Prosecution Insights
Last updated: July 17, 2026
Application No. 19/019,425

DATA ASSET IDENTIFIER GENERATION SYSTEM

Non-Final OA §102§103§112
Filed
Jan 13, 2025
Priority
Jan 12, 2024 — provisional 63/620,728
Examiner
PARSONS, THEODORE C
Art Unit
2494
Tech Center
2400 — Computer Networks
Assignee
Spycloud Inc.
OA Round
1 (Non-Final)
78%
Grant Probability
Favorable
1-2
OA Rounds
1y 7m
Est. Remaining
99%
With Interview

Examiner Intelligence

Grants 78% — above average
78%
Career Allowance Rate
361 granted / 462 resolved
+20.1% vs TC avg
Strong +22% interview lift
Without
With
+22.0%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
12 currently pending
Career history
479
Total Applications
across all art units

Statute-Specific Performance

§101
0.9%
-39.1% vs TC avg
§103
45.4%
+5.4% vs TC avg
§102
47.4%
+7.4% vs TC avg
§112
4.1%
-35.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 462 resolved cases

Office Action

§102 §103 §112
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is in reply to papers filed on 2025-01-13. Claims 1-20 are pending. Claims 1, 20 is/are independent. Claim Rejections - 35 U.S.C. § 112 The following is a quotation of 35 U.S.C. § 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. Claim(s) 9 is/are rejected under 35 U.S.C. § 112(a) or 35 U.S.C. § 112 ¶ 1 (pre-AIA ) because the specification, while being enabling for 'storing, by the computer system, [an identifier of] the first data source . . . in the security database', does not reasonably provide enablement for "storing, by the computer system, the first data source . . . in the security database". The specification does not enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to practice the invention commensurate in scope with these claims. A determination as to nonenablement is based on consideration of all the evidence as a whole. In re Wands, 858 F.2d 731, 737, 740 (Fed. Cir. 1998) (relevant factors include (A) The breadth of the claims; (B) The nature of the invention; (C) The state of the prior art; (D) The level of one of ordinary skill; (E) The level of predictability in the art; (F) The amount of direction provided by the inventor; (G) The existence of working examples; and (H) The quantity of experimentation needed to make or use the invention based on the content of the disclosure). See also MPEP § 2164.01(a) and § 2164.04. Here, it is unclear how a data source, which is likely to be a system of servers and networking equipment could be stored in a database, which is a data structure. The Specification gives no guidance as to how this could be do, leaving a person having ordinary skill in the art to attempt to invent such a thing for themselves. While the applicability of other factors for and against subject-matter eligibility has been considered, the weight of the factor(s) described above compels this conclusion. The following is a quotation of 35 U.S.C. § 112(d): (d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers. Claim 16 is rejected under 35 U.S.C. § 112(d) / 35 U.S.C. § 112 ¶ 4 (pre-AIA ) as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends. In particular, claim 15 requires that "the operations further comprise: normalizing", while claim 16 merely states "the operations further comprise steps for normalizing" (emphasis added). Normalizing is a process of reformatting data that necessarily must be carried out by steps. Thus, claim 16 adds no new limitations. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements. Summary of Claim Rejections under 35 U.S.C. § 103 The following table summarizes the rejections set forth in detail below of the claims over the prior art. Claim No. Bruso '953 in view of Endler '050 1 [Wingdings font/0xFC] 2 [Wingdings font/0xFC] 3 [Wingdings font/0xFC] 4 [Wingdings font/0xFC] 5 [Wingdings font/0xFC] 6 [Wingdings font/0xFC] 7 [Wingdings font/0xFC] 8 [Wingdings font/0xFC] 9 [Wingdings font/0xFC] 10 [Wingdings font/0xFC] 11 [Wingdings font/0xFC] 12 [Wingdings font/0xFC] 13 [Wingdings font/0xFC] 14 [Wingdings font/0xFC] 15 [Wingdings font/0xFC] 16 [Wingdings font/0xFC] 17 [Wingdings font/0xFC] 18 [Wingdings font/0xFC] 19 [Wingdings font/0xFC] 20 [Wingdings font/0xFC] Claim Rejections - 35 U.S.C. § 103 The following is a quotation of the appropriate paragraphs of AIA 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of AIA 35 U.S.C. 103 that forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. § 103(a) are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. Claim(s) 1-20 is/are rejected under 35 U.S.C. § 103 as being unpatentable over U.S. Publication 20230350953 to Bruso et al. (hereinafter "Bruso '953") in view of U.S. Publication 20200279050 to Endler (hereinafter "Endler '050"). Bruso '953 is prior art to the claims under 35 U.S.C. § 102(a)(1) and 35 U.S.C. § 102(a)(2). Endler '050 is prior art to the claims under 35 U.S.C. § 102(a)(1). Per claim 1 (independent): Bruso '953 discloses a non-transitory, machine-readable medium storing instructions that, when executed by one or more processors, effectuate operations (processor(s), memory, computer readable media, storage, executable instructions [Bruso '953 ¶ 0068-0074]) Bruso '953 discloses individually hashing, by a computer system and according to a first hashing algorithm, each file of a first plurality of files included in a first data asset to obtain a first plurality of hash values (hashes files and stores hash in file signature [Bruso '953 Fig. 4A, 4C, ¶ 0039-0041, 0047]) Bruso '953 discloses sorting, by