DETAILED ACTION
This Office Action is in response to the communication filed on 07/29/2022.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
As per instant Amendment, submitted on 07/29/2022, claims 1-16 have been examined and are pending; claims 1, 4, and 8 are independent.  
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant’s submission filed on 07/29/2022 has been entered.
Claim Objections
Claims 1 and 8 are objected to because of the following informalities:
As to claim 1, the amended claim recites, in lines 8-9, “online information corresponding to the user terminal to the authentication device, such that an authentication device updates an online state of the user terminal” with improper use of the articles, “the” and “an.” It is suggested that the claim be further amended to corrected the issue, by reciting, “online information corresponding to the user terminal to an authentication device, such that the authentication device updates an online state of the user terminal” (emphasis added).
As to claim 8, the claim is also objected for similar reason.
Appropriate correction(s) is required.
Response to Arguments
As to the rejections of claim 1-16, rejected under 35 U.S.C. § 112(b), the rejections are withdrawn as the claims have been amended.
Applicant’s arguments with respect prior-art rejections to claims 1-16, filed on 07/29/2022, have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 4, 8, 11, 15, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Finch et al (“Finch,” US 2018/0268165, published on 09/20/2018), in view of Li (“Li,” US 2014/0366094, published on 12/211/2014).
As to claim 1, Finch teaches a method of Portal authentication, the method being applied to a Portal server (Finch: pars 004, 0010-0012; Fig 1-3, system and process [i.e. method] for an efficient and secure interface for transferring protected electronic information using as a full log in page for permitting access to protected electronic information) and comprising:
in response to an authentication request from a user terminal (Finch: pars 004, 0010-0012; Fig 1-3, the system receives a request from a user device[i.e. user terminal]), sending an authentication webpage to the user terminal (Finch: pars 004, 0010-0012; Fig 1-3, based on the access request from a user device, the system generates a generate a unique access link (uniform resource locator, or URL) [i.e. authentication webpage] for that user. Then send the link to the user over communication link),
authenticating login information returned by the user terminal through the authentication webpage (Finch: pars 004-006, 0010-0012; Fig 1-3, when the user follows the link with a web browser, the system prompts the user to enter an additional piece of personal information [i.e. login information] that is not known to the general public, such as username and password or other information, to gain access to a “login” state), and
in response to successful authentication with respect to the login information, sending online information corresponding to the user terminal [ ] updates an online state of the user terminal (Finch: pars 004, 0010-0012; Fig 1-3, when following the unique link with a web browser the user, at a “no login” state,” enters an additional piece of personal information, [i.e. login information] the information is verified, and the user gains access to a “login” state from the user device [i.e. updating online state]).
Finch does not explicitly teach sending to an authentication device, such that the authentication device updates the online state; and wherein the authentication device further verifies the online information authenticated by the Portal server, marks the online state of the user terminal corresponding to the verified online information as online, and marks the online state of the user terminal corresponding to the unverified online information as offline to prevent access to network resources. 
However, in an analogous art, Li teaches sending to an authentication device, such that the authentication device updates the online state; and wherein the authentication device further verifies the online information authenticated by the Portal server, marks the online state of the user terminal corresponding to the verified online information as online, and marks the online state of the user terminal corresponding to the unverified online information as offline to prevent access to network resources (Li: pars 0012, 0014, 0029, 0043-0044, 0059, a process where an authentication cooling threshold [i.e. online information of authentication] is used for an authentication of terminal by wireless network, for managing a connection status after authentication instead of maintaining persistent connection with the network for improving efficiency. The cooling threshold is associated with a duration in which a valid authentication of the terminal by the wireless network is retained [i.e. online state]. If the terminal does not perform communication by using the wireless network in a time period and the time period is longer than or equal to an authentication cooling threshold, the terminal is required to be authorized again by the authentication device [i.e. offline status] for acing the network [i.e. accessing resource]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Li with the method/system of Finch for the benefit of providing a user with a means for using a authentication cooling threshold [or time threshold] for avoiding a persistent connection with the network and improve the connection management efficiency and as well as a security feature (Li: pars 0012, 0014, 0029, 0043-0044, 0059). 
