DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
This Application, filed 12/23/2020 is a continuation of 16420049, filed 05/22/2019, now U.S. Patent #10911426 and having 1 RCE-type filing therein; 16420049 is a continuation of 15473502, filed 03/29/2017, now U.S. Patent #10348713; 15473502 Claims Priority from Provisional Application 62395991, filed 09/16/2016.

Claims 1—20 filed on 12/23/2020 are presented for examination.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1—9, 11—18 & 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over “Mihaylov” et al. [US 9736694 B2] in view of “Shahabuddin” et al. [US 10284376 B2].

Regarding Claims 1, 11 & 20. Mihaylov teaches,
A method for providing intercommunication within a system that uses disparate authentication technologies, A non-transitory computer-readable storage medium carrying program instructions thereon for providing intercommunication within a system that uses disparate authentication technologies, the instructions executable when executed by one or more processors cause the one or more processors to perform operations of a method, An apparatus for providing intercommunication within a system that uses disparate authentication technologies, the apparatus comprising: one or more processors; and logic encoded in one or more non-transitory computer-readable storage media for execution by the one or more processors and when executed operable to perform operations of a method comprising:
installing a custom client authenticator on non-server entity, wherein the custom client authenticator authorizes communication between a client application of a client and requested entities of a server and wherein a native authentication technology for the client is different than a native authentication technology for the server [see Abstract; Authenticator 112 (FIGS.1-3)- mobile App (client) sends Request for Access Authenticator 210 of Mihaylov];

Mihaylov disclose registering client App (see 240, FIG.2). Mihaylov may not explicitly disclose; but, Shahabuddin, analogues art, disclose registering the custom client authenticator in a descriptor file that is accessible by the server [see FIG.7, where Shahabuddin disclose Code Signing Module 212 Creates Authenticator including Machine Client’s IP Address, Current Timestamp, and Digital Signature 706]; 
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to modify the system of Mihaylov by incorpoting the teaching of Shahabuddin in order to help automating client machines to interact with a code signing system.

Mihaylov in view of Shahabuddin further disclose:
generating, performed at the custom client authenticator, an authorization token for the client [see Abstract; Secure Token 114 112 (FIGS.1-3)- [Processor] Request new Access Token (FIG.3) of Mihaylov];
transmitting the authorization token as part of a request message for the client application to the server [see Use Authorization Token, and Authenticator generates Request to Server with Secure Token 220 (FIGS. 1 & 2 of Mihaylov)]; validating, performed at the custom client authenticator, the authorization token on behalf of the server [see Abstract; FIGS.1-3; where Mihaylov disclose Verify Security Token Obtain Authorization, Secure Token Valid? 250. Access Token Validation steps are disclosed]; and forwarding the request message to the requested entities executing on the server based on the validating [see Abstract; Mihaylov disclose forwarding request to Back End based on validation (Server 132, Register 132 & Database 134: FIG.1); Mihaylov also disclose Return Authorization Token 280 & Authorization Grant returned (in FIGS. 2 & 3)].

Mihaylov in view of Shahabuddin further disclose claims 2 (& 12). The method as recited by Claim 1, wherein the custom client authenticator uses a token technology[see Abstract; Secure Token 114 112 (FIGS.1-3)- [Processor] Request new Access Token (FIG.3) of Mihaylov].

Mihaylov in view of Shahabuddin further disclose claims 3 (& 13). The method as recited by Claim 1, wherein the method further comprises: providing, in the system, a plurality of custom client authenticators for a plurality of clients; and providing, in the system, a one-to-one association between the custom client authenticators and the clients [plurality Authenticators can be implemented in the Client/User side (see FIG.1 of Mihaylov); Xx further disclose pair toke (FIG.3)].

Mihaylov in view of Shahabuddin further disclose claims 4 (& 14). The method as recited by Claim 1, wherein the system includes a second client that has the native authorization technology of the server and wherein the method further comprises: using the native authorization technology of the server for communication between a second client application on the second client that has the native authorization technology of the server [Authenticators implemented in the Client/User side and Back End Server (see FIG.1 of Mihaylov)].

Mihaylov in view of Shahabuddin further disclose claims 5 (& 15). The method as recited by Claim 1, wherein the method further comprises: installing different custom client authenticators for two clients that use different types of token technology [plurality Authenticators can be implemented in the Client/User side (see FIG.1 of Mihaylov); Mihaylov further disclose pair token (FIG.3)].

Mihaylov in view of Shahabuddin further disclose claims 6 (& 16). The method as recited by Claim 1, wherein the non-server entity is selected from the client and a shared library [plurality Authenticators can be implemented in the Client/User side (see FIG.1 of Mihaylov); Mihaylov further disclose pair token (FIG.3)].