the computer system and according to a sorting algorithm, each hash value of the first plurality of hash values in a first ordered list of hash values (ordered list of file hashes [Bruso '953 Fig. 7, ¶ 0055-0056]; fixed order for directory hashes is implied by fact that two hashes of the same unaltered directory match [Bruso '953 ¶ Fig. 15, 0087]) Bruso '953 discloses concatenating, by the computer system, the first plurality of hash values in the first ordered list of hash values to generate a first string (directory signature includes hash of concatenated file signatures, each which containing hash of the file [Bruso '953 Fig. 15, ¶ 0086-0087; Fig. 13, ¶ 0082, 0061; Fig. 6, ¶ 0051-0054; Fig. 7, ¶ 0055-0056]) Bruso '953 discloses hashing, by the computer system and according to a second hashing algorithm, the first string to generate a first data asset identifier representing the first data asset (directory signature includes hash of concatenated file signatures, each which containing hash of the file [Bruso '953 Fig. 15, ¶ 0086-0087; Fig. 13, ¶ 0082, 0061; Fig. 6, ¶ 0051-0054; Fig. 7, ¶ 0055-0056]) Bruso '953 does not disclose storing, by the computer system, the first data asset identifier in a security database However, Bruso '953 discloses storing, by the computer system, the first data asset identifier in a storage (storing directory signature secures directory and its contents against alteration [Bruso '953 ¶ 0078-0079, 0085]) Further: Endler '050 discloses storing, by the computer system, the first data asset identifier in a security database (stores acquired compromised user credential data and metadata and identifier in security database [Endler '050 ¶ 0064-0065, 0046, 0078-0080]) It would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: storing, by the computer system, the first data asset identifier in a security database A person having ordinary skill in the art would have been motivated to combine them at least because applying the hashing techniques of Bruso '953 to the compromised user credential files of Endler '050 would have provided a fast and reliable technique for matching new data against existing entries in Endler '050 's security database. A person having ordinary skill in the art would have been further motivated to combine them at least because Endler '050 teaches [Endler '050 ¶ 0064-0065, 0046, 0078-0080] modifying a fast file content matching scheme for data security [Bruso '953 ¶ 0078-0079, 0085] such as that of Bruso '953 to arrive at the claimed invention; because Endler '050 and Bruso '953 are in the same field of endeavor, viz. rapidly determining matches or non-matches between large numbers of electronic files; because doing so constitutes use of a known technique (security database of compromised user credential data [Endler '050 ¶ 0064-0065, 0046, 0078-0080]) to improve similar devices and/or methods (fast file content matching scheme for data security [Bruso '953 ¶ 0078-0079, 0085]) in the same way; because doing so constitutes applying a known technique (security database of compromised user credential data [Endler '050 ¶ 0064-0065, 0046, 0078-0080]) to known devices and/or methods (fast file content matching scheme for data security [Bruso '953 ¶ 0078-0079, 0085]) ready for improvement to yield predictable results; and because the modification amounts to combining prior art elements according to known methods to yield predictable results. Here, (1) the prior art included each element (as detailed above); (2) one of ordinary skill in the art could have combined the elements as claimed by known methods, and in this combination, each element merely performs the same function as it does separately (fast file content matching scheme for data security [Bruso '953 ¶ 0078-0079, 0085] identifies identical data entries in security database of compromised user credential data [Endler '050 ¶ 0064-0065, 0046, 0078-0080]); (3) one of ordinary skill in the art would have recognized that the results of the combination were predictable; and (4) other considerations do not overcome this conclusion. Per claim 2 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not explicitly disclose storing, by the computer system, the first data asset in the security database However, Bruso '953 discloses storing, by the computer system, the first data asset in the secure storage (stores directory signature and directory and its contents [Bruso '953 ¶ 0078-0079]) Further: Endler '050 discloses storing, by the computer system, the first data asset in the security database (stores acquired compromised user credential data and metadata and identifier in security database [Endler '050 ¶ 0064-0065, 0046, 0078-0080]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: storing, by the computer system, the first data asset in the security database Per claim 3 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose individually hashing, by the computer system and according to the first hashing algorithm, each file of a second plurality of files included in a second data asset to obtain a second plurality of hash values However, Bruso '953 discloses individually hashing, by the computer system and according to the first hashing algorithm, each file of a plurality of files included in a data asset to obtain a second plurality of hash values (hashes files and stores hash in file signature [Bruso '953 Fig. 4A, 4C, ¶ 0039-0041, 0047]) Bruso '953 discloses sorting, by the computer system and according to the sorting algorithm, each