Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawings
The drawings filed on: 04/25/2024 are accepted.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-3, 5, 6, 8-13, 15, 16 and 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kiernan et al (US Patent: 11070579, issued: Jul. 20, 2021, filed: Feb. 9, 2018) in view of Hill (US Application: US 20190089742, published: Mar. 21, 2019, filed: Sep. 18, 2017) in view of Minarik et al (US Patent: 11841769, issued: Dec. 12, 2023, filed: Aug. 12, 2021).
With regards to claim 1, Kiernan et al teaches a method (Fig. 5: a computer implemented method using a processor and memory is shown) for managing assets in a computing system, the method comprising:
displaying an interactive graph on a display of a computing device, wherein the interactive graph includes policy nodes and asset nodes and wherein the interactive graph illustrates relationships between the policy nodes and the asset nodes, wherein each of the policy nodes is associated with a policy and each of the asset nodes is associated with an asset (Fig 11, column 7, lines 15-37, column 10, lines 12-36, column 17, lines 9-30: an inventory of assets belonging to a target domain entity is displayed, where the assets are nodes that show gleaned relationship (s) to particular domain asset(s). The visualized relationship(s) of asset(s) linking to each domain node is interpreted as having an existing connection policy to a particular domain);
receiving input at the computing device related to adjusting at least one parameter associated with the interactive graph (Fig. 24, column 18, lines 45-57: a user can provide a view parameter associated with the graph);
and modifying the interactive graph such that [actions] … are presented visually … (Fig. 11, Fig. 24, column 18, lines 45-57: a user can provide input parameter data (i.e. such as in the form of particular identifying selection(s)) to interact and view particular elements of the graph and the graph is visually updated based upon the user input selection(s)).
However Kiernan et al does not expressly teach generating recommendations for assigning unprotected assets to a policy; and modifying the interactive graph such that the recommendations are presented visually, wherein the assets include protected assets and unprotected assets, wherein the recommendations are graphically illustrated and identify which of the policies are recommended for which of the assets.
Yet Hill teaches generating [selected action(s)] … for assigning unprotected assets to a policy; and modifying the interactive graph such that the [selected actions] … [selected actions] are presented visually, wherein the assets include protected assets and unprotected assets, wherein the [selected actions] are graphically illustrated and identify which of the policies are [selected actions] for which of the assets (paragraphs 0013, 0128, 0145-0148, Fig. 11B: a user can provide a variety of actions for assets to be associated with a policy/security zone (at least one of these actions include a dragging of an unprotected/unassigned asset to a particular security zone (a ‘zone’ is considered as representing the claimed ‘node’)). These actions can be reflected within a graph that depicts various policy relationships for individual assets (the assets relating to no security zone , or less security zone to a highest security zone (interpreted as protected)).
It would have been obvious to one of ordinary skill in the art before the effective filing of the invention to have modified Kiernan et al’s ability to implement and display an interactive graph having visual depiction(s) showing relationship(s) between network access policy nodes of domain(s) and asset nodes (of protected and unprotected assets) and Kiernan et al’s ability to update the interactive graph based upon user interaction events, such that the displayed relationships of the graph could be modified to selectively display relationships of assets assigned to a particular policy as taught by Hill. The combination would have allowed network security policy stakeholders to visualize the effect of proposed rule changes in … a network (Hill, paragraphs 0005).
However although the combination of Kiernan et al and Hill teaches generating selectable actions and update a graph display based on the result of the selectable actions, the combination does not expressly teach the selectable actions are recommended selectable actions.
Yet Minarik et al teaches the selectable actions are recommended selectable actions (with regards to assigning unprotected asset(s) to a policy), see Fig. 7, column 7, lines 37-44, column 8, lines 30-47, 60-67 and column 9, lines 1-24. More specifically, these cited locations of Minarik shows/explains that actions for assigning unprotected asset(s) to a policy are suggested to a user and the asset(s) are clustered according to affinity score that is based on different metrics/parameters (the examiner interprets the metrics of each asset as attributing to its claimed ‘type’)).
It would have been obvious to one of ordinary skill in the art before the effective filing of the invention to have modified Kiernan et al and Hill’s ability to apply a selected action of assigning an asset to a policy and then have an interactive graph diagram reflect the latest relationship assignment(s), such that the selected action could have been due to a recommendation, as taught by Minarik et al. The combination would have allowed Kiernan et al and Hill to have implemented “a data asset protection system that leverages asset metadata to identify common characteristics of assets and use that data to automatically provide new asset policy assignments” (Minarik et al, column 1, lines 57-60).
With regards to claim 2. The method of claim 1, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising performing an asset clustering operation to cluster the assets based on asset clustering parameters (Minarik was shown/explained in the rejection of claim 1 to teach that actions for assigning unprotected asset(s) to a policy are suggested to a user and the asset(s) are clustered according to affinity score that is based on different metrics/parameters), as similarly explained in the rejection of claim 1, and is rejected under similar rationale.
