Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 5/22/2020, 12/28/2020, 1/26/2021, and 5/19/2022 were filed after the mailing date of 5/22/2020.  The submissions are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1, 8, and 14 are rejected under 35 U.S.C. 102(a)[1] as being anticipated by Kruse (10243945).
With regards to Claim 1:
Kruse discloses receiving, at a service provider, an authentication request from a user, wherein the user is a member of an entity (Kruse discloses a user sending an authentication request to a service provider where the user is a part of an organization in Column 9, lines 13-44 and further in view of Column 5, lines 36-45)
redirecting the user to an identity provider (Kruse discloses the service provider redirecting the user authentication request to an identity provider associated with the service provider in Column 9, lines 13-44)
receiving an authentication token and user details from the identity provider (Kruse discloses the service provider receiving an authentication token that contains information on the user from the associated identity provider in Column 10, lines 1-23)
validating the authentication token against internal configuration information of the service provider, wherein the internal configuration information includes information corresponding to information included in one or more of the authentication token and the user details, and information absent from both the authentication token and the user details (Kruse discloses the service provider validating the authentication token through identifying and verifying that the user information contained within the token is the same as the information that the service provider knows about the user in Column 10, lines 24-47 and further in view of Column 10, lines 1-23)
creating an identity ID using the authentication token, the user details, and the internal configuration information (Kruse discloses an identity being created that is associated with a service provider token which was created from the identity provider token and which compromises user information and service provider data corresponding to the user from the identity provider token in Column 11, lines 4-16)
and providing access to resources based on the identity ID (Kruse discloses the system using the service provider token associated with the user to access resources in Column 11, lines 4-16).
With regards to Claim 8:
Kruse discloses the system comprising: a computer readable device (Kruse discloses a computer-readable storage medium that is a part of a server in Column 22, lines 36-47)
a processor associated with the computer readable device (Kruse discloses the server having a processor in Column 22, lines 36-47)
receiving, at a service provider, an authentication request from a user, wherein the user is a member of an entity (Kruse discloses a user sending an authentication request to a service provider where the user is a part of an organization in Column 9, lines 13-44 and further in view of Column 5, lines 36-45)
redirecting the user to an identity provider (Kruse discloses the service provider redirecting the user authentication request to an identity provider associated with the service provider in Column 9, lines 13-44)
receiving an authentication token and user details from the identity provider (Kruse discloses the service provider receiving an authentication token that contains information on the user from the associated identity provider in Column 10, lines 1-23)
validating the authentication token against internal configuration information of the service provider, wherein the internal configuration information includes information corresponding to information included in one or more of the authentication token and the user details, and information absent from both the authentication token and the user details (Kruse discloses the service provider validating the authentication token through identifying and verifying that the user information contained within the token is the same as the information that the service provider knows about the user in Column 10, lines 24-47 and further in view of Column 10, lines 1-23)
creating an identity ID using the authentication token, the user details, and the internal configuration information (Kruse discloses an identity being created that is associated with a service provider token which was created from the identity provider token and which compromises user information and service provider data corresponding to the user from the identity provider token in Column 11, lines 4-16)
and providing access to resources based on the identity ID (Kruse discloses the system using the service provider token associated with the user to access resources in Column 11, lines 4-16).
With regards to Claim 14:
Kruse discloses a computer-readable device storing instructions (Kruse discloses a computer-readable storage medium that is a part of a server in Column 22, lines 36-47)
that, when executed by a processor (Kruse discloses the server having a processor in Column 22, lines 36-47)
cause the processor to perform a method comprising: receiving, at a service provider, an authentication request from a user, wherein the user is a member of an entity (Kruse discloses a user sending an authentication request to a service provider where the user is a part of an organization in Column 9, lines 13-44 and further in view of Column 5, lines 36-45)
redirecting the user to an identity provider (Kruse discloses the service provider redirecting the user authentication request to an identity provider associated with the service provider in Column 9, lines 13-44)
receiving an authentication token and user details from the identity provider (Kruse discloses the service provider receiving an authentication token that contains information on the user from the associated identity provider in Column 10, lines 1-23)
validating the authentication token against internal configuration information of the service provider, wherein the internal configuration information includes information corresponding to information included in one or more of the authentication token and the user details, and information absent from both the authentication token and the user details (Kruse discloses the service provider validating the authentication token through identifying and verifying that the user information contained within the token is the same as the information that the service provider knows about the user in Column 10, lines 24-47 and further in view of Column 10, lines 1-23)
creating an identity ID using the authentication token, the user details, and the internal configuration information (Kruse discloses an identity being created that is associated with a service provider token which was created from the identity provider token and which compromises user information and service provider data corresponding to the user from the identity provider token in Column 11, lines 4-16)
and providing access to resources based on the identity ID (Kruse discloses the system using the service provider token associated with the user to access resources in Column 11, lines 4-16).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 2-3, 9-10, and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Kruse (10243945) as applied to claim 1 above, and further in view of Lund (20170244695).
