DETAILED ACTION
Claims 1-20 are pending and have been examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
It is noted that no Information Disclosure Statement has been filed.
No IDS has been received for this application. Applicants are reminded of the Duty to Disclose, from section 2001 of the MPEP (emphasis added). MPEP 2001 Duty of Disclosure, Candor, and Good Faith [R-08.2012] 37 C.F.R. 1.56 Duty to disclose information material to patentability.
(a) A patent by its very nature is affected with a public interest. The public interest is best served, and the most effective patent examination occurs when, at the time an application is being examined, the Office is aware of and evaluates the teachings of all information material to patentability. Each individual associated with the filing and prosecution of a patent application has a duty of candor and good faith in dealing with the Office, which includes a duty to disclose to the Office all information known to that individual to be material to patentability as defined in this section.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claim(s) recite(s) making an evaluation in response to receiving information and performing an action.
This judicial exception is not integrated into a practical application because they are broad enough to cover making a determination in the mind, other than the generic computer components.
Regarding Prong One, these steps, aggregating, tracking, and comparing/determining a threshold, as drafted, is a process that under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “apparatus” and “processing system”, nothing in the claim element precludes the step from practically being performed in the human mind and/or with printed logs and counting. For example, but for the “apparatus” language, the claim encompasses a user determining a usage threshold based on printed logs and removing a user access permission to something, perhaps a computer system, but broad enough to block a user/person from accessing a particular building.
Regarding Prong Two, there are no additional element(s) or a combination of elements in the claim that apply, rely on, or use the judicial exception in a manner that imposes a meaningful limit on the judicial exception, such that it is more than a drafting effort designed to monopolize the exception.
The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the claims only use generic computer components. Mere instructions to apply an exception using generic components cannot provide an inventive concept. Additionally, the mere nominal recitation of a generic processor does not take the claim limitation out of the mental processes grouping. Thus, the claims recite a mental process and are not patent eligible.
The claims are directed to well-understood, routine, and conventional activity as evidenced by the “background of the invention” section and the cited references.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
Claims 1-5, 9-15, and 19-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Sankavaram (20200252405).
Regarding claims 1, 11, and 20, Sankavaram teaches A method comprising: / An apparatus comprising: one or more computer readable storage media; a processing system operatively coupled with the one or more computer readable storage media; and program instructions stored on the one or more computer readable storage media that, when read and executed by the processing system, direct the apparatus to:/ A method comprising (abstract, par.30-38):
accessing audit logs for a plurality of data environments, wherein the audit logs indicate which permissions were used for the plurality of data environments during and corresponding times in which the permissions were used (par.28-34, 53-59, 63-70, based on logs determine permission usage);
aggregating the permissions into timeframes based on the corresponding times (par.69-77, count and cluster determinations for permission usage);
tracking, in a database, a number of times each of the permissions was used in each of the timeframes (par.92-98, determine usage for permissions over period); and
in response to a permission of the permissions satisfying a usage threshold during one or more of the timeframes, removing the permission / receiving a query about permission usage for the plurality of data environments, wherein the query identifies a time period for a search; identifying one or more of the timeframes corresponding to the time period; determining an answer to the query from a subset of the permissions in the one or more timeframes; and returning the answer (par.101-109, remove unused permissions).
Regarding claims 2 and 12, Sankavaram teaches wherein the timeframes are shorter nearer to a present time and longer farther from the present time (par.71-77, 102-118).
Regarding claims 3 and 13, Sankavaram teaches wherein the usage threshold is greater for timeframes farther from the present time and lower for timeframes nearer to the present time (par.71-77, 102-118).
Regarding claims 4 and 14, Sankavaram teaches wherein the usage threshold is one of multiple usage thresholds corresponding to different timeframes that are satisfied, and wherein removing the permission comprise:removing the permission in response to the multiple usage thresholds being satisfied (par.116-124).
Regarding claims 5 and 15, Sankavaram teaches comprising: receiving a query about permission usage for the plurality of data environments, wherein the query identifies one or more of the timeframes for search; determining an answer to the query from a subset of the permissions in the one or more timeframes; and returning the answer (par.101-109).
Regarding claims 9 and 19, Sankavaram teaches comprising:enforcing the permissions on access requests to the plurality of data environments after the permission is removed (par.112-116, 124-128).
Regarding claim 10, Sankavaram teaches wherein the database is a non-graph time-series-optimized database (par.49-52).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 6-8 and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over Sankavaram, and further in view of Hecht (20220247776).
Regarding claims 6 and 16, Sankavaram does not expressly disclose, however Hecht teaches comprising: identifying a user or resource of interest; determining one or more used permissions of the permissions that are used with respect to the user or resource during a time period; and generating a score based on the one or more used permissions, wherein the score indicates a relative risk of permissions associated with the user or resource (par.41-51).
Therefore, one of ordinary skill in the art would have found it obvious before the effective filing date of the claimed invention to modify Sankavaram to use scoring as taught by Hecht.
One of ordinary skill in the art would have been motivated to perform such a modification to further manage permissions based on additional parameters (Hecht, par.2-6, 40-60).
Regarding claims 7 and 17, Sankavaram/ Hecht teaches wherein generating the score comprises: dividing an amount of the one or more used permissions by an amount of total permissions in the plurality of permissions and then subtracting from one to calculate the score, wherein higher scores indicate the user or resource is more over-privileged relative to lower scores (Hecht, par.41-52).
Regarding claims 8 and 18, Sankavaram/ Hecht teaches comprising:notifying a user when the score indicates a relative risk greater than a threshold (Hecht, par.91-93).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: the remaining references put forth on the PTO-892 form are directed to managing permissions, Brannon (20220286462), Ip (20220271938), Hecht (10148701), Strong (20230216887).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to David García Cervetti whose telephone number is (571)272-5861. The examiner can normally be reached Monday-Friday 8AM-5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, HADI S ARMOUCHE can be reached at (571)270-3618. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/David Garcia Cervetti/Primary Examiner, Art Unit 2409