DETAILED ACTION
Claims 1-6, 8-14, and 16-20 are allowed.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in an interview with Rigel Menard (Reg. No. 66520) on April 20, 2022.
The application has been amended as follows: 

3. (Currently Amended) The method of claim 1, further comprising: 
receiving a third security token from a first service; 
determining a validation rate of tokens received from the first service meets a criterion; and 
validating the third security token based on the determining the validation rate of tokens received from the first service meets the criterion.  

4. (Original) The method of claim 3, wherein the first security token is received from a second service, the method further comprising: 
storing an indication of an association between the validation of the first security token and the second service; 
determining, based on the stored indication, a validation rate of tokens received from the second service; and 
validating a fourth security token based on the validation rate of tokens received from the second service.  

5. (Currently Amended) The method of claim 1, further comprising: 
receiving a second security token at a second time; 
validating a second digital signature of the second security token; 
determining a second token sequence number of the second security token; 
determining, based on the second time and the rate of change, a second range of token sequence numbers; 
determining the second token sequence number is outside the determined second range; and 
generating, based on the determining the second token sequence number is outside the determined second range, a notification indicating the first 

6. (Currently Amended) The method of claim 5, further comprising: 
receiving a third security token from a service; 
determining a validation rate of tokens received from the service meets a criterion; 
determining an issuer of the third security token is a second security token issuing authority; and 
generating, based on the determining the issuer of the third security token is a second security token issuing authority, a notification indicating the second security token issuing authority's private key is compromised 

7. (Canceled)  

8. (Currently Amended) The method of claim [7]1, further comprising determining a percentage of valid tokens indicating an issuer of the respective valid token is the first 

9. (Currently Amended) A system, comprising: 
hardware processing circuitry; 
one or more hardware memories comprising instructions that when executed configure the hardware processing circuitry to perform operations comprising: 
receiving a plurality of notifications, each notification indicating issuance of a token, wherein an issuer of each security token is a 
decoding, from the plurality of notifications, a corresponding plurality of token sequence numbers; 
determining, from the plurality of notifications, a rate of change of the plurality of token sequence numbers, the rate of change indicating a number of increments or decrements of aAMENDMENT AND RESPONSE UNDER 37 C.F.R. § 1.111Page 7Application Number: 16/674,699Dkt: 1777.D87US1 Filing Date: November 5, 2019baseline sequence number that occur per unit time, the increments or decrements increase or decrease the baseline sequence number by a determinable amount; 
receiving a first security token at a first time; 
determining an issuer of the first security token is the first security token issuing authority; 
determining a digital signature of the first security token is valid; 
determining the first security token issuing authority is offline; 
responsive to determining the first security token issuing authority is offline, determining, based on the first time and the rate of change, a token sequence number confidence interval of the first security token issuing authority; 
determining a token sequence number included in the first security token is within the token sequence number confidence interval; and 
validating the first security token based on determining the token sequence number included in the first security token is within the token sequence number confidence interval.  

12. (Currently Amended) The system of claim 11, wherein the first security token is received from a second service, the operations further comprising: 
storing an indication of an association between the validation of the first security token and the second service; 
determining, based on the stored indication, a validation rate of tokens received from the second service; and 
validating a fourth security token based on the validation rate of tokens received from the second service.  

14. (Currently Amended) The system of claim 13, the operations further comprising: 
receiving a third security token from a service; 
determining a validation rate of tokens received from the service meets a criterion; 
determining an issuer of the third security token is a second token issuing authority; and 
generating, based on the determining the issuer of the third security token is a second token issuing authority, a notification indicating the second token issuing authority's private key is compromised 

15. (Canceled)

16. (Original) The system of claim [15]9, the operations further comprising determining a percentage of valid tokens indicating an issuer of the respective valid token is the first security token issuing authority, wherein the token sequence number confidence interval is in response to the percentage meeting a criterion.  

