Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The instant application having Application No. 16/553,057 is presented for examination by the examiner.  Claims 1, 7, 10, 16, 18, and 19 have been amended.  

Response to Amendment

Claim Rejections - 35 USC § 101
Amendments overcome this previous rejection and therefore is withdrawn.


Response to Arguments
Applicant's arguments filed 5/17/22 have been fully considered but they are not persuasive.  Applicant argues the prior art, Qatar, does not explicitly teach “overriding the first set of resource access permissions to the shared content object with the set of extensible access permissions associated with the particular user interaction over the shared content object, in response to a determination that the set of extensible access permissions conflict with the first set of resource access permissions [emphasis added]”.  Examiner respectfully disagrees.  Applicant alleges the lack of teaching by equating relying on the fact that the requesting user in Qatar is authorized before based on credentials and cites Fig. 15 for support.  First of all, Fig. 15 was not cited to reject any of the claim elements.  Secondly, Applicant alleges paragraph [0043] teaches basing the resource allocation on the user supplied credentials but does not address cited paragraph 0044.  Beginning there, paragraph 0044 teaches that context of the user making the request is sent with the request.  Qatar does this because the granular system of context-aware policy decisions relies upon that context information in addition to the supplied user ID.  Qatar teaches this throughout the description including the cited example in the previous Office Action.  Examiner cited the passages 47-53 in combination with 044 but for the sake of brevity, attention is placed on paragraphs 0047-0049.  In this teaching, the point is illustrated that a doctor who as a baseline has access to his/her patients records.  The static approach of access control is inferior to Qatar’s context-aware policies because there may be times and/or situations where said doctor should not have access to his/her patients’ records.  Qatar teaches the system can override or block that doctor from those patient records if for example the device being used is outside of the hospital or a time that the doctor is not working.  This is the overriding of permissions that is taught by Qatar and the claims do not require more than this.  The claims’ first set of resource access permission is anticipated by the doctor’s baseline permissions, such as reading/writing of her patients’ records.  However, context-aware access policies override the doctor’s baseline permissions because the context-aware rules take precedence.  Thus, a doctor who would normally have access to file X would be denied the request when requesting X from outside of the hospital.  Qatar briefly summarizes this example in paragraph 0045 and 0054.  In view of the foregoing respectfully the rejection must be maintained.  


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.



Claims 1-20 are rejected under 35 U.S.C. 102(a)(2)as being anticipated by USP Application Publication  2018/0114015 to Applicant Qatar.

As per claims 1, 10, and 18, Qatar teaches applying a first set of resource access permissions to a shared content object (0037, 0038, 44, and 47-55); 
establishing one or more context-aware access policies that govern user interactions over the shared content object (0037, 0038, 44, and 47-55); 
maintaining one or more interaction attributes associated with a particular user interaction over the shared content object (0037, 0038, 44, 47-55, and 0075); 
applying the context-aware access policies to the one or more interaction attributes to determine a set of extensible access permissions (0037, 0038, 44, and 47-55) associated with the particular user interaction over the shared content object (0044 and 0045); and 
overriding the first set of resource access permissions [doctor’s baseline access right to a patients records; 0051] to the shared content object with the set of extensible access permissions associated with the particular user interaction over the shared content object [doctor not using office computer; 0045], in response to a determination that the set of extensible access permissions conflict with the first set of resource access permissions [rules under the context aware policies take supersede a user’s baseline permission, thus doctor cannot access patient records using personal device; 0050-0056].
As per claims 2, 11, and 19, Qatar teaches generating a response to the particular user interaction, the response being generated in accordance with the set of extensible access permissions (0055-0063 and 0105-0106).
As per claims 3, 12, and 20, Qatar teaches the response corresponds to at least one of, taking no action, allowing an interaction, allowing the interaction with a justification, or blocking the interaction (0055-0063 and 0105-0106).
As per claim 4 and 13, Qatar teaches at least a portion of the response is presented to a user at a user interface (0104).
As per claim 5 and 14, Qatar teaches the context-aware access policies comprise extensible permissions rules (0055-0063).
As per claim 6 and 15, Qatar teaches the extensible permissions rules are evaluated against at least a portion of the one or more interaction attributes to determine the set of extensible access permissions (0055-0063).
As per claim 7 and 16, Qatar teaches a context associated with the particular user interaction is characterized by one or more of the one or more interaction attributes (0055-0063 and 0105-0106) wherein the one or more interaction attributes are retrieved by parsing an interaction event message received in response to the particular user interaction over the shared content object (context information sent with request; 0044].
As per claim 8 and 17, Qatar teaches the one or more interaction attributes comprise at least one of, one or more event attributes, one or more object attributes, or one or more user attributes (0055-0063 and 0105-0106).
As per claim 9 Qatar teaches at least one of the context-aware access policies are specified by a user at a user interface (0104).

Conclusion

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is (571)270-7316.  The examiner can normally be reached on Monday - Thursday, 7:30am - 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MICHAEL R VAUGHAN/
Primary Examiner, Art Unit 2431