With regards to claim 3. The method of claim 2, the combination of Kiernan et al, Hill and Minarik et al teaches wherein the asset clustering parameters include one or more of a size, a network, a change rate, an asset type, a sensitivity, a name, a security level, a retention, password protected, load, availability, busy hours, up time, and/or past protected, as similarly explained in the rejection of claim 1 (Minarik was shown/explained in the rejection of claim 1 to teach that actions for assigning unprotected asset(s) to a policy are suggested to a user and the asset(s) are clustered according to affinity score that is based on different metrics/parameters (the examiner interprets the metrics of each asset as attributing to its claimed ‘type’), and is rejected under similar rationale.
With regards to claim 5. The method of claim 1, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising performing a policy clustering operation to cluster the policies based on policy clustering parameters, as similarly explained in the rejection of claim 1 (Minarik was shown/explained in the rejection of claim 1 to teach that actions for assigning unprotected asset(s) to a policy are suggested to a user and the asset(s) are clustered according to affinity score that is based on different metrics/parameters (the examiner interprets the metrics of each asset as attributing to its claimed ‘type’), and is rejected under similar rationale.
With regards to claim 6. The method of claim 5, the combination of Kiernan et al, Hill and Minarik et al teaches wherein the policy clustering parameters include one or more of asset type, retention, estimated recovery point objective, storage target, schedule, location, and/or replication/cloud tier, as similarly explained in the rejection of claim 1 (Minarik was shown/explained in the rejection of claim 1 to teach that actions for assigning unprotected asset(s) to a policy are suggested to a user and the asset(s) are clustered according to affinity score that is based on different metrics/parameters (the examiner interprets the metrics of each asset as attributing to its claimed ‘type’), and is rejected under similar rationale.
With regards to claim 8. The method of claim 1, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising adjusting co-dependent parameters and modifying the interactive graph such that changes in the interactive graph related to the adjusted co-dependent parameters are displayed (as similarly explained in the rejection of claim 1, Kiernan et al and Hill were combined to teach that the graph can be updated/adjusted based upon selected assignment(s) of assets to polic(ies) and the examiner interprets each of the individual assignments correlating to one or more relationship(s) (claimed ‘co-dependent parameters)), and is rejected under similar rationale.
With regards to claim 9. The method of claim 1, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising dragging an unprotected asset node onto a policy node or a policy cluster to assign corresponding policies to the corresponding asset (as similarly explained in the rejection of claim 1, Hill was explained to teach in paragraphs 0013, 0128, 0145-0148, Fig. 11B, that a user can provide a variety of actions for assets to be associated with a policy/security zone (at least one of these actions include a dragging of an unprotected/unassigned asset to a particular security zone (a ‘zone’ is considered as representing the claimed ‘node’)). These actions can be reflected within a graph that depicts various policy relationships for individual assets (the assets relating to no security zone , or less security zone to a highest security zone (interpreted as protected)), and is rejected under similar rationale.
With regards to claim 10. The method of claim 1, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising executing a function to determine a preferability of each policy cluster to protect an asset cluster, wherein the function is based on user preferences and parameters (as similarly explained in the rejection of claim 1, Hill was explained to teach in paragraphs 0013, 0128, 0145-0148, Fig. 11B, that a user can provide a variety of actions for assets to be associated with a policy/security zone (at least one of these actions include a dragging of an unprotected/unassigned asset to a particular security zone (a ‘zone’ is considered as representing the claimed ‘node’ of a cluster of assets, the dragging input is consider positional parameter data that is processed, and the selected zone post dragging is considered/interpreted as the user policy preference for the zone/cluster of asset(s))), and is rejected under similar rationale.
With regards to claim 11, the combination of Kiernan et al, Hill and Minarik et al teaches a non-transitory storage medium having stored therein instructions that are executable by one or more hardware processors to perform operations comprising: displaying an interactive graph on a display of a computing device, wherein the interactive graph includes policy nodes and asset nodes and wherein the interactive graph illustrates relationships between the policy nodes and the asset nodes, wherein each of the policy nodes is associated with a policy and each of the asset nodes is associated with an asset; receiving input at the computing device related to adjusting at least one parameter associated with the interactive graph; generating recommendations for assigning unprotected assets to a policy; and modifying the interactive graph such that the recommendations are presented visually, wherein the assets include protected assets and unprotected assets, wherein the recommendations are graphically illustrated and identify which of the policies are recommended for which of the assets, as similarly explained in the rejection of claim 1, and is rejected under similar rationale.
With regards to claim 12. The non-transitory storage medium of claim 11, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising performing an asset clustering operation to cluster the assets based on asset clustering parameters, as similarly explained in the rejection of claim 2, and is rejected under similar rationale.
With regards to claim 13. The non-transitory storage medium of claim 12, the combination of Kiernan et al, Hill and Minarik et al teaches wherein the asset clustering parameters include one or more of a size, a network, a change rate, an asset type, a sensitivity, a name, a security level, a retention, password protected, load, availability, busy hours, up time, and/or past protected, as similarly explained in the rejection of claim 3, and is rejected under similar rationale.
With regards to claim 15. The non-transitory storage medium of claim 11, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising performing a policy clustering operation to cluster the policies based on policy clustering parameters, as similarly explained in the rejection of claim 5, and is rejected under similar rationale.
