Remarks
Claims 1-21 are pending.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Interpretation
It is noted that the claims include conditional/optional subject matter that is not required by the claims. For example, the final 5 limitations of claim 8 may be met simply by the first of those limitations being found in a reference, since, if the repository is a trusted source, none of the subject matter regarding the repository not being a trusted source will be relevant and would not actually function within this method. Thus, the claims include subject matter that need not be part of the scope of the claims.
All non-transitory computer-readable media in the claims are interpreted as being directed solely to statutory storage media.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-7 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claims are directed to a platform, but do not need to include any physical components. While claim 1 includes a processor, a communication interface, and a memory, the application (e.g., paragraph 165) explicitly states that “the computing platforms discussed above may be implemented in one or more virtual machines”. Thus, the platform and all components therein may be entirely virtual, in a virtual machine. In order to be statutory as a machine, the claim must differentiate itself based on physical components and the components of claim 1 need not be physical. Thus, claim 1 fails to fall into a statutory category of invention. None of claims 2-7 fix this issue and they are rejected for the same reasons.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 2, 4-9, 11-16, and 18-21 are rejected under 35 U.S.C. 103 as being unpatentable over Unger (U.S. Patent 10,474,635) in view of Costea (U.S. Patent Application Publication 2006/0095971).
Regarding Claim 1,
Unger discloses a computing platform comprising:
At least one processor (Exemplary Citations: for example, Figures 1-3 and associated written description; any processor, for example);
A communication interface communicatively coupled to the at least one processor (Exemplary Citations: for example, Figures 1-3 and associated written description; any communication interface, such as a network interface, for example); and
A memory storing computer readable instructions that, when executed by the at least one processor, cause the computing platform to (Exemplary Citations: for example, Figures 1-3 and associated written description as well as all below citations; any memory, for example):
Receive a data request (Exemplary Citations: for example, Column 3, lines 44-48; Column 16, line 62 to Column 17, line 7; Column 18, lines 7-14; Column 21, line 58 to Column 22, line 3; Column 23, lines 32-67; and associated figures; as well as many additional portions discussing requests; receiving request, such as read request, for example);
Analyze, using a machine learning model executed by a pre fetch engine, the data request to identify a plurality of data sets responsive to the data request (Exemplary Citations: for example, Column 3, lines 20-30; Column 3, line 49 to Column 4, line 67; Column 16, line 17 to Column 17, line 27; Column 18, line 15 to Column 19, line 38; Column 20, lines 44-62; Column 25, line 58 to Column 26, line 67; Column 27, lines 49-63; Column 28, lines 14-28; and associated figures; using machine learning to determine pre-fetch policies, parameters, thresholds, etc., including which blocks will be pre-fetched, and the like, for example);
Generate, based on the analyzing, a pre fetch template including the identified plurality of data sets (Exemplary Citations: for example, Column 3, lines 20-30; Column 3, line 49 to Column 4, line 67; Column 16, line 17 to Column 17, line 27; Column 18, line 15 to Column 19, line 38; Column 20, lines 44-62; Column 25, line 58 to Column 26, line 67; Column 27, lines 49-63; Column 28, lines 14-28; and associated figures; pre-fetch template includes whatever data blocks are to be pre-fetched, perhaps with any additional information regarding such pre-fetching, for example);
Transmit, to a plurality of data repositories and via a mesh data transmission network, the pre-fetch template (Exemplary Citations: for example, Column 3, lines 20-30; Column 3, line 49 to Column 4, line 67; Column 6, line 34 to Column 7, line 35; Column 16, line 17 to Column 17, line 27; Column 18, line 15 to Column 19, line 38; Column 20, lines 44-62; Column 22, lines 41-50; Column 22, line 63 to Column 23, line 9; Column 25, line 58 to Column 26, line 67; Column 27, lines 49-63; Column 28, lines 14-28; Column 29, lines 14-37; and associated figures; all of these sections discuss the pre-fetching policies, which include which blocks will be read, which is performed by transmitting a request to the storage location, which, as discussed, may be distributed across various networks, including mesh networks, for example);
