Prosecution Insights
Last updated: July 17, 2026
Application No. 19/003,853

SYSTEM AND METHOD FOR GENERATING A PARTITIONED VIEW OF A SECURITY GRAPH IN A CLOUD COMPUTING ENVIRONMENT

Non-Final OA §101§DP
Filed
Dec 27, 2024
Priority
Nov 11, 2021 — continuation of 12/333,010
Examiner
PARK, SANGSEOK
Art Unit
2499
Tech Center
2400 — Computer Networks
Assignee
Wiz Inc.
OA Round
1 (Non-Final)
84%
Grant Probability
Favorable
1-2
OA Rounds
9m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 84% — above average
84%
Career Allowance Rate
210 granted / 250 resolved
+26.0% vs TC avg
Strong +16% interview lift
Without
With
+16.0%
Interview Lift
resolved cases with interview
Typical timeline
2y 3m
Avg Prosecution
15 currently pending
Career history
264
Total Applications
across all art units

Statute-Specific Performance

§101
1.6%
-38.4% vs TC avg
§103
92.1%
+52.1% vs TC avg
§102
2.8%
-37.2% vs TC avg
§112
1.4%
-38.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 250 resolved cases

Office Action

§101 §DP
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement (IDS) submitted on 12/27/2024 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claim(s) 1-19 is/are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (an abstract idea) without significantly more. The following is the Examiner’s analysis of the claimed invention under the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG). STEP 1 Is the claim to a Process, Machine, Manufacture or Composition of matter? Yes; claim 1 (and claims 10-11) recite a method (non-transitory CRM and system). STEP2A Prong one: Does the Claim Recite an Abstract Idea, Law of Nature, or Natural Phenomenon? Specifically, the claims recite “generating a representation in a security database,” “generating a first tag as a data field,” “selecting a representation,” “associating the selected representation,” and “generating a subgraph.” These limitations are directed to organizing, categorizing, selecting, and associating information, which can be practically performed in the human mind or with the aid of pen and paper. Although the claims recite a security database, the database merely serves as a repository for storing and retrieving information and does not alter the nature of the recited information analysis and organization. Thus, the claims recite an abstract idea in the form of a mental process. STEP2A Prong two: Does the Claim Recite Additional Elements That Integrate the Judicial Exception into a Practical Application? The additional elements recited in the claims, including a “security data base, representations, tags, and subgraphs,” merely serve as mechanisms for storing, organizing, and associating information. The claims do not recite any improvement to the functioning of a computer, database technology, graph processing technology, or any other technology or technical field. Rather, the claims use generic computer components and data structures as tools to implement the abstract idea of organizing and associating information. The generation of representations, tags, and subgraphs merely reflects the manipulation and presentation of information and does not impose any meaningful limit on the judicial exception. Thus, the claims do not integrate the recited abstract idea into a practical application. STEP 2B Does the Claim Recite Additional Elements That Amount to Significantly More Than the Judicial Exception? The recited “security database, representations, tags, vertices, and subgraphs” are generic data storage and organizational constructs that are well-understood, routine, and conventional in the field of computer data management. The claims merely apply the abstract idea using generic computer functionality to store information, associate information, and generate a representation of relationships among information. The claims do not recite any unconventional computer components, any specialized graph-processing technique, or any technological improvement that would transform the judicial exception into patent-eligible subject matter. Therefore, when considered individually and as an ordered combination, the additional elements do not amount to significantly more than the recited abstract idea. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13. The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer. Claim(s) 1-3, 8, 10-13 and 18 is/are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3, 8, 10-13 and 18 of U.S. Patent No.US-12333010-B1 (hereinafter “Pat ‘010”). Although the claims at issue are not identical, they are not patentably distinct from each other. Per claim 1 (independent): Claim 1 of Pat ‘010 anticipates all of the limitations in claim 1 of the instant application. Claims / App Language Pat ‘010 Language 1 A method for generating a subgraph view of a security graph, comprising: generating a representation in a security database to represent an element of a first computing environment based on a predefined data schema, the predefined data schema including at least: a principal data object structure and a resource data object structure, wherein the security database further includes a representation of the first computing environment; generating a first tag as a data field in a database storing therein the security database, the security database further including a plurality of representations, wherein at least a first portion of the plurality of representations correspond each to a principal, and at least a second portion of the plurality of representations correspond each to a resource; selecting a representation from the plurality of representations; associating the selected representation with the generated first tag; and generating a subgraph, the subgraph including at least the selected representation associated with the generated first tag and a child representation of the at least the selected representation, wherein the selected representation is connected to at least a child representation via a vertex. 