Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This Office Action is in response to the application 16/146,196 filed on 09/28/2018. Claims 1, 9, and 15 are independent claims.  Claims 1-20 have been examined and are pending. This Action is made non-FINAL. 

	Drawings	
The drawings were received on 09/28/2018.  These drawings are reviewed and accepted by the Examiner.
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 11/22/2019 and 07/26/2018, are being considered by the examiner.
Claim Objections
Claim 9 is objected to because of the following informalities:  
Regarding claim 9; claim 9 recites the limitation “A system, comprising: a memory; and at least one processing device, coupled to the memory, operative to implement the following steps:” It is suggested that the aforementioned limitations be (See page 10, lines 18-22) and avoid potentially 35 U.S.C. 101 rejection as the following:
“A system, comprising: 
a memory; and 
at least one processor of  processing device, coupled to the memory, operative to implement the following steps:”


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-20 are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter.
Regarding claims 1, 9, and 15; claims 1, 9, and 15  are/is rejected under 35 USC 101 because the claims are/is directed to an abstract idea without being integrated into a practical application nor being significantly more.
The claims reciting the limitations “obtaining enterprise reference data …,” “obtaining enterprise entitlement data …,” “selecting, using at least one processing device, at least one of the plurality of attributes as a cluster attribute …,” “determining, using the at least one processing device, a probability of a user application entitlement ,” and  “identifying, using the at least one processing device, one or more anomalies in the enterprise entitlement data ….” are directed to an abstract idea as the claims recite mental process.   Accordingly, the claims recite an abstract idea.  This judicial exception is not integrated into a practical application.  It’s noted that the claims recite additional elements (i.e., processor/memory, computing devices).  However, said additional elements are recited at a high-level of generality (i.e., as a generic processor performing a generic computer function of determining/identifying etc.,) such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.  Therefore, the claims are not integrated into a practical application.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as an ordered combination do not amount to significantly more than the abstract idea.   As mentioned above, although the claims recite additional elements, said elements taken individually or as a combination, do not result in the claim amounting to significantly more than the abstract idea because as the additional elements perform generic computer content distributing functions routinely used in information technology field.  Generic computer components recited as performing generic computer functions that are well understood, routine and conventional activities amount to no more than implementing the abstract idea with a computerized system.  Therefore, the claim is directed to non-statutory subject matter.
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to 
Regarding claims 2-8, 10-14, and 16-20; claims 2-8, 10-14, and 16-20 are also rejected under 35 U.S.C 101 as being directed to non-statutory subject matter for the same reasons addressed above as the claims are directed to abstract idea without being integrated into a practical application nor being significantly more.
Regarding claims 15-20; claims 15-20 are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter. The claims are directed to a computer per se because the claimed “computer program product” is not stored on any non-transitory computer-readable storage medium. See Warmerdam, 33 F.3d at 1361, 31 USPQ2d at 1760. The claim also recites "a tangible machine-readable computer storage medium;" The specification does not explicitly define as to what type of computer readable storage medium is claimed. At most, on page 9, line 29 to page 10, line 3 and on page 13, lines 13-19 of original the specification provide some examples regarding different kinds of computer readable medium (i.e. ROM, RAM, or other electronic etc.)); the specification does not limit the claimed medium to only hardware embodiments (i.e. the specification does not exclude propagate and transmission signals from the claimed computer readable medium). Broadly interpreted, a “computer storage medium” can be any means that include propagate and transmission signals, which are non-eligible subject matter under 35 U.S.C. 101. Therefore, the claims are directed to non-statutory subject matter. The "A computer program product stored on a non-transitory computer readable storage medium" or "A computer program product stored on a computer readable storage device" to make the claim statutory under 35 U.S.C. 101; (emphasis added).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 6, 9, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Taneja et al. (“Taneja,” US 20080052102, published Feb. 28, 2008) in view of Baikalov et al. (“Baikalov” US 20150067889, published Mar. 5, 2015).
Regarding claim 1, Taneja discloses a method, comprising: 
 obtaining enterprise reference data indicating a plurality of attributes for a plurality of enterprise users (Taneja : par. 0024, collect identity data from all (or some subset of) user repositories in the enterprise); 
obtaining enterprise entitlement data indicating one or more user application entitlements for the plurality of enterprise users (Taneja: par. 0025, collect entitlement data for each application.); 

