DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on September 3, 2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that use the word “means” or “step” but are nonetheless not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph because the claim limitation(s) recite(s) sufficient structure, materials, or acts to entirely perform the recited function. Such claim limitation is: “processor configured to execute instructions” in claim 1.
Because this/these claim limitation(s) is not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it is not being interpreted to cover only the corresponding structure, material, or acts described in the specification as performing the claimed function, and equivalents thereof.
If applicant intends to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to remove the structure, materials, or acts that performs the claimed function; or (2) present a sufficient showing that the claim limitation(s) does/do not recite sufficient structure, materials, or acts to perform the claimed function.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-18 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kim et al, US 2019/0156042.
As per claim 1, it is taught of an information presenting apparatus comprising:
at least one memory storing instructions (paragraph 0061); and
at least one processor configured to execute the instructions (paragraph 0061) to:
obtain similarities, as first similarities, between first vulnerability information indicating a vulnerability of a target system (vulnerability information analysis system collects observed information obtained by observing devices connected to the network through a service scan of the devices (i.e., first vulnerability information indicating vulnerabilities of target systems), paragraph 0055, lines 3-6, wherein observed information includes type, firmware version, operating system version, etc. of the device connected to the network, paragraph 0057, lines 1-9) and a plurality of pieces of second vulnerability information indicating vulnerabilities of computer systems, the plurality of pieces of second vulnerability being prepared in advance (vulnerability information analysis system collects vulnerability information from sources of vulnerability information (i.e., second vulnerability information indicating a vulnerability of computer systems), paragraph 0055, lines 1-9, wherein the vulnerability information (i.e., second vulnerability information) indicates properties of a vulnerability (i.e., plurality of pieces stored in a database that is later downloaded (i.e., being prepared in advance), see paragraph 0049, lines 3-16), and extract a piece of the second vulnerability information with which the obtained first similarity is in a set range (a matching system determines if the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) match each other (i.e., first similarities), paragraph 0058, lines 1-8, wherein the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) share relationship data (i.e., first similarities in a set range), paragraph 0059, lines 1-8);
obtain similarities, as second similarities, between first system information including an index indicating performance of the target system (vulnerability information analysis system collects observed information obtained by observing devices connected to the network through a service scan of the devices (i.e., first vulnerability information indicating vulnerabilities of target systems), paragraph 0055, lines 3-6, wherein observed information includes type, firmware version, operating system version, etc. (i.e., index indicating performance of the target system) of the device connected to the network, paragraph 0057, lines 1-9) and a plurality of pieces of second system information including indices indicating performance of the computer systems, the plurality of pieces of second system information being prepared in advance (collecting vulnerability information using the rule for collecting a vulnerability information by collecting the vulnerability information from the various sources (i.e., computer system) of vulnerability information without having to generate execution code for collecting the vulnerability information whenever a source of vulnerability information is changed (i.e., plurality of pieces of second system information represented as indices listing the changes), paragraph 0056, lines 21-40, the vulnerability information (i.e., second vulnerability information) indicates properties of a vulnerability (i.e., plurality of pieces stored in a database that is later downloaded (i.e., being prepared in advance), see paragraph 0049, lines 3-16), and extract a piece of the second system information with which the obtained second similarity is in a set range (a matching system determines if the observed information (i.e., first vulnerability information) and updated vulnerability information (i.e., second system information) has changed and match each other (i.e., first similarities), paragraph 0026, lines 21-35 and paragraph 0058, lines 1-8, wherein the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) share relationship data (i.e., first similarities in a set range), paragraph 0059, lines 1-8); and
generate presentation information for presentation using the extracted piece of the second vulnerability information and the extracted piece of the second system information (the relationship between the second vulnerability information (i.e., second vulnerability information indicating a vulnerability of computer systems) and the changed vulnerability information (i.e., extracted piece of the second system information) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12, and is displayed as shown in Figures 1 and 11 by displaying second vulnerability information).
As per claim 2, it is disclosed wherein the first system information and the second system information at least include an index indicating confidentiality of a computer system (exploitable score (i.e., confidentiality) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information), an index indicating integrity of the computer system (severity score (i.e., integrity) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information), and an index indicating an availability of the computer system (impact score (i.e., availability) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information, paragraph 0085, lines 1-12).
