Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 1/16/2025 was filed after the mailing date of the application on 10/9/2024. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Allowable Subject Matter
Claim 7 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Double Patenting
Claims 1, 8-14 and 17-20 are rejected on the ground of non statutory double patenting as being unpatentable over claims 1, 4-9, and 15-16 of U.S. Patent No. 12,143,410. Although the claims at issue are not identical, they are not patentably distinct from each other because the limitations in each claim set relate to the same concept.
19/911,218
18/376,584
Claim1: A computer-implemented method for analyzing a cloud environment, the computer-
implemented method comprising:
invoking an incremental change detector configured to perform an infrastructure scan of the cloud environment and return a scan result that identifies one or more changes to one or more infrastructure assets in the cloud environment, wherein the scan
result includes, for each particular change in the one or more changes, first
information indicative of the particular change;
running a data scan on the cloud environment that is constrained to the one or more infrastructure assets having the one or more changes;
obtaining, based on the data scan, second information associated with the one or more changes; and
updating a cloud infrastructure graph based on one or more of the first information or the second information, wherein the cloud infrastructure graph defines nodes that represent resources in the cloud environment and edges, between the nodes, that represent relationships between the resources.
Claim 1: A system for analysis of infrastructure posture of a cloud
environment, the system comprising:
a processor and memory accessible by the processor, the memory including instructions
executable to:
detect a triggering criterion corresponding to initiation of an update scan of the infrastructure posture of the cloud environment
select a time period based on a previous scan of the infrastructure posture of the cloud environment;
invoke an incremental change detector based on the triggering criterion, the incremental change detector configured to scan the cloud environment and return a scan result
that identifies one or more changes to a set of infrastructure assets in the cloud
environment within a selected-the time period, and the one or more changes
comprise at least one of:
adding a particular service or configuration in the cloud environment,
deleting a particular service or configuration in the cloud environment, or
editing a particular service or configuration in the cloud environment; and
update a cloud infrastructure graph based on the one or more changes to the set of infrastructure assets, wherein the cloud infrastructure graph defines nodes that represent resources in the cloud environment and edges, between the nodes, that represent relationships between the resources.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Chen (US Patent Pub. 20210133301) in view of Bannister (US Patent 9,986,033) and in view of Crabtree (US Patent Pub. 20230008173).
As per claims 1, 14 and 20: A computer-implemented method for analyzing a cloud environment, the computer-implemented method comprising:
invoking an incremental change detector configured to perform an infrastructure scan of the cloud environment and return a scan result that identifies one or more changes to one or more infrastructure assets in the cloud environment, wherein the scan result includes, for each particular change in the one or more changes, first
information indicative of the particular change (Paragraph 27; the smart cloud service system comprises processor executable instructions to synchronize the personal SAM databases on the SAM-server and the SAM-client when an incremental change is detected therein);
However Chen does not specifically disclose running a data scan on the cloud environment that is constrained to the one or more infrastructure assets having the one or more changes; obtaining, based on the data scan, second information associated with the one or more changes (see Bannister, claim 20; wherein the remote cloud service uses cloud computing resources available in proximity to the cloud storage system to detect and scan through the modified distributed filesystem data and ensure that the new data is not malicious and perform indexing on the new data).
Chen in view of Bannister do not specifically disclose updating a cloud infrastructure graph based on one or more of the first information or the second information, wherein the cloud infrastructure graph defines nodes that represent resources in the cloud environment and edges, between the nodes, that represent relationships between the resources (see Crabtree claim 7; relationship graph in a cloud computing platform, the reputation relationship graph comprising nodes representing reputation scores of a plurality of data services, and edges representing relationships between the nodes; storing a baseline database in the cloud computing platform, the baseline content database comprising baseline ratings for each of the plurality of data services).
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Chen, Bannister and Crabtree in it’s entirety, to modify the technique of Chen for smart cloud service system comprises processor executable instructions to synchronize the personal SAM databases on the SAM-server and the SAM-client when an incremental change is detected by adopting Crabtree's teaching for relationship graph in a cloud computing platform, the reputation relationship graph comprising nodes representing reputation scores of a plurality of data services. The motivation would have been to improve analysis of infrastructure posture of a cloud environment.
As per claims 2 and 15: The computer-implemented method of claim 1, wherein running the data scan comprises:
running the data scan by executing a query only for entities that had a change identified in the one or more changes (see Bannister, claim 20; wherein the remote cloud service uses cloud computing resources available in proximity to the cloud storage system to detect and scan through the modified distributed filesystem data and ensure that the new data is not malicious and perform indexing on the new data).
