Prosecution Insights
Last updated: July 17, 2026
Application No. 18/957,934

DYNAMIC RESOURCE COMPLIANCE DETERMINATION FOR CONTAINERIZED SYSTEMS

Non-Final OA §103
Filed
Nov 25, 2024
Examiner
HOLDER, BRADLEY W
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
International Business Machines Corporation
OA Round
1 (Non-Final)
84%
Grant Probability
Favorable
1-2
OA Rounds
2y 0m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 84% — above average
84%
Career Allowance Rate
411 granted / 491 resolved
+25.7% vs TC avg
Strong +62% interview lift
Without
With
+62.5%
Interview Lift
resolved cases with interview
Typical timeline
3y 8m
Avg Prosecution
13 currently pending
Career history
503
Total Applications
across all art units

Statute-Specific Performance

§101
2.7%
-37.3% vs TC avg
§103
86.4%
+46.4% vs TC avg
§102
5.5%
-34.5% vs TC avg
§112
2.3%
-37.7% vs TC avg
Black line = Tech Center average estimate • Based on career data from 491 resolved cases

Office Action

§103
CTNF 18/957,934 CTNF 86906 Notice of Pre-AIA or AIA Status 07-03-aia AIA 15-10-aia The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA. DETAILED ACTION This is in response to Application #18/957,934 filed on 11/25/2024 in which Claims 1-20 are presented for examination. 12-151 AIA 26-51 12-51 Status of Claims Claims 1-20 are pending, of which Claims 1-20 are rejected under 35 U.S.C. 103. Applicant’s Most Recent Claim Set of 11/25/2024 Applicant’s most recent claim set of 11/25/2024 is considered to be the latest claim set under consideration by the examiner. Prior Art Rejections - 35 USC § 102 and/or 35 USC § 103 07-06 AIA 15-10-15 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 103 07-20-aia AIA The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 07-20-02-aia AIA This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. 07-21-aia AIA Claim (s) 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Deboy et al US Patent Application Publication #2023/0205657 in view of Aziz et al US Patent #10,462,173 . Regarding Claim 1, Deboy et al discloses: A system comprising: a memory; and a processor in communication with said memory, said processor being configured to perform operations, said operations comprising [(Deboy et al. Par 35 Lines 22-28) where Deboy et al teaches that the systems utilized in Deboy et al have processor, memory, and non-transitory storage mediums for storing and executing instructions to implement the software portions of Deboy et al] : monitoring network actions between resources within a network [(Deboy et al. Par 2 Lines 1-18; Par 24 Lines 1-7) where Deboy et al teaches the monitoring of distributed computer system’s cloud based services or resources over a public network to ensure the health of the cloud based services or resources] ; obtaining a resource health report for a resource in said network [(Deboy et al. Par 5 Lines 14-23) where Deboy et al teaches the obtaining of health metrics or health resource reports from the cloud based services or resources] ; merging connection security data with said resource health report [(Deboy et al. Par 5 Lines 14-23; Par 63 Lines 1-17) where Deboy et al teaches the obtaining of health metrics or health reports from the cloud based services or resources with the health metrics or health reports from the individual cloud based services or resources merged or consolidated into service health reports, which anyone of common skill in the art would understand to include any relevant connection security data since that is automatically a major part of the health regarding a cloud network service’s behavior in a cloud network] ; and generating a security compliance report [(Deboy et al. Par 5 Lines 14-23; Par 63 Lines 1-17) where Deboy et al teaches the obtaining of health metrics or health reports from the cloud based services or resources with the health metrics or health reports from the individual cloud based services or resources merged or consolidated into service health reports, which anyone of common skill in the art would understand to include any relevant connection security data since that is automatically a major part of the health regarding a cloud network service’s behavior in a cloud network, with the merged or consolidated service health reports resulting in also serving as security compliance reports] . Deboy et al does not appear to explicitly disclose: extracting encryption data from said network actions; detecting connection security data from said encryption data; However, Aziz et al discloses: extracting encryption data from said network actions; detecting connection security data from said encryption data; [(Aziz et al Col 12 Lines 11-12, 32-34, 43-52, 56-58) where Aziz et al teaches scoring logic that generates scores of maliciousness or security issues regarding network actions, which is then stored encrypted into network transmission data, which is then extracted and evaluated by a classifying engine that determines if the network actions scored are actually malicious, suspicious, or benign]. Deboy et al and Aziz et al are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area”. Namely, they are both from the field of “information security”. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Deboy et al and the teachings of Aziz et al by providing scoring logic that generates scores of maliciousness or security issues regarding network actions, which is then stored encrypted into network transmission data, which is then extracted and evaluated by a classifying engine that determines if the network actions scored are actually malicious, suspicious, or benign as taught by Aziz et al in the teaching described by Deboy et al. The motivation for doing so would be to increase the usability and flexibility of Deboy et al by providing scoring logic that generates scores of maliciousness or security issues regarding network actions, which is then stored encrypted into network transmission data, which is then extracted and evaluated by a classifying engine that determines if the network actions scored are actually malicious, suspicious, or benign as taught by Aziz et al in the teaching described by Deboy et al so as to provide a way of having a system wide consolidated process evaluate suspected malicious security data so as to make more uniform decisions regarding the level of malicious security breaches within a single overall system. Regarding Claim 2, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Deboy et al and Aziz et al discloses: The system of claim 1, wherein monitoring said network actions comprises: capturing an exchange between said resources [(Deboy et al. Par 2 Lines 1-18; Par 24 Lines 1-7) where Deboy et al teaches the monitoring of distributed computer system’s cloud based services or resources over a public network to ensure the health of the cloud based services or resources with the cloud based services or resources moving over a public network indicating an exchange of information between the cloud based services or resources] . Regarding Claim 3, most of the limitations of this claim have been noted in the rejection of Claim 2. Applicant is directed to the rejection of Claim 2 above. In addition, the combination of Deboy et al and Aziz et al discloses: The system of claim 2, wherein said exchange comprises: a handshake; a message; and a response to said message [(Deboy et al. Par 2 Lines 1-18; Par 24 Lines 1-7) where Deboy et al teaches the monitoring of distributed computer system’s cloud based services or resources over a public network to ensure the health of the cloud based services or resources with the cloud based services or resources moving over a public network indicating an exchange of information between the cloud based services or resources including a handshake to establish a communications link, a message to be transmitted, and a response to the message to be sent back for confirmation] . Regarding Claim 4, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Deboy et al and Aziz et al discloses: The system of claim 1, wherein said encryption data includes at least one from the group consisting of an encryption algorithm, a cryptographic certificate, an encryption key, and an encryption key length [(Deboy et al. Par 39 Lines 1-13) where Deboy et al teaches that the cloud based services or resources include the management and sharing of cryptographic keys, which would need to occur as part of the encrypted messages transmitted and received] . Regarding Claim 5, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Deboy et al and Aziz et al discloses: The system of claim 1, said operations further comprising: generating a virtual deployment instance [(Deboy et al. Par 35 Lines 14-22) where Deboy et al teaches that the cloud based services or resources include virtual deployment instances of the cloud based services or resources] . Regarding Claim 6, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Deboy et al and Aziz et al discloses: The system of claim 1, said operations further comprising: generating a resource deployment health report graph. [(Deboy et al. Par 5 Lines 14-23; Par 63 Lines 1-17) (Aziz et al Col 8 Lines 63-64) where Deboy et al and Aziz et al teach the obtaining of health metrics or health reports from the cloud based services or resources with the health metrics or health reports from the individual cloud based services or resources merged or consolidated into service health reports, which anyone of common skill in the art would understand to include any relevant connection security data since that is automatically a major part of the health regarding a cloud network service’s behavior in a cloud network, with the merged or consolidated service health reports resulting in also serving as security compliance and resourced compliance health reports that may be presented as results to the user in graphical form] . Regarding Claim 7, most of the limitations of this claim have been noted in the rejection of Claim 1. Applicant is directed to the rejection of Claim 1 above. In addition, the combination of Deboy et al and Aziz et al discloses: The system of claim 1, said operations further comprising: building said resource health report. [(Deboy et al. Par 5 Lines 14-23) where Deboy et al teaches the building of health metrics or health resource reports from the cloud based services or resources] . Regarding Claim 8: It is a method claim corresponding to the system claim of claim 1. Therefore, claim 8 is rejected with the same rationale as applied against claim 1 above. Regarding Claim 9: It is a method claim corresponding to the system claim of claim 2. Therefore, claim 9 is rejected with the same rationale as applied against claim 2 above. Regarding Claim 10: It is a method claim corresponding