SECURE RESOURCE MANAGEMENT TO PREVENT RESOURCE ABUSE

§101 §103 §112 §DP

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This Office Action is in response to amendment filed on 09/26/2025. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 09/26/2025 has been entered. Information Disclosure Statement The information disclosure statement (IDS) submitted on 12/09/2025 was filed after the mailing date of the final Office action on 06/27/2025. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Response to Amendment By this amendment, claims 1, 3, 10-11, and 16 are amended. Therefore, claims 1-3, 5-8, and 10-20 are pending. Any objections and rejections not repeated below is withdrawn due to Applicant's amendment. Response to Arguments Applicant's arguments filed 09/26/2025 have been fully considered but they are not persuasive. Applicant argues in substance: Claims 1-3, 5-8, and 10-20 are rejected under 35 U.S.C. § 101 because the claims are allegedly directed to non-statutory subject matter. Without conceding the propriety of the rejection, and to advance prosecution, Applicant has amended each of independent claims 1, 11, and 20 to clarify the patent-eligible technical improvements to computer capabilities as explained below. During the interview held on August 22, 2025, the Examiner agreed that the claims, as amended herein, appear to recite patent eligible subject matter. In view of at least this agreement and the following discussion, Applicant respectfully requests withdrawal of the rejections under 35 U.S.C. § 101… With regard to point (a), Examiner agrees with Applicant and all 101 claim rejections are withdrawn due to Applicant’s amendments in combination with Applicant’s stated technical improvements. Specifically, the limitation of “responsive to determining that the resource user is a resource abuser, transmitting, by the secure resource management system, the response to the client computing system, wherein the response causes access to the resource by the resource user to be restricted or denied” cannot be done mentally and thus fails Step 2A Prong One of MPEP 2106. Without conceding the propriety of the rejection, and to advance prosecution, Applicant has amended independent claim 1 to recite in part … The additional independent claims 11 and 16 include similar limitations. Support for these amendments is found, at least, in paragraphs [0026]-[0028] and [0066]-[0067] of the application as filed. As agreed upon during the interview of August 26, 2025, the cited references, either alone or in combination, do not disclose or suggest at least these features of the independent claims. For example, the claim amendments recite specific operations related to optimizing processes for generating resource abuser attributes when processing multiple queries. See Applicant's Specification at para. [0067] ("the resource abuser identification subsystem 120 saves the determined resource abuser attributes 128 for the resource user in the resource record repository 124 so that the resource abuser attributes 128 can be updated next time, instead of being re-computed, thereby reducing the computational complexity of the process.") Each of Weiser and the remaining references fail to teach or suggest such features. During the interview held Tuesday, August 26, the Examiner agreed that the current cited references fail to teach or suggest at least these features. For instance, while Weiser discusses processing different requests from different users via a connection gateway (see Weiser at paras. [0024]-[0025]), Weiser provides no teaching, suggestion or motivation to store resource abuser attributes generated in response to a first query in a resource record repository. Moreover, Weiser fails to teach or suggest the additional operations for processing the second request based on accessing the stored set of resource user attributes generated from the first query. Therefore Weiser fails to teach or suggest the features recited in the independent claims. Each of the remaining references fail to teach the recited features of the independent claims for similar reasons. Because each of Weiser and the additional cited references, alone or in combination, fails to teach or suggest the elements recited in each of independent claims 1, 11, and 16, the independent claims are allowable over the cited references. Furthermore, because dependent claims 2-3, 5-8, 10, 11-15, and 17-20 depend from and further limit one of independent claims 1, 11, and 16, the dependent claims are likewise allowable over the cited references at least based on their dependency from an allowable base claim. For at least these reasons, withdrawal of the rejections under 35 U.S.C. § 103 is respectfully requested. With regard to point (b), Examiner respectfully disagrees with Applicant that paragraphs [0026]-[0028] and [0066]-[0067] of the application fully support the amendments. As stated in the 112(a) rejection below, claim limitations of “a first query and a second query, the first query and the second query for classifying a resource user associated with the resource provider”, “responsive to the first query”, “responsive to the second query”, and “for each of the first query and the second query” in claims 1, 11, and 16 are not disclosed in Applicant’s specification or drawings. Applicant’s specification at most discloses a single query in [0006] “…a query for classifying a resource user associated with the resource provider…”, [0013] “…in response to a query for classifying a resource user associated with a resource provider…the secure resource management system can generate and transmit a response to the query to a computing system associated with the resource provider”, and [0029] “…the resource abuser identification subsystem 120 communicates with the resource record repository 124 to access the resource user profile 126 of a resource user and to query the resource transaction history 138 to retrieve past resource transactions involving the resource user.”. Argument has not been found to be persuasive. Examiner agrees with Applicant that Weiser fails to teach or suggest the amendments recited in the independent claims. Due to Applicant’s amendments, Li et al. Pub. No. US 2012/0331125 Al (hereafter Li) and Doganata et al. Pat. No. US 9,391,919 B2 (hereafter Doganata) have been introduced to cure deficiencies. Therefore, independent claims 1, 11, and 16 and their respective dependent claims are still rejected for the reasons in this Office Action’s 103 rejection below. Argument has not been found to be persuasive. Claim Objections Claims 1-3, 5-8, and 10-20 are objected to because of the following informalities: In Claims 1 and 11, “responsive to the query” should read “responsive to the first query and the second query”. In Claim 2, “the set of resource abuser attributes include” should read “the set of resource abuser attributes includes”. In Claim 5, “wherein threshold duration comprises” should read “wherein the threshold duration comprises”. In Claim 6, “wherein the-threshold duration comprises” should read “wherein the threshold duration comprises”. Claims 5 and 6 have the same claim scope. In Claim 10, “The method claim 3” should read “The method of claim 3”. In Claim 16, “determining a set of resource abuser criteria for classifying a resource user” should read “determining a set of resource abuser criteria for classifying the resource user”. In Claim 16, “generating, responsive to a query for classifying a resource user associated with a resource provider” should read “responsive to the first query and the second query for classifying the resource user associated with the resource provider”. In Claim 16, “causing the response to be transmitted to a client computing system” should read “causing the response to be transmitted to the client computing system”. In Claim 18, “occupying a resource for more than a portion of the threshold duration” should read “occupying the resource for more than a portion of the threshold duration”. Appropriate correction is required. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3, 5-8, and 10-20 of US 11,995,470 B2. The following table is constructed below to show claims 1-3, 5-8, and 10-20 of the instant application and claims 1-3, 5-8, and 10-20 of US 11,995,470 B2. My Application (18/644,810) US 11,995,470 B2 (17/634,825) 1. (Currently Amended) A method that includes one or more processing devices performing operations comprising: receiving, by a secure resource management system and from a client computing system associated with a resource provider, a first query and a second query, the first query and the second query for classifying a resource user associated with the resource provider; responsive to the first query: determining, by the secure resource management system, a set of resource abuser criteria for classifying the resource user as a resource abuser, the set of resource abuser criteria comprising a withholding threshold and a withholding ratio, wherein the withholding threshold describes a threshold duration of time the resource user occupies a resource and the withholding ratio describes a threshold ratio of a duration of time the resource user occupies the resource to an allowed time for occupying the resource; determining a set of resource abuser attributes based on data associated with the resource user compared with the set of resource abuser criteria; and storing the set of resource abuser attributes in a resource record repository; responsive to the second query; updating the set of resource abuser attributes to generate an updated set of resource abuser attributes by: accessing the stored set of resource abuser attributes and subsequently generated data associated with the resource user; and updating the stored set of resource abuser attributes based on the subsequently generated data associated with the resource user; for each of the first query and the second query: determining a confidence value based on the set of resource abuser attributes or the updated set of resource abuser attributes and the set of resource abuser criteria; determining, by the secure resource management system, that the resource user is a resource abuser based on the confidence value; generating, by the secure resource management system and responsive to the query, a response based on determining that the resource user is a resource abuser; and responsive to determining that the resource user is a resource abuser, transmitting, by the secure resource management system, the response to the client computing system, wherein the response causes access to the resource by the resource user to be restricted or denied. 1. A method that includes one or more processing devices performing operations comprising: receiving, by a secure resource management system and from a client computing system associated with a resource provider, a query for classifying a resource user associated with the resource provider; determining, by the secure resource management system, a set of resource abuser criteria for classifying the resource user as a resource abuser, the set of resource abuser criteria comprising occupying a resource for more than a continuous period of time without releasing the resource and utilizing the resource more than a threshold percentage of an allowance of the resource, the allowance of the resource defining a maximum amount of the resource that the resource user is allowed to use; determining, by the secure resource management system, that the resource user is not a resource abuser based on the set of resource abuser criteria; responsive to the determination that the resource user is not a resource abuser, determining, by the secure resource management system, a set of potential resource abuser criteria for classifying the resource user as a potential resource abuser, wherein the set of potential resource abuser criteria is generated by adjusting a threshold of at least one of the set of resource abuser criteria such that the threshold of the at least one of the set of potential resource abuser criteria is lower than a corresponding threshold of one of the set of resource abuser criteria; determining, by the secure resource management system, that the resource user is a potential resource abuser based on the set of potential resource abuser criteria and a resource transaction history associated with the resource user; generating, by the secure resource management system and responsive to the query, a response based on determining that the resource user is a potential resource abuser; and transmitting, by the secure resource management system, the response to the client computing system, wherein the response is usable to cause access to the resource by the resource user to be restricted or denied. 2. (Previously Presented) The method of claim 1, the set of resource abuser attributes include a resource transaction history associated with the resource user. 2. The method of claim 1, wherein determining that the resource user is a potential resource abuser comprises determining that the set of potential resource abuser criteria are satisfied based on the resource transaction history associated with the resource user. 3. (Currently Amended) The method of claim 1, further comprising determining that the resource user is a potential resource abuser by determining that the confidence value is less than a first threshold and higher than a second threshold. 3. The method of claim 1, further comprising determining that the resource user is a potential resource abuser by determining that the set of resource abuser criteria are not satisfied based on the resource transaction history but the set of potential resource abuser criteria are satisfied. 4. The method of claim 3, wherein the set of potential resource abuser criteria comprises occupying a resource for more than a portion of the continuous period of time without releasing the resource and utilizing the resource more than a second threshold percentage of the allowance of the resource, the second threshold percentage is lower than the threshold percentage. 5. (Original) The method of claim 1, wherein threshold duration comprises at least 90 days. 5. The method of claim 3, wherein the set of potential resource abuser criteria further comprises the resource user has an updated address associated with a third party. 6. (Original) The method of claim 1, wherein the-threshold duration comprises at least 90 days. 6. The method of claim 1, wherein the continuous period of time comprises at least 90 days. 7. (Previously Presented) The method of claim 6, wherein the threshold ratio of the allowed time is equal to or higher than 50%. 7. The method of claim 1, wherein the threshold percentage of the allowance is equal to or higher than 50%. 8. (Previously Presented) The method of claim 6, wherein the set of resource abuser criteria further comprises occupying a second resource for more than the threshold duration without releasing the second resource and utilizing the second resource more than the threshold ratio of an allowed time for occupying the second resource. 8. The method of claim 1, wherein the set of resource abuser criteria further comprises occupying a second resource for more than the continuous period of time without releasing the second resource and utilizing the second resource more than the threshold percentage of an allowance of the second resource. 9. The method of claim 1, wherein at least one criteria of the set of potential resource abuser criteria is generated by relaxing a corresponding resource abuser criteria. 10. (Currently Amended) The method claim 3, further comprising: generating a score for the resource user indicating a likelihood of the resource user becoming a resource abuser in a future time. 10. The method claim 1, further comprising: generating a score for the resource user indicating a likelihood of the resource user becomes a resource abuser in a future time. 11. (Currently Amended) A secure resource management system, comprising: a resource record repository configured for storing resource transaction histories associated with resource users; and a resource abuser identification subsystem configured for performing operations comprising: receiving, from a client computing system associated with a resource provider, a first query and a second query, the first query and the second query for classifying a resource user associated with the resource provider; responsive to the first query: determining a set of resource abuser criteria for classifying the resource user as a resource abuser, the set of resource abuser criteria comprising a withholding threshold and a withholding ratio, wherein the withholding threshold describes a threshold duration of time the resource user occupies a resource and the withholding ratio describes a threshold ratio of a duration of time the resource user occupies the resource to an allowed time for occupying the resource; determining a set of resource abuser attributes based on data associated with the resource user compared with the set of resource abuser criteria; and storing the set of resource abuser attributes in the resource record repository; responsive to the second query, updating the set of resource abuser attributes to generate an updated set of resource abuser attributes by: accessing the stored set of resource abuser attributes and subsequently generated data associated with the resource user; and updating the stored set of resource abuser attributes based on the subsequently generated data associated with the resource user; for each of the first query and the second query: determining a confidence value based on the set of resource abuser attributes or the updated set of resource abuser attributes and the set of resource abuser criteria; determining that the resource user is a resource abuser based on the confidence value; generating, responsive to the query, a response based on determining that the resource user is a resource abuser; and responsive to determining that the resource user is a resource abuser, transmitting the response to the client computing system, wherein the response is usable to cause access to the resource by the resource user to be restricted or denied. 