Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsAlchemi Data Management, Inc. › 18928466
Last updated: April 19, 2026
Application No. 18/928,466

DETECTION, ISOLATION, AND MITIGATION OF ATTACKS ON A FILE SYSTEM

Non-Final OA §103§DP
Filed
Oct 28, 2024
Examiner
ROBINSON, CHRISTOPHER B
Art Unit
2443
Tech Center
2400 — Computer Networks
Assignee
Alchemi Data Management, Inc.
OA Round
1 (Non-Final)
89%
Grant Probability
Favorable
1-2
OA Rounds
2y 2m
To Grant
96%
With Interview

Interview Optional

+6.4% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 472 resolved cases, 2023–2026

Examiner Intelligence

ROBINSON, CHRISTOPHER B View full profile →
Grants 89% — above average
89%
Career Allow Rate
422 granted / 472 resolved
+31.4% vs TC avg
Moderate +6% lift
Without
With
+6.4%
Interview Lift
resolved cases with interview
Typical timeline
2y 2m
Avg Prosecution
27 currently pending
Career history
499
Total Applications
across all art units

Statute-Specific Performance

§101
9.4%
-30.6% vs TC avg
§103
60.0%
+20.0% vs TC avg
§102
18.6%
-21.4% vs TC avg
§112
5.1%
-34.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 472 resolved cases