As per claim 3, it is taught wherein the one or more processors further vectorizes the first system information and the second system information (vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)), paragraphs 007, lines 1-5 and 0085, lines 1-12), and obtains a similarity between the first system information and the second system information using the vectorized first system information, the vectorized second system information, and a preset weight (a search for vulnerability information (i.e., first system information) is performed, paragraph 0075, lines 4-8, then is it search for the existence of new vulnerability information (i.e., second system information) to see if it has been changed/updated, paragraph 0076, lines 1-3, 9-12, & 19-29, then adding information to the information sharing object indicative of the similarities, paragraph 0077, lines 1-5, wherein vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)) by applying severity levels (i.e., preset weights), paragraphs 007, lines 1-5 and 0085, lines 1-12).
As per claim 4, it is disclosed wherein the first vulnerability information and the second vulnerability information are each constituted by a plurality of elements indicating a vulnerability (the relationship between the first vulnerability information (i.e., first vulnerability information indicating a vulnerability of computer systems) and the changed vulnerability information (i.e., extracted piece of the second system information based upon updated vulnerability information) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12), and
the one or more processors further vectorizes the first vulnerability information and the second vulnerability information (vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information), paragraphs 007, lines 1-5 and 0085, lines 1-12), and obtains a similarity between the first vulnerability information and the second vulnerability information using the vectorized first vulnerability information, the vectorized second vulnerability information, and a preset weight (a search for vulnerability information (i.e., first system information) is performed, paragraph 0075, lines 4-8, then is it search for the existence of new vulnerability information (i.e., second system information) to see if it has been changed/updated, paragraph 0076, lines 1-3, 9-12, & 19-29, then adding information to the information sharing object indicative of the similarities, paragraph 0077, lines 1-5, wherein vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)) by applying severity levels (i.e., preset weights), paragraphs 007, lines 1-5 and 0085, lines 1-12).
As per claim 5, it is taught wherein the one or more processors further identifies a computer system corresponding to the extracted second system information, further identifies, for the identified computer system, a first handling method of handling the vulnerability indicated by the first vulnerability information and a second handling method of handling the vulnerability indicated by the extracted second vulnerability information (vulnerability information collection system collects vulnerability information from sources of vulnerability information (i.e., first handling method indicated by first vulnerability information), paragraph 0055, lines 11-15 & 21-26, wherein as collecting vulnerability information from various sources has changed, or updated, the changed sources of vulnerability information is collected from the database (i.e., second handling method of extraction), paragraph 0056, lines 21-40), and generates the presentation information using the identified first handling method and second handling method (the relationship between the first vulnerability information (i.e., first vulnerability information indicating a vulnerability of computer systems as a first handling method) and the changed vulnerability information (i.e., extracted piece of the second system information based upon updated vulnerability information as a second handling method) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12, and is displayed as shown in Figures 1 and 11 by displaying second vulnerability information).
As per claim 6, it is disclosed wherein the one or more processors further receives input of the first vulnerability information and the first system information (processor stores a program for executing instructions to receive input of observed information (i.e., first vulnerability information) and stored and known vulnerability information (i.e., first system information), paragraph 0055, lines 1-6 and paragraph 0107, lines 1-8).