1 A method for generating a subgraph view of a security graph, comprising: generating a node in a digital security graph to represent an element of a first cloud computing environment based on a predefined data schema, the predefined data schema including a digital data record structure for representing at least: a principal data object structure and a resource data object structure, wherein the digital security graph includes a representation of the first cloud computing environment; generating a first tag as a data field in a graph database storing therein the digital security graph, the security graph further including a plurality of nodes, wherein at least a first portion of the plurality of nodes correspond each to a principal, and at least a second portion of the plurality of nodes correspond each to a resource, and wherein each node is a digital data record; receiving a selection of a node from the plurality of nodes via a user interface of the graph database on which the security graph is stored; writing a value to graph database which associates the selected node with the generated first tag; generating a subgraph in the graph database, the subgraph comprising at least the selected node associated with the generated first tag and each child node of the at least the selected node, wherein the selected node is connected to at least a child node via a vertex, the vertex indicating a connection type; and rendering the generated subgraph on a display. Per claim 2 (dependent on claim 1): Claim 2 of Pat ‘010 anticipates all of the limitations in claim 2 of the instant application. Per claim 3 (dependent on claim 2): Claim 3 of Pat ‘010 anticipates all of the limitations in claim 3 of the instant application. Per claim 8 (dependent on claim 1): Claim 8 of Pat ‘010 anticipates all of the limitations in claim 8 of the instant application. Per claim 10 (independent): Claim 10 of Pat ‘010 anticipates all of the limitations in claim 10 of the instant application. Claims / App Language Pat ‘010 Language 10 A non-transitory computer-readable medium storing a set of instructions for generating a subgraph view of a security graph, the set of instructions comprising: one or more instructions that, when executed by one or more processing circuitries of a device, cause the device to: generate a representation in a security database to represent an element of a first computing environment based on a predefined data schema, the predefined data schema including at least: a principal data object structure and a resource data object structure, wherein the security database further includes a representation of the first compute environment; generate a first tag as a data field in a database storing therein the security database, the security database further including a plurality of representations, wherein at least a first portion of the plurality of representations correspond each to a principal, and at least a second portion of the plurality of representations correspond each to a resource; select a representation from the plurality of representations; associate the selected representation with the generated first tag; and generate a subgraph, the subgraph including at least the selected representation associated with the generated first tag and a child representation of the at least the selected representation, wherein the selected representation is connected to at least a child representation via a vertex 10 A non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute a process for generating a subgraph view of a security graph, the process comprising: generating a node in a digital security graph to represent an element of a first cloud computing environment based on a predefined data schema, the predefined data schema including a digital data record structure for representing at least: a principal data object structure and a resource data object structure, wherein the digital security graph includes a representation of the first cloud computing environment; generating a first tag as a data field in a graph database storing therein the digital security graph, the security graph further including a plurality of nodes, wherein at least a first portion of the plurality of nodes correspond each to a principal, and at least a second portion of the plurality of nodes correspond each to a resource, and wherein each node is a digital data record; receiving a selection of a node from the plurality of nodes via a user interface of the graph database on which the security graph is stored; writing a value to graph database which associates the selected node with the generated first tag; generating a subgraph in the graph database, the subgraph comprising at least the selected node associated with the generated first tag and each child node of the at least the selected node, wherein the selected node is connected to at least a child node via a vertex, the vertex indicating a connection type; and rendering the generated subgraph on a display Per claim 11 (independent): Claim 11 of Pat ‘010 anticipates all of the limitations in claim 11 of the instant application. Claims / App Language Pat ‘010 Language 11 A system for generating a subgraph view of a security graph comprising: one or more processing circuitries configured to: generate a representation in a security database to represent an element of a first computing environment based on a predefined data schema, the predefined data schema including at least: a principal data object structure and a resource data object structure, wherein the security database further includes a representation of the first compute environment; generate a first tag as a data field in a database storing therein the security database, the security database further including a plurality of representations, wherein at least a first portion of the plurality of representations correspond each to a principal, and at least a second portion of the plurality of representations correspond each to a resource; select a representation from the plurality of representations; associate the selected representation with the generated first tag; and generate a subgraph, the subgraph including at least the selected representation associated with the generated first tag and a child representation of the at least the selected representation, wherein the selected representation is connected to at least a child representation via a vertex. 