As to claim 3, the combination of Finch and Li teaches the method of claim 1, 
Li further teach further comprising: in response to the successful authentication with respect to the login information, obtaining a creation timestamp of the online information: and sending the creation timestamp to the authentication device, such that the authentication device verifies the online information based on time difference between a time of receiving the online information and the creation timestamp (Li: pars 0012, 0014, 0029, 0043-0044, 0059, a process where an authentication cooling threshold [i.e. time/period threshold] is used for an authentication of terminal by wireless network, for managing a connection status after authentication instead of maintaining persistent connection with the network for improving efficiency. The cooling threshold is associated with a duration in which a valid authentication of the terminal by the wireless network is retained [i.e. online state]. If the terminal does not perform communication by using the wireless network in a time period and the time period is longer than or equal to an authentication cooling threshold, the terminal is required to be authorized again by the authentication device [i.e. offline status] for acing the network [i.e. accessing resource]).
As to claim 4, Finch teaches a method of Portal authentication, the method being applied to [ ] server (Finch: pars 004, 0010-0012; Fig 1-3, system and process [i.e. method] for an efficient and secure interface for transferring protected electronic information using as a full log in page for permitting access to protected electronic information) comprising:
receiving a Hyper Text Transfer Protocol (HTTP) request from a user terminal (Finch: pars 004, 0010-0012; Fig 1-3, the system receives a request from a user device [i.e. user terminal]);
in response to determining that the user terminal is not online, returning an address of an authentication webpage to the user terminal, such that the user terminal sends user login information to a Portal server by accessing the address (Finch: pars 004, 0010-0012; Fig 1-3, based on the access request from a user device, the system generates a generate a unique access link (uniform resource locator, or URL) [i.e. authentication webpage] for that user. Then send the link to the user over communication link); and
upon receiving, from the Portal server, online information indicating that the user login information is authenticated by the Portal server, marking the user terminal as online (Finch: pars 004, 0010-0012; Fig 1-3, when following the unique link with a web browser the user, at a “no login” state,” enters an additional piece of personal information, [i.e. login information] the information is verified, and the user gains access to a “login” state from the user device [i.e. marking online]).
Finch does not explicitly teach wherein the authentication device further verifies the online information authenticated by the Portal server, marks the online state of the user terminal corresponding to the verified online information as online, and marks the online state of the user terminal corresponding to the unverified online information as offline to prevent access to network resources. 
However, in an analogous art, Li teaches wherein the authentication device further verifies the online information authenticated by the Portal server, marks the online state of the user terminal corresponding to the verified online information as online, and marks the online state of the user terminal corresponding to the unverified online information as offline to prevent access to network resources (Li: pars 0012, 0014, 0029, 0043-0044, 0059, a process where an authentication cooling threshold [i.e. online information of authentication] is used for an authentication of terminal by wireless network, for managing a connection status after authentication instead of maintaining persistent connection with the network for improving efficiency. The cooling threshold is associated with a duration in which a valid authentication of the terminal by the wireless network is retained [i.e. online state]. If the terminal does not perform communication by using the wireless network in a time period and the time period is longer than or equal to an authentication cooling threshold, the terminal is required to be authorized again by the authentication device [i.e. offline status] for acing the network [i.e. accessing resource]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Li with the method/system of Finch for the benefit of providing a user with a means for using a authentication cooling threshold [or time threshold] for avoiding a persistent connection with the network and improve the connection management efficiency and as well as a security feature (Li: pars 0012, 0014, 0029, 0043-0044, 0059). 
As to claim 7, the combination of Finch and Li teaches the method according to claim 4, 
Li further teach further comprising: receiving a creation timestamp of the online information from the Portal server; and in response to determining that time difference between a time of receiving the online information and the creation timestamp is less than a preset threshold, determining that the online information is verified (Li: pars 0012, 0014, 0029, 0043-0044, 0059, a process where an authentication cooling threshold [i.e. time/period threshold] is used for an authentication of terminal by wireless network, for managing a connection status after authentication instead of maintaining persistent connection with the network for improving efficiency. The cooling threshold is associated with a duration in which a valid authentication of the terminal by the wireless network is retained [i.e. online state]. If the terminal does not perform communication by using the wireless network in a time period and the time period is longer than or equal to an authentication cooling threshold, the terminal is required to be authorized again by the authentication device [i.e. offline status] for acing the network [i.e. accessing resource]).
