is discussed in MPEP 2106.05(c).
	Under “other meaningful limitations” consideration, a claim limitation can integrate a judicial exception by applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception.  This consideration is discussed in MPEP 2106.05(e).
Examples of limitations that are “NOT” indicative of integration into a practical application:
Adding the words “apply it” (or an equivalent) with the judicial exception, or mere instructions to implement an abstract idea on a computer, or merely uses a computer as a tool to perform an abstract idea, as discussed in MPEP 2106.05(f);

Generally linking the use of the judicial exception to a particular technological environment or field of use, as discussed in MPEP 2106.05(h).
Result of Claim Analysis:
The claim recites the additional element(s): from an operator system via a network; the “operator system” in the step(s) is recited at a high level of generality, i.e., as a generic processor performing a generic computer function of processing data. This generic processor limitation is no more than mere instructions to apply the exception using a generic computer component.  Accordingly, this additional element 
Thus the exception is not integrated into a “practical application,” then the claim is “directed to” the exception, proceed to Step 2B.

Analysis Step 2B:
Because we determine the claims are directed to an abstract idea, we analyze the claims under step 2B of Alice to determine if there are additional limitations that individually, or as an ordered combination, ensure the claims amount to "significantly more" than the abstract idea.  Alice, 134 S. Ct. at 2355 (citing Mayo, 566 U.S. at 76-77)).  Does the claim provide an inventive concept i.e., does the claim recite additional element(s) or a combination of elements that amount to significantly more than the judicial exception (e.g. abstract idea) in the claim?
Because the Examiner has found that the claims are directed to abstract ideas/judicial exception, the claims must include an “inventive concept” in order to be patent-eligible, i.e., there must be an element or combination of elements that is sufficient to ensure that the claim in practice amounts to significantly more than the abstract idea itself.  
The relevant question is whether the claims here do more than simply instruct the practitioner to implement the abstract idea…on a generic computer.

Step 2B includes evaluation of the same considerations as revised Step 2A Prong Two, plus two additional considerations: 
whether the additional elements amount to significantly more than the exception itself;

Claim Analysis:
1. (Currently Amended) An apparatus comprising a processor and a memory, the apparatus further including computer-executable instructions stored in the memory of the apparatus which, when executed by the processor of the apparatus, implement a service layer entity of a communication network and cause the apparatus to:
receive, by the service layer entity, from a requesting entity on the communication network, a request to access a resource hosted by the service layer entity;
determine, by the service layer entity, based on an access control policy associated with the resource, that the requesting entity does not have privileges to access the resource;
determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity;
identify, based on the dynamic authorization policy and in response to determining that the requesting entity does not have the privileges, another service layer entity of the communications network to consult in performing the dynamic authorization of the requesting entity;
determine, based on communication with the another service layer entity, new privileges for the requesting entity to access the resource;
create a new access control policy associated with the resource indicating that the requesting entity has the new privileges to access the resource; and
send a message to the requesting entity indicating, based on the new privileges, that the request is approved.
Claim Analysis Result:

Thus taken alone, the additional elements do not amount to significantly more than the above identified judicial exception (the “abstract idea”). Looking at the limitations as an ordered combination, as a whole, adds nothing that is not already present when looking at the elements individually.  There is no indication that the 

