DETAILED ACTION
This Office Action is in response to the application 16/249,511 filed on January 16th, 2019.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claims 1-20 are pending and herein considered.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS), submitted on 01/16/2019, is in compliance with the provisions of 37 CRR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 19-20 are rejected under 35 U.S.C. 101 
Regarding claim 19; claim 19 calls for a computer system; however, the body of the claim does not positively recite any hardware element. As recited in the body of the claim, the claimed system contains “a network,” “a machine learning (ML) model” and “a processor.” In light of the specification (pars. [0017], [0033]; fig. 1), the network and the learning machine model cab be all construed as software per se since they do not embody any hardware. Regarding the claim a processor, one of ordinary skill in the art would understand that a “processor” could be a software processor (See “The Authoritative Dictionary of IEEE Standards Terms,” Seventh Edition, published in 2000). Because the elements of claim 19 is interpreted as merely software and the claim lacks any physical device or machine, the claim is directed to non-statutory subject matter. It is suggested that the claim be further amended to positively recite at least one hardware element within the body of the claim to make the claim statutory under 35 U.S.C. 101.
Regarding claim 20; claim 20 does not recite any hardware element to resolve the issue in the independent claim 1. Therefore, claims 2-11 are also non-statutory under 35 U.S.C. 101.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Altman et al. (Altman), U.S. Patent Number 10,924,514.
Regarding claim 1; Altman discloses a method of authenticating a user of a computer system, wherein the user accesses the computer system using a computing device through a network, wherein the computer system implements a virtual desktop infrastructure (VDI), the method comprising:
receiving from the computing device authentication credentials (col. 6, lines 44-49; obtained data is a list of user accounts managed by the provider server, together with corresponding user credentials (i.e., “user names”, “passwords”, security certificates, or other credentials needed to obtain access to many sensitive data accounts on the provider server.);
determining that the authentication credentials match an authorized user of the computer system (col. 9, lines 9-11; execute one or more machine learning models to determine whether an unknown user computer is for a malicious user or a legitimate user.);
extracting from the computing device values of features of the computing device (col. 10, lines 23-26; extracts selected features from data sources; a feature or features is a type of information which is useful in determining whether a given account creation attempt is legitimate or malicious.);
retrieving a machine learning (ML) model associated with the authorized user (col. 10, lines 34-38; the machine learning engine uses a machine learning model to calculate, taking the selected features as input, a probability score that a given account creation attempt is malicious.);
(col. 14, lines 44-47; the features are data that has some correlation to determining whether a given attachment request is more likely to be malicious or more likely to be legitimate.); and 
based on the executing the ML model, providing the computing device access to a virtual desktop running within a virtual computing instance (VCI) of the computer system (col. 18, lines 54-56; a determination is made whether the probability score is above a threshold; if not, access to the secured account is granted).
Altman fails to explicitly disclose the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model.
However, in the same field of endeavor, Toth discloses controlling dynamic user interface functionality using a machine learning control engine wherein the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model (Toth: par. 0038; various machine learning algorithms are supervised learning algorithms, unsupervised learning algorithms, regression algorithms (e.g., linear regression, logistic regression), instance based algorithms (e.g., learning vector quantization, locally weighted learning), regularization algorithms (e.g., ridge regression, least-angle regression), decision tree algorithms, Bayesian algorithms, clustering algorithms, artificial neural network algorithms.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Toth into the method of Altman wherein the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model to provide a system in which a user is identified as unauthorized (Toth: par. 0003).
Regarding claim 2; Altman and Toth disclose the method of claim 1, wherein Altman further discloses the ML model is an unsupervised ML model, the method further comprising: based on the features of the computing device not being authenticated by the ML model, performing a secondary authentication process to determine whether a user using the computing device is the authorized user; and based on the secondary authentication process determining that the user using the computing device is the authorized user, refitting the ML model such that bounds of normal data points encompass a data point represented by the values of features of the computing device (Altman: col. 18, lines 56-60; the security action is to permit the next account creation or the next account attachment via the third-party software; if so, a security action is taken.).
Regarding claim 3; Altman and Toth disclose the method of claim 2, wherein Altman further discloses the ML model is ML model is an isolation forest model having a contamination factor between 0.05 and 0.3 (Altman: col. 16, lines 9-12; the scenario that security software is programmed to weight evaluation factor or even directly lower a probability score so that the probability score is less likely to exceed a threshold.).
Regarding claim 4; Altman and Toth disclose the method of claim 1, wherein Altman further discloses the ML model is a supervised ML model, the method further comprising: based on the features of the computing device not being authenticated by the ML model, performing a secondary authentication process to determine whether a user using the computing device is the authorized user; based on the secondary authentication process determining that the user using the computing device is the authorized user, adding the (Altman: col. 18, lines 61-64; a determination is made whether to continue to evaluate use of the third-party software; if so, the method repeats, if not, the method terminates.).
Regarding claim 5; Altman and Toth disclose the method of claim 4, wherein Toth further discloses the ML model is a logistic regression model (Toth: par. 0038; various machine learning algorithms are supervised learning algorithms, unsupervised learning algorithms, regression algorithms (e.g., linear regression, logistic regression), instance based algorithms (e.g., learning vector quantization, locally weighted learning), regularization algorithms (e.g., ridge regression, least-angle regression), decision tree algorithms, Bayesian algorithms, clustering algorithms, artificial neural network algorithms.).
Regarding claim 6; Altman and Toth disclose the method of claim 1, Toth discloses the method further comprising: performing a fingerprint authentication by comparing the values of features of the computing device to values of features in the fingerprint, wherein a successful authentication is based on whether values of features that are different between the values of features of the fingerprint and the values of features of the computing device satisfy a threshold (Toth: par. 0080; data associated with types of actions or selections made, a computing device finger-print, device characteristics; the device characteristics may be used to prevent the identified device from logging in at a future time (e.g., the device may be blacklisted).).
Regarding claim 7; Altman and Toth disclose the method of claim 1, Altman discloses the method further comprising, subsequent to the executing the ML model to (); establishing a user session within the VCI for the computing device; and executing a VDI client within the VCI, the VDI client configured to transmit a virtual desktop to the computing device (Altman: col. 18, lines 50-53; the features are input into a machine learning model; using the machine learning model, calculates a probability score that the next account creation or attachment will be malicious.).
Regarding claim 8; Altman and Toth disclose the method of claim 7, Altman discloses the method further comprising: determining, based on the executing the ML model, that the computing device has failed authentication; and based on determining that the computing device has failed authentication, configuring a firewall within the host computer such that the computing device has access to low sensitivity files but does not have access to high sensitivity files (Altman: col. 7, lines 13-16; the malicious user may use to attempt to circumvent this security is to use the third-party software to attach to sensitive data accounts on the provider server such as the sensitive data account 202.).
Regarding claim 9; Altman and Toth disclose the method of claim 8, wherein Toth further discloses the firewall is executing within the VCI (Toth: par. 0094; one or more virtual machines that are provided by one or more physical computing devices.).
Regarding claims 10-18
Regarding claims 19-20; Claims 19-20 are directed to computer system which have similar scope as claims 1-9. Therefore, claims 19-20 remain un-patentable for the same reasons.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087.  The examiner can normally be reached on 9:00 AM - 5:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or 



/KHOI V LE/
Primary Examiner, Art Unit 2436