DETAILED ACTION
Summary and Status of Claims
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
This Office Action is in response to Applicant’s reply filed 12/22/2021.
Claims 1-20 are pending.
Claims 1-5, 9-13, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Banks et al. (US Patent Pub 2014/0188938) of record, in view of Prasad et al. (US Patent 7,568,217) of record.
Claims 6-8 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Banks et al. (US Patent Pub 2014/0188938) of record, in view of Prasad et al. (US Patent 7,568,217) of record, further in view of Roche et al. (US Patent 9,432,379) of record. 
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.

Note on Prior Art Rejections
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed 

The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1-5, 9-13, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Banks et al. (US Patent Pub 2014/0188938) (Banks) of record, in view of Prasad et al. (US Patent 7,568,217) (Prasad) of record.
In regards to claim 1, Banks discloses a computer-implemented method for providing permissions to users of a database system, the method comprising:
a.	assigning, by the database system, a plurality of permission sets to a plurality of users based on a plurality of attribute of the plurality of users, each permission set comprising a plurality of permissions, each permission granting access to an application or database resource stored on the database system, wherein a subset of the plurality of permission sets assigned to the plurality of users are based on attributes of user roles and wherein a remainder of the plurality of permission sets assigned to the plurality of users are based on remaining attributes, other than the attributes of user roles, of the plurality of users (Banks at paras. 0017-18, 0022, 0030)1, 
2;
b.	detecting, by the database system, a start of a first user session associated with a user and criteria regarding the plurality of attributes (Banks at paras. 0031-0032)3; 
c.	determining, by the database system, if the user satisfies one or more qualification requirements, the determination being triggered by the detection of the start of the first user session, the qualification requirement being different than the plurality of attribute (Banks at paras. 0023-25, 0060, 0064-66)4; 
d.	activating, by the database system, one or more permission sets linked to the user in the permission set assignment object and associated with the plurality of attributes meeting the criteria in response to determining that the user satisfies the one or more qualification requirements (Banks at paras. 0060, 0064-66)5;
e.	enabling, by the database system, access by the user to the application or database resources stored on the database system associated with each permission of the one or more permission sets in response to the activation of the one or more permission sets, the access being blocked until the one or more permission sets is activated.  Banks at para. 0022.6
Banks does not expressly disclose the roles are in a hierarchical role model, where users at one permission level have access to computing resources assigned to the one permission level and computing resources accessible by a lower permission level user, but do not have access to computing resources accessible to a user at a higher permission level.
Prasad discloses a system and method of using a role based access control system where a role refers to a class of users that are assigned a set of privileges on the network (i.e., permission set).  Prasad at col. 3, lines 39-40.  Prasad also discloses roles can be conditional.  Prasad at col. 3, lines 41-44.  Prasad further discloses roles can be assigned and defined by hierarchical relationships.  For example, a primary role, a role that would be assigned to everyone like an “employee”, would have the lowest level.  A “manager” would be an intermediate role that has a higher level than “employee” and an “administrator” role would have the highest level.  Each role level has the privileges of levels below it and the privileges exclusive to the role level.  Prasad at col. 7, lines 62-65; col. 8, lines 20-47.
Banks and Prasad are analogous art because they are both directed to the same field of endeavor of access permissions systems.  Much like Prasad, Banks utilizes roles that include one or more privileges and discloses users may be grouped or classified into different user groups.  Banks at para. 0017.  Therefore, while Banks does not expressly disclose a hierarchical role system, one of ordinary skill in the art would rely on Prasad and modify Banks to add the feature.
At the time before the effective filing date of the instant application, it would have been obvious to one of ordinary skill in the art to modify Banks by adding the features of the roles are in a hierarchical role model, where users at one permission level have access to computing resources assigned to the one permission level and computing resources accessible by a lower permission level user, but do not have access to computing resources accessible to a user at a higher permission level, as disclosed by Prasad.
The motivation for doing so would have been because providing a hierarchical role system allows administrators of the system a more efficient way of ensuring certain classes of users get the permissions they need while not having to maintain individual permissions for each user.  Prasad at col. 8, lines 15-27.  

