DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
This Action is Non-Final.
Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 120 as follows:
The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA 35 U.S.C. 112, except for the best mode requirement. See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994).
The disclosure of the prior-filed application, Application No. 16/855,724, fails to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph for one or more claims of this application. The ‘724 Application generally discusses vulnerabilities and cyber-physical graphs but fails to disclose the details presented in each independent claim with respect to privilege levels and privilege escalation. As such, the earliest effective filing date is the filing date of the present application: 31 December 2021.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 31 December 2021 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-3, 5-7, 9, 11-13, 15-17, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Govindavajhala et al. (US 20090271863) in view of Morgan (US 20220191230).
As per claims 1 and 11, Govindavajhala et al. teaches a method and system for determining privilege escalation attack pathways, comprising: a computing device comprising a memory and a processor; a cyber-physical graph engine comprising a first plurality of programming instructions stored in the memory of, and operating on the processor of, the computing device, wherein the first plurality of programming instructions, when operating on the processor (see paragraph [0421]), cause the computing device to: search one or more databases to identify information about one or more vulnerabilities of each software application residing on the computing device (see paragraphs [0027] and [0378] where vulnerabilities are determined which can be found, i.e. searched for, in vulnerability databases);
wherein the information comprises the level of privilege needed to execute the one or more vulnerabilities, and new vulnerabilities and privilege levels made possible by the successful execution of the one or more vulnerabilities (see paragraphs [0047]-[0050] where privileges of starting points and escalated privileges are determined); and
construct a cyber-physical graph of privilege escalation attack pathways, the cyber-physical graph comprising nodes representing each software application and its vulnerability information, and edges representing the relationships between the nodes (see paragraphs [0047]-[0050] and Fig. 7 where the graph is displayed).
While Govindavajhala et al. generally discloses the detection of privilege escalation attack pathways, there lacks an explicit teaching of a scoring engine comprising a second plurality of programming instructions stored in the memory of, and operating on the processor of, the computing device, wherein the second plurality of programming instructions, when operating on the processor, cause the computing device to: run one or more graph-processing algorithms on the cyber-physical graph to identify one or more privilege escalation attack pathways and a probability of occurrence for each path; and generate a cybersecurity score for each privilege escalation attack pathway based on the probability of occurrence for each path.
However, Morgan teaches to search one or more databases to identify information about one or more vulnerabilities of each software application residing on the computing device (see paragraphs [0020]-[0021] and [0035]); construct a cyber-physical graph of privilege escalation attack pathways, the cyber-physical graph comprising nodes representing each software application and its vulnerability information, and edges representing the relationships between the nodes (see paragraphs [0064]-[0070]) and a scoring engine comprising a second plurality of programming instructions stored in the memory of, and operating on the processor of, the computing device, wherein the second plurality of programming instructions, when operating on the processor, cause the computing device to: run one or more graph-processing algorithms on the cyber-physical graph to identify one or more privilege escalation attack pathways and a probability of occurrence for each path; and generate a cybersecurity score for each privilege escalation attack pathway based on the probability of occurrence for each path (see paragraphs [0079]-[0093]).
At a time before the effective filing date, it would have been obvious to one of ordinary skill in the art to include the graph processing of Morgan in the Govindavajhala et al. system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to prioritize vulnerabilities with higher risks.
As per claims 2 and 12, the modified Govindavajhala et al. and Morgan system discloses privilege levels are access levels of a network (see Morgan paragraph [0081]).
As per claims 3 and 13, the modified Govindavajhala et al. and Morgan system discloses privilege levels are access levels of an operating system (see Govindavajhala et al. paragraphs [0088]-[0096]).
As per claims 5 and 15, the modified Govindavajhala et al. and Morgan system discloses privilege levels are access levels in a domain (see Govindavajhala et al. paragraph [0150]).
As per claims 6 and 16, the modified Govindavajhala et al. and Morgan system discloses the edges are weighted, directional, length contracted, or some combination thereof to represent aspects of the vulnerability information (see Morgan paragraphs [0079]-[0081] and [0086]-[0087]).
