DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination (RCE) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed on July 13, 2022 in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on June 21, 2022 has been entered.
Response to Amendments
	This office action is responsive to application 15/963,225 where the Applicant filed an RCE on July 13, 2022 for the corresponding amendments filed on June 21, 2022.  Claims 1 and 12 were amended, and claims 1-22 remain pending in the application.
Response to Arguments
	The Examiner has fully considered the Applicant’s arguments filed with the RCE, and the Examiner responds as provided below.
	Regarding the Applicant’s response at pages 9-10 of the Remarks that concerns the § 103 rejection of claim 1, and by inference independent claim 12 that possesses the same scope with respect to the limitations at issue, the Applicant’s arguments in conjunction with the claim amendments are persuasive, and consequently the Examiner conducted a new prior art search. The Applicant’s arguments are now moot with respect to the aforementioned claims because the arguments do not apply to one of the references currently used in the rejection of the aforementioned claims as detailed below.
Regarding the Applicant’s response at page 11 of the Remarks that concerns the § 103 rejection of the dependent claims, the argument for patentability rests upon the patentability of the independent claims 1 and 12.  Because the independent claims are not patentable over the prior art of record, the dependent claims are similarly not allowable.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The following conventions apply to the mapping of the prior art to the claims:
Italicized text – claim language.
Parenthetical plain text – Examiner’s citation and explanation.
Quotation marks – language quoted from a prior art reference.
Underlining – language quoted from a claim.
Brackets – material altered from either a prior art reference or a claim, which includes the Examiner’s explanation that relates a claim limitation to the quoted material of a reference.
Braces – a limitation taught by another reference, but the limitation is presented with the mapping of the instant reference for context.
Numbered footnote – a first phrase to be moved upwards to the primary reference analysis.
Lettered footnote – a second phrase to be moved after the movement of the first phrase from which it was lifted, or more succinctly, move numbered material first, lettered material last.
A.	Claims 1-6, 8-20, and 22 are rejected under 35 U.S.C. 103 as being unpatentable over He et al. (US 2020/0195649, “He”) in view of Roche et al. (US 9,774,586, “Roche”), and further in view of Roth et al. (US 9,853,979, “Roth”).
Regarding Claim 1
A non-transitory computer readable medium (¶ [0072]) including instructions (¶¶ [0069]-[0070]) that, when executed by at least one processor (¶ [0093]), cause the at least one processor to perform operations (¶¶ [0068]-[0069], “this program including instructions adapted to the implementation of the steps [as operations] of an instantiation method…”) for dynamically providing access control in a network environment (¶¶ [0027]-[0030], “Thus, instead of protecting the cloud computing system [that comprises a network environment] as a whole via a single access control model, the invention makes it possible [through operations] to limit and adapt the scope of the protection to each client. Each client can have a customized [access] control of the access to the resources dynamically and virtually allocated to the client by the cloud computing system.”), the operations comprising: 
receiving an access notification identifying a request (¶ [0112], “The security operating module 2C, which is configured to apply to the requests issued by users,” where the “request” is receiv[ed] and serves as an access notification that identif[ies] the “request”) by an identity (Fig. 1, ¶¶ [0087]-[0092], i.e., the “clients comprises one or several users,” and the “users” act as an identity) for access to an access-protected network resource (Figs. 1 & 2B, ¶ [0098], ”a security module 2C configured to apply, for each client CLn, the access control policy ACPn defined by the latter to control an access [for access] of a user of this client to at least one resource [that acts as an access-protected network resource] among the resources Rn [that is an access-protected network resource] that have been allocated to the client by the cloud computing system 2.”); 
identifying a configurable (¶ [0096], “configured to provide the clients … to define an access control model ACMn and an access control policy ACPn for this client”) and multi-dimensional policy (¶¶ [0129]-[0151], i.e., an RBAC (role-base access control) model is illustrated with “model ACMn” (access control model for client n) possessing numerous attributes that make it a multi-dimensional policy; see also ¶¶ [0152]-[0168] for the “MLS” (“multilevel security”) embodiment) defining rights of the identity to access the access-protected network resource (¶ [0144], “it defines, as access control rule to make a decision whether to authorize or deny an access”), the configurable and multi-dimensional policy (¶¶ [0129]-[0168]) specifying: 
a plurality of access-protected network resources, including the access- protected network resource (¶ [0155], the “two virtual machines ‘vm0’ and ‘vm1’ among the resources Rn”); 
1 …; 
a plurality of policy variables (¶¶ [0154]-[0156], “subjects,” “objects,” and “actions;” see also ¶¶ [0033]-[0040] & ¶¶ [0049]-[0054] and the attendant variables) for controlling access to the access-protected network resource (¶¶ [0016]-[0018], ¶¶ [0033]-[0040] and ¶¶ [0049]-[0054], i.e., the variables associated with the “meta-model” used to control access, the “meta-model” employing at least “attribute categor[ies]” as policy variables),
2 …; and 
a plurality of permissions corresponding to the plurality of policy variables (¶¶ [0161]-[0168], i.e., “it defines as access control rules to make a decision whether to authorize or deny an access” in accordance with the security levels of “low,” “medium,” and “high” and the rules r1 and r2); 
3 …; and 
automatically determining, based on the configurable and multi-dimensional policy, whether to perform at least one of: 
permitting the identity to access the access-protected network resource (¶ [0166], “it defines as access control rules to make a decision whether to authorize or deny an access”); 
denying the identity to access the access-protected network resource (¶ [0166]); or 
rotating a secret associated with the identity (The Examiner notes that He is silent on this limitation, but only one of three limitations listed need be met).