11. A secure resource management system, comprising: a resource record repository configured for storing resource transaction histories associated with resource users; and a resource abuser identification subsystem configured for performing operations comprising: receiving, from a client computing system associated with a resource provider, a query for classifying a resource user associated with the resource provider; determining a set of resource abuser criteria for classifying the resource user as a resource abuser, the set of resource abuser criteria comprising occupying a resource for more than a continuous period of time without releasing the resource and utilizing the resource more than a threshold percentage of an allowance of the resource, the allowance of the resource defining a maximum amount of the resource that the resource user is allowed to use; determining that the resource user is not a resource abuser based on the set of resource abuser criteria; responsive to the determination that the resource user is not a resource abuser, determining a set of potential resource abuser criteria for classifying the resource user as a potential resource abuser, wherein the set of potential resource abuser criteria is generated by adjusting a threshold of at least one of the set of resource abuser criteria such that the threshold of the at least one of the set of potential resource abuser criteria is lower than a corresponding threshold of one of the set of resource abuser criteria; determining that the resource user is a potential resource abuser based on the set of potential resource abuser criteria and a resource transaction history associated with the resource user; generating, responsive to the query, a response based on determining that the resource user is a potential resource abuser; and transmitting the response to the client computing system, wherein the response is usable to cause access to the resource by the resource user to be restricted or denied. 12. (Previously Presented) The secure resource management system of claim 11, wherein the operations further comprise determining that the resource user is a potential resource abuser by determining that the confidence value is less than a first threshold and higher than a second threshold. 12. The secure resource management system of claim 11, wherein the operations further comprise determining that the resource user is a potential resource abuser by determining that the set of resource abuser criteria are not satisfied based on the resource transaction history but the set of potential resource abuser criteria are satisfied. 13. (Previously Presented) The secure resource management system of claim 11, wherein the set of resource abuser criteria comprises occupying a resource for more than a portion of the threshold duration without releasing the resource and using the resource more than a second threshold ratio of the allowed time of the resource, the second threshold ratio is lower than a third threshold ratio. 13. The secure resource management system of claim 12, wherein the set of potential resource abuser criteria comprises occupying a resource for more than a portion of the continuous period of time without releasing the resource and utilizing the resource more than a second threshold percentage of the allowance of the resource, the second threshold percentage is lower than a third threshold percentage. 14. (Previously Presented) The secure resource management system of claim 11, wherein the set of resource abuser criteria further comprises the resource user has an updated address associated with a third party. 14. The secure resource management system of claim 12, wherein the set of potential resource abuser criteria further comprises the resource user has an updated address associated with a third party. 15. (Original) The secure resource management system of claim 11, wherein the threshold duration comprises at least 90 days, or the threshold ratio of the allowed time is equal to or higher than 50%. 15. The secure resource management system of claim 11, wherein the continuous period of time comprises at least 90 days, or the threshold percentage of the allowance is equal to or higher than 50%. 16. (Currently Amended) A non-transitory computer-readable storage medium having program code that is executable by a processor device to cause a computing device to perform operations, the operations comprising: receiving, by a secure resource management system and from a client computing system associated with a resource provider, a first query and a second query, the first query and the second query for classifying a resource user associated with the resource provider user; responsive to the first query: determining a set of resource abuser criteria for classifying a resource user as a resource abuser or a potential resource abuser, the set of resource abuser criteria comprising a withholding threshold and a withholding ratio, wherein the withholding threshold describes a threshold duration of time the resource user occupies a resource and the withholding ratio describes a threshold ratio of a duration of time the resource user occupies the resource to an allowed time for occupying the resource; determining a set of resource abuser attributes based on data associated with the resource user compared with the set of resource abuser criteria; and storing the set of resource abuser attributes in a resource record repository; responsive to the second query, updating the set of resource abuser attributes to generate an updated set of resource abuser attributes by: accessing the stored set of resource abuser attributes and subsequently generated data associated with the resource user; and updating the stored set of resource abuser attributes and based on the subsequently generated data associated with the resource user; for each of the first query and the second query: determining a confidence value based on the set of resource abuser attributes or the updated set of resource abuser attributes and the set of resource abuser criteria; determining that the resource user is a resource abuser based on the confidence value; generating, responsive to a query for classifying a resource user associated with a resource provider, a response based on determining that the resource user is a resource abuser; and responsive to determining that the resource user is a resource abuser, causing the response to be transmitted to a client computing system associated with the resource provider, wherein the response causes access to the resource by the resource user to be restricted or denied. 