DETAILED ACTION
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2. This action is in response to application filed on 8/6/2025, in which claims 1 – 20 was presented for examination.
3. Claims 1 – 20 are pending in the application.
Information Disclosure Statement
4. The information disclosure statement (IDS) submitted on 11/6/2025 has been reviewed and entered into the record. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
5. Claims 1 – 6, 8 – 16, and 18 – 20 are rejected under 35 U.S.C. 103 as being unpatentable over Anderson et al (US 2011/0247059 A1), in view of Rinker (US 8,086,635 B1).
As per claim 1, Anderson et al (US 2011/0247059 A1) discloses,
A method, comprising: identifying, by a data management system (para.[0018]; “access control is managed using an access manager 120 and an identity manager 140”).
context information for a log-in session associated with a user of the data management system (para.[0018]; “the identity manager 140 verifies the
identity and privileges of the end user 110 using an identity database” and para.[0024]; “identity manager 140 first uses the user identifier to determine the systems 230 upon which the user is authorized”).
wherein the context information for the log-in session comprises an identifier of a first tenant associated with the user (para.[0023]; “user request during step 310 optionally includes the identifier of the user and an identifier of the protected system to be accessed”).
wherein the data management system comprises a plurality of computing objects and is operable to provide protection for data sources associated with a plurality of tenants of the data management system (para.[0017]; “access one or more protected systems 150-1 through 150-N” and para.[0023]; “the end-user initially sends a
request to the access manager 120 to access a particular protected system”).
monitoring, by the data management system, audit events performed by the user during the log-in session (para.[0027]; “an audit trail is obtained by logging the various stages of the end user system access process 300 when a user attempts to access a protected system”).
generating, by the data management system based at least in part on a first audit event performed by the user on one or more computing objects of the plurality of computing objects within the data management system, audit information that records the first audit event (para.[0029]; “access manager 120 creates a first log (Log 1) comprising, for example, three audit trail records during the lifecycle of a log-in by an end user”).
storing, by the data management system, the audit information that records the first audit event (para.[0031]; “comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off”).
wherein the audit information indicates an identifier of a subject of the first audit event and an identifier of an object of the first audit event (para.[0006]; “user request may … include an identifier of the end user and an identifier of the given protected system”).
wherein the subject comprises the user and the object comprises the one or more computing objects (para.[0006]; “user request may … include an identifier of the end user and an identifier of the given protected system”).
and wherein the identifier of the subject is indicative of the user and the first tenant associated with the user based at least in part on the context information for the log-in session (para.[0008]; “one or more events associated with the privileged reusable user identifier and password to be logged and investigated” and para.[0021]; “password vault 250 stores a number of user identifiers and corresponding passwords for various systems and roles of a given client (customer)”).
Anderson does not specifically disclose determining, by the data management system, whether to output the audit information in response to a request based at least in part on authorization information associated with the request, the identifier of the subject included in the audit information, and the identifier of the object included in the audit information.
However, Rinker (US 8,086,635 B1) in an analogous art discloses,
and determining, by the data management system, whether to output the audit information in response to a request based at least in part on authorization information associated with the request (col.18 lines 43 – 44; “request to server 132 via client 110, where the request is for information related to network access control” and col.18 lines 54 – 57; “reviewer may be granted access to requested information when authorization server 170 determines that the user name and password are
valid”).
the identifier of the subject included in the audit information, and the identifier of the object included in the audit information (col.7 lines 9 – 10; “report may include information, such as an identity of a user, a destination identifier, access privileges”).
Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filed to incorporate periodic reviewing of access to a protected system of Rinker into shared access control of the system of Anderson to maintains individual accountability in a protected system.
As per claim 2, the rejection of claim 1 is incorporated and further Anderson et al (US 2011/0247059 A1) discloses,
wherein storing the audit information comprises: storing the audit information that records the first audit event in a first entry of a database comprising a plurality of entries (para.[0027]; “logging of events in the shared access control system 100 of FIG. 1. ……. an audit trail is obtained by logging the various stages of the end user system access process 300 when a user attempts to access a protected system”).
each entry of the plurality of entries comprising respective audit information mapped to a respective tenant identifier (para.[0031]; “protected system 150 creates a third log (Log 3) comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off and any password”).
wherein the first entry comprises the audit information mapped to the identifier of the first tenant associated with the user based at least in part on the context information for the log-in session associated with the user (para.[0031]; “protected system 150 creates a third log (Log 3) comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off and any password”).
