Prosecution Insights
Last updated: July 17, 2026
Application No. 18/583,189

DETERMINING SECURITY RISKS RELATED TO LOCAL ADMINISTRATOR RIGHTS ACTIVITY

Non-Final OA §103
Filed
Feb 21, 2024
Examiner
JAKOVAC, RYAN J
Art Unit
2445
Tech Center
2400 — Computer Networks
Assignee
Dell Products L.P.
OA Round
3 (Non-Final)
66%
Grant Probability
Favorable
3-4
OA Rounds
1y 5m
Est. Remaining
83%
With Interview

Examiner Intelligence

Grants 66% — above average
66%
Career Allowance Rate
404 granted / 615 resolved
+7.7% vs TC avg
Strong +18% interview lift
Without
With
+17.5%
Interview Lift
resolved cases with interview
Typical timeline
3y 10m
Avg Prosecution
30 currently pending
Career history
655
Total Applications
across all art units

Statute-Specific Performance

§101
1.2%
-38.8% vs TC avg
§103
87.4%
+47.4% vs TC avg
§102
7.9%
-32.1% vs TC avg
§112
2.4%
-37.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 615 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments filed 03/30/2026 have been fully considered and are moot in view of the new grounds of rejection presented herein. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action: (a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103(a) are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. This application currently names joint inventors. In considering patentability of the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of the various claims was commonly owned at the time any inventions covered therein were made absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and invention dates of each claim that was not commonly owned at the time a later invention was made in order for the examiner to consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) prior art under 35 U.S.C. 103(a). Claims 1-2, 5-11, 13-17, 19-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over US 20240137372 to Leung in view of US 20190098037 to Shenoy in view of US 20210352077 to Benedetti. Regarding claim 1, Leung teaches a computer-implemented method comprising: obtaining data pertaining to one or more activities performed by at least one user acting in connection with at least one granted set of local administrator rights (LAR) (abstract, ¶ 57, obtaining data pertaining to activity of user associated with admin rights); classifying the one or more activities into one or more security risk-based categories by processing at least a portion of the obtained data (abstract, ¶ 2-6, ¶ 55-57, classification of security risk); Leung fails to teach but Shenoy teaches: determining one or more security-related recommendations based at least in part on the classifying of the one or more activities into the one or more security risk-based categories; and performing at least one automated action based at least in part on at least a portion of the one or more security-related recommendations; wherein the method is performed by at least one processing device comprising a processor coupled to a memory (¶ 48, determination of security recommendation and automated remediation actions). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teachings of Shenoy. The motivation to do so is that the teachings of Shenoy would have been advantageous in terms of facilitating network threat detection and remediation (Shenoy, ¶ 47-48). Leung fails to teach but Benedetti teaches: wherein performing at least one automated action comprises automatically revoking one or more LAR access privileges from the at least one set of LAR granted to the at least one user (¶ 29-36, revocation of local admin rights granted to user) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teachings of Benedetti. The motivation to do so is that the teachings of Benedetti would have been advantageous in terms of facilitating access management and governance processes (Benedetti, ¶ 29). Regarding claim 2, 11, 17, Leung teaches: wherein classifying the one or more activities into one or more security risk-based categories comprises processing at least a portion of the obtained data using at least one machine learning-based outlier detection model (¶ 60-61). Regarding claim 5, 13, 19, Leung teaches: wherein determining one or more security-related recommendations comprises processing the at least a portion of the obtained data (¶ 57, processing data such as signature, timestamp, classification) in conjunction with historical data associated with actions performed in response to one or more activities classified into the one or more security risk-based categories (¶ 57, processing data such as signature, timestamp, classification in conjunction with historical data regarding actions such as the generation of alerts issued in response to activities classified as security risks). Regarding claim 6, Leung fails to teach but Shenoy teaches: wherein determining one or more security-related recommendations comprises ranking the one or more security-related recommendations based at least in part on a predicted security-related benefit corresponding with each of the one or more security-related recommendations (¶ 168, ranking security recommendations by risk level, priority, etc.). Motivation to include Shenoy is the same as presented above. Regarding claim 7, 14, 20, Leung teaches: wherein obtaining data pertaining to one or more activities performed by the at least one user acting in connection with at least one granted set of LAR comprises obtaining one or more of application usage information, operating system logs, user activity logs, and system configuration data (¶ 57, 60, logging of user activity). Regarding claim 8, Leung teaches: wherein obtaining data pertaining to one or more activities performed by the at least one user acting in connection with at least one granted set of LAR comprises querying one or more event logs for data associated with one or more particular events (¶ 38, 46-47; ¶ 57, retrieval of data pertaining to activities of user associated with local admin rights). Regarding claim 9, 15, Leung teaches: wherein performing at least one automated action comprises automatically initiating at least one of blocking one or more predefined user actions, blocking one or more device transmission packets, adjusting one or more LAR access privileges within the at least one set of LAR granted to the at least one user, and implementing one or more additional security measures, separate from the at least one granted set of LAR, with respect to the at least one user (¶ 40). Claims 10 and 16 are addressed by similar rationale as claim 1. Claims 3, 12, and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable over Leung, Shenoy, and Benedetti in view of US 20250086095 to Miranda. Regarding claim 3, 12, 18, Leung fails to teach but Miranda teaches: training the at least one machine learning-based outlier detection model using data pertaining to one or more functional security-related requirements, data pertaining to one or more non-functional security-related requirements, and historical data associated with activities performed by one or more additional users relevant to the at least one user (¶ 18-24). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teachings of . The motivation to do so is that the teachings of Miranda would have been advantageous in terms of facilitating anomaly detection (Miranda, ¶ 31, 38-41). Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Leung, Shenoy, Benedetti, and Miranda, in view of US 11,314,576 to Baldassarre. Regarding claim 4, Leung fails to teach but Baldassarre teaches: wherein performing at least one automated action comprises re-training the at least one machine learning-based outlier detection model based at least in part on feedback related to the at least a portion of the one or more security-related recommendations (col. 16:26-67, claim 6). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the teachings of Baldassarre. The motivation to do so is that the teachings of Baldassarre would have been advantageous in terms of facilitating the identification of fault events (col. 16:25-67). CONCLUSION Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to RYAN J JAKOVAC whose telephone number is (571)270-5003. The examiner can normally be reached on 8-4 PM EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar A. Louie can be reached on 572-270-1684. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /RYAN J JAKOVAC/Primary Examiner, Art Unit 2445
Read full office action