16. A non-transitory computer-readable storage medium having program code that is executable by a processor device to cause a computing device to perform operations, the operations comprising: determining a set of resource abuser criteria for classifying a resource user as a resource abuser or a potential resource abuser, the set of resource abuser criteria comprising occupying a resource for more than a continuous period of time without releasing the resource and utilizing the resource more than a threshold percentage of an allowance of the resource, the allowance of the resource defining a maximum amount of the resource that the resource user is allowed to use; determining that the resource user is not a resource abuser based on the set of resource abuser criteria; responsive to the determination that the resource user is not a resource abuser, determining a set of potential resource abuser criteria for classifying the resource user as a potential resource abuser, wherein the set of potential resource abuser criteria is generated by adjusting a threshold of at least one of the set of resource abuser criteria such that the threshold of the at least one of the set of potential resource abuser criteria is lower than a corresponding threshold of one of the set of resource abuser criteria; determining that the resource user is a potential resource abuser based on the set of potential resource abuser criteria and a resource transaction history associated with the resource user; generating, responsive to a query for classifying a resource user associated with a resource provider, a response based on determining that the resource user is a potential resource abuser; and causing the response to be transmitted to a client computing system associated with the resource provider, wherein the response is usable to cause access to the resource by the resource user to be restricted or denied. 17. (Previously Presented) The non-transitory computer-readable storage medium of claim 16, wherein the operations further comprise: determining that the resource user is a potential resource abuser by determining that the confidence value is less than a first threshold and higher than a second threshold, wherein the second threshold is lower than the first threshold. 17. The non-transitory computer-readable storage medium of claim 16, wherein determining that the resource user is a potential resource abuser comprises determining that the set of resource abuser criteria are not satisfied based on the resource transaction history but the set of potential resource abuser criteria are satisfied. 18. (Original) The non-transitory computer-readable storage medium of claim 17, wherein the set of potential resource abuser criteria comprises occupying a resource for more than a portion of the threshold duration without releasing the resource and using the resource more than a second threshold ratio of the allowed time of the resource, the second threshold ratio is lower than the threshold ratio. 18. The non-transitory computer-readable storage medium of claim 17, wherein the set of potential resource abuser criteria comprises occupying a resource for more than a portion of the continuous period of time without releasing the resource and utilizing the resource more than a second threshold percentage of the allowance of the resource, the second threshold percentage is lower than the threshold percentage. 19. (Previously Presented) The non-transitory computer-readable storage medium of claim 16, wherein the set of resource abuser criteria further comprises the resource user has an updated address associated with a third party. 19. The non-transitory computer-readable storage medium of claim 17, wherein the set of potential resource abuser criteria further comprises the resource user has an updated address associated with a third party. 20. (Original) The non-transitory computer-readable storage medium of claim 16, wherein the set of resource abuser criteria further comprises occupying a second resource for more than the threshold duration without releasing the second resource and using the second resource more than the threshold ratio of an allowed time for occupying the second resource. 20. The non-transitory computer-readable storage medium of claim 16, wherein the set of resource abuser criteria further comprises occupying a second resource for more than the continuous period of time without releasing the second resource and utilizing the second resource more than the threshold percentage of an allowance of the second resource. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1-3, 5-8, and 10-20 and are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claim limitations of “a first query and a second query, the first query and the second query for classifying a resource user associated with the resource provider”, “responsive to the first query”, “responsive to the second query”, and “for each of the first query and the second query” in claims 1, 11, and 16 are not disclosed in Applicant’s specification or drawings. Applicant’s specification at most discloses a single query in [0006] “…a query for classifying a resource user associated with the resource provider…”, [0013] “…in response to a query for classifying a resource user associated with a resource provider…the secure resource management system can generate and transmit a response to the query to a computing system associated with the resource provider”, and [0029] “…the resource abuser identification subsystem 120 communicates with the resource record repository 124 to access the resource user profile 126 of a resource user and to query the resource transaction history 138 to retrieve past resource transactions involving the resource user.”. Any claim not specifically mentioned above does not cure the deficiencies of claims 1, 11, and 16. They are also rejected due to dependencies on a rejected claim. Claim limitation of “the second threshold ratio is lower than a third threshold ratio” in claim 13 is not disclosed in Applicant’s specification or drawings. Applicant’s specification at most discloses a rule wherein the withholding ratio is equal to or above a threshold ratio [0030] “…a withholding ratio (i.e. the ratio of the resource being occupied over the resource allowance) is higher than a withholding ratio…” and [0047] “…For example, the threshold withholding length in Rule 1 can be set to any value, such as 90 days, 100 days, 150 days. In one example, the threshold withholding length is set to any value equal to or above 90 days. Similarly, the threshold for withholding ratio can also be set to a value different from 80%, such as 50%, 70%, 90%, and so on. The threshold number of accounts in Rule 3 can also be adjusted to be one or any other value greater than one…”. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 2, 11, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. Pub. No. US 2012/0331125 Al (hereafter Li) in view of Doganata et al. Pat. No. US 9,391,919 B2 (hereafter Doganata), and further in view of Christodorescu et al. Pat. No. US 9,158,604 Bl (hereafter Christodorescu). Regarding claim 1, Li teaches a method that includes one or more processing devices performing operations comprising ([0019] “…In the context of this document, a computer readable storage medium may be any tangible medium that can contain or store a program for use by or in connection with an instruction processing system, apparatus, or device.”): receiving, by a secure resource management system and from a client computing system associated with a resource provider, a first query and a second query, the first query and the second query for classifying a resource user associated with the resource provider ([0094] “The process begins by receiving a request for a set of resources from a user (step 500)…”, [0079] “Resource management application 422 determines whether overuse of set of resources 408 has occurred based on pattern of use 432 and policy 434. Policy 434 is a number of rules. In these illustrative examples, policy 434 defines when a request for access to set of resources 408 results in an overuse of set of resources 408 for different users.”, [0085] “State information 442 is information that tracks requests 410 made by user 402. In these illustrative examples, state information 442 takes the form of set of times 444. For example, set of times 444 may include a last time that set of resources 408 was accessed by user 402. Set of times 444 may take the form of timestamps.”, Note: The user request to access a resource is interpreted as the first query, and the state information tracked and updated (last time the set of resources was accessed by a user) is interpreted as the second query); responsive to the first query: determining, by the secure resource management system, a set of resource abuser criteria for classifying the resource user as a resource abuser, the set of resource abuser criteria comprising a withholding threshold … wherein the withholding threshold describes a threshold duration of time the resource user occupies a resource ([0099] “A difference between the current time and last time is identified (step 606). A threshold is identified using a policy (step 608). In step 608, the policy may include a rule identifying a threshold to a time