Receive, from a first data repository of the plurality of data repositories, the plurality of data sets (Exemplary Citations: for example, Column 3, lines 20-30; Column 3, line 49 to Column 4, line 67; Column 6, line 34 to Column 7, line 35; Column 16, line 17 to Column 17, line 27; Column 18, line 15 to Column 19, line 38; Column 20, lines 44-62; Column 22, lines 41-50; Column 22, line 63 to Column 23, line 9; Column 25, line 58 to Column 26, line 67; Column 27, lines 49-63; Column 28, lines 14-28; Column 29, lines 14-37; and associated figures; pre-fetched blocks are received from the networked/distributed locations, for example);
Process the received plurality of data sets (Exemplary Citations: for example, Column 3, lines 20-30; Column 3, line 49 to Column 4, line 67; Column 6, line 34 to Column 7, line 35; Column 16, line 17 to Column 17, line 27; Column 18, line 15 to Column 19, line 38; Column 20, lines 44-62; Column 22, lines 41-50; Column 22, line 63 to Column 23, line 9; Column 25, line 58 to Column 26, line 67; Column 27, lines 49-63; Column 28, lines 14-28; Column 29, lines 14-37; and associated figures; any processing, such as determining if the pre-fetch policy was optimal or if another simulated policy would have been better, for a later similar request, storing the data in pre-fetch storage, sending the data blocks on to the requestor upon a request for the pre-fetched data, or the like, as examples);
But does not appear to explicitly disclose analyze data associated with the first data repository to determine whether the first data repository is a trusted source, that processing the received plurality of data sets is responsive to determining that the first data repository is a trusted source, responsive to determining that the first data repository is not a trusted source: analyze the plurality of data sets to validate the plurality of data sets and detect any anomalies in the plurality of data sets, responsive to validating the plurality of data sets and not detecting any anomalies in the plurality of data sets, process the data sets, and responsive to at least one of not validating the plurality of data sets or detecting an anomaly in the plurality of data sets, quarantine the plurality of data sets.
Costea, however, discloses analyze data associated with the first data repository to determine whether the first data repository is a trusted source (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; checking whitelists, blacklists, determining if the file is signed by a trusted source, determining if the file was received from a known file originator, etc., as examples);
Responsive to determining that the first data repository is a trusted source, process the received plurality of data sets (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; admitting the file if signed by a trusted source, for example);
Responsive to determining that the first data repository is not a trusted source (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; if not signed by a trusted source, which may be explicitly indicated or indicated by trust level being below the threshold for a trusted source (e.g., a 7 is too low to have a trusted source, as shown in paragraph 43), or finding the signature on a blacklist (e.g., the source cannot be trusted if it is sending malware), or the like, as examples):
Analyze the plurality of data sets to validate the plurality of data sets and detect any anomalies in the plurality of data sets (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; any additional analyzing, for example, checking additional whitelists (e.g., in paragraph 40, a local on-device whitelist is first checked, then a local network whitelist, then a remote global whitelist), sandboxing file and executing in the sandbox, or the like, as examples);
Responsive to validating the plurality of data sets and not detecting any anomalies in the plurality of data sets, process the data sets (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; admitting the file after other analyzing, such as after the remote global whitelist has an entry for the file, or after sandboxing and determining that the file is likely not malicious, or the like, as examples); and
Responsive to at least one of not validating the plurality of data sets or detecting an anomaly in the plurality of data sets, quarantine the plurality of data sets (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; quarantining, for example). It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention, which is before any effective filing date of the claimed invention, to incorporate the malware detection techniques of Costea into the dynamic pre-fetching system of Unger in order to allow the system to detect malware and protect the system from such malware, to allow for efficient white listing of user modifiable files, to allow for even new, never before seen, malware to be detected and the system be protected against such, and/or to increase security in the system.
Regarding Claim 8,
Claim 8 is a method claim that corresponds to platform claim 1 and is rejected for the same reasons.
