Prosecution Insights
Last updated: July 17, 2026
Application No. 18/983,148

METHOD FOR GENERATING IDENTITY AND ACCESS MANAGEMENT POLICY RECOMMENDATIONS

Non-Final OA §103
Filed
Dec 16, 2024
Priority
Dec 15, 2023 — provisional 63/610,630 +1 more
Examiner
DESROSIERS, EVANS
Art Unit
2491
Tech Center
2400 — Computer Networks
Assignee
Also Known AS Inc.
OA Round
1 (Non-Final)
83%
Grant Probability
Favorable
1-2
OA Rounds
1y 5m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 83% — above average
83%
Career Allowance Rate
861 granted / 1039 resolved
+24.9% vs TC avg
Strong +23% interview lift
Without
With
+22.9%
Interview Lift
resolved cases with interview
Typical timeline
3y 0m
Avg Prosecution
18 currently pending
Career history
1064
Total Applications
across all art units

Statute-Specific Performance

§101
2.3%
-37.7% vs TC avg
§103
78.6%
+38.6% vs TC avg
§102
9.3%
-30.7% vs TC avg
§112
1.8%
-38.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 1039 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detailed Action This communication is in response to the application filed on 12/16/2024 in which Claims 1-20 are presented for examination. Drawings The applicant’s drawings submitted on 12/16/2024 are acceptable for examination purposes. Objections Claims 1-20 are objected to because of the following informalities: The examiner suggests amending claims 1 to delete the bullets. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of pre-AIA 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action: (a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made. Claims 1-3, 5-12, 14-20 are rejected under pre-AIA 35 U.S.C. 103(a) as being unpatentable over Gee U.S. Patent No. 12549558 B1 (hereinafter " Gee ") in view of KARLBERG US 20210288971 A1. As to claim 1, Gee teaches a method comprising: accessing a first set of objects generated by a source and representing a set of identities associated with a computer network; detecting the set of identities based on the first set of objects (Gee Col. 16 lines 31-35) [A relationship model is a logical representation of groupings of users of the computer network that is not coupled with or dependent on the topology of the computer network. It comprises a plurality of objects called “nodes]; accessing a first policy associated with the computer network (Gee Col. 3 lines 54-60) [Identity governance and administration (IGA) systems enable the implementation of a policy-based approach to managing user identities and controlling access]; extracting a first entitlement from the first policy, the first entitlement granting permission to a first identity in the set of identities to access a first resource, in a set of resources associated with the computer network (Gee Col. 5 lines 23-27) [enable secure delegation of authority to create and manage identities for users of a computer network and to provision access entitlements to users to network resources in a manner that ensures compliance with security and access policies], according to a first access level (Gee Col. 5 lines 37-45) [an administrator to set access permissions by attributes. For example, the user- the user's job title, function, and seniority level could determine the work that can be done; the resource- the type of file, the person who made it, or the document's sensitivity; and the circumstances- where the user is, the time of day, the date, etc. Rules can be developed for authorizing user access based on these attributes. This allows for well-defined access control]; It is noted that Gee not appear explicitly disclose accessing a first set of event data representing activity associated with the set of resources during a first time period; detecting a first access attempt associated with the first resource by the first identity based on the first set of event data, the first access attempt characterized by a second access level; detecting a deviation between the second access level and the first access level defined in the first entitlement; generating a second policy representing a second entitlement granting permission to the first identity to access the first resource according to the second access level in response to detecting the deviation; and serving the second policy to an operator via an interface. However, KARLBERG discloses accessing a first set of event data representing activity associated with the set of resources during a first time period; detecting a first access attempt associated with the first resource by the first identity based on the first set of event data, the first access attempt characterized by a second access level (KARLBERG Pa. [0176]) [determining that a first access control level is required to access a first computer resource of the plurality of computer resources and a second access control level different than the first access control level is required to access a second computer resource of the plurality of computer resources]; detecting a deviation between the second access level and the first access level defined in the first entitlement (KARLBERG Pa. [0176]) [comparing the first access control level and the second access control level with one or more access credentials of the user] [0125] [it is determined whether the user has access to all of the resources. In some embodiments, this is performed by the functionality described with respect to the client-resource runtime evaluator 226 of FIG. 2. In some embodiments, block 1310 is performed based on the comparing of block 1308. [0126] Per block 1312, if the user does not have access to all of the resources, particular embodiments provide to a user device only those resources that the user has access to]; generating a second policy representing a second entitlement granting permission to the first identity to access the first resource according to the second access level in response to detecting the deviation (KARLBERG Pa. [0126]) [ determine that the first user has access to a first computer resource of the plurality of computer resources and does not have access to a second computer resource of the plurality of computer resources. Accordingly, based at least in part on determining that the first user has access to the first computer resources and not the second computer resources, the user device associated with the first user is provided only the first computer resource (and not the second computer resource)]; and serving the second policy to an operator via an interface KARLBERG Pa. [0176]) [and based at least in part on the determining and the comparing, providing access to at least the first computer resource to a user device associated with the user] Thus, it would have been recognized by one of ordinary skill in the art before the effective filing date of the claimed invention, that applying the known technique taught by KARLBERG to the access control system of Gee would have yield predictable results and resulted in an improved system, namely, a system that would provide multiple resources or instances that need to be accessed securely (KARLBERG Pa. [0005]) As to claims 15 and 18, claims 15 and 18 recites the claimed that contain respectively similar limitations as claim 1; therefore, they are rejected under the same rationale. As to claims 2-3, 5-12, 14, 16-17 and 19-20, claims 2-3, 5-12, 14, 16-1715 and 19 recites the claimed that contain respectively similar limitations as claim 1; therefore, they are rejected under the same rationale. Allowable Subject Matter Claims 4 and 13 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. These include. US 20230319055 A1 – SMYTH describes generating access entitlements to networked computing resources. Systems may be configured to: receive an input data set representing an entitlement request associated with a user identifier; generate an entitlement prediction associated with the user identifier based on an entitlement model and at least one hierarchical level, the entitlement model defining a cluster representation of entitlement similarity Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to EVANS DESROSIERS whose telephone number is (571)270-5438. The examiner can normally be reached Monday -Friday 8:00 am - 5:30 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Korzuch can be reached at (571)272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /EVANS DESROSIERS/Primary Examiner, Art Unit 2491
Read full office action

Prosecution Timeline

Dec 16, 2024
Application Filed
Jun 24, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682086
ELECTRONIC ACCESS CONTROL SYSTEM
2y 1m to grant Granted Jul 14, 2026
Patent 12683993
SYSTEM AND METHOD FOR PROVIDING FLEET CYBER-SECURITY
2y 0m to grant Granted Jul 14, 2026
Patent 12676852
SYSTEMS AND METHODS FOR FIRMWARE PASSWORD MANAGEMENT
2y 1m to grant Granted Jul 07, 2026
Patent 12676858
SYSTEMS AND METHODS FOR SECURE ONLINE CREDENTIAL AUTHENTICATION
1y 10m to grant Granted Jul 07, 2026
Patent 12665906
MANAGING SECURITY GROUPS FOR DATA INSTANCES
2y 10m to grant Granted Jun 23, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
83%
Grant Probability
99%
With Interview (+22.9%)
3y 0m (~1y 5m remaining)
Median Time to Grant
Low
PTA Risk
Based on 1039 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month