Office Action

§103 §DP
DETAILED ACTION Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement 2. The information disclosure statement (IDS) submitted on 10/28/2024 & 11/25/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Double Patenting 3. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim either is anticipated by, or would have been obvious over, the reference claim. See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l) (1) - 706.02(l) (3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms, which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. 4. Claim(s) 1-20 is/are rejected on the ground of nonstatutory double patenting as being unpatentable over claim(s) 1 of U.S. Patent No. 12,197,575 B2. Although the claims at issue are not identical, they are not patentably distinct from each other because Claim(s) 1-3, 7-13, 17-23 & 27-30 of the current application matches directly to every element of Claim 1-18 of U.S. Patent No. 12,197,575 B2. 5. In addition, specifically Independent Claims 1, 11 & 21 is/are rejected on the ground of nonstatutory double patenting as being rejected over claim(s) 1, 11 & 21 of Little et al. (US 2020/0302074 A1) and further in view of Ganesh et al. (US 9,275,065 B1). The claims are not patentable distinct from each other because it would have been obvious to one having ordinary skill in the art at the time the invention was made to take the teachings of Little-Ganesh and apply them on the teachings of Application No. 18/928,466 establishes a time-based access limits that are concurrently applicable to file access request associated with a user ID and detecting abnormal file system access patterns. 6. The table below shows only a sample of how each of these claims is anticipated by claims such as Claim 1 of U.S. Patent No. 12,197,575 B2. Instant Application 18/928,466 US Patent No. 12,197,575 B2 1. A method of data processing in a data processing system including a processor, the method comprising: 1. A method of data processing in a data processing system including a processor, the method comprising: a processor establishing a plurality of time-based file access limits for a user ID, wherein all of the plurality of time-based file access limits are concurrently applicable to file access requests associated with the user ID; a processor establishing, for a user ID, a time-based file system access limit applicable to file system access requests attributed to the user ID and directed to a file system; the processor detecting an abnormal file system access pattern to a file system by applying statistical process control to network layer packets communicating file access requests, the processor detecting, within network layer packets communicated on a communication network, an abnormal file system access pattern directed to the file system, wherein applying statistical process control includes: comparing a number of file access requests by the user ID observed in an observation interval to the plurality of time-based file access limits, wherein the plurality of time-based file access limits including at least one of the following set: a first file access limit based on periodicity of file access requests; and a second file access limit based on age of accessed files; wherein the detecting includes comparing, to the time-based file system access limit, a number of file system access requests in the network layer packets of a given file system protocol that are attributed to the user ID and that are observed within an observation interval; based on the comparing, generating an event based on each time-based file access limit that is satisfied; based on one or more events, detecting the abnormal file system access pattern; and based on detecting the abnormal file system access pattern, the processor temporarily suspending, at the network layer, file system access by the user ID contributing to the abnormal file system access pattern; and the processor initiating an action based on detection of the abnormal file system access pattern. the processor providing a notification identifying one or more file system objects accessed in the abnormal file system access pattern. 2. The method of Claim 1, wherein initiating the action includes limiting file access requests by the user ID. 3. The method of Claim 1, wherein the establishing includes setting at least some of the time-based file access limits based on an average number of file system accesses observed during one or more observation intervals. 2. The method of claim 1, wherein establishing the time-based file system access limit includes setting the file system access limit based on an observed number of file system access requests attributed to the user ID during each of one or more prior observation intervals. 4. The method of Claim 3, wherein the observation intervals are at least one of the following: time intervals that are subsets of days of the week; and entire days of the week. 5. The method of Claim 1, wherein each second file access limit is associated with a respective set of files of a common age. 6. The method of Claim 5, wherein: the plurality of time-based file access limits includes multiple different second file access limits; and each of the multiple different second file access limits is applicable to a respective associated one of multiple ranges of file ages. 7. The method of Claim 1, wherein applying statistical process control includes periodically updating the plurality of time-based file access limits based on changing file system access patterns associated with the user ID. 3. The method of claim 1, further comprising: the processor periodically updating the time-based file system access limit based on changing file system access patterns attributed to the user ID. 8. The method of Claim 1, wherein applying statistical process control includes building a file access index based on file system access requests associated with the user ID. 4. The method of claim 1, further comprising: building a file access index characterizing file system traffic based on file system access requests in network layer packets that are attributed to one or more user IDs including the user ID; wherein the comparing includes referencing the file access index. 9. The method of Claim 1, wherein initiating the action includes: the processor temporarily suspending file system access by the user ID to one or more file system objects. 5. The method of claim 1, further comprising: based on detecting the abnormal file system access pattern, the processor temporarily suspending file system access by the user ID to the file system through handling of network layer packets attributed to the user ID. 10. The method of Claim 1, wherein initiating the action includes: the processor recovering at least one file system object recently accessed in the abnormal file system access pattern by reverting to a prior version of the at least one file system object. 6. The method of claim 1, further comprising: based on detecting the abnormal file system access pattern, the processor recovering at least one file system object recently accessed by the user ID by reverting to a prior version of the at least one file system object. 