THIRD-PARY EVALUATION OF WORKSPACE ORCHESTRATION SERVICES

§101 §102 §103 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 03/12/2026has been entered. Response to Amendment The Amendment filed on 02/05/2026 has been entered. The rejection of claims 1-20 under 35 U.S.C 101 is withdrawn in view of the amendment and the 2019 Revised Patent Subject Matter Eligibility Guidance The rejection of claims 7 and 14 under 35 U.S.C 112 (a) is withdrawn in view of the amendment. The rejection of claims 1-20 under 35 U.S.C 112 (b) is withdrawn in view of the amendment. Claims 1, 7, 9, 11, 14 and 18-20 are amended. Claims 1-20 are pending of which claims 1, 11 and 18 are independent claims. Response to Arguments The applicant's arguments filed on 11/13/2025 regarding claims 1-20 have been fully considered. Regarding to applicant’s argument towards 103, the arguments are essentially directed towards the newly introduced limitations, and they are addressed in this Office Action, below. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Specifically, claims 1, 11 and 18 each recites “generate, using a Large Language Model trained using user data, synthetic user data that includes attributes that replace sensitive attributes of the user data”, the specification lacks a detailed description of any algorithmic details as to how this is accomplished. Although the specification lists input and output data of the LLM model, it is inadequate as to how synthetic user data should be generated and weighted to determine the results, it largely describes only the desired result rather than the operative decision logic. As a result, the disclosure does not appear to show possession of the full breadth of the claimed synthetic user data function, particularly if the claim is read to cover broad or LLM-based implementations. Dependent claims 2-10, 12-17 and 19-20 are also rejected for inheriting the deficiencies of the independent claims from which they depend on. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 1, 11 and 18: The claims recite limitations involving machine learning, such as “…generate, using a Large Language Model trained using user data, synthetic user data that includes attributes that replace sensitive attributes of the user data”, without providing sufficient detail to inform, with reasonable certainty, those skilled in the art about the scope of the invention. Specifically, the claim language lacks clarity regarding the algorithm of LLM used, or how the model achieves the claimed determination. As established in Nautilus, Inc. v. Biosig Instruments, Inc., 572 U.S. 898, 901, 910, 110 USPQ2d 1688, 1693 (2014), a claim is indefinite if, when read in light of the specification and the prosecution history, it fails to inform, with reasonable certainty, those skilled in the art about the scope of the invention. Additionally, MPEP § 2173.02 emphasizes that claims must be clear and precise to delineate the metes and bounds of the subject matter to be protected. Claims that depend on rejected base claims (i.e. claims 1, 11 and 18) inherit by the nature of their dependency all rejections that are applied to their corresponding base claims. Thus, claims 2-10 and 12-17 and 19-20 are, in addition to any separate rejection disclosed above, also rejected using the same grounds of rejection as indicated in the rejection of their corresponding base claims above. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Applying the subject matter eligibility test, as outlined in MPEP 2106: Step 1: Statutory Category The claims fall within a statutory category. Claims 1-17 are considered “machines” based claims and claims 18-20 are considered “processes”. Both machines and processes are members of the statutory categories. Thus, the analysis moves towards step 2A, prong one of the subject matter eligibility test. Step 2A, Prong One: Judicial Exception The claims recite a judicial exception, specifically an abstract idea. For example, claims 1, 8 and 15 recite receives data, generates anonymized orchestration data based, at least in part, on transforming data received ... to remove sensitive information, generates ... synthetic user data that includes attributes that replace sensitive attributes of the user data, evaluates whether to modify ... based ... upon (i) the anonymized orchestration data, and (ii) the synthetic user data, and notifies ... of the evaluation.. The courts found that a claim to "collecting information, analyzing it, and displaying certain results of the collection and analysis," where the data analysis steps are recited at a high level of generality such that they could practically be performed in the human mind, Electric Power Group v. Alstom, S.A., 830 F.3d 1350, 1353-54, 119 USPQ2d 1739, 1741-42 (Fed. Cir. 2016). Thus, it is an abstract idea, specifically falling under mental processes. Thus, the analysis moves towards step 2A, prong two. Step 2A, Prong Two: Integration into a Practical Application The claims do not integrate the abstract idea into a practical