DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Amendment filed 02/11/2021 has been received and considered.
Claims 1-6 and 8-21 are pending.
This action is Final.
Response to Arguments
2.	Applicant's arguments filed 02/11/2021 have been fully considered but are moot because they do not apply to the newly cited reference applied in the current rejection.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



3.	Claims 1-6 and 8-21 are rejected under 35 U.S.C. 103 as being unpatentable over US Pub. No. US 2016/0072831 A1 to Rieke, (hereinafter, “Rieke”) in view of US Pub. No. US 2016/0028776 A1 to Lim, (hereinafter, “Lim”), as disclosed in IDS submitted on 03/31/2019 and in further view of US Pub. No. US 2015/0058619 A1 to Sweet, (hereinafter, “Sweet”).

As per claim 1, Rieke teaches a computer-implemented method comprising: 
(Rieke, Fig. 9 and para. [0111] “method 900 includes collecting data (e.g., asset and/or network data) from different sources (905), filtering the data (910), identifying one or more events and assets associated with such events from the data (915), identifying connections between assets and characteristics thereof from the data (920), and generating (925) and presenting (930) a flow information graph…Method 900 additionally includes collecting updated data (955) and updating the flow information graph with the updated data (960). Method 900 also includes storing data (965), analyzing data (970), generating one or more alerts (975), generating one or more reports (980), and exporting data (985).”); and 
based on analyzing the derived metadata, performing at least one action (Rieke, para. [111] “Method 900 further includes receiving a selection of a component in the flow information graph (935), displaying additional information in response to the selection (940), receiving edits to network traffic rules (945) and applying such rules to the network (950).”).
Rieke teaches the method of claim 1, however at least one lifecycle policy is not taught by Rieke, but Lim teaches:
evaluating, based on the collected metadata, at least one lifecycle policy (Lim, para. [0178] “Pass the selected policies and data collected through policy evaluation logic to produce a consequence (or outcome). The consequence includes one of the valid policy effects (e.g., ALLOW, DENY, evaluate another set (or sets) of policies, query user and call a custom effect handler), and perform any obligation and remediation tasks.” And para. [0092] Referring to FIG. 7, the internal components of the policy server 701 are shown. The policy server is responsible for policy management, including policy authoring, lifecycle, and deployment. The policy server maintains a policy repository, 402 and 507, for storing policies. A system typically has at least one policy server and can contain multiple policy servers in order to support a large number of policy builders 501 and policy enforcers 516 and 518. The policy server provides the following functions: policy authoring, policy access control, policy lifecycle management, policy management and policy deployment.”).
Rieke and Lim are in the same field of endeavor as they are directed to collecting data and analyzing policies of a network or an information management systems. Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lim’s analyzing policies into Rieke’s analysis and reporting with a motivation for improved techniques and systems for managing information of a network (Lim, para. [0014]).

The combination of Rieke and Lim teach the method of claim 1 above, however fail to explicitly teach, but Sweet teaches:
the lifecycle policy controlling at least one of the collecting of the metadata or a transformation of the metadata (Sweet, para. [0230] “The security control module transmits (930) to a remote security server a policy id, which identifies (932) a security policy that applies to the first operating system and applies to the one or more first applications. As illustrated in FIGS. 1A and 1B, each policy has an associated set of commands and an associated set of rules for evaluating the collected data (e.g., data about each security control module, data about the operating system in which each security control module is running, and/or data about one or more applications running in each operating system).” And para. [0246] “Each command is (972) either a command to modify execution of an executable program or process, a command to collect information about the first operating system, about the security control module, or about the one or more first applications, or a command to perform an action that modifies data associated with the first operating system, data associated with the security control module, or data associated with the one or more first applications. Collection commands include commands that collect data about the security control module, collect data about one or more applications, collect data about the operating system, or collect data about one or more files or directories. Commands that modify data include commands that insert new data, remove existing data, and/or change existing data. Modification commands can change configuration parameters (for the operating system, for the security control module, or for one or more of the applications), change user access rights, change data or metadata associated with the operating system or any application running in the operating system, and so on.”)
providing derived metadata based on the evaluating of the at least one lifecycle policy (Sweet, para. [0281] “Periodically (e.g., according to the schedule 1114), the security control module 48 on the computing device 800 scans (1680) the identified files and collects (1680) metadata 1604 for the critical file, computes (1680) a content signature 1606 for the critical file, and tracks the timestamp 1608 when the scan runs. Subsequently, the data (e.g., metadata 1604, content signature 1606, and scan timestamp 1608) are transmitted (1682) to the security server.”)
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sweet’s computer security methods into Lim’s analyzing policies and Rieke’s analysis and reporting with a motivation for improved server security management (Sweet, para. [0019]).