As per claim 7, it is taught of an information presenting method comprising:
obtaining similarities, as first similarities, between first vulnerability information indicating a vulnerability of a target system (vulnerability information analysis system collects observed information obtained by observing devices connected to the network through a service scan of the devices (i.e., first vulnerability information indicating vulnerabilities of target systems), paragraph 0055, lines 3-6, wherein observed information includes type, firmware version, operating system version, etc. of the device connected to the network, paragraph 0057, lines 1-9) and a plurality of pieces of second vulnerability information indicating vulnerabilities of computer systems, the plurality of pieces of second vulnerability being prepared in advance (vulnerability information analysis system collects vulnerability information from sources of vulnerability information (i.e., second vulnerability information indicating a vulnerability of computer systems), paragraph 0055, lines 1-9, wherein the vulnerability information (i.e., second vulnerability information) indicates properties of a vulnerability (i.e., plurality of pieces stored in a database that is later downloaded (i.e., being prepared in advance), see paragraph 0049, lines 3-16), and extracting a piece of the second vulnerability information with which the obtained first similarity is in a set range (a matching system determines if the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) match each other (i.e., first similarities), paragraph 0058, lines 1-8, wherein the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) share relationship data (i.e., first similarities in a set range), paragraph 0059, lines 1-8);
obtaining similarities, as second similarities, between first system information including an index indicating a performance of the target system (vulnerability information analysis system collects observed information obtained by observing devices connected to the network through a service scan of the devices (i.e., first vulnerability information indicating vulnerabilities of target systems), paragraph 0055, lines 3-6, wherein observed information includes type, firmware version, operating system version, etc. (i.e., index indicating performance of the target system) of the device connected to the network, paragraph 0057, lines 1-9) and a plurality of pieces of second system information including indices indicating performances of the computer systems, the plurality of pieces of second system information being prepared in advance (collecting vulnerability information using the rule for collecting a vulnerability information by collecting the vulnerability information from the various sources (i.e., computer system) of vulnerability information without having to generate execution code for collecting the vulnerability information whenever a source of vulnerability information is changed (i.e., plurality of pieces of second system information represented as indices listing the changes), paragraph 0056, lines 21-40, the vulnerability information (i.e., second vulnerability information) indicates properties of a vulnerability (i.e., plurality of pieces stored in a database that is later downloaded (i.e., being prepared in advance), see paragraph 0049, lines 3-16), and extracting a piece of the second system information with which the obtained second similarity is in a set range (a matching system determines if the observed information (i.e., first vulnerability information) and updated vulnerability information (i.e., second system information) has changed and match each other (i.e., first similarities), paragraph 0026, lines 21-35 and paragraph 0058, lines 1-8, wherein the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) share relationship data (i.e., first similarities in a set range), paragraph 0059, lines 1-8); and
generating presentation information for presentation using the extracted piece of the second vulnerability information and the extracted piece of the second system information (the relationship between the second vulnerability information (i.e., second vulnerability information indicating a vulnerability of computer systems) and the changed vulnerability information (i.e., extracted piece of the second system information) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12, and is displayed as shown in Figures 1 and 11 by displaying second vulnerability information).
As per claim 8, it is disclosed wherein the first system information and the second system information at least include an index indicating confidentiality of a computer system (exploitable score (i.e., confidentiality) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information), an index indicating integrity of the computer system (severity score (i.e., integrity) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information), and an index indicating an availability of the computer system (impact score (i.e., availability) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information, paragraph 0085, lines 1-12).
As per claim 9, it is taught wherein, in the system information extracting, vectorizing the first system information and the second system information (vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)), paragraphs 007, lines 1-5 and 0085, lines 1-12), and obtaining a similarity between the first system information and the second system information using the vectorized first system information, the vectorized second system information, and a preset weight (a search for vulnerability information (i.e., first system information) is performed, paragraph 0075, lines 4-8, then is it search for the existence of new vulnerability information (i.e., second system information) to see if it has been changed/updated, paragraph 0076, lines 1-3, 9-12, & 19-29, then adding information to the information sharing object indicative of the similarities, paragraph 0077, lines 1-5, wherein vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)) by applying severity levels (i.e., preset weights), paragraphs 007, lines 1-5 and 0085, lines 1-12).
As per claim 10, it is disclosed wherein the first vulnerability information and the second vulnerability information are each constituted by a plurality of elements indicating a vulnerability (the relationship between the first vulnerability information (i.e., first vulnerability information indicating a vulnerability of computer systems) and the changed vulnerability information (i.e., extracted piece of the second system information based upon updated vulnerability information) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12), and
in the vulnerability information extracting, vectorizing the first vulnerability information and the second vulnerability information (vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information), paragraphs 007, lines 1-5 and 0085, lines 1-12), and obtaining a similarity between the first vulnerability information and the second vulnerability information using the vectorized first vulnerability information, the vectorized second vulnerability information, and a preset weight (a search for vulnerability information (i.e., first system information) is performed, paragraph 0075, lines 4-8, then is it search for the existence of new vulnerability information (i.e., second system information) to see if it has been changed/updated, paragraph 0076, lines 1-3, 9-12, & 19-29, then adding information to the information sharing object indicative of the similarities, paragraph 0077, lines 1-5, wherein vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)) by applying severity levels (i.e., preset weights), paragraphs 007, lines 1-5 and 0085, lines 1-12).
