DETAILED ACTION
Background
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is responsive to the application filed on February 6, 2020.
Claims 1-10 are pending.  Claims 1, 6, and 9 are independent claims.  
Acknowledgment is made of Applicant’s submission of a Preliminary Amendment, filed February 6, 2020, directed toward amendment of the specification to include reference to earlier applications. 

Priority
Applicant’s claim for the benefit of PCT application PCT/CN2018/099064 under 35 U.S.C. 365 is acknowledged.  Receipt is further acknowledged of papers submitted under 35 U.S.C. 119(a)-(d), pursuant to 35 U.S.C. 365(b), which papers have been placed of record in the file. 

Information Disclosure Statement
The information disclosure statement submitted on February 6, 2020, was filed before the mailing of a first Office action on the merits.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claims 1-10 are objected to because of the following informality: the phrase “displaying current permission status” should read “displaying a current permission status.”  Appropriate correction is required. 
Claim 7 is objected to because of the following informality: the phrase “an operation permission of statistical list” should read “an operation permission of a statistical list.”  Appropriate correction is required. 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-10 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., an abstract idea) without significantly more.  Independent Claims 1, 6, and 9 are directed to methods for displaying current permission status of all system users.  The specific limitations of representative Claim 1 that recite the abstract idea are the steps of: selecting one form; selecting one element item of one of the elements of the form; displaying all system users after the element item is selected, and displaying current permission status of each system user for the selected element item; and authorizing the selected element item for one or more of the system users.
Under a broadest reasonable interpretation, these limitations as claimed represent an abstract idea in the form of mental processes or concepts performed in the human mind such as observation, evaluation, judgement, and opinion.  The concepts of authorizing a selected element item by selecting and displaying users and information represent activities that may be performed by “head and hand” (Gottschalk v. Benson, 409 U.S. 63 [1972], at 65) and “pen and paper" (CyberSource Corp. v. Retail Decisions, Inc., No. 09-1358 [Fed. Cir. Aug. 16, 2001], at 12).  For example, an individual might determine select a piece of information a determine the piece of information should only be authorized for certain individuals.  Other than narrow interpretations of “form” and “displaying” that implicate manual implementations by pen and paper or suggest generic computer implementations, interpretations that are not required under a broadest reasonable interpretation standard, nothing in Claim 1 precludes these steps from practically being performed in the mind.
Similarly, additional or alternative limitations of independent Claims 6 and 9, including application in the context of a statistical list as recited in Claim 6 and selecting a menu (a generic selection act without more) as recited in Claim 9, are limitations that, under a broadest reasonable interpretation, also represent an abstract idea in the form of mental processes or concepts performed in the human mind such as observation, evaluation, judgement, and opinion.
Further, these limitations as claimed describe abstract ideas that correspond to concepts identified by the courts as certain methods of organizing human activity that are deemed ineligible.  The claimed steps noted above regarding authorizing permissions according to rules relate to managing personal behavior or relationships or interactions between people (including social activities, teaching, and following rules or instructions) similar to claims found ineligible in In re Grams, 888 F.2d 835, 12 U.S.P.Q.2d 1824 (Fed. Cir. 1989); Ariosa Diagnostics, Inc. v. Sequenom, Inc., 788 F.3d 1371, 115 U.S.P.Q.2d 1152 (Fed. Cir. 2015); and Cleveland Clinic Foundation v. True Health Diagnostics, LLC, 859 F.3d 1352, 123 U.S.P.Q.2d 1081 (Fed Cir. 2017).
The judicial exception as noted above is not integrated into a practical application because “system users,” “one form,” “elements of the form,” “displaying,” “statistical list,” and “menu” as claimed implicate only logical considerations or represent only general or generic computing components recited at a high-level of generality such that they amount to no more than mere instructions to apply the abstract idea in a generic computer context.  Additional elements, when considered both individually and as a combination, do not amount to significantly more than the abstract idea because the limitations are merely aspects of implementing the abstract idea in a manual or generic computing environment and require no more than generic computers to perform generic computer functions.  Accordingly, Claims 1, 6, and 9 are ineligible.  
Dependent Claims 2-5, 7, 8, and 10 similarly do not include elements, considered both individually and as a combination, that are integrated into a practical application or amount to significantly more than the abstract idea and are rejected under the same rationale.  Various types of form elements as recited in Claims 2 and 7; requiring roles held by only one user at a time as recited in Claims 3, 8, and 10; organization of roles by department, uniquely identifying roles, and changing roles as recited in Claim 4; and identifying who authorized and when access was authorized as recited in Claim 5 represent steps or aspects that may be performed in the human mind such as observation, evaluation, judgement, and opinion or represent aspects of ineligible methods of organizing human activity.  Thus, dependent Claims 2-5, 7, 8, and 10 are rejected under the same rationale.