As per claim 2, the combination of Rieke, Lim and Sweet teach the method of claim 1, wherein the derived metadata includes metadata collected from at least two platforms (Rieke, Fig. 9 and para. [0111] “method 900 includes collecting data (e.g., asset and/or network data) from different sources (905), filtering the data (910), identifying one or more events and assets associated with such events from the data (915), identifying connections between assets and characteristics thereof from the data (920)”).

As per claim 3, the combination of Rieke, Lim and Sweet teach the method of claim 1, wherein the at least one action comprises updating or implementing at least one of a security policy or a control for at least one object, wherein the at least one object is on at least one platform, and wherein the derived metadata includes metadata collected from the at least one platform (Rieke, para. [0053] “The Control Management and Directives component performs the construction of directives and initiates the delivery of directives to the computing environment elements to affect the appropriate action or actions from the elements including: the generation of events, transfer of configuration and process data in either direction, the starting and stopping of a security technical control, the reconfiguration of the security technical control with an updated policy, the reconfiguration of an element of any type” and para. [111] “Method 900 further includes receiving a selection of a component in the flow information graph (935), displaying additional information in response to the selection (940), receiving edits to network traffic rules (945) and applying such rules to the network (950).”).

As per claim 4, the combination of Rieke, Lim and Sweet teach the method of claim 3, wherein the at least one object comprises a virtual machine (Rieke, para. [0025] “Asset--a discrete hardware based on virtualized computing system that processes data in the data center, a virtualized computer or virtual machine.” And para. [0044] “Security elements are characterized by their function of providing implementations of various technical security controls either at the network, host, virtual machine”)

As per claim 5, the combination of Rieke, Lim and Sweet teach the method of claim 1, wherein the at least one action comprises reporting network communication flows to a computing device (Rieke, para. [111] “Method 900 further includes receiving a selection of a component in the flow information graph (935), displaying additional information in response to the selection (940), receiving edits to network traffic rules (945) and applying such rules to the network (950). Method 900 additionally includes collecting updated data (955) and updating the flow information graph with the updated data (960). Method 900 also includes storing data (965), analyzing data (970), generating one or more alerts (975), generating one or more reports (980), and exporting data (985).” And para. [0132] “Various reports may also be generated (980) and presented to users of the system and/or third parties. A report may be included in an electronic document, and may provide a summary of state, status, and/or history of some aspect of a network, TrustZones, and/or individual assets.”).

As per claim 6, the combination of Rieke, Lim and Sweet teach the method of claim 5, wherein reporting the network communication flows comprises presenting, based on the derived metadata, a display to a user of the computing device, wherein the display includes a graphical representation of relationships between objects on at least one platform (Rieke, see Figure 7, para. [0097] “Each security technical control in a combination, as expressed in the mapping, may contribute a normalized portion of a defined compliance level measurement. These levels may be represented numerically, such as a level between 0 and 3, and that level displayed graphically (455) in real time or near-real time as shown in FIG. 7. Compliance levels (such as numerical scores) may be generated for any number of logical zones, assets, or other hardware and software components (such as the firewall) and may be simultaneously evaluated against multiple compliance frameworks through alternate compliance mappings.”)

