DETAILED ACTION
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	This notice of allowance is in response to applicant’s claim amendments/arguments filed on July 18, 2022. 
	3.	The text of those sections of Title 35 U.S. Code not included in this section can be found in the prior office action. The prior office actions are incorporated herein by reference. In particular, the observations with respect to claim language, and response to previously presented arguments.
4.	Claims 12-13 have been canceled. Claims 1-11 and 14 are now renumbered as claims 1-12 are pending allowed.
	
ALLOWABLE SUBJECT MATTER
	5.	Claims 1-11 and 14 are allowed over prior art of record.

EXAMINER’S STATEMENT OF REASONS FOR ALLOWANCE
The following is an Examiner’s statement of reasons for the indication of allowable subject matter; the claims are allowable because the examiner found neither prior art cited in its entirety, nor based on the prior art, found any motivation to combine any of the said prior arts.
6.	Regarding the claimed terms, the Examiner notes that a “general term must be understood in the context in which the inventor presents it.” In re Glaug 283 F.3d 1335, 1340, 62 USPQ2d 1151, 1154 (Fed. Cir. 2002). Therefore the Examiner must interpret the claimed terms as found on the specification of the instant application. Clearly almost all the general terms in the claims may have multiple meanings. So where a claim term "is susceptible to various meanings,...the inventor's lexicography must prevail.... " Id. Using these definitions for the claims, the claimed invention was not reasonably found in the prior art. 
7.	This communication warrants No Examiner's Reason for Allowance, Applicant’s reply makes evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule 37 CFR 1.104(e). Specifically, the substance of applicant’s arguments based on amendments, see pp. 9-12 of Remarks, filed 07/18/2022, are persuasive, as such the reasons for allowance are in all probability evident from the record and no statement is deemed necessary (see MPEP 1302.14).
8.	The examiner agrees with the applicant that Kondoh et al. does not teach that the user side receives provision of a tenant type service, and the service provider side provides a service which enables an clectronized document on a cloud to be shared. Kondoh does not teach that the service which enables an electronized document on a cloud to be shared is authorized for the second user which is a common user between the user side and the provider side. Kondoh does not teach that the firewall is provided between the first hardware processor provided on a user side and the second hardware processor provided on a provider side. Nelson and Miyamae do not fill deficiency of Kondoh. 
9.	The examiner updated the search and the closest newly found prior art US 9,418,213 B1 (Roth et al.) taught a computer-implemented method, comprising: obtaining, by an application executing on a computing device, at least one credential generated by a third party identity provider, the at least one credential including identity information for a user of the computing device; providing the at least one credential and information about the application to a Web service provider environment, the Web service provider environment providing a plurality of Web services associated with the identity information, wherein each of the plurality of Web services is associated with a delegation profile assigned by an administrator, the delegation profile defining access rights of a Web service with which the delegation profile is associated, the delegation profile created independently from the providing the at least one credential and information about the application to the Web service provider environment; receiving one or more Web service credentials from the Web service provider environment, the one or more Web service credentials enabling access to the plurality of Web services according to one or more permissions associated with the delegation profile assigned by the administrator, the one or more Web services including an action to be performed utilizing: (a) at least one first secured resource in the Web service provider environment that is associated with a provider of the application and (b) at least one second secured resource in the Web service provider environment that is associated with the user, the access enabling the application to use the one or more Web services subject to the one or more permissions; sending a request to at least one of the one or more Web services, the request associated with the one or more Web service credentials enabling access to the plurality of Web services; and receiving, by the application, information from (a) the at least one first secured resource in the Web service provider environment that is associated with the provider of the application and (b) the at least one second secured resource in the Web service provider environment that is associated with the user. Claim 1. 
10.	Another closest newly found prior art US 2018/0144117 A1 (Engler et al.) taught a computer-implemented method, comprising: receiving, from a first application, a security configuration file, wherein the security configuration file includes information of an authority, the first application assigns the authority to a second application to enable the second application to trigger jobs at the first application, and the second application provides shared services to a plurality of applications including the first application; receiving a query from the second application and in response sending the authority to the second application; receiving, from the second application, a request for a token, the request including the authority; and sending a token including the authority to the second application, wherein the second application sends the token to the first application when the second application triggers jobs at the first application. Claim 1.
