Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Response to Arguments
Applicant's arguments filed 1/6/2026 have been fully considered, and are persuasive in view of the presently amended claim language. As persuasively argued on page 8, the previously cited prior art fails to show the “classification based on a quantity of groups . . .” language now positively recited in claims 1, 8, and 16. Responsive to the amended claim language and after further search and consideration, a new grounds of rejection has been made in view of Van Phan (US-20160255501-A1). Van Phan discusses a grouping system (specifically for users, who are identified via their mobile stations (MS)) where a particular user is elected to serve as a “security agent” (Van Phan, [5-6,28]). The security agent is selected based on, e.g., a user’s perceived importance or criticality, and where this evaluation is made based on which user “is a member of the highest number of user groups” (Van Phan, [57]).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1 - 5 are rejected under 35 U.S.C. 103 as being unpatentable over Scheidler (US-10681060-B2) in view of Kolman (US-9699196-B1), Van Phan (US-20160255501-A1), and Joshi (US-10949541-B1).
Regarding claim 1, Scheidler shows a method comprising: using group membership data for a user (col. 19 lines 6-38, col. 26 lines 16-35, col. 27 lines 5-8) account (Abstract, col. 8 lines 26-36), wherein the group membership data indicates at least a plurality of groups associated with the user account (col. 10 lines 55-58, col. 11 lines 33-35, col. 13 lines 15-21, col. 14 lines 6-22); determining, based on inputting the group membership data (col. 19 lines 6-38, col. 55 lines 2-6) into a model, a classification of the user account (col. 10 lines 55-68), wherein the model is trained to classify user accounts according to group membership data for the user accounts (col. 19 lines 6-38); causing, based on the classification of the user account, an adjustment of security data associated with the user account (col. 9 lines 60-65, col. 10 lines 60-68, col. 11 line 21). Scheidler does not show where the data is enterprise data and use of enterprise-related responsibilities associated with group membership data for users. Kolman shows where the group membership data is enterprise data (col. 3 line 61 – col. 4 line 10, col. 5 lines 2 - 19) and use of enterprise-related responsibilities associated with group membership data for users (col. 5 lines 2-19, col. 6 lines 19-23 and lines 28-32, col. 6 line 66-col. 7 line 14).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the data management and grouping techniques of Scheidler with the enterprise data management and user role/responsibility tracking of Kolman in order to utilize addition data regarding system users, thus facilitating more detailed analysis options and more accurate grouping results. The above combination does not show wherein the classification is based on an quantity of groups of the plurality of groups associated with the user account. Van Phan shows wherein the classification is based on an quantity of groups of the plurality of groups associated with the user account ([57], where a user, represented by their mobile station/user equipment identification, is selected to be a security agent, [5-6,28], after evaluating who is “a member of the highest number of user groups”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the user-related evaluation techniques of Van Phan in order to provide a pre-determined and consistent (and thus predictable) mechanism for evaluating and classifying user accounts, ensuring high priority user roles are associated with user who are already performing or otherwise associated with high priority tasks. The above combination does not show: reception of the membership data for a user account. Joshi shows reception of the membership data for a user account (col. 5 line 45 – col. 6 line 24).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the user account data management and use of Joshi in order to improve the data management and storage options of the resultant disclosure (e.g., facilitating easy importation of new data and improving data tracking/association capabilities).
Regarding claim 2, the above combination further shows wherein the model is a machine learning model (Scheidler, col. 3 lines 20-24, col. 8 lines 7-16) that comprises one or more of a support vector machine, a binary classifier, or a model configured to classify user accounts based on the enterprise-related responsibilities (Scheidler, col. 19 lines 6-38, and Kolman, col. 5 lines 2-19, col. 6 lines 19-23 and lines 28-32, col. 6 line 66-col. 7 line 14).
Regarding claim 3, the above combination further shows wherein the groups of the enterprise (Kolman, col. 3 line 61 – col. 4 line 10, col. 5 lines 2-19) are assigned on an enterprise level using a service configured to manage associations between user accounts and enterprise groups (Joshi, col. 5 line 45 – col. 6 line 35).
Regarding claim 4, the above combination further shows wherein the model is updated based on updates in associations of the groups of the enterprise (Kolman, col. 3 line 61 – col. 4 line 10, col. 5 lines 2-19) with corresponding user accounts (Joshi, col. 5 line 61 – col. 6 line 34).
