Prosecution Insights
Last updated: July 17, 2026
Application No. 18/175,773

INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND PROGRAM

Final Rejection §101§103
Filed
Feb 28, 2023
Priority
Apr 08, 2022 — JP 2022-064481
Examiner
MAYE, AYUB A
Art Unit
2436
Tech Center
2400 — Computer Networks
Assignee
Kabushiki Kaisha Toshiba
OA Round
2 (Final)
58%
Grant Probability
Moderate
3-4
OA Rounds
1y 1m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 58% of resolved cases
58%
Career Allowance Rate
380 granted / 657 resolved
At TC average
Strong +42% interview lift
Without
With
+42.0%
Interview Lift
resolved cases with interview
Typical timeline
4y 6m
Avg Prosecution
28 currently pending
Career history
691
Total Applications
across all art units

Statute-Specific Performance

§101
0.3%
-39.7% vs TC avg
§103
88.8%
+48.8% vs TC avg
§102
6.7%
-33.3% vs TC avg
§112
1.3%
-38.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 657 resolved cases

Office Action

§101 §103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-11 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Independent claims 1, 8 and 9: Claims 1 is drawn to “a system”, claim 8 is drawn to “method”, and claim 9 is drawn to “a non-transitory computer readable medium”, therefore each of these claim groups falls under one of four categories of statutory subject matter (process/method, machines/products/apparatus, manufactures, and compositions of matter). Claims 1, 8 and 9 is rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claims 1, 8 and 9 recites evaluate, based on evaluation target information indicating a combination of security countermeasure techniques , evaluate, based on track record information indicating an introduction track record of the security countermeasure technique and evaluate, based on the track record level information and the satisfaction level information, and evaluating the recommendation level. The limitation steps under its broadest reasonable interpretation, covers performance of the limitation in the mind. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind then it falls within the mental process/human activity grouping of abstract ideas. Accordingly, the claim recites an abstract idea. This judicial exception is not integrated into a practical application because the claim does not recite additional elements that integrate the judicial exception into a practical application. Claims 1, 8 and 9 recite the additional elements of “one or more processors” as recited in the claim. However, one or more processors are recited at a high level of generality and are generic computer components such that they amount to no more than mere instructions to apply the exception using a generic computer. Mere instructions to apply an exception using a generic computer cannot provide an inventive concept. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Considering the claims as a whole, looking at the elements individually and in an ordered combination, does not integrate the abstract idea into a practical application using the considerations set forth above. The claims does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of the processor and the memory including computer program codes are recited at a high level of generality and are generic computer components such that they amount to no more than mere instructions to apply the exception using a generic computer. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Thus, the claimed elements, either individually, or in the ordered combination do not add significantly more to the abstract idea. Dependent claims 2-8 and 10-11 further clarify the concept recited in independent claims, however this clarification still falls under the concept recited in the independent claims and do not amount to significantly more than the judicial exception. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-11 is/are rejected under 35 U.S.C. 103 as being unpatentable over applicant’s admitted prior art Kanai et al (2021/0288989) in views of applicant admitted prior art Ando et al (JP 2018077597) and Goddard (2014/0068202). For claim 1, Kanai teaches An information processing device (abstract) comprising: one or more processors (par.59) configured to: evaluate, based on evaluation target information indicating a combination of security countermeasure techniques that becomes an evaluation target (Kanai teaches that The information processing device 10 is capable of ranking security measures technologies effective against a threat to the target system on the basis of at least system requirements of the target system and presenting the security measures technologies in descending order of effects of introduction as Kanai teaches in par.34), system requirement information indicating a system requirement that is an operational requirement for a target system (Kanai teaches that the security requirements are conditions for security characteristics of a security measures technology to be introduced into the target system as Kanai teaches in par.36), and influence information indicating influence of each security countermeasure technique included in the combination on the target system (Kanai teaches the influence information obtaining unit 102 has a function to obtain, from the auxiliary storage unit 15 described later, information indicating correspondence between a security measures technology and “influence on system” occurring in the introduction of the security measures technology into the target system (such information being hereinafter called influence information simply) as Kanai teaches in par.43), a satisfaction level of the system requirement with respect to the combination and generates satisfaction level information indicating the satisfaction level of the system requirement with respect to the combination (Kanai teaches that the security characteristics refer to general characteristics of the security measures technologies, such as functions of the security measures technologies (sometimes referred to as security functions simply), the strength of the security measures technologies, and ease of operation of the security measures technologies. The security characteristics are also information indicating the degree of satisfaction of the security requirements and threat information obtaining unit 105 obtains, from the threat list