application. The claim recites “a processor”, “a memory coupled to the processor … having program instructions”, “receive data from a workspace orchestration service”, “generate, using a Large Language Model trained using user data, synthetic user data”, “evaluate whether to modify an orchestration operation performed by the workspace orchestration service”, and “notify an Information Technology Decision Maker (ITDM) of the evaluation.” Neither the processor, memory, workspace orchestration service, Large Language Model, nor Information Technology Decision Maker integrate the judicial exception into a practical application. The claim recites only generic computer components executing conventional steps at a high level of generality. Critically, the claim fails to disclose how the anonymization or synthetic data generation improves computer functionality, security, or any other technology. The specification does not explain whether the LLM achieves superior synthetic data fidelity, reduced computational overhead, faster inference, or enhanced privacy guarantees compared to prior art techniques. The “Large Language Model trained using user data” is invoked without any claim limitation specifying a particular architecture, training methodology, or technical improvement, rendering it a generic application of well-known AI technology (see Recentive Analytics, Inc. v. Fox Corp., 692 F.Supp.3d 438). The court emphasized that claims must delineate how the machine learning technology achieves a technological improvement. Thus, the analysis moves towards step 2B. Step 2B: Inventive concept Finally, the claims do not recite an inventive concept that transforms the abstract idea into a patent-eligible application. The use of machine learning in a generic manner, without specifying a novel algorithm or unique training methodologies, fails to add significantly more to the abstract idea. As noted in Recentive, merely applying existing machine learning models to new data environments, without disclosing improvements to the models themselves, is insufficient for patent eligibility. To summarize, there is no actual improvement to the machine learning model disclosed in the claim. In Recentive, claims that “do no more than claim the application of generic machine learning to a new data environment, without disclosing improvements to the learning model” were held ineligible. Here, the specification does nothing more than say use a generic machine learning model to decide how to generate synthetic user data. There is no disclosure of a novel network architecture, no unusual training regimen, no non-routine feature extraction, and no explanation of why the machine learning model is not just an abstract idea of analyzing data. The claim is “directed to” an abstract idea. Claims 2-10, 12-17 and 19-20 merely add details to the generic off-shelf components that were already disclosed in claims 1,11 and 18, but do not alter the outcome of the analysis above. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1-5, 7-12, 14-20 are rejected under 35 U.S.C. 103 as being unpatentable over Andrews et al. (Patent No.: US 10,855,619, hereinafter Andrews) in view of Chao et al. (US 9,912,695), hereinafter Chao) and Shelton et al. (Patent No.: US 2024/0111893, hereinafter Shelton). Regarding claim 1: Andrews teaches: An Information Handling System (IHS), comprising: a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution by the processor (Andrews - Fig.1), cause the IHS to: receive data from a workspace orchestration service (Andrews - [Col. 15, Line 60-67]: cause IHS 100 to perform various local management operations described herein, including, but not limited to, the collection of productivity and security context information, the calculation of productivity scores and/or risk scores, the instantiation, execution, and modification of a workspace based upon files or policies, such as workspace definitions, received from workspace orchestration service 206); evaluate whether to modify an orchestration operation performed by a workspace orchestration service based, at least in part, upon (i) the anonymized orchestration data, and (ii) the synthetic user data (Andrews - [Col. 14, Line 63-67]: rules may be dynamically modified over time to generate improved workspace definitions. If it is determined, for instance, that a user dynamically adds a text editor every time he uses MICROSOFT VISUAL STUDIO from MICROSOFT CORPORATION, then workspace orchestration service 206 may autonomously add that application to the default workspace definition for that user. [Col. 15, Line 1-5]: if the instantiated workspace(s) have parameters that fall outside of the range of the target indexes such that a difference between additional or updated context information and the initial or previous context information is scored below a threshold value, automation engine 302 may process the assembly of modifications to an existing workspace and deploy such modifications at 21. [Col. 12, Line 29-35]: Security attributes that may be