Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 2-3, 8-14, and 16-17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claims 2 and 16 recite the limitation "the credential changes.”  Claim 8 recites “arrange the credential changes.”  The claims also recited “a credential change” or “any credential change” but do not recite “changes.”  Therefore, there is insufficient antecedent basis for this limitation in the claim.


Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1 and 15 are rejected under 35 U.S.C. 102(a)(1)/102(a)(2) as being anticipated by Regni et al. (US 2015/0254272).

Regarding Claims 1 and 15, Regni discloses a system for determining access permissions to an object by a user based on membership of the user in at least one group comprising:
at least one storage configured to store instructions (Fig. 14, Regni);
at least one processor configured to execute the instructions and cause the processor to (Fig. 14, Regni):

query a credential index for a credential change affecting the user or a group to which the user is assigned ([0008], and [0087], “changes,” Regni); 
identify a root object ID and descendants of the root object ID associated with the credential change ([0013]-[0015], Regni); and 
evaluate permissions statements for the root object ID and the descendants of the root object ID ([0130], quota policy, Regni).


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 2-3, 8-10, and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Regni et al. (US 2015/0254272) in view of Ollikainen et al. (US 2014/0059067).
Regarding Claims 2 and 16, Regni discloses a system, wherein the processor is configured to execute further instructions and cause the processor to: 
arrange the credential changes in a list prior to identifying the root object ID and the descendants of the root object ID ([0008] and Fig. 1E, 120, 121, Regni).  However, Regni does not expressly disclose arranging in time order.  Ollikainen discloses: arranging the credential changes in time order in a list prior to identifying the root object ID and the descendants of the root object ID ([0051], Ollikainen).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the system of Regni by incorporating the arranging the credential changes in time order in a list prior to identifying the root object ID and the descendants of the root object ID, as disclosed by Ollikainen, in order to free up storage space by only keeping most recent data. See: KSR International Co. v. Teleflex Inc., 82 USPQ 1385, 1396 (US 2007); MPEP § 2143.

Regarding Claims 3 and 17, Regni/Ollikainen discloses a system, wherein the processor is configured to execute further instructions and cause the processor to: evaluate the credential changes in the order they appear in the time order they occur in the list ([0008] and Fig. 1E, 120, 121, Regni; and [0051], Ollikainen).

Regarding Claims 8, Regni discloses a non-transitory computer readable medium comprising instructions, the instructions, when executed by a computing system, cause the computing system to: query a credential index for any credential change affecting a user or a group to which the user is assigned ([0008], and [0087], “changes,” Regni); and evaluate permissions statements ([0130], quota policy, Regni).  However, Regni does not expressly disclose arrange in time order and evaluate permissions statements for in order.  Ollikainen discloses: arrange the credential changes in time order in a list ID ([0051], Ollikainen); and evaluate permissions statements for in the order they appear in the list ([0051], Ollikainen).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the system of Regni by incorporating the arrange the credential changes in time order in a list ID; and evaluate permissions statements for in the order they appear in the list, as disclosed by Ollikainen, in order to free up storage space by only using and keeping most recent data. See: KSR International Co. v. Teleflex Inc., 82 USPQ 1385, 1396 (US 2007); MPEP § 2143.

Regarding Claim 9, Regni/Ollikainen discloses a computer readable medium of claim 8, wherein the computer readable medium further comprises instructions that, when executed by the computing system, cause the computing system to:
identify a root object ID and descendants of the root object ID associated with the credential change ([0013]-[0015], Regni).

Regarding Claim 10, Regni/Ollikainen discloses a computer readable medium of claim 8, wherein the computer readable medium further comprises instructions that, when executed by the computing system, cause the computing system to:
evaluate the credential changes in the order they appear in the time order they occur in the list ([0008] and Fig. 1E, 120, 121, Regni; and [0051], Ollikainen).

Claims 4-7 and 18-21 are rejected under 35 U.S.C. 103 as being unpatentable over Regni et al. (US 2015/0254272) in view of Lilko et al. (US 2017/0199989).
Regarding Claims 4 and 18, Regni discloses all the limitations as discussed above including evaluating permission statement ([0130], quota policy, Regni).  However, Regni does not expressly disclose: order the permission statements, and iterate the permission statements.  Lilko discloses: order the permission statements into an ordered list according to inheritance properties of respective permission statements ([0101], Lilko); and iterate through the ordered list of permission statements, in order, until one of the permission statements grants or denies access to the object ([0101], “Even though their inheritance chain allows Reads to happen before Denys because they just follow the inheritance chain in order,” Lilko).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the system of Regni by incorporating order the permission statements into an ordered list according to inheritance properties of respective permission statements; and iterate through the ordered list of permission statements, in order, until one of the permission statements grants or denies access to the object, as disclosed by Lilko, in order to efficiently and quickly find the appropriate statement. See: KSR International Co. v. Teleflex Inc., 82 USPQ 1385, 1396 (US 2007); MPEP § 2143.
Regarding Claims 5 and 19, Regni/Lilko discloses a system, wherein the processor is configured to execute the instructions and cause the processor to: 
determine that a respective permission statement for an object ID in the obtained permission statements has an inheritance property of “deny inherit” ([0096], [0097], and [0100], Lilko); and 
discard all permission statements pertaining to an ancestor of the object ID having the inheritance property of “deny inherit” ([0096], [0097], and [0100], Lilko).