As per claim 11, it is taught wherein, in the presentation information generating, identifying a computer system corresponding to the extracted second system information, further identifying, for the identified computer system, a first handling method of handling the vulnerability indicated by the first vulnerability information and a second handling method of handling the vulnerability indicated by the extracted second vulnerability information (vulnerability information collection system collects vulnerability information from sources of vulnerability information (i.e., first handling method indicated by first vulnerability information), paragraph 0055, lines 11-15 & 21-26, wherein as collecting vulnerability information from various sources has changed, or updated, the changed sources of vulnerability information is collected from the database (i.e., second handling method of extraction), paragraph 0056, lines 21-40), and generating the presentation information using the identified first handling method and second handling method (the relationship between the first vulnerability information (i.e., first vulnerability information indicating a vulnerability of computer systems as a first handling method) and the changed vulnerability information (i.e., extracted piece of the second system information based upon updated vulnerability information as a second handling method) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12, and is displayed as shown in Figures 1 and 11 by displaying second vulnerability information).
As per claim 12, it is disclosed of further comprising: receiving input of the first vulnerability information and the first system information (processor stores a program for executing instructions to receive input of observed information (i.e., first vulnerability information) and stored and known vulnerability information (i.e., first system information), paragraph 0055, lines 1-6 and paragraph 0107, lines 1-8).
As per claim 13, it is taught of a non-transitory computer-readable recording medium that includes a program including instructions recorded thereon, the instructions causing a computer to carry out (paragraph 0061):
obtaining similarities, as first similarities, between first vulnerability information indicating a vulnerability of a target system (vulnerability information analysis system collects observed information obtained by observing devices connected to the network through a service scan of the devices (i.e., first vulnerability information indicating vulnerabilities of target systems), paragraph 0055, lines 3-6, wherein observed information includes type, firmware version, operating system version, etc. of the device connected to the network, paragraph 0057, lines 1-9) and a plurality of pieces of second vulnerability information indicating vulnerabilities of computer systems, the plurality of pieces of second vulnerability being prepared in advance (vulnerability information analysis system collects vulnerability information from sources of vulnerability information (i.e., second vulnerability information indicating a vulnerability of computer systems), paragraph 0055, lines 1-9, wherein the vulnerability information (i.e., second vulnerability information) indicates properties of a vulnerability (i.e., plurality of pieces stored in a database that is later downloaded (i.e., being prepared in advance), see paragraph 0049, lines 3-16), and extracting a piece of the second vulnerability information with which the obtained first similarity is in a set range (a matching system determines if the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) match each other (i.e., first similarities), paragraph 0058, lines 1-8, wherein the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) share relationship data (i.e., first similarities in a set range), paragraph 0059, lines 1-8);
obtaining similarities, as second similarities, between first system information including an index indicating a performance of the target system (vulnerability information analysis system collects observed information obtained by observing devices connected to the network through a service scan of the devices (i.e., first vulnerability information indicating vulnerabilities of target systems), paragraph 0055, lines 3-6, wherein observed information includes type, firmware version, operating system version, etc. (i.e., index indicating performance of the target system) of the device connected to the network, paragraph 0057, lines 1-9) and a plurality of pieces of second system information including indices indicating performances of the computer systems, the plurality of pieces of second system information being prepared in advance (collecting vulnerability information using the rule for collecting a vulnerability information by collecting the vulnerability information from the various sources (i.e., computer system) of vulnerability information without having to generate execution code for collecting the vulnerability information whenever a source of vulnerability information is changed (i.e., plurality of pieces of second system information represented as indices listing the changes), paragraph 0056, lines 21-40, the vulnerability information (i.e., second vulnerability information) indicates properties of a vulnerability (i.e., plurality of pieces stored in a database that is later downloaded (i.e., being prepared in advance), see paragraph 0049, lines 3-16), and extracting a piece of the second system information with which the obtained second similarity is in a set range (a matching system determines if the observed information (i.e., first vulnerability information) and updated vulnerability information (i.e., second system information) has changed and match each other (i.e., first similarities), paragraph 0026, lines 21-35 and paragraph 0058, lines 1-8, wherein the observed information (i.e., first vulnerability information) and vulnerability information (i.e., second vulnerability information) share relationship data (i.e., first similarities in a set range), paragraph 0059, lines 1-8); and
generating presentation information for presentation using the extracted piece of the second vulnerability information and the extracted piece of the second system information (the relationship between the second vulnerability information (i.e., second vulnerability information indicating a vulnerability of computer systems) and the changed vulnerability information (i.e., extracted piece of the second system information) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12, and is displayed as shown in Figures 1 and 11 by displaying second vulnerability information).