information obtaining unit 104, one threat to the target system, and sends the threat information to the combination selection unit 310. The combination selection unit 310 selects a combination including one or two or more security measures technologies to eliminate the threat and the remaining threat shown in the obtained threat information (hereinafter, simply referred to as a combination of security measures technologies), and then generates information indicating a combination of the security measures technologies (hereinafter, referred to as combination information as Kanai teaches in par.77 and 203). Kanai fails to teach evaluate, based on track record information indicating an introduction track record of the security countermeasure technique included in the combination for a system having an identical system requirement as the target system, in which the introduction track record is calculated based on a security design case, a track record level of the combination and generates track record level information indicating the track record level of the combination; and evaluate, based on the track record level information and the satisfaction level information, a recommendation level of the combination, wherein the evaluating the recommendation level includes: evaluating the recommendation level such that a value of the recommendation level of a first combination is higher than a value of the recommendation level of a second combination, the first combination including a security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique, the second combination including a security countermeasure technique that does not satisfy the restriction.. Ando teaches, similar system, evaluate, based on track record information indicating an introduction track record of the security countermeasure technique included in the combination for a system having an identical system requirement as the target system, in which the introduction track record is calculated based on a security design case, a track record level of the combination and generates track record level information indicating the track record level of the combination (Ando teaches that The feedback unit 106 manages, for each security measure, whether or not the security measure has actually been introduced. In this modified example, as an example, a column indicating whether or not each security measure has been introduced is recorded in the threat-countermeasure database by adding a column indicating whether or not each security measure has been introduced. When the user inputs information on security measures actually introduced via the input / output unit 101, the feedback unit 106 records information indicating that there is a history of introduction in the threat-measure database based on the input information as Ando teaches in par.169-172 on applicant admitted prior art machine translation); and evaluate, based on the track record level information and the satisfaction level information, a recommendation level of the combination (Ando teaches that When the recommended measure selection support unit 105 presents the recommended measure group to the user, the recommended measure selection support unit 105 also presents information on the presence / absence of introduction of each security measure. When the user selects introduction permission / prohibition 9003, the user may refer to the presence / absence of the introduction record and, for example, preferentially introduce the security measures with the introduction record, and by giving a high priority to the security measures actually used, the user can recognize a security measure with a track record actually introduced in the past, and can extract a security measure with a high priority by filtering, for example as Ando teaches in par.172-173 on applicant admitted prior art machine translation), wherein the evaluating the recommendation level includes: evaluating the recommendation level such that a value of the recommendation level of a first combination is higher than a value of the recommendation level of a second combination (Ando teaches that the effectiveness of security measures can be evaluated, including the perspective of how effectively security measures act on threat items, and the extent to which security measures are sufficient measures against threat items, effective security measures can be planned and The countermeasure effect calculation unit 104 extracts a threat item 801 having a risk value equal to or higher than the risk threshold and a security measure 803 effective for the threat item. Next, the countermeasure effect calculation unit 104 extracts the effectiveness r802 and the completeness o804 for each combination of the threat item 801 and the security countermeasure 803. Next, the countermeasure effect calculation unit 104 calculates the risk reduction rate of each security countermeasure using Expression as Ando teaches in par.170-175 on applicant admitted prior art machine translation), the first combination including a security countermeasure technique that satisfies a restriction of the security countermeasure technique, the second combination including a security countermeasure technique that does not satisfy the restriction (Ando teaches that the the recommended measure selection support unit 105 acquires the constraint condition and the extraction condition in generating the recommended measure group. Restriction conditions and extraction conditions are preset by the user. The constraint condition is, for example, an upper limit value of the security measure introduction cost. For example, the extraction condition is that there is no threat item whose risk value is equal to or higher than the risk threshold as Ando teaches in par.144-145 on applicant admitted prior art machine translation). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include on track record information indicating an introduction track record of the security countermeasure technique included in the combination as taught and suggested by Ando in order the effect of each security measure on the entire large-scale system is calculated from the component information included in the attack path of the threat item and the effect value of the security measure, therefore, it is possible to plan appropriate measures for the entire system while observing the effect of each security measure on the entire large-scale system (Ando, par.11). Kanai, as modified by Ando, does not explicitly teach a security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique. Goddard teaches, similar system, security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique (Goddard teaches that restrictions may be placed on the user as are known, and may be combined with, replace, or supplement the above-noted restrictions as appropriate to meet particular and varying security requirements and security countermeasures vary depending on the type of enterprise and the sensitivity of the information being protected on the file system as Goddard teaches in par.30-31). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include a restriction on an operator of the security countermeasure technique as taught and suggested by Goddard in order to determine one or more of whether a plurality of aggregated requests correspond to a pattern of bulk data copy operations, whether aggregated requests exceed a predetermined threshold for permitted data copy operations, and whether a user is authorized to execute a bulk data copy operation exceeding a permitted data copy threshold (Goddard, par.17). For claim 2, Kanai, as modified by Ando and Goddard, further teaches that wherein the one or more processors evaluate a satisfaction level of each security countermeasure included in the combination with respect to the system requirement based on the system requirement information and the influence information, and based on the evaluated satisfaction level, evaluates the satisfaction level of the combination with respect to the system requirement (Kanai teaches that security measures technologies satisfying system requirements corresponding to a medium level as Kanai teaches in par.142). For claim 3, Kanai, as modified by Ando and Goddard, fails to teach wherein the one or more processors evaluate a track record level of each security countermeasure included in the combination based on the track record information, and based on the evaluated track record level, evaluates the track record level of the combination. Ando further teaches that wherein the one or more processors evaluate a track record level of each security countermeasure included in the combination based on the track record information, and based on the evaluated track record level, evaluates the track record level of the combination (Ando teaches in par.172-173 on applicant admitted prior art machine translation). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include evaluate a track record level of each security countermeasure as taught and suggested by Ando in order the effect of each security measure on the entire large-scale system is calculated from the component information included in the attack path of the threat item and the effect value of the security measure, therefore, it is possible to plan appropriate measures for the entire system while observing the effect of each security measure on the entire large-scale system (Ando, par.11). For claim 4, Kanai, as modified by Ando and Goddard, further teaches that wherein the combination is capable of handling a threat assumed to occur in the target system (Kanai teaches that The threat list information obtaining unit 104 has a function to obtain, through an input of the user, information indicating a threat list in the target system as Kanai teaches in par.46). For claim 5, Kanai, as modified by Ando and Goddard, further teaches that wherein the system requirements are requirements for at least one of influence on increase in communication delay, influence on increase in computer load, influence on a physical space, influence on communication performance, influence on a computer resource, influence on operation inhibition due to excessive detection, influence on necessity of installation of new device, influence on a network configuration, influence on system availability, and influence on necessity of network connectivity (Kanai teaches that the “influence on system” refers to an influence of hindering anticipated functions of the target system in operation of the target system. Examples of the “influence on system” include the “increase in communication delay” as Kanai teaches in par.44). For claim 6, Kanai, as modified by Ando and Goddard, further teaches that wherein the one or more processors select, based on combination information indicating a plurality of combinations, characteristic information indicating security characteristics of each security countermeasure technique included in the plurality of combinations, and security requirement information indicating a requirement for security characteristics of a security countermeasure technique to be introduced in the target system, a combination that satisfies the security requirement from among the plurality of combinations and generates the evaluation target information by defining the selected combination as the combination, which becomes the evaluation target (Kanai teaches that s a combination of security measures technologies that is effective against the threat “malware infection” and eliminates a remaining threat, the following three combinations can be selected: the first A combination “host-based FW+external media connection prohibited+administrative rights disabled”; the first B combination “host FW+antivirus software+administrative rights disabled”; and the second combination “antivirus software+administrative rights disabled”. Hereinafter, the first A combination, the first B combination, and the second combination are referred to as combination 1, combination 2, and combination 3, respectively. The three combinations obtained as described above are shown in FIG. 26 as Kanai teaches in par.222). For claim 7, Kanai, as modified by Ando and Goddard, further teaches wherein the one or more processors generate the combination information based on threat information indicating a threat assumed to occur in the target system and threat countermeasure information in which information indicating the threat assumed to occur in the target system and a security countermeasure technique capable of handling the threat are associated with each other (Kanai teaches that The threat list information obtaining unit 104 has a function to obtain, through an input of the user, information