Claim Rejections - 35 USC § 103
The following is a quotation 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 6, 7, and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Taylor et al., U.S. Patent Application 2009/0070744 A1 (published Mar. 12, 2009) (hereinafter “Taylor”) in view of Parker et al., U.S. Patent 5,729,734 (issued Mar. 17, 1998) (hereinafter “Parker”).
Regarding Claim 1, Taylor teaches an authorization method for displaying a current permission status of all system users (see, e.g., Taylor, Abstract and para. 2, describing a business application software method and system that includes access control lists; para. 22, describing controlling access to data in a database that contains data of the system; and paras. 26 and 39, indicating controlling access levels to users of the system [representing displaying a current permission status of all users of the system in some form in order to control permissions for the users]), comprising: 
Selecting one form (see, e.g., id., para. 14 and Fig. 1A, describing and illustrating a customer relationship management [CRM] system as an example of the business application software system, the CRM system comprising various modules such as contacts, accounts, leads, opportunities, and reports modules; para. 21, describing reports as comprising fields to be displayed; para. 39 and Fig. 5A, describing and illustrating details of using a security module of the system to manage an access control list and manage which users can view what fields by providing field level access restrictions tied to user roles, illustrating a user interface for managing field permissions tied to contacts [which can be viewed as representing a form], and illustrating a selectable menu at the left side of the user interface for selecting other sets of field permissions [representing other forms and indicating selection of one form]; and para. 42 and Figs. 5D and 5E, describing and illustrating user interfaces of the system showing changes in field access in a contact editing form [indicating editing of access permissions in relationship to one form]);
Selecting one element item of one of the elements of the form (see, e.g., id., paras. 40 and 41 and Figs. 5A and 5B, illustrating functionality to change a cell by clicking, describing and illustrating user interface features for specifying for a particular user role what actions are allowed for a specific field including selection of the specific field causing display of a list of possible permissions, and illustrating selection of a First Name field);
Displaying a system user in the system while the element item is selected, and displaying a current permission status of the system user for the selected element item (see, e.g., id., paras. 40-42 and Figs. 5B and 5C, describing and illustrating a user interface for specifying what actions are allowed for a specific field, illustrating display of a particular user role [representing a user], and describing and illustrating display of a permission status of Not Set for the First Name field with other possible permissions displayed); and
Authorizing the selected element item for one or more of the system users (see, e.g., id., para. 40 and Fig. 5B, describing and illustrating user interface features for selecting from a list of possible permissions including Read/Write, Read/Owner Write, Read Only, and Owner Read/Owner Write [all representing authorizing a selected element for current user role]; para. 42 and Figs. 5A and 5C, describing and illustrating a user interface of the system after the First Name field and a group of fields grouped with the Last Name field have both been set to None [illustrating changing permission via a user interface]).
However, although Taylor suggests granting permissions to any users and suggests managing multiple users together (see, e.g., Taylor, paras. 13, 27, 39, and 43), it does not appear to teach the method comprising displaying all system users in the system after the element item is selected, and displaying a current permission status of each system user for the selected element item.
Parker teaches an authorization method for displaying a current permission status of all system users comprising displaying all system users in a system after an element item is selected, and displaying a current permission status of each system user for the selected element item (see, e.g., Parker, Abstract, describing a file service administration method; col. 9, lines 16-53, and Fig. 5, describing and illustrating embodiments of a user interface for editing privileges in which an administrator selects an item from a list of items, such as an item labeled “test folder-1” from a list of items contained in “Volume,” in order to set various access privileges for the item; and col. 10, lines 36-50, describing and illustrating the user interface for editing privileges associated with the selected item as comprising a User List icon that causes display of an additional window having a list of all network users from which the administrator may select a user or user group for which access privileges to the selected item will be granted.  Note that a combination of the noted interface features can be viewed as displaying all system users in the system and displaying a current permission status of each system user for the selected element item at least because presence and absence of display in the granted privileges list represent current permission statuses).
Taylor and Parker are analogous art at least because they are from the same field of endeavor as the claimed invention, referencing methods for granting data access to users and with teachings directed displaying a current permission status.  Before the effective filing date, it would have been obvious to a person of ordinary skill in the art to combine the teachings of Taylor and Forster and implement a method in which all system users in a system are displayed after an element item is selected and a current permission status of each system user for the selected element item is displayed in order to allow more efficient monitoring and management of permissions of multiple users related to a particular item (see, e.g., Parker, col. 1, lines 5-35, col. 2, lines 4-8, col. 3, lines 5-60, and col. 10, lines 37-50; and in view of the value of user list management well known in the art).  
Regarding Claim 2, Taylor as modified by Parker teaches the authorization method for displaying a current permission status of all system users according to Claim 1, wherein types of the form element comprise a form operation permission, a form field, a time-nature field, a form field value, or one or more thereof (see, e.g., Taylor, and para. 42 and Figs. 5D and 5E, describing and illustrating user interfaces of the system showing changes in field access in a contact editing form [representing form fields and form field values].  Note that the teachings anticipate the alternative language of the claim), and the form field value is determined by selection or determined automatically (see, e.g., id., para. 42 and Fig. 5D, describing and illustrating certain fields in the contact editing form as present and editable [representing form field values determined by selection].  Note that the teachings anticipate the alternative language of the claim).
Regarding Claim 6, Taylor as modified by Parker teaches a method corresponding to the method of Claim 1.  Noting that any form comprising ordered data can be viewed as a list and that any form comprising ordered numerical data can be viewed as a statistical list (see, e.g., Taylor, para. 52 and Fig. 6F), the same rationale of rejection provided above is applicable.  
Regarding Claim 7, Taylor as modified by Parker teaches a method corresponding to the method of Claim 2.  In view of the discussion of Claim 6 and noting that any field access permission in a form viewed as a statistical list can be viewed as an operation permission of a statistical list, the same rationale of rejection provided above is applicable.  
Regarding Claim 9, Taylor as modified by Parker teaches a method corresponding to the method of Claim 1.  Noting that Parker’s discussion of selection of a User List icon for a particular item that causes display of a list of all network users can be viewed as selecting a menu, the same rationale of rejection provided above is applicable.  