However, in an analogous art, Baikalov teaches wherein  selecting, using at least one processing device, at least one of the plurality of attributes as a cluster attribute using one or more predefined information content rules applied on the enterprise entitlement data (Baikalov: abstract, A set of attributes associated with the user may be selected, and an entitlement probability value may be obtained; par. 0089, select one of the attributes from the set of attributes (block 808) and identify the particular attribute value of the attribute for the selected user (block 810));
determining, using the at least one processing device, a probability of a user application entitlement for the one or more user application entitlements based on a number of users for a plurality of values of the cluster attribute (Baikalov: abstract, A set of attributes associated with the user may be selected, and an entitlement probability value may be obtained.  The entitlement probability value may be based on the set of attributes and indicate a probability that the user is authorized to have the entitlement.  The entitlement probability value may be used to determine whether to include the entitlement in an access review; fig. 8, step 812, par. 0089, the particular value for a location attribute associated with a user may be "North America." The entitlement prediction system may then determine the total number of users that also have the particular attribute value for the selected attribute (block 812), e.g., the total number of users where the value of their respective location attributes is "North America.") and a number of users for a plurality of pairs of the cluster attribute and a value of the one or more user application entitlements (Baikalov: fig. 8, step 814, par. 0089, …the entitlement prediction system may then determine the total number of users having the particular attribute value for the selected attribute and have the selected entitlement (block 814), e.g., the total number of users having the "North America" location attribute value along with the entitlement);
identifying, using the at least one processing device, one or more anomalies in the enterprise entitlement data based on the probability of the user application entitlement for at least one user application entitlement and at least one predefined anomaly threshold (Baikalov: fig. 9, par. 0092, compare the entitlement probability value to a probability threshold (block 904). The entitlement prediction system may then determine whether the entitlement probability value is above or below the probability threshold (block 906).  If the entitlement probability value is above the probability threshold (block 906: ABOVE), then the entitlement prediction system may cause the entitlement associated with the entitlement probability value to be excluded from a manual access review of the user (block 908)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Baikalov with the (Baikalov: par. 0005, 0007, 0025).
Regarding claim 6, the combination of Taneja and Baikalov teaches the method of claim 1.  Baikalov further discloses wherein the probability for a given user application entitlement (Baikalov: par. 0090, calculate an entitlement probability value for the selected entitlement based on weighted partial probabilities for the attributes in the set of attributes (block 822)), wherein the number of users for each pair of the cluster attribute and the given user application entitlement divided by the number of unique users for each value of the cluster attribute (Baikalov: pars. 0072-0073, 0090).
Regarding claim 9, claim 9 is directed to a system, comprising: a memory (Baikalov: fig. 1, par. 0032); and at least one processing device (Baikalov: fig. 1, par. 0032), coupled to the memory associated with the method claimed in claim 1; claim 9 is similar in scope to claim 1, and is therefore rejected under similar rationale. 
Regarding claim 15, claim 15 is directed to a computer program product, comprising a tangible machine-readable storage medium having encoded therein  (Baikalov: par. 0008), wherein the one or more software programs when executed by at least one processing device associated with the method claimed in claim 1; claim 15 is similar in scope to claim 1, and is therefore rejected under similar rationale.
Claims 2, 10, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Taneja et al. (“Taneja,” US 20080052102, published Feb. 28, 2008) in view of Baikalov et al. (“Baikalov” US 20150067889, published Mar. 5, 2015), further in view of Chari et a. (“Chari-377,” US 2015/0082377, published Mar. 19, 2015).
Regarding claim 2, the combination of Taneja and Baikalov teaches the method of claim 1.  Baikalov further discloses wherein the one or more predefined information content rules but does not explicitly disclose comprising an entropy test that removes a given attribute below a predefined entropy value. 
However, in an analogous art, Chari-377 teaches wherein comprising an entropy test that removes a given attribute below a predefined entropy value (Chari: claim 8, identifying attributes further comprises removing any attributes with entropy reduction below a given value and any operational attributes).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Chari-377 with the method and system of Taneja and Baikalov, wherein the one or more predefined information content rules but does not explicitly disclose comprising an entropy test that removes a given attribute below a predefined entropy value to provide users with a means for performing noise removal from the identified attributes of the existing authorization (Chari: pars. 0006-0007).