hash value of the second plurality of hash values in a second ordered list of hash values (ordered list of file hashes [Bruso '953 Fig. 7, ¶ 0055-0056]; fixed order for directory hashes is implied by fact that two hashes of the same unaltered directory match [Bruso '953 ¶ Fig. 15, 0087]) Bruso '953 discloses concatenating, by the computer system, the second plurality of hash values to generate a second string (directory signature includes hash of concatenated file signatures, each which containing hash of the file [Bruso '953 Fig. 15, ¶ 0086-0087; Fig. 13, ¶ 0082, 0061; Fig. 6, ¶ 0051-0054; Fig. 7, ¶ 0055-0056]) Bruso '953 discloses hashing, by the computer system and according to the second hashing algorithm, the second string to generate a second data asset identifier representing the second data asset (directory signature includes hash of concatenated file signatures, each which containing hash of the file [Bruso '953 Fig. 15, ¶ 0086-0087; Fig. 13, ¶ 0082, 0061; Fig. 6, ¶ 0051-0054; Fig. 7, ¶ 0055-0056]) Bruso '953 discloses comparing, by the computer system, the first data asset identifier to the second data asset identifier to determine whether a hash collision has occurred (verifies that current directory is the same as previous directory by comparing respective directory hashes [Bruso '953 ¶ 0085; Fig. 14]) Further: Endler '050 discloses hashing each file of a second plurality of files included in a second data asset (ingests and stores new acquired compromised user credential data and metadata [Endler '050 ¶ 0064-0065, 0046, 0078-0080]; checks whether 'new' compromised user credential data matches previously received and stored entry [Endler '050 ¶ 0140, 0090-0095]; hashes compromised user credential data [Endler '050 ¶ 0140, 0046]) Endler '050 discloses the second plurality of hash values (ingests and stores new acquired compromised user credential data and metadata [Endler '050 ¶ 0064-0065, 0046, 0078-0080]; checks whether 'new' compromised user credential data matches previously received and stored entry [Endler '050 ¶ 0140, 0090-0095]; hashes compromised user credential data [Endler '050 ¶ 0140, 0046]) Endler '050 discloses processing by the computer system, the second plurality of hash values to generate a second string (ingests and stores new acquired compromised user credential data and metadata [Endler '050 ¶ 0064-0065, 0046, 0078-0080]; checks whether 'new' compromised user credential data matches previously received and stored entry [Endler '050 ¶ 0140, 0090-0095]; hashes compromised user credential data [Endler '050 ¶ 0140, 0046]) Endler '050 discloses processing, by the computer system the second string to generate a second data asset identifier representing the second data asset (ingests and stores new acquired compromised user credential data and metadata [Endler '050 ¶ 0064-0065, 0046, 0078-0080]; checks whether 'new' compromised user credential data matches previously received and stored entry [Endler '050 ¶ 0140, 0090-0095]; hashes compromised user credential data [Endler '050 ¶ 0140, 0046]) Endler '050 discloses comparing, by the computer system, the first data asset identifier to the second data asset identifier to determine whether a hash collision has occurred (ingests and stores new acquired compromised user credential data and metadata [Endler '050 ¶ 0064-0065, 0046, 0078-0080]; checks whether 'new' compromised user credential data matches previously received and stored entry [Endler '050 ¶ 0140, 0090-0095]; hashes compromised user credential data [Endler '050 ¶ 0140, 0046]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: individually hashing, by the computer system and according to the first hashing algorithm, each file of a second plurality of files included in a second data asset to obtain a second plurality of hash values sorting, by the computer system and according to the sorting algorithm, each hash value of the second plurality of hash values in a second ordered list of hash values concatenating, by the computer system, the second plurality of hash values to generate a second string hashing, by the computer system and according to the second hashing algorithm, the second string to generate a second data asset identifier representing the second data asset comparing, by the computer system, the first data asset identifier to the second data asset identifier to determine whether a hash collision has occurred Per claim 4 (dependent on claim 3): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 3 above, incorporated herein by reference Bruso '953 does not disclose discarding, by the computer system, the second data asset if a hash collision occurred Further: Endler '050 discloses discarding, by the computer system, the second data asset if a hash collision occurred (discards duplicates [Endler '050 ¶ 0062] using hashes of compromised user credential data [Endler '050 ¶ 0140, 0046]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: discarding, by the computer system, the second data asset if a hash collision occurred Per claim 5 (dependent on claim 4): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 4 above, incorporated herein by reference Bruso '953 does not disclose determining, by the computer system, that a second source of the second data asset is different than a first source of the first data asset Bruso '953 does not disclose logging, by the computer system, the second source with the first source in a data asset tracking library Further: Endler '050 discloses determining, by