Prosecution Insights
Last updated: July 17, 2026
Application No. 17/979,965

SECURITY MANAGEMENT METHOD AND SYSTEM FOR BLENDED ENVIRONMENT

Final Rejection §103
Filed
Nov 03, 2022
Priority
Nov 03, 2021 — RE 10-2021-0150046
Examiner
OSMAN, RAMY M
Art Unit
2457
Tech Center
2400 — Computer Networks
Assignee
Ajou University Industry-Academic Cooperation Foundation
OA Round
4 (Final)
79%
Grant Probability
Favorable
5-6
OA Rounds
0m
Est. Remaining
70%
With Interview

Examiner Intelligence

Grants 79% — above average
79%
Career Allowance Rate
588 granted / 744 resolved
+21.0% vs TC avg
Minimal -9% lift
Without
With
+-9.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 3m
Avg Prosecution
31 currently pending
Career history
781
Total Applications
across all art units

Statute-Specific Performance

§101
2.3%
-37.7% vs TC avg
§103
64.1%
+24.1% vs TC avg
§102
26.0%
-14.0% vs TC avg
§112
2.7%
-37.3% vs TC avg
Black line = Tech Center average estimate • Based on career data from 744 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION This action is responsive to amendment application filed April 27, 2026. Status of Claims Applicant amended the claims. Claims 1-3,5-10,12-14 remain pending. Response to Arguments Applicant’s arguments/amendments, filed 4/27/26, have been fully considered and are persuasive. Therefore, the previous rejection has been withdrawn. However, upon further consideration, a new grounds of rejection is made based on Perilli in view of Long in view of Narula. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-3,6-10,13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Perilli et al (US Publication 20190312890) in view of Long et al (US Publication 20190005237) in view of Narula et al (US Patent 11563755). In reference to claim 1, Perilli teaches a security management method of an environment in which a plurality of environments are connected to each other through a network, the security management method comprising: detecting a security anomaly occurring through an attack surface existing in a device included in each of the plurality of environments or in a network connection section between the plurality of environments; (see at least ¶ 18, which teaches detecting a cyber attack in a network environment) collecting attack data related to the detected security anomaly and analyzing an attack type based on the collected attack data; (see at least ¶s 23-24, which teaches collecting attack characteristics and analyzing the type of attack) dynamically combining response techniques based on the analyzed attack type; (see at least ¶ 33, which teaches determining a combination of response strategies based on the attack characteristics) and wherein the dynamically combining of the response techniques based on the analyzed attack type comprises: analyzing an attack type of each of a plurality of security threats included in the security anomaly from the collected attack data, and combining the response techniques (see at least ¶ 33, which teaches analyzing the attack based on the collected attack characteristics, and further teaches combining response strategies according to the stage of the attack to perform a comparative analysis between the techniques). performing an automatic response to the security anomaly based on the combined response techniques (see at least ¶ 34, which teaches using the response strategies against the cyber attack). Perilli fails to explicitly teach Internet of blended environment (loBE). However, Long teaches identifying and protecting against cyber attacks, and discloses different types of environments with IoT networks and smart networks. (see Long, at least Background and ¶ 28). It would have been obvious for one of ordinary skill in the art before the effective filing date of the invention to modify Perilli based on the teachings of Long for the purpose of improving defense against malicious and harmful attacks on networks. Perilli fails to explicitly teach wherein the dynamically combining of the response techniques comprises: combining the response techniques using a response model that dynamically combines the response techniques to correspond to linkage of the plurality of security threats, wherein the dynamically combining of the response techniques using the response model comprises: modeling a workflow of the response techniques by connecting inputs and outputs between the response techniques; and generating a dynamic playbook corresponding to the modeled workflow. However, Narula teaches dynamically generating incident specific remediation strategies for responding to network security incident (see Narula, at least Abstract & Background). Narula discloses analyzing attack types and feeding attack data into a machine model (see Narula, at least column 7 lines 1-35 column 8 lines 32-55). Narula also discloses combining response techniques based on a model and worlfow and generating a dynamic playbook based on the modeled workflow (see Narula, at least column 11 lines 16-56 & column 12 lines 36-67). Narula further discloses a playbook generating engine which combines action/response sequences and updates the playbooks based on previous responses (see Narula, at least column 9 lines 20-50). It would have been obvious for one of ordinary skill in the art before the effective filing date of the invention to modify Perilli based on the teachings of Narula for the purpose of improving remediation strategies when responding to network security incidents. In reference to claim 2, this is taught by Perilli, at least ¶s 19-20, which teaches detecting the cyber attack through a device in the network environment, and through log data associated with the attack. In reference to claim 3, this is taught by Perilli, at least ¶s 20,26, which teaches comparing the attack type with prior attacks, and correlating the attack to previously related attack information. In reference to claim 6, this is taught by Perilli, at least ¶ 32,34, which teaches updating the engine configuration according to the attack type and response. In reference to claim 7, this is taught by Long, at least ¶ 28, which teaches at least smart grid and medical networks. One of ordinary skill in the art would be motivated to modify Perilli based on the teachings of Long in accordance to the rationale given for claim 1. Claims 8-10,13-14 are slight variations of claims 1-3,6-7 above, and are therefore rejected based upon the same rationale. Claims 5,12 are rejected under 35 U.S.C. 103 as being unpatentable over Perilli et al (US Publication 20190312890) in view of Long et al (US Publication 20190005237) in view of Narula et al (US Patent 11563755) in further view of Atencio et al (US Publication 20200135049). In reference to claim 5, this is taught by Perilli, at least ¶ 33, which teaches using the cyber security engine and combining response strategies that correlate to other cyber attacks. Perilli fails to explicitly teach combining the responses “…based on a cyber kill chain stage of each…”. However, “Official Notice” is taken that cyber kill chain is a term of the art which is old and well known in the field of cyber security, where each stage of a cyber kill chain is used for responding to a cyber attack. Furthermore, Atencio teaches evaluating security threat responses based on a comparison with Cyber Kill Chain concepts (see Atencio, at least ¶s 89,90,96). It would have been obvious for one of ordinary skill in the art before the effective filing date of the invention to modify Perilli to include cyber kill chain analysis for the purpose of better understanding the scope of the attack and responding accordingly. Claim 12 is slight variations of claim 5 above, and is therefore rejected based upon the same rationale. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. For any subsequent response that contains new/amended claims, Applicant is required to cite its corresponding support in the specification. (See MPEP chapter 2163.03 section (I.) and chapter 2163.04 section (I.) and chapter 2163.06) Applicant may not introduce any new matter to the claims or to the specification. In formulating a response/amendment, Applicant is encouraged to take into consideration the prior art made of record but not relied upon, as it is considered pertinent to applicant's disclosure. See attached Form 892. Contact & Status Any inquiry concerning this communication or earlier communications from the examiner should be directed to RAMY M OSMAN whose telephone number is (571)272-4008. The examiner can normally be reached Mon-Fri, 9AM-5PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ario Etienne can be reached at 571-272-4001. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Ramy M Osman/ Primary Examiner, Art Unit 2457 June 24, 2026
Read full office action