The additional elements of claim(s) 1 do not change the analysis as claim(s) 1 do not include additional elements that are sufficient to amount to significantly more than the judicial exception because alone, the elements do not amount to significantly more than the abstract idea.  The additional elements of claim(s) 1 taken together, as an ordered combination, as a whole, also do not amount to significantly more than the abstract idea.  The additional elements of claim(s) 1 include:
NONE
Applicant’s “additional elements” disclose generic computer components performing generic computer functions which alone, do not amount to significantly more than the judicial exception.  Within claim(s) 1, they are recited at a high level of generality and are functioning and processing instructions in a conventional manner known in the industry.  Courts have held computer-implemented processes not to be significantly more than an “abstract idea” (and thus ineligible) where the claim as a whole amounts to nothing more than generic computer functions merely used to implement an “abstract idea,” such as an idea that could be done by human analog (i.e. by hand or by merely thinking). This is the central issue with the claimed invention as the computer elements are merely used as a tool to carry out the “abstract idea,” to perform functions, such as “receive…determine…determine…identify…determine…create…send…,”
abstract idea”). Looking at the limitations as an ordered combination, as a whole, adds nothing that is not already present when looking at the elements individually. There is no indication that the combination of elements, the ordered combination of the elements as a whole, improves the functioning of a computer or improves any other technology. 
Their collective functions merely provide conventional computer implementation as the Specification, which merely indicate generic and conventional computing components, used as a tool to implement the “abstract idea, without specifically identifying improvements to the technology utilized, rather indicating technology is merely utilized as a tool to implement the “abstract idea.”
Applicant’s limitations are represent instructions for the “abstract idea” and/or insignificant post-solution activity.  Moreover, these limitations do not constitute significantly more because they are simply an attempt to limit the “abstract idea” to a particular technological environment.  Viewing these limitations in combination with the elements that set forth the “abstract idea,” the claim(s) 1 merely instruct the process of 
“receive…determine…determine…identify…determine…create…send….” which are instructions to implement the “abstract idea.”   
	Furthermore, the limitations whish set forth the “abstract idea” do not appear to be sufficiently supported by the required algorithm(s) necessary to carry out their claimed function in a specific, limiting manner, thereby indicating a high level or preemption. 
Conclusion 
	Thus, when all of the limitations of the claims are considered, both individually and as an ordered combination as outlined above, the Examiner concludes that the claim is not directed to a patent-eligible subject matter under 35 USC 101 because it does not amount to significantly more than the “abstract idea.”
Additionally, the Examiner would additionally point out the following:
“The method claims do not, for example, purport to improve the functioning of the computer itself. See ibid. (“There is no specific or limiting recitation of . . . improved computer technology . . . ”); Brief for United States as Amicus Curiae 28–30. Nor do they effect an improvement in any other technology or technical field. See, e.g., Diehr, 450 U. S., at 177–178. Instead, the claims at issue amount to “nothing significantly more” than an instruction to apply the abstract idea of intermediated settlement using some unspecified, generic computer.”

Also, the Examiner would like to point out that “claims for which computers are invoked merely as a tool…use of a computer as a tool – economic task, or method of conducting business, the computer acts as a device to move and hold data, but the computer is used merely in its ordinary capacity of routine computerization of bookkeeping functions are not tied to a technological advance.”   “Furthermore, merely combining several abstract ideas does not render the combination any less abstract. RecogniCorp, 855 F.3d at 1327 (“Adding one abstract idea (math) to another abstract idea . . . does not render the claim non-abstract.”); see also FairWarning IP, LLC v. Iatric Sys., Inc., 839 F.3d 1089, 1093—94 (Fed. Cir. 2016) (determining the pending claims were directed to a combination of abstract ideas).”
abstract idea” into a patent-eligible invention must be significantly more than the “abstract idea” itself, and cannot simply be an instruction to implement or apply the “abstract idea” on a computer.”
Accordingly, there are no meaningful limitations in the claims that transform the judicial exception into a patent eligible application such that the claims amount to significantly more than the judicial exception itself. 
Dependent claim(s) 1, 3-5, 7-8, 10, 13-15, 17-18 and 20-22 when analyzed as a whole are held to be patent ineligible under 35 USC 101 because the additional recited limitations only refine the abstract idea further.
For instance, in claim(s) 3-5, 7-8, 10, 13-15, 17-18 and 20-22 under the broadest reasonable interpretation, are further refinements of [organizing human activities, mental process, mathematical concepts/formulas] because these steps further describe the intermediary steps of the underlying process.
In all the dependent claim(s), the judicial exception is not integrated into a practical application because the limitations are recited at a high-level of generality such that it amounts to no more than mere instructions to apply the exception using generic computer components. This is because the claim(s) do not affect an improvement to another technology or technical field; the claims do not amount to an improvement to the functioning of a computer system itself; the claims do not affect a transformation or reduction of a particular article to a different state or thing; and the claims do not move beyond a general link of the use of an abstract idea to a particular technological 
	Dependent claim(s) 3-5, 7-8, 10, 13-15, 17-18 and 20-22 do not add any limitations that would remedy the deficiencies outlined above and are rejected accordingly. 
Claim Rejections - 35 USC § 112
11.	The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