Mihaylov in view of Shahabuddin further disclose claims 7-8 (& 17). The method as recited by Claim 1, wherein the registering further comprises: registering the custom client authenticator in the descriptor file via an authentication class, wherein the registering further comprises: using an authenticator name parameter and an authenticator handler parameter to register the custom client authenticator [see 240, FIG.2 of Mihaylov with FIG.7 of Shahabuddin].
The motivation to combine is the same as that of claim 1 above.

Mihaylov in view of Shahabuddin further disclose claims 9 (& 18). The method as recited by Claim 1, wherein the method further comprises: generating a second token with a user name and credentials; comparing the authorization token with the second token; and determining whether the custom client authenticator is registered based on the comparing [see FIGS.2-3; where Mihaylov disclose verifying if token match requested scope 260 & Authenticator requesting new Access/Refresh Token].

Double Patenting
The non-statutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A non-statutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1—20 are rejected on the ground of non-statutory double patenting as being unpatentable over claims 1—18 & 1—20 of U.S. Patent No. 10348713 B2 & 10911426 B2, respectively. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims in the instant application are broader versions of the patent.

Please see Claim-Comparison Table,

Instant Application
US 10348713 B2US 
US 10911426 B2
1. A method for providing intercommunication within a system that uses disparate authentication technologies, the method comprising:
installing a custom client authenticator on non-server entity, wherein the custom client authenticator authorizes communication between a client application of a client and requested entities of a server and wherein a native authentication technology for the client is different than a native authentication technology for the server;
registering the custom client authenticator in a descriptor file that is accessible by the server;
generating, performed at the custom client authenticator, an authorization token for the client;
transmitting the authorization token as part of a request message for the client application to the server;
validating, performed at the custom client authenticator, the authorization token on behalf of the server; and
forwarding the request message to the requested entities executing on the server based on the validating.
1. A method for facilitating authenticating a client application for communications with another application running on a server, the method comprising:
using the server to access a shared library to register a description of an authenticator for the client application in a descriptor file maintained by the server, yielding a registered authenticator in response thereto, wherein the authenticator includes token-generating code that can be executed to produce a secure token, and wherein the secure token includes information identifying the client application, wherein the authenticator further includes interface code for interfacing the client application with the shared library and for generating one or more tokens, wherein the server is an application server that includes authenticator interfacing code for facilitating handling one or more tokens received from the client application;
receiving a request message in combination with a token from the client application at the server, wherein the token has been generated by the authenticator, and wherein the request message is addressed to a server-side application that requires authentication of the client application before enabling communications therewith; determining that the token is associated with the registered authenticator;
confirming that the client application that is associated with the registered authenticator has sent the token; setting an identity of the client application at the server based on confirming; and processing the request message by the server-side application running on the server.
1. A method for facilitating authenticating a client application for communications with another application running on a server, the method comprising:
receiving, from a client device, a secure client token, wherein the secure client token includes information identifying the client application residing on the client device and wherein the secure client token was generated by a custom client authentication located on the client device; registering the custom client authenticator with the server, wherein the server is an application server that includes authenticator interfacing code for facilitating handling one or more tokens received from the client application;
using the custom client authenticator to validate that the secure token has been generated at the client application, wherein the using of the custom client authenticator further comprises receiving at the client device a call back from a server-side authenticator interface including a request for generation of a confirming token, generating the confirming token at the client device in response to the request for generation of the confirming token, transmitting the confirming token from the client device to the server, determining that the secure token matches the confirming token; and 
setting an identity of the client application at the server based on confirming.


Allowable Subject Matter
Claims 10 & 19 are objected to as being dependent upon a rejected base claim, but would be allowable if, 
[1] rewritten in independent form including all of the limitations of the base claim and any intervening claims; and [2] the non-statutory obviousness double patenting rejection is overcome by terminal disclosure is filed.

The following is a statement of reasons for the indication of allowable subject matter:  Mihaylov in view of Shahabuddin fail to further disclose wherein the method further comprises: executing the custom client authenticator on the non-server entity; generating a confirming token that confirms the client application sent the request message with the authorization token; validating the authorization token by comparing the authorization token with the comparing token; based on the validating, setting identity of the client application; and selectively forwarding request messages from the client application to the requested entities on the server that require validation of the authorization token.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. (See PTO—892: US 2016/01424209 A1 directed to optimized token-based proxy authentication.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMARE F TABOR whose telephone number is (571) 270-3155. The examiner can normally be reached Mon.—Fri.: 8:00 AM to 5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMBIZ ZAND can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AMARE F TABOR/             Primary Examiner, Art Unit 2434