DETAILED ACTION
This communication is in respond to application filed on August 30, 2018 and preliminary amendment filed on August 30, 2018.  Claims 1-20 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/30/2018 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 1 recites a first “a security measure” in line 7, and further a second “a security measure” in lines 7-8, and further recites a third “a security measure” in line 9, it is not clear whether the 
Claim 3 recites the limitation “the generation unit” in line 5. There is insufficient antecedent basis for this limitation in the claim. 
Claim 4 recites the limitation “an information asset of the first information asset”, the scope of this limitation is not clear: the first information asset is an information asset, it is not clear what an information asset of an information asset include other than the information asset itself.  Claims 13 and 14 each recites similar limitations as claim 4 and are therefore rejected under the same rationale.
Claim 5 recites the limitation “the extraction unit” in line 7. There is insufficient antecedent basis for this limitation in the claim. Claims 15-17 each recites similar limitations and are therefore rejected under the same rationale.
Claim 7 recites “candidates for a security measure” in line 5, however, there is a previously recited “candidates for a security measure in parent claim 1 (lines 7-8), it is not clear whether they are referring to the same candidates for the same security measure. Further, claim 7 recites “the candidates” in line 6, it is not clear which of the two previously recited candidates it is referring to. Claims 18, 19 and 20 each recites similar limitations and are therefore rejected under the same rationale.
Claim 7 recites the limitation "the detection unit" in 7.  There is insufficient antecedent basis for this limitation in the claim. Claims 18, 19 and 20 each recites similar limitations and are therefore rejected under the same rationale.
Claim 12 recites the limitation “the generation unit” in line 5. There is insufficient antecedent basis for this limitation in the claim. 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6 and 8-17 are rejected under 35 U.S.C. 103 as being unpatentable over US PG-PUB No. 2016/0164906 A1 to Pinney Wood et al. (hereinafter Pinney Wood) in view of US PG-PUB No. 2013/0111548 A1 to Kanoun et al. (hereinafter Kanoun).
As per claim 1, Pinney Wood disclosed a security management apparatus, which is included in a first system, comprising: processing circuitry to: 
externally receive dependency information indicating a dependence relation among information assets individually held by the first system and one or more second systems different from the first system (Pinney Wood, Abstract, CTMC determines risk across a global internet network graph model, further par 0030, the network 105 include multiple networks operatively coupled to one another, i.e., multiple systems are involved; par 0034, CTMC server(s) can be located in a variety of locations in the network, which indicates the information is received externally (when data received from other sources in the network); par 0037, data graph and factor graph “model relationships and dependencies that exist in the computer 
Pinney Wood does not explicitly disclose select a security measure to be implemented from candidates for a security measure against a threat to a first information asset that is an information asset held by the first system, in accordance with an impact degree, caused by a security measure, on a second information asset that is an information asset dependent on the first information asset indicated by the dependency information received by the communication unit; however, in an analogous art in network security management, Kanoun disclosed select a security measure to be implemented from candidates for a security measure against a threat to a first information asset that is an information asset held by the first system, in accordance with an impact degree, caused by a security measure, on a second information asset that is an information asset dependent on the first information asset indicated by the dependency information received by the communication unit (Kanoun, par 0010-0015, deciding activating of a curative security policy “in function of the success probability parameter of the, at least one, detected attack, of the activation impact parameter of at least one curative security policy and of the cost impact parameters of both the detected at least one attack and the at least one curative security policy”); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Pinney Wood to incorporate the selecting of security policy as a function of success probability parameter and activation impact parameter and cost impact parameters of security policies as disclosed by Kanoun, such implementation would allow optimized efficiency of the user of a security policy as suggested by Kanoun (Kanoun, par 0109). 



As per claim 2, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 1; Pinney Wood does not explicitly disclose the processing circuitry selects, as a security measure to be implemented, a security measure that is to limit an access source to the first information asset, to a second system holding the second information asset; however, Kanoun disclosed security measure that is to limit an access source to information asset (Kanoun, par 0091, “...security policies refer, for example, to firewall activation, authentication request activation or user account blocking or any actions allowing to cure the information system or reduce the impact of the attack”, firewall activation is an example of limit access source to information asset in a system within a firewall); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Pinney Wood to incorporate the security policies including firewall activation as disclosed by Kanoun, in order to ensure protection of system resource that is under threat. 

As per claim 3, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 1, wherein the processing circuitry generates a relation tree that is data to define the dependence relation in a tree structure, from the dependency information, and refers to a relation tree generated by the generation unit to specify the second information asset (Pinney Wood, Fig. 4B, and par 0069, the tree structure indicates “influences” from child nodes to parent node, the influences correspond to dependence relationships). 

As per claim 4, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 1, wherein the dependency information includes information indicating an importance of an information asset of the first information asset with respect to an information asset of a 

As per claim 5, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 1, wherein the processing circuitry extracts, for each security measure, an index value of each of the candidates from a database storing an index values for selecting a security measure, and selects, as a security measure to be implemented, a security measure whose index value extracted by the extraction unit satisfies a condition (Kanoun, par 0108-0109, the process of retrieving policy from response policy data repository based dynamically determined condition for activating the policy; the reasons of obviousness have been noted in the rejection of claim 1 above and applicable herein). 

As per claim 6, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 5, wherein the processing circuitry externally receives information indicating the condition (Pinney Wood, CTMC server provides solutions for external users). 



