DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response application 17/058,604 filed on 11/24/2020.
Claims 7-26 have been examined and are pending in this application. As per the Preliminary Amendment filed on 11/24/2020, claims 1-6 were canceled; 7-26 have been added. Claims 7-26 are pending in this application. 
The examiner notes the IDS filed 11/24/2020 has been considered. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 7, 9, 10, 12, 14, 16, 17, 19, 21, 23 and 24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Janakiraman et al. (US 2007/0169204 A1) in view of Anton (US 2017/0048253 A1) and Saare et al. (US 2005/0015490 A1).

Regarding Claim 7;
Janakiraman discloses a computer-implemented method for managing access to a system, the method comprising: 
interactively receiving a login request from a user for accessing the system, wherein the login request includes a user identity of the user ... (FIG. 4 – Receive Request and [0033] – User=Bill);
 receiving a combination of at least:
 user attribute information associating the received user identity and a user attribute (FIG. 2A and [0027] - dynamic security system 130 receives request 120, and retrieves user attributes 140 from user attributes store 150 that correspond to user 100, such as management level, job position, time of service, etc. In addition, dynamic security system 130 identifies other user attributes, such as user 100's login time, login location (e.g., local or remote), and prior access history);
[additional information] (FIG 3A);
transmitting, ...whether the received user identity is login-enabled, ... to the system for login (FIG. 3 – Authorize Request).
Janakiraman fails to explicitly disclose
interactively receiving a login request from a user for accessing the system, wherein the login request includes ... a system identity;
system information associating the received user identity and the received system identity of the system for indicating whether the user based on the user identity is login- enabled for accessing the system as specified by the system identity, and 
a login information for accessing the system; 
transmitting, based on the received system information indicating whether the received user identity is login-enabled, the login information to the system for login.
	However, in an analogous art, Anton discloses 
interactively receiving a login request from a user for accessing the system, wherein the login request includes aa user identity of the user and  a system identity (Anton, FIG. 7 – Device_ID and [0093]);
system information associating the received user identity and the received system identity of the system for indicating whether the user based on the user identity is login-enabled for accessing the system as specified by the system identity (Anton, FIG. 7 – Device_OS and Geospatial and [0093])
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Anton to the managing of access of Janakiraman to include interactively receiving a login request from a user for accessing the system, wherein the login request includes ... a system identity; system information associating the received user identity and the received system identity of the system for indicating whether the user based on the user identity is login-enabled for accessing the system as specified by the system identity
One would have been motivated to combine the teachings of Janakiraman to Anton to do so as it provides / allows define permissions over data resources within the datastore, and such a system may be “less” complex and “less” difficult to scale (Anton, [0007]).
Further, in an analogous art, Saare teaches
interactively receiving a login request from a user for accessing the system, wherein the login request includes a user identity (Saare, FIG. 3 - SSO)
receiving... at least:
a login information for accessing the system (Saare, FIG 3 – Credential Store); 
transmitting, based on the received system information indicating whether the received user identity is login-enabled, the login information to the system for login (Saare, FIG. 3 and [0035]-[0035] - When a user 305 submits a request for a resource to the portal server 310 (FIG. 7, step 715), the portal server 310 uses the stored credentials to sign on with the requested resource server on behalf of the user (FIG. 7, step 720)... Each of the resource servers 315a, 315b, and 315c have a respective sign-on mechanism 321a, 321b, and 321c. The sign-on mechanism for each resource server may be different, requiring unique identifiers and/or passwords, thus each of the respective sign-ons SO2, SO1, and SO3, that is conducted with sign-on mechanisms 321a, 321b, and 321c, may be different).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Saare to the managing of access of Janakiraman and Anton to include interactively receiving a login request from a user for accessing the system, wherein the login request includes a user identity; receiving... at least: a login information for accessing the system transmitting, based on the received system information indicating whether the received user identity is login-enabled, the login information to the system for login.
One would have been motivated to combine the teachings of Saare to Janakiraman and Anton to do so as it provides / allows providing... sign-on capability that allows a portal server to handle authentication and other sign-on requirements... on behalf of the user (Saare, [0013]).

Regarding Claim 9;
Janakiraman and Anton and Saare disclose the method to Claim 7.
Janakiraman further discloses method further comprising: storing the combination of at least: the user attribute, the [additional] information (FIG. 2A).
Anton further teaches concepts of association information (Anton, FIG. 7).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention  to include in the user attribute value table of Janakiraman the association information as taught by Anton since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable.
Saare further teaches comprising: storing the combination of at least the login information for accessing the system (Saare, FIG. 3 – Credential Store)
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention  to include in the user attribute value table of Janakiraman and Anton the login information for accessing the system as taught by Saare since the claimed invention is merely a combination of old elements, and in the combination each element merely would have performed the same function as it did separately, and one of ordinary skill in the art would have recognized that the results of the combination were predictable.