Prosecution Timeline

Show 1 earlier event
Feb 13, 2025
Non-Final Rejection mailed — §103
May 13, 2025
Response Filed
Jun 18, 2025
Final Rejection mailed — §103
Oct 17, 2025
Request for Continued Examination
Oct 26, 2025
Response after Non-Final Action
Jan 26, 2026
Non-Final Rejection mailed — §103
Apr 27, 2026
Response Filed
Jul 07, 2026
Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12671689
NETWORK DEVICE IDENTIFICATION
3y 11m to grant Granted Jun 30, 2026
Patent 12671738
COMMUNICATION METHOD, APPARATUS, AND SYSTEM
3y 8m to grant Granted Jun 30, 2026
Patent 12665929
Contextual Data Security
5y 8m to grant Granted Jun 23, 2026
Patent 12665739
SIMD INTERACTIVE COMPARISON USING GARBLED CIRCUITS AND INTERACTIVE BOOTSTRAPPING FOR HOMOMORPHIC ENCRYPTION
2y 11m to grant Granted Jun 23, 2026
Patent 12665804
TESTING FRAMEWORK FOR LANGUAGE MODEL-BASED COMPUTER NETWORK TROUBLESHOOTING AGENTS
2y 8m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

5-6
Expected OA Rounds
79%
Grant Probability
70%
With Interview (-9.0%)
3y 3m (~0m remaining)
Median Time to Grant
High
PTA Risk
Based on 744 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month