As per claim 8, the combination of Rieke, Lim and Sweet teach the method of claim 1, wherein analyzing the derived metadata comprises evaluating, based on the derived metadata, at least one security and analytics policy (Rieke, para. [0039] “Environmental events within the context of TrustZone members and membership policy can be monitored such that different sets of security control policies may be dynamically assigned to, or changed for, any asset in a TrustZone by moving the asset from one TrustZone to another or by changing a policy or policies for a TrustZone of which that asset is a member.”).

As per claim 9, the combination of Rieke, Lim and Sweet teach the method of claim 8, wherein performing at least one action comprises performing, based on evaluating the at least one security and analytics policy, at least one security action (Rieke, para. [0053] “The Control Management and Directives component performs the construction of directives and initiates the delivery of directives to the computing environment elements to affect the appropriate action or actions from the elements including: the generation of events, transfer of configuration and process data in either direction, the starting and stopping of a security technical control, the reconfiguration of the security technical control with an updated policy, the reconfiguration of an element of any type”).

As per claim 10, the combination of Rieke, Lim and Sweet teach the method of claim 9, wherein the at least one security action is at least one of modifying at least one firewall rule for at least one object, sending a communication to a computing device, presenting a display to a user, implementing at least one security control, or updating at least one security control (Rieke, para. [0062] “FIG. 4, method 400 includes identifying one or more assets associated with one or more logical zones (405), establishing connections with one or more components (410), associating one or more security policies with one or more logical zones (415), detecting changes in one or more attributes for one or more assets (420), detecting security vulnerabilities and corrections thereto (425), changing zone memberships for one or more assets (430), modifying one or more firewall configuration settings (435), associating one or more compliance policies with one or more logical zones (440), analyzing modifications to the firewall configuration settings (445), determining one or more compliance levels (450), and displaying one or more compliance levels (455).”).

As per claim 11, the combination of Rieke, Lim and Sweet teach the method of claim 8, wherein evaluating at least one security and analytics policy comprises evaluating the presence or absence of metadata on at least one object in inventory, and wherein performing at least one action comprises invoking at least one security action associated with the at least one object (Rieke, para. [0095] “Compliance mappings may combine validated technical controls where information from one technical control or policy is not sufficient to assure compliance with compliance controls.” And para. [0096] “As described above, embodiments of the present disclosure may update policies for firewalls automatically in response to IP address changes, thus maintaining compliance.”).

As per claim 12, the combination of Rieke, Lim and Sweet teach the method of claim 11, further comprising, after completing the at least one security action, adding metadata to the at least one object, or removing metadata from the at least one object (Rieke, para. [0084] “as a result of an architectural change, Asset1 (currently in TrustZoneA) now needs to be allowed to make any TCP connection to Asset2 (currently in TrustZoneB). Asset1 can be moved from TrustZoneA to TrustZoneC. The system, through it's monitoring of the asset attributes, detects the move (420) and can formulate a directive to the firewall (435) to remove Asset1's IP address from the deny ACL and add Asset1's IP address to the allow ACL. This may result in completely changing the firewall policy for both Asset1 and Asset2, and can be performed automatically, with minimal operator effort, and without the need to manipulate complex numerical ACLs on the firewall. In this manner, the configuration settings of the firewall can be modified in response to detecting the move an asset from one logical zone to another to allow or prevent communication between the moved asset and another asset or component.”).

As per claim 13, the combination of Rieke, Lim and Sweet teach the method of claim 1, further comprising applying the derived data to inventory on at least one platform (Rieke, para. [0111] “In FIG. 9, method 900 includes collecting data (e.g., asset and/or network data) from different sources (905), filtering the data (910), identifying one or more events and assets associated with such events from the data (915), identifying connections between assets and characteristics thereof from the data (920), and generating (925) and presenting (930) a flow information graph. Method 900 further includes receiving a selection of a component in the flow information graph (935), displaying additional information in response to the selection (940), receiving edits to network traffic rules (945) and applying such rules to the network (950).”).