As per claim 3, the rejection of claim 2 is incorporated and further Anderson et al (US 2011/0247059 A1) discloses,
further comprising: detecting, based at least in part on the monitoring, a second audit event performed by a second of the data management system on the one or more computing objects or one or more different computing objects of the plurality of computing objects within the data management system (para.[0027]; “logging of events in the shared access control system 100 of FIG. 1. ……. an audit trail is obtained by logging the various stages of the end user system access process 300 when a user attempts to access a protected system”).
and storing second audit information that records the second audit event in a second entry of the plurality of entries of the database (para.[0031]; “protected system 150 creates a third log (Log 3) comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off and any password”).
wherein the second entry comprises the second audit information mapped to the identifier of the first tenant associated with the user based at least in part on the context information for the log-in session associated with the user (para.[0031]; “protected system 150 creates a third log (Log 3) comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off and any password”).
.
As per claim 4, the rejection of claim 2 is incorporated and further Anderson et al (US 2011/0247059 A1) discloses,
further comprising: identifying second context information for a second log-in session associated with a second user of the data management system (para.[0031]; “protected system 150 creates a third log (Log 3) comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off and any password”).
wherein the second context information for the second log-in session comprises the identifier of the first tenant based at least in part on the second user being logged in to the first tenant (para.[0031]; “protected system 150 creates a third log (Log 3) comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off and any password”).
detecting, based at least in part on monitoring second audit events performed by the second user during the second log-in session, a second audit event performed by the second user on the one or more computing objects or one or more different computing objects of the plurality of computing objects within the data management system (para.[0027]; “logging of events in the shared access control system 100 of FIG. 1. ……. an audit trail is obtained by logging the various stages of the end user system access process 300 when a user attempts to access a protected system” and para.[0032]; “The log engine 450 in the insight manager 440 will monitor key privileged activities”).
and storing second audit information that records the second audit event in a second entry of the plurality of entries of the database (para.[0031]; “comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off”).
wherein the second entry comprises the second audit information mapped to the identifier of the first tenant associated with the user and the second user based at least in part on the second context information for the second log-in session associated with the second user comprising the identifier of the first tenant (para.[0031]; “protected system 150 creates a third log (Log 3) comprising log records for each of the activities performed by the end user 110, such as the log-in, log-off and any password”).
As per claim 5, the rejection of claim 1 is incorporated and further Anderson et al (US 2011/0247059 A1) discloses,
further comprising: identifying second context information for a second log-in session associated with the user of the data management system (para.[0024]; “identity manager 140 first uses the user identifier to determine the systems 230 upon which the user is authorized”).
wherein the second context information for the second log-in session comprises a second identifier of a second tenant associated with the user based at least in part on the user logging in to the data management system via multiple tenants (para.[0008]; “one or more events associated with the privileged reusable user identifier and password to be logged and investigated” and para.[0021]; “password vault 250 stores a number of user identifiers and corresponding passwords for various systems and roles of a given client (customer)”).
As per claim 6, the rejection of claim 1 is incorporated and further Rinker (US 8,086,635 B1) discloses,
further comprising: receiving the request to provide a second user of the data management system with the audit information that records the first audit event performed by the user on the one or more computing objects (col.18 lines 54 – 57; “reviewer may be granted access to requested information when authorization server 170 determines that the user name and password are valid”).
identifying second context information for a second log-in session of the second user associated with the request, wherein the second context information comprises a second identifier of a second tenant (col.17 lines 53 – 56; “display information about Bill Smith and Donna Doe as well as information about systems that Rill Smith and Donna Doe are associated with and/or authorization information for Bill and/or Donna with respect to these systems”).