As to claim 8, Finch teaches a Portal server, comprising: a processor; and a memory for storing instructions that are executable by the processor to perform operations server (Finch: pars 004, 0010-0012; Fig 1-3, system and process [i.e. method] for an efficient and secure interface for transferring protected electronic information using as a full log in page for permitting access to protected electronic information) comprising:
in response to an authentication request from a user terminal (Finch: pars 004, 0010-0012; Fig 1-3, the system receives a request from a user device[i.e. user terminal]), sending an authentication webpage to the user terminal (Finch: pars 004, 0010-0012; Fig 1-3, based on the access request from a user device, the system generates a generate a unique access link (uniform resource locator, or URL) [i.e. authentication webpage] for that user. Then send the link to the user over communication link), 
authenticating login information returned by the user terminal through the authentication webpage (Finch: pars 004-006, 0010-0012; Fig 1-3, when the user follows the link with a web browser, the system prompts the user to enter an additional piece of personal information [i.e. login information] that is not known to the general public, such as username and password or other information, to gain access to a “login” state); and 
in response to successful authentication with respect to the login information, sending online information corresponding to the user terminal [ ], updates an online state of the user terminal (Finch: pars 004, 0010-0012; Fig 1-3, when following the unique link with a web browser the user, at a “no login” state,” enters an additional piece of personal information, [i.e. login information] the information is verified, and the user gains access to a “login” state from the user device [i.e. updating online state]).
Finch does not explicitly teach sending to an authentication device, such that the authentication device updates the online state; and wherein the authentication device further verifies the online information authenticated by the Portal server, marks the online state of the user terminal corresponding to the verified online information as online, and marks the online state of the user terminal corresponding to the unverified online information as offline to prevent access to network resources. 
However, in an analogous art, Li teaches sending to an authentication device, such that the authentication device updates the online state; and wherein the authentication device further verifies the online information authenticated by the Portal server, marks the online state of the user terminal corresponding to the verified online information as online, and marks the online state of the user terminal corresponding to the unverified online information as offline to prevent access to network resources (Li: pars 0012, 0014, 0029, 0043-0044, 0059, a process where an authentication cooling threshold [i.e. online information of authentication] is used for an authentication of terminal by wireless network, for managing a connection status after authentication instead of maintaining persistent connection with the network for improving efficiency. The cooling threshold is associated with a duration in which a valid authentication of the terminal by the wireless network is retained [i.e. online state]. If the terminal does not perform communication by using the wireless network in a time period and the time period is longer than or equal to an authentication cooling threshold, the terminal is required to be authorized again by the authentication device [i.e. offline status] for acing the network [i.e. accessing resource]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Li with the method/system of Finch for the benefit of providing a user with a means for using a authentication cooling threshold [or time threshold] for avoiding a persistent connection with the network and improve the connection management efficiency and as well as a security feature (Li: pars 0012, 0014, 0029, 0043-0044, 0059). 
As to claims 10 the claim limitations are similar to the method claim 3, and are rejected for the same reason set forth for above for claim 3.
As to claim 11, the claim is directed to an authentication device, comprising: a processor; and a memory for storing instructions that are executable by the processor to perform the method of Portal authentication according to claim 4, and therefore the claim is rejected for the similar reason set forth above for claim 4. 
As to claims 14 the claim limitations are similar to the method claim 3, and are rejected for the same reason set forth for above for claim 3.
As to claim 15, the claim is directed to a computer-readable storage medium having computer instructions stored thereon, wherein the instructions are executed by a processor to perform the method of Portal authentication according to claim 1, and therefore the claim is rejected for the similar reason set forth above for claim 1. 