He doesn’t disclose
	1 a policy owner capable of configuring the configurable and multi- dimensional policy;
2 wherein the plurality of policy variables include at least one of secret expiration parameters, permissions, roles, groups, or definitions of secret rotation instructions;
3 a determination of whether to compel a rotation instruction based on the secret rotation instructions;
Roche, however, discloses
	1 a policy owner capable of configuring the configurable and multi- dimensional policy (Col. 3:1-32, “the tenant authorization profile stores a set of access control rules or settings that have been dynamically configured by an administrator [acting as a policy owner] associated with the corresponding tenant”);
Roth, however, discloses
	2 wherein the {plurality of policy variables (He)} include at least one of 
secret expiration parameters (noting only one limitation need be addressed with the use of at least one of), 
permissions, roles, groups, or definitions of secret rotation instructions (Col. 6:4-28, “For instance, in some embodiments, keys are automatically rotated to prevent the keys from being used enough time to enable successful cryptographic attacks that can reveal the keys. To prevent a key from being used enough times to result in a potential security breach, a cryptography service or other system utilizing keys may track operations performed with keys. When a key identified by a key identifier (KeyID) is used in a threshold number of operations [where the threshold comprises a definition of [a] secret rotation instruction], the key may be retired (e.g., unusable for future encryption operations, but usable for future decryption operations) and replaced with a new key to be identified by the KeyID.”);
3 a determination of whether to compel a rotation instruction based on the secret rotation instructions (Col. 6:4-28, “The cryptography service may [make a determination to] perform [and thereby compel] key rotation independent of any request from the entity to perform the key rotation;” and Col. 26:49-27:10, “For example, in some embodiments, key rotation is performed. Key rotation may involve replacing keys with other keys to prevent collection of enough decrypted data to allow practical cracking of a cipher used,” i.e., a determination is made as to when keys should be rotated to prevent the cracking of the cipher);
	Regarding the combination of He and Roche, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the access configuration system of He to have included the administrator feature of Roche. One of ordinary skill in the art would have been motivated to incorporate the administrator feature of Roche because He discloses the role of an “admin,” see Roche ¶ [0140], and Roche teaches that administrators possessing “proper privileges” can assist in the administration of the “configuration data,” see Roche Col. 9:17-32.
	Regarding the combination of He-Roche and Roth, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the access configuration system of He-Roche to have included the rotation feature of Roth. One of ordinary skill in the art would have been motivated to incorporate the rotation feature of Roth because Roth teaches the benefits of key rotation, i.e., “Key rotation may involve replacing keys with other keys to prevent collection of enough decrypted data to allow practical cracking of a cipher used.”  Roth Col. 26:57-59. 
Regarding Claim 2
He in view of Roche, and further in view of Roth (“He-Roche-Roth”) discloses the non-transitory computer readable medium of claim 1, and Roche further discloses
wherein the identity and the access-protected network resource operate in a zero-trust secret management environment (Col. 1:14-36, “A storage system, which supports multi-tenants, must satisfy the security and isolation [or zero-trust secret management] requirements. Here, the “security and isolation requirements” refer to the requirements that each customer's dataset must be secured and isolated from the other customers on the storage component;” and Col. 4:1-22, “a ‘tenant’ refers to the highest unit of abstraction for providing security and logical separation or isolation [for zero-trust secret management] in a multi-tenant storage system.”).
Regarding Claim 3
He-Roche-Roth discloses the non-transitory computer readable medium of claim 1, and He further discloses
wherein the configurable and multi-dimensional policy (¶¶ [0096], [0129]-[0168]) further specifies a group to which the identity belongs (¶ [0076], “allocate computing and network resources to a plurality of clients, each client [that serves as a group] being associated with at least one user [that acts as an identity] likely to access the computing and network resources allocated to the client by the cloud computing system”).