and identifying, based at least in part on the second identifier of the second tenant, the authorization information for the second tenant (col.15 lines 56 – 59; “Report 1100 may include system ID 450, security level 470, description 480, authorization date/time field 570, authorized field 920, title 1110, authorized by field 1120, privilege date”).
wherein determining whether to output the audit information in response to the request comprises: determining whether to output the audit information to the second user in response to the request based at least in part on whether the authorization information for the second tenant indicates that the second tenant is authorized to access the one or more computing objects identified by the identifier of the object in the audit information (col.18 lines 51 – 57; “Authorization
server 170 may compare the user name and password to information in an authorization database on authorization server 170 and/or in database …. reviewer may be granted access to requested information when authorization server 170 determines that the user name and password are valid”).
and whether the authorization information for the second tenant indicates that the second tenant is authorized to access the user identified by the identifier of the subject in the audit information (col.18 lines 54 – 57; “reviewer may be granted access to requested information when authorization server 170 determines that the user name and password are valid”).
Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filed to incorporate periodic reviewing of access to a protected system of Rinker into shared access control of the system of Anderson to maintains individual accountability in a protected system, thereby maintaining the integrity of object and the system.
As per claim 8, the rejection of claim 6 is incorporated and further Rinker (US 8,086,635 B1) discloses,
further comprising: filtering, in response to the request, a database of audit information stored by the data management system per object identifier and per subject identifier from among a plurality of objects and subjects to which the second tenant associated with the second user has access, in accordance with the authorization information for the second tenant (col.12 lines 64 – 65; “Display 700 may provide a reviewer with information related to one or more users” and col.13 lines 4 – 10; “List 710 may include information related to an individual identified in user menu 630 and/or user field 650. For example, a reviewer may select a user named Donna Doe ………. List 710 may include information read from a data structure, such as data structure 400 and/or 500. In an implementation, list 710 may include the user's name, systems that the user has access rights to, names of rights for respective systems, descriptions of rights for respective systems, comments related to the respective systems”).
and outputting, to the second user via a user interface in response to the request, the audit information based at least in part on the filtering indicating that the second tenant has access to the one or more computing objects and the user associated with the audit information (col.15 lines 51 – 59; “Report 1100 may be generated by report interface 316 and may be displayed to a reviewer or auditor via a display device …….. Report 1100 may include system ID 450, security level 470, description 480, authorization date/time field 570, authorized field 920, title 1110, authorized by field 1120, privilege date 1130, privileges field 1140 and note field”).
Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filed to incorporate periodic reviewing of access to a protected system of Rinker into shared access control of the system of Anderson to maintains individual accountability in a protected system, thereby maintaining the integrity of object and the system..
As per claim 9, the rejection of claim 1 is incorporated and further Rinker (US 8,086,635 B1) discloses,
further comprising: detecting an event performed by the user on the one or more computing objects based at least in part on the monitoring, the event associated with modification, by the user, of one or more parameters or settings of at least one computing object of the plurality of computing objects (col.7 lines 9 – 14; “report may include information, such as an identity of a user, a destination identifier, access privileges, dates and/or times when certain actions were performed ( e.g., file creation, a review/authorization of a system or individual, etc.), links to destinations and/or other information”) and col.20 lines 25 – 29; “access monitoring and control application. The access monitoring and control application may use access and/or monitoring data to monitor when users access protected systems and may create a log file of users' access activities”).
and determining whether the event is auditable based at least in part on a type of the event, based at least in part on the first tenant to which the user is logged in, or both, wherein storing the audit information that records the first audit event is based at least in part on determining that the first audit event is an auditable event (col.20 lines 29 – 36; “monitoring and access control application and may receive the log file. System 100/102 may use the log file to determine whether a user should be granted continued access to a protected system. System 100/102 may provide information related to the log file to a reviewer so that the log file information can be used during the review of the user and/or systems related to the user”).
Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filed to incorporate periodic reviewing of access to a protected system of Rinker into shared access control of the system of Anderson to maintains individual accountability in a protected system, thereby maintaining the integrity of object and the system..