to the system claim of claim 3. Therefore, claim 10 is rejected with the same rationale as applied against claim 3 above. Regarding Claim 11: It is a method claim corresponding to the system claim of claim 4. Therefore, claim 11 is rejected with the same rationale as applied against claim 4 above. Regarding Claim 12: It is a method claim corresponding to the system claim of claim 5. Therefore, claim 12 is rejected with the same rationale as applied against claim 5 above. Regarding Claim 13: It is a method claim corresponding to the system claim of claim 6. Therefore, claim 13 is rejected with the same rationale as applied against claim 6 above. Regarding Claim 14, most of the limitations of this claim have been noted in the rejection of Claim 13. Applicant is directed to the rejection of Claim 13 above. In addition, the combination of Deboy et al and Aziz et al discloses: The method of claim 13, wherein said resource deployment health report graph includes resources within said network, resource relationships within said network, and statuses within said network [(Deboy et al. Par 5 Lines 14-23; Par 63 Lines 1-17) (Aziz et al Col 8 Lines 63-64) where Deboy et al and Aziz et al teach the obtaining of health metrics or health reports from the cloud based services or resources with the health metrics or health reports from the individual cloud based services or resources merged or consolidated into service health reports, which anyone of common skill in the art would understand to include any relevant connection security data since that is automatically a major part of the health regarding a cloud network service’s behavior in a cloud network, with the merged or consolidated service health reports resulting in also serving as security compliance and resourced compliance health reports that may be presented as results to the user in graphical form that include cloud based services or resources within the cloud network, cloud based services or resource relationships with each other within the cloud network, and status information regarding the cloud based services or resources within the cloud network] . Regarding Claim 15: It is a method claim corresponding to the system claim of claim 7. Therefore, claim 15 is rejected with the same rationale as applied against claim 7 above. Regarding Claim 16: It is a program product claim corresponding to the system claim of claim 1. Therefore, claim 16 is rejected with the same rationale as applied against claim 1 above. Regarding Claim 17: It is a program product claim corresponding to the system claim of claim 2. Therefore, claim 17 is rejected with the same rationale as applied against claim 2 above. Regarding Claim 18: It is a program product claim corresponding to the system claim of claim 4. Therefore, claim 18 is rejected with the same rationale as applied against claim 4 above. Regarding Claim 19: It is a program product claim corresponding to the system claim of claim 5. Therefore, claim 19 is rejected with the same rationale as applied against claim 5 above. Regarding Claim 20: It is a program product claim corresponding to the system claim of claim 6. Therefore, claim 20 is rejected with the same rationale as applied against claim 6 above . Conclusion 07-96 AIA The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Carter et al - US_20030051026: Carter et al teaches a network security system. Gupta et al - US_12113675: Gupta et al teaches a network security management system . Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789. The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM Eastern Time. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Linglan Edwards, can be reached on (571) 270-5440. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /BRADLEY W HOLDER/ Primary Examiner, Art Unit 2408 Application/Control Number: 18/957,934 Page 2 Art Unit: 2408 Application/Control Number: 18/957,934 Page 3 Art Unit: 2408 Application/Control Number: 18/957,934 Page 4 Art Unit: 2408 Application/Control Number: 18/957,934 Page 5 Art Unit: 2408 Application/Control Number: 18/957,934 Page 6 Art Unit: 2408 Application/Control Number: 18/957,934 Page 7 Art Unit: 2408 Application/Control Number: 18/957,934 Page 8 Art Unit: 2408 Application/Control Number: 18/957,934 Page 9 Art Unit: 2408 Application/Control Number: 18/957,934 Page 10 Art Unit: 2408 Application/Control Number: 18/957,934 Page 11 Art Unit: 2408 Application/Control Number: 18/957,934 Page 12 Art Unit: 2408
Read full office action

Prosecution Timeline

Nov 25, 2024
Application Filed
Jun 03, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12683809
METHOD AND APPARATUS FOR VERIFYING FIRMWARE
2y 9m to grant Granted Jul 14, 2026
Patent 12632611
SYSTEM AND METHOD FOR SECURE KEY MANAGEMENT FOR ENCRYPTED CORE DUMP
2y 3m to grant Granted May 19, 2026
Patent 12615245
SYSTEMS AND METHODS TO ORCHESTRATE TRUSTED ENROLLMENT
1y 8m to grant Granted Apr 28, 2026
Patent 12580752
SYSTEMS AND METHODS FOR GENERATING SHARED SECRET KEY FOR TRANSACTION CARDS
2y 2m to grant Granted Mar 17, 2026
Patent 12580726
Using a single AES key to encrypt PKCS #7 files
2y 5m to grant Granted Mar 17, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
84%
Grant Probability
99%
With Interview (+62.5%)
3y 8m (~2y 0m remaining)
Median Time to Grant
Low
PTA Risk
Based on 491 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month