indicating a threat list in the target system as Kanai teaches in par.46). For claim 8, Kanai teaches An information processing method executed in an information processing device, the information processing method (abstract) comprising: evaluating, based on evaluation target information indicating a combination of security countermeasure techniques that becomes an evaluation target (Kanai teaches that The information processing device 10 is capable of ranking security measures technologies effective against a threat to the target system on the basis of at least system requirements of the target system and presenting the security measures technologies in descending order of effects of introduction as Kanai teaches in par.34), system requirement information indicating a system requirement that is an operational requirement for a target system (Kanai teaches that the security requirements are conditions for security characteristics of a security measures technology to be introduced into the target system as Kanai teaches in par.36), and influence information indicating influence of each security countermeasure technique included in the combination on the target system (Kanai teaches the influence information obtaining unit 102 has a function to obtain, from the auxiliary storage unit 15 described later, information indicating correspondence between a security measures technology and “influence on system” occurring in the introduction of the security measures technology into the target system (such information being hereinafter called influence information simply) as Kanai teaches in par.43), a satisfaction level of the system requirement with respect to the combination and generates satisfaction level information indicating the satisfaction level of the system requirement with respect to the combination (Kanai teaches that the security characteristics refer to general characteristics of the security measures technologies, such as functions of the security measures technologies (sometimes referred to as security functions simply), the strength of the security measures technologies, and ease of operation of the security measures technologies. The security characteristics are also information indicating the degree of satisfaction of the security requirements and threat information obtaining unit 105 obtains, from the threat list information obtaining unit 104, one threat to the target system, and sends the threat information to the combination selection unit 310. The combination selection unit 310 selects a combination including one or two or more security measures technologies to eliminate the threat and the remaining threat shown in the obtained threat information (hereinafter, simply referred to as a combination of security measures technologies), and then generates information indicating a combination of the security measures technologies (hereinafter, referred to as combination information as Kanai teaches in par.77 and 203). Kanai fails to teach evaluating, based on track record information indicating an introduction track record of the security countermeasure technique included in the combination for a system having an identical system requirement as the target system, in which the introduction track record is calculated based on a security design case, a track record level of the combination and generates track record level information indicating the track record level of the combination; and evaluating, based on the track record level information and the satisfaction level information, a recommendation level of the combination wherein the evaluating the recommendation level includes: evaluating the recommendation level such that a value of the recommendation level of a first combination is higher than a value of the recommendation level of a second combination, the first combination including a security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique, the second combination including a security countermeasure technique that does not satisfy the restriction.. Ando teaches, similar system, evaluate, based on track record information indicating an introduction track record of the security countermeasure technique included in the combination for a system having an identical system requirement as the target system, in which the introduction track record is calculated based on a security design case, a track record level of the combination and generates track record level information indicating the track record level of the combination (Ando teaches that The feedback unit 106 manages, for each security measure, whether or not the security measure has actually been introduced. In this modified example, as an example, a column indicating whether or not each security measure has been introduced is recorded in the threat-countermeasure database by adding a column indicating whether or not each security measure has been introduced. When the user inputs information on security measures actually introduced via the input / output unit 101, the feedback unit 106 records information indicating that there is a history of introduction in the threat-measure database based on the input information as Ando teaches in par.169-172 on applicant admitted prior art machine translation); and evaluate, based on the track record level information and the satisfaction level information, a recommendation level of the combination (Ando teaches that When the recommended measure selection support unit 105 presents the recommended measure group to the user, the recommended measure selection support unit 105 also presents information on the presence / absence of introduction of each security measure. When the user selects introduction permission / prohibition 9003, the user may refer to the presence / absence of the introduction record and, for example, preferentially introduce the security measures with the introduction record, and by giving a high priority to the security measures actually used, the user can recognize a security measure with a track record actually introduced in the past, and can extract a security measure with a high priority by filtering, for example as Ando teaches in par.172-173 on applicant admitted prior art machine translation), wherein the evaluating the recommendation level includes: evaluating the recommendation level such that a value of the recommendation