11.	The examiner notes that none of the prior arts in the records provide sufficient motivation to be combined and to be modified in such a way as to render obvious the claimed feature argued in the remarks, see page 12 in remarks filed 07/18/2022, within the context of the claimed invention as a whole without the usage of impermissible hindsight reasoning.
12.	Any comments considered necessary by applicant must be submitted no later than payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.''
CONCLUSION
13.	Prior arts made of record, not relied upon: 
US 9,384,061 B1 (Devianayagam et al.): A method for dynamically managing workload placements in virtualized environments, comprising: receiving, by at least one computer system, a plurality of workloads from a plurality of users requesting access to at least one virtualized application, each of the plurality of workloads specified with one or more separate globalization characteristics from among a plurality of globalization characteristics; and selectively categorizing, by the at least one computer system, each of the plurality of workloads separately for placement in one or more particular virtualized environments from among a plurality of virtualized environments based on the one or more separate globalization characteristics of each of the workloads, each virtualized environment comprising the at least one virtualized application configured for a separate selection of globalization services from among a plurality of globalization services for handling a separate selection of the one or more separate globalization characteristics by: loading, by the at least one computer system, one or more application pool settings for a plurality of applications, each of the plurality of applications enabled for virtualization at the at least one virtualized application within the plurality of virtualized environments; loading, by the at least one computer system, at least one categorized rule for a platform hosting the plurality of applications, each at least one categorized rule specifying a rule for selecting at least one globalization characteristic from among the plurality of globalization characteristics for at least one application group; categorizing, by the at least one computer system, the plurality of applications into a plurality of categorized application groups according to the at least one categorized rule, each of the plurality of categorized application groups specified by a separate selection of at least one globalization characteristic from among the plurality of globalization characteristics; selectively assigning, by the at least one computer system, according to the at least one categorized rule, a particular user to at least one particular application group in a user profile for the particular user; in response to receiving, by the at least one computer system, from the particular user, at least one first workload from among the plurality of workloads, assigning the workload to the particular application group, the at least one first workload specified by a first globalization characteristic from among the plurality of globalization characteristics; determining, by the at least one computer system, according to the at least one categorized rule, whether the particular application group is the right application group for handling the at least one first workload according to the first globalization characteristic; and in response to determining the particular application group is not the right application group for handling the at least one first workload, switching, by the at least one computer system, the at least one first workload to another application group from among the plurality of application groups according to the at least one categorized rule and assigning the another application group to the user profile for the particular user.
	 US 2006/0117010 A1 (Hakala et al.): [0058] At operation 64, the access controller searches an access group list using the access group identifier to identify an access right for the identified access group. The user at the device 30 assigns the access right to an access group in the access group list. An access group may not have any access right at all meaning that a user at a second device assigned to that access group has no right to the provision of any service on the device 30. For example, an "Unknown" sender of the request may have no access to the shared data item at the device 30. The access right may include a plurality of services. For example, a "Friend" access group may have an access right that includes the ability to GET, PUT, POST, MKCOL, COPY, and MOVE a data item of the shared file system at the device 30. The data item of the shared file system may include files and/or folders/sub-folders.
S. Jeuk, J. Szefer and S. Zhou, "Towards Cloud, Service and Tenant Classification for Cloud Computing," 2014 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, 2014, pp. 792-801, doi: 10.1109/CCGrid.2014.71. Abstract: One of the major concerns cloud computing platforms face today is the lack of a unique identification of the "who" within the network infrastructure. State-of-the-art technologies (such as VLANs or IP addresses) lack functionality to cope with the highly dynamic and scalable, ever changing and virtualized cloud-enabled data center infrastructures. A shared and limited address space or the loss of identification across boundaries render classification unusable for per-tenant, per-service or per-cloud-provider policies. In this work, we introduce the concept of a classification mechanism that is fine-grained enough to associate tenants, services and cloud providers to their network streams. The Tenant-ID, Service-ID and Cloud-ID is added as a tag to Layer 3 packets throughout the consumer-to-service communication. We argue that the proposed service and tenant isolation concept is generic enough to be applicable across the whole cloud environment, thereby eliminating current limitations and enabling new network functionality.
14.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAWNCHOY RAHMAN whose telephone number is (571)270-7471. The examiner can normally be reached Monday - Friday 8:30A-5P ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi T Arani can be reached on 5712723787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Shawnchoy Rahman/Primary Examiner, Art Unit 2438