As per claim 14, the combination of Rieke, Lim and Sweet teach the method of claim 1, further comprising detecting a threat associated with at least one identified asset, wherein performing at least one of collecting or creating metadata comprises creating a tag associated with the detected threat, and the method further comprising applying the tag to the at least one identified asset (Rieke, para. [0088] “upon detection of a security vulnerability (such as a virus or other malware, or a defect in hardware or software) on an asset (425), security control software of the present disclosure could automatically limit or terminate network access by moving the asset (430) to a predefined TrustZone until other automated security technical controls update the vulnerability software or remove the virus. Such quarantine could be automatically removed in response to detecting the asset attribute condition that initiated the automated movement of the asset being cleared (420), or from the security control software receiving another indication that the security vulnerability has been addressed.”).

As per claim 15, Rieke teaches a system comprising: at least one processor; and memory in communication with the at least one processor (Rieke, para. [0103] “In FIG. 8, the system 800 includes a host computer system 810 comprising a processor 812, memory 814, and user interface 816.”) and storing instructions that, when executed by the at least one processor, cause the system to: 
collect metadata from objects on at least one platform (Rieke, Fig. 9 and para. [0111] “method 900 includes collecting data (e.g., asset and/or network data) from different sources (905), filtering the data (910), identifying one or more events and assets associated with such events from the data (915), identifying connections between assets and characteristics thereof from the data (920), and generating (925) and presenting (930) a flow information graph”);
evaluate, based on the derived metadata, at least one security and analytics policy (Rieke, para. [0039] “Environmental events within the context of TrustZone members and membership policy can be monitored such that different sets of security control policies may be dynamically assigned to, or changed for, any asset in a TrustZone by moving the asset from one TrustZone to another or by changing a policy or policies for a TrustZone of which that asset is a member.”); and 
based on evaluation of the at least one security and analytics policy, perform at least one action on at least one first object, wherein the at least one first object is on the at least one platform (Rieke, para. [0053] “The Control Management and Directives component performs the construction of directives and initiates the delivery of directives to the computing environment elements to affect the appropriate action or actions from the elements including: the generation of events, transfer of configuration and process data in either direction, the starting and stopping of a security technical control, the reconfiguration of the security technical control with an updated policy, the reconfiguration of an element of any type”).


evaluate, based on the collected metadata, at least one lifecycle policy to provide derived metadata (Lim, para. [0178] “Pass the selected policies and data collected through policy evaluation logic to produce a consequence (or outcome). The consequence includes one of the valid policy effects (e.g., ALLOW, DENY, evaluate another set (or sets) of policies, query user and call a custom effect handler), and perform any obligation and remediation tasks.” And para. [0092] Referring to FIG. 7, the internal components of the policy server 701 are shown. The policy server is responsible for policy management, including policy authoring, lifecycle, and deployment. The policy server maintains a policy repository, 402 and 507, for storing policies. A system typically has at least one policy server and can contain multiple policy servers in order to support a large number of policy builders 501 and policy enforcers 516 and 518. The policy server provides the following functions: policy authoring, policy access control, policy lifecycle management, policy management and policy deployment.”); 

Rieke and Lim are in the same field of endeavor as they are directed to collecting data and analyzing policies of a network or an information management systems. Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lim’s analyzing policies into Rieke’s analysis and reporting with a motivation for improved techniques and systems for managing information of a network (Lim, para. [0014]). 