level of a first combination is higher than a value of the recommendation level of a second combination (Ando teaches that the effectiveness of security measures can be evaluated, including the perspective of how effectively security measures act on threat items, and the extent to which security measures are sufficient measures against threat items, effective security measures can be planned and The countermeasure effect calculation unit 104 extracts a threat item 801 having a risk value equal to or higher than the risk threshold and a security measure 803 effective for the threat item. Next, the countermeasure effect calculation unit 104 extracts the effectiveness r802 and the completeness o804 for each combination of the threat item 801 and the security countermeasure 803. Next, the countermeasure effect calculation unit 104 calculates the risk reduction rate of each security countermeasure using Expression as Ando teaches in par.170-175 on applicant admitted prior art machine translation), the first combination including a security countermeasure technique that satisfies a restriction of the security countermeasure technique, the second combination including a security countermeasure technique that does not satisfy the restriction (Ando teaches that the the recommended measure selection support unit 105 acquires the constraint condition and the extraction condition in generating the recommended measure group. Restriction conditions and extraction conditions are preset by the user. The constraint condition is, for example, an upper limit value of the security measure introduction cost. For example, the extraction condition is that there is no threat item whose risk value is equal to or higher than the risk threshold as Ando teaches in par.144-145 on applicant admitted prior art machine translation). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include on track record information indicating an introduction track record of the security countermeasure technique included in the combination as taught and suggested by Ando in order the effect of each security measure on the entire large-scale system is calculated from the component information included in the attack path of the threat item and the effect value of the security measure, therefore, it is possible to plan appropriate measures for the entire system while observing the effect of each security measure on the entire large-scale system (Ando, par.11). Kanai, as modified by Ando, does not explicitly teach a security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique. Goddard teaches, similar system, security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique (Goddard teaches that restrictions may be placed on the user as are known, and may be combined with, replace, or supplement the above-noted restrictions as appropriate to meet particular and varying security requirements and security countermeasures vary depending on the type of enterprise and the sensitivity of the information being protected on the file system as Goddard teaches in par.30-31). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include a restriction on an operator of the security countermeasure technique as taught and suggested by Goddard in order to determine one or more of whether a plurality of aggregated requests correspond to a pattern of bulk data copy operations, whether aggregated requests exceed a predetermined threshold for permitted data copy operations, and whether a user is authorized to execute a bulk data copy operation exceeding a permitted data copy threshold (Goddard, par.17). For claim 9, Kanai teaches A non-transitory computer readable medium having a computer program stored therein which causes a computer to execute processes (abstract) comprising: evaluating, based on evaluation target information indicating a combination of security countermeasure techniques that becomes an evaluation target (Kanai teaches that The information processing device 10 is capable of ranking security measures technologies effective against a threat to the target system on the basis of at least system requirements of the target system and presenting the security measures technologies in descending order of effects of introduction as Kanai teaches in par.34), system requirement information indicating a system requirement that is an operational requirement for a target system (Kanai teaches that the security requirements are conditions for security characteristics of a security measures technology to be introduced into the target system as Kanai teaches in par.36), and influence information indicating influence of each security countermeasure technique included in the combination on the target system (Kanai teaches the influence information obtaining unit 102 has a function to obtain, from the auxiliary storage unit 15 described later, information indicating correspondence between a security measures technology and “influence on system” occurring in the introduction of the security measures technology into the target system (such information being hereinafter called influence information simply) as Kanai teaches in par.43), a satisfaction level of the system requirement with respect to the combination and generates satisfaction level information indicating the satisfaction level of the system requirement with respect to the combination (Kanai teaches that the security characteristics refer to general characteristics of the security measures technologies, such as functions of the security measures technologies (sometimes referred to as security functions simply), the strength of the security measures technologies, and ease of operation of the security measures technologies. The security characteristics are also information indicating the degree of satisfaction of the security requirements and threat information obtaining unit 105 obtains, from the threat list information obtaining unit 104, one threat to the target system, and sends the threat information to the combination selection unit 310. The combination selection unit 310 selects a combination including one or two or more security measures technologies to eliminate the threat and the remaining threat shown in the obtained threat information (hereinafter, simply referred to as a combination of security measures technologies), and then generates information indicating