DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 21, 24, 26-28, 31, 33-35, 38 and 40 is/are rejected under 35 U.S.C. 103 as being unpatentable over Natarajan et al., US-10567492-B1 (hereinafter “Natarajan ‘492”) in view of Christopher et al., US-9754122-B1 (hereinafter “Christopher ‘122”) and Fischer et al., US-10742638-B1 (hereinafter “Fischer ‘638”).
Per claim 21 (independent):
Natarajan ‘492 discloses: A system comprising: 
a database system implemented using a server system including a memory and a processor, the database system configurable to cause:
storing, in an authorization intermediary server, a registry indicating, for a target tenant, user identity information to authenticate an access request to the target tenant
(FIG. 1, [Col. 2], ll. 43-57, The network traffic management system 10 … includes an enhanced identity provider (E-IdP) device 12 (an authorization intermediate server) that is coupled to a plurality of service provider server devices 14(1)-14(n) (a plurality of tenants); [Col. 3], ll. 4-10, the E-IdP device 12 … perform any number of functions including authenticating a request from the client devices 16(1)-16(n) for application access; [Col. 4], ll.17-43, the E-IdP device 12 includes … a user identity information (a registry) storage although the memory 26 can include other policies, modules, databases, or applications, for example … receives an authentication request to access one (a target tenant) of a plurality of service provider server devices 14(1)-14(n) … collects user identity information from the client devices 16(1)-16(n) and accesses stored user identity information to authenticate the user.);
receiving, at the authorization intermediary server, a request from a requesting application that is requesting access to the target tenant;
determining, by the authorization intermediary server, that the requesting application is considered to be trusted with the target tenants;
generating, by the authorization intermediary server, a token based on the determining;
providing, by the authorization intermediary server, the token to the target tenant
(FIG. 1, [Col. 4], ll.17-43, The E-IdP device 12 (the authorization intermediary server) receives an authentication request (a request) to access one of a plurality of service provider server devices 14(1)-14(n) … act as an authentication module, to authenticate the user requests before accessing applications at one of the backend application server devices 20(1)-20(n) associated with one (the target tenant) of the plurality of service provider server devices 14(1)-14(n). The E-IdP device 12 may have access to user's identity information stored within the user identity information storage 28. The E-IdP device 12 collects user identity information from the client devices 16(1)-16(n) (a requesting application) and accesses stored user identity information to authenticate the user. Upon authentication (determining that the requesting application is considered to be trusted) the E-IdP device 12 generates a token (a token) associated with the request; FIG. 4, [Col. 21], ll. 30-36, In step 11, the client device follows the redirect request 30 from the E-IdP device 12 to the selected service provider server-n with the token generated in step 7. In step 12, the selected service provider server-n (the target tenant) performs the validation of the token (provided by the E-IdP device 12). The service provider server-n performs a validation of the token to determine if the token 35 is valid.).

Natarajan ‘492 discloses the registry indicating user identity information associated with the client devices for each tenant to access a certain tenant as an access permission rather than the trustworthiness between tenants as claimed. Christopher ‘122 discloses: storing, in an authorization intermediary server, a registry indicating, for a target tenant, one or more tenants that are trusted;
determining, by the authorization intermediary server, that the requesting application is associated with the one or more tenants that are trusted
(FIG. 6A, [Col. 18], ll. 58-66, for security isolation of the tenants 110 of a multi-tenant software container 108 … a TIAPM service 602 (an authorization intermediary server) external to the multi-tenant software container 108 is utilized in one embodiment to assign a trusted identity 604 (a registry) to each of the tenants 110; [Col. 19], ll.22-33, The TIAPM service 602 might also provide the access policies 606 … a framework (not shown in FIG. 1) within the software container 108 is configured to enforce identity-based access control 608A for accessing the tenants 110 of the multi­tenant software container 108; [Col. 20], ll. 6-20, When a tenant 110A (the requesting application) generates a request 612D to access another tenant 110B (a target tenant) in the multi-tenant software container 108, or in another container, the tenant 110A includes their associated trusted identity 604A with the request 612D. The supplied trusted identity 604A can then be utilized, along with the relevant access policy 606 (i.e. the access policy 606 for the requested tenant 110B), to determine if the request 612D can be granted (the requesting application is associated with the one or more tenants that are trusted); [Col. 5], ll. 21-41, the trusted identity of the calling client (the requesting application) and an access policy associated with the called tenant can be utilized to determine whether the incoming request should be permitted or denied … for preventing a tenant from shutting down the software container, a virtual machine, an operating system, or a host computer if such a shutdown would impact other currently executing tenants.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Natarajan ‘492 with the enforcement of an access policy to the tenant requesting an access to another tenant based on their associated trusted identity via the TIAPM service under the multi-tenant container environment as taught by Christopher ‘122 because it would prevent tenants in a multi-tenant software container from causing a fault, and/or taking other types of actions, that negatively impact another tenant executing in the same software container [Col. 5], ll. 21-41.  Additionally, Christopher ‘122 is analogous to the claimed invention because it teaches mechanisms for security isolation of the tenants of a multi-tenant software container [Col. 18], ll. 58-66.