11. A data processing system, comprising: a processor; and a storage device coupled to the processor, wherein the storage device includes program code executable by the processor core that causes the data processing system to perform: establishing a plurality of time-based file access limits for a user ID, wherein all of the plurality of time-based file access limits are concurrently applicable to file access requests associated with the user ID; detecting an abnormal file system access pattern to a file system by applying statistical process control to network layer packets communicating file access requests, wherein applying statistical process control includes: comparing a number of file access requests by the user ID observed in an observation interval to the plurality of time-based file access limits, wherein the plurality of time-based file access limits including at least one of the following set: a first file access limit based on periodicity of file access requests; and a second file access limit based on age of accessed files; based on the comparing, generating an event based on each time-based file access limit that is satisfied; based on one or more events, detecting the abnormal file system access pattern; and initiating an action based on detection of the abnormal file system access pattern. 7. A data processing system, comprising: a processor; and a storage device coupled to the processor, wherein the storage device includes program code executable by the processor core that causes the data processing system to perform: establishing, for a user ID, a time-based file system access limit applicable to file system access requests attributed to the user ID and directed to a file system; detecting, within network layer packets communicated on a communication network, an abnormal file system access pattern directed to the file system, wherein the detecting includes comparing, to the time-based file system access limit, a number of file system access requests in the network layer packets of a given file system protocol that are attributed to the user ID and that are observed within an observation interval; based on detecting the abnormal file system access pattern, temporarily suspending, at the network layer, file system access by the user ID contributing to the abnormal file system access pattern; and providing a notification identifying one or more file system objects accessed in the abnormal file system access pattern. 12. The data processing system of Claim 11, wherein initiating the action includes limiting file access requests by the user ID. 13. The data processing system of Claim 11, wherein the establishing includes setting at least some of the time-based file access limits based on an average number of file system accesses observed during one or more observation intervals. 8. The data processing system of claim 7, wherein establishing the time-based file system access limit includes setting the file system access limit based on an observed number of file system access requests attributed to the user ID during each of one or more prior observation intervals. 14. The data processing system of Claim 13, wherein the observation intervals are at least one of the following: time intervals that are subsets of days of the week; and entire days of the week. 15. The data processing system of Claim 11, wherein each second file access limit is associated with a respective set of files of a common age. 16. The data processing system of Claim 15, wherein: the plurality of time-based file access limits includes multiple different second file access limits; and each of the multiple different second file access limits is applicable to a respective associated one of multiple ranges of file ages. 17. The data processing system of Claim 11, wherein applying statistical process control includes periodically updating the plurality of time-based file access limits based on changing file system access patterns associated with the user ID. 9. The data processing system of claim 7, wherein the program code further causes the data processing system to perform: periodically updating the time-based file system access limit based on changing file system access patterns attributed to the user ID. 18. The data processing system of Claim 11, wherein applying statistical process control includes building a file access index based on file system access requests associated with the user ID. 10. The data processing system of claim 7, wherein the program code further causes the data processing system to perform: building a file access index characterizing file system traffic based on file system access requests in network layer packets that are attributed to of one or more user IDs including the user ID; wherein the comparing includes referencing the file access index. 19. The data processing system of Claim 11, wherein initiating the action includes: temporarily suspending file system access by the user ID to one or more file system objects. 11. The data processing system of claim 7, wherein the program code further causes the data processing system to perform: based on detecting the abnormal file system access pattern, temporarily suspending file system access by the user ID to the file system through handling of network layer packets attributed to the user ID. 20. The data processing system of Claim 11, wherein initiating the action includes: recovering at least one file system object recently accessed in the abnormal file system access pattern by reverting to a prior version of the at least one file system object. 12. The data processing system of claim 7, wherein the program code further causes the processor to perform: based on detecting the abnormal file system access pattern, recovering at least one file system object recently accessed by the user ID by reverting to a prior version of the at least one file system object. 21. A program product, comprising: a storage device; and program code, stored within the storage device, which when executed by a processor of a data processing system serving a source host causes the data processing system to perform: establishing a plurality of time-based file access limits for a user ID, wherein all of the plurality of time-based file access limits are concurrently applicable to file access requests associated with the user ID; detecting an abnormal file system access pattern to a file system by applying statistical process control to network layer packets communicating file access requests, wherein applying statistical process control includes: comparing a number of file access requests by the user ID observed in an observation interval to the plurality of time-based file access limits, wherein the plurality of time-based file access limits including at least one of the following set: a first file access limit based on periodicity of file access requests; and a second file access limit based on age of accessed files; based on the comparing, generating an event based on each time-based file access limit that is satisfied; based on one or more events, detecting the abnormal file system access pattern; and initiating an action based on detection of the abnormal file system access pattern. 