Efficient Access Control for Network Event Data

§101 §103 §112

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is a non-final office action in response to applicant’s communication filed on 9/12/2024 and Response to Election/Restriction filed 2/18/2026. Election/Restrictions Applicant's election of species II without traverse in the reply filed on 2/18/2026 is acknowledged. Claims 1-13 are therefore withdrawn. Claims 14-20 are pending and being considered. Priority The instant application is CIP of US Patent application 18/657,183 filed 5/7/2024, and CIP of US Patent application 18/657,287 filed 5/7/2024. Claim Objections Claim 14 is objected to because of the following informalities: Claim 14 line 2 recites “receiving … a request …”. The “request” appears to have nothing to do with the rest of claim. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 18-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 18 line 1 recites “the one or more entity identifiers”. There is insufficient antecedent basis for this limitation in the claim. Similarly claim 19 line 1. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 14-20 are rejected under 35 U.S.C. §101 because the claimed invention is directed to an abstract idea without significantly more. Eligibility Step 2A Prong One: Claim 14 recites “identifying … a plurality of entries in a database”, “performing a K-way merge …”, “performing an aggregation …”, and “producing an output …”. These would be interpreted as being analogous to concepts relating to organizing or analyzing information in a way that can be performed mentally or human mental work. Accordingly, the claim recites the abstract idea. The limitation of identifying, performing(s), producing, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of relating to data (entries) management. Nothing in the claim element precludes the step from practically being performed in the mind. Accordingly, the claim recites an abstract idea. Eligibility Step 2A Prong Two: Claims 1, 6 recite additional limitations of “computer system” to perform the steps of method claim discussed above. The limitations of identifying, performing(s), producing, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than reciting “computer system”, nothing in the claim element precludes the steps from practically being performed in the mind. Accordingly, the claims recite an abstract idea. This judicial exception is not integrated into a practical application because the claim only recites the additional limitations of “entity identifier”, “entitlement”, “time stamps”, which are merely used as generic and well-known terminologies, and they do not amount to significantly more than the abstract idea. In addition, the claims only recite additional elements –computer system, to perform the identifying/performing(s)/producing steps. The computer system is recited at a high level of generality (i.e., as a generic processor performing a generic computer function of identifying/performing(s)/producing) such that it amounts no more than mere instructions to apply the exception using generic computer components. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. Eligibility Step 2B: The claim recites additional elements of “receiving … a request …”, which is well known in the arts and is not sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using computing system to perform the receiving step amounts to no more than mere instructions to apply the exception using generic computing system. Mere instructions to apply an exception using generic computing machines cannot provide an inventive concept. The claim is not patent eligible. Dependent claims 15-20 depend on the rejected independent claim 14, therefore are not patent eligible. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 14-15, 17 are rejected under 35 U.S.C. 103 as being unpatentable over Rehman (US20130103640A1, hereinafter, “Rehman”), in view of Ye (US20150293816A1, hereinafter, “Ye”). Regarding claim 14, Rehman teaches: A method (Rehman, discloses systems and methods for on-demand entitlement management, see [Abstract]) comprising: receiving, by a computer system, a request including an entity identifier and having a plurality of entitlements associated therewith (e.g., [0011] the user entitlement configuration information may include, without limitation, a name or other identifier the resource provider has associated with or otherwise assigned to the user along with user-specific qualifying criteria for the entitlement. And [0012] Subsequently, before providing additional resources to the customer, the resource provider may communicate, transmit, or otherwise provide an entitlement status request for that customer with respect to that resource to the application server, wherein the application server accesses the entitlement objects associated with that customer to determine whether the user is entitled to that resource based on the user's current usage for that resource over the current monitoring period, the qualifying values, attributes and/or other qualifying criteria for that resource maintained by the relational database. And further refer to Fig. 2 at 218, and [0028] the entitlement management process 200 continues by receiving or otherwise obtaining a request for a user's entitlement status for a particular resource offered by a resource provider and determining whether the user is entitled to that resource); identifying, by the computer system, a plurality of entries in a database, each entry of the plurality of entries referencing the entity identifier, an entitlement of the plurality of entitlements, and network event data, the plurality of entries being partitioned into a plurality of partitions in the database according to the plurality of entitlements and ordered within each partition of the plurality of partitions according to time stamps of the plurality of entries ([Abstract] receiving user entitlement configuration information corresponding to the entitlement for a customer of the provider system, and creating one or more entitlement objects for the customer in a database based on the entitlement definition information and the user entitlement configuration information, wherein the entitlement definition information includes metadata defining a structure of the one or more entitlement objects. And [0014] the application system 100 includes a resource provider system 110 that includes or otherwise