the computer system, that a second source of the second data asset is different than a first source of the first data asset (records metadata on different sources that have supplied duplicate compromised user credential data [Endler '050 ¶ 0062-0064, 0097]) Endler '050 discloses logging, by the computer system, the second source with the first source in a data asset tracking library (records metadata on different sources that have supplied duplicate compromised user credential data [Endler '050 ¶ 0062-0064, 0097]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: determining, by the computer system, that a second source of the second data asset is different than a first source of the first data asset logging, by the computer system, the second source with the first source in a data asset tracking library Per claim 6 (dependent on claim 3): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 3 above, incorporated herein by reference Bruso '953 does not disclose not providing, by the computer system, an alert of the second data asset to a user associated with the second data asset if a hash collision occurred Further: Endler '050 discloses not providing, by the computer system, an alert of the second data asset to a user associated with the second data asset if a hash collision occurred (alerts only non-duplicative victims [Endler '050 ¶ 0104, 0133, 0067]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: not providing, by the computer system, an alert of the second data asset to a user associated with the second data asset if a hash collision occurred Per claim 7 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose determining, by the computer system, that there is no hash collision of the first data asset identifier with a plurality of identifiers stored in the security database prior to storing the first data asset identifier Further: Endler '050 discloses determining, by the computer system, that there is no hash collision of the first data asset identifier with a plurality of identifiers stored in the security database prior to storing the first data asset identifier (ingests and stores new acquired compromised user credential data and metadata [Endler '050 ¶ 0064-0065, 0046, 0078-0080]; checks whether 'new' compromised user credential data matches previously received and stored entry [Endler '050 ¶ 0140, 0090-0095]; hashes compromised user credential data [Endler '050 ¶ 0140, 0046]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: determining, by the computer system, that there is no hash collision of the first data asset identifier with a plurality of identifiers stored in the security database prior to storing the first data asset identifier Per claim 8 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose obtaining, by the computer system, the first data asset from a first data source Further: Endler '050 discloses obtaining, by the computer system, the first data asset from a first data source (multiple sources of compromised user credential data [Endler '050 ¶ 0062-0064, 0097]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: obtaining, by the computer system, the first data asset from a first data source Per claim 9 (dependent on claim 8): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 8 above, incorporated herein by reference Bruso '953 does not disclose storing, by the computer system, the first data source and a incrementing a first data asset count for the first data asset in the security database Further: Endler '050 discloses storing, by the computer system, the first data source and a incrementing a first data asset count for the first data asset in the security database (records metadata on different sources that have supplied duplicate compromised user credential data [Endler '050 ¶ 0062-0064, 0097]; counts number of times a particular compromised user credential data is acquired [Endler '050 ¶ 0097, 0111-0113]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: storing, by the computer system, the first data source and a incrementing a first data asset count for the first data asset in the security database Per claim 10 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 discloses the first hashing algorithm and the second hashing algorithm are the same (hash algorithm for directories, subdirectories, and files is selected from, e.g. SHA-1, SHA-256, MD5, and is the same or different [Bruso '953 ¶ 0047; Fig. 4A-H, Fig. 7]; hashes files and stores hash in file signature [Bruso '953 Fig. 4A, 4C, ¶ 0039-0041, 0047]; directory signature includes hash of concatenated file signatures, each which containing hash of the file [Bruso '953 Fig. 15, ¶ 0086-0087; Fig. 13, ¶ 0082, 0061; Fig. 6, ¶ 0051-0054; Fig. 7, ¶ 0055-0056]) Per claim 11 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose providing, by the computer system, an alert to a user associated with the first data asset Further: Endler '050 discloses providing, by the computer system, an alert to a user associated with the first data asset (alerts victims [Endler '050 ¶ 0104, 0133, 0067, 0037]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: providing, by the computer system, an alert to a user associated with the first data asset Per claim 12 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose flagging one or more user accounts associated with the first data asset determined from the first plurality of files Further: Endler '050 discloses flagging one or more user accounts associated with the first data asset