Regarding Claims 6 and 20, Regni/Lilko discloses a system, wherein the processor is configured to execute the instructions and cause the processor to: 
determine that a respective permission statement for an object ID has an inheritance property of “last” ([0097]-[0101], Lilko); 
determine that a respective permission statement for an object ID in the obtained permission statements has an inheritance property of “first” ([0097]-[0101], Lilko); and 
arrange the permission statements having an inheritance property of “first” above the permission statements having an inheritance property of “last” in the ordered list of permission statements ([0097]-[0101], Lilko).

Regarding Claims 7 and 21, Regni discloses a system, wherein the permission statement for an object defines at least a user to which the permission statement applies, whether a permission is granted or denied to the user, an action permitted to be performed by the user ([0052], Regni).  However, Regni does no expressly disclose an inheritance property for the permission statement.  Lilko discloses an inheritance property for the permission statement ([0096], Lilko).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the system of Regni by incorporating an inheritance property for the permission statement, as disclosed by Lilko, in order to efficiently and quickly find similar or related statements. See: KSR International Co. v. Teleflex Inc., 82 USPQ 1385, 1396 (US 2007); MPEP § 2143.

Claims 11-14 are rejected under 35 U.S.C. 103 as being unpatentable over Regni et al. (US 2015/0254272), in view of Ollikainen et al. (US 2014/0059067), and further in view of Lilko et al. (US 2017/0199989).
Regarding Claim 11, Regni/Ollikainen discloses a computer readable medium of claim 9, wherein the computer readable medium further comprises instructions including permission statements ([0130], quota policy, Regni).  However, Regni/Ollikainen does not expressly disclose: ordering the permission statements, and iterating the permission statements.  Lilko discloses: ordering the permission statements into an ordered list according to inheritance properties of respective permission statements ([0101], Lilko); and iterating through the ordered list of permission statements, in order, until one of the permission statements grants or denies access to the object ([0101], “Even though their inheritance chain allows Reads to happen before Denys because they just follow the inheritance chain in order,” Lilko).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the system of Regni/Ollikainen by incorporating ordering the permission statements into an ordered list according to inheritance properties of respective permission statements; and iterating through the ordered list of permission statements, in order, until one of the permission statements grants or denies access to the object, as disclosed by Lilko, in order to efficiently and quickly find the appropriate statement. See: KSR International Co. v. Teleflex Inc., 82 USPQ 1385, 1396 (US 2007); MPEP § 2143.

Regarding Claim 12, Regni/Ollikainen/Lilko discloses a computer readable medium of claim 11, wherein the computer readable medium further comprises instructions that, when executed by the computing system, cause the computing system to:
determining that a respective permission statement for an object ID in the obtained permission statements has an inheritance property of “deny inherit” ([0096], [0097], and [0100], Lilko); and 
discarding all permission statements pertaining to an ancestor of the object ID having the inheritance property of “deny inherit” ([0096], [0097], and [0100], Lilko).

Regarding Claim 13, Regni/Ollikainen/Lilko discloses a  computer readable medium of claim 11, wherein the computer readable medium further comprises instructions that, when executed by the computing system, cause the computing system to:
determine that a respective permission statement for an object ID has an inheritance property of “last” ([0097]-[0101], Lilko);
determine that a respective permission statement for an object ID in the obtained permission statements has an inheritance property of “first” ([0097]-[0101], Lilko); and
arrange the permission statements having an inheritance property of “first” above the permission statements having an inheritance property of “last” in the ordered list of permission statements ([0097]-[0101], Lilko).

Regarding Claim 14, Regni/Ollikainen discloses a computer readable medium of claim 8, the permission statement for an object defines at least a user to which the permission statement applies, whether a permission is granted or denied to the user, an action permitted to be performed by the user ([0052], Regni).  However, Regni/Ollikainen does no expressly disclose an inheritance property for the permission statement.  Lilko discloses an inheritance property for the permission statement ([0096], Lilko).  It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the system of Regni/Ollikainen by incorporating an inheritance property for the permission statement, as disclosed by Lilko, in order to efficiently and quickly find similar or related statements. See: KSR International Co. v. Teleflex Inc., 82 USPQ 1385, 1396 (US 2007); MPEP § 2143.



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to GIOVANNA B COLAN whose telephone number is (571)272-2752.  The examiner can normally be reached on Mon - Fri 8:30-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Aleksandr Kerzhner can be reached on (571) 270-1760.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GIOVANNA B COLAN/Primary Examiner, Art Unit 2165
October 25, 2022