As per claims 3 and 16: The computer-implemented method of claim 2, wherein the data scan scans data stored in the cloud environment in association with the one or more infrastructure assets (scans through all of the data in the distributed filesystem (e.g., accessing the distributed filesystem via a cloud controller that also executes as a cloud compute service); this anti-virus service could be managed and controlled as if it were present within the local network, but actually exist as a remote cloud service that executes in close proximity to the cloud storage system).
As per claim 4: The computer-implemented method of claim 2, wherein the query comprises an add/delete/update query (see Bannister, claim 20; wherein the remote cloud service uses cloud computing resources available in proximity to the cloud storage system to detect and scan through the modified distributed filesystem data and ensure that the new data is not malicious and perform indexing on the new data).
As per claim 5: The computer-implemented method of claim 1, wherein the one or more changes comprise a set of changes identified based on a time period (cloud-based storage systems can prevent clients from accessing their data for substantial time intervals).
As per claim 6: The computer-implemented method of claim 5, and comprising selecting the time period based on a selection criterion (cloud-based storage systems can prevent clients from accessing their data for substantial time intervals).
As per claim 8: The computer-implemented method of claim 1, wherein the cloud environment comprises a set of infrastructure assets, and each change, of the one or more changes, comprises at least one of:
an infrastructure asset added to the set of infrastructure assets, an infrastructure asset deleted from the set of infrastructure assets, and an infrastructure asset changed in the set of infrastructure assets (See Crabtree, Paragraph 117; a cloud computing services platform 2120 is used to perform the network scanning activities not allowed on cloud computing services platform 1 2110. An internal gateway 2121 is used to manage the offloaded scanning tasks and return the scan results).
As per claims 9 and 17: The computer-implemented method of claim 1, wherein the one or more infrastructure assets comprise at least one of:
a compute resource, a storage resource, a privilege, or a role (See Crabtree, Paragraph 50; The risk management and process module is configured to manage the rules and control mechanism such as alert, warning and denying an access and/or a user caused by an accessing security violation. It interfaces with the SAM server controller).
As per claims 10 and 18: The computer-implemented method of claim 1, wherein invoking an incremental change detector comprises invoking a log analyzer microservice configured to scan an event log having a plurality of event log entries that represent events in the cloud environment (Paragraph 27; the smart cloud service system comprises processor executable instructions to synchronize the personal SAM databases on the SAM-server and the SAM-client when an incremental change is detected therein).
As per claim 11: The computer-implemented method of claim 10, and further comprising:
providing a set of parameters to the log analyzer microservice (See Crabtree Paragraph 117; a cloud computing services platform 2120 is used to perform the network scanning activities not allowed on cloud computing services platform 1 2110. An internal gateway 2121 is used to manage the offloaded scanning tasks and return the scan results), and
receiving an analysis result from the log analyzer microservice based on the set of parameters, wherein the analysis result is indicative of a filtered set of event log
entries from the plurality of event log entries (See Crabtree Paragraph 117).
As per claim 12: The computer-implemented method of claim 10, wherein the log analyzer microservice is configured to identify write changes in the event log (See Crabtree Paragraph 103; the use of data from one client to fill gaps in data for another client 1200 to improve cybersecurity analysis and scoring. In any given group of organizations, some organizations will have a more complete set of data regarding some aspects of cybersecurity analysis and scoring than other organizations. For example, large corporate clients will have extensive network security logs, a large Internet profile, frequently patched and updated systems, and a large staff of IT professionals to self-report data).
As per claims 13 and 19: The computer-implemented method of claim 1, and comprising updating the cloud infrastructure graph by at least one of adding a node to the cloud infrastructure graph or deleting a node from the cloud infrastructure graph (See Chen; Paragraph 50; The risk management and process module is configured to manage the rules and control mechanism such as alert, warning and denying an access and/or a user caused by an accessing security violation. It interfaces with the SAM server controller).
Relevant Prior Art References
The following prior art is cited as being of interest to the claimed invention but has not been applied in any of the current rejections.
Vijayan et al.- US Patent 9460405- the prior art teaches techniques for integrating a cloud service with information systems of an enterprise.
Brand et al.- US Patent 9614924 - the prior art teaches techniques for performing network attached storage operations with cloud storage services.
Luft et al.- US Patent Publication 2015/0193466 - the prior art teaches techniques for cloud provider selection and projection.
Taylor et al.- US Patent Publication 2013/0110778 - the prior art teaches techniques for collectively managing (1500) data of distributed file system using cloud controllers.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANTHONY D BROWN whose telephone number is (571)270-1472. The examiner can normally be reached 730-330pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards can be reached at 5712705440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ANTHONY D BROWN/Primary Examiner, Art Unit 2408