DETAILED ACTION
This Office Action is in response to the application 17/0456,344 filed on 11/17/2020.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-9 have been examined and are pending in this application. Claims 1, 9 are independent.
	Priority
PCT Application No. PCT/IB2020/053548, filed on 04/15/2020. Foreign Application IT 102019000005876, Filed on 04/16/2019
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 11/17/2020, is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Drawing Objections
drawings are objected to because they are not informative; diagram/flowchart illustrated in figure 1 should include texts describing names/labels for each block/box and numerically labeled components, in referenced to the specification, for one in the ordinary person in the field to understand the invention that is described in the specification with reference to the figures.
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. 
Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. 
The objection to the drawings will not be held in abeyance.
The Applicant is reminded that, similar to the claim amendment process, when changing/editing any figure of the drawing(s), requires re-submission of the whole set of the drawings, including all figures for the office to enter the drawing amendment (emphasis added). 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-9 are rejected under 35 U.S.C. 103 as being unpatentable over De Boursetty et al (“DeBoursetty,” US 9,847,990, patented on 12/19/2017), in view of Subramanian et al (“Subramanian,” US 7,219,237, published on 03/15/2018).
As to claim 1, DeBoursetty teaches a system for managing multiple-[domain] access credentials of a user enabled to access [a plurality of domains] (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 6-67, a system and method for allowing a user/client access to multiple applications using a single-sign-on (SSO) user authentication mechanism), said system comprising:
a server for managing credentials comprising a storage support wherein at least a database is stored wherein the access credentials of said user for each of said [domains] are separately present, each of said access credentials comprising the access level of said user [for each of said domains] (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, user provides username and password [i.e. access credential] to a single-sign-on (SSO) authentication server for authentication of user associated with an user account that allows one or more applications facilitated by an application service provider);
a service device available to said user and provided with a storage support and a user interface for interfacing said credential management server and at least a network server (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, the client device [i.e. service device], such as a mobile phone, a smartphone, a tablet personal computer (PC) [i.e. device with an user interface], etc., that is conned to the authentication server over network for performing the account registration/signing-in process);
said at least a network server comprising a storage support wherein the applications and resources related to at least one of said domains are stored (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 8-67; Fig 1, 4, 6, 12, an application service provider (ASP) serves as network source that provides content and/or services, accessible to client device via a network. The client device [i.e. service device] includes and employs a browser to access the network-based platform to receive the service and access the content provided by the content/service provider);
said service device being configured to send to said credential management server, through said interface, an access request by said user to a specific [domain among said domains], said credential management server, as a response to said access request (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, the client device performs signing-in process with the authentication server providing user authentication credential) and 
upon authenticity verification of said user, being configured to send to said service device the access credentials of said user for all of [said domains], said service device being configured to store said access credentials in said storage support and to send to said network server an access request to said specific [domain] by sending access credentials exclusively related to said specific [domain], said network server, as a response to said access request, being configured to enable said user to access by means of said service device said applications and resources [of said specific domain based on the access level of said user for said specific domain] (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, upon successful user authentication, an authentication token or session token [i.e. access credential] is generated that authenticates the user identity with a user account for the two or more applications and/or the device. The client device is allowed to access a requested first application based on the token);
said service device, once said access credentials are available in said storage support, being further configured to enable said user, by means of said interface, to send to said network server an access request to a second specific [domain, different from said specific domain], by sending access credentials related exclusively to said second specific [domain] with no need to send to said credential management server an access request by said user to access said second specific [domain,] said network server, as a response to said access request, being configured to enable said user to access by means of said service device said applications and resources [of said second specific domain regardless of said applications] and said resources [of said specific domain] and based on the access level of said user for said [second specific domain] (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, upon accessing the first application, the client device is allowed to access a requested second application based on the token, under single sign-on).
While DeBoursetty teaches of providing a user device access to two or more applications/resources stored in an application service provider, over network, using single sign-on functionalities, but does not discloses the applications/resources are in a different domain or system domain, More specifically, DeBoursetty does not explicitly teach the claim limitation a plurality of domains; [access level] for each of said domains; to a specific domain among said domains; [credentials] for all of said domains; [request] domain; [access] applications and resources of said specific domain based on the access level of said user for said specific domain; [access request ] to a second specific domain, different from said specific domain;  [access] applications; and resources of said second specific domain regardless of said applications; of said specific domain and based on the access level of said user for said second specific domain.