As per claim 9, Pinney Wood-Kanoun disclosed a central security management apparatus for aggregating the dependency information from the security management apparatus according to claim 1, and from other security management apparatus included in the one or more second systems (Pinney Wood, Abstract, CTMC determines risk across a global internet network graph model, further par 0030, the network 105 include multiple networks operatively coupled to one another, i.e., multiple systems are involved; par 0034, CTMC server(s) can be located in a variety of locations in the network, include, as a remotely located server, which corresponds to a central security management apparatus that aggregating the dependency information). 

Claim 10 recites substantially the same limitations as claim 1, in the form of a method implemented by the corresponding apparatus, therefore, it is rejected under the same rationale.

Claim 11 recites substantially the same limitations as claim 1, in the form of a computer readable medium storing programs for processing steps implemented by the corresponding apparatus, therefore, it is rejected under the same rationale.



As per claim 13, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 2, wherein the dependency information includes information indicating an importance of an information asset of the first information asset with respect to an information asset of a dependent source, wherein the processing circuitry calculates the impact degree, caused by a security measure, on the second information asset from an importance indicated with the dependency information (Pinney Wood, Fig. 4B, and par 0069, the “change factor” corresponds to information indicating an importance of dependency; the change factor is used for calculating TIC score, which corresponds to an impact degree; the reasons of obviousness have been noted in the rejection of claim 4 above and applicable herein). 

As per claim 14, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 3, wherein the dependency information includes information indicating an importance of an information asset of the first information asset with respect to an information asset of a dependent source, wherein the processing circuitry calculates the impact degree, caused by a security measure, on the second information asset from an importance indicated with the dependency information (Pinney Wood, Fig. 4B, and par 0069, the “change factor” corresponds to information indicating an importance of dependency; the change factor is used for calculating 

As per claim 15, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 2, wherein the processing circuitry extracts, for each security measure, an index value of each of the candidates from a database storing an index values for selecting a security measure, and selects, as a security measure to be implemented, a security measure whose index value extracted by the extraction unit satisfies a condition (Kanoun, par 0108-0109, the process of retrieving policy from response policy data repository based dynamically determined condition for activating the policy; the reasons of obviousness have been noted in the rejection of claim 1 above and applicable herein). 

As per claim 16, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 3, wherein the processing circuitry extracts, for each security measure, an index value of each of the candidates from a database storing an index values for selecting a security measure, and selects, as a security measure to be implemented, a security measure whose index value extracted by the extraction unit satisfies a condition (Kanoun, par 0108-0109, the process of retrieving policy from response policy data repository based dynamically determined condition for activating the policy; the reasons of obviousness have been noted in the rejection of claim 1 above and applicable herein). 

As per claim 17, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 4, wherein the processing circuitry extracts, for each security measure, an index value of each of the candidates from a database storing an index values for selecting a security . 

Claims 7 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Pinney Wood in view of Kanoun as applied to claim 1 above, and further in view of US PG-PUB No. 2018/0027006 A1 to Zimmermann et al. (hereinafter Zimmermann).
As per claim 7, Pinney Wood-Kanoun disclosed the security management apparatus according to claim 1; Pinney Wood-Kanoun does not explicitly disclose the processing circuitry detects a change in a configuration of the first system, and selects a security measure to be implemented among candidates for a security measure against a threat extracted, as the candidates, in accordance with a change detected by the detection unit; however, in an analogous art in network system security management, Zimmermann disclosed a method and system that implements system configuration monitoring and detects threat based on change detected (Zimmermann, configuration monitoring and security); it would have been obvious to one of ordinary skill in the art before the effective filing date of the invention, to modify the system of Pinney Wood to further incorporate the configuration monitoring as disclosed by Zimmermann, in order to ensure detection of threat associated with system configuration changes. 

As per claim 18, Pinney Wood-Kanoun-Zimmermann disclosed the security management apparatus according to claim 2, wherein the processing circuitry detects a change in a configuration of the first system, and selects a security measure to be implemented among 

As per claim 19, Pinney Wood-Kanoun-Zimmermann disclosed the security management apparatus according to claim 3, wherein the processing circuitry detects a change in a configuration of the first system, and selects a security measure to be implemented among candidates for a security measure against a threat extracted, as the candidates, in accordance with a change detected by the detection unit (Zimmermann, configuration monitoring and security; the reasons of obviousness have been noted in the rejection of claim 7 above and applicable herein). 

As per claim 20, Pinney Wood-Kanoun-Zimmermann disclosed the security management apparatus according to claim 4, wherein the processing circuitry detects a change in a configuration of the first system, and selects a security measure to be implemented among candidates for a security measure against a threat extracted, as the candidates, in accordance with a change detected by the detection unit (Zimmermann, configuration monitoring and security; the reasons of obviousness have been noted in the rejection of claim 7 above and applicable herein).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Datta Ray et al. (US Pat. No. 9,628,501 B2) disclosed a method and system for coordinated risk management which take advantage of a correlated view of IT security and OT reliability consequences.
Thomas et al. (US PG-PUB No. 2017/0063920 A1) disclosed a cyber-security system which is configured to aggregate and unify data from multiple components and platforms on a network.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Linglan Edwards whose telephone number is (571)270-5440.  The examiner can normally be reached on 8:00am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/ PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer 






/LINGLAN E EDWARDS/Primary Examiner, Art Unit 2491