used in the calculation of a security risk score for a particular security context may include, but are not limited to: a classification of the requested data source and/or application, authentication factors used to identify user 201); and notify an Information Technology Decision Maker (ITDM) of the evaluation (Andrews - [Col. 30, Line 56-60]: At block 450, the user may be notified of the possibility of improving the operation of the workspace by using the currently unavailable hardware resource and may be prompted for authorization for use of the hardware resource by the workspace). However, Andrews doesn’t explicitly teach but Chao discloses: Generate anonymized orchestration data based, at least in part, on transforming data received from the workplace orchestration service to remove sensitive information (Chao - [Col. 8, Line 65-67 - Col. 9, Line 1-3]: The content synthesizer 140 can also be configured to generate synthetic content from sensitive information sources that have been sanitized to remove sensitive information, such as a database of financial, medical, or other sensitive information); It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Andrews with Chao so that data to be evaluated is anonymized and synthetic. The modification would have allowed the system to hide the sensitive information for security. However, the combination of Andrews and Chao doesn’t explicitly teach but Shelton discloses: generate, using a Large Language Model trained using user data, synthetic user data that includes attributes that replace sensitive attributes of the user data (Shelton - [337]: A data system (e.g., the surgical data system 45002) may determine whether a dataset (e.g., the dataset 53628) contains private data based on a machine learning model (e.g., the machine learning model generated by the machine learning system 53616). For example, the data system may determine a classification parameter for the dataset based on a data classification machine learning model (e.g., the machine learning model generated by the machine learning system 53616). The classification parameter may indicate a privacy level associated with the dataset … the data system may replace the private data associated with the change in the consent with public data if the data system identifies the public data using the classification parameter associated with a dataset that includes the public data. See also [0025] and [0026]). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Andrews and Chao with Shelton so that synthetic data is generated by replacing the sensitive data in the dataset with public data. The modification would have allowed the system to be more secure. Regarding claim 2: Andrews as modified teaches: wherein the workspace orchestration service is configured to receive requests from local management agents executed by each of a plurality of client IHSs to instantiate workspaces (Andrews - [Col. 26, Line 38-42]: after the workspace definition is complete, the workspace orchestration service and remote cloud web portal (e.g., session the user logged into through the browser) may assemble the workspace and instantiate it for the user in the browser). Regarding claim 3: Andrews as modified teaches: wherein the workspace orchestration service is configured to, for each request: create a workspace definition based upon a target (Andrews - [Col. 14, Line 4-8]: the initial security and productivity targets are processed and/or reconciled against resources, device capabilities, and cloud services available, etc., to produce a workspace definition at 208); and transmit one or more files to a local management agent to enable instantiation of a given workspace based upon the workspace definition (Andrews - [Col. 14, Line 18-22]: The initial workspace definition may then then utilized by automation engine 302 of workspace orchestration service 206 to coordinate the assembly 209 and instantiation 210 of a workspace on an appropriate platform—e.g., on the cloud or on IHS 201—based on the security and productivity contexts in which the workspace will operate). Regarding claim 4: Andrews as modified teaches: wherein the target is calculated, at least in part, based upon at least one of: an identification of a software application requested by a user of a client IHS or an identification of a datafile requested by a user of a client IHS, an identification of a locale of a client IHS, an identification of a user of a client IHS, an identification of a network of a client IHS, an identification of hardware of a client IHS, an identification of a requested datafile, an identification of a storage system of the requested datafile, a risk metric associated with a locale of a client IHS, a risk metric associated with a user of a client IHS, a risk metric associated with a network of a client IHS, a risk metric associated with hardware of a client IHS, a risk metric associated with a requested datafile, a regulatory risk metric, a threat monitoring level, a threat detection level, a threat analytics