Regarding claim 10, claim 10 is similar in scope to claim 2, and is therefore rejected under similar rationale.
Regarding claim 16, claim 16 is similar in scope to claim 2, and is therefore rejected under similar rationale.
Claims 3, 11, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Taneja et al. (“Taneja,” US 20080052102, published Feb. 28, 2008) in view of Baikalov et al. (“Baikalov” US 20150067889, published Mar. 5, 2015), further in view of Valensi et al. (“Valensi,” US 10,114,884, filed Mar. 22, 2016).
Regarding claim 3, the combination of Taneja and Baikalov teaches the method of claim 1. Baikalov further discloses wherein the one or more predefined information content rules but does not explicitly disclose comprising a unique values test that removes a given attribute one or more of below a predefined cardinality value and having a relative cardinality value above a predefined threshold. 
However, in an analogous art, Chari teaches wherein comprising a unique values test that removes a given attribute one or more of below a predefined cardinality value and having a relative cardinality value above a predefined threshold (Valensi: Col. 12, lines 12-19; processor removes columns with cardinality below a predefined cardinal threshold; remove columns that have non-empty values be low a predefined threshold …).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Chari with the method and system of Taneja and Baikalov, wherein the one or more predefined information content rules comprise a unique values test that removes a given attribute one or more of below a predefined cardinality value and having a relative cardinality value above a predefined threshold to provide users with means for an efficient and/or optimized attribute analysis system that processes multiple, large disparate data recourses (Valensi: Col. 8, lines 43-45).
Regarding claim 11, claim 11 is similar in scope to claim 3, and is therefore rejected under similar rationale.
Regarding claim 17, claim 17 is similar in scope to claim 3, and is therefore rejected under similar rationale.
Claims 4, 12, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Taneja et al. (“Taneja,” US 20080052102, published Feb. 28, 2008) in view of Baikalov et al. (“Baikalov” US 20150067889, published Mar. 5, 2015), further in view of Manning et al. (“Manning,” US 2019/0149854, published Nov. 13, 2017).
Regarding claim 4, the combination of Taneja and Baikalov teaches the he method of claim 1.  Baikalov further teaches wherein the one or more predefined information content rules but does not explicitly comprising a distribution test that removes 
However, in an analogous art, Manning teaches wherein comprising a distribution test that removes a given attribute having one or more of a percent of users in each element of the given attribute above a predefined value and having a number of users in each element of the given attribute below a predefined value (Manning: par. 0038, The threshold may be pre-defined for each attribute or sets of attributes, or may be a static percentage of all users that fall within a given set of attributes).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Manning with the method and system of Taneja and Baikalov, wherein a distribution test that removes a given attribute having one or more of a percent of users in each element of the given attribute above a predefined value and having a number of users in each element of the given attribute below a predefined value to provide users with a means for The interactive media guidance application generates graphical user interface screens that enable a user to navigate among, locate and select content (Manning: abstract, par. 0049).
Regarding claim 12, claim 12 is similar in scope to claim 4, and is therefore rejected under similar rationale.
Regarding claim 18.
Claims 5, 13, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Taneja et al. (“Taneja,” US 20080052102, published Feb. 28, 2008) in view of Baikalov et al. (“Baikalov” US 20150067889, published Mar. 5, 2015), further in view of Convertino et al. (“Convertino,” US 2017/0185668, published Jun. 29, 2017), and Salkola (“Salkola,” US 10,803,050, filed Jul. 27, 2018), and Wang et al. (“Wang,” US 2016/0112973, published Apr. 21, 2016).
Regarding claim 5, the combination of Taneja and Baikalov teaches the he method of claim 1. Baikalov further teaches wherein the one or more predefined information content rules but does not explicitly disclose comprising a cross correlation test that determines a cross correlation for a pair of attributes and removes a given attribute having a lower cardinality from the pair of attributes when the cross correlation for the pair of attributes is above a predefined correlation threshold. 
However, in an analogous art, Convertino teaches wherein a cross correlation test that determines a cross correlation for a pair of attributes (Convertino: par. 0047; Pearson correlation is applied to the data in the pair of columns).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Convertino with the method and system of Taneja and Baikalov, wherein a cross correlation test that determines a cross correlation for a pair of attributes to provide users with means for the identification of the columns does not need to be performed through a selection by a user and is performed automatically (Convertino: abstract, par. 0039).