Regarding claim 5, the above combination further shows wherein the adjustment of security data associated with the user account comprises at least one of: adding an authentication process to the user account; or monitoring activity of the user account (Scheidler, col. 9 lines 60-65, col. 10 lines 60-68).
Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Scheidler in view of Kolman, Van Phan, and Joshi, as applied to claim 1 above, further in view of Ullegaddi (US-9892280-B1).
Regarding claim 6, the above combination shows claim 1. The above combination does not show: wherein the classification of the user account is based on at least one of: a type of groups of the plurality of groups of the enterprise associated with the user account; a quantity of permissions associated with the enterprise-related responsibilities of the user account; or a type of permission associated with the enterprise-related responsibilities of the user account. Ullegaddi shows wherein the classification of the user account is based on at least one of: a type of groups of the plurality of groups of the enterprise associated with the user account (Ullegaddi, col. 2 lines 1-3, col. 4 lines 42-47, col. 5 lines 17-23); a quantity of permissions associated with the enterprise-related responsibilities of the user account; or a type of permission associated with the enterprise-related responsibilities of the user account
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the group management techniques of Ullegaddi in order to enable additional grouping mechanisms and techniques, thus enabling enhanced user analysis mechanisms and resultant associations and insights.
Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Scheidler in view of Kolman, Van Phan, and Joshi, as applied to claim 1 above, further in view of Wilson (US-20250111335-A1).
Regarding claim 7, the above combination shows claim 1. The above combination does not explicitly show wherein the user account of the enterprise is associated with an employee of the enterprise. Wilson shows wherein the user account of the enterprise is associated with an employee of the enterprise ([145,147]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the employee management of Wilson in order to further specialize the resultant disclosure for operation in corporate environments, facilitating improved results and ease of use for a common type of software customer.
Claims 8 – 11 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Ullegaddi in view of Scheidler, Van Phan, Marano (US-20090292930-A1) and Kolman.
Regarding claim 8, Ullegaddi shows a method comprising: determining training (col. 8 lines 25-36) data associated with a plurality of user accounts (col. 2 lines 1-3, col. 4 lines 42-47, col. 5 lines 17-23);
training, based on the training data, a model to classify user accounts according to group membership data for the user accounts (col. 2 lines 1-3, col. 4 lines 42-47, col. 5 lines 17-23, col. 8 lines 25-36); processing, based on data classified using the model, a plurality of requests to access a service (col. 12 lines 11-25). Ullegaddi does not show: wherein the group membership data indicates a plurality of groups of the enterprise associated with the user accounts. Scheidler shows wherein the group membership data indicates a plurality of groups of associated with the user accounts (col. 10 lines 55-58, col. 11 lines 33-35, col. 13 lines 15-21, col. 14 lines 6-22).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the training, classification and account management techniques of Ullegaddi with the multiple group management of Scheidler in order to enable enhanced user association flexibility, furthering the number and types of insights possible from the related user analysis and grouping techniques of Ullegaddi and Scheidler. The above combination does not show wherein the classification is based on an quantity of groups of the plurality of groups associated with the user account. Van Phan shows wherein the classification is based on an quantity of groups of the plurality of groups associated with the user account ([57], where a user, represented by their mobile station/user equipment identification, is selected to be a security agent, [5-6,28], after evaluating who is “a member of the highest number of user groups”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the user-related evaluation techniques of Van Phan in order to provide a pre-determined and consistent (and thus predictable) mechanism for evaluating and classifying user accounts, ensuring high priority user roles are associated with user who are already performing or otherwise associated with high priority tasks. The above combination does not show: wherein a first portion of the requests associated with a user account having a first classification are associated with a first level of security data and a second portion of the requests associated with another user account having a second classification are associated with a second level of security data. Marano shows wherein a first portion of the requests ([65]) associated with a user account having a first classification are associated with a first level of security data and a second portion of the requests associated with another user account having a second classification are associated with a second level of security data ([24-25, 28-29, 31]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the group and account management of the above combination with the security classification and analysis of Marano in order to improve the secure protections and management of the environments utilizing the resultant disclosure.