12.	Claim(s) 3-5, 7-8, 10, 13-15, 17-18 and 20-22 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. 
determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity,” however, Applicant’s Specification recites:
 [0012] Service layer authorization mechanisms are used to control access to resources and/or services hosted in the service layer. Authorization typically involves allowing authenticated registrants to access resources and services hosted in a service layer based on statically provisioned authorization policies and assigned roles. An authorization policy is a set of rules that define whether a given service layer registrant is permitted to access a protected resource or service hosted in the service layer. These policies can be based on different mechanisms. Three common types of authorization policies are Authorization List (ACL), Role Based Authorization (RBAC), and Subscription Based Authorization (SBAC).

[0019] oneM2M defines an existing <accessControlPolicy> resource that supports a configured set of privileges as shown in FIG. 6A. The privileges can be configured with a set of authorization rules (i.e., policies) defining which authenticated service layer registrants have privileges to access resources associated with the <accessControlPolicy> resource. Once configured these privileges are typically static from the perspective of the service layer. The service layer does not dynamically create, update, or delete privileges on-the-fly.

[0021] accessControlOriginators—The set of service layer registrants authorized to access resources associated with this authorization policy (e.g. list of CSE-IDs or AE-IDs).

[0025] accessControlLocationRegions—List of locations where service layer registrants are allowed to be located when accessing resources associated with this authorization policy. Requests from service layer registrants from locations not in this list will be denied.

[0026] accessControllpAddresses—IP addresses of service layer registrants allowed to access resources associated with this authorization policy. Requests from service layer registrants that have IP addresses not in this list will be denied.

[0035] A method to allow a service layer registrant to specify consultation-based dynamic authorization policies for its resources or services that a service layer can then use to consult the registrant to determine whether or not to grant or deny other service layer registrants privilege to access its resources or services can be used.

[0036] A method for a service layer registrant to specify payment-based dynamic authorization policies for its resources or services which a service layer can then use to support dynamic authorization to other registrants can be used. Wherein privileges are granted or denied based on the rate other service layer registrants are willing to pay to access the resources or services can be used.

[0037] A method for a service layer registrant to specify barter-based dynamic authorization policies for its resources or services wherein these policies allow the service layer to dynamically barter on behalf of a registrant wishing to gain access to other registrant's resources and services in exchange for access to its own resources or services can be used.

[0038] A method for a service layer registrant to specify security-assessment-based dynamic authorization policies for its resources or services wherein these policies allow the service layer to dynamically assess the security level of a registrant wishing to gain access to other registrant's resources and services and determine whether its level of security meets dynamic authorization requirements or not can be used.



Description
[0078] FIG. 34 is a diagram of Configuration of Service Layer Dynamic Authorization Policies

[0123] Shortcoming #1—Lack of support to allow a service layer registrant to gain access to a resource for which it does not have permissions to access by dynamically adding new permissions. As a result, registrants are limited to accessing only those resources and/or services for which they have statically pre-provisioned authorization policies to access.

[0129] The following use case describes how service layer dynamic authorization can be supported by a service layer as well as its value-add. In this use case App #1 202 creates a resource named XYZ hosted in the service layer. App #1 202 then configures an access control policy for resource XYZ with a set of static access privileges. The static access privileges define rules such as a list of other Apps that are allowed to access resource XYZ as well as what operations they can perform on it. These privileges are used by the service layer to control which Apps are allowed to access the resource and which operations they are allowed to perform on the resource. App #1 202 can configure these privileges with the known Apps that it is aware of and that it wants to grant access to. App #1 202 can also configure a dynamic authorization policy for the resource. This policy defines rules that can be used by the service layer to support dynamically creating, updating, or deleting the static access privileges. This is especially useful to support cases where new/different Apps attempt to access the resource, however, App #1 202 does not have any prior awareness of relationship with these Apps and hence has not configured the static privileges to grant them access to the resource.