Regarding Claim 4
He-Roche-Roth discloses the non-transitory computer readable medium of claim 1, and He further discloses
wherein the configurable and multi-dimensional policy (¶¶ [0096], [0129]-[0168]) is stored as a declarative document (“In the embodiment described here, the meta-model META is described in the form of instructions in a computer file FILE [that serves as a declarative document] according to the invention stored in the nonvolatile memory 7 of the cloud computing system 2”).
Regarding Claim 5
He-Roche-Roth discloses the non-transitory computer readable medium of claim 4, and He further discloses
wherein the declarative document is at least one of a YAML file, a JSON file, or an XML file (¶ [0122], “It can be described for example by using the known languages JSON (JavaScript Object Notation), XML ( eXtensible Markup Language) or YAML (Yet Another Markup Language)”).
Regarding Claim 6
He-Roche-Roth discloses the non-transitory computer readable medium of claim 1, and Roche further discloses
wherein the policy owner is an administrator identity (Col. 3:1-32, “the tenant authorization profile stores a set of access control rules or settings that have been dynamically configured by an administrator [acting as a policy owner] associated with the corresponding tenant”).

Regarding Claim 7
He-Roche-Roth discloses the non-transitory computer readable medium of claim 1, and He further discloses
wherein the operations (¶¶ [0068]-[0069]) further comprise… 
He-Roche-Roth doesn’t disclose
…rotating the secret associated with the identity according to a defined rotation schedule.
Mityagin, however, discloses
…rotating the secret associated with the identity (of He) according to a defined rotation schedule (¶ [0062], “Timer module 314 can allow client application 310 to periodically rotate security keys [acting as the secret] by keeping track of key rotation schedule(s) and signaling to client application 310 when active key 316 needs to be refreshed.  Timer 314 can run on a predefined time schedule.”).
Regarding the combination of He-Roche-Roth and Mityagin, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the access configuration system of He-Roche-Roth to have included the rotation schedule feature of Mityagin. One of ordinary skill in the art would have been motivated to incorporate the rotation schedule feature of Mityagin because Mityagin teaches that security is increased by a rotation schedule, i.e., the “timer module 314 may adjust the key rotation interval depending on dynamic factors such as network traffic, overall security level, presence of malicious activities (e.g., hacking attempts detected), security policy change,” see Mityagin ¶ [0062].

Regarding Claim 8
He-Roche-Roth discloses the non-transitory computer readable medium of claim 1, and He further discloses
wherein the access notification requests a particular type of access to the access-protected network resource (¶ [0012], “such an access control policy specifies, via a set of rules, the rights of the users to access different client files stored on a disk; these rules can indicate by way of illustration that the user Bob has read rights [that comprises a particular type of access] on a file Fl .h”).
Regarding Claim 9
He-Roche-Roth discloses the non-transitory computer readable medium of claim 8, and He further discloses
wherein the particular type of access is at least one of read, modify, or delete (¶ [0012], “such an access control policy specifies, via a set of rules, the rights of the users to access different client files stored on a disk; these rules can indicate by way of illustration that the user Bob has read rights [that comprises a particular type of access] on a file Fl .h and that the user Alice has write [modify] rights,” noting that only one of the three limitations need only be met with recitation of at least one of).
Regarding Claim 10
He-Roche-Roth discloses the non-transitory computer readable medium of claim 1, and Roche further discloses
wherein the operations further comprise logging the determination of whether the identity should be permitted to access the access-protected network resource or denied to access the access-protected network resource (Col. 17:29-61, “In one embodiment, if the user has not been authenticated or previous authentication expired, its hash would not be or would be removed from the hash table,” i.e., the “previous authentication” involves a “logging” within the “hash table” as to whether access using the “access token” should be permitted or denied).
Regarding Claim 11
He-Roche-Roth discloses the non-transitory computer readable medium of claim 8, and Roche further discloses
wherein the configurable and multi-dimensional policy is unique to the identity (Col. 9:62-10:16, “Throughout the description, references are made to IDs for users, tenants, roles, resources, identity sources/providers, tokens, domains, and privileges. It shall be understood that these IDs may be Universally Unique IDs (UUIDs)”).
Regarding Independent Claim 12
With respect to claim 12, a corresponding reasoning as given earlier for claim 1 applies, mutatis mutandis, to the subject matter of claim 12. Therefore, claim 12 is rejected, for similar reasons, under the grounds set forth for claim 1. 