However, in an analogous art, Salkola teaches wherein removing a given attribute having a lower cardinality from the pair of attribute (Salkola: Col. 12, lines 12-19; remove, if a computed confidence probability for each unique attribute-value pair in the plurality of records is less than a threshold probability, the attribute-value pair from each of the plurality of records…).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Salkola with the method and system of Taneja and Baikalov, wherein removing a given attribute having a lower cardinality from the pair of attribute to provide users with means for accurately resolving the entities associated with the user input in a personalized and context-aware manner.  The accuracy of the estimated confidence probabilities and the estimated semantic weights are improved (Salkola: Col. 4, lines 30-37).
Salkola discloses removing a given attribute having a lower cardinality from the pair of attribute but does not explicitly disclose condition “when the cross correlation for the pair of attributes is above a predefined correlation threshold.”
 However, in an analogous art, Wang teaches wherein removing the sequence pairs when cross-correlation characteristic Pu1u2 greater than the threshold (Wang: par. 0028, removing the sequence pairs with computed time domain cross-correlation characteristic Pu1u2 greater than the threshold).
(Wang: abstract). 
Regarding claim 13, claim 13 is similar in scope to claim 5, and is therefore rejected under similar rationale.
Regarding claim 19, claim 19 is similar in scope to claim 5, and is therefore rejected under similar rationale.
Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Taneja et al. (“Taneja,” US 20080052102, published Feb. 28, 2008) in view of Baikalov et al. (“Baikalov” US 20150067889, published Mar. 5, 2015), further in view of Ezen Can et al. (“Ezen Can,” US 2019/0370696, filed Jun. 3, 2018).
Regarding claim 7, the combination of Taneja and Baikalov teaches the method of claim 1.  The combination of Taneja and Baikalov discloses the one or more of the predefined information content rules and the at least one predefined anomaly threshold as recited above but does not explicitly disclose updating the at least one predefined anomaly threshold based on user feedback. 
 (Ezen Can; par. 00298, The active learning phase may include receiving dynamic feedback from a user (e.g., SME or doctor) about the real-world findings or evidence to propagate machine learning with ground truth as each user provides feedback).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Ezen Can with the method and system of Taneja and Baikalov, wherein updating one or more of the predefined information content rules and the at least one predefined anomaly threshold based on user feedback to provide users with a means for creating an active learning framework that may be used to generate ground truth for disambiguating concepts.  The active learning phase may include receiving dynamic feedback from a user (e.g., SME or doctor) about the real-world findings or evidence to propagate machine learning with ground truth as each user provides feedback (Ezan Can: par. 0027).
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Taneja et al. (“Taneja,” US 20080052102, published Feb. 28, 2008) in view of Baikalov et al. (“Baikalov” US 20150067889, published Mar. 5, 2015), and further in view of Chari et al (“Chari-695,” US 2014/0359695, published Dec. 4, 2014).
Regarding claim 8, the combination of Taneja and Baikalov teaches the method of claim 1. The combination of Taneja and Baikalov further disclose wherein the one or more anomalies in the enterprise entitlement data but does not explicitly disclose comprising one or more of an abnormal user application entitlement as recited above .
However, in an analogous art, Chari-695 teaches wherein one or more of an abnormal user application entitlement that is  improperly present for at least one user of a same group of enterprise users (Chari-695: par. 0084, These processes take a set of users and their attributes, where some users are granted the entitlement, and some users are not, and produce a model of the users who are assigned the entitlement) that is absent for other peers in the same group and a missing user application entitlement that is present for other peers in the same group and should be granted to another user of the same group (Chari-695: par. 0084, These processes take a set of users and their attributes, where some users are granted the entitlement, and some users are not, and produce a model of the users who are assigned the entitlement).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Chari-695 with the method and system of Taneja and Baikalov, wherein one or more of an abnormal user application entitlement as recited above disclose that is  improperly present for at least one user of a same group of enterprise users that is  absent for other peers in the same group and a missing user application entitlement that is present for other peers in the same group and should be granted to another user of the same group to provide users with a means for correlating logs detailing resource access with access control security policies to ensure  (Chari-695: par. 0007).
Regarding claim 14, claim 14 is similar in scope to claim 6, and is therefore rejected under similar rationale.
Regarding claim 20, claim 20 is similar in scope to claim 6, and is therefore rejected under similar rationale.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Canh Le whose telephone number is 571-270-1380. The examiner can normally be reached on Monday to Friday 6:00AM to 3:30PM other Friday off.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service 

/Canh Le/
Examiner, Art Unit 2439

January 26th, 2021 


/JAHANGIR KABIR/Primary Examiner, Art Unit 2439