a combination of the security measures technologies (hereinafter, referred to as combination information as Kanai teaches in par.77 and 203). Kanai fails to teach evaluating, based on track record information indicating an introduction track record of the security countermeasure technique included in the combination for a system having an identical system requirement as the target system, in which the introduction track record is calculated based on a security design case, a track record level of the combination and generates track record level information indicating the track record level of the combination; and evaluating, based on the track record level information and the satisfaction level information, a recommendation level of the combination, wherein the evaluating the recommendation level includes: evaluating the recommendation level such that a value of the recommendation level of a first combination is higher than a value of the recommendation level of a second combination, the first combination including a security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique, the second combination including a security countermeasure technique that does not satisfy the restriction.. Ando teaches, similar system, evaluate, based on track record information indicating an introduction track record of the security countermeasure technique included in the combination for a system having an identical system requirement as the target system, in which the introduction track record is calculated based on a security design case, a track record level of the combination and generates track record level information indicating the track record level of the combination (Ando teaches that The feedback unit 106 manages, for each security measure, whether or not the security measure has actually been introduced. In this modified example, as an example, a column indicating whether or not each security measure has been introduced is recorded in the threat-countermeasure database by adding a column indicating whether or not each security measure has been introduced. When the user inputs information on security measures actually introduced via the input / output unit 101, the feedback unit 106 records information indicating that there is a history of introduction in the threat-measure database based on the input information as Ando teaches in par.169-172 on applicant admitted prior art machine translation); and evaluate, based on the track record level information and the satisfaction level information, a recommendation level of the combination (Ando teaches that When the recommended measure selection support unit 105 presents the recommended measure group to the user, the recommended measure selection support unit 105 also presents information on the presence / absence of introduction of each security measure. When the user selects introduction permission / prohibition 9003, the user may refer to the presence / absence of the introduction record and, for example, preferentially introduce the security measures with the introduction record, and by giving a high priority to the security measures actually used, the user can recognize a security measure with a track record actually introduced in the past, and can extract a security measure with a high priority by filtering, for example as Ando teaches in par.172-173 on applicant admitted prior art machine translation), wherein the evaluating the recommendation level includes: evaluating the recommendation level such that a value of the recommendation level of a first combination is higher than a value of the recommendation level of a second combination (Ando teaches that the effectiveness of security measures can be evaluated, including the perspective of how effectively security measures act on threat items, and the extent to which security measures are sufficient measures against threat items, effective security measures can be planned and The countermeasure effect calculation unit 104 extracts a threat item 801 having a risk value equal to or higher than the risk threshold and a security measure 803 effective for the threat item. Next, the countermeasure effect calculation unit 104 extracts the effectiveness r802 and the completeness o804 for each combination of the threat item 801 and the security countermeasure 803. Next, the countermeasure effect calculation unit 104 calculates the risk reduction rate of each security countermeasure using Expression as Ando teaches in par.170-175 on applicant admitted prior art machine translation), the first combination including a security countermeasure technique that satisfies a restriction of the security countermeasure technique, the second combination including a security countermeasure technique that does not satisfy the restriction (Ando teaches that the the recommended measure selection support unit 105 acquires the constraint condition and the extraction condition in generating the recommended measure group. Restriction conditions and extraction conditions are preset by the user. The constraint condition is, for example, an upper limit value of the security measure introduction cost. For example, the extraction condition is that there is no threat item whose risk value is equal to or higher than the risk threshold as Ando teaches in par.144-145 on applicant admitted prior art machine translation). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include on track record information indicating an introduction track record of the security countermeasure technique included in the combination as taught and suggested by Ando in order the effect of each security measure on the entire large-scale system is calculated from the component information included in the attack path of the threat item and the effect value of the security measure, therefore, it is possible to plan appropriate measures for the entire system while observing the effect of each security measure on the entire large-scale system (Ando, par.11). Kanai, as modified by Ando, does not explicitly teach a security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique. Goddard teaches, similar system, security countermeasure technique that satisfies a restriction on an operator of the security countermeasure technique (Goddard teaches that restrictions may be placed on the user as are known, and may be combined with, replace, or supplement the above-noted restrictions as appropriate to meet particular and varying security requirements and security countermeasures vary depending on the type of enterprise and the sensitivity of the information being protected on the file system as Goddard teaches in par.30-31). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include a restriction on an operator of the security countermeasure technique as taught and suggested by Goddard in order to determine one or more of whether a plurality of aggregated requests correspond to a pattern of bulk data copy operations, whether aggregated requests exceed a predetermined threshold for permitted data copy operations, and whether a user is authorized to execute a bulk data copy operation exceeding a permitted data copy threshold (Goddard, par.17). For claim 10, Kanai, as modified by Ando and Goddard, fails to teach wherein the one or more processors calculate the recommendation level by weighted summing of the track record level information and the satisfaction level information. Ando further teaches wherein the one or more processors calculate the recommendation level by weighted summing of the track record level information and the satisfaction level information (Ando teaches in par.172-173 on applicant admitted prior art machine translation). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include weighted summing of the track record level as taught and suggested by Ando in order the effect of each security measure on the entire large-scale system is calculated from the component information included in the attack path of the threat item and the effect value of the security measure, therefore, it is possible to plan appropriate measures for the entire system while observing the effect of each security measure on the entire large-scale system (Ando, par.11). For claim 11, Kanai, as modified by Ando and Goddard, fails to teach wherein the one or more processors calculate, as the track record level of the combination, an average value of satisfaction levels of the security countermeasure techniques included in the combination. Ando further teaches wherein the one or more processors calculate, as the track record level of the combination, an average value of satisfaction levels of the security countermeasure techniques included in the combination (Ando teaches in par.172-173 on applicant admitted prior art machine translation). It would have been obvious to one ordinary skill in the art before effective filling date to modify Kanai to include average value of satisfaction levels of the security countermeasure techniques as taught and suggested by Ando in order the effect of each security measure on the entire large-scale system is calculated from the component information included in the attack path of the threat item and the effect value of the security measure, therefore, it is possible to plan appropriate measures for the entire system while observing the effect of each security measure on the entire large-scale system (Ando, par.11). Response to Amendments/Arguments Applicant’s arguments with respect to claim(s) 1-11 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. With respect to applicant argument of 101 rejection that the current amendment overcome the 101 rejections, however, the examiner respectfully disagrees with applicant because claims still do not include additional elements that are sufficient to amount to significantly more than the judicial exception. The newly amended language still directed to steps of determining i.e. also categorized as mental steps. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of processor, memory and supervised learning model are recited at a high level of generality and are generic computer components such that they amount to no more than mere instructions to apply the exception using a generic computer. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claims are directed to evaluating and ranking combinations of security countermeasure techniques based on various criteria, which is a mathematical concept/ mental process, and the additional elements merely implement this abstract idea on generic processors without improving computer functionality or another technology, and therefore the claim is ineligible under 35 U.S.C. § 101.Thus, the claimed elements, either individually, or in the ordered combination do not add significantly more to the abstract idea. The applicant’s arguments regarding new amendment limitations in claims 1, 8 and 9, has been considered but is moot, because the examiner applied new art, Goddard (2014/0068202), that covers newly claimed limitation. Regarding dependent claims arguments, said arguments are moot because the applied references are not considered to have alleged differences, and therefore are considered to properly show that for which they were cited. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYUB A MAYE whose telephone number is (571)270-5037. The examiner can normally be reached Monday-Friday 9AM-5PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached at 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /AYUB A MAYE/Examiner, Art Unit 2436 /SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436
Read full office action

Prosecution Timeline

Feb 28, 2023
Application Filed
Aug 26, 2025
Non-Final Rejection mailed — §101, §103
Nov 26, 2025
Response Filed
Apr 06, 2026
Final Rejection mailed — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12665876
System and method for server monitoring and problem resolution for electronic mail messages
3y 8m to grant Granted Jun 23, 2026
Patent 12625987
METHOD AND SYSTEM FOR EXECUTING A SECURE FILE-LEVEL RESTORE FROM A BLOCK-BASED BACKUP
3y 9m to grant Granted May 12, 2026
Patent 12574211
PERSONAL PRIVATE KEY ENCRYPTION DEVICE
3y 10m to grant Granted Mar 10, 2026
Patent 12574247
DEVICE FOR COMPUTING SOLUTIONS OF LINEAR SYSTEMS AND ITS APPLICATION TO DIGITAL SIGNATURE GENERATIONS
3y 4m to grant Granted Mar 10, 2026
Patent 12547740
INFORMATION PROCESSING DEVICES AND INFORMATION PROCESSING METHODS
3y 2m to grant Granted Feb 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
58%
Grant Probability
99%
With Interview (+42.0%)
4y 6m (~1y 1m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 657 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month