Claims 3, 4, 8, and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Taylor in view of Parker and in further view of Forster et al., U.S. Patent Application 2011/0162046 A1 (published Jun. 30, 2011) (hereinafter “Forster”).
Regarding Claim 3, Taylor as modified by Parker teaches the authorization method for displaying a current permission status of all system users according to claim 1 as discussed above and further teaches the method wherein the system users comprise a role, a user, an employee, a group, a class, a template, or one or more thereof (see, e.g., Taylor, para. 39 and Fig. 5A, describing and illustrating providing field level access restrictions tied to user roles.  Note that the teachings anticipate the alternative language of the claim).
However, Taylor as modified by Parker is silent regarding the method wherein the role is an independent individual not a group/class, and during the same period, one role can only be related to a unique user while one user is related to one or more roles.
Forster teaches a method wherein a role is an independent individual not a group/class, and during the same period, one role can only be related to a unique user while one user is related to one or more roles (see, e.g., Forster, Abstract and para. 12, describing an approach in which roles include various user accounts provisioned to access various software applications and describing implementation as methods; and paras. 28 and 36 and Fig. 3, describing and illustrating a timing diagram showing facilitation of secure dynamic role selection and managing privileged user access from a client device and describing embodiments in which a policy is used in which, for a highly-sensitive role, access is restricted to one user at a time and access can also be restricted by a time duration).
Forster is analogous art at least because it is from the same field of endeavor as the claimed invention, referencing methods for granting data access to users and with teachings directed toward roles.  Before the effective filing date, it would have been obvious to a person of ordinary skill in the art to combine the teachings of Taylor, Parker, and Forster and implement a method in which a role is an independent individual not a group/class, and during the same period, one role can only be related to a unique user while one user is related to one or more roles in order to improve access security for sensitive information (see, e.g., Forster, paras. 2, 3, and 36, and in view of the value of single user roles known in the art).  
Regarding Claim 4, Taylor as modified by Parker and as further modified by Forster teaches the authorization method for displaying a current permission status of all system users according to Claim 3, wherein when or after the role is created, a department is selected for the role, so that the role belongs to the department (see, e.g., Taylor, para. 41, describing embodiments in which record ownership is based on group membership such as a user being a member of particular sales group; para. 43, describing embodiments in which access control lists of the system are used for various purposes such as controlling what fields a user has the ability to modify and describing an example in which only an Auditing or Finance group is allowed to be able to see and edit credit information without having that information shared with other departments [representing permissions based on assignment to groups or departments]; and para. 44, describing an example in which only Sales Operations and Finance can edit portions of a certain record when an opportunity is closed.  Organization and corresponding selection such that a user role belongs to a group or department would have been obvious to one of ordinary skill in the art over these teachings in order to accomplish the permission scenarios described); the role is authorized according to its work content (see, e.g., id., paras. 43 and 44, describing examples in which only an Auditing or Finance group is allowed to be able to see and edit credit information without having that information shared with other departments and in which only Sales Operations and Finance can edit portions of a certain record when an opportunity is closed [representing roles authorized according to work content in some form]), a name of the role is unique in the department, and a number of the role is unique in the system (see, e.g., id., paras. 62 and 63, describing embodiments in which functionality provides prefixes to maintain uniqueness of module namespaces such that development and deployments of modules in a collaborative and parallel development environment includes underlying data structures, folders, tables, schemas, directories, objects, and paths such that naming conflicts are avoided and describing embodiments in which a global unified registration service guarantee uniqueness of underlying prefixes to avoid all namespace collisions.  In view of these teachings, use of a unique name for a user role in a group or department would have been obvious to one of ordinary skill in the art in order to avoid naming collisions in the department.  Similarly, use of prefixes provided by the service to generate a name for a user role that is globally unique would have been obvious to one of ordinary skill in the art in order to avoid naming collisions in the system.  And as any text string can be viewed as representing or represented by digital encoding of that string, such a unique name for a user role can be viewed as comprising a number that is unique in the system), and when said user is transferred from a post, the user’s relation to an original role is canceled, and the user is related to a new role (see, e.g., Forster, paras. 1, 30, 31, and 41 and Fig. 5, indicating users arbitrarily signed to selected roles and indicating changes in role data.  Note that any change involving assignment of a user to a new role or vice versa can be viewed as canceling an original role and relating a new role, which can be viewed as representing transfer from a post at least in the sense of a role representing a post.  One of ordinary skill in the art would have been motivated to cancel a user’s relation to an original role and relate the user to a new role under the same rationale as provided in the discussion of Claim 3 above and further in order to allow for management of organizational changes).
Regarding Claim 8, Taylor as modified by Parker and as further modified by Forster teaches a method corresponding to the method of Claim 3.  In view of the discussion of Claim 6, the same rationale of rejection provided above is applicable.  
Regarding Claim 10, Taylor as modified by Parker and as further modified by Forster teaches a method corresponding to the method of Claim 3.  In view of the discussion of Claim 9, the same rationale of rejection provided above is applicable.  

