SYSTEM AND METHOD FOR ACCESS MANAGEMENT IN AN ORGANIZATION

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Applicant(s) Response to Office Action The response on 11/26/2025 has been entered and made of record. Response to Arguments Applicant’s arguments filed on 11/26/2025 with respect to claim(s) 1 and 6 have been considered but are not persuasive. Applicant argues in Page 18: Hannel is a runtime network-level authorization system focused on filtering communications. It does not address entitlement clarity, governance, workflow-based assignment, organizational-unit segmentation, illegitimate assignment detection, backdoor detection, lifecycle-driven access updating, or time-bound access revocation. These differences are not incremental; they are categorical. Hannel exists in a completely different conceptual layer of security architecture and cannot, even if modified, suggest or motivate the governance-layer functions of the present invention. Regarding the Applicant’s argument, the Examiner would like to state the following: The Applicant’s arguments are not persuasive. The arguments rely on limitations appearing on the specification that are NOT RECITED IN THE CLAIMS. During examination, the claims are interpreted under the Broadest Reasonable Interpretation (BRI), and limitations from the specification are not read into the claims. If Applicant intends the claims to require these limitations, the claims should be amended to explicitly recite said limitations. Hannel teaches the limitation “a data hiding module operable by the one or more processors, and configured to restrict access of data associated with the one or more authorized entities, to the one or more users, based on one or more organization hierarchy;” in Paragraph [0150]: A user group salespeople that does not belong to Engineers and there is an access policy that gives that user group access to sales engineering data, a user who is a member of Salespeople will be able to access sales engineering data, but not software engineering data or hardware engineering data. Hannel discloses that there is some form of hierarchy between the Salespeople and the software/hardware engineering data, as those users are restricted from accessing said data. Hannel also teaches the limitation “a data access module operable by the one or more processors, and configured to grant an access to at least one of the one or more user, the one or more authorized entities, or a combination thereof to access the data associated to the organization-unit, based on one or more condition;” in Paragraph [0106]: Request is granted if the user belongs to a specified user group and the request has a trust level which is at least as high as a sensitivity level belonging to the information resource. Hannel discloses that if the user is allowed access, they are granted access based on meeting necessary requirements. Therefore, the applicant’s arguments are not persuasive. Applicant argues in Page 22: Taken together, Boss operates solely within the authentication risk domain. It never enters the domain of access governance, entitlement creation or assignment, identity lifecycle updates, SoD policy scoping, OU-based segmentation, visibility restriction, workflow control, backdoor detection, criticality scoring, or time-bound revocation. It cannot teach, suggest, or support any of the invention's modules or requirements. Boss resides entirely in the authentication layer; the invention resides entirely in the enterprise access-govemance layer. They address different problems, use different data structures, operate in different stages of the identity lifecycle, and solve challenges in different security domains. As such, Boss cannot anticipate, suggest, or render obvious the access-governance mechanisms of the present invention, even when combined with Hannel. Regarding the Applicant’s argument, the Examiner would like to once again state the following: The Applicant’s arguments are not persuasive. The arguments rely on limitations appearing on the specification that are NOT RECITED IN THE CLAIMS. During examination, the claims are interpreted under the Broadest Reasonable Interpretation (BRI), and limitations from the specification are not read into the claims. If Applicant intends the claims to require these limitations, the claims should be amended to explicitly recite said limitations. Therefore, the applicant’s arguments are not persuasive. Applicant argues in Page 26: For these reasons, neither Hannel nor Boss suggests, or motivates the claimed invention. Nor would a POSITA, starting from these references, be able to arrive at the present invention without impermissible hindsight. Their combination produces no teaching toward the invention's modules, governance logic, workflow orchestration, or organizational segmentation. Regarding the Applicant’s argument, the Examiner would like to once again state the following: The Applicant’s arguments are not persuasive. The arguments rely on limitations appearing on the specification that are NOT RECITED IN THE CLAIMS. During examination, the claims are interpreted under the Broadest Reasonable Interpretation (BRI), and limitations from the specification are not read into the claims. If Applicant intends the claims to require these limitations, the claims should be amended to explicitly recite said limitations. Regarding the terms used in the arguments “governance logic, workflow orchestration, and