The above combination does not show where the data is enterprise data and use of enterprise-related responsibilities associated with group membership data for users. Kolman shows where the group membership data is enterprise data (col. 3 line 61 – col. 4 line 10, col. 5 lines 2 - 19) and use of enterprise-related responsibilities associated with group membership data for users (col. 5 lines 2-19, col. 6 lines 19-23 and lines 28-32, col. 6 line 66-col. 7 line 14).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the data management and grouping techniques of Scheidler with the enterprise data management and user role/responsibility tracking of Kolman in order to utilize addition data regarding system users, thus facilitating more detailed analysis options and more accurate grouping results. Regarding claim 9, the above combination further shows wherein the training data (Ullegaddi, col. 8 lines 25-36) comprises, for each user account, an indication of a classification of the user account (Scheidler, col. 10 lines 65-68) and an indication of which enterprise groups the user account is associated with (Ullegaddi, col. 8 lines 20-55).
Regarding claim 10, the above combination further shows wherein the model is a machine learning model (Scheidler, col. 3 lines 20-24, col. 8 lines 7-16) that comprises one or more of a support vector machine, a binary classifier, or a model configured to classify user accounts based on the enterprise-related responsibilities (Scheidler, col. 19 lines 6-38, and Kolman, col. 5 lines 2-19, col. 6 lines 19-23 and lines 28-32, col. 6 line 66-col. 7 line 14).
Regarding claim 11, the above combination further shows wherein the enterprise groups are assigned on an enterprise (Kolman, col. 3 line 61 – col. 4 line 10, col. 5 lines 2-19) level using a service configured to manage associations between user accounts and enterprise (Kolman, col. 3 line 61 – col. 4 line 10, col. 5 lines 2-19) groups (Ullegaddi, col. 2 lines 1-16, col. 4 lines 42-55, col. 7 lines 56-67, col. 8 lines 56-67).
Regarding claim 14, the above combination further shows wherein the classifying the user accounts is based on at least one of: a quantity of groups of the plurality of groups of the enterprise associated with that user account (Van Phan, [57]); a type of groups of the plurality of groups of the enterprise associated with that user account (Ullegaddi, col. 2 lines 1-3, col. 4 lines 42-47, col. 5 lines 17-23); a quantity of permissions associated with the enterprise-related responsibilities of that user account; or a type of permission associated with the enterprise-related responsibilities of that user account.
Claim 12 is rejected under 35 U.S.C. 103 as being unpatentable over Ullegaddi in view of Scheidler, Van Phan, Marano, and Kolman, as applied to claim 8 above, further in view of Huang (US-20230177543-A1).
Regarding claim 12, the above combination shows enterprise grouping and associations (Kolman, col. 3 line 61 – col. 4 line 10, col. 5 lines 2-19 and Ullegaddi, col. 2 lines 1-16, col. 4 lines 42-55, col. 7 lines 56-67, col. 8 lines 56-67) The above combination does not show: updating associations of groups with corresponding user accounts and retraining the model based on the updated associations. Huang shows updating associations of groups with corresponding user accounts ([21-22]) and retraining the model based on the updated associations ([75]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the model adaptation of Huang in order to facilitate continuous improvement in the accuracy of the resultant user groupings and evaluations.
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Ullegaddi in view of Scheidler, Van Phan, Marano, and Kolman, as applied to claim 8 above, further in view of Co (US-9882914-B1).
Regarding claim 13, the above combination shows claim 8. The above combination does not show: wherein the first level of security data comprises requesting a first credential of the user account, and wherein the second level of security data comprises requesting the first credential and a second credential of the user account. Co shows: wherein the first level of security data comprises requesting a first credential of the user account, and wherein the second level of security data comprises requesting the first credential and a second credential of the user account (col. 2 lines 7-60).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the multi-level security evaluation of Co in order to enable enhanced protection for the user’s most important data.
Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Ullegaddi in view of Scheidler, Van Phan, Marano, and Kolman, as applied to claim 8 above, further in view of Wilson. Regarding claim 15, the above combination shows claim 8. The above combination does not explicitly show wherein the user account of the enterprise is associated with a plurality of employees of the enterprise. Wilson shows wherein the user account of the enterprise is associated with a plurality of employees of the enterprise ([145,147]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the employee management of Wilson in order to further specialize the resultant disclosure for operation in corporate environments, facilitating improved results and ease of use for a common type of software customer.
Claims 16 – 18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Kilday (US-7984066-B1) in view of Scheidler and Van Phan.