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Taylor in view of Parker and in further view of Grebenik et al., U.S. Patent Application 2010/0306008 A1 (published Dec. 2, 2010) (hereinafter “Grebenik”).
Taylor as modified by Parker teaches the method for respectively authorizing operation permissions of a form according to a form-field value according to Claim 1 as discussed above and further teaches the method wherein after an element item in a type of form element is selected elements are displayed (see, e.g., Taylor, para. 40 and Fig. 5B, describing and illustrating user interface features including displaying a list of possible permissions when a field is selected).
However, Taylor as modified by Parker is silent regarding the method wherein an authorizer who last authorizes the selected element item for each system user and time of such authorization are displayed separately.
Grebenik teaches a method wherein an authorizer who last authorizes a selected element item for each system user and time of such authorization are displayed separately (see, e.g., Grebenik, Abstract, describing an architecture that removes the limitation of a fixed set of roles and scopes and allows more effective permission auditing; para. 31, describing an auditing an auditing component for auditing roles and permissions; para. 40, describing auditing permissions by creating and presenting reports of roles and associated users to corresponding resources; and paras. 6 and 21, describing delegation of roles to other administrators to facilitate scoping and delegation.  Display or presentation of authorization times and authorizing users is obvious over these teachings in order to audit delegation of permission assignments in the system over time).
Grebenik is analogous art at least because it is from the same field of endeavor as the claimed invention, referencing methods organizing data access and with teachings directed toward presenting access information.  Before the effective filing date, it would have been obvious to a person of ordinary skill in the art to combine the teachings of Flam, Forster, and Grebenik and implement a method in which an authorizer who last authorizes a selected element item for each system user and time of such authorization are displayed separately in order to simplify auditing and provide more accurate permission assignments (see, e.g., Grebenik, paras. 1-4, 6, and 19, and in view of the value of audit histories or logs well known in the art).  

Conclusion
The following prior art made of record and not relied upon is considered pertinent to Applicant’s disclosure: Arbajian, Pierre Elie, U.S. Patent Application 2005/0188421 A1 (published Aug. 25, 2005), teaching a system providing field-level permissions; Buehler et al., U.S. Patent Application 2006/0089932 A1 (published Apr. 27, 2006), teaching a role-based access control system in which roles and uniquely identifiable within the system; and Flam, Ran J., U.S. Patent 7,703,021 B1 (issued Apr. 20, 2010), teaching a process control system comprising role-based access control.
Note that pinpoint citations to prior art references provided in this action are exemplary and should not be taken as limiting; each of the references as a whole is considered to provide disclosure relevant to the claimed invention and may be relied upon for all that it would have reasonably suggested to one of ordinary skill in the art.  See MPEP § 2123.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Conrad Pack whose telephone number is (571) 270-7967 and fax number is (571) 270-8967.  The examiner can normally be reached on Monday through Friday, 9:30 to 6:00 Eastern Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Sherief Badawi can be reached on 571-272-9782.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/Conrad Pack/
Examiner, Art Unit 2174
6/18/2022



/SHERIEF BADAWI/Supervisory Patent Examiner, Art Unit 2174