Regarding Claim 10;
Janakiraman and Anton and Saare disclose the method to Claim 7.
Janakiraman further discloses method further comprising: generating a log, the log including a result of the received login request from the user (FIG. 2A – Errors and [0027] - Lines 248-250 include prior error attribute values that correspond to prior login attempts (user's prior access history)); and storing the log (FIG. 2A – Errors and [0027] - Lines 248-250 include prior error attribute values that correspond to prior login attempts (user's prior access history)).
Regarding Claim 12;
Janakiraman and Anton and Saare disclose the method to Claim 7.
Janakiraman further discloses wherein the user attribute includes an organization, a qualification, or an authority (FIG. 2A – Management, Position).

Regarding Claim(s) 14, 16, 17, and 19; claim(s) 14, 16, 17, and 19 is/are directed to a/an system associated with the method claimed in claim(s) 7, 9, 10, and 12. Claim(s) 14, 16, 17, and 19 is/are similar in scope to claim(s) 7, 9, 10, and 12 and is/are therefore rejected under similar rationale.

Regarding Claim(s) 21, 23, and 24; claim(s) 21, 23, and 24 is/are directed to a/an system associated with the method claimed in claim(s) 7, 9, and 10. Claim(s) 21, 23, and 24 is/are similar in scope to claim(s) 7, 9, and 10, and is/are therefore rejected under similar rationale.

Claims 8, 15 and 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Janakiraman et al. (US 2007/0169204 A1) in view of Anton (US 2017/0048253 A1) and Saare et al. (US 2005/0015490 A1) and further in view of Hillary et al. (US 2015/0087303 A1).

Regarding Claim 8;
Janakiraman and Anton and Saare disclose the method to Claim 7.
Janakiraman further discloses wherein the user identity is associated with a user accessing a first system (FIG. 2A and FIG. 4 – Receive Request and [0033] – User=Bill);
Anton further teaches [similar concepts of] wherein the user identity is associated with a user accessing a first system, wherein the system identity relates to [a first system] (Anton, FIG. 7 and [0093]);
Janakiraman and Anton and Saare fail to explicitly disclose wherein the system identity relates to a second system, and wherein the second system is distinct from the first system.
	However, in an analogous art, Hillary teaches wherein the system identity relates to a second system, and wherein the second system is distinct from the first system (Hillary, [0091]-[0094] - In some embodiments, the device may determine location data based on one or more available data sources, including but not limited to: (i) a GPS data source..., (ii) a Wi-Fi data source (e.g., determining one or more Wi-Fi router devices in communication with the device), (iii) an SSID data source, and/or (iv) a mobile carrier tower or other cellular device location data source. According to some embodiments, the user device may determine location (and/or time information) based on a global positioning system (GPS), a space-based satellite navigation system that provides location and time information in diverse weather conditions. According to some embodiments, the user device may determine one or more respective SSIDs associated with Wi-Fi networks accessible by the user device. in some embodiments, as described in this disclosure, carrier mobile towers used by mobile operators to serve cellular connections may be queried using a multilateration technique based on location information received (e.g., by the user device) from two or more radio towers.).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Hillary to the managing of access of Janakiraman and Anton and Saare to include wherein the system identity relates to a second system, and wherein the second system is distinct from the first system.
One would have been motivated to combine the teachings of Hillary to Janakiraman and Anton and Saare to do so as it provides / allows improving the accuracy of and/or better assessing the appropriate level of confidence in the location determined for various types of device (Hillary, [0013]).

Regarding Claim(s) 15; claim(s) 15 is/are directed to a/an system associated with the method claimed in claim(s) 8. Claim(s) 15 is/are similar in scope to claim(s) 8, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 22; claim(s) 22 is/are directed to a/an medium associated with the method claimed in claim(s) 8. Claim(s) 22 is/are similar in scope to claim(s) 8, and is/are therefore rejected under similar rationale.

Claims 11, 18 and 25 is/are rejected under 35 U.S.C. 103 as being unpatentable over Janakiraman et al. (US 2007/0169204 A1) in view of Anton (US 2017/0048253 A1) and Saare et al. (US 2005/0015490 A1) and further in view of Sarukkai et al. (US 2008/0184336 A1).