organizational segmentation, the Examiner would like to state the following, those terms do not appear explicitly in the claims and therefore the argument that Hannel nor Boss suggests/teaches is moot. Therefore, the applicant’s arguments are not persuasive. Applicant argues in Page 28: Combining Hannel's request-filtering with Boss's risk-based MFA inherently fails to produce an OU-anchored, entitlement-governance, lifecycle-orchestration system as claimed, and the examiner's reasoning relies on the impermissible use of hindsight to reconstruct the applicant's multi-layered governance design from two references that do not teach any of its core principles. The present invention occupies a distinct conceptual, architectural, and functional domain, and therefore the rejection under §103 must be withdrawn. Regarding the Applicant’s argument, the Examiner would like to once again state the following: The Applicant’s arguments are not persuasive. The arguments rely on limitations appearing on the specification that are NOT RECITED IN THE CLAIMS. During examination, the claims are interpreted under the Broadest Reasonable Interpretation (BRI), and limitations from the specification are not read into the claims. If Applicant intends the claims to require these limitations, the claims should be amended to explicitly recite said limitations. The Examiner would also like to state the following. Incorproating the teachings of Boss and Hannel allows for a system that is able to perform access control management in an organization. Boss teaches revoking access, generating a score, violation points and restricting users from accessing data while Hannel discloses allowing or restricting access based on the user’s condition. Therefore, the applicant’s arguments are not persuasive. Applicant argues in Page 28: Independent claim 6 recites subject matter analogous to independent claim 1 and for the above reasons, said claim is non-obvious over Hannel and Boss. Further, dependent claims 2-5 and 7 are also non-obvious over Hannel and Boss at least by virtue of their dependency on independent claims 1 and 6. Regarding the Applicant’s arguments, the Examiner would like to state the following. The applicant’s arguments are not persuasive due to the reasons stated by the Examiner regarding Claim 1. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-7 are rejected under 35 U.S.C. 103 as being unpatentable over Hannel (US20170118221) in view of Boss (US20150324559). Regarding Claim 1, Hannel discloses: a data hiding module operable by the one or more processors, and configured to restrict access of data associated with the one or more authorized entities, to the one or more users, based on one or more organization hierarchy; (Paragraph [0150] Examiner Note (E.N.) A user group Salespeople that does not belong to Engineers and there is an access policy that gives that user group access to sales engineering data, a user who is a member of Salespeople will be able to access sales engineering data, but not software engineering data or hardware engineering data.) a data access module operable by the one or more processors, and configured to grant an access to at least one of the one or more user, the one or more authorized entities, or a combination thereof to access the data associated to the organization-unit, based on one or more conditions; and (Paragraph [0106] E.N. The database responds to an access request from access filter which identifies a user and an information resource with an indication of whether the request will be granted or denied. Request is granted if the user belongs to a specified user group and the request has a trust level which is at least as high as a sensitivity level belonging to the information resource.) Hannel does not, but in related art, Boss discloses: A system for access management in an organization comprising: (Paragraph [0004] Examiner Note (E.N.) A computer system for managing an authentication policy for a user on a network of an organization is provided.) one or more processors; (Paragraph [0004] E.N. The computer system comprises a processor configured to execute the computer readable instruction.) a data denial management module operable by the one or more processors, and configured to restrict one or more users from operating unsolicited data associated to the organization, wherein the unsolicited data is unassigned to the corresponding one or more users; (Paragraph [0013] E.N. The risk assessment module determines the user’s security risk that relates to a degree of protection for the information which the user may have access to or possess.) a security breach pointing module operable by the one or more processors, and configured to: (Paragraph [0004] E.N. A computer system for managing an authentication policy for a user on a network of an organization is provided.) identify one or more violation points by at least one of the one or more users within the organization based on violation of one or more policies by the corresponding one or more users, wherein the one or more policies is created by one or more authorized entities within the organization; (Paragraph [0017] E.N. The historical attributes relate the user’s past behavior that indicates the riskiness of exposing the information that the user has access to an possesses. The historical attributes include a number of security violation the user has committed. The violations include loss of