However, in an analogous art, Subramanian teaches a plurality of domains; [access level] for each of said domains; to a specific domain among said domains; [credentials] for all of said domains; [request] domain; [access] applications and resources of said specific domain based on the access level of said user for said specific domain; [access request ] to a second specific domain, different from said specific domain;  [access] applications; and resources of said second specific domain regardless of said applications; of said specific domain and based on the access level of said user for said second specific domain (Subramanian: pars 0019-0020, 0027, discloses a multi-tenant identity and data security management and secure access to cloud-based applications[ a very similar architecture disclosed in DeBoursetty] providing user a SSO functionality across variety of services/applications/systems [i.e. different system or domain]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Subramanian with the method/system of DeBoursetty for the benefit of providing a user with a means for accessing across variety of systems similar to accessing two or more services/applications using SSO functionality as an obvious variation/option (Subramanian: pars 0019-0020, 0027).
As to claim 2, the combination of DeBoursetty and Subramanian teaches the system according to claim 1, 
DeBoursetty further teaches wherein said access request of said service device to said credential management server comprises at least an identification of said user related to one of said domains and a verification information of said identification (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, user provides username and password [i.e. access credential] to a single-sign-on (SSO) authentication server for authentication of user associated with an user account that allows one or more applications facilitated by an application service provider).
As to claim 3, the combination of DeBoursetty and Subramanian teaches the system according to claim 2, 
DeBoursetty and Subramanian further teaches characterized in that wherein said verification information of said identification is a password or/and a biometric identification (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, user provides username and password [i.e. access credential] to a single-sign-on (SSO) authentication server for authentication of user associated with an user account that allows one or more applications facilitated by an application service provider. Subramanian: pars 0195, 0366, on different types of authentication factor including biometric).
As to claim 4, the combination of DeBoursetty and Subramanian teaches the system according to claim 1, 
Subramanian further teaches further comprising a plurality of network servers, said applications and said resources of each of said domains being stored in one of said network servers (Subramanian: pars 0019-0020, 0027, discloses providing user a SSO functionality across variety of services/applications/systems [i.e. different system or domain]).
As to claim 5, the combination of DeBoursetty and Subramanian teaches the system according to claim 1, 
DeBoursetty further teaches wherein said service device alternatively comprises a smartphone device, a tablet device, a desktop pc or a laptop (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, the client device [i.e. service device],is a mobile phone, a smartphone, or a tablet personal computer (PC) [i.e. device with an user interface], etc., that is conned to the authentication server).
As to claim 6, the combination of DeBoursetty and Subramanian teaches the system according to claim 1, 
DeBoursetty and Subramanian further teaches wherein said user interface is a web user interface made available to said user by means of a web browser residing in said service device, said storage support being the local Storage of said web browser (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, the client device [i.e. service device],is a mobile phone, a smartphone, or a tablet personal computer (PC) [i.e. device with an user interface], etc. Client device include and employ a browser to access. Subramanian pars 0129, 0131, discloses web browser that the user sues).
As to claim 7, the combination of DeBoursetty and Subramanian teaches the system according to claim 1, 
DeBoursetty further teaches wherein said access credentials of said user for each of said domains comprise an authentication and session “token” (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, upon successful user authentication, an authentication token or session token is generated that authenticates the user identity with a user account for the two or more applications and/or the device. The client device is allowed to access a requested first application based on the token).
As to claim 8, the combination of DeBoursetty and Subramanian teaches the system according to claim 1, 
DeBoursetty and Subramanian further teaches wherein said access request of said service device to said network server comprises a request for using one or more specific applications or one or more specific resources belonging to said applications and said resources available to said network server (DeBoursetty: col 3, lines 11-37, col 4, lines 08-67, col 5, liens 1-7, col 5, 56-67, Col 8, lines 7-62; Fig 1, 4, 6, 12, upon accessing the first application, the client device is allowed to access a requested second application based on the token, under single sign-on. Subramanian: pars 0019-0020, 0027, a multi-tenant identity and data security management and secure access to cloud-based applications providing user a SSO functionality across variety of services/applications/systems).
As to claim 9, the claim is directed to method performing functions similar to the independent claim 1, and therefore rejected for the same reason set forth above for claim 1.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jahangir Kabir whose telephone number is (571) 270-3355.  The examiner can normally be reached on 9:00- 5:00 Mon-Thu.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/JAHANGIR KABIR/             Primary Examiner, Art Unit 2439