Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
2.	This Office Action is issued in response to the claims filed on 9/11/2020.
Claims 1-9 are pending in this Office Action.	

Priority
3.	Acknowledgement is made of applicant’s priority claim to Japanese application JP 2019-220470, filed on December 5, 2019.

Information Disclosure Statement
4.	The information disclosure statement (IDS) submitted on 9/11/2020 has been considered by the examiner.
Title 
5.	The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. 

35 U.S.C. § 112(f)
6.	The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

7.	The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
8.	This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitations are: 
a. “An authentication and authorization system configured to…”, “…an application execution unit configured to…; a user information storage unit configured to…; a token acquisition unit configured to …; a token storage unit configured to…; a token acquisition unit configured to…;  the application execution unit is configured to…” in claim 1
b. “…the application execution unit is configured to …” in claim 5
c. “…the token acquisition unit is configured to …” and “the application execution unit is configured to…in claim 6
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitation “An authentication and authorization system…”: Fig. 7 with associated text.
If applicant does not intend to have these limitations interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitations to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitations recite sufficient structure to perform the claimed function so as to avoid them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 112
9.	The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

10.	Claims 1-8 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claims contain subject matters which were not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. The specification is devoid of any structure that performs the functions in the claims that are interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.



11.	The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


12.	Claim limitations “…an application execution unit configured to…; a user information storage unit configured to…; a token acquisition unit configured to …; a token storage unit configured to…; a token acquisition unit configured to…;  the application execution unit is configured to…” in claim 1, “…the application execution unit is configured to …” in claim 5, and “…the token acquisition unit is configured to …” and “the application execution unit is configured to…in claim 6 invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. The disclosure is devoid of any structure that performs the functions in the claims. Therefore, the claims are indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
13.	Claims 1-9 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
	a.	Regarding claim 1, the limitation “…an application executed by a user cooperates is used via a cooperation unit …” (lines 3-4) is grammatically improper and ambiguous.  Therefore, claim 1 and its dependent claims 2-8 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph.  For purpose of examination, the Examiner assumes the limitation as “…an application executed by a user device…”
b.	Claim 9 recites “An authentication and authorization method…”  However, it is unclear what steps are encompassed by the claim. Therefore, the claim is rejected under 35 U.S.C. 112(b).  For purpose of examination, the Examiner considers all the actions performed by the cited units are the steps.
Appropriate corrections are required.

Claim Rejections - 35 USC § 103
14.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