level, a threat response level, a storage confidentiality level, a network confidentiality level, a memory confidentiality level, a display confidentiality level, a user authentication level, an Information Technology (IT) administration level, a regulatory compliance level, a local storage control level, a Central Processing Unit (CPU) access level, a graphics access level, an application usage level, or an application installation level (Andrews - [Col. 12, Line 59-63]: Initial productivity and security targets for a workspace may be calculated based on the context of user's 201 actions combined with the productivity and security context in which the workspace will operate. The productivity and security targets may also be based on user's 201 behavioral analytics, IHS 100 telemetry and/or environmental information (e.g., collected via sensors 112. []: Examples of productivity context information include, but are not limited to: the hardware of the IHS, the software of the IHS, including the operating system, power states and maximum clock frequencies of selected components of the IHS, peripheral devices coupled to the IHS, either permanently or temporarily, networks available to the IHS and the performance characteristics of those networks, software installers available on the IHS, etc)). Regarding claim 5: Andrews as modified teaches: wherein the anonymized orchestration data comprises data indicative of at least one of: generation of workspace definitions, workspace instantiations, number and type of client IHSs served, selection or deployment of workspace components, workspace tear downs, workspace modifications, processing of security context data, processing of productivity context data, or network telemetry (Andrews - [Col. 13, Line 63-65]: rules may be dynamically modified over time to generate improved workspace definitions). Regarding claim 7: Andrews as modified doesn’t explicitly teach but discloses: wherein the large language model is trained, at least in part, using Persona Identifiable Information from the user data to create the synthetic data(Shelton - [0244]: the training module 53620 may train a machine learning model using various data sets including one or more of patient EMR data, pre-surgical biomarker measurement data, surgical biomarker measurement data, surgical sensor measurement data, post-surgical biomarker measurement data). The reason to combine is in the same rational as claim 1. Regarding claim 8: Andrews as modified teaches: wherein the evaluation comprises a determination that the workspace orchestration service modify an operation involved in at least one of: a workspace instantiation, a workspace modification, or a workspace tear down (Andrews - [Col. 18, Line 44-47]: the capabilities of a workspace may be modified based on changes in the productivity and security contexts in which the workspace is operating). Regarding claim 9: Andrews as modified teaches: wherein the evaluation comprises a determination that the workspace orchestration service modify an operation involved in the selection or deployment of a workspace component (Andrews - [Col. 15, Line 3-5]: automation engine 302 may process the assembly of modifications to an existing workspace and deploy such modifications at 210). Regarding claim 10: Andrews as modified teaches: wherein the workspace component comprises at least one of: an application, a remote service, or a container (Andrews - [Col. 13, Line 40-44]: a workspace definition 208 may prescribe one or more of: authentication requirements for user 201, containment and/or isolation of the workspace (e.g., local application, sandbox, docker container, progressive web application (PWA), Virtual Desktop Infrastructure (VDI), etc.)). Regarding claim 11: Andrews teaches: A memory storage device having program instructions stored thereon that, upon execution by one or more processors of an Information Handling System (IHS) of a workspace orchestration service, cause the IHS to: transmit the anonymized orchestration data to a third-party service, wherein the third-party service is configured to receive synthetic user data produced based, at least in part, upon attributes of user data (Andrews - [Col. 28, Line 6-11]: the local management agent of the IHS may collect such security context and productivity context information and provide the collected information to the remote workspace orchestration service for use in evaluating requirements for a workspace configured to provide the user of the IHS with access to the managed resource. [Col. 12, Line 29-35]: Security attributes that may be used in the calculation of a security risk score for a particular security context may include, but are not limited to: a classification of the requested data source and/or application, authentication factors used to identify user 201); and modify an orchestration operation in response to an evaluation produced by the third-party service based upon the anonymized orchestration data and the synthetic user data (Andrews - [Col. 18, Line 