13. A program product, comprising: a storage device; and program code, stored within the storage device, which when executed by a processor of a data processing system serving a source host causes the data processing system to perform: establishing, for a user ID, a time-based file system access limit applicable to file system access requests attributed to the user ID and directed to a file system; detecting, within network layer packets communicated on a communication network, an abnormal file system access pattern directed to the file system, wherein the detecting includes comparing, to the time-based file system access limit, a number of file system access requests in the network layer packets of a given file system protocol that are attributed to the user ID and that are observed within an observation interval; based on detecting the abnormal file system access pattern, temporarily suspending, at the network layer, file system access by the user ID contributing to the abnormal file system access pattern; and providing a notification identifying one or more file system objects accessed in the abnormal file system access pattern. 22. The program product of Claim 21, wherein initiating the action includes limiting file access requests by the user ID. 23. The program product of Claim 21, wherein the establishing includes setting at least some of the time-based file access limits based on an average number of file system accesses observed during one or more observation intervals. 14. The program product of claim 13, wherein establishing the time-based file system access limit includes setting the file system access limit based on an observed number of file system access requests attributed to the user ID during each of one or more prior observation intervals. 24. The program product of Claim 23, wherein the observation intervals are at least one of the following: time intervals that are subsets of days of the week; and entire days of the week. 25. The program product of Claim 21, wherein each second file access limit is associated with a respective set of files of a common age. 26. The program product of Claim 25, wherein: the plurality of time-based file access limits includes multiple different second file access limits; and each of the multiple different second file access limits is applicable to a respective associated one of multiple ranges of file ages. 27. The program product of Claim 21, wherein applying statistical process control includes periodically updating the plurality of time-based file access limits based on changing file system access patterns associated with the user ID. 15. The program product of claim 13, wherein the program code further causes the data processing system to perform: periodically updating the time-based file system access limit based on changing file system access patterns attributed to the user ID. 28. The program product of Claim 21, wherein applying statistical process control includes building a file access index based on file system access requests associated with the user ID. 16. The program product of claim 13, wherein the program code further causes the data processing system to perform: building a file access index characterizing file system traffic based on file system access requests in network layer packets that are attributed to one or more user IDs including the user ID; wherein the comparing includes referencing the file access index. 29. The program product of Claim 21, wherein initiating the action includes: temporarily suspending file system access by the user ID to one or more file system objects. 17. The data processing system of claim 13, wherein the program code further causes the data processing system to perform: based on detecting the abnormal file system access pattern, temporarily suspending file system access by the user ID to the file system through handling of network layer packets attributed to the user ID. 30. The program product of Claim 21, wherein initiating the action includes: recovering at least one file system object recently accessed in the abnormal file system access pattern by reverting to a prior version of the at least one file system object. 18. The data processing system of claim 13, wherein the program code further causes the data processing system to perform: based on detecting the abnormal file system access pattern, recovering at least one file system object recently accessed by the user ID by reverting to a prior version of the at least one file system object. 19. The method of claim 1, further comprising: based on detecting the abnormal file system access pattern, the processor temporarily suspending file system access to one or more file system objects recently accessed by the user ID. 20. The method of claim 1, wherein the detecting includes detecting at a hardware platform interposed in the communication network between a computing node associated with the user ID and a file server hosting the file system. Claim Rejections - 35 USC § 103 7. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-2, 8-9, 11-12, 18-19, 21-22, 28-29 is/are rejected under 35 U.S.C. 103 as being unpatentable over Little et al. (US 2020/0302074 A1) and further in view of Ganesh et al. (US 9,275,065 B1). Re Claim 1, 11 & 21, Little teaches a method of data processing in a data processing system including a processor, the method comprising: a processor establishing a plurality of time-based file access limits for a user ID, (Little; FIG. 1-4; Background, Summary, ¶ [0016]-[0017], [0050], [0060], [0073]; A plurality of time related access limits for identifiable users.) wherein all of the plurality of time-based file access limits are concurrently applicable to file access requests associated with the user ID; (Little; FIG. 1-4; Background, Summary, ¶ [0016]-[0017], [0050], [0060], [0073]; The system allows for simultaneous file access request associated with a user.) Little does not explicitly suggest the processor detecting an abnormal file system access pattern to a file system by applying statistical process control to network layer packets communicating file access requests, wherein applying statistical process control includes: comparing a number of file access requests by the user ID observed in an observation interval to the plurality of time-based file access limits, wherein the plurality of time-based file access limits including at least one of the following set: a first file access limit based on periodicity of file access requests; and a second file access limit based on age of accessed files; based on the comparing, generating an event based on each time-based file access limit that is satisfied; based on one or more events, detecting the abnormal file system access pattern; and the processor initiating an action based on detection of the abnormal file system access pattern. However, in analogous art, Ganesh teaches the processor detecting an abnormal file system access pattern to a file system by applying statistical process control to network layer packets communicating file access requests, (Ganesh; FIG. 1-4; Background, Summary, Col. 3 Ln. 55-62, Co. 4 Ln. 55 – Col. 8 Ln. 44; The cited embodiment(s) detail comparable methodology similar in scope that illustrates the stated limitation such as detecting anomalous/malicious/abnormal access of a file system by apply a statistical process that detect standard deviation in transmitted data (network layer packets) associated with file access requests.) wherein applying statistical process control includes: (Ganesh; FIG. 1-4; Background, Summary, Col. 3 Ln. 55-62, Co. 4 Ln. 55 – Col. 