With regards to Claim 2:
Kruse discloses:
further comprising: receiving, at the service provider, a login address and a client ID, from the entity (Kruse discloses the service provider identifies received user information from the user, this data including the IP address of the user and the user’s identity in Column 10, lines 1-23)
Kruse does not disclose:
and associating a login context with the login address and the client ID.
However, in an analogous art, Lund discloses:
and associating a login context with the login address and the client ID (Lund discloses the system associating the login address and client credentials with the URL that was used by the user to send the authentication request in Paragraph 45 and further in view of Paragraph 46).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of associating user data with the URL of the user and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the security of the system by creating another piece of data that can be used to quickly identify and validate authorized devices and users.
With regards to Claim 3: 
Kruse does not disclose
receiving the authentication request through the login context
identifying the login address and client ID based on the login context
and redirecting the user to the identity provider based on the login address and the client ID associated with the login context.
However, in an analogous art, Lund discloses:
receiving the authentication request through the login context (Lund discloses an authentication request being sent through an indicator associated with the URL of a login webpage utilized by the user in Paragraph 45 and further in view of Paragraph 46)
identifying the login address and client ID based on the login context (Lund discloses the system identifying the login address and client data through the indicator associated with the URL of the login webpage utilized by the user in Paragraph 46 and further in view of Paragraph 47)
and redirecting the user to the identity provider based on the login address and the client ID associated with the login context (Lund discloses the system redirecting the user request to a second service provider acting as an identity provider based on the client ID and login address of the user sink device in Paragraph 55 and further in view of Paragraph 27).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of associating user data with the URL of the user and utilizing this URL for authentication requests and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability and security of the system by creating a means of associating another piece of data with a user and then using that associated data to automatically redirect user requests to the relevant systems.
With regard to claim 9:
Kruse discloses:
further comprising: receiving, at the service provider, a login address and a client ID, from the entity (Kruse discloses the service provider identifies received user information from the user, this data including the IP address of the user and the user’s identity in Column 10, lines 1-23)
Kruse does not disclose:
and associating a login context with the login address and the client ID.
However, in an analogous art, Lund discloses:
and associating a login context with the login address and the client ID (Lund discloses the system associating the login address and client credentials with the URL that was used by the user to send the authentication request in Paragraph 45 and further in view of Paragraph 46).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of associating user data with the URL of the user and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the security of the system by creating another piece of data that can be used to quickly identify and validate authorized devices and users.
With regards to Claim 10: 
Kruse does not disclose
receiving the authentication request through the login context
identifying the login address and client ID based on the login context
and redirecting the user to the identity provider based on the login address and the client ID associated with the login context.
However, in an analogous art, Lund discloses:
receiving the authentication request through the login context (Lund discloses an authentication request being sent through an indicator associated with the URL of a login webpage utilized by the user in Paragraph 45 and further in view of Paragraph 46)
identifying the login address and client ID based on the login context (Lund discloses the system identifying the login address and client data through the indicator associated with the URL of the login webpage utilized by the user in Paragraph 46 and further in view of Paragraph 47)
and redirecting the user to the identity provider based on the login address and the client ID associated with the login context (Lund discloses the system redirecting the user request to a second service provider acting as an identity provider based on the client ID and login address of the user sink device in Paragraph 55 and further in view of Paragraph 27).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of associating user data with the URL of the user and utilizing this URL for authentication requests and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability and security of the system by creating a means of associating another piece of data with a user and then using that associated data to automatically redirect user requests to the relevant systems.
With regard to claim 15:
Kruse discloses:
further comprising: receiving, at the service provider, a login address and a client ID, from the entity (Kruse discloses the service provider identifies received user information from the user, this data including the IP address of the user and the user’s identity in Column 10, lines 1-23)
Kruse does not disclose:
and associating a login context with the login address and the client ID.
