Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 11/09/2020 has been entered.
DETAILED ACTION
This office action is in response to an amendment application received on 04/23/2020. In the response, applicant has amended claims 1, 8 and 13. Claims 2-7, 9-12 and 14-19 remain original. No claims have been cancelled and no new claims have been introduced. 
 Response to Arguments
Claim rejections under 35 U.S.C. § 103
Applicant’s arguments, filed 11/20/2020, with respect to the rejections of claims under 35 U.S.C. § 103 have been fully considered, however, examiner does not find the arguments to be persuasive. Applicant’s remarks for claims rejection under 35 U.S.C. § 103 are mentioned in page # 20-22. In first part of the remarks on page 20-21, applicant mentions that combination of references fails to disclose “responding to the request by separately loading from datastore, both compliance content referencing one or more controls on the computing environment and also remediation content”. Examiner respectfully disagrees with this remark. In response, SCA Sources/compliance data 132” and “Auth Sources 134” among other databases which are disclosed as separate databases and therefore it is inherent that since “compliance data 132” and “Auth Sources 134” are located in separate databases, they will apparently be loaded separately when called by the system. Besides that, “separately loading the datastore” adds nothing to the claim language because every memory cell is “separately” read. Therefore, Barkovic still teaches this limitation.
Furthermore, in second part of the remark in page # 21-22, applicant mentions that primary reference of Barkovic does not disclose second limitation of claim 6. Examiner consulted the office action page # 10 and notice that examiner did not provide reference citation for this limitation. Examiner consider this a drafting error on examiner’s part however examiner consider applicant’s remark as moot because claim 6 has been rejected with new found reference and additionally the drafting error has been corrected. 
 
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 1-19 rejected under 35 U.S.C. 112(b), as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, regards as the invention.
Independent claim 1, preamble recites “A computer processor implemented method for processing content in a computing environment, comprising” and limitation # 1 recites receiving a request for a computing environment”. It is unclear for the examiner, if applicant is referring to the same “computing environment” in limitation # 1 which is mentioned in the preamble or to a different computing environment. Due to this, claim 1 has antecedent basis issues.
Similar issue has been observed in other independent claims 8 and 13 and therefore they are also rejected under 35 U.S.C. § 112(b) for lack of antecedent basis. 
The dependent claims of the independent claims included in the statement of rejection but not specifically addressed in the body of the rejection, have inherited the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, dependent claims are also rejected based on the same rationale as applied to their parent claims above.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the 

Claims 1-5, 8-10 and 13-17 are rejected under 35 U.S.C. 103 as being unpatentable over Barkovic et al., (US20190104156A1) in view of Lam et al., (US20180176254A1).
Regarding claims 1, 8 and 13, Barkovic discloses:
A computer processor implemented method for processing content in a computing environment, comprising:
receiving a request (i.e. to access configuration item (CI) scanner data) for a computing environment ([0072] The process 300 begins by retrieving CI 110 compliance data from SCA source integrations 132 (block 302). For example, an application programming interface (API) may be used to access CI 110 scanner data from the SCA sources);
responding to the request by separately loading, from a datastore (i.e. databases 108, 132, 134; FIG. 1), both compliance content (i.e. compliance data from SCA sources 132) referencing one or more controls (i.e. configuration items (CI) 110) in the computing environment and also remediation content (i.e. configuration recommendations from Auth Sources 134 for CI 110 security) (See Para [0059] the SCA sources 132 may provide scanning services that scan the CIs 110 for configuration data/settings; [0060] Additionally, authoritative source provider integrations 134 may provide electronic records indicative of certain configuration compliance requirements/recommendations; 
Examiner’s Note: It is inherent that since ‘compliance data 132’ and ‘Auth Sources 134’ are located in separate databases, they will apparently be loaded separately when called by the system and also read as separate cell in the memory), 
the compliance content comprising, for each control referenced (i.e. authoritative source provider integrations 134 may provide electronic records indicative of certain configuration compliance requirements/recommendations; para [0060]), one or more compliance values (i.e. such as NIST password criteria; para [0060]) each defining a current setting of a control in the computing environment for which the control is compliant with a policy (i.e. policies 402) enacted on the computing environment (i.e. authoritative source such as NIST/FISMA; para [0060]; Certain authoritative entities may release configuration recommendations for CI 110 security, which may be transposed into an electronic format, which is received by the platform 104; [0061] NIST and MST 800-53 are just one example of an authoritative source and its security recommendations. Many other authoritative sources and their security recommendations are also available for integration into the platform 104. The authoritative source integrations 134 may receive an electronic indication of the security recommendations for certain security standards; [0072] The process 300 begins by retrieving CI 110 compliance data from SCA source integrations 132 (block 302); [0074] FIG. 4 is a block diagram illustrating a Secure Configuration Assessment (SCA) dashboard 400, in accordance with an embodiment. In the illustrated embodiment, a widget 402 illustrates a number of policies 402, a widget 404 provides a number of configuration tests, a widget 406 provides a number of hosts, and widget 408 provides a number of configuration test results. Policies, as used herein, refers to a set of configuration tests. Configuration tests, as used herein, refer to individual configuration characteristics that are scanned for certain CIs 110), 