As per claim 10, the rejection of claim 1 is incorporated and further Rinker (US 8,086,635 B1) discloses,
wherein the audit information that records the first audit event further comprises information that indicates a type of the first audit event, a time at which the first audit event is performed, and a duration of the first audit event (col.7 lines 9 – 14; “report may include information, such as an identity of a user, a destination identifier, access privileges, dates and/or times when certain actions were performed ( e.g., file creation, a review/authorization of a system or individual, etc.), links to destinations and/or other information”).
Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filed to incorporate periodic reviewing of access to a protected system of Rinker into shared access control of the system of Anderson to maintains individual accountability in a protected system, thereby maintaining the integrity of object and the system..
Claims 11 – 16 and 18 - 19 are apparatus claim corresponding to method claims 1 – 6 and 8 - 9 respectively, and rejected under the same reason set forth in connection to the rejection of claims 1 – 6 and 8 - 9 respectively above.
Claim 20 is a non-transitory computer-readable medium claim corresponding to method claim 1, and rejected under the same reason set forth in connection to the rejection of claim 1 above.
6. Claims 7 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Anderson et al (US 2011/0247059 A1), in view of Rinker (US 8,086,635 B1), and further in view of Singh et al (US 2020/0404021 A1).
As per claim 7, the rejection of claim 6 is incorporated, Anderson et al (US 2011/0247059 A1) and Rinker (US 8,086,635 B1) does not disclose wherein the authorization information indicates: a set of computing objects to which the second tenant associated with the request has access within an object hierarchy associated with the plurality of computing objects of the data management system in accordance with a first hierarchical relationship, within the object hierarchy, between the second tenant and the set of computing objects; and a set of one or more second users to which the second tenant associated with the request has access within an authentication hierarchy associated with the plurality of tenants and a plurality of users of the data management system in accordance with a second hierarchical relationship, within the authentication hierarchy, between the second tenant and an authentication domain comprising the set of one or more second users.
However, Singh et al (US 2020/0404021 A1) in an analogous art discloses,
wherein the authorization information indicates: a set of computing objects to which the second tenant associated with the request has access within an object hierarchy associated with the plurality of computing objects of the data management system in accordance with a first hierarchical relationship, within the object hierarchy, between the second tenant and the set of computing objects (para.[0019]; “the hierarchy may include a set of levels with the Keystone domain representing a first level of the hierarchy, a set of Keystone projects associated with the
Keystone domain representing a second level of the hierarchy, and additional Keystone projects associated with each respective Keystone project of the set of Keystone projects representing a third level of the hierarchy, ….. user may have a role in a Keystone project or the Keystone domain”)
and a set of one or more second users to which the second tenant associated with the request has access within an authentication hierarchy associated with the plurality of tenants and a plurality of users of the data management system in accordance with a second hierarchical relationship, within the authentication hierarchy, between the second tenant and an authentication domain comprising the set of one or more second users (para.[0062]; “the indication of the subset of entities may include an indication that child entities (i.e., tenants 16A-16C) of service provider 12 are permitted access to the object. In some such examples, tenants 16D-16I are not permitted access to the object” and para.[0069]; “maintain a representation
of the hierarchy of entities 12, 16 such that controller 20 may control access to objects 30 based on the hierarchy”).
Therefore, it would have been obvious to one of ordinary skill in the art before the invention was filed to incorporate the process of controlling access to an object of the system of Singh into periodic reviewing of access to a protected system of Rinker to grant set of entities access to objects based on one or more rules associated with an object within the hierarchy.
Claim 17 is an apparatus claim corresponding to method claim 7, and rejected under the same reason set forth in connection to the rejection of claim 7 above.
Conclusion
7. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
TITLE: Data audit system, US 2005/0097149 A1 authors: Vaitzblit et al.
TITLE: System and method for policy based privileged user access management,
US 2013/0298186 A1 authors: Radkowski et al.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUGUSTINE KUNLE OBISESAN whose telephone number is (571)272-2020. The examiner can normally be reached 9:00am - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ajay Bhatia can be reached at (571) 272-3906. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/AUGUSTINE K. OBISESAN/
Primary Examiner
Art Unit 2156
6/27/2026