interval that is considered overused. For example, the policy may set a threshold for the difference between the current time and the last time.”, [0100] “The process then determines whether the difference between the current time and the last time is greater than the threshold (step 610). If the difference is greater than the threshold, then overuse is not considered to be present and the process returns a "no" result (step 612), with the process terminating thereafter. If the difference is less than the threshold, then a "yes" result is returned (step 614), with the process terminating thereafter.”) … determining a set of resource abuser attributes based on data associated with the resource user compared with the set of resource abuser criteria ([0098] “…If an entry is present, the process identifies a current time for the request (step 602). The process accesses the hash table to identify a last time a request was made by the user (step 604).”, [0099] “A difference between the current time and last time is identified (step 606). A threshold is identified using a policy (step 608). In step 608, the policy may include a rule identifying a threshold to a time interval that is considered overused. For example, the policy may set a threshold for the difference between the current time and the last time.”, Note: A last time is interpreted as a resource abuser attribute compared with the threshold for the difference between the current time and the last time (a set of resource abuser criteria)); and storing the set of resource abuser attributes in a resource record repository ([0101] “With reference again to step 600, if an entry is not present for the user in the hash table, the process generates an entry for the user in the hash table (step 616), with the process then proceeding to step 612 as described above.”, [0084] “…Hash table 438 is a data structure that uses a hash function to map different values to associated values. For example, the value may be user identifier 440 for user 402 which maps to other information. User identifier 440 is an index used to access state information 442…”, [0085] “State information 442 is information that tracks requests 410 made by user 402. In these illustrative examples, state information 442 takes the form of set of times 444. For example, set of times 444 may include a last time that set of resources 408 was accessed by user 402. Set of times 444 may take the form of timestamps.”, Note: A last time is interpreted as a resource abuser attribute, and the hash table is interpreted as the resource record repository); responsive to the second query: updating the set of resource abuser attributes to generate an updated set of resource abuser attributes by: accessing the stored set of resource abuser attributes and subsequently generated data associated with the resource user ([0098] “…If an entry is present, the process identifies a current time for the request (step 602). The process accesses the hash table to identify a last time a request was made by the user (step 604).”, Note: A last time is interpreted as a resource abuser attribute, and a current time is interpreted as subsequently generated data); and updating the stored set of resource abuser attributes based on the subsequently generated data associated with the resource user ([0098] “…If an entry is present, the process identifies a current time for the request (step 602). The process accesses the hash table to identify a last time a request was made by the user (step 604).”, [0085] “State information 442 is information that tracks requests 410 made by user 402. In these illustrative examples, state information 442 takes the form of set of times 444. For example, set of times 444 may include a last time that set of resources 408 was accessed by user 402. Set of times 444 may take the form of timestamps.”, Note: A last time is interpreted as a resource abuser attribute, a current time is interpreted as subsequently generated data, and after each request, a last time must be updated to the current time as the state information tracks each last access of users) … generating, by the secure resource management system and responsive to the query, a response based on determining that the resource user is a resource abuser ([0095] “…A determination is then made as to whether overuse of the set of resources has occurred based on the pattern of use and a policy (step 508).”, Note: Overuse of a resource by a user [i.e. resource abuser]); and responsive to determining that the resource user is a resource abuser, transmitting, by the secure resource management system, the response to the client computing system, wherein the response causes access to the resource by the resource user to be restricted or denied ([0096] “If an overuse of the set of resources has not occurred, the process then returns to step 502. Otherwise, the process changes the access to the set of resources by the user (step 510), with the process then returning to step 502 as described above. The change in the access to the set of resources may take a number of different forms. For example, an increased response time may be set to process requests for the set of resources, access may be denied to the set of resources, and in some cases, the account of the user may be suspended or cancelled, depending on the application of the policy to the requests.”, Note: Overuse of a resource by a user [i.e. resource abuser]). Li fails to teach determining, by the secure resource management system, a set of resource abuser criteria for classifying the resource user as a resource abuser, the set of resource abuser criteria comprising … a withholding ratio … and the withholding ratio describes a threshold ratio of a duration of time the resource user occupies the resource to an allowed time for occupying the resource. In analogous art Doganata teaches determining, by the secure resource management system, a set of resource abuser criteria for classifying the resource user as a resource abuser, the set of resource abuser criteria comprising … a withholding ratio … and the withholding ratio describes a threshold ratio of a duration of time the resource user occupies the resource to an allowed time for occupying the resource (Col. 1 lines 33-39: “The second threshold is the percentage of time that the over-utilization can be tolerated. In other words, the likelihood of finding the resource over-utilized. Note that the over-utilization threshold can be exceeded for short periods of time. If the likelihood of fail-over or the virtual machine power-on is negligible, exceeding the over-utilization threshold may be tolerated.”). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li to incorporate the teachings of Doganata to provide fail-over protection and ensure resource reservations are respected (Doganata Col. 1 lines 12-15: “Admission control policies ensure that sufficient resources are available in a cluster to provide fail-over protection and to ensure that virtual machine resource reservations are respected.”). Li and Doganata fail to teach for each of the first query and the second query: determining a confidence value based on the set of resource abuser attributes or the updated set of resource abuser attributes and the set of resource abuser criteria; determining, by the secure resource management system, that the resource user is a resource abuser based on the confidence value. In analogous art Christodorescu teaches for each of the first query and the second query: determining a confidence value based on the set of resource abuser attributes or the updated set of resource abuser attributes and the set of resource abuser criteria (Col. 21 lines 49-59: “In determination block 312, the processing core may use the computed probability/confidence value to determine whether the source component is a critical data resource that is susceptible to misuse and/or requires close monitoring. If the processing core determines that the source component is a critical data resource (i.e., determination block 312="Yes"), in block 314, the processing core may update or train the classifier models to identify the mobile device behaviors and features that are associated with the source component as features/behaviors that require closer, additional, or more detailed monitoring or analysis.”, Note: The mobile device behaviors and features that are associated with the source component is interpreted as the set of resource abuser attributes of the set of resource abuser criteria); determining, by the secure resource