15.	Claims 1 and 7-9 are rejected under 35 U.S.C. 103 as being unpatentable over Holt et al. (US 2019/0319967), hereinafter “Holt” in view of Maria et al. (US 2019/0372962), hereinafter “Maria”.
Regarding claim 1, Holt discloses an authentication and authorization system configured to perform authentication and authorization when an external service with which an application executed by a user cooperates is used via a cooperation unit (Figs. 1 and 3 with associated text: client 3-application-makes a request for access to resource server-external service- on behalf of resource owner/user device 101 and authentication and authorization are performed), the authentication and authorization system comprising: 
an application execution unit configured to execute the application (Fig.1 with associated text: client 3); 
[a user information storage unit configured to store user information of the user]; 
a token acquisition unit configured to acquire, [using the user information acquired from the user information storage unit], an access token from an authorization server that authorizes the application to use the external service when a valid access token is presented via the cooperation unit (Fig. 2 with associated text, paragraphs [0012]-[0015], and [0036]: token management server- token acquisition unit- communicates with authorization server to obtain an  access token which is used to access protected resource); and 
a token storage unit configured to store the access token acquired by the token acquisition unit (Fig. 8 with associated text, token storage unit 833; paragraphs [0018] and [0119]: storing access token at the client system), wherein the token acquisition unit is configured to acquire the access token from the authorization server at a predetermined cycle, and store the acquired access token in the token storage unit (a. paragraphs [0102]-[0107]: obtaining refresh grant token based on expiry time; b. paragraph [0119]: access token with expiry time; c. paragraph [0138]: storing access tokens, grant tokens and refresh tokens.  Holt does not explicitly disclose obtaining refresh access token at a predetermined cycle.  However, the combination of (a), (b), (c) makes it obvious to obtain refresh access token to ensure of having valid access token for network efficiency), and the application execution unit is configured to when the application uses the external service, acquire the access token from the token storage unit, and request the cooperation unit to make the application cooperate with the external service using the acquired access token (paragraphs [0019]-[0121]: using the stored token to access resource; paragraph [0138]: storing access tokens).
Holt discloses storage resource comprising a grant method code portion storage resource, an authentication method code storage resource, a configurable database storage resource and a token storage unit.  Holt does not explicitly disclose a user information storage unit configured to store user information of the user and using the user information acquired from the user information storage unit to acquire the access token from the authorization server.  However, using stored user information from a user information storage unit to acquire an access token is known in the art and Maria’s teaching is an example (paragraph [0041]: storing user identity token at data store 129; paragraphs [0045] and [0061]: user identity token is used in obtaining access token). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Holt’s teaching of acquiring an access token to access an external service with Maria’s teaching of using stored user information from a user information storage unit to acquire an access token.  The motivation to do so would be to ensure providing the access token to an intended user for network security.
Regarding claim 7, Holt and Maria disclose the authentication and authorization system according to claim 1, wherein the user information storage unit rewritably stores acquisition interval information on the access token, and the token acquisition unit is configured to acquire the access token from the authorization server at the predetermined cycle based on the acquisition interval information read from the user information storage unit, and store the acquired access token in the token storage unit (Holt, paragraphs [0102]-[0107]: obtaining refresh grant token based on expiry time; [0119]: storing expiry time of the access token and performing action on the access token based on the expiry time; paragraph [0126]: performing action on the access based on expiry time and user input; paragraph [0135]: timer module and time interval calculation module; paragraph [0138]: storage resource for storing different/plurality data.  Maria, Fig. 1 with associated text: data store with different material including user identity information.  The combination of Holt and Maria’s teaching would result in a predictable result that the user information storage unit rewritably stores acquisition interval information on the access token, and the token acquisition unit is configured to acquire the access token from the authorization server at the predetermined cycle based on the acquisition interval information read from the user information storage unit, and store the acquired access token in the token storage unit).
Regarding claim 8, Holt and Maria disclose the authentication and authorization system according to claim 1, wherein the predetermined cycle is a cycle when the access token previously acquired and stored in the token storage unit is updated with a new access token acquired this time from the authorization server within an expiration date of the previous access token (Holt, paragraph [0103]).
Regarding claim 9, it claims similar subject matters to claim 1; therefore, claim 9 is rejected at least for the same reasons as claim 1.
16.	Claims 2-4 are rejected under 35 U.S.C. 103 as being unpatentable over Holt et al. (US 2019/0319967), hereinafter “Holt” in view of Maria et al. (US 2019/0372962), hereinafter “Maria” and in view of Barton et al. (US 2014/0032759), hereinafter “Barton”.
Regarding claim 2, Holt and Maria disclose the authentication and authorization system according to claim 1.  Holt and Maria does not disclose wherein the application execution unit cannot access the user information storage unit.