[0130] In this use case, App #2 204 is an example of an App which App #1 has not granted static access privileges for. App #2 204 performs a request to resource XYZ. The Service Layer, first checks the static access privileges and finds that App #2 204 has not been given privileges. The Service Layer 102 than checks if a dynamic authorization policy has been configured. If so, the Service Layer 102 can support functionality to assess whether or not to update the static access privileges and grant access privileges to these Apps. The dynamic authorization functionality can be performed locally by the Service Layer 102 using the configured dynamic authorization policies as shown in FIG. 7. Alternatively, the Service Layer 102 can support consulting with other entities in the system (e.g. an Authorization Server) to have them assist the Service Layer 102 in performing the dynamic authorization as shown in FIG. 8.

[0132] The proposed framework consists of a service layer dynamic authorization (SLDA) function 902 as shown in FIG. 9. This function support servicing requests to determine whether or not a requester shall be granted access privileges to a desired resource or service hosted by the service layer for which the requester does not already have pre-established privileges to access. This function consists of the following four sub-functions also shown in FIG. 9. [0133] Policy Administration Function (SLDA-PA) 904—Manages service layer dynamic authorization policies. [0134] Policy Decision Point (SLDA-PD) 908—Evaluates and issues service layer dynamic authorization decisions. [0135] Policy Enforcement Point (SLDA-PE) 910—Intercepts request to a service layer resource or service and enforces SLDA-PD's decision. [0136] Policy Information Point (SLDA-PI) 906—Provides additional context information to a SLDA-PD 908, such as security, payment, location and reputation assessments.

[0141] Conversely an SLDA 902 can be deployed in a distributed manner in which case an SLDA 902 or its sub-functions can be distributed throughout a network. For example, the SLDA-PI, SLDA-PA 904 and SLDA-PD 908 sub-function can be deployed on a centralized node in the network while separate SLDA-PE 910 sub-functions can be deployed locally within each of the service layer instance throughout a network as shown in FIG. 13. In this distributed scheme, dynamic authorization policy information, administration and decisions can be made by the centralized SLDA-PD 908, while the 

[0162] FIG. 14 depicts a policy management (provisioning, decision and enforcement) framework involving both static and dynamic policies. An IoT Service Provider may have an existing static access policy management, with the introduction of dynamic authorization, a Service Layer Policy Co-ordination Function (SL-PCF) 1408 is able to handle the co-ordination of dynamic and static policies and enforcement of those policies. A SLDA-PA 904 and a SLSA (Service Layer Static Authorization)-PA 1404 functions that provisions dynamic policies and static policies respectively. The SLSA-PA 1404 configures appropriate PD policies (at the Security Server 2) as well as PE policies at the respective entities (e.g. Security Gateway).

[0291] A summary of the proposed oneM2M enhancements include: [0292] 1) An architectural level embodiment of SLDA functionality within a oneM2M system showing which types of oneM2M entities SLDA functionality can be hosted on (e.g. MEF 2304, MAF 2302 and CSEs). [0293] 2) Some proposed enhancements to the existing oneM2M defined <accessControlPolicy> resource to include an identifier for an individual privilege within the privilege list that enables partial addressing of individual privilege within privileges list, an expiration time for each individual privilege, and the definition of new types of authorization context that support use cases involving payment-based, bartering-based, reputation-based, and security assessment-based dynamic authorization. [0294] 3) The definition of a oneM2M <dynAuthPolicy> resource and attributes to support configuration of service layer dynamic authorization policies. [0295] 4) The definition of a oneM2M <dynAuthRequest> resource and corresponding request and response message formats to support explicitly requesting dynamic authorization to be performed. [0296] 5) The definition of a oneM2M <consult> resource and corresponding request and response message formats to support the ability to consult explicitly requesting dynamic authorization to be performed. [0297] 6) The definition of several oneM2M procedures providing message sequence level descriptions of how different types of dynamic authorization functionality can be supported within a oneM2M system.

