Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 6/17/2022 has been entered.  Claims 1, 8 and 15 are amended.  Claims 3, 10 and 17 are canceled.  Claims 1-2, 4-9, 11-16 and 18-20 are pending.
 
Response to Arguments
3.	Applicant’s arguments with respect to amended claims have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
			
 				Claim Rejections - 35 USC § 103
4.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

 	Claims 1-2, 4-9, 11-16 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hussein et al. (U.S. Patent Application Publication No. 2019/0268328, hereinafter Hussein) in view of Blakley, III et al., (U.S. Patent Application Publication No. 2004/0128541, hereinafter Blakley) and further in view of Hardin et al. (U.S. Patent Application Publication No. 2015/0039444, hereinafter Hardin). 	With respect to claim 1, Hussein discloses a computing system comprising:
 an identity provider computer system comprising at least one processor configured to receive requests for access tokens from entities, the requests comprising capability information for the entities, wherein the identity provider computer system is further configured to provide access tokens to the entities which include the capability information (e.g. Hussein, paragraphs 0017-0023, “…receipte, by an authentication server …of a list of certified attributes associated with the requesting object (para. 0021); “after the attribute list is verified by the authentication server and a capability of the requesting object is determined based on said list of attributes, receipt by the master object of an authentication token comprising said capability…”; paragraphs 0029-0033, “The capability” of an object is a set of authorizations…describing the various actions/rights that this object has in a given context” (paragraph 0029); “this capability takes the form of a “token” (paragraph 0032); and
 a resource provider computer system comprising at least one processor configured to receive resource requests and access tokens from entities, the access tokens including the capability information, and to provide responses to the entities according to the capability information (e.g. Hussein, paragraphs 0164-0165, “Once received, the requesting object can communicate (message 203) with the master object to request access to a service offered by a given internal object…”) . 
Hussein discloses the requesting object sending request and receiving token from the authentication server (identity provider) through a master object and not directly to the authentication server.  However, an intermediary acting on behalf of other object is well known in the art.  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to derive the claimed feature without the intermediary as a matter of design choice according to security policy.
Hussein does not explicitly mention the entities are identity provider are remote and separate from the identity provider; the entities are remote and separate from the resource provider; such that the entities interface directly with both the identity provider and the resource provider, for the access tokens.
However, Blakley mentions the similar features (e.g. Fig. 1D, 170 interface with 176, 170 interface with 172, 170 interface with 177, 170 interface with 174, Note: different servers may be interfaced with other servers that are located remote or separated over the network, yet interface directly).
It would have been obvious to one of ordinary skill in the art before the effective filing date for the claimed invention to derive the claim feature of the entities and the identity provider, resource provide separate and remote from each other to provide advantage of direct access to the identity and the resource provider.
Moreover, Hussein discloses the capability information indicates that the entity is capable of handling certain types of access token rejections (e.g. Hussein, paragraphs 0032-0033).  Hussein does not explicitly mention requesting a new token, prior to expiration of the token, based on the rejection from the resource provider but Hardin discloses a similar rationale (e.g. Hardin, paragraph 0057, “…the duration the access token remains valid before expiring or a date/time upon which after the access token will become invalid; a refresh token that can be used to obtain a new access token if/when the access token becomes invalid or expires…”).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement a new token replacement after the token is expired or about to expire to ensure continuation of providing valid token for authorized users.
 	With respect to claim 2, Hussein and Blakley disclose the computing system of claim 1, wherein the responses comprise resources compliant with the capability information (e.g. Hussein, paragraphs 0029 and 0165). 
 	With respect to claim 4, Hussein disclose the computing system of claim 1, wherein the capability information indicates that the entity is capable of handling access token rejections for least one of user state changes, client state changes, policy state changes, conditional access conditions being met, location of the entity, or behavior patterns by the entity (e.g. Hussein, paragraphs 0130-0144).  	With respect to claim 5, Hussein and Blakley disclose the computing system of claim 1, wherein the responses comprise access token rejections according to the certain capabilities (e.g. Hussein, paragraph 0130).  	With respect to claim 6, Hussein and Blakley disclose the computing system of claim 1, wherein the resource provider computer system is further configured to receive policy from the identity provider computer system (e.g. Hussein, paragraphs 0033 and 0130).  	With respect to claim 7, Hussein and Blakley disclose the computing system of claim 6, wherein the policy is correlated to the capability information, and wherein the resource provider computer system is configured to receive the policy as a result of the identity provider receiving the capability information from the entity (e.g. Hussein, paragraphs 0033 and 0130).  	With respect to claims 8-9, 11-16 and 18-20, the claims are method claims that are similar to system claims 1-2 and 4-7.  Therefore, claims 8-9, 11-16 and 18-20 are rejected based on the similar rationale.

Conclusion
5.	 Any inquiry concerning this communication or earlier communications from the examiner should be directed to TONGOC TRAN whose telephone number is (571)272-3843.  The examiner can normally be reached on 9-5 Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/TONGOC TRAN/Primary Examiner, Art Unit 2434