As per claim 14, it is disclosed wherein the first system information and the second system information at least include an index indicating confidentiality of a computer system (exploitable score (i.e., confidentiality) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information), an index indicating integrity of the computer system (severity score (i.e., integrity) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information), and an index indicating an availability of the computer system (impact score (i.e., availability) is associated as an index for the vulnerability information related to the observed vulnerability and vulnerability information, paragraph 0085, lines 1-12).
As per claim 15, it is taught wherein, in the system information extracting, vectorizing the first system information and the second system information (vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)), paragraphs 007, lines 1-5 and 0085, lines 1-12), and obtaining a similarity between the first system information and the second system information using the vectorized first system information, the vectorized second system information, and a preset weight (a search for vulnerability information (i.e., first system information) is performed, paragraph 0075, lines 4-8, then is it search for the existence of new vulnerability information (i.e., second system information) to see if it has been changed/updated, paragraph 0076, lines 1-3, 9-12, & 19-29, then adding information to the information sharing object indicative of the similarities, paragraph 0077, lines 1-5, wherein vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)) by applying severity levels (i.e., preset weights), paragraphs 007, lines 1-5 and 0085, lines 1-12).
As per claim 16, it is disclosed wherein the first vulnerability information and the second vulnerability information are each constituted by a plurality of elements indicating a vulnerability (the relationship between the first vulnerability information (i.e., first vulnerability information indicating a vulnerability of computer systems) and the changed vulnerability information (i.e., extracted piece of the second system information based upon updated vulnerability information) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12), and
in the vulnerability information extracting, vectorizing the first vulnerability information and the second vulnerability information (vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information), paragraphs 007, lines 1-5 and 0085, lines 1-12), and obtaining a similarity between the first vulnerability information and the second vulnerability information using the vectorized first vulnerability information, the vectorized second vulnerability information, and a preset weight (a search for vulnerability information (i.e., first system information) is performed, paragraph 0075, lines 4-8, then is it search for the existence of new vulnerability information (i.e., second system information) to see if it has been changed/updated, paragraph 0076, lines 1-3, 9-12, & 19-29, then adding information to the information sharing object indicative of the similarities, paragraph 0077, lines 1-5, wherein vector strings are created for the vulnerability information (i.e., vectorizing first system information (vulnerability information) and second system information (additional/updated vulnerability information)) by applying severity levels (i.e., preset weights), paragraphs 007, lines 1-5 and 0085, lines 1-12).
As per claim 17, it is taught wherein, in the presentation information generating, identifying a computer system corresponding to the extracted second system information, further identifying, for the identified computer system, a first handling method of handling the vulnerability indicated by the first vulnerability information and a second handling method of handling the vulnerability indicated by the extracted second vulnerability information (vulnerability information collection system collects vulnerability information from sources of vulnerability information (i.e., first handling method indicated by first vulnerability information), paragraph 0055, lines 11-15 & 21-26, wherein as collecting vulnerability information from various sources has changed, or updated, the changed sources of vulnerability information is collected from the database (i.e., second handling method of extraction), paragraph 0056, lines 21-40), and generating the presentation information using the identified first handling method and second handling method (the relationship between the first vulnerability information (i.e., first vulnerability information indicating a vulnerability of computer systems as a first handling method) and the changed vulnerability information (i.e., extracted piece of the second system information based upon updated vulnerability information as a second handling method) matched is converted into a predefined format and generating a document for sharing vulnerability information stored in the vulnerability database, paragraph 0059, lines 1-12, and is displayed as shown in Figures 1 and 11 by displaying second vulnerability information).