Regarding Claim 11;
Janakiraman and Anton and Saare disclose the method to Claim 7.
Janakiraman and Anton and Saare fail to explicitly disclose the method further comprising: receiving a change request on the user attribute; and updating, based on the received change request, the user attribute.
However, Sarukkai discloses the method further comprising: receiving a change request on the user attribute (Sarukkai, [0205] – Administration API and [0216]-[0223]); and updating, based on the received change request, the user attribute (Sarukkai, [0205] – Administration API and [0216]-[0223]);
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Sarukkai to the managing of access of Janakiraman and Anton and Saare to include the method further comprising: receiving a change request on the user attribute; and updating, based on the received change request, the user attribute.
One would have been motivated to combine the teachings of Sarukkai to Janakiraman and Anton and Saare to do so as it provides / allows control admission of a user to a protected network (Sarukkai, [0004]).

Regarding Claim(s) 18; claim(s) 18 is/are directed to a/an system associated with the method claimed in claim(s) 11. Claim(s) 18 is/are similar in scope to claim(s) 11, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 25; claim(s) 25 is/are directed to a/an medium associated with the method claimed in claim(s) 11. Claim(s) 25 is/are similar in scope to claim(s) 11, and is/are therefore rejected under similar rationale.

Claims 13, 20 and 26 is/are rejected under 35 U.S.C. 103 as being unpatentable over Janakiraman et al. (US 2007/0169204 A1) in view of Anton (US 2017/0048253 A1) and Saare et al. (US 2005/0015490 A1) and further in view of Andersen et al. (US 2003/0225827 A1).

Regarding Claim 13;
Janakiraman and Anton and Saare disclose the method to Claim 7.
Janakiraman and Anton and Saare fail to explicitly disclose wherein the login information includes a login identifier for accessing the system, and wherein the user identifier is distinct from the login identifier for accessing the system.
However, in an analogous art, Andersen teaches concepts in which wherein the login information includes a login identifier for accessing the system, and wherein the user identifier is distinct from the login identifier for accessing the system (Anderson, [0022] - The client receives a resource identifier corresponding to the resource (i.e., a resource URL) as well as a "service" login identifier that is not the same as the client's regular user identifier that the client normally uses to log onto the ISP. The client uses the service login identifier and the client's normal password (i.e., the password that corresponds to the client's regular user identifier) to request the resource URL. In one embodiment, the service login identifier includes identifiers corresponding to the requested resource and/or the order that was placed by the user.).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Andersen to the managing of access of Janakiraman and Anton and Saare to include wherein the login information includes a login identifier for accessing the system, and wherein the user identifier is distinct from the login identifier for accessing the system.
One would have been motivated to combine the teachings of Andersen to Janakiraman and Anton and Saare to do so as it provides / allows dynamically providing a user with a resource-oriented login ... that includes attributes that allows the user to better utilize the resource (Andersen, [0002]).

Regarding Claim(s) 20; claim(s) 20is/are directed to a/an system associated with the method claimed in claim(s) 13. Claim(s) 20 is/are similar in scope to claim(s) 13, and is/are therefore rejected under similar rationale.

Regarding Claim 26;
Janakiraman and Anton and Saare disclose the medium to Claim 21.
Janakiraman further discloses wherein the user attribute includes an organization, a qualification, or an authority (FIG. 2A – Management, Position).
Janakiraman and Anton and Saare fail to explicitly disclose wherein the login information includes a login identifier for accessing the system, and wherein the user identifier is distinct from the login identifier for accessing the system.
However, in an analogous art, Andersen teaches concepts in which wherein the login information includes a login identifier for accessing the system, and wherein the user identifier is distinct from the login identifier for accessing the system (Anderson, [0022] - The client receives a resource identifier corresponding to the resource (i.e., a resource URL) as well as a "service" login identifier that is not the same as the client's regular user identifier that the client normally uses to log onto the ISP. The client uses the service login identifier and the client's normal password (i.e., the password that corresponds to the client's regular user identifier) to request the resource URL. In one embodiment, the service login identifier includes identifiers corresponding to the requested resource and/or the order that was placed by the user.).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Andersen to the managing of access of Janakiraman and Anton and Saare to include wherein the login information includes a login identifier for accessing the system, and wherein the user identifier is distinct from the login identifier for accessing the system.
One would have been motivated to combine the teachings of Andersen to Janakiraman and Anton and Saare to do so as it provides / allows dynamically providing a user with a resource-oriented login ... that includes attributes that allows the user to better utilize the resource (Andersen, [0002]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385. The examiner can normally be reached Monday-Friday 10am - 6pm (MDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KARI L SCHMIDT/Primary Examiner, Art Unit 2439