management system, that the resource user is a resource abuser based on the confidence value (Col. 21 lines 49-59: “In determination block 312, the processing core may use the computed probability/confidence value to determine whether the source component is a critical data resource that is susceptible to misuse and/or requires close monitoring. If the processing core determines that the source component is a critical data resource (i.e., determination block 312="Yes"), in block 314, the processing core may update or train the classifier models to identify the mobile device behaviors and features that are associated with the source component as features/behaviors that require closer, additional, or more detailed monitoring or analysis.”, Col. 18 lines 20-36: “In various aspects, the behavior observer module 202 and/or the behavior analyzer module 204 may be configured to analyze mobile computing device behaviors by identifying a critical data resource that requires close monitoring, identifying an intermediate resource associated with the critical data resource, monitoring API calls made by a software application when accessing the critical data resource and the intermediate resource, identifying mobile computing device resources that are consumed or produced by the API calls, identifying a pattern of API calls as being indicative of not benign activity by the software application, generating a light-weight behavior signature based on the identified pattern of API calls and the identified mobile computing device resources, using the light-weight behavior signature to perform behavior analysis operations, and determining whether the software application is not benign or benign based on the behavior analysis operations.”, Note: A behavior analyzer determines a behavior signature to determine whether a resource user is benign or not benign based on the behavior analysis operations (determining that the resource user is a resource abuser based on the confidence value)). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li and Doganata to incorporate the teachings of Christodorescu to determine that a resource is critical, susceptible to misuse, and requires close monitoring (Christodorescu Col. 21 lines 49-52: “In determination block 312, the processing core may use the computed probability/confidence value to determine whether the source component is a critical data resource that is susceptible to misuse and/or requires close monitoring.”). Regarding claim 2, Li, Doganata, and Christodorescu teach the method of claim 1, and Li further teaches the set of resource abuser attributes include a resource transaction history associated with the resource user ([0101] “With reference again to step 600, if an entry is not present for the user in the hash table, the process generates an entry for the user in the hash table (step 616), with the process then proceeding to step 612 as described above.”, [0084] “…Hash table 438 is a data structure that uses a hash function to map different values to associated values. For example, the value may be user identifier 440 for user 402 which maps to other information. User identifier 440 is an index used to access state information 442…”, [0085] “State information 442 is information that tracks requests 410 made by user 402. In these illustrative examples, state information 442 takes the form of set of times 444. For example, set of times 444 may include a last time that set of resources 408 was accessed by user 402. Set of times 444 may take the form of timestamps.”, Note: A last time is interpreted as a resource abuser attribute which is a resource transaction history associated with the resource user). Regarding claim 11, Li further teaches a secure resource management system, comprising: a resource record repository configured for storing resource transaction histories associated with resource users ([0101] “With reference again to step 600, if an entry is not present for the user in the hash table, the process generates an entry for the user in the hash table (step 616), with the process then proceeding to step 612 as described above.”, [0084] “…Hash table 438 is a data structure that uses a hash function to map different values to associated values. For example, the value may be user identifier 440 for user 402 which maps to other information. User identifier 440 is an index used to access state information 442…”, [0085] “State information 442 is information that tracks requests 410 made by user 402. In these illustrative examples, state information 442 takes the form of set of times 444. For example, set of times 444 may include a last time that set of resources 408 was accessed by user 402. Set of times 444 may take the form of timestamps.”, Note: Last times are resource transaction histories associated with their respective resource users, and the hash table is interpreted as the resource record repository); and a resource abuser identification subsystem configured for performing operations comprising ([0079] “Resource management application 422 determines whether overuse of set of resources 408 has occurred based on pattern of use 432 and policy 434. Policy 434 is a number of rules. In these illustrative examples, policy 434 defines when a request for access to set of resources 408 results in an overuse of set of resources 408 for different users.”, Note: The resource management application 422 is interpreted as the resource abuser identification subsystem). The other limitations are substantially the same as those of claim 1. Accordingly, it is rejected for substantially the same reasons. Regarding claim 16, Li further teaches a non-transitory computer-readable storage medium having program code that is executable by a processor device to cause a computing device to perform operations, the operations comprising ([0019] “…In the context of this document, a computer readable storage medium may be any tangible medium that can contain or store a program for use by or in connection with an instruction processing system, apparatus, or device.”). The other limitations are substantially the same as those of claim 1. Accordingly, it is rejected for substantially the same reasons. Claims 3, 12-13, and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. Pub. No. US 2012/0331125 Al (hereafter Li) in view of Doganata et al. Pat. No. US 9,391,919 B2 (hereafter Doganata), further in view of Christodorescu et al. Pat. No. US 9,158,604 Bl (hereafter Christodorescu) as applied to claims 1, 2, 11, and 16 above, and further in view of Weiser et al. Pub. No. US 2012/0096153 Al (hereafter Weiser which was cited in the IDS filed 04/24/2024). Regarding claim 3, Li, Doganata, and Christodorescu teach the method of claim 1, and Christodorescu further teaches further comprising determining that the resource user is a … resource abuser by determining that the confidence value (Col. 21 lines 49-59: “In determination block 312, the processing core may use the computed probability/confidence value to determine whether the source component is a critical data resource that is susceptible to misuse and/or requires close monitoring. If the processing core determines that the source component is a critical data resource (i.e., determination block 312="Yes"), in block 314, the processing core may update or train the classifier models to identify the mobile device behaviors and features that are associated with the source component as features/behaviors that require closer, additional, or more detailed monitoring or analysis.”, Col. 18 lines 20-36: “In various aspects, the behavior observer module 202 and/or the behavior analyzer module 204 may be configured to analyze mobile computing device behaviors by identifying a critical data resource that requires close monitoring, identifying an intermediate resource associated with the critical data resource, monitoring API calls made by a software application when accessing the critical data resource and the intermediate resource, identifying mobile computing device resources that are consumed or produced by the API calls, identifying a pattern of API calls as being indicative of not benign activity by the software application, generating a light-weight behavior signature based on the identified pattern of API calls and the identified mobile computing device resources, using the light-weight behavior signature to perform behavior analysis operations, and determining whether the software application is not benign or benign based on the behavior analysis operations.”, Note: A behavior analyzer determines a behavior signature to determine whether a resource user is benign or not benign based on the behavior analysis operations (determining that the resource user is a resource abuser based on the confidence value)). Li, Doganata, and Christodorescu fail to teach further comprising determining that the resource user is a potential resource abuser by determining … the … value is less than a first threshold and higher than a second threshold. In analogous art Weiser teaches further comprising determining that the resource user is a potential resource abuser by determining … the … value is less than a first threshold and higher than a second threshold ([0045] “…In other embodiments, the allocation can remain at the current levels if the usage is below a specified allocation threshold for the resource and above a minimum usage threshold, or otherwise within a desired range.”, Note: Usage is within a desired range (i.e. determining that a value is less than a first threshold and higher than a second threshold)). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li, Doganata, and Christodorescu to incorporate the teachings of Weiser to prevent user abuse of resources (Weiser Abstract: “…preventing abuse by users while also preventing the resource allocations from being underutilized”). Regarding claim 12, it is a machine claim whose limitations are substantially the same as those of claim 3. Accordingly, it is rejected for substantially the same reasons. Regarding claim 13, Li, Doganata, and Christodorescu teach the secure resource management system of claim 11, Li further teaches wherein the set of resource abuser criteria comprises occupying a resource for more than a portion of the threshold duration without releasing the resource ([0099] “A difference between the current time and last time is identified (step 606). A threshold is identified using a policy (step 608). In step 608, the policy may include a rule identifying a threshold to a time interval that is considered overused. For example, the policy may set a threshold for the difference between the current time and the last time.”, [0100] “The process then determines whether the difference between the current time and the last time is greater than the threshold (step 610). If the difference is greater than the threshold, then overuse is not considered to be present and the process returns a "no" result (step 612), with the process terminating thereafter. If the difference is less than the threshold, then a "yes" result is returned (step 614), with the process terminating thereafter.”), and Doganata further teaches wherein the set of resource abuser criteria comprises … and using the resource more than a second threshold ratio of the allowed time of the resource (Col. 1 lines 33-39: “The second threshold is the percentage of time that the over-utilization can be tolerated. In other words, the likelihood of finding the resource over-utilized. Note that the over-utilization threshold can be exceeded for short periods of time. If the likelihood of fail-over or the virtual machine power-on is negligible, exceeding the over-utilization threshold may be tolerated.”). Li, Doganata, and Christodorescu fail to teach the second threshold ratio is lower than a third threshold ratio. In analogous art Weiser teaches the second threshold ratio is lower than a third threshold ratio ([0045] “…In other embodiments, the allocation can remain at the current levels if the usage is below a specified allocation threshold for the resource and above a minimum usage threshold, or otherwise within a desired range.”, Note: A second threshold is lower than a third threshold in a range)). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li, Doganata, and Christodorescu to incorporate the teachings of Weiser to prevent user abuse of resources (Weiser Abstract: “…preventing abuse by users while also preventing the resource allocations from being underutilized”). Regarding claim 17, it is an article of manufacture claim whose limitations are substantially the same as those of claim 3. Accordingly, it is rejected for substantially the same reasons. Regarding claim 18, it is an article of manufacture claim whose limitations are substantially the same as those of claim 13. Accordingly, it is rejected for substantially the same reasons. Claims 5-6, 8, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. Pub. No. US 2012/0331125 Al (hereafter Li) in view of Doganata et al. Pat. No. US 9,391,919 B2 (hereafter Doganata), further in view of Christodorescu et al. Pat. No. US 9,158,604 Bl (hereafter Christodorescu) as applied to claims 1, 2, 11, and 16 above, and further in view of Austin et al. Pub. No. US 2007/0203776 Al (hereafter Austin which was cited in the IDS filed 04/24/2024). Regarding claim 5, Li, Doganata, and Christodorescu teach the method of claim 1. Li, Doganata, and Christodorescu fail to teach wherein the threshold duration comprises at least 90 days. In analogous art Austin teaches wherein the threshold duration comprises at least 90 days ([0095] “…To conserve server memory, any Safe Box which is not accessed after a pre-determined period (90 days, for instance) will be cleared out automatically.”, [0098] “The second list displays a list of denied requests. Once a candidate denies a request, that request will remain in the denied request list for that respective employer for some period of time such as thirty or ninety days. During that time, the employer will NOT be able to send another request for that same resume. This is a precaution that will prevent abuse of the listing service.”, Note: The listing service is interpreted as a resource). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li, Doganata, and Christodorescu to incorporate the teachings of Austin to conserve server memory (Austin [0095] “…To conserve server memory, any Safe Box which is not accessed after a pre-determined period (90 days, for instance) will be cleared out automatically.”). Regarding claim 6, it is a process claim whose limitations are substantially the same as those of claim 5. Accordingly, it is rejected for substantially the same reasons. Regarding claim 8, Li, Doganata, Christodorescu, and Austin teach the method of claim 6, and Li further teaches wherein the set of resource abuser criteria further comprises occupying a second resource for more than the threshold duration without releasing the second resource ([0099] “A difference between the current time and last time is identified (step 606). A threshold is identified using a policy (step 608). In step 608, the policy may include a rule identifying a threshold to a time interval that is considered overused. For example, the policy may set a threshold for the difference between the current time and the last time.”, [0100] “The process then determines whether the difference between the current time and the last time is greater than the threshold (step 610). If the difference is greater than the threshold, then overuse is not considered to be present and the process returns a "no" result (step 612), with the process terminating thereafter. If the difference is less than the threshold, then a "yes" result is returned (step 614), with the process terminating thereafter.”), and Doganata further teaches and utilizing the second resource more than the threshold ratio of an allowed time for occupying the second resource (Col. 1 lines 33-39: “The second threshold is the percentage of time that the over-utilization can be tolerated. In other words, the likelihood of finding the resource over-utilized. Note that the over-utilization threshold can be exceeded for short periods of time. If the likelihood of fail-over or the virtual machine power-on is negligible, exceeding the over-utilization threshold may be tolerated.”). Regarding claim 20, it is an article of manufacture claim whose limitations are substantially the same as those of claim 8. Accordingly, it is rejected for substantially the same reasons. Claims 7 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. Pub. No. US 2012/0331125 Al (hereafter Li) in view of Doganata et al. Pat. No. US 9,391,919 B2 (hereafter Doganata), further in view of Christodorescu et al. Pat. No. US 9,158,604 Bl (hereafter Christodorescu), further in view of Austin et al. Pub. No. US 2007/0203776 Al (hereafter Austin which was cited in the IDS filed 04/24/2024) as applied to claims 5-6, 8, and 20 above, and further in view of Ward et al. Pub. No. US 2018/0183829 Al (hereafter Ward which was cited in the