a device that the user used to access the information, remote wipeout of such a device, password reset, user account lockout etc. A higher risk value is assed for higher number of incidents.) identify one of illegitimate assignments or back door entry access assignments by the one or more users, upon comparing access data present on identity of the organization with assigned access data of the corresponding one or more users using one or more attributes associated to the corresponding one or more users; (Paragraph [0014] E.N. The attribute of the user is categorized into organizational attributes, network attributes, historical attributes and social media attributes. The organizational attributes of a user are the attributes that the user has as a member of an organization. The organization attributes indicate the type and sensitivity of information that the user is able to access or possess as a member of the organization, as well as risk of exposing the information. The risk assessment module assigns risk value based on the position on the user- higher the role (CFO, vice president) the bigger the risk value.)) an access management module operable by the one or more processors, and configured to: detect one or more parameters associated with a status of the corresponding one or more users; trigger one or more workflows pertaining to the change event and assigns dicta of personnel based upon the task or step involved; (Paragraph [0021] E.N. The risk assessment module is configured to generate a risk assessment score for a user from the risk value assigned to different attributes of the user. The risk assessment module imposes upper and/or lower limits on the risk assessment score based on the organizational role of a user. The risk assessment module sends the risk assessment score to the authentication policy adjusting module. The authentication policy adjusting module is also configured to adject the authentication policy for a user based on the risk assessment score and the attributes of the user (See [0022]). a data assessment module operable by the one or more processors, and configured to generate a score representative of a criticality level of the access of data of at one of the organization, the one or more authorized entities, or a combination thereof, by the one or more users; (Paragraph [0021] When the user is a helpdesk staff member of a corporation, the risk assessment module imposes an upper limit on the this user’s risk assessment score. Similarly, when the user is a CFO of the corporation, the risk assessment module imposes a lower limit on this user’s risk assessment score. The lower and upper limit on the risk assessment score relate to a minimum level and a maximum level of authentication policy.) an access revocation module operable by the one or more processors, and configured to revoke access of at least one of the one or more user, the one or more authorized entities, or a combination thereof upon accessing the data associated to the organization upon execution of a pre-set instructions. (Paragraph [0040] E.N. The authentication policy management system adjusts the authentication policy for the user based on the risk assessment score generated/ It also adjusts the authentication policy by switching between different predetermined authentication policies whenever the risk assessment score for the user changes. One of ordinary skill in the art can deduce, access may be revoked if the risk assessment score of a user changes.) Therefore, it would be obvious to one of ordinary skill in the art, prior to the effective filing date of the claimed invention to have modified Hannel to incorporate the teachings of Boss because Hannel does not explicitly disclose revoking access, generating a score, violation points and restricting users from accessing data which is taught by Boss. Incorporating the teachings of Boss to Hannel allows for a system that is able to perform access control management in an organization/enterprise. Regarding Claim 2, Hannel in view of Boss discloses the system of claim 1. Hannel further discloses wherein the one or more parameters comprises at least one of an identity status change event, a responsibility change, or a combination thereof within the organization. (Paragraph [0542] E.N. The parameter list specifies information that is provided to the function to authenticate the user and find the information necessary to determine whether the user is a member of a custom-authenticated user group in a directory via the LDAP protocol.) Regarding Claim 3, Hannel in view of Boss discloses the system of claim 1. Hannel further discloses wherein the one or more conditions comprises at least one of a customer identity, work time comprising a date and time to solicit logging credentials of the one or more users within the organization, or a combination thereof. (Paragraph [0168] E.N. The access filter observes an attempt by a user to initiate a session with a service, it determines whether access should be permitted. It does so from the known identity of the user, information resource to which the information is being accessed.) Regarding Claim 4, Hannel in view of Boss discloses the system of claim 1. Hannel does not, but in related art, Boss discloses comprising an event triggered workflow module operable by the one or more processors, and configured to operate an access to of the one or more users based on one or more events associated