However, in an analogous art, Lund discloses:
and associating a login context with the login address and the client ID (Lund discloses the system associating the login address and client credentials with the URL that was used by the user to send the authentication request in Paragraph 45 and further in view of Paragraph 46).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of associating user data with the URL of the user and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the security of the system by creating another piece of data that can be used to quickly identify and validate authorized devices and users.
With regards to Claim 16: 
Kruse does not disclose
receiving the authentication request through the login context
identifying the login address and client ID based on the login context
and redirecting the user to the identity provider based on the login address and the client ID associated with the login context.
However, in an analogous art, Lund discloses:
receiving the authentication request through the login context (Lund discloses an authentication request being sent through an indicator associated with the URL of a login webpage utilized by the user in Paragraph 45 and further in view of Paragraph 46)
identifying the login address and client ID based on the login context (Lund discloses the system identifying the login address and client data through the indicator associated with the URL of the login webpage utilized by the user in Paragraph 46 and further in view of Paragraph 47)
and redirecting the user to the identity provider based on the login address and the client ID associated with the login context (Lund discloses the system redirecting the user request to a second service provider acting as an identity provider based on the client ID and login address of the user sink device in Paragraph 55 and further in view of Paragraph 27).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of associating user data with the URL of the user and utilizing this URL for authentication requests and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability and security of the system by creating a means of associating another piece of data with a user and then using that associated data to automatically redirect user requests to the relevant systems.
Claim 4, 11, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Kruse (10243945) as applied to claim 1 above, and further in view of Fork (20120254957).
With regards to Claim 4:
Kruse discloses:
wherein the authentication token comprises an identity provider identifier, a user identifier, and an entity identifier (Kruse discloses the identity verification token comprising identity provider attestation information, a user identifier, and the identifier of an account in Column 10, lines 1-23)
Kruse does not disclose:
and wherein the validating comprises verifying that the user identifier is associated with the entity in the internal configuration information.
However, in an analogous art, Fork discloses:
and wherein the validating comprises verifying that the user identifier is associated with the entity in the internal configuration information (Fork discloses the system validating that a user identity is associated with a trusted service through data kept in the service provider in Paragraph 70 and further in view of Paragraph 74).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of validating an entity based on whether or not it is associated with a user in the service provider and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the security of the system by allowing the system to validate that an entity is in fact associated with a validated user and not simply posing as another entity to access data that it shouldn’t.
With regards to Claim 11:
Kruse discloses:
wherein the authentication token comprises an identity provider identifier, a user identifier, and an entity identifier (Kruse discloses the identity verification token comprising identity provider attestation information, a user identifier, and the identifier of an account in Column 10, lines 1-23)
Kruse does not disclose:
and wherein the validating comprises verifying that the user identifier is associated with the entity in the internal configuration information.
However, in an analogous art, Fork discloses:
and wherein the validating comprises verifying that the user identifier is associated with the entity in the internal configuration information (Fork discloses the system validating that a user identity is associated with a trusted service through data kept in the service provider in Paragraph 70 and further in view of Paragraph 74).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of validating an entity based on whether or not it is associated with a user in the service provider and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the security of the system by allowing the system to validate that an entity is in fact associated with a validated user and not simply posing as another entity to access data that it shouldn’t.
With regards to Claim 17:
Kruse discloses:
wherein the authentication token comprises an identity provider identifier, a user identifier, and an entity identifier (Kruse discloses the identity verification token comprising identity provider attestation information, a user identifier, and the identifier of an account in Column 10, lines 1-23)
Kruse does not disclose:
and wherein the validating comprises verifying that the user identifier is associated with the entity in the internal configuration information.
However, in an analogous art, Fork discloses:
and wherein the validating comprises verifying that the user identifier is associated with the entity in the internal configuration information (Fork discloses the system validating that a user identity is associated with a trusted service through data kept in the service provider in Paragraph 70 and further in view of Paragraph 74).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a means of validating an entity based on whether or not it is associated with a user in the service provider and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the security of the system by allowing the system to validate that an entity is in fact associated with a validated user and not simply posing as another entity to access data that it shouldn’t.
Claim 5-7, 12-13, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kruse (10243945) as applied to claim 1 above, and further in view of Avetisov (20200067907).