Regarding Claim 13
With respect to claim 13, a corresponding reasoning as given earlier for claim 2 applies, mutatis mutandis, to the subject matter of claim 13. Therefore, claim 13 is rejected, for similar reasons, under the grounds set forth for claim 2. 
Regarding Claim 14
He-Roche-Roth discloses the computer-implemented method of claim 12, and He further discloses
further comprising maintaining a plurality of configurable and multi-dimensional policies for a plurality of different identities (¶¶ [0087]-[0092], i.e., the “users” comprises a plurality of identifies; and ¶¶ [0132], [0154], i.e., the “users” within the RBAC- and MLS-based models).
Regarding Claim 15
He-Roche-Roth discloses the computer-implemented method of claim 14, and He further discloses
wherein the plurality of configurable and multi-dimensional policies (¶¶ [0129]-[0168]) are categorized into a plurality of groups (¶ [0130], i.e., the CLn represents clients having groups of users, and each CLn has an associated RBAC- or MLS-based model).
Regarding Claim 16
He-Roche-Roth discloses the computer-implemented method of claim 14, and He further discloses
wherein upon an instantiation of the plurality of different identities (¶¶ [0087]-[0092], [0132], [0154], i.e., the “users”), the plurality of configurable and multi-dimensional policies (¶¶ [0129]-[0168]) are assigned to the plurality of different identities (¶ [0130], i.e., each CLn has an associated RBAC- or MLS-based model, and because each CLn has a plurality of users, the policies are assigned to the plurality of different identities that are the “users”).
Regarding Claim 17
He-Roche-Roth discloses the computer-implemented method of claim 14, and Roche further discloses
wherein upon an instantiation of the plurality of different identities (¶¶ [0087]-[0092], [0132], [0154]), …
Roche further discloses
… each of the plurality of different identities is assigned a respective token (Col. 10:62-11:6, “An AUTH token is then generated having information indicating the tenants, roles for each tenant, and privileges of each role for the user;” Col. 9:62-10:16, i.e., the “tokens” may be “Universally Unique IDs” to create a respective token for each “user” acting as an identity).
Regarding the combination of He and Roche, the rationale to combine is the same as provided for claim 1 due to the overlapping subject matter of claims 1 and 17.
Regarding Claim 18
He-Roche-Roth discloses the computer-implemented method of claim 17, and Roche further discloses
wherein the automatically determining is based on whether the respective tokens are valid (Col. 13:20-32, “According to one embodiment, AUTH server 180 is configured to authorize the authorization request by determining whether the access token is validated (i.e., the access token is not revoked and expired)”).
Regarding Claims 19, 20, and 22
With respect to claims 19, 20, and 22, a corresponding reasoning as given earlier for claims 4, 5, and 8 applies, mutatis mutandis, to the subject matter of claims 19, 20, and 22. Therefore, claims 19, 20, and 22 are rejected, for similar reasons, under the grounds set forth for claims 4, 5, and 8.
B.	Claims 7 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over He in view of Roche and Roth, and further in view of Mityagin (US 2016/0105283, “Mityagin”).
Regarding Claim 7
He-Roche-Roth discloses the non-transitory computer readable medium of claim 1, and He further discloses
wherein the operations (¶¶ [0068]-[0069]) further comprise… 
He-Roche-Roth doesn’t disclose
…rotating the secret associated with the identity according to a defined rotation schedule.
Mityagin, however, discloses
…rotating the secret associated with the identity (of He) according to a defined rotation schedule (¶ [0062], “Timer module 314 can allow client application 310 to periodically rotate security keys [acting as the secret] by keeping track of key rotation schedule(s) and signaling to client application 310 when active key 316 needs to be refreshed.  Timer 314 can run on a predefined time schedule.”).
Regarding the combination of He-Roche-Roth and Mityagin, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the access configuration system of He-Roche-Roth to have included the rotation schedule feature of Mityagin. One of ordinary skill in the art would have been motivated to incorporate the rotation schedule feature of Mityagin because Mityagin teaches that security is increased by a rotation schedule, i.e., the “timer module 314 may adjust the key rotation interval depending on dynamic factors such as network traffic, overall security level, presence of malicious activities (e.g., hacking attempts detected), security policy change,” see Mityagin ¶ [0062].
Regarding Claim 21
With respect to claim 21, a corresponding reasoning as given earlier for claim 7 applies, mutatis mutandis, to the subject matter of claim 21. Therefore, claim 21 is rejected, for similar reasons, under the grounds set forth for claim 7.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/D'Arcy Winston Straub/Examiner, Art Unit 2491