oneM2M Service Layer Dynamic Authorization Architecture

[0321] This disclosure proposes three enhancements to the existing privileges attribute of the <accessControlPolicy> resource described below. [0322] 1) A fourth component has been added to privileges access-control-rule tuple called an accessControlPrivilegeID. This fourth component can be used to identify and address an individual privileges access-control-rule tuple. This identifier can be useful when supporting updating or deleting of an individual tuple. Otherwise, an update or delete of an individual tuple requires updating the entire privileges access-control-rule tuple list which can be less efficient. [0323] 2) A fifth component has been added to the privileges access-control-rule tuple called an access ControlExpirationTime. This component can be used to define a lifetime associated with a particular access-control-rule tuple. This enables access-control-rule tuples to have different lifetimes with respect to one another, which can provide more flexibility from a privileges perspective. [0324] 3) Four additional types of accessControlContext have also been defined by this disclosure: [0325] accessControlPaymentTerms—List of payment terms that must be established before a service layer registrant is allowed to access resources associated with this authorization policy. [0326] accessControlReputationLevel—Required reputation level that a service layer registrant must have before it is allowed to access resources associated with this authorization policy [0327] accessControlBarterTerms—List of barter terms that must be established before a service layer registrant is allowed to access resources associated with this authorization policy. [0328] accessControlSecurityAssessment—Required level of security that a service layer registrant must have before it is allowed to access resources associated with this authorization policy

In reviewing the sections of Applicant’s Specification, Applicant’s Specification does not teach Applicant’s recited claim language of “determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity;” HOW the Applicant’s claimed invention of, “determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity” works.  Therefore, claim 1 fails the written description as Applicant has not provided neither algorithm nor the steps/procedure taken in sufficient detail so that one of ordinary skill in the art would understand HOW Applicant’s intended function of “determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity” is to be performed.1   One of ordinary skill in the art would have reasonably concluded that the inventor did not possess the claimed subject matter because of the lack of a specific computer code to perform Applicant’s claimed invention of “determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity.”  Examiner establishes that specific computer code lines to cause Applicant’s claimed invention of “determine, by the service layer entity, a dynamic authorization policy for dynamic authorization of the requesting entity” on the computing device is necessary to detail, “to allow a person of 2  
As to claim 11, Applicant recites, “A method comprising: receiving, by a service layer entity of a communication network, from a requesting entity on the communication network, a request at a service layer at the apparatus to access a resource hosted by the service layer entity;” therefore, it is unclear HOW Applicant’s claimed invention works.  Here, Applicant is making a distinction between “a service layer entity” and from a “service layer.”  Applicant’s Specification is silent the teaching of a distinction between Applicant’s recited claimed elements.3 
	Claim 11 contains similar language or like deficiencies found in claim 1.
	Dependent claim(s) 3-5, 7-8, 10, 13-15, 17-18 and 20-22 are also rejected for being depdent upon rejected claim(s) 1 and 11.
Claim Rejections - 35 USC § 112
13.	The following is a quotation of 35 U.S.C. 112(b):

(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

14.	Claim(s) 11, 13-15, 17-18 and 20-22 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or 
Claim 11 recites the limitation "the apparatus" in claim 11.  There is insufficient antecedent basis for this limitation in the claim.
As to claim 11, the scope of the claim is unclear as Applicant recites, “A method comprising: receiving, by a service layer entity of a communication network, from a requesting entity on the communication network, a request at a service layer at the apparatus to access a resource hosted by the service layer entity; therefore, the scope of the claim is unclear for Applicant is reciting two separate and distinct elements. Therefore, the scope of the claim is not clear and one of ordinary skill in the art would not be reasonable appraised of the scope of the claim.4
Dependent claim(s) 13-15, 17-18 and 20-22 are also rejected for being depdent upon rejected claim(s) 11.

Conclusion

15. The prior art made of record and not relied upon is considered pertinent to 

Applicant’s disclosure.  



    PNG
    media_image1.png
    661
    593
    media_image1.png
    Greyscale

Any inquiry concerning this communication or earlier communication from the examiner should be directed to Mr. Dante Ravetti whose telephone number is (571) 270-3609. The examiner can normally be reached on Monday - Thursday 9:00am-5:00pm.

If attempts to reach examiner by telephone are unsuccessful, the examiner’s supervisor, Mr. John Hayes may be reached at (571) 272-6708. The fax phone number for the organization where this application or proceeding is assigned is (571) 270-4609.

Information regarding the status of an application may be obtained from

the Patent Application Information Retrieval (PAIR) system. Status information

for published applications may be obtained from either Private PAIR or Public

PAIR. Status information for unpublished applications is available through

Private PAIR only. For more information about the PAIR system see

http://pair-direct5yspto.gov. Should you have questions on access to the private

PAIR system, please contact the Electronic Business Center (EBC) at 1-(866)

217-9197. If you would like assistance from a USPTO Customer Service

Representative or access to the automated information system, call 1-(800) 786-

9199 (IN USA or CANADA) or 1 -(571) 272-1000.