With regards to Claim 5:
Lund does not disclose:
wherein the creating of the identity ID comprises performing a hash using inputs comprising: the authentication token, the user details, and the internal configuration information
However, in an analogous art, Avetisov discloses:
wherein the creating of the identity ID comprises performing a hash using inputs comprising: the authentication token, the user details, and the internal configuration information (Avetisov discloses the identity of a user being created through hashing a data set which can include an authentication token, user information including the device identifier utilized by the user, and an identifier of a user account associated with an entity in Paragraph 105)
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by utilizing a hash function in the creation of a user identity and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability of the system by incorporating a hash function that can be used by the system to quickly look up a user identity when associated items and data are presented to the system.
With regard to Claim 6:
Kruse does not disclose:
wherein the authentication token comprises an entity identifier
wherein the internal configuration information comprises an entity name that is different from the entity identifier
and wherein the user details comprise an account identifier
However, in an analogous art, Avetisov discloses:
wherein the authentication token comprises an entity identifier (Avetisov discloses a token tied to the identifier of an entity such as a company in Paragraph 97 and further in view of Paragraph 44)
wherein the internal configuration information comprises an entity name that is different from the entity identifier (Avetisov discloses the data held by the UID repository of users and accounts including a secondary identifier for an account that is different from the primary identifier used in the account in Paragraph 105)
and wherein the user details comprise an account identifier (Avetisov discloses user details tied to a user account identifier being a part of the hashed set in Paragraph 97)
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating additional identifiers associated with a user and an entity tied to the user and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the security of the system by allowing for the system to use additional identification data to validate a user or device.
With regards to Claim 7:
Kruse does not disclose:
wherein the providing access to resources comprises: storing the identity ID, an entity name corresponding to the entity, and a resource identifier in a data store
receiving, from the user, a request for a resource corresponding to the resource identifier
determining that the resource identifier is associated, in the data store, with the entity
determining that the user is associated, in the data store, with the entity
verifying, in the data store, that the user is granted access to the resource corresponding to the resource identifier
and providing to the user, access to the resource corresponding to the resource identifier.
However, in an analogous art, Avetisov discloses:
wherein the providing access to resources comprises: storing the identity ID, an entity name corresponding to the entity, and a resource identifier in a data store (Avetisov discloses a UID repository acting as a data store that stores the identities and identifiers of users, accounts, and a resources Paragraph 100 and further in view of Paragraph 102)
receiving, from the user, a request for a resource corresponding to the resource identifier (Avetisov discloses a user sending a request to access a resource that corresponds to an identifier stored in the UID repository in Paragraph 100 and Paragraph 101)
determining that the resource identifier is associated, in the data store, with the entity (Avetisov discloses the system determining whether a resource has been previously been given access to an entity in Paragraph 102)
determining that the user is associated, in the data store, with the entity (Avetisov discloses the system determining via the UID repository that an entity is associated with a user in Paragraph 102 and further in view of Paragraph 105)
verifying, in the data store, that the user is granted access to the resource corresponding to the resource identifier (Avetisov discloses the system determining via the UID repository that a user does have a valid token that can be used to access a resource in Paragraph 105)
and providing to the user, access to the resource corresponding to the resource identifier (Avetisov discloses the system providing the user access to a resource corresponding to an identifier found within the UID repository in Paragraph 105 and further in view of Paragraph 102).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a data store or database of identifiers, users, and accounts that can be utilized in access control and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability and security of a system by creating a database that can be quickly referenced by the system to determine what users and accounts have access to what resources.
With regards to Claim 12:
Lund does not disclose:
wherein the creating of the identity ID comprises performing a hash using inputs comprising: the authentication token, the user details, and the internal configuration information
However, in an analogous art, Avetisov discloses:
wherein the creating of the identity ID comprises performing a hash using inputs comprising: the authentication token, the user details, and the internal configuration information (Avetisov discloses the identity of a user being created through hashing a data set which can include an authentication token, user information including the device identifier utilized by the user, and an identifier of a user account associated with an entity in Paragraph 105)
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by utilizing a hash function in the creation of a user identity and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability of the system by incorporating a hash function that can be used by the system to quickly look up a user identity when associated items and data are presented to the system.
With regards to Claim 13:
Kruse does not disclose:
wherein the providing access to resources comprises: storing the identity ID, an entity name corresponding to the entity, and a resource identifier in a data store
receiving, from the user, a request for a resource corresponding to the resource identifier
determining that the resource identifier is associated, in the data store, with the entity
determining that the user is associated, in the data store, with the entity
verifying, in the data store, that the user is granted access to the resource corresponding to the resource identifier
and providing to the user, access to the resource corresponding to the resource identifier.