to the one or more users. (Paragraph [0017] E.N. The historical attributes relate the user’s past behavior that indicates the riskiness of exposing the information that the user has access to an possesses. The historical attributes include a number of security violation the user has committed. The violations include loss of a device that the user used to access the information, remote wipeout of such a device, password reset, user account lockout etc. A higher risk value is assed for higher number of incidents.) Therefore, it would be obvious to one of ordinary skill in the art, prior to the effective filing date of the claimed invention to have modified Hannel to incorporate the teachings of Boss because Hannel does not explicitly disclose event triggered workflow which is taught by Boss. Incorporating the teachings of Boss to Hannel allows for the system to use events to dynamically change what the user can or cannot access. Regarding Claim 5, Hannel in view of Boss discloses the system of claim 1. Hannel further discloses comprising a bot handling module operable by the one or more processors, (Paragraph [0012] E.N. The access filter is a set of software and hardware components in the computer system that checks all request from outside the internal network for information stored inside the internal network and only sends a request on into the internal network if it is from a source that has the rights to access the information.) and configured to manage one or more bots as identities within a corresponding organization unit which is maintained by the one or more authorized entities, wherein the operation of the bot comprises start, stop and termination, assignment of access, or a combination thereof to be performed upon being assigned by the corresponding one or more authorized entities. (Paragraph [0171] E.N. The access filter uses its own copy of access control database to determine whether the user who originates a session has access to the information resource specified for the session. If access filter determines so, then it permits the session to proceed.) Regarding Claim 6, Hannel discloses A method for access management in an organization comprising: assigning entitlements to at least one person within an organization unit based on a designation associated to the corresponding at least one person; (Paragraph [0126] E.N. The user groups specified in the administrative policy and policy maker policy portions of databases are user groups of administrators. Administrative authority is delegated by defining groups of administrators and the objects over which they can control in the database.) enabling the at least one person within an organization unit to view the assigned entitlement; (Paragraph [0164] E.N. The Security Officer user group sets up an Engineering Administrators administrative user group, an engineers user group, and an Engineering Data information set and has given Engineering Admins administrative authority over Engineers and Engineering Data.) enabling at least one authorized user within an organization unit for creating one or more role objects, wherein creating one or more role objects comprises IT roles and organization roles fitting various IT functions of the organization unit; (Paragraph [0163] E.N. The Security Officer user group has administrative authority over all of the built-in objects and over policy maker policy. Members of Security Officer user group use their admin authority to make subset of objects, rearrange the object hierarchies and set up policy maker policy.) limiting a number of accessible entitlements to only a few for enabling the at least one authorized person to focus on understanding the accessible entitlements and assigning accessible entitlements to one or more right identities within the organization unit; (Paragraph [0164] The Security Officer gives the Engineering Administrator administrative authority over Engineers and Engineering Data. The Security Officer also sets up policy maker policy so that the Engineering Administrator has the right to make access policy for Engineering Data. Engineering Administrator only has authority over Engineering Data and Engineers.) ensuring access is only assigned (Paragraph [0207] E.N. Defining a user group involves the steps of: first the users are defined, then the user group is defied and then the users are assigned to the proper user groups.) creating SOD policies within the organization unit for ensuring non-conflicting access is not assigned to same identity; (Paragraph [0151] E.N. If multiple polices allow or deny a user group’s access to an information set, policies that deny access prevail. If a particular user is a member of multiple user groups, and multiple policies allow or deny access to the information set, policies that deny access prevail. One of ordinary skill in the art can determine a form of SOD policies is created. A user would not be able to access multiple files even if overall they have access to said information.) involving key personnel in the process of access assignment for mapping employee or identity status changes to the right access changes without changing the meaning of a job profile of the at least one person; (Paragraph [0271] E.N. The process of updating all of the live databases is called database synchronization and distribution. There are three phases: modification is sent from the access filter to which the master database belongs, then