In regards to claim 2, Banks in view of Prasad discloses the method of claim 1, further comprising activating an assignment of a first permission set and not a second permission set.  Banks at paras. 0022-25, 0032.7
In regards to claim 3, Banks in view of Prasad discloses the method of claim 1, further comprising revoking an activation of the assignment of the one or more permission sets based on detecting a termination of the first user session.  Banks at 0032, 0035.8
In regards to claim 4, Banks in view of Prasad discloses the method of claim 3, further comprising revoking an activation of the assignment of the one or more permission sets based on the user failing to continue to satisfy the one or more qualification requirements during the first user session.  Banks at para. 0035.9
In regards to claim 5, Banks in view of Prasad discloses the method of claim 4, further comprising revoking an activation of an assignment of a first permission set and not a second permission set.  Banks at paras. 0022-25, 0032-35.10
Claims 9-13 are essentially the same as claims 1-5, respectively, in the form of a computer program product comprising a non-transitory computer readable medium having computer program code therein (Banks at para. 0073).  Therefore, they are rejected for the same reasons.

In regards to claim 17, Banks discloses an apparatus for activating assignments of permission sets, the apparatus comprising:
a.	one or more processors (Banks at para. 0072); and
b.	a non-transitory computer readable medium storing a plurality of instructions (Banks at para. 0073), which when executed cause the one or more processors to:
i.	assign a plurality of permission sets to a plurality of users based on a plurality of attributes of the plurality of users, each permission set comprising a plurality of permissions, each permission granting access to an application or database resource stored on the database system, wherein a subset of the plurality of permission sets assigned to the plurality of users are based on attributes of user roles and wherein a remainder of the plurality of permission sets assigned to the plurality of users are based on remaining attributes, other than the attributes of user roles, of the plurality of users (Banks at paras. 0017-18, 0022, 0030)11:

ii.	linking each of the plurality of users to one or more permission sets associated with the plurality of attributes by storing a permission set assignment object with records that comprise user identifiers for the plurality of users and the plurality of permission sets assigned to the plurality of users (Banks at para. 0057)12;
iii.	detect a start of a first user session associated with a user and criteria regarding the plurality of attributes (Banks at paras. 0031-0032)13; 
iv.	determine if the user satisfies one or more qualification requirements, the determination being triggered by the detection of the start of the first user session, the qualification requirement being different than the plurality of attributes (Banks at paras. 0023-25, 0060, 0064-66)14;
v.	activate the one or more permission sets linked to the user in the permission set assignment object and associated with the plurality of attributes meeting the criteria in response to determining that the user satisfies the one or more qualification requirements (Banks at paras. 0060, 0064-66)15; and
vi.	enable access by the user to the application or database resources stored on the database system associated with each permission of the one or more permission sets in response to the activation of the one or more permission sets, the accessing being blocked until the one or more permission sets is activated.  Banks at para. 0022.16
Banks does not expressly disclose the attribute comprising a role in a hierarchical role model, where users at one permission level have access to computing resources assigned to the one permission level and computing resources accessible by a lower permission level user, but do not have access to computing resources accessible to a user at a higher permission level.
Prasad discloses a system and method of using a role based access control system where a role refers to a class of users that are assigned a set of privileges on the network (i.e., permission set).  Prasad at col. 3, lines 39-40.  Prasad also discloses roles can be conditional.  Prasad at col. 3, lines 41-44.  Prasad further discloses roles can be assigned and defined by hierarchical relationships.  For example, a primary role, a role that would be assigned to everyone like an “employee”, would have the lowest level.  A “manager” would be an intermediate role that has a higher level than “employee” and an “administrator” role would have the highest level.  Each role level has the privileges of levels below it and the privileges exclusive to the role level.  Prasad at col. 7, lines 62-65; col. 8, lines 20-47.
Banks and Prasad are analogous art because they are both directed to the same field of endeavor of access permissions systems.  Much like Prasad, Banks utilizes roles that include one or more privileges and discloses users may be grouped or classified into different user groups.  Banks at para. 0017.  Therefore, while Banks does not expressly disclose a hierarchical role system, one of ordinary skill in the art would rely on Prasad and modify Banks to add the feature.
At the time before the effective filing date of the instant application, it would have been obvious to one of ordinary skill in the art to modify Banks by adding the features of the role in a hierarchical role model, where users at one permission level have access to computing resources assigned to the one permission level and computing resources accessible by a lower permission level user, but do not have access to computing resources accessible to a user at a higher permission level, as disclosed by Prasad.
The motivation for doing so would have been because providing a hierarchical role system allows administrators of the system a more efficient way of ensuring certain classes of users get the permissions they need while not having to maintain individual permissions for each user.  Prasad at col. 8, lines 15-27.  

