Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
This application is a Continuation of commonly assigned and co-pending U.S. Patent Application Serial Number 17/318,595, filed on May 12, 2021, the disclosure of which is hereby incorporated by reference in its entirety.
DETAILED ACTION
This Office Action is in response to a Non-Provisional Patent Application filed on 09/27/2024.
In the application, claims 1-20 have been received for consideration and have been examined.
Specification
Applicant’s submitted specification has been reviewed and found to be in compliance.
Drawings
Applicant’s submitted drawings have been reviewed and found to be in compliance.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-7, 9-16 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an Abstract Idea without significantly more analyzed according to MPEP 2106.
Step 1: The independent claims 1, 10, and 17 do fall into one of the four statutory categories of a computer system, a computer implemented method and an apparatus claims. Nevertheless, the claim(s) are still considered reciting an abstract idea for the following prongs and reasons.
Step 2A: Prong One: The limitations of claims 1, 10, and 17 recite the abstract idea of:
“determine that an entity was granted a role assignment to resources in a managed environment” (mental process: a human administrator determines that a user has been assigned an anomalous role assignment);
determine whether the role assignment to the entity is anomalous through application of anomaly detection models on the role assignment to the entity, wherein the anomaly detection models are machine learning models that are trained using sets of data corresponding to various entities associated with the role assignment (mental process: the human administrator determines if the role assignment to the entity is abnormal through utilizing trained anomaly detection models);
in response to the role assignment to the entity being determined to be anomalous,
determine which of the anomaly detection models resulted in the determination that the role assignment to the entity is anomalous (mental process: the human administrator determines which model was used in determination of the role assignment to the entity is anomalous);
identify an indicator pertaining to a type of the role assignment to the entity (mental process: after the determination, human administrator determines type [indicator] of assigned role);
determine an indicator value [score] of the role assignment corresponding to the identified indicator, wherein the indicator value is determined based on the role assignment to the entity and the anomaly detection model determined to have resulted in the determination that the role assignment to the entity is anomalous (mental process: the human administrator checks a score for the type of assigned role based on the application of a particular model);
determine whether the indicator value exceeds a predefined threshold value (mental process: human administrator compares the score with predefined threshold) and
based on a determination that the indicator value exceeds the predefined threshold value, generate an alert indicating that the role assignment is suspicious (mental process: determine that score exceeds the predefined threshold; human administrator generates an alert based on exceeded score),
is a process that, under its broadest reasonable interpretation, covers performance of the limitations in the human mind or with pen and paper, or by humans merely interacting with one another.
The additional elements are “an apparatus comprising a processor; and a memory on which is stored machine-readable instructions that when executed by the processor”, “a method, performed by a processor”, and “a computer-readable medium” (claims 1, 10, and 17).
Step 2A: Prong Two: This judicial exception is not integrated into a practical application.
The identified additional elements do not integrate the judicial exception (i.e., the abstract idea) into a practical application and thus does not render any technical improvement to a technical problem. To show that the involvement of a computer assists in improving the technology, the claims must recite the details regarding how a computer aids the method, the extent to which the computer aids the method, or the significance of a computer to the performance of the method. Merely adding generic computer components to perform the method is not sufficient. Thus, the claim must include more than mere instructions to perform the method on a generic component or machinery to qualify as an improvement to an existing technology (MPEP 2106.5(a) II).
In the particular case, the final step that could potentially realize an improvement is so broad that it does not necessarily achieve any technical improvement because a human can infringe it and it need not be implemented in a computer; and the context of the claim is not exclusive to computing environments and thus is not necessarily solving a technical problem.
In the particular case, the final step [i.e., generate an alert] that could potentially realize an improvement is so broad that it does not necessarily achieve any technical improvement because a human can infringe it and it need not be implemented in a computer; and the context of the claim is not exclusive to computing environments and thus is not necessarily solving a technical problem. For example, “outputting, an alert indicating that the role assignment event is suspicious” is not a technical problem. Additionally, determining that the assigned/granted role assignment is anomalous is also not a technical problem. In this case, it appears that claims invoke computers or other machinery merely as a tool to perform an existing process. Examiner notes that recitation of computer system/apparatus is a use of a computer or other machinery in its ordinary capacity for economic or other tasks (e.g., to receive, store, or transmit data) or simply adding a general-purpose computer or computer components after the fact to an abstract idea (e.g., a fundamental economic practice or mathematical equation) does not integrate a judicial exception into a practical application or provide significantly more. See Affinity Labs v. DirecTV, 838 F.3d 1253, 1262, 120 USPQ2d 1201, 1207 (Fed. Cir. 2016) (see MPEP 2106.05(f) II).