However, restricting an application from accessing other components in a system is known in the art and Barton’s teaching is an example (paragraph [0076]: “each application may be allowed or restricted from communications with one or more other applications and/or resource”).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Holt and Maria’s teachings of acquiring an access token to access an external service and using stored user information from a user information storage unit to acquire an access token with Barton’s teaching of restricting an application from accessing other component in a system.  The motivation to do so would be to protect sensitive data from suspicious applications.
Regarding claim 3, Holt, Maria and Barton disclose the authentication and authorization system according to claim 2, wherein the application execution unit, the token storage unit, the token acquisition unit, and the user information storage unit are built on cloud (Maria, Fig. 6 with associated text and paragraph [0099]: “Cloud infrastructure system 602 may include a suite of applications, middleware, databases, and other resources that enable provision of the various cloud services”; paragraph [0115]: “IMS 628 may be configured to provide various security-related services such as identity services, such as information access management, authentication and authorization services, services for managing customer identities and roles and related capabilities, and the like.” ), the token acquisition unit and the user information storage unit are disposed in the same container, and the application execution unit and the token storage unit are disposed in a container different from the container in which the token acquisition unit and the user information storage unit are disposed (Holt, Fig. 8 with associated text: storage resource with multiple storages and database.  Barton, paragraph [0076]: “each application may be allowed or restricted from communications with one or more other applications and/or resource”; paragraph [0079]: specific containers for selected data. The combination of Holt and Barton’s teachings makes an obvious for a designer to group storages into containers of choice to implement according restricted access).
Regarding claim 4, Holt, Maria and Barton disclose the authentication and authorization system according to claim 3, wherein the user information is stored in advance in the user information storage unit via a predetermined terminal (Maria, paragraphs [0041] and [0045]: user identity token is stored and later is used for obtaining access token).
17.	Claims 5 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Holt et al. (US 2019/0319967), hereinafter “Holt” in view of Maria et al. (US 2019/0372962), hereinafter “Maria”, and in view of Mandanapu (US 2017/0034775), hereinafter “Mandanapu”.
Regarding claim 5, Holt and Maria disclose the authentication and authorization system according to claim 1, wherein the application execution unit is configured to when a token error occurs in which the access token when the cooperation unit is requested to make the application cooperate with the external service is invalid (Holt, paragraphs [0129]-[0130]: invalid access token).  Holt and Maria do not disclose reacquiring an access token from the token storage unit, and re-request the cooperation unit to make the application cooperate with the external service using the reacquired access token.  However, repeating a token acquiring process to obtain a new token when a token is expired or when there is an error with a token is known in the art and Mandanapu’s teaching is an example (paragraph [0115]).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Holt and Maria’s teachings of acquiring an access token to access an external service and using stored user information from a user information storage unit to acquire an access token with Mandanapu’s teaching of repeating a token acquiring process to obtain a new token when a token is expired or when there is an error with a token because the result would be predictable and resulted in reacquiring an access token from the token storage unit, and re-request the cooperation unit to make the application cooperate with the external service using the reacquired access token. 
Regarding claim 6, Holt and Maria disclose the authentication and authorization system according to claim 1, wherein the token acquisition unit is configured to when a token error occurs in which the access token when the cooperation unit is requested to make the application cooperate with the external service is invalid (Holt, paragraphs [0129]-[0130]: invalid access token).  Holt and Maria do not disclose reacquiring an access token from the authorization server, and store the reacquired access token in the token storage unit, and the application execution unit is configured to after the access token reacquired by the token acquisition unit is stored in the token storage unit, reacquire the access token from the token storage unit, and re-request the cooperation unit to make the application cooperate with the external service using the reacquired access token.  However, repeating a token acquiring process to obtain a new token when a token is expired or when there is an error with a token is known in the art and Mandanapu’s teaching is an example (paragraph [0115]).  Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine Holt and Maria’s teachings of acquiring an access token to access an external service and using stored user information from a user information storage unit to acquire an access token with Mandanapu’s teaching of repeating a token acquiring process to obtain a new token when a token is expired or when there is an error with a token because the result would be predictable and resulted in reacquiring an access token from the authorization server, and storing the reacquired access token in the token storage unit, and the application execution unit is configured to after the access token reacquired by the token acquisition unit is stored in the token storage unit, reacquire the access token from the token storage unit, and re-request the cooperation unit to make the application cooperate with the external service using the reacquired access token.  
Conclusion	
18.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to THANH T. LE whose telephone number is (571)270-0279.  The examiner can normally be reached on Monday-Thursday 8:00 am - 4:00 pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

 /THANH T LE/Examiner, Art Unit 2495