In regards to claim 18, Banks in view of Prasad discloses the apparatus of claim 17, wherein the plurality of instructions, when executed, further cause the one or more processors to revoke an activation of the assignment of the one or more permission sets based on detecting a termination of the first user session.  Banks at 0032, 0035.17
In regards to claim 19, Banks in view of Prasad discloses the apparatus of claim 18, wherein the plurality of instructions, when executed, further cause the one or more processors to revoke an activation of the assignment of the one or more permission sets based on failing to continue to satisfy the one or more qualification requirements during the first user session.  Banks at para. 0035.18
In regards to claim 20, Banks in view of Prasad discloses the apparatus of claim 19, wherein the plurality of instructions, when executed, further cause the one or more processors to revoke the assignment of the one or more permission sets based on detecting of a start of a second user session and based on the second user session satisfying the one or more qualification requirements.  Banks at Fig. 3; paras. 0026-29, 0035.19

Claims 6-8 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Banks et al. (US Patent Pub 2014/0188938) (Banks) of record, in view of Prasad et al. (US Patent 7,568,217) (Prasad) of record, further in view of Roche et al. (US Patent 9,432,379) (Roche) of record.
In regards to claim 6, Banks in view of Prasad discloses the method of claim 5, and provides the administrator with the ability to modify roles, which includes the conditions associated with them (Banks at paras. 0029-30) but does not expressly disclose wherein the one or more qualification requirements are updatable during the first user session.  
Roche discloses a system and method in a multi-tenant environment for managing user access using user characteristics (i.e., attributes) for authorization of a user by comparing them to application roles in application authorization profiles.  Roche at abstract.  Privileges granted can be controlled by any number of different variables including time, location, and application (i.e., qualifying requirements).  These variables and privileges can be changed at any time (i.e., updateable during the first user session).  Roche at col. 6, lines 65-67; col. 7, lines 1-9.
Banks, Prasad, and Roche are analogous art because they are all directed to the same field of endeavor of managing user permissions.
At the time before the effective filing date of the instant application, it would have been obvious to one of ordinary skill in the art to modify Banks in view of Prasad by adding the feature of wherein the one or more qualification requirements are updatable during the first user session, as disclosed by Roche.  Banks already discloses allowing administrators to modify the roles.  Roche simply adds the ability for the administrator to modify the roles at any time.
The motivation for doing so would have been to allow administrators the ability to dynamically define and modify privileges granted to a user.  Roche at col. 7, lines 1-4.

In regards to claim 7, Banks in view of Prasad and Roche discloses the method of claim 6, wherein the activating the assignment of the one or more permission sets is further based on the first user session satisfying the one or more qualification requirements.  Banks at Fig. 3; paras. 0058-67.20
In regards to claim 8, Banks in view of Prasad and Roche discloses the method of claim 7, further comprising activating the assignment of the one or more permission sets based on detecting of a start of a second user session and based on the second user session satisfying the one or more qualification requirements.  Banks at Fig. 3; paras. 0026-28, 0058-67.21
Claims 14-16 are essentially the same as claims 6-8, respectively, in the form of a computer program product.  Therefore, they are rejected for at least the same reasons.

Response to Amendment
Objection to claims 1, 9, and 17 for Minor Informalities
Applicant’s amendment to claims 1, 9, and 17 to address the minor informalities is acknowledged.  Consequently, the objection to claims 1, 9, and 17 is withdrawn.