However, in an analogous art, Avetisov discloses:
wherein the providing access to resources comprises: storing the identity ID, an entity name corresponding to the entity, and a resource identifier in a data store (Avetisov discloses a UID repository acting as a data store that stores the identities and identifiers of users, accounts, and a resources Paragraph 100 and further in view of Paragraph 102)
receiving, from the user, a request for a resource corresponding to the resource identifier (Avetisov discloses a user sending a request to access a resource that corresponds to an identifier stored in the UID repository in Paragraph 100 and Paragraph 101)
determining that the resource identifier is associated, in the data store, with the entity (Avetisov discloses the system determining whether a resource has been previously been given access to an entity in Paragraph 102)
determining that the user is associated, in the data store, with the entity (Avetisov discloses the system determining via the UID repository that an entity is associated with a user in Paragraph 102 and further in view of Paragraph 105)
verifying, in the data store, that the user is granted access to the resource corresponding to the resource identifier (Avetisov discloses the system determining via the UID repository that a user does have a valid token that can be used to access a resource in Paragraph 105)
and providing to the user, access to the resource corresponding to the resource identifier (Avetisov discloses the system providing the user access to a resource corresponding to an identifier found within the UID repository in Paragraph 105 and further in view of Paragraph 102).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a data store or database of identifiers, users, and accounts that can be utilized in access control and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability and security of a system by creating a database that can be quickly referenced by the system to determine what users and accounts have access to what resources.
With regards to Claim 19:
Lund does not disclose:
wherein the creating of the identity ID comprises performing a hash using inputs comprising: the authentication token, the user details, and the internal configuration information
However, in an analogous art, Avetisov discloses:
wherein the creating of the identity ID comprises performing a hash using inputs comprising: the authentication token, the user details, and the internal configuration information (Avetisov discloses the identity of a user being created through hashing a data set which can include an authentication token, user information including the device identifier utilized by the user, and an identifier of a user account associated with an entity in Paragraph 105)
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by utilizing a hash function in the creation of a user identity and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability of the system by incorporating a hash function that can be used by the system to quickly look up a user identity when associated items and data are presented to the system.
With regards to Claim 20:
Kruse does not disclose:
wherein the providing access to resources comprises: storing the identity ID, an entity name corresponding to the entity, and a resource identifier in a data store
receiving, from the user, a request for a resource corresponding to the resource identifier
determining that the resource identifier is associated, in the data store, with the entity
determining that the user is associated, in the data store, with the entity
verifying, in the data store, that the user is granted access to the resource corresponding to the resource identifier
and providing to the user, access to the resource corresponding to the resource identifier.
However, in an analogous art, Avetisov discloses:
wherein the providing access to resources comprises: storing the identity ID, an entity name corresponding to the entity, and a resource identifier in a data store (Avetisov discloses a UID repository acting as a data store that stores the identities and identifiers of users, accounts, and a resources Paragraph 100 and further in view of Paragraph 102)
receiving, from the user, a request for a resource corresponding to the resource identifier (Avetisov discloses a user sending a request to access a resource that corresponds to an identifier stored in the UID repository in Paragraph 100 and Paragraph 101)
determining that the resource identifier is associated, in the data store, with the entity (Avetisov discloses the system determining whether a resource has been previously been given access to an entity in Paragraph 102)
determining that the user is associated, in the data store, with the entity (Avetisov discloses the system determining via the UID repository that an entity is associated with a user in Paragraph 102 and further in view of Paragraph 105)
verifying, in the data store, that the user is granted access to the resource corresponding to the resource identifier (Avetisov discloses the system determining via the UID repository that a user does have a valid token that can be used to access a resource in Paragraph 105)
and providing to the user, access to the resource corresponding to the resource identifier (Avetisov discloses the system providing the user access to a resource corresponding to an identifier found within the UID repository in Paragraph 105 and further in view of Paragraph 102).
One of ordinary skill in the art would have been motivated, before the effective filing date of the claimed invention, to modify the system of Kruse by incorporating a data store or database of identifiers, users, and accounts that can be utilized in access control and thereby gaining, predictably, the commonly understood benefits of such adaptions, that is, enhance the usability and security of a system by creating a database that can be quickly referenced by the system to determine what users and accounts have access to what resources.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEVON H. MILLER whose telephone number is (571)272-2010. The examiner can normally be reached M-F 7:30 AM - 5 PM (EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on (571)272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/D.H.M./Examiner, Art Unit 2493                                                                                                                                                                                                        
/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493