As per claim 18, it is disclosed wherein the program further including instructions that causes the computer to carry out: receiving input of the first vulnerability information and the first system information (processor stores a program for executing instructions to receive input of observed information (i.e., first vulnerability information) and stored and known vulnerability information (i.e., first system information), paragraph 0055, lines 1-6 and paragraph 0107, lines 1-8).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Bishop, III et al, US 2022/0108022 is relied upon for disclosing of comparing the vulnerability factors and categories associated with the fetched code portions (which are not labeled with factor weights and category weights) with the vulnerability factors and categories associated with the sample code portions (which are labeled with factor weights and category weights). The vulnerability analysis engine groups the unlabeled code portions with sample code portions which have the same vulnerability factors and categories. The vulnerability analysis engine determines or predicts the factor weights/category weights for those code portions that are in the same group as each sample code portion to be the same as the factor weights/category weights of that sample code portion, see paragraph 0058.
Holz et al, US 2018/0157842 is relied upon for an application scanner outputting a set of flagged portions of source code that have been determined to be potentially insecure, information regarding the nature of the insecurity of the flagged portion of code, possibly standard vulnerability tracking identifiers, such as the Common Vulnerability Enumeration (CVE) identifier, alternate and/or preferable techniques for coding the particular flagged portion of source code, identification of potential patches for the flagged portion of source code, see paragraph 0033.
Rosendahl, U.S. Patent 11,886,573 is relied upon for disclosing of a threat database listing one or more potential threats that may be discovered in the container system. These threats may include both vulnerabilities and/or benchmark settings. These vulnerabilities may be referred to as Common Vulnerabilities and Exposures (CVEs). In one embodiment, the threat database 132 includes a database of CVE identifiers and metadata used to identify the associated CVEs in the various software sources noted above. Each CVE is a section in executable code, property, configuration data, file, or other data that may be utilized and exploited by a malicious user to perform an undesired or unauthorized action in a computing system. The exploitation of the CVE may be in a fashion not originally intended by the creator of the software source. Typically, CVEs are identified using unique identifiers that are comprised of alphanumeric characters, see column 7, lines 39-59.
Nakajima et al, U.S. Patent 10,747,887 is relied upon for disclosing of a vulnerability detection device including: an extracting unit that extracts a first program code corresponding to an uncorrected vulnerability portion of software; a normalization processing unit that normalizes a parameter varying depending on compilation environment, among parameters included in the first program code extracted by the extracting unit and in a second program code of software as a target to be tested for the vulnerability portion; a similarity calculating unit that calculates a first similarity which is a similarity of an arbitrary portion of the second program code after normalization as a comparison target to the first program code; a determining unit that refers to vulnerability related information for a portion of the second program code in which the calculated first similarity exceeds a predetermined threshold, and that determines whether the portion of the second program code is an unknown vulnerability portion; and an output unit that outputs the portion of the second program code determined as the unknown vulnerability portion, see column 2, lines 33-52.
Koike et al, US 2024/0070290 is relied upon for disclosing of first vulnerability information container obtains first vulnerability information that associates a first identifier identifying software related to a platform, with a vulnerability identifier identifying a vulnerability of the software. The first identifier identifies by a name and a version of the software. Second vulnerability information container obtains, from a second server, second vulnerability information that associates a second identifier identifying software included in a device according to a predetermined format, with the vulnerability identifier. The second identifier identifies by a name and a version of the software. A searcher identifies a second identifier that is associated with the vulnerability identifier identified by a scanner, and includes a name of software identical to the name of the target software, based on the second vulnerability information. The output processor generates a third identifier by replacing the version included in the second identifier identified by the searcher with the version of the target software, the third identifier identifying the target software included in the target device, according to the predetermined format, see paragraphs 0019-0025.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER REVAK whose telephone number is (571)272-3794. The examiner can normally be reached 5:30am - 3:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Catherine Thiaw can be reached at 571-270-1138. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CHRISTOPHER A REVAK/Primary Examiner, Art Unit 2407