With regards to claim 16. The non-transitory storage medium of claim 15, the combination of Kiernan et al, Hill and Minarik et al teaches wherein the policy clustering parameters include one or more of asset type, retention, estimated recovery point objective, storage target, schedule, location, and/or replication/cloud tier, as similarly explained in the rejection of claim 6, and is rejected under similar rationale.
With regards to claim 18. The non-transitory storage medium of claim 11, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising adjusting co-dependent parameters and modifying the interactive graph such that changes in the interactive graph related to the adjusted co-dependent parameters are displayed, as similarly explained in the rejection of claim 8, and is rejected under similar rationale.
With regards to claim 19. The non-transitory storage medium of claim 11, the combination of Kiernan et al, Hill and Minarik et al teaches the combination of Kiernan et al, Hill and Minarik et al teaches further comprising dragging an unprotected asset node onto a policy node or a policy cluster to assign corresponding policies to the corresponding asset, as similarly explained in the rejection of claim 9, and is rejected under similar rationale.
With regards to claim 20. The non-transitory storage medium of claim 11, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising executing a function to determine a preferability of each policy cluster to protect an asset cluster, wherein the function is based on user preferences and parameters, as similarly explained in the rejection of claim 10, and is rejected under similar rationale.
Claim(s) 4, 7, 14 and 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kiernan et al (US Patent: 11070579, issued: Jul. 20, 2021, filed: Feb. 9, 2018) in view of Hill (US Application: US 20190089742, published: Mar. 21, 2019, filed: Sep. 18, 2017) in view of Minarik et al (US Patent: 11841769, issued: Dec. 12, 2023, filed: Aug. 12, 2021) in view of Raghuramu et al (US Application: 20210306354, published: Sep. 30, 2021, filed: Mar. 31, 2020).
With regards to claim 4. The method of claim 2, the combination of Kiernan et al, Hill and Minarik et al teaches further comprising… the at least one of the asset clustering parameters and modifying the interactive graph such that changes in the interactive graph related to the … at least one of the asset clustering parameters are displayed, as similarly explained in the rejection of claim 2, and is rejected under similar rationale.
However the combination does not expressly teach … adjusting at least one of the asset clustering parameters and modifying the interactive graph such that changes in the interactive graph related to the adjusted at least one of the asset clustering parameters are displayed.
Yet Raghuramu et al teaches … adjusting at least one of the asset clustering parameters (paragraph 0026: a user can configure/adjust clustering , such as with behavior and classification based parameters) and modifying the interactive graph such that changes in the interactive graph related to the adjusted at least one of the asset clustering parameters are displayed (paragraph 0044, 0096, 0097 and 0103: the clusters are displayed based upon the clustering configuration(s)).
It would have been obvious to one of ordinary skill in the art before the effective filing of the invention to have modified Kiernan et al, Hill and Minarik et al’s ability to use parameter data to perform clustering of data and reflect the clustering in a display of graph data, such that the parameter data is adjustable/configurable, and the display of can be updated when the user makes changes, as taught by Raghuramu et al. The combination would have allowed enabled determination of one or more anomalies, depiction or visualization the clusters and the one or more anomalies and … performed actions to have enabled rapid response (Raghuramu et al, paragraph 0012).
With regards to claim 7. The method of claim 5, Kiernan et al, Hill, Minarik et al and Raghuramu et al teaches further comprising adjusting at least one of the policy clustering parameters and modifying the interactive graph such that changes in the interactive graph related to the adjusted at least one of the policy clustering parameters are displayed, as similarly explained in the rejection of claim 4, and is rejected under similar rationale.
With regards to claim 14. The non-transitory storage medium of claim 12, Kiernan et al, Hill, Minarik et al and Raghuramu et al teaches further comprising adjusting at least one of the asset clustering parameters and modifying the interactive graph such that changes in the interactive graph related to the adjusted at least one of the asset clustering parameters are displayed, as similarly explained in the rejection of claim 4, and is rejected under similar rationale.
With regards to claim 17. The non-transitory storage medium of claim 15, Kiernan et al, Hill, Minarik et al and Raghuramu et al teaches further comprising adjusting at least one of the policy clustering parameters and modifying the interactive graph such that changes in the interactive graph related to the adjusted at least one of the policy clustering parameters are displayed, as similarly explained in the rejection of claim 4, and is rejected under similar rationale.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Liu et al (US Patent: 11874901): This reference teaches network flow analysis and allowing a user to configure clustering of network data.
Bestmann et al (US Application: US 20130111610): This reference teaches temporally controlling access to software assets on user devices.
Ranganathan et al (US Application: US 2017/0010787): This reference teaches implementing an interactive graph which allows a user to view relationships between assets and other nodes.
Rieke et al (US Application: US 20180069865): This reference teaches creating and modifying access control lists.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILSON W TSUI whose telephone number is (571)272-7596. The examiner can normally be reached Monday - Friday 9 am -6 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Adam Queler can be reached at (571) 272-4140. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/WILSON W TSUI/Primary Examiner, Art Unit 2172