The combination of Rieke and Lim teach all the limitations of claim 15 above, however fail to explicitly teach, but Sweet teaches:
the lifecycle policy controlling at least one of the collecting of the metadata or a transformation of the metadata (Sweet, para. [0230] “The security control module transmits (930) to a remote security server a policy id, which identifies (932) a security policy that applies to the first operating system and applies to the one or more first applications. As illustrated in FIGS. 1A and 1B, each policy has an associated set of commands and an associated set of rules for evaluating the collected data (e.g., data about each security control module, data about the operating system in which each security control module is running, and/or data about one or more applications running in each operating system).” And para. [0246] “Each command is (972) either a command to modify execution of an executable program or process, a command to collect information about the first operating system, about the security control module, or about the one or more first applications, or a command to perform an action that modifies data associated with the first operating system, data associated with the security control module, or data associated with the one or more first applications. Collection commands include commands that collect data about the security control module, collect data about one or more applications, collect data about the operating system, or collect data about one or more files or directories. Commands that modify data include commands that insert new data, remove existing data, and/or change existing data. Modification commands can change configuration parameters (for the operating system, for the security control module, or for one or more of the applications), change user access rights, change data or metadata associated with the operating system or any application running in the operating system, and so on.”)
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sweet’s computer security methods into Lim’s analyzing policies and Rieke’s analysis and reporting with a motivation for improved server security management (Sweet, para. [0019]).


As per claim 16, the combination of Rieke, Lim and Sweet teach the system of claim 15, wherein the instructions further cause the system to: 
collect, from the at least one platform using an API query, inventory data regarding each of the objects, wherein the inventory data uniquely identifies each object on the at least one platform (Rieke, para. [0067] “Assets, and changes in the attributes of assets, may be detected by periodically querying the management element or other hardware or software components. For example, a security technical control, referred to herein as a Virtual Infrastructure Monitor (VIM), may use the connection to the vSphere server to identify and enumerate all virtualized computing elements (i.e., virtual machines) and all virtual switches. Through the API interface with vSphere, the security control software implementing the features of the present disclosure may periodically query and re-enumerate the configured virtual machines and virtual switches, thus determining the creation of new assets (such as virtual machines and virtual switches) or changes to the attributes of existing assets by comparing the results of subsequent queries with the previous query. The attributes for a plurality of different assets controlled by an asset management component can be monitored by querying the asset management component, as well as via communications originated by the asset management component to the security control software.”); and 
based on the at least one lifecycle policy, apply the derived metadata to each of the objects, wherein applying the derived metadata comprises updating the inventory data for each object (Rieke, para. [0095] “Compliance mappings may combine validated technical controls where information from one technical control or policy is not sufficient to assure compliance with compliance controls.” And para. [0096] “As described above, embodiments of the present disclosure may update policies for firewalls automatically in response to IP address changes, thus maintaining compliance.”).

As per claim 17, the combination of Rieke, Lim and Sweet teach the system of claim 16, wherein the instructions further cause the system to transmit, based on evaluation of the at least one security and analytics policy, an alert, wherein the alert includes an identification of a detected threat and an associated object (Rieke, para. [0088] “upon detection of a security vulnerability (such as a virus or other malware, or a defect in hardware or software) on an asset (425), security control software of the present disclosure could automatically limit or terminate network access by moving the asset (430) to a predefined TrustZone until other automated security technical controls update the vulnerability software or remove the virus. Such quarantine could be automatically removed in response to detecting the asset attribute condition that initiated the automated movement of the asset being cleared (420), or from the security control software receiving another indication that the security vulnerability has been addressed.”).