11 A system for generating a subgraph view of a security graph, comprising: a processing circuitry; and a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: generate a node in a digital security graph to represent an element of a first cloud computing environment based on a predefined data schema, the predefined data schema including a digital data record structure for representing at least: a principal data object structure and a resource data object structure, wherein the digital security graph includes a representation of the first cloud computing environment; generate a first tag as a data field in a graph database storing therein the digital security graph, the security graph further including a plurality of nodes, wherein at least a first portion of the plurality of nodes correspond each to a principal, and at least a second portion of the plurality of nodes correspond each to a resource, and wherein each node is a digital data record; receiving a selection of a node from the plurality of nodes via a user interface of the graph database on which the security graph is stored; write a value to graph database which associates the selected node with the generated first tag; generate a subgraph in the graph database, the subgraph comprising at least the selected node associated with the generated first tag and each child node of the at least the selected node, wherein the selected node is connected to at least a child node via a vertex, the vertex indicating a connection type; and render the generated subgraph on a display. Per claim 12 (dependent on claim 11): Claim 12 of Pat ‘010 anticipates all of the limitations in claim 12 of the instant application. Per claim 13 (dependent on claim 12): Claim 13 of Pat ‘010 anticipates all of the limitations in claim 13 of the instant application. Per claim 18 (dependent on claim 11): Claim 18 of Pat ‘010 anticipates all of the limitations in claim 18 of the instant application. Allowable Subject Matter Claim(s) 1-19 is/are allowed. The following is a statement of reasons for the indication of allowable subject matter: Regarding claim 1, the prior art of record (Chen et al., US-11256759-B1 (hereinafter “Chen ‘759”) in view of BARGURY, US-20210243190-A1 (hereinafter “BARGURY ‘190”) and Harris et al., US- 10997247-B1 (hereinafter “Harris ‘247”)) does not disclose: “generating a representation in a security database to represent an element of a first computing environment based on a predefined data schema, the predefined data schema including at least: a principal data object structure and a resource data object structure ... wherein the selected representation is connected to at least a child representation via a vertex” in the recited context. Rather, Chen ‘759 discloses modeling activities that occur within datacenters for anomaly detection performed by identifying deviations from the baseline modeled after the datacenter activity as anomalous. To this end, a plurality of nodes representing in-server/in-virtual machine (VM)/embedded in IoT device agents in the datacenters are configured to collect data for creating polygraphs, which are graphs of logical entities, for example, workloads, applications, processes, machines, connected by behaviors. Given this fact, it would be unreasonable to regard the “principal and resource data object structure” included in the “predefined data schema” as a certain type of processor type or associated characteristics because it would be more appropriate to view this limitation from the perspective of the graph theory. Furthermore, although this reference indicates the concept of a graph, it does not clearly specify the concept of “a vertex”. To this, BARGURY ‘190 adds a cloud service that operates within a multi-tenant environment that serves multiple customers of a tenant that is a directory that is associated with an enterprise, organization, group, user or entity that subscribes to the cloud service. In this case, as a user logs in to a tenant and accesses resources, it requires a set of permission levels to each authorized user for each resource in the cloud service. Then, the identity-resource-permission graph identifies the permissions granted to each resource and identity and the usage activity of each resource by an identity. Because of the same reasons described for Chen ‘759 in respect to mapping the “predefined data schema” to the permissions, it does not properly indicate the “predefined data schema” and further, nor does it recite “the vertex.” To this, Harris ‘247 teaches a system for snapshot tracking using a graph database in order to provide users with the ability to view their backup resource usage and manage backups via a graph-based user interface, where each snapshot has an associated manifest that identifies portions of data. Specifically, in response to the request for a page to manage snapshots, graph data is obtained, and the graph data is associated with the user's account and volumes owned by the user. While it recites the “graph” in the “cloud environment”, it is silent as to the “predefined data schema” and “the vertex.” For the reasons described above, the prior art of record does not disclose, with respect to claim(s) 10 and 11, features corresponding to those of claim 1 in the respective context(s). Dependent claims 2-9 and 12-19 are allowed in view of their respective dependence from claims. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. BERTIGER et al., US-20230053182-A1 – a graph-based access event representation component generates and maintains a bipartite graph that models accessing nodes, resource nodes, and access events therebetween. The component further computes graph embeddings for the access nodes and/or resource nodes based on the bipartite graph and stores the embeddings for subsequent anomaly detection processing. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANGSEOK PARK whose telephone number is (571)272-4332. The examiner can normally be reached Monday-Friday 7:30-5:30 and Alternate Fridays 9:00 am-5:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PHILIP CHEA can be reached at (571)272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SANGSEOK PARK/Primary Examiner, Art Unit 2499
Read full office action

Prosecution Timeline

Dec 27, 2024
Application Filed
Jun 04, 2026
Non-Final Rejection mailed — §101, §DP (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12675602
BIOMETRIC DATA ACCESS
1y 8m to grant Granted Jul 07, 2026
Patent 12664321
ELECTRONIC SYSTEM OF PUF-BASED ROOT KEY ENTANGLEMENT WITH MULTIPLE DIGITAL INPUT SEQUENCES AND ROOT KEY EXTRACTOR
2y 0m to grant Granted Jun 23, 2026
Patent 12640920
CRYPTOGRAPHIC KEY CONFIGURATION USING PHYSICAL UNCLONABLE FUNCTION
2y 2m to grant Granted May 26, 2026
Patent 12639453
MEMORY SYSTEM AND METHOD OF OPERATING THE SAME
1y 12m to grant Granted May 26, 2026
Patent 12634111
VERIFYING REMOTE EXECUTION OF MACHINE LEARNING INFERENCE UNDER HOMOMORPHIC ENCRYPTION USING PERMUTATIONS
3y 4m to grant Granted May 19, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
84%
Grant Probability
99%
With Interview (+16.0%)
2y 3m (~9m remaining)
Median Time to Grant
Low
PTA Risk
Based on 250 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month