Natarajan ‘492 in view of Christopher ‘122 does not disclose but Fischer ‘638 discloses: the token including one or more associated permissions defined in the registry indicating for the target tenant that the requesting application is authorized for activity in the target tenant with the one or more associated permissions
(FIG. 3, [Col. 6], ll.15-46, token-based authentication and authorization service … JSON Web Tokens (JWT) … the client 302 initially connects to the authentication/authorization service (AAS) 306 as shown in step 31 … The AAS 306 next performs client authorization for each tenant, as shown in steps 35 to 37 … The authorization results are encapsulated into a token (the token) … That authorization information (one or more associated permissions defined in the registry) will be used by the application service 304 when enforcing Role 45 Based Access Control (MAC; indicating for the target tenant that the requesting application is authorized for activity in the target tenant). The resulting token is returned to the client 302 (the requesting application) as shown in step 39; FIG. 7, [Col. 9], ll.33-64, After receiving the token from the AAS, the client application, through a component service, transmits a request including the token to the application service 710 (the target tenant); [Col. 4], ll.55 – [Col. 5], ll. 3, tenant management module 112 includes an RBAC-based authentication and authorization (AA) service that governs the network access of the tenant users based on the roles of each tenant user. In this context, access is the ability of an individual user to perform a specific task, such as view, create, or modify a file, or access their own (and other) partitions (authorized activities in the target tenant).).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Natarajan ‘492 in view of Christopher ‘122 with the token including the authorization information enforcing RBAC-based permissions control for performing a specific task related to tenants as taught by Fischer ‘638 because it would properly enforce the access rules by using the tokens that is capable of securely passing user information and details [Col. 4], ll.55 – [Col. 5], ll. 3.  Additionally, Fischer ‘638 is analogous to the claimed invention because it teaches a method of providing a stateless authentication and authorization process for distributed networks [FIG. 7].

Per claim 24 (dependent on claim 21):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 21 above, incorporated herein by reference.
Natarajan ‘492 discloses: The system as recited in claim 21, wherein the one or more permissions indicate, for a tenant that is trusted, data that is accessible from the target tenant (FIG. 4, [Col. 21], ll.30-48, In step 11, the client device (a tenant) follows the redirect request 30 from the E-IdP device 12 to the selected service provider server-n (the target tenant) with the token generated in step 7. In step 12, … The service provider server-n performs a validation of the token to determine if the token 35 is valid … In step 14 the service provider server-n allows the client device access to one or more applications (data that is accessible from the target tenant), upon successful validation of the token (for a tenant that is trusted) back in step 12.).

Per claim 26 (dependent on claim 21):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 21 above, incorporated herein by reference.
Natarajan ‘492 discloses: The system as recited in claim 21, wherein the registry is external to and independent from the tenants (FIG. 1, [Col. 4], ll.17-43, the E-IdP device 12 includes … a user identity information (the registry) storage although the memory 26 can include other policies, modules, databases, or applications, for example … receives an authentication request to access one of a plurality of service provider server devices 14(1)-14(n)(the tenants).; Note that the E-IdP device 12 storing the registry is separated from the service provider server devices 14.).

Per claim 27 (dependent on claim 21):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 21 above, incorporated herein by reference.
Natarajan ‘492 in view of Christopher ‘122 does not disclose but Fischer ‘638 discloses: The system as recited in claim 21, wherein the request includes a JavaScript Object Notation (JSON) web token (FIG. 3, [Col. 6], ll.15-46, token-based authentication and authorization service … JSON Web Tokens (JWT; a JSON web token) … The authorization results are encapsulated into a token … That authorization information will be used by the application service 304 when enforcing Role 45 Based Access Control (MAC). The resulting token is returned to the client 302 as shown in step 39; FIG. 7, [Col. 9], ll.33-64, After receiving the token from the AAS, the client application, through a component service, transmits a request including the token to the application service 710.).

Per claim 28 (independent):
The limitations of the claim(s) correspond(s) to features of claim 21 and the claim(s) is/are rejected for the reasons detailed with respect to claim 21.

Per claim 31 (dependent on claim 28):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 28 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 24 and the claim(s) is/are rejected for the reasons detailed with respect to claim 24.

Per claim 33 (dependent on claim 28):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 28 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 26 and the claim(s) is/are rejected for the reasons detailed with respect to claim 26.

Per claim 34 (dependent on claim 28):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 28 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 27 and the claim(s) is/are rejected for the reasons detailed with respect to claim 27.

Per claim 35 (independent):
The limitations of the claim(s) correspond(s) to features of claim 21 and the claim(s) is/are rejected for the reasons detailed with respect to claim 21.

Per claim 38 (dependent on claim 35):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 35 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 24 and the claim(s) is/are rejected for the reasons detailed with respect to claim 24.

Per claim 40 (dependent on claim 35):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 35 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 26 and the claim(s) is/are rejected for the reasons detailed with respect to claim 26.