implements an application platform 112 that generates a virtual application 114 based at least in part on data stored or otherwise maintained by the database 106 (and received via the application server 102) that controls or otherwise manages access to resources from a resource system 116 by a client device 118. And [0027] After updating the non-relational database 120 to reflect the recently received instance of usage information (i.e., event data), the entitlement management engine 130 calculates or otherwise determines the user's entitlement usage over the appropriate monitoring period based on the usage information associated with the user. For example, the entitlement management engine 130 may access the relational database 106 to obtain the user entitlement usage object associated with the user and determine the monitoring period for the consumed resource based on the corresponding field(s) of the user entitlement usage object. After determining the monitoring period for a particular resource, the entitlement management engine 130 determines a starting time corresponding to the beginning of the current monitoring period and queries the non-relational database 120 using the identifier associated with that resource and the identifier associated with the user for any instances of consumption of the identified resource by that identified user occurring after the starting time (e.g., usage entries having a timestamp that is preceded by the starting time)); While Rehman teaches the main concept of the claimed invention for entitlement management, but does not specifically teach the following, in the similar field of endeavor Ye teaches: performing a K-way merge of the plurality of entries to obtain a merged result, where K is a number of the plurality of [entitlements]; performing an aggregation of the merged result (Ye, discloses method and apparatus for data processing applied to non-relational database, see [Abstract]. And [0035] after scanning is complete, sorting, in the temporary space in a K-way merge manner, the sorted result set; sequentially extracting and sending the client, in batches, the result set that is sorted in the K-way merge manner, and recording information of a second location of each extraction (i.e., aggregation of the merged result)); Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Ye in the entitlement management of Rehman by performing data sorting and merging using K-way merging. This would have been obvious because the person having ordinary skill in the art would have been motivated for memory efficient in extracting data and effectively accelerates response to result set acquiring (Ye, [Abstract], [0006]). The combination of Rehman and Ye further teaches: and producing an output according to the aggregation (Rehman, [0002] methods and systems for providing and managing entitlements in an on-demand application system. And Fig. 2 at 222, and [0029] In accordance with one or more embodiments, when the entitlement management process 200 determines a user is entitled to the requested resource, the entitlement management process 200 continues by providing indication that the user is entitled to the resource provider (task 222). And Ye, [0035] sequentially extracting and sending the client, in batches, the result set that is sorted in the K-way merge manner). Regarding claim 15, Rehman-Ye combination teaches the method of claim 14, Rehman further teaches: further comprising identifying the plurality of entitlements as being associated with a user identifier with respect to which a source of the request is associated ([0033] After the user's entitlement is created or otherwise registered by the application server 102, the user of the client device 118 manipulates the browser application 119 to transmit or otherwise provide a request 312 to the virtual application 114 to access a particular resource from the resource system 116. In response to receiving the request from the client device 118, the provider system 110 transmits or otherwise provides 314, to the application server 102, a request for the user's entitlement status with respect to that requested resource. In this regard, the entitlement status request includes the identifier associated with the user of the client device 118 along with an identifier associated with the requested resource). Regarding claim 17, Rehman-Ye combination teaches the method of claim 14, Rehman further teaches: wherein each entitlement of the plurality of entitlements indicates an event type of a plurality of event types to which the plurality of entries belong ([0026] After creating the user entitlement objects in the relational database, the entitlement management process 200 continues by receiving or otherwise obtaining usage information pertaining to the user's consumption of one or more resources offered by the resource provider, updating the non-relational database to reflect the usage information, determining the user's corresponding entitlement usage based on the user's usage information stored or otherwise maintained in the non-relational database, and updating the user's entitlement usage maintained in the relational database (tasks 210, 212, 214, 216)). Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Rehman-Ye, further in view of Schlesinger (US20040186836A1, hereinafter, “Schlesinger”). Regarding claim 16, Rehman-Ye combination teaches the method of claim 14, The combination of Rehman-Ye does not specifically teach the following, in the same field of endeavor Schlesinger teaches: wherein at least a portion of the plurality of entitlements indicate at least one of a geographic region and user group (Schlesinger, discloses system and method for entitlement security and control, see [Abstract] an entitlement request is received from a downstream access control system seeking entitlement permission on behalf of a user, a group of users, all users associated with the downstream access control system. And [0032] For example, a user 102 may be an individual, an employee, a client, a customer, a contractor, or such or a combination thereof. A user may also be a community or group of users, rather than an individual, based on their qualifications, projects, user and entitlement roles, geographic locations, or such, or a combination thereof). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Schlesinger in the entitlement management of Rehman-Ye by providing entitlement permission granting entitlement request per entitlement rules and roles. This would have been obvious because the person having ordinary skill in the art would have been motivated to provide entitlement security and control (Schlesinger, [Abstract]). Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Rehman-Ye, further in view of Stone et al (US20200112601A1, hereinafter, “Stone”). Regarding claim 18, Rehman-Ye combination teaches the method of claim 14, The combination of Rehman-Ye does not specifically teach the following, in the same field of endeavor Stone teaches: wherein the one or more entity identifiers include one or more internet protocol addresses (Stone, discloses system and method to process navigation information in response to receive a data request from a network entity, see [Abstract]. And [0044] FIG. 4 is a representation of a data request 76, according to one embodiment. The data request 76 is generated by a web client 16 and is shown to include a network entity identifier 23, a time 25, a click count 27, a user interface identifier 78, a current user interface identifier 80, a referrer user interface identifier 82, a client Internet protocol (IP) address 84, and parameters 85). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Stone in the entitlement management of Rehman-Ye by generate a network event based on the data request for the navigation information. This would have been obvious because the person having ordinary skill in the art would have been motivated to provide the network event based on network entity identifier (Stone, [Abstract]). Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Rehman-Ye, further in view of Stone et al (US20200112601A1, hereinafter, “Stone”) and Meketa et al (US20130166595A1, hereinafter, “Meketa”). Regarding claim 19, Rehman-Ye combination teaches the method of claim 14, The combination of Rehman-Ye does not specifically teach the following, in the same field of endeavor Stone teaches: wherein the one or more entity identifiers include one or more internet protocol addresses (Stone, discloses system and method to process navigation information in response to receive a data request from a network entity, see [Abstract]. And [0044] FIG. 4 is a representation of a data request 76, according to one embodiment. The data request 76 is generated by a web client 16 and is shown to include a network entity identifier 23, a time 25, a click count 27, a user interface identifier 78, a current user interface identifier 80, a referrer user interface identifier 82, a client Internet protocol (IP) address 84, and parameters 85). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Stone in the entitlement management of Rehman-Ye by generate a network event based on the data request for the navigation information. This would have been obvious because the person having ordinary skill in the art would have been motivated to provide the network event based on network entity identifier (Stone, [Abstract]). The combination of Rehman-Ye-Stone does not specifically teach the following, in the same field of endeavor Meketa teaches: and one or more protocol identifiers (Meketa, discloses system and method for controlling access to files in response to a file describing permissions for individual or multiple domains, [Abstract]. And [0078] When security permission identifier 254 receives such information from access manager 240, security permission identifier 254 compares the protocols of the program requesting the program file and of the requested file from their respective source records and checks that the protocol of the requested file is not more secure than the protocol of the program file). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Meketa in the entitlement management of Rehman-Ye-Stone by comparing the protocols of the program requesting the program file. This would have been obvious because the person having ordinary skill in the art would have been motivated to interpret the permissions on the client computer system and grants or denies access to the requested service (Meketa, [Abstract], [0010]). Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Rehman-Ye, further in view of Wood et al (US20230300112A1, hereinafter, “Wood”). Regarding claim 20, Rehman-Ye combination teaches the method of claim 14, The combination of Rehman-Ye does not specifically teach the following, in the same field of endeavor Wood teaches: wherein performing the aggregation of the merged result comprising performing an aggregation of event data included in the plurality of entries, the event data indicating at least one of: a result of a probe; an identifier of a service; identification of spoofing; and a threat assessment (Wood, discloses system and method for aggregating security events for detecting security threats, [Abstract]. And [0009] each of the plurality of local security agents may be further configured to perform the step of delivering the one of the aggregate events to the threat management facility when a predetermined time period has elapsed from a most recent event of the one of the aggregate events. The predetermined time period may be one second or less. Each of the plurality of local security agents may be further configured to perform the step of delivering the one of the aggregate events to the threat management facility in response to detecting a second event of a second type in the stream of events from one of the plurality of endpoints). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Wood in the entitlement management of Rehman-Ye by generating aggregate event from a stream of events. This would have been obvious because the person having ordinary skill in the art would have been motivated to perform detecting malware on a corresponding one or more of endpoints based on the aggregate event (Wood, [Abstract], [0009]). Citation of References The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action: Stack et al (US20090037675A1) discloses method for archiving data comprises storing static information in a header compartment, the static information including one or more pointers. Smyth et al (US20230319055A1) discloses systems and methods for generating access entitlements to networked computing resources. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975. The examiner can normally be reached on M-F: 8:30AM - 5:30PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MICHAEL M LEE/Primary Examiner, Art Unit 2436