As per claim 18, the combination of Rieke, Lim and Sweet teach the system of claim 15, wherein the instructions further cause the system to: receive a first control policy from a security control on a first platform; and update the at least one security and analytics policy to include the first control policy (Lim, para. [0089] “A policy server 606 transfers policies to the policy enforcers 611 and 613. The policy server 606 determines what policies are to be delivered to the policy enforcers and when policies are to be updated on the policy enforcers.” And para. [0101] “In a policy system architecture that distributes full sets of policies to all policy enforcers, the policy deployment module takes a complete set of policies and sends it to a policy enforcer. In a policy system architecture that organizes policies based on one or more specific policy enforcers or policies targets, the policy deployment module receives or locates a policy enforcer's information and delivers the set of policies or a set of differences relevant to that policy enforcer.”).
As per claim 19, the combination of Rieke, Lim and Sweet teach the system of claim 15, wherein the collected metadata includes data inventory attributes, a state, or data received over a network from at least one computing device (Rieke, para. [0111] “In FIG. 9, method 900 includes collecting data (e.g., asset and/or network data) from different sources (905), filtering the data (910), identifying one or more events and assets associated with such events from the data (915), identifying connections between assets and characteristics thereof from the data (920), and generating (925) and presenting (930) a flow information graph. Method 900 further includes receiving a selection of a component in the flow information graph (935), displaying additional information in response to the selection (940), receiving edits to network traffic rules (945) and applying such rules to the network (950).”).

As per claim 20, the combination of Rieke, Lim and Sweet teach the system of claim 15, wherein evaluating the at least one lifecycle policy comprises determining whether a condition is satisfied by a second object (Lim, para. [0057] “FIG. 4, policies are created and managed by a policy server 401. As discussed below, a policy may define to whom and under what conditions (or conditions) access to a document is granted or denied. The policies are stored and manipulated by the policy author and policy administrator in the policy repository 402. Policies or subsets of policies, or both, are transmitted to workstations 403 and document servers 405 to control local and remote document accesses and information usage.”), and wherein providing derived metadata includes creating metadata for the second object in response to satisfying the condition (Lim, para. [0388] “A context element describes a circumstance that a policy is intended for (or a positive policy consequence (described below) should apply). It works in conjunction with resource element, action element and subject element to define a policy premise (or condition). For example, a context element may describe a time period in which a policy should be applied (i.e., adopting a positive policy consequence when other logical policy elements are evaluated to true).”).

As per claim 21, the combination of Rieke, Lim and Sweet teach the method of claim 1, wherein the collecting metadata comprises collecting the metadata from a platform selected from the group consisting of: a virtual machine (VM), an hypervisor, a cloud, and a container platform (Sweet, para. [0170] “One or more command sets 58 and their corresponding rule sets 59 constitute a policy domain. The purpose of a policy domain is to establish a specific configuration for each type of virtual machine 42 which will help harden it against and react to prevent attacks. The policy domain consists of a set of commands 58 applied to both the operating system 44 and the applications 70 running on it and a corresponding set of rules 59 to ensure that the commands are appropriately executed.” And para. [0231] “The security control module periodically uses (936) the first cryptographic key to securely retrieve from the remote security server a respective set of commands (e.g., from a command queue 150 at the remote security server 200, as illustrated in FIG. 1B). The respective set of commands is selected (938) by the remote security server according to the security policy, according to the current state of the first operating system, according to the current state of the first security control module, and/or according to the current state of one or more first applications running in the first operating system. This is described above with respect to FIGS. 6A and 6B.” and para. [0305] “The first security control module periodically collects (1748) metadata for the first set of files and directories (and other objects, as illustrated in FIG. 12).” And para. [0312] “each command is (1784) either a command to modify execution of an executable program or process, a command to collect information about the first operating system, about the security control module, or about the one or more first applications, or a command to perform an action that modifies data associated with the first operating system, data associated with the security control module, or data associated with the one or more applications.”)

Conclusion
4.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 20150128211 A1 – Access control rules for use in a distributed network management system using a label-based policy model.
US 20170024408 A1 – File-system monitoring and auditing using configured policies.

Applicant's amendment necessitated the new grounds of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZOHA P TAFAGHODI whose telephone number is (571)272-5199.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ZOHA PIYADEHGHIBI TAFAGHODI/Examiner, Art Unit 2437                                                                                                                                                                                                        

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498