44-47]: the capabilities of a workspace may be modified based on changes in the productivity and security contexts in which the workspace is operating). However, Andrews doesn’t explicitly teach but Chao discloses: generate anonymized orchestration data based, at least in part, on transforming data received from a workplace orchestration service to remove sensitive information (Chao - [Col. 8, Line 65-67 - Col. 9, Line 1-3]: The content synthesizer 140 can also be configured to generate synthetic content from sensitive information sources that have been sanitized to remove sensitive information, such as a database of financial, medical, or other sensitive information); wherein the synthetic user data includes attributes that replace sensitive attributes of the of the user data (Chao - [ [Col. 10, Line 55-60]: The analyzer unit 210 can be configured to anonymize the data to remove sensitive information and can also be configured to insert contradictory information into the one or models to contradict sensitive information that had been accessed or potentially accessed on the service provider 125 by the unauthorized party). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Andrews with Chao so that data to be evaluated is anonymized and synthetic. The modification would have allowed the system to hide the sensitive information for security. Regarding claims 12 and 14-17: Claims do not teach or further define over the limitations recited in claims 5 and 7-10. Therefore, claims 12 and 14-17 are also rejected for similar reasons set forth in claims 5 and 7-10. Regarding claim 18: Andrews teaches: A method, comprising: evaluating an aspect of the workspace orchestrator service based, at least in part, upon the anonymized orchestration data and the synthetic user data (Andrews - [Col. 28, Line 6-11]: the local management agent of the IHS may collect such security context and productivity context information and provide the collected information to the remote workspace orchestration service for use in evaluating requirements for a workspace configured to provide the user of the IHS with access to the managed resource); and modifying one or more operations performed by the workspace orchestrator service based, at least in part, upon the evaluation (Andrews - [Col. 18, Line 44-47]: the capabilities of a workspace may be modified based on changes in the productivity and security contexts in which the workspace is operating). However, Andrews doesn’t explicitly teach but Chao discloses: generating anonymized orchestration data by transforming data from a workspace orchestrator service to remove sensitive information (Chao - [Col. 8, Line 65-67 - Col. 9, Line 1-3]: The content synthesizer 140 can also be configured to generate synthetic content from sensitive information sources that have been sanitized to remove sensitive information, such as a database of financial, medical, or other sensitive information); generating synthetic user data based, at least in part, upon user data, wherein the synthetic user data includes attributes that replace sensitive attributes of the user data (Chao - [ [Col. 10, Line 55-60]: The analyzer unit 210 can be configured to anonymize the data to remove sensitive information and can also be configured to insert contradictory information into the one or models to contradict sensitive information that had been accessed or potentially accessed on the service provider 125 by the unauthorized party). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Andrews with Chao so that data to be evaluated is anonymized and synthetic. The modification would have allowed the system to hide the sensitive information for security. Regarding claims 19-20: Claims do not teach or further define over the limitations recited in claims 8-9. Therefore, claims 19-20 are also rejected for similar reasons set forth in claims 8-9. Claims 6 and 13 are rejected under 35 U.S.C. 102 (a) (2) as being unpatentable over Andrews et al. (Patent No.: US 10,855,619, hereinafter Andrews) in view of Chao et al. (US 9,912,695), hereinafter Chao) and Begg et al. (Pub. No.: US 2022/0075878), hereinafter Begg). Regarding claims 6 and 13: Andrews as modified doesn’t explicitly teach, but Begg discloses: wherein the transforming the data received from the workplace orchestration service includes using a homomorphic encryption technique (Begg - [0099]: encrypt each of the elements of event data 206 using homomorphic encryption key 148, and generate one or more elements of homomorphically encrypted event data 230). It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Andrews and Chao with Begg so that data can be animalized using homomorphic encryption. The modification would have allowed the system to enhance security. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729. The examiner can normally be reached M-F 8:30-5:30. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached on (571) 270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MENG LI/ Primary Examiner, Art Unit 2437