17. (Currently Amended) A non-transitory computer readable storage medium comprising instructions that when executed configure hardware processing circuitry to perform operations comprising: 
receiving a plurality of notifications, each notification indicating issuance of a token, wherein an issuer of each security token is a first security token issuing authority; 
decoding, from the plurality of notifications, a corresponding plurality of token sequence numbers; 
determining, from the plurality of notifications, a rate of change of the plurality of token sequence numbers, the rate of change indicating a number of increments or decrements of a baseline sequence number that occur per unit time, the increments or decrements increase or decrease the baseline sequence number by a determinable amount; 
receiving a first security token at a first time; 
determining the first security token is issued by the first security token issuing authority; 
determining a digital signature of the first security token is valid; 
determining the first security token issuing authority is offline; 
responsive to determining the first security token issuing authority is offline, determining, based on the first time and the rate of change, a token sequence number confidence interval of the first security token issuing authority;AMENDMENT AND RESPONSE UNDER 37 C.F.R. § 1.111Page 10Application Number: 16/674,699Dkt: 1777.D87US1 Filing Date: November 5, 2019
determining a token sequence number included in the first security token is within the token sequence number confidence interval; and 
validating the first security token based on determining the token sequence number included in the first security token is within the token sequence number confidence interval.  

20. (Currently Amended) The non-transitory computer readable storage medium of claim 19, wherein the first security token is received from a second service, the operations further comprising: 
storing an indication of an association between the validation of the first security token and the second service; 
determining, based on the stored indication, a validation rate of tokens received from the second service; and 
validating a fourth security token based on the validation rate of tokens received from the second service.

REASONS FOR ALLOWANCE
The following is an examiner’s statement of reasons for allowance: The primary reason for the allowance of the claims is the inclusion of the limitation, inter alia, “receiving a plurality of notifications, each notification indicating issuance of a security token, wherein an issuer of each security token is a first token issuing authority; decoding, from the plurality of notifications, a corresponding plurality of token sequence numbers; determining, from the plurality of notifications, a rate of change of the plurality of token sequence numbers, the rate of change indicating a number of increments or decrements of a baseline sequence number that occur per unit time, the increments or decrements increase or decrease the baseline sequence number by a determinable amount; receiving a first security token at a first time; determining an issuer of the first security token is the first token issuing authority; determining a digital signature of the first security token is valid; determining the first token issuing authority is offline; responsive to determining the first token issuing authority is offline, determining, based on the first time and the rate of change, a token sequence number confidence interval of the first security token issuing authority; determining a token sequence number included in the first security token is within the token sequence number confidence interval; and validating the first security token based on determining the token sequence number included in the first security token is within the token sequence number confidence interval". 
The following is considered to be the closest prior art of record:
Tarhan (US 2010/0205448) – teaches incrementing token sequence numbers as well as validating tokens by comparing the sequence numbers.
Haque (US 2018/0300717) – teaches validating a token even when the authority is offline.
Bailey (US 2017/0070534) – teaches authenticating a request based on a token sequence number.
Pei (US 2011/0161289) – teaches validating a token based on a stored sequence number.
Abendroth (US 2011/0131627) – teaches communicating with an authority whether offline or online.
Kreft (WO 2012/123394) – teaches transmitting tokens when offline.
Field (US 8850546) – teaches using tokens that are configured for offline validation as well as tokens that are configured for online validation.
Lee (US 2018/0234837) – teaches performing an offline authentication to issue a token.
Johnson (US 2020/0382957) – teaches re-synchronizing the sequence numbers with the authentication center if they do not match.
Inabe (US 2019/0068588) – teaches validating a token offline based on the tokens valid time period.
However, the concept of using the rate of change, time, and token sequence number confidence interval to validate a security token when the token issuing authority is offline as claimed cannot be found in the prior art of record.
None of the prior art of record, either taken by itself or in any combination, would have reasonably anticipated or made obvious the invention of the present application at or before the time it was effectively filed. The concepts and features, as claimed, are considered to be a non-obvious combination of limitations not taught in the prior art. Therefore, claims 1-6, 8-14, and 16-20 are considered to be allowable.
According to MPEP 1302.14 (I): “In most cases, the examiner’s actions and the applicant’s replies make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule. This is particularly true when applicant fully complies with 37 CFR 1.111 (b) and (c) and 37 CFR 1.133(b). Thus, where the examiner’s actions clearly point out the reasons for rejection and the applicant’s reply explicitly presents reasons why claims are patentable over the reference, the reasons for allowance are in all probability evident from the record and no statement should be necessary.”
Applicants amendments and remarks submitted on October 28, 2021 have overcome the previous prior art rejections as well as the previous Claim Objections and 35 USC 112 Rejections. Therefore, all of the previous rejections have been removed and the current claims are in condition for allowance.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN B KING whose telephone number is (571)270-7310.  The examiner can normally be reached on Monday-Friday 10AM-6PM EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on 5712728878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/John B King/
Primary Examiner, Art Unit 2498