DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is in response to the correspondence filed on 08/30/23. Claims 1-20 are still pending and have been considered below.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claims 1, 6-11 and 16-20 recite the limitation "the selected action" throughout the claims, which render the claims indefinite. Examiner notes that the preceding claim language establishes a first instance of “an action” which is then “selected” and presumably becomes “the selected action”; thus, Examiner respectfully submits that it is unclear if the “action” and the “selected action” are supposed to be one in the same, or actually two different elements.
Claim 15 recites the limitation "the user interface" in line 1. There is insufficient antecedent basis for this limitation in the claim.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 11-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because they appear to be directed to “one or more servers”, which do not appear to be specifically described by Applicant’s own disclosure to only encompass hardware variations; thus, one of ordinary skill in the art would reasonably understand the claims to be directed to software per se.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1, 2, 4, 6-9, 11, 12, 14 and 16-19 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Petersen et al. (2020/0125725).
Claim 1: Petersen et al. discloses a method comprising:
receiving, by an interface provided by one or more servers, an indication to create a workflow for automating a response to one or more users engaging in an action associated with a security incident(log manager uses rules to identify occurrence of interest by cycling through several iterations of various sets of rules) [page 12, paragraphs 0091-0093];
receiving, by the interface, a selection of the action associated with the security incident from a plurality of selectable actions, the selected action configured into the workflow and configured to trigger execution of the workflow by a user of the one or more users taking the selected action(using the identity data and various rules to analyze log message data for indications that an account has been subject to a security threat) [page 13, paragraphs 0095-0097];
receiving, by the interface, a selection of a response from a plurality of selectable responses for responding to the user of the one or more users taking the selected action associated with the security incident, the selected response configured into the workflow and configured to be sent to one or more targets responsive to the selected action being performed(generating even and forwarding the event to event manager to select appropriate response) [page 13, paragraphs 0095-0097]; and
establishing, by the one or more servers, the workflow to be executed to send the selected response automatically responsive to performance of the selected action by the user of the one or more users being detected(various rules identify a respect action in response to a detected event, such as locking accounts, deploying additional rules, stopping file transfers and/or access) [figure 8 | page 13, paragraphs 0089].
Claim 2: Petersen et al. discloses the method of claim 1, further comprising receiving, by the interface, a selection of one or more conditions from a plurality of selectable conditions for which to trigger one of execution of or progression through the workflow, the one or more selected conditions configured into the workflow(selections of further rules and/or other actions) [page 13, paragraph 0096].
Claim 4: Petersen et al. discloses the method of claim 1, further comprising receiving, by the interface, an input of the one or more targets to configure into the workflow, the one or more targets identifying one or more users or groups of users to which the workflow sends the selected response [page 13, paragraphs 0099 & 0101].
Claim 6: Petersen et al. discloses the method of claim 1, further comprising receiving, by the interface, administrator input to connect the selected action to the selected response to create the workflow [page 13, paragraphs 0099 & 0101].
Claim 7: Petersen et al. discloses the method of claim 1, further comprising receiving, by the interface, administrator input to arrange the selected action and the selected response on a canvas provided by the interface [page 13, paragraphs 0099 & 0101].
Claim 8: Petersen et al. discloses the method of claim 1, further comprising monitoring, by the one or more servers, event data of the one or more users to detect the selected action [pages 8-9, paragraphs 0065 & 0069].
Claim 9: Petersen et al. discloses the method of claim 8, further comprising receiving, by the one or more servers responsive to monitoring, an indication that the selected action has been detected and responsive to the indication, triggering one of execution or progression of the workflow(processing rules may specify additional actions/rules) [page 9, paragraphs 0070-0071].
Claim 11: Petersen et al. discloses a system comprising:
one or more servers configured to:
receive, by an interface provided by the one or more servers, an indication to create a workflow for automating a response to one or more users engaging in an action associated with a security incident [page 12, paragraphs 0091-0093];
receive, by the interface, a selection of the action associated with the security incident from a plurality of selectable actions, the selected action configured into the workflow and configured to trigger execution of the workflow by a user of the one or more users taking the selected action [page 13, paragraphs 0095-0097];
receive, by the interface, a selection of a response from a plurality of selectable responses for responding to the user of the one or more users taking the selected action associated with the security incident, the selected response configured into the workflow and configured to be sent to one or more targets responsive to the selected action being performed [page 13, paragraphs 0095-0097]; and
establish the workflow to be executed to send the selected response automatically responsive to performance of the selected action by the user of the one or more users being detected [figure 8 | page 13, paragraphs 0089].
Claim 12: Petersen et al. discloses the system of claim 11, wherein the interface is further configured to receive a selection of one or more conditions from a plurality of selectable conditions for which to trigger one of execution of or progression through the workflow, the one or more selected conditions configured into the workflow [page 13, paragraph 0096].
Claim 14: Petersen et al. discloses the system of claim 11, wherein the interface is further configured to receive an input of the one or more targets to configure into the workflow, the one or more targets identifying one or more users or groups of users to which the workflow sends the selected response [page 13, paragraphs 0099 & 0101].
Claim 16: Petersen et al. discloses the system of claim 11, wherein the interface is further configured to receive administrator input to connect the selected action to the selected response to create the workflow [page 13, paragraphs 0099 & 0101].
Claim 17: Petersen et al. discloses the system of claim 11, wherein the interface is further configured to receive administrator input to arrange the selected action and the selected response on a canvas provided by the interface [page 13, paragraphs 0099 & 0101].
Claim 18: Petersen et al. discloses the system of claim 11, wherein the one or more servers is further configured to monitor event data of the one or more users to detect the selected action [pages 8-9, paragraphs 0065 & 0069].
Claim 19: Petersen et al. discloses the system of claim 18, wherein the one or more servers is further configured to receive, responsive to monitoring, an indication that the selected action has been detected and responsive to the indication, triggering one of execution or progression of the workflow [page 9, paragraphs 0070-0071].
Allowable Subject Matter
Claims 3, 5, 10, 13, 15 and 20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Kraemer et al. (11,716,346) and Bejarano Ardila et al. (2017/0126740).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDWARD ZEE whose telephone number is (571)270-1686. The examiner can normally be reached Monday-Friday 9AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/EDWARD ZEE/Primary Examiner, Art Unit 2435
Prosecution Insights