Claim(s) 22, 29 and 36 is/are rejected under 35 U.S.C. 103 as being unpatentable over Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 as applied to claim 21, 28 and 35 above, and further in view of Gopshtein et al., US-20170300708-A1 (hereinafter “Gopshtein ‘708”).
Per claim 22 (dependent on claim 21):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 21 above, incorporated herein by reference.
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 does not disclose but Gopshtein ‘708 discloses: The system as recited in claim 21, the database system further configurable to cause: facilitating authorization of the request using a public key associated with the requesting application (FIG. 5, [0043], for regulating access to a metrics report; [0044], the security module 592 can receive a request 588 to provide a metrics report the processor resource can use a certificate 570 to authenticate the request (authorization of the request) and identify the tenant of the request … The security module 592 can receive a signature 572 of the application (the requesting application) of the request 568 to maintain a tenant profile based on a public key (a public key) of the signature 572 for an application associated with the request 568.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 with the public key of a signature associated with a calling application requesting metrics data of a tenant for authenticating the request as taught by Gopshtein ‘708 because it would securely certify the identity of the owner of the application which is to be instrumented for taking measurements of the application performance and enhance the security of the multi-tenant system by additionally using the public key of both the target tenant and the requesting tenant [0006][0007]. Additionally, Gopshtein ‘708 is analogous to the claimed invention because it teaches a tenant engine maintaining a tenant database to store tenant profiles [0012].

Per claim 29 (dependent on claim 28):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 28 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 22 and the claim(s) is/are rejected for the reasons detailed with respect to claim 22.

Per claim 36 (dependent on claim 35):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 35 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 22 and the claim(s) is/are rejected for the reasons detailed with respect to claim 22.

Claim(s) 23, 25, 30, 32, 37 and 39 is/are rejected under 35 U.S.C. 103 as being unpatentable over Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 as applied to claim 21, 28 and 35 above, and further in view of Mostert, US-9882957-B1 (hereinafter “Mostert ‘957”).
Per claim 23 (dependent on claim 21):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 21 above, incorporated herein by reference.
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 does not disclose but Mostert ‘957 discloses: The system as recited in claim 21, the database system further configurable to cause: facilitating authorization of the request by sending a public key to the target tenant (FIG. 3, [Col. 5], ll.7-31, a network request includes … security information, and a response encrypted in accordance with the security information. Specifically, a first device 310 initiates a first connection 312 and makes an API request … to a second device 320 (the target tenant; the server 320 in FIG. 3) … the security information can include a public certificate including a public key (a public key) used to encrypt the response … the public key is stored in the customer account (i.e. the customer account information 515 of the server computers 504 in FIG. 5).; [Col. 6], ll.4-11, the virtual network provider 500 supports a multi-tenant environment, wherein a plurality of customers operate independently; [Col. 2], ll.50-53, the client device can send a certificate including a public key so that when the server connects with the client device, it can authenticate the connection.).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 with the transmission of a public certificate including a public key to a server in an access request under the multi-tenant environment as taught by Mostert ‘957 because it would provide more secure connections between the client and the server by authenticating the connections based on a certificate including a public key. Additionally, Mostert ‘957 is analogous to the claimed invention because it teaches a network-based virtual network provider supporting a multi-tenant environment [FIG. 5].

Per claim 25 (dependent on claim 21):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 21 above, incorporated herein by reference.
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 does not disclose but Mostert ‘957 discloses: The system as recited in claim 21, the database system further configurable to cause: storing, in a database, a public key of the target tenant responsive to receiving the public key from the target tenant (FIG. 3, [Col. 5], ll.7-31, a network request includes … security information, and a response encrypted in accordance with the security information. Specifically, a first device 310 initiates a first connection 312 and makes an API request … to a second device 320 (the target tenant; the server 320 in FIG. 3) … the security information can include a public certificate including a public key (a public key) used to encrypt the response … the public key is stored in the customer account (i.e. the customer account information 515 of the server computers 504 in FIG. 5; a database).; [Col. 6], ll.4-11, the virtual network provider 500 supports a multi-tenant environment, wherein a plurality of customers operate independently.).

Per claim 30 (dependent on claim 28):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 28 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 23 and the claim(s) is/are rejected for the reasons detailed with respect to claim 23.

Per claim 32 (dependent on claim 28):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 28 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 25 and the claim(s) is/are rejected for the reasons detailed with respect to claim 25.

Per claim 37 (dependent on claim 35):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 35 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 23 and the claim(s) is/are rejected for the reasons detailed with respect to claim 23.

Per claim 39 (dependent on claim 35):
Natarajan ‘492 in view of Christopher ‘122 and Fischer ‘638 discloses the elements detailed in the rejection of claim 35 above, incorporated herein by reference.
The limitations of the claim(s) correspond(s) to features of claim 25 and the claim(s) is/are rejected for the reasons detailed with respect to claim 25.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Thursday 7:30-5:30 and Alternate Fridays 8:30-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA can be reached on (571)272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SANGSEOK PARK/Examiner, Art Unit 2499                                                                                                                                                                                                        /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499