8 Ln. 44, Col. 9 Ln. 41-50; Applying the statical process.) comparing a number of file access requests by the user ID observed in an observation interval to the plurality of time-based file access limits, (Ganesh; FIG. 1-4; Background, Summary, Col. 7 Ln. 30 – Col. 8 Ln. 15, Col. 9 Ln. 39-64; Comparing user access records with standard deviation file access related request associated with a user identifiable information.) wherein the plurality of time-based file access limits including at least one of the following set: a first file access limit based on periodicity of file access requests; and a second file access limit based on age of accessed files; based on the comparing, generating an event based on each time-based file access limit that is satisfied; based on one or more events, detecting the abnormal file system access pattern; and (Ganesh; FIG. 1-4; Background, Summary, Col. 5 Ln. 4-16, 38-64, Col. 6 Ln. 40-59, Col. 8 Ln. 45 – Col. 9 Ln. 64; Detecting abnormal/malicious/anomalous file system access behavior/patterns.) the processor initiating an action based on detection of the abnormal file system access pattern. (Ganesh; FIG. 1-4; Background, Summary, Col. 5 Ln. 4-16, 38-64, Col. 6 Ln. 40-59, Col. 8 Ln. 45 – Col. 9 Ln. 64; Policy enforcement (an action) based on abnormal/malicious/malicious access to a file system.) It would have been obvious to one of ordinary skill in the art at before the effective filing date of the claimed invention (AIA ) to modify Little in view of Ganesh to detect standard deviation in user access patterns of a file system for the reasons of identifying deviation from the user data access behavior patterns based on data access records. (Ganesh Abstract) Re Claim 2, 12 & 22, Little-Ganesh discloses the method of Claim 1, wherein initiating the action includes limiting file access requests by the user ID. (Ganesh; FIG. 1-4; Background, Summary, Col. 5 Ln. 4-16, 38-64, Col. 6 Ln. 40-59, Col. 8 Ln. 45 – Col. 9 Ln. 64; Limiting the user access request.) It would have been obvious to one of ordinary skill in the art at before the effective filing date of the claimed invention (AIA ) to modify Little in view of Ganesh to detect standard deviation in user access patterns of a file system for the reasons of identifying deviation from the user data access behavior patterns based on data access records. (Ganesh Abstract) Re Claim 8, 18 & 28, Little-Ganesh discloses the method of Claim 1, wherein applying statistical process control includes building a file access index based on file system access requests associated with the user ID. (Ganesh; FIG. 1-4; Background, Summary, Col. 6 Ln. 17-52; A index for the searching of data associated with file system access request and a user.) It would have been obvious to one of ordinary skill in the art at before the effective filing date of the claimed invention (AIA ) to modify Little in view of Ganesh to detect standard deviation in user access patterns of a file system for the reasons of identifying deviation from the user data access behavior patterns based on data access records. (Ganesh Abstract) Re Claim 9, 19 & 29, Little-Ganesh discloses the method of Claim 1, wherein initiating the action includes: the processor temporarily suspending file system access by the user ID to one or more file system objects. (Ganesh; FIG. 1-4; Background, Summary, Col. 5 Ln. 4-16, 38-64, Col. 6 Ln. 40-59, Col. 8 Ln. 45 – Col. 9 Ln. 64; Suspending file system access.) It would have been obvious to one of ordinary skill in the art at before the effective filing date of the claimed invention (AIA ) to modify Little in view of Ganesh to detect standard deviation in user access patterns of a file system for the reasons of identifying deviation from the user data access behavior patterns based on data access records. (Ganesh Abstract) Claim(s) 3-4, 4-14, 23-24 is/are rejected under 35 U.S.C. 103 as being unpatentable over Little et al. (US 2020/0302074 A1), in view of Ganesh et al. (US 9,275,065 B1) and further in view of Deodhar et al. (US 2012/0259849 A1). Re Claim 3, 13 & 23, Little-Ganesh discloses the method of Claim 1, yet does not explicitly suggest wherein the establishing includes setting at least some of the time-based file access limits based on an average number of file system accesses observed during one or more observation intervals. However, in analogous art, Deodhar teaches wherein the establishing includes setting at least some of the time-based file access limits based on an average number of file system accesses observed during one or more observation intervals. (Deodhar; FIG. 3-9; Summary, ¶ [0064]-[0074]; The embodiment(s) detail access limits based on overserved user access to a file system and limiting a user access to such files.) It would have been obvious to one of ordinary skill in the art at before the effective filing date of the claimed invention (AIA ) to modify Little-Ganesh in view of Deodhar to limit user access to files of a file system for the reasons of creating a method of managing user access to files in a file system. (Deodhar Abstract) Re Claim 4, 14 & 24, Little-Ganesh-Deodhar discloses the method of Claim 3, wherein the observation intervals are at least one of the following: time intervals that are subsets of days of the week; and (Deodhar; FIG. 3-9; Summary, ¶ [0064]-[0074]; Days of the week.) entire days of the week. It would have been obvious to one of ordinary skill in the art at before the effective filing date of the claimed invention (AIA ) to modify Little-Ganesh in view of Deodhar to limit user access to files of a file system for the reasons of creating a method of managing user access to files in a file system. (Deodhar Abstract) Claim(s) 7, 17 & 27 is/are rejected under 35 U.S.C. 103 as being unpatentable over Little et al. (US 2020/0302074 A1), in view of Ganesh et al. (US 9,275,065 B1) and further in view of OKITSU KENGO (JP 2013114588 A). Re Claim 7, 17 & 27, Little-Ganesh discloses the method of Claim 1, yet does not explicitly suggest wherein applying statistical process control includes periodically updating the plurality of time-based file access limits based on changing file system access patterns associated with the user ID. However, in analogous art, OKITSU KENGO teaches wherein applying statistical process control includes periodically updating the plurality of time-based file access limits based on changing file system access patterns associated with the user ID. (OKITSU KENGO; FIG. 8-10; Page(s) 8; The embodiment(s) detail standard deviations and the updating of user file access based on user access patterns.) It would have been obvious to one of ordinary skill in the art at before the effective filing date of the claimed invention (AIA ) to modify Little-Ganesh in view of OKITSU KENGO to limit user access to files of a file system for the reasons of creating a method of recording user access history to files. (OKITSU KENGO Abstract) Conclusion 8. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER B ROBINSON whose telephone number is (571)270-0702. The examiner can normally be reached M-F 7:00-3:00 EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas R Taylor can be reached at 571-272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CHRISTOPHER B ROBINSON/Primary Examiner, Art Unit 2443
Read full office action