As to claim 16, the claim is directed to a computer-readable storage medium having computer instructions stored thereon, wherein the instructions are executed by a processor to perform the method of Portal authentication according to claim 4, and therefore the claim is rejected for the similar reason set forth above for claim 4. 
Claims 2, 5-6, 9, and 12-13, are rejected under 35 U.S.C. 103 as being unpatentable over Finch et al (“Finch,” US 2018/0268165, published on 09/20/2018), in view of Li (“Li,” US 2014/0366094, published on 12/211/2014), and further in view of Yabe, Kenta (“Yabe,” US 2018/0278603, published on 09/27/2018).
As to claim 2, the combination of Finch and Li teaches the method of claim 1, 
but Finch or Li does not teach further comprising: in response to the successful authentication with respect to the login information, signing the online information with a key shared by the Portal server and the authentication device to obtain signed information, and sending the signed information to the authentication device, such that the authentication device verifies the online information.
However, in an analogous art, Yabe teaches further comprising: in response to the successful authentication with respect to the login information, signing the online information with a key shared by the Portal server and the authentication device to obtain signed information, and sending the signed information to the authentication device, such that the authentication device verifies the online information (Yabe: pars 0099, 0107, 0108; Fig 4, the resource server verifies the access token, the processing proceeds to step S803, and the signature of the signed access token is verified using the public key that is preliminarily acquired from the authentication/authorization server, and resources is permitted within a valid period of the signed access token).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yabe with the method/system of Finch and Li for the benefit of providing a user with a means for using a using a signature for verifying the origin of the access token/authorization for providing secure communication (Yabe: pars 0099, 0107, 0108). 
As to claim 5, the combination of Finch and Li teaches the method of claim 4, 
but Finch or Li does not teach further comprising: receiving signed information from the Portal server, wherein the signed information is obtained by signing the online information with a key shared by the Portal server and the authentication device; signing the online information with the shared key to obtain signed verification information at the authentication device; and in response to determining that the signed information is consistent with the signed verification information, determining that the online information is verified.
However, in an analogous art, Yabe teaches further comprising: receiving signed information from the Portal server, wherein the signed information is obtained by signing the online information with a key shared by the Portal server and the authentication device; signing the online information with the shared key to obtain signed verification information at the authentication device; and in response to determining that the signed information is consistent with the signed verification information, determining that the online information is verified (Yabe: pars 0099, 0107, 0108; Fig 4, the resource server verifies the access token, the processing proceeds to step S803, and the signature of the signed access token is verified using the public key that is preliminarily acquired from the authentication/authorization serve, and resources is permitted within a valid period of the signed access token).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yabe with the method/system of Finch and Li for the benefit of providing a user with a means for using a using a signature for verifying the origin of the access token/authorization for providing secure communication (Yabe: pars 0099, 0107, 0108).
As to claim 6, the combination of Finch, Li, and Yabe teaches the method according to claim 5, 
Li and Yabe further teaches wherein the signing of the online information with the shared key comprises: in response to determining that a timestamp in the online information is consistent with local time, signing the online information with the shared key (Li: pars 0012, 0014, 0029, 0043-0044, 0059, a process where an authentication cooling threshold [i.e. time/period threshold] is used for an authentication of terminal by wireless network, for managing a connection status after authentication instead of maintaining persistent connection with the network for improving efficiency. Yabe: pars 0087, 0099, 0107, 0108; Fig 4, the resource server verifies the access token, the processing proceeds to step S803, and the signature of the signed access token is verified using the public key that is preliminarily acquired from the authentication/authorization serve, and resources is permitted within a valid period [i.e. verifying the timestamp] of the signed access token).
As to claim 9, the claim limitations are similar to the method claim 2, and are rejected for the same reason set forth for above for claims 2 and 3.
As to claims 12-13 the claim limitations are similar to the method claims 5-6, respectively, and are rejected for the same reason set forth for above for claims 5-6.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jahangir Kabir whose telephone number is (571) 270-3355.  The examiner can normally be reached on 9:00- 5:00 Mon-Thu.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002.  The fax number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/JAHANGIR KABIR/             Primary Examiner, Art Unit 2439