determined from the first plurality of files (flags compromised accounts [Endler '050 ¶ 0037, 0104, 0133, 0067]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: flagging one or more user accounts associated with the first data asset determined from the first plurality of files Per claim 13 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose parsing, by the computer system, the first data asset Further: Endler discloses parsing, by the computer system, the first data asset (parsing and normalizing [Endler '050 ¶ 0061]; cleansing data [Endler '050 ¶ 0057; Fig. 3]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: parsing, by the computer system, the first data asset Per claim 14 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose steps for cleansing the first data asset Further: Endler discloses steps for cleansing the first data asset (parsing and normalizing [Endler '050 ¶ 0061]; cleansing data [Endler '050 ¶ 0057; Fig. 3]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: steps for cleansing the first data asset Per claim 15 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose normalizing, by the computer system, the first data asset Further: Endler discloses normalizing, by the computer system, the first data asset (parsing and normalizing [Endler '050 ¶ 0061]; cleansing data [Endler '050 ¶ 0057; Fig. 3]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: normalizing, by the computer system, the first data asset Per claim 16 (dependent on claim 15): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 15 above, incorporated herein by reference Bruso '953 does not disclose steps for normalizing the first data asset Further: Endler discloses steps for normalizing the first data asset (parsing and normalizing [Endler '050 ¶ 0061]; cleansing data [Endler '050 ¶ 0057; Fig. 3]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: steps for normalizing the first data asset Per claim 17 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose the first data asset includes a log Further: Endler '050 discloses the first data asset includes a log (logs metadata concerning compromised user credential data in security database [Endler '050 ¶ 0064-0065, 0046, 0078-0080]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: the first data asset includes a log Per claim 18 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 discloses the first hashing algorithm includes a secure hashing algorithm (SHA)-256 algorithm (hash algorithm for directories, subdirectories, and files is selected from, e.g. SHA-1, SHA-256, MD5, and is the same or different [Bruso '953 ¶ 0047]) Per claim 19 (dependent on claim 1): Bruso '953 in view of Endler '050 discloses the elements detailed in the rejection of claim 1 above, incorporated herein by reference Bruso '953 does not disclose steps for populating the security database Further: Endler '050 discloses steps for populating the security database (stores acquired compromised user credential data and metadata and identifier in security database [Endler '050 ¶ 0064-0065, 0046, 0078-0080]) For the reasons detailed above with respect to claim 1, it would have been obvious to a person having ordinary skill in the art (1) before the effective filing date of the claimed invention and (2) before the invention was made to have modified Bruso '953 with the security database of compromised user credential data of Endler '050 to arrive at an apparatus, method, and product including: steps for populating the security database Per claim 20 (independent): The remaining limitations of the claim(s) correspond(s) to features of claim(s) 1 and the claim(s) is/are rejected for the reasons detailed with respect to those claims. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to THEODORE C PARSONS whose telephone number is (571)270-1475. The examiner can normally be reached on MTWRF 7:30-4:30. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on (571) 272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from Patent Center. Status information for published applications may be obtained from Patent Center. Status information for unpublished applications is available through Patent Center for authorized users only. Should you have questions about access to Patent Center, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) Form at https://www.uspto.gov/patents/apply/forms. /THEODORE C PARSONS/Primary Examiner, Art Unit 2494
Read full office action

Prosecution Timeline

Jan 13, 2025
Application Filed
Jun 24, 2026
Non-Final Rejection mailed — §102, §103, §112 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12665775
METHODS, PROTOCOLS, AND APPARATUSES OF QUANTUM PHYSICAL UNCLONABLE FUNCTIONS
2y 5m to grant Granted Jun 23, 2026
Patent 12634135
Systems and Methods for Blockchain-Based Content Co-Creation
3y 7m to grant Granted May 19, 2026
Patent 12634291
Schema Based Access Management for Improved Information Security
2y 10m to grant Granted May 19, 2026
Patent 12627635
SYSTEM AND METHOD FOR AUTOMATIC DOCUMENT PROTECTION USING INFORMATION RIGHTS MANAGEMENT
4y 1m to grant Granted May 12, 2026
Patent 12625948
Using Machine Learning to Detect QRLjacking to Prevent Multichannel Phishing on Applications or IOT Devices
2y 10m to grant Granted May 12, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

1-2
Expected OA Rounds
78%
Grant Probability
99%
With Interview (+22.0%)
3y 1m (~1y 7m remaining)
Median Time to Grant
Low
PTA Risk
Based on 462 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month