Response to Arguments
Rejection of claims 1-5, 9-13, and 17-20 under 35 U.S.C. 103
Applicant’s arguments in regards to the rejections to claims 1-5, 9-13, and 17-20 under 35 U.S.C. 103, have been fully considered but they are not persuasive.  
In regards to claim 1, Applicant alleges Baker in view of Prasad fails to disclose “wherein a subset of the plurality of permission sets assigned to the plurality of users are based on attributes of user roles … and wherein a remainder of the plurality of permission sets assigned to the plurality of users are based on remaining attributes, other than the attributes of user roles, of the plurality of users.”  Applicant argues Baker does not disclose the limitations because “Baker’s database system assigns to users … based on user roles … with no basis other than user roles for assigning permission sets or privileges to users.”  Remarks at 9-10.  The Examiner respectfully disagrees.  
Examiner is required to give claim limitations their broadest reasonable interpretation in light of the specification.  MPEP 2111.  In regards to the limitation at issue, Applicant’s specification describes attributes or characteristics of a user and can be things, such as, a geographic location or an industry.  Specification at paras. 0099-0102.  Accordingly, the limitation requires a subset of the permission sets be assigned to users based on a user’s role and the remaining permission sets are assigned to users based on attributes other than a user’s role. 
Banks discloses permission sets and calls them a role.  Banks discloses a role “may be a container in which one or more privileges are grouped and assigned to users.”  Banks at para. 0018.  Banks also discloses users may be individuals, systems, or groups of users.  User groups can be created for users in a particular geographic location and a particular department within an organization.  Each of these may be identified using a user ID.  Banks at para. 0017.  Roles (i.e., permission sets) are assigned to user IDs.  Banks at para. 0025.  Accordingly, an individual user would be associated their own user ID as well as any number of additional user IDs, where the additional user IDs would correspond to user groups.  For example, an individual user may be associated with a user ID for an “administrator” user group (i.e., role attribute) and a user ID for a “New York Employees” user group (i.e., remaining attributes, other than the attributes of user roles).  Roles (i.e., permission sets) associated with each user ID would be assigned to the individual user associated with both user IDs.  For these reasons, contrary to Applicant’s allegations, Banks discloses wherein a subset of the plurality of permission sets assigned to the plurality of users are based on attributes of user roles and wherein a remainder of the plurality of permission sets assigned to the plurality of users are based on remaining attributes, other than the attributes of user roles, of the plurality of users.
Applicant does not present additional arguments in regards to the remaining limitations of claim 1.  Therefore, Examiner asserts Banks in view of Prasad discloses all the limitations of claim 1 and similarly claims 9 and 17.  Applicant also does not present additional arguments in regards to the remaining claims.  Therefore, they remain rejected for at least the same reasons explained above.
Consequently, the rejection to claims 1-5, 9-13, and 17-20 under 35 U.S.C. 103 is maintained.

Rejection of claims 6-8 and 14-16 under 35 U.S.C. 103
Applicant’s arguments in regards to the rejections to claims 6-8 and 14-16 under 35 U.S.C. 103 refer to the arguments presented in regards to the independent claims, which are addressed above.  Consequently, the rejection to claims 6-8 and 14-16 under 35 U.S.C. 103 is maintained for at least the same reasons discussed above.

Additional Prior Art
Additional relevant prior art are listed on the attached PTO-892 form.  These are:
Arnaudov (US Patent 9,135,457) discloses a system and method for recording and applying access privileges in a virtual environment.
Wallace et al. (US patent Pub 2009/0007262) discloses a system and method for resolving permissions for role activation operators.
Auger et al. (US patent Pub 2012/0297454) discloses a system and method for security verification in electronic learning systems.
Kobayashi et al. (US Patent 6,275,825) discloses a system and method for data access control for limiting data access in accordance with a user attribute.

Conclusion
Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Examiner Michael Le whose telephone number is 571-272-7970 and fax number is 571-273-7970.  The examiner can normally be reached Mon-Fri 9:30 AM – 6 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi can be reached on via telephone at 571-272-4078.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/Michael Le/
Examiner, Art Unit 2163






	
	/TONY MAHMOUDI/               Supervisory Patent Examiner, Art Unit 2163                                                                                                                                                                                         


    
        
            
        
            
        
            
    