The claims do not recite any additional elements beyond those recited for using the computers as a tool to implement the abstract idea. The additional elements are recited at a high-level of generality (i.e., one or more processors; and one or more computer-readable hardware storages devices that store instructions that are executable by the one or more processors).
Step 2B: The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception alone and in combination with the abstract idea.
For instance, the previously-identified additional elements are merely well-understood, routine, conventional activity previously known to the industry, which were not by themselves sufficient to transform a judicial exception into a patent eligible invention. Courts have held computer‐implemented processes not to be significantly more than an abstract idea (and thus ineligible) where the claim as a whole amount to nothing more than generic computer functions merely used to implement an abstract idea, such as an idea that could be done by a human analog (i.e., by hand or by merely thinking) “BASCOM Global Internet Servs. v. AT&T Mobility LLC, 827 F.3d 1341, 1348, 119 USPQ2d 1236, 1241 (Fed. Cir. 2016)”. (see MPEP 2106.05(d)).
As discussed above with respect to integration of the abstract idea into a practical application, the additional elements amount to no more than mere instructions to apply the exception using general purpose computer.
Therefore, the claims are directed to an abstract idea without significantly more. Simply appending well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception, e.g., a claim to an abstract idea requiring no more than a generic computer to perform generic computer functions that are well-understood, routine and conventional activities previously known to the industry, as discussed in Alice Corp., 573 U.S. at 225, 110 USPQ2d at 1984 (see MPEP § 2106.05(d)). Furthermore, adding insignificant extra-solution activity to the judicial exception, e.g., mere data gathering in conjunction with a law of nature or abstract idea such as a step of obtaining information about credit card transactions so that the information can be analyzed by an abstract mental process, as discussed in CyberSource v. Retail Decisions, Inc., 654 F.3d 1366, 1375, 99 USPQ2d 1690, 1694 (Fed. Cir. 2011) (see MPEP § 2106.05(g)).
Thus, the claim(s) 1, 10, and 17 is / are not patent eligible.
Further analysis of independent and dependent claims 2-9, 11-16 and 18-20 demonstrates that the claims pass the step 1 of 35 USC § 101 analysis by reciting method and computer-readable medium, however, under steps 2, 2A & 2B analysis, the claims language is directed to a mental process performable by a human in their mind or using a pen and paper in a methodical and orderly manner.
Overall analysis of the claims 1-20 demonstrates that limitations are directed to a mental process performable by a human being in their head using a pen and paper in a methodical and orderly manner. Therefore, the claims recite an abstract idea.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-20 of U.S. Patent No. US12126637B2. Although the claims at issue are not identical, they are not patentably distinct from each other because the instant claims recite subject matter that is similar to patented claims as disclosed below:
Instant Application # 18/899,818
US Patent No. US12126637B2
1. An apparatus comprising:
a processor; and a memory on which is stored machine-readable instructions that when executed by the processor, cause the processor to:
determine that an entity was granted a role assignment to resources in a managed environment;
determine whether the role assignment to the entity is anomalous through application of anomaly detection models on the role assignment to the entity, wherein the anomaly detection models are machine learning models that are trained using sets of data corresponding to various entities associated with the role assignment;
in response to the role assignment to the entity being determined to be anomalous,
determine which of the anomaly detection models resulted in the determination that the role assignment to the entity is anomalous;
identify an indicator pertaining to a type of the role assignment to the entity;
determine an indicator value of the role assignment corresponding to the identified indicator, wherein the indicator value is determined based on the role assignment to the entity and the anomaly detection model determined to have resulted in the determination that the role assignment to the entity is anomalous;
determine whether the indicator value exceeds a predefined threshold value; and
based on a determination that the indicator value exceeds the predefined threshold value, generate an alert indicating that the role assignment is suspicious.
1. An apparatus comprising:
a processor; and a memory on which is stored machine-readable instructions that when executed by the processor, cause the processor to:
determine that an entity was granted a role assignment to resources in a managed environment;
apply a plurality of anomaly detection models on the role assignment granted to the entity to determine whether the role assignment is anomalous, wherein the plurality of anomaly detection models are based on various perspectives of the role assignment, including a first anomaly detection model based on a perspective of an assignee of the role assignment and a second anomaly detection model based on a perspective of an assigner of the role assignment, and
wherein the first anomaly detection model and the second anomaly detection model are trained using respective sets of learning data corresponding to the respective perspectives of the first and second anomaly detection models;
based on a determination that the role assignment of the entity is anomalous, identify at least one indicator associated with the role assignment;
determine an indicator value corresponding to the identified at least one indicator;
determine whether the indicator value exceeds a predefined threshold value; and
based on a determination that the indicator value exceeds the predefined threshold value, generate an alert that indicates that the role assignment is suspicious.