Prosecution Timeline

Oct 28, 2024
Application Filed
Jan 29, 2026
Non-Final Rejection — §103, §DP (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/489,073
Patent 12604193
AUTOMATIC SWITCHING METHOD FOR INTRUSION DETECTION FUNCTION AND WIRELESS DETECTION SYSTEM CAPABLE OF AUTOMATICALLY SWITCHING INTRUSION DETECTION FUNCTION TRANSCEIVER
2y 5m to grant Granted Apr 14, 2026
17/708,815
Patent 12598084
External Authentication Method, Communication Apparatus, and Communication System
2y 5m to grant Granted Apr 07, 2026
18/252,252
Patent 12596835
PERSONAL FEATURE INFORMATION SECURITY ASSURANCE SYSTEM
2y 5m to grant Granted Apr 07, 2026
18/360,613
Patent 12598203
ANALYZING AND RECOMMENDING ROGUE CLASSIFICATION POLICIES FOR A COMMUNICATION NETWORK
2y 5m to grant Granted Apr 07, 2026
18/394,033
Patent 12593217
SYSTEMS AND METHODS FOR MANAGING APPLICATION AUTHENTICATION IN A WIRELESS NETWORK
2y 5m to grant Granted Mar 31, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
89%
Grant Probability
96%
With Interview (+6.4%)
2y 2m
Median Time to Grant
Low
PTA Risk
Based on 472 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month