/DANTE RAVETTI/Primary Examiner, Art Unit 3685                                                                                                                                                                                                        Tuesday, March 15, 2022



    
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
        
            
    

    
        1 When examining computer-implemented functional claims, examiners should determine whether the specification discloses the
        computer and the algorithm (e.g., the necessary steps and/or flowcharts) that perform the claimed function in sufficient detail
        such that one of ordinary skill in the art can reasonably conclude that the inventor possessed the claimed subject matter at the
        time of filing. An algorithm is defined, for example, as "a finite sequence of steps for solving a logical or mathematical problem
        or performing a task." Microsoft Computer Dictionary (5th ed., 2002). Applicant may "express that algorithm in any
        understandable terms including as a mathematical formula, in prose, or as a flow chart, or in any other manner that provides
        sufficient structure." Finisar Corp. v. DirecTV Grp., Inc., 523 F.3d 1323, 1340 (Fed. Cir. 2008) (internal citation omitted). It is not
        enough that one skilled in the art could write a program to achieve the claimed function because the specification must explain
        how the inventor intends to achieve the claimed function to satisfy the written description requirement. See, e.g., Vasudevan
        Software, Inc. v. MicroStrategy, Inc., 782 F.3d 671, 681-683, 114 USPQ2d 1349, 1356, 1357 (Fed. Cir. 2015) (reversing and
        remanding the district court’s grant of summary judgment of invalidity for lack of adequate written description where there were
        genuine issues of material fact regarding "whether the specification show[ed] possession by the inventor of how accessing
        disparate databases is achieved"). If the specification does not provide a disclosure of the computer and algorithm in sufficient
        detail to demonstrate to one of ordinary skill in the art that the inventor possessed the invention a rejection under 35 U.S.C. 112
        (a) or pre-AIA  35 U.S.C. 112, first paragraph, for lack of written description must be made. For more information regarding the
        written description requirement, see MPEP § 2162- § 2163.07(b). If the specification does not provide a disclosure of sufficient
        corresponding structure, materials, or acts that perform the entire claimed function of a means- (or step-) plus- function
        limitation in a claim under 35 U.S.C. 112(f) or the sixth paragraph of pre-AIA  35 U.S.C. 112, "the applicant has in effect failed
        to particularly point out and distinctly claim the invention" as required by the 35 U.S.C. 112(b) [or the second paragraph of pre-
        AIA  35 U.S.C. 112]. In re Donaldson Co., 16 F.3d 1189, 1195, 29 USPQ2d 1845, 1850 (Fed. Cir. 1994) (en banc). A rejection
        under 35 U.S.C. 112(b) or the second paragraph of pre-AIA  35 U.S.C. 112 must be made in addition to the written description
        rejection. See also MPEP § 2181, subsection II.B.2(a).
        
        
        2 MPEP 2161.01;Univ of Rochester v. G.D. Searle & Co., Inc. 358 F.3d 916, 928 (Fed. Cir. 2004); 
        
        3 In re Katz Interactive Call Processing Patent Litigation, 639 F.3d 1303, 1316 (Fed. Cir. 2011).
        "Examples of such coextensive functions are ‘receiving’ data, ‘storing’ data, and ‘processing’ data—the only three functions on which the Katz court vacated the district court’s decision and remanded for the district court to determine whether disclosure of a microprocessor was sufficient." Id. at 622. Thus, "[a] microprocessor or general purpose computer lends sufficient structure only to basic functions of a microprocessor. All other
        computer-implemented functions require disclosure of an algorithm." Id.
        
        
        4 MPEP 2173.02 III B;  “Examiners should bear in mind that "[a]n essential purpose of patent examination is to fashion claims that are precise, clear, correct, and unambiguous. Only in this way can uncertainties of claim scope be removed, as much as possible, during the administrative process." Zletz, 893 F.2d at 322, 13 USPQ2d at 1322.” MPEP 2173.02 I “I. CLAIMS UNDER EXAMINATION ARE CONSTRUED DIFFERENTLY THAN PATENTED CLAIMS”