Regarding claim 16, Kilday shows a method comprising receiving group membership (Fig. 7) data for a user (col. 2 lines 38-42) account of an enterprise (col. 7 lines 14-32), wherein the group membership data indicates at least a plurality of groups of the enterprise associated with the user account (Fig. 9 step 906);
determining, for the user account, a classification of that user account (col. 4 lines 25-30), wherein the model is trained to classify user accounts according to enterprise-related responsibilities associated with the group membership data of the user accounts (col. 5 line 44 – col. 6 line 25, col. 6 lines 45-49, col. 7 lines 14-59);
detecting an event associated with user activity (Fig. 9, col. 2 lines 38-43) of the user account (col. 4 lines 24-28); and
processing, based on the classification of the user account being associated with more enterprise-related responsibilities than a different classification, the event (Fig. 9, col. 2 lines 38-67, col. 5 line 44 – col. 6 line 25, col. 7 lines 14 - 59). Kilday does not show where the determining is based on inputting group membership data into a model, wherein the model is trained. Scheidler shows determining is based on inputting group membership data into a model, wherein the model is trained (col. 19 lines 6-38, col. 55 lines 2-6).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the user grouping and management of Kilday with the ML membership analysis of Scheidler in order to enable further automation of the resultant user grouping data analysis. The above combination does not show wherein the classification is based on an quantity of groups of the plurality of groups associated with the user account. Van Phan shows wherein the classification is based on an quantity of groups of the plurality of groups associated with the user account ([57], where a user, represented by their mobile station/user equipment identification, is selected to be a security agent, [5-6,28], after evaluating who is “a member of the highest number of user groups”). It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the user-related evaluation techniques of Van Phan in order to provide a pre-determined and consistent (and thus predictable) mechanism for evaluating and classifying user accounts, ensuring high priority user roles are associated with user who are already performing or otherwise associated with high priority tasks. The above combination does not show: wherein a first portion of the requests associated with a user account having a first classification are associated with a first level of security data and a second portion of the requests associated with another user account having a second classification are associated with a second level of security data. Regarding claim 17, the above combination further shows wherein processing the event comprises one or more of: increasing the security data associated with the user account; filtering the event for a security service; generating an indication of potential threat for the security service (Scheidler, col. 4 lines 35-38, col. 9 lines 18-22); sending an alert to the security service; or ignoring the event (Scheidler, col. 14 lines 50-62).
Regarding claim 18, the above combination further shows wherein the model is a machine learning model (Scheidler, col. 3 lines 20-24, col. 8 lines 7-16) that comprises one or more of a support vector machine, a binary classifier, or a model configured to classify user accounts based on the enterprise-related responsibilities (Scheidler, col. 19 lines 6-38 and Kilday, col. 7 lines 14-32).
Regarding claim 20, the above combination further shows wherein the classification of the user account is based on at least one of: a quantity of groups of the plurality of groups of the enterprise associated with that user account (Van Phan, [57]); a type of groups of the plurality of groups of the enterprise associated with that user account; a quantity of permissions associated with the enterprise-related responsibilities of the user account; or a type of permission associated with the enterprise-related responsibilities of the user account (Kilday, col. 5 line 54 – col. 6 line 25, col. 7 lines 14-58).
Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Kilday in view of Scheidler and Van Phan, as applied to claim 16 above, further in view of Ullegaddi.
Regarding claim 19, the above combination shows consideration of enterprise groupings (Kilday, Figs. 7 and 9, col. 7 lines 14-32). The above combination does not show: where the groups are assigned on an level using a service configured to manage associations between user accounts and groups. Ullegaddi shows where the groups are assigned on an level using a service configured to manage associations between user accounts and groups (col. 2 lines 1-16, col. 4 lines 42-55, col. 7 lines 56-67, col. 78 lines 56-67).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to modify the above combination with the group management techniques of Ullegaddi in order to enable additional grouping mechanisms and techniques, thus enabling enhanced user analysis mechanisms and resultant associations and insights.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN M MACILWINEN whose telephone number is (571)272-9686. The examiner can normally be reached Monday - Friday, 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Glenton B Burgess can be reached at (571) 272 - 3949. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
JOHN MACILWINEN
Primary Examiner
Art Unit 2442
/JOHN M MACILWINEN/Primary Examiner, Art Unit 2454