changes are incorporated into the master database and finally the changes are distributed from the Master Policy manager to other Access filters. If two admins modified the same piece of information in different databases, the master policy manager decides which modification to incorporate into access control database (See [0277])) Hannel does not, but in related art, Boss discloses and treating backdoor access entries as violations by one of at least one person or at least one authorized user; (Paragraph [0017] E.N. The security violations may include loss of a device that the user used to access the information, a remote wipeout of such a device, a password reset, a user account lockout etc.) and limiting malicious and unintended assignment of access to the wrong identities within the organization unit. (Paragraph [0013] E.N. The risk assessment module determines the user’s security risk that relates to a degree of protection for the information which the user may have access to or possess.) Therefore, it would be obvious to one of ordinary skill in the art, prior to the effective filing date of the claimed invention to have modified Hannel to incorporate the teachings of Boss because Hannel does not explicitly disclose identifying status changes to the right of access for employees as well as limiting malicious and unintended assignment of access which is taught by Boss. Incorporating the teachings of Boss to Hannel allows for the use of policies and scores to determine bad actors within the organization and mitigate said bad actors for better security. Regarding Claim 7, Hannel in view of Boss discloses the method of claim 6. Hannel further discloses comprising: dividing all entitlements within organization across organization units for enabling accessibility only to Organization-Unit functions which aligns with the function of the entitlements; (Paragraph [0236] E.N. User group tables further organize the user groups into a hierarchy- both for the purpose of inheritance and also for hierarchical display of user groups.) dividing entitlements across job profiles and protecting the divided entitlements with policies so that conflicting job profiles are never assigned conflicting accesses; (Paragraph [0277] E.N. If two admins have modified the same piece of information, the master policy manager decides which modification to incorporate into access control database.) separating duties for ensuring identity change events are handled as per the role within organization unit; (Paragraph [0159] Member of an admin user group that administers a hardware engineers user group may make administrative policy that gives admins of the hardware engineers to a hardware engineering administrator user group, thereby delegating administration of hardware engineers to hardware engineering administrator. The right to administer an information set is sperate from the right to make access policy for the information set.) permitting easy implementation of secondary organization unit assignment to identity; (Paragraph [0151] E.N. A user may belong to multiple user groups, if multiple policies allow or deny a user groups access to an information, policies that deny will prevail.) Hannel does not, but in related art, Boss discloses providing view of all accesses assigned during each step of the identity lifecycle event of the corresponding identity within the organization unit; (Paragraph [0016 and 0017] E.N. The network activity attributes indicate the risk of exposing the information that the user is able to access or process. The historical attributes relate to the user’s past behavior that indicate riskiness of exposing the information that the user may access or possess. One of ordinary skill in the art can determine the system is able to see what the person has had access to and give their judgement (risk score) on the user.) triggering configurable workflow processes whenever identity change event occurs so that one or more authorized entities have cognizance of the change and the access change involved; and incorporating entitlement changes of the organization role for assigning or unassigning the changes to respective identities. (Figure 1 E.N. The risk assessment module uses different attributes to determine the risk score and adjust the policy based on the risk score. One of ordinary skill in the art can determine changes in the identity (found using historical attributes, social media attributes, network activity attributes) triggers the risk assessment module to determine the dynamically changing risk score of the user.) Therefore, it would be obvious to one of ordinary skill in the art, prior to the effective filing date of the claimed invention to have modified Hannel to incorporate the teachings of Boss because Hannel does not explicitly disclose identifying status changes to the right of access for employees as well as view of all accesses assigned which is taught by Boss. Incorporating the teachings of Boss to Hannel allows for the use of policies and scores to determine bad actors within the organization and mitigate said bad actors for better security. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to AAYUSH ARYAL whose telephone number is (571)272-2838. The examiner can normally be reached 8:00 a.m. - 5:30 p.m.. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /AAYUSH ARYAL/Examiner, Art Unit 2435 /AMIR MEHRMANESH/Supervisory Patent Examiner, Art Unit 2491