Regarding Claim 15,
Claim 15 is a medium claim that corresponds to platform claim 1 and is rejected for the same reasons.
Regarding Claim 2,
Unger as modified by Costea discloses the platform of claim 1, in addition, Unger discloses that a trusted source is a data repository internal to an enterprise organization and wherein an untrusted source is a data repository external to the enterprise organization (Exemplary Citations: for example, Column 16, lines 17-28; on-premises server vs. cloud computing environments, for example. It is also noted that, for many years (indeed, since the advent of the first form of organization), the situation in which entities internal to an organization are more trusted to the organization than at least some external entities and this claim appears to be only trying to cover this).
Regarding Claim 9,
Claim 9 is a method claim that corresponds to platform claim 2 and is rejected for the same reasons.
Regarding Claim 16,
Claim 16 is a medium claim that corresponds to platform claim 2 and is rejected for the same reasons.
Regarding Claim 4,
Unger as modified by Costea discloses the platform of claim 1, in addition, Costea discloses that validating the plurality of data sets includes cross linking the plurality of data sets with data sets from trusted sources (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; if file not found on local device whitelist, check local network whitelist, for example, or checking remote global whitelist, as another example, both of which are trusted, for example).
Regarding Claim 11,
Claim 11 is a method claim that corresponds to platform claim 4 and is rejected for the same reasons.
Regarding Claim 18,
Claim 18 is a medium claim that corresponds to platform claim 4 and is rejected for the same reasons.
Regarding Claim 5,
Unger as modified by Costea discloses the platform of claim 4, in addition, Unger as modified by Costea discloses that the pre-fetch engine identifies the data sets from trusted sources for cross linking (Exemplary Citations: for example, Unger: Exemplary Citations: for example, Column 3, lines 20-30; Column 3, line 49 to Column 4, line 67; Column 16, line 17 to Column 17, line 27; Column 18, line 15 to Column 19, line 38; Column 20, lines 44-62; Column 25, line 58 to Column 26, line 67; Column 27, lines 49-63; Column 28, lines 14-28; and associated figures; Unger identifies data sets to pre-fetch via the pre-fetch engine, and any cross linking that occurs is based on this identifying; Costea: Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; checking other whitelists at trusted sources storing such whitelists based on identified data, for example).
Regarding Claim 12,
Claim 12 is a method claim that corresponds to platform claim 5 and is rejected for the same reasons.
Regarding Claim 19,
Claim 19 is a medium claim that corresponds to platform claim 5 and is rejected for the same reasons.
Regarding Claim 6,
Unger as modified by Costea discloses the platform of claim 1, in addition, Unger disclose instructions that, when executed, cause the computing platform to update the machine learning model based on the received plurality of data sets (Exemplary Citations: for example, Column 3, lines 20-30; Column 3, line 49 to Column 4, line 67; Column 6, line 34 to Column 7, line 35; Column 16, line 17 to Column 17, line 27; Column 18, line 15 to Column 19, line 38; Column 20, lines 44-62; Column 22, lines 41-50; Column 22, line 63 to Column 23, line 9; Column 25, line 58 to Column 26, line 67; Column 27, line 15 to Column 28, line 28; Column 29, lines 14-37; and associated figures; feedback used to train, updating of machine learning models (e.g., figure 10 discussion in columns 27 and 28 showing training ML models based on previous pre-fetches, for example), constantly determining if another pre-fetch policy would have done better than the one that was used, and the like, as examples).
Regarding Claim 13,
Claim 13 is a method claim that corresponds to platform claim 6 and is rejected for the same reasons.
Regarding Claim 20,
Claim 20 is a medium claim that corresponds to platform claim 6 and is rejected for the same reasons.