As per claims 7 and 17, the modified Govindavajhala et al. and Morgan system fails to explicitly disclose the cybersecurity score accounts for financial risk associated with each privilege escalation attack pathway. However, Official Notice is taken that at a time before the effective filing date of the invention, it would have been obvious to include financial risk in the modified Govindavajhala et al. and Morgan system to prioritize vulnerabilities that will cause the most financial damager thereby saving money.
As per claims 9 and 19, the modified Govindavajhala et al. and Morgan system discloses the cybersecurity score accounts for cybersecurity scores of other network-connected computing devices (see Morgan paragraphs [0064]-[0070] where the attacking entity can find multiple paths through the network to reach the asset).
Claims 4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Govindavajhala et al. and Morgan system as applied to claims 1 and 11 above, and further in view of Bybell et al. (US 20120151185).
As per claims 4 and 14, the modified Govindavajhala et al. and Morgan system fails to explicitly disclose privilege levels are access levels of a processor architecture.
However, Bybell et al. teaches the use of privilege levels for a processor architecture (see paragraphs [0043]-[0044]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include access levels of a processor architecture in the modified Govindavajhala et al. and Morgan system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to add an additional vulnerability check thereby making the system more robust.
Claims 8 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Govindavajhala et al. and Morgan system as applied to claims 1 and 11 above, and further in view of Siva Kumar et al. (US 20160088000).
As per claims 8 and 18, the modified Govindavajhala et al. and Morgan system discloses the use of configurations as part of the score, but fails to explicitly disclose the cybersecurity score accounts for directory services configurations.
However, Siva Kumar et al. teaches the use of directory service accounts as part of privilege escalation detection (see paragraph [0077]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to include service directory configurations in score of the modified Govindavajhala et al. and Morgan system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to ensure the directory services are properly protected against attacks thereby improving the security of the system.
Claims 10 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over the modified Govindavajhala et al. and Morgan system as applied to claims 1 and 11 above, and further in view of Colyandro, JR. (US 20220263850).
As per claims 10 and 20, the modified Govindavajhala et al. and Morgan system discloses the a network-side cyber-physical graph, but fails to explicitly disclose a network-wide cyber-physical graph is created from a plurality of individual computing device cyber-physical graphs.
However, Colyandro, JR. teaches a network-wide cyber-physical graph is created from a plurality of individual computing device cyber-physical graphs (see paragraphs [0020]-[0021]).
At a time before the effective filing date of the invention, it would have been obvious to one of ordinary skill in the art to create a network-wide graph based on individual graphs in the modified Govindavajhala et al. and Morgan system.
Motivation, as recognized by one of ordinary skill in the art, to do so would have been to include as much detail as possible for the graphs thereby increasing the detection of attack pathways.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-8 of U.S. Patent No. 11,218,510. Although the claims at issue are not identical, they are not patentably distinct from each other because the ‘510 claims contain each limitation of the pending claims with the exception of the privilege escalation aspects. However, as put forth above, these limitations are obvious in view of Govindavajhala et al., Morgan, Bybell et al., Kumar et al., and/or Colyandro, JR. and as such the ‘510 claims are obvious variants of the currently pending claims. Where it would have been obvious to one of ordinary skill in the art to include the details of Govindavajhala et al., Morgan, Bybell et al., Kumar et al., and/or Colyandro, JR. in order for the system to detect specific privilege escalation attacks which thereby enhances the protection of the ‘510 claims.
Claims 1-20 provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-8 of copending Application No. 17/539,127 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other because the ‘127 claims contain each limitation of the pending claims with the exception of the privilege escalation aspects. However, as put forth above, these limitations are obvious in view of Govindavajhala et al., Morgan, Bybell et al., Kumar et al., and/or Colyandro, JR. and as such the ‘127 claims are obvious variants of the currently pending claims. Where it would have been obvious to one of ordinary skill in the art to include the details of Govindavajhala et al., Morgan, Bybell et al., Kumar et al., and/or Colyandro, JR. in order for the system to detect specific privilege escalation attacks which thereby enhances the protection of the ‘127 claims.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: the remaining references put forth on the PTO-892 form are directed towards privilege escalation attacks.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL J PYZOCHA whose telephone number is (571)272-3875. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hadi Armouche can be reached at (571) 270-3618. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Michael Pyzocha/ Primary Examiner, Art Unit 2409