IDS filed 04/24/2024). Regarding claim 7, Li, Doganata, Christodorescu, and Austin teach the method of claim 6. Li, Doganata, Christodorescu, and Austin fail to teach wherein the threshold ratio of the allowed time is equal to or higher than 50%. In analogous art Ward teaches wherein the threshold ratio of the allowed time is equal to or higher than 50% ([0045] “For a specific example with respect to scraping, the usage analytics (as executed, for example, by the RDAP server 140) may identify a user 105 that is issuing (or has issued) query requests 172 that result in the user 105 retrieving a large amount (or a majority of substantially all) of the RDAP data known to the RDAP server 140. This practice may be considered abusive or undesirable because the user 105 may be mining the RDAP data for PII, such as the email addresses and other contact information of domain owners, and using the PII for spam or unwanted marketing. To perform this analysis, the usage analysis may count or calculate the number of RDAP search requests 172 for different domains that have been received from the same user 105 in some given period of time. If the number of RDAP search requests 172 received from the same user 105 exceeds a threshold percentage, such as 50%, of the total number of domains serviced by the RDAP Server 140 during the specified period, such as five minutes, then the RDAP Server 140 may change its normal operation and operate in a remedial or mitigating mode when processing requests 172 from the identified user 105…”). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li, Doganata, Christodorescu, and Austin to incorporate the teachings of Ward to identify and mitigate abusive users (Ward [0045] “For a specific example with respect to scraping, the usage analytics (as executed, for example, by the RDAP server 140) may identify a user 105 that is issuing (or has issued) query requests 172 that result in the user 105 retrieving a large amount (or a majority of substantially all) of the RDAP data known to the RDAP server 140. This practice may be considered abusive or undesirable because the user 105 may be mining the RDAP data for PII, such as the email addresses and other contact information of domain owners, and using the PII for spam or unwanted marketing. To perform this analysis, the usage analysis may count or calculate the number of RDAP search requests 172 for different domains that have been received from the same user 105 in some given period of time. If the number of RDAP search requests 172 received from the same user 105 exceeds a threshold percentage, such as 50%, of the total number of domains serviced by the RDAP Server 140 during the specified period, such as five minutes, then the RDAP Server 140 may change its normal operation and operate in a remedial or mitigating mode when processing requests 172 from the identified user 105…”). Regarding claim 15, it is a machine claim whose limitations are substantially the same as those of claims 6 and 7. Accordingly, it is rejected for substantially the same reasons. Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Li et al. Pub. No. US 2012/0331125 Al (hereafter Li) in view of Doganata et al. Pat. No. US 9,391,919 B2 (hereafter Doganata), further in view of Christodorescu et al. Pat. No. US 9,158,604 Bl (hereafter Christodorescu), further in view of Weiser et al. Pub. No. US 2012/0096153 Al (hereafter Weiser which was cited in the IDS filed 04/24/2024) as applied to claims 3, 12-13, and 17-18 above, and further in view of de Kadt et al. Pat. No. US 10,275,267 Bl (hereafter de Kadt which was cited in the IDS filed 04/24/2024). Regarding claim 10, Li, Doganata, Christodorescu, and Weiser teach the method of claim 3. Li, Doganata, Christodorescu, and Weiser fail to teach further comprising: generating a score for the resource user indicating a likelihood of the resource user becoming a resource abuser in a future time. In analogous art de Kadt teaches further comprising: generating a score for the resource user indicating a likelihood of the resource user becoming a resource abuser in a future time (Col. 2 lines 55-67 and Col. 3 lines 1-4: “To reduce the adverse interference between computing resources instances implemented by the same implementation resources, a resource instance to be provisioned may be assigned a trust rating and implemented by an implementation resource that contains instances with similar trust ratings as the resource instance. As used herein, a trust rating may include an indication of the likelihood that the instance would exhibit responsible and non-abusive behavior toward shared resources, the likelihood that the instance would cause network or security breaches, etc. In some embodiments, the trust rating may be represented by a number, where a higher value may indicate, for example, a higher overall level of trustworthiness. In some embodiments, the trust rating may be represented by a vector or collection of metrics, each may be associated with a quantification for a particular aspect of concern, such as network security, software reliability and the like.”, Note: Trust rating is interpreted as score). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li, Doganata, Christodorescu, and Weiser to incorporate the teachings of de Kadt to reduce competition between resource instances sharing a resource (de Kadt Col. 2 lines 55-60: “To reduce the adverse interference between computing resources instances implemented by the same implementation resources, a resource instance to be provisioned may be assigned a trust rating and implemented by an implementation resource that contains instances with similar trust ratings as the resource instance.”). Claims 14 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Li et al. Pub. No. US 2012/0331125 Al (hereafter Li) in view of Doganata et al. Pat. No. US 9,391,919 B2 (hereafter Doganata), further in view of Christodorescu et al. Pat. No. US 9,158,604 Bl (hereafter Christodorescu) as applied to claims 1, 2, 11, and 16 above, and further in view of Hod et al. Pub. No. US 2018/0150877 Al (hereafter Hod which was cited in the IDS filed 04/24/2024). Regarding claim 14, Li, Doganata, and Christodorescu teach the secure resource management system of claim 11. Li, Doganata, and Christodorescu fail to teach wherein the set of resource abuser criteria further comprises the resource user has an updated address associated with a third party. In analogous art Hod teaches wherein the set of resource abuser criteria further comprises the resource user has an updated address associated with a third party ([0012] “Abuse advertising software filter list (e.g. Easy List, FilterList etc.) is a list of rules some of which are based on regular expressions, that allows abuse advertising software to remove advertisements from webpages, including frames, images, divs and objects…”, [0016] “In addition, any element/advertisement source/URL/domain name/which is suspected as serving advertisements will be block, including any element which is served from a commonly known third-party ad server (such as Google AdSense).”, Note: Any address that matches a filter for a third-party server is considered abusive). It would have been obvious to a person having ordinary skill in the art prior to the effective filing date of the claimed invention to have modified Li, Doganata, and Christodorescu to incorporate the teachings of Hod to filter resource abuse (Hod [0012] “Abuse advertising software filter list (e.g. Easy List, FilterList etc.) is a list of rules some of which are based on regular expressions, that allows abuse advertising software to remove advertisements from webpages, including frames, images, divs and objects…”) Regarding claim 19, it is an article of manufacture claim whose limitations are substantially the same as those of claim 14. Accordingly, it is rejected for substantially the same reasons. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. In particular, US 20110289116 A1 is cited because it discloses a maximum threshold amount of time that a compliant user can access content before a violation. Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUSTIN CHE-CHUN TONG whose telephone number is (703)756-1737. The examiner can normally be reached Monday-Thursday: 7:30 AM to 6:00 PM ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, April Y Blair can be reached on (571)270-1014. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /J.C.T./Examiner, Art Unit 2196 /APRIL Y BLAIR/Supervisory Patent Examiner, Art Unit 2196