Regarding Claim 7,
Unger as modified by Costea discloses the platform of claim 1, in addition, Unger as modified by Costea discloses that the analyzing the plurality of data sets to validate the plurality of data sets and detect any anomalies in the plurality of data sets is performed by a data controller associated with the computing platform (Exemplary Citations: for example, Unger: Figures 1-3 and associated written description, for example, Column 15, lines 29-44 show that the network computer may include microcontrollers that execute the functionality of the system, for example; Costea: Exemplary Citations: for example, Paragraphs 13, 29-35, 36, 40-43, and associated figures; the analyzing above is, itself, a method of controlling data, and, thus, the hardware/software/firmware that perform this functionality is a data controller, and/or a processor, similar to the one in Unger that could be a microcontroller, performs the functionality of the system, as examples).
Regarding Claim 14,
Claim 14 is a method claim that corresponds to platform claim 7 and is rejected for the same reasons.
Regarding Claim 21,
Claim 21 is a medium claim that corresponds to platform claim 7 and is rejected for the same reasons.
Claims 2, 9, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Unger in view of Costea and Himler (U.S. Patent 9,774,626).
Regarding Claim 2,
Unger as modified by Costea discloses the platform of claim 1, in addition, Unger discloses that a trusted source is a data repository internal to an enterprise organization and wherein an untrusted source is a data repository external to the enterprise organization (Exemplary Citations: for example, Column 16, lines 17-28; on-premises server vs. cloud computing environments, for example. It is also noted that, for many years (indeed, since the advent of the first form of organization), the situation in which entities internal to an organization are more trusted to the organization than at least some external entities and this claim appears to be only trying to cover this).
Himler also discloses that a trusted source is a data repository internal to an enterprise organization and wherein an untrusted source is a data repository external to the enterprise organization (Exemplary Citations: Abstract; Column 7, lines 19-40; Column 8, lines 1-44; Column 10, lines 13-24; trusted internal sender and unknown external sender, for example). It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention, which is before any effective filing date of the claimed invention, to incorporate the sender classification techniques of Himler into the dynamic pre-fetching system of Unger as modified by Costea in order to allow the system to take into account the type of sender based, at least in part, on internal/external status, as well as trust status, to provide for further filtering of received data to determine whether or not it may be trusted or malicious, and/or to increase security in the system.
Regarding Claim 9,
Claim 9 is a method claim that corresponds to platform claim 2 and is rejected for the same reasons.
Regarding Claim 16,
Claim 16 is a medium claim that corresponds to platform claim 2 and is rejected for the same reasons.
Claims 3, 10, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Unger in view of Costea and Singh (U.S. Patent 10,192,052).
Regarding Claim 3,
Unger as modified by Costea discloses the platform of claim 1, in addition, Costea discloses that detecting any anomalies in the plurality of data sets includes analyzing the plurality of data sets for malware (Exemplary Citations: for example, Paragraphs 29-33, 35, 36, 40-43, and associated figures; checking whitelists/blacklists, sandbox execution, etc., as examples);
But does not explicitly use the word “scanning”.
Singh, however, disclose that detecting any anomalies in the plurality of data sets includes scanning the plurality of data sets for malware (Exemplary Citations: for example, Abstract, Column 2, line 64 to Column 3, line 11; Column 3, lines 39-59; Column 6, lines 32-59; Column 7, line 37 to Column 9, line 11; Column 12, line 22 to Column 13, line 30; and associated figures; it is noted that most paragraphs in Singh discuss scanning as well. Scanning data, scanning files, scanning portions of files, etc., as examples). It would have been obvious to one of ordinary skill in the art at the time of applicant’s invention, which is before any effective filing date of the claimed invention, to incorporate the scanning techniques of Singh into the dynamic pre-fetching system of Unger as modified by Costea in order to provide for multiple tiers of scanning to detect malware, to allow for better detection of malware, and/or to increase security in the system.
Regarding Claim 10,
Claim 10 is a method claim that corresponds to platform claim 3 and is rejected for the same reasons.
Regarding Claim 17,
Claim 17 is a medium claim that corresponds to platform claim 3 and is rejected for the same reasons.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jeffrey D Popham whose telephone number is (571)272-7215. The examiner can normally be reached Monday through Friday 9:00-5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Jeffrey D. Popham/Primary Examiner, Art Unit 2432