Prosecution Timeline

Show 2 earlier events
Mar 10, 2026
Interview Requested
Mar 30, 2026
Response Filed
Apr 10, 2026
Final Rejection mailed — §103
May 29, 2026
Interview Requested
Jun 10, 2026
Response after Non-Final Action
Jun 30, 2026
Request for Continued Examination
Jul 03, 2026
Response after Non-Final Action
Jul 15, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12684038
SYSTEMS AND METHODS FOR INTELLIGENT LOAD BALANCING OF HOSTED SESSIONS
3y 9m to grant Granted Jul 14, 2026
Patent 12684014
METHODS AND SYSTEMS FOR DETECTING DENIAL OF SERVICE ATTACKS ON A NETWORK
2y 3m to grant Granted Jul 14, 2026
Patent 12671699
CAMPAIGN INTELLIGENCE AND VISUALIZATION FOR COMBATING CYBERATTACKS
2y 5m to grant Granted Jun 30, 2026
Patent 12641101
EXPLORING ASSOCIATION RULES TO AID IN THE TRACKABILITY OF ROOT CAUSES OF ABNORMAL EVENTS AND IN THE GENERATION OF MORE PRECISE AND CONCISE EXPLANATIONS FOR ANOMALY DETECTION TECHNIQUES
2y 7m to grant Granted May 26, 2026
Patent 12615286
Keystroke Log Monitoring Systems
3y 0m to grant Granted Apr 28, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

3-4
Expected OA Rounds
66%
Grant Probability
83%
With Interview (+17.5%)
3y 10m (~1y 5m remaining)
Median Time to Grant
High
PTA Risk
Based on 615 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month