2. The apparatus of claim 1, wherein the anomaly detection models that are applied to the role assignment to determine whether the role assignment is anomalous include:
a first anomaly detection model that is based on a perspective of an assignee of the role assignment, and
a second anomaly detection model that is based on a perspective of an assigner of the role assignment.
Claim 1, Limitation # 3; wherein the plurality of anomaly detection models are based on various perspectives of the role assignment, including a first anomaly detection model based on a perspective of an assignee of the role assignment and a second anomaly detection model based on a perspective of an assigner of the role assignment
3. The apparatus of claim 2, wherein the anomaly detection models further include:
a third anomaly detection model that is based on a perspective of a tenant of the managed environment, and
a fourth anomaly detection model that is based on a perspective of a cross-tenant of the managed environment.
The apparatus of claim 1, wherein the plurality of anomaly detection models further include:
a third anomaly detection model that is based on a perspective of a tenant of the managed environment;
a fourth anomaly detection model that is based on a perspective of a cross-tenant of the managed environment; and
determine that the role assignment is anomalous based on the application of the plurality of anomaly detection models on the role assignment resulting in the determination that the role assignment is anomalous.
4. The apparatus of claim 3, wherein the instructions cause the processor to:
determine a first anomaly score of the role assignment resulting from application of the first anomaly detection model on the role assignment;
determine a second anomaly score of the role assignment based on application of the second anomaly detection model on the role assignment;
determine a third anomaly score of the role assignment based on application of the third anomaly detection model on the role assignment; and
determine a fourth anomaly score of the role assignment based on application of the fourth anomaly detection model on the role assignment.
5. The apparatus of claim 3, wherein the instructions cause the processor to:
determine a first anomaly score of the role assignment resulting from application of the first anomaly detection model on the role assignment;
determine a second anomaly score of the role assignment based on application of the second anomaly detection model on the role assignment;
determine a third anomaly score of the role assignment based on application of the third anomaly detection model on the role assignment; and
determine a fourth anomaly score of the role assignment based on application of the fourth anomaly detection model on the role assignment.
5. The apparatus of claim 4, wherein the instructions cause the processor to:
determine whether one of the first anomaly score, the second anomaly score, the third anomaly score, and the fourth anomaly score exceeds a respective predefined threshold anomaly score; and
based on a determination that one of the first anomaly score, the second anomaly score, the third anomaly score, and the fourth anomaly score exceeds the respective predefined threshold anomaly score, determine that the role assignment is anomalous.
6. The apparatus of claim 5, wherein the instructions cause the processor to:
determine whether any of the first anomaly score, the second anomaly score, the third anomaly score, and the fourth anomaly score exceeds a respective predefined threshold anomaly score; and
based on a determination that any of the first anomaly score, the second anomaly score, the third anomaly score, and the fourth anomaly score exceeds the respective predefined threshold anomaly score, determine that the role assignment is anomalous.
6. The apparatus of claim 3, wherein the first, second, third, and fourth anomaly detection models are trained using respective sets of learning data corresponding to the respective perspectives of the first, second, third, and fourth anomaly detection models.
7. The apparatus of claim 3, wherein, the third anomaly detection model and the fourth anomaly detection model are trained using respective sets of learning data corresponding to the respective perspectives of the third and fourth anomaly detection models.
7. The apparatus of claim 1, wherein the instructions cause the processor to:
determine anomaly scores of the role assignment resulting from the application of the anomaly detection models on the role assignment;
determine whether at least one of the anomaly scores exceeds a predefined threshold anomaly score; and
based on a determination that at least one of the anomaly scores exceeds the predefined threshold anomaly score, determine that the role assignment is anomalous.
8. The apparatus of claim 1, wherein the instructions cause the processor to: identify the at least one indicator associated with the role assignment based on one of the plurality of anomaly detection models resulted in the determination that the role assignment is anomalous.
The table above shows that claim 1 of an instant application recite similar limitations in a broader concept as a computer platform claim presented in the patent publication, and therefore are rejected under the same rationale. It would have been obvious to one of the ordinary person skills in the art to build a system or a computer program product, provided with corresponding method.
Remaining Independent and dependent claims in the instant application recite similar subject matter as mentioned in the patented claims.
Although the conflicting claims are not identical, they are not patentably distinct from each other because the claims in the instant application are anticipated by the claims in US Patent no. US12126637B2.
Furthermore, there is no apparent reason why applicant was prevented from presenting claims corresponding to those of the instant application during prosecution of the application which matured into a patent. See In re Schneller, 397 F.2d 350, 158 USPQ 210 (CCPA 1968). See also MPEP § 804.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Hecht., US20190260754A1
Chari et al., US9137263B2
Allen., US10606987B2
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M AHSAN whose telephone number is (571)272-5018. The examiner can normally be reached 8:30 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at 571-270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SYED M AHSAN/Primary Examiner, Art Unit 2491