    
        1 A role is a container with one or more privileges for accessing data in the database (i.e., a plurality of permission sets comprising a plurality of permissions, each permission granting access to an application or database resource on the database system).  Roles (i.e., permission sets) can be assigned to individual users or to a group of users by associating a role (i.e., permission set) with a user ID.  In the case of a group of users, the group has its own user ID.  For example, a group of users could be assigned a user ID of “manager” (i.e., attributes of user roles).  User groups can also be created based on geographic location (i.e., remaining attribute) and have a role (i.e., permission set) assigned to the user ID for the geographic location based user group (i.e., wherein a remainder of the plurality of permission sets assigned to the plurality of users are based on remaining attributes other than user roles).  Therefore, a user located in New York and has an organizational role of a “manager,” could be associated with user IDs for a New York user group and a managers user group and assigned roles (i.e., permission sets) associated with the corresponding user group user IDs.
        2 Users/user groups (i.e., user identifiers), roles (i.e., permission sets), and predicates are associated with each other (i.e., linked) and stored in a table of the database system.
        3 Role activation process (i.e., activating one or more permission sets) can occur automatically upon a user login to the database (i.e., detecting a start of a first user session associated with the user).  The user’s associated user IDs (i.e., criteria regarding the plurality of attributes) are also detected to determine which roles are to be activated.
        4 Upon login (i.e., triggered by detection of the start of the first user session), the verifier of the database system determines whether the user meets conditions (i.e., qualification requirements) associated with the role.  These conditions can be based on time of day, how a user connects to the database, etc (i.e., qualification requirements being different than the attribute).
        5 If user satisfies the required conditions (i.e., user satisfying one or more qualification requirements) and is associated with the correct user IDs (i.e., meeting the criteria) the associated one or more roles are activated.
        6 A user, meeting the conditions of the role (i.e., satisfying qualification requirements) has their role (i.e., permission set) activated and subsequently, can access the data requested but cannot access the data until the role is activated.  
        7 Each roles has their own specific conditions.  Activation of a role (I.e., permission set) depends on whether a user satisfies the conditions of the role.  Therefore, a user given roles db_admin and hr_director might have db_admin activated because it is a Tuesday at 2AM, but the hr_director role may be denied activation because the network being used is insecure (i.e., activating a first permission set and not a second permission set).
        8 Conditions that must be satisfied to activate a role are checked upon a user logging in (i.e., session start) and are continually checked until one or more of the conditions fails, which results in an error notification that the role cannot be activated (i.e., revoking activation … based on detecting a termination of the first user session).  Moreover, it is also interpreted that activation is revoked upon end of a session because the system checks the conditions every time a user logs in, which would be unnecessary if the role remained activated despite a session ending.
        9 If at any point a condition is failed, the role is no longer activated (i.e., revoking activation … user failing to continue to satisfy the one or more qualification requirements during the first user session).
        10 Much like for activating one permission set and not a second permission set, revoking follows the same principles.  If a user fails to satisfy the conditions of a particular role, that role is deactivated while roles where the user continues to satisfy the conditions would remain activated.
        11 A role is a container with one or more privileges for accessing data in the database (i.e., a plurality of permission sets comprising a plurality of permissions, each permission granting access to an application or database resource on the database system).  Roles (i.e., permission sets) can be assigned to individual users or to a group of users by associating a role (i.e., permission set) with a user ID.  In the case of a group of users, the group has its own user ID.  For example, a group of users could be assigned a user ID of “manager” (i.e., attributes of user roles).  User groups can also be created based on geographic location (i.e., remaining attribute) and have a role (i.e., permission set) assigned to the user ID for the geographic location based user group (i.e., wherein a remainder of the plurality of permission sets assigned to the plurality of users are based on remaining attributes other than user roles).  Therefore, a user located in New York and has an organizational role of a “manager,” could be associated with user IDs for a New York user group and a managers user group and assigned roles (i.e., permission sets) associated with the corresponding user group user IDs.
        12 Users (i.e., user identifiers), roles (i.e., permission sets), and predicates are associated with each other (i.e., linked) and stored in a table of the database system.
        13 Role activation process (i.e., activating one or more permission sets) can occur automatically upon a user login to the database (i.e., detecting a start of a first user session associated with the user).  The user’s associated user IDs (i.e., criteria regarding the plurality of attributes) are also detected to determine which roles are to be activated.
        14 Upon login (i.e., triggered by detection of the start of the first user session), the verifier of the database system determines whether the user meets conditions (i.e., qualification requirements) associated with the role.  These conditions can be based on time of day, how a user connects to the database, etc (i.e., qualification requirements being different than the attribute).
        15 If user satisfies the required conditions (i.e., user satisfying one or more qualification requirements), the associated role is activated.
        16 A user, meeting the conditions of the role (i.e., satisfying qualification requirements) has their role (i.e., permission set) activated and subsequently, can access the data requested but cannot access the data until the role is activated.  
        17 Conditions that must be satisfied to activate a role are checked upon a user logging in (i.e., session start) and are continually checked until one or more of the conditions fails, which results in an error notification that the role cannot be activated (i.e., revoking activation … based on detecting a termination of the first user session).  Moreover, it is also interpreted that activation is revoked upon end of a session because the system checks the conditions every time a user logs in, which would be unnecessary if the role remained activated despite a session ending.
        18 If at any point a condition is failed, the role is no longer activated (i.e., revoking activation … user failing to continue to satisfy the one or more qualification requirements during the first user session).
        19 A second user may have an administrator role and based on logging in and satisfying the conditions of the admin role (i.e., based on detection of a second user session and second user session satisfying the one or more qualification requirements), the second user can remove a role from the first user (i.e., revoke the assignment of the permission set).  
        20 Upon a session start, the system determines whether the role has conditions (i.e., qualification requirements) and if so, determines whether the user satisfies the conditions for the role, the role is activated.
        21 A second user could have the same role (i.e., one or more permission set) assigned to them.  Upon logging in, the second user would have their session and attributes tested to ensure they satisfy the conditions (i.e., qualification requirements), which will allow the role to be activated for the second user.