the remediation content comprising for each of the controls in the compliance content (FIG. 3; [0060] Certain authoritative entities may release configuration recommendations for CI 110 security, which may be transposed into an electronic format, which is received by the platform 104; [0061] NIST and MST 800-53 are just one example of an authoritative source and its security recommendations. Many other authoritative sources and their security recommendations are also available for integration into the platform 104. The authoritative source integrations 134 may receive an electronic indication of the security recommendations for certain security standards; [0072] The process 300 begins by retrieving CI 110 compliance data from SCA source integrations 132 (block 302); [0074] Configuration tests, as used herein, refer to individual configuration characteristics that are scanned for certain CIs 110. For example, one configuration test may be a particular configuration setting for a password expiration requirement, password complexity requirement, etc. Hosts, as used herein, relates to CIs 110 that the configuration tests apply to (e.g., the CIs 110 that are scanned)), both a remediation value defining a new setting of the control in the computing environment for which the current setting of the control is changed to (FIG. 27; [0116] As mentioned above, non-compliance and/or issue reporting via the widgets 2701, 2706, 2708, 2716, and 2718 may indicate that remedial measures should be taken. Accordingly, operations personnel may perform remedial measures (e.g., adjusting the password complexity requirements on the non-compliant CIs 110)), and 
also an ignore switch (i.e. policy exceptions) indicating whether the current setting of the control is ignored ([0118] FIG. 29 is an illustration of the Policy Exceptions tab 2900 of the GUI 2200 of FIG. 22, illustrating implementation of a policy exception for a policy statement … the short description indicates that an exception for the non-compliant CI 110 is needed, because it has an obsolete OS (e.g., that does not support complex passwords). The justification 3020 indicates that this remediation effort will take some time and, thus, an exception duration is needed);
scanning the computing environment to determine all controls in the computing environment and also the current setting for each control ([0059] the SCA sources 132 may provide scanning services that scan the CIs 110 for configuration data/settings. The configuration data/settings may be used to assess vulnerabilities of the CIs 110 … the SCA source integrations 132 may scan the CIs 110 for configuration information, such as password requirements (e.g., age, complexity, etc.) and provide an indication of these settings to the platform 104);
for each control in the determined subset of controls, determining and capturing from the compliance content and the remediation content, information regarding each control, the information including one or more of the current setting, the compliance value, the remediation value, whether the control is out of compliance, and whether or not there is the ignore switch ([0086] the remediation tab 720 may provide a detailed list of remediation steps broken down by the different technologies … the remediation tab may provide a list of remediation steps for these technologies, when the configuration test results indicate non-compliance (e.g., when the scanner receives values that are not in the set of expected values); [0123] FIG. 35 is a flowchart, illustrating a process 3500 for defining compliance status and risk, in accordance with an embodiment. The process 3500 begins by determining if the controls indicate non-compliance (decision block 3502). If the controls do not indicate non-compliance, the compliance status is compliant, resulting in a low risk, as the control non-compliance percentage 3509 used to weigh the risk will be 0% (block 3504)).
Barkovic fails to disclose:
	determining a subset of controls from all controls, wherein each control in the subset of controls is each of (1) out of compliance, (2) an out of compliance state is not to be ignored, and (3) a corresponding remediation value is defined in the loaded content for each control; on condition that the request is a scan request, storing the subset of controls and the captured information regarding each control, but on condition that the request is a remediation request, remediating each control in the subset of controls with a corresponding remediation value unless the control has the ignore switch in which case the remediation value is not applied to the control.
However, Lam discloses:
	determining a subset of controls from all controls (i.e. monitoring device compliance) ([0030] The flow chart 200 of FIG. 2 may be performed by compliance monitoring device 102 or any system configured to monitor device compliance, initiate actions in response to compliance issues, or a combination thereof; Also see FIG. 2; Step 210 for initiating a compliance scan based on policy), 
wherein each control in the subset of controls is each of (1) out of compliance (See FIG. 2; Step 220 checks compliance level is above a first threshold is determined), (2) an out of See FIG. 2; Steps 230 check whether the compliance level is above a second threshold is determined and if not it cannot be ignored), and (3) a corresponding remediation value is defined in the loaded content for each control (See FIG. 2; Step 240 where remediation actions are triggered or attempted) (Also See FIG. 2; [0037-0049] for monitor device compliance, initiate actions in response to compliance issues, or a combination thereof);
on condition that the request is a scan request (i.e. as disclosed in step 210 [0047]), storing the subset of controls and the captured information regarding each control ([0040] The logging information can include logging the compliance level and the results of the compliance scan for each rule; [0061] The processing device is further to perform a respective compliance scan of each of the plurality of devices based on the plurality of compliance rules and determine a respective compliance level for each of the plurality of devices; [0062] The action can include logging information associated with a device of the plurality of devices and sending a notification associated with a device of the plurality of devices), 
but on condition (i.e. as disclosed in steps 220 & 230 [0038] & [0042]) that the request is a remediation request, remediating each control in the subset of controls with a corresponding remediation value unless the control has the ignore switch (i.e. Grant limited access as per step 232) in which case the remediation value is not applied to the control ([0026] The actions may include restricting network access to a particular level (e.g., full, limited, or no network access), remediation actions (e.g., triggering patch systems or services, triggering update systems or services, triggering third party product action, etc.), informational actions (e.g., sending an email notification to a user or IT administrator or creating an IT ticket reflecting the level of compliance), and logging actions (e.g., logging or storing the compliance level); [0043] At block 232, limited network access is granted).
It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the reference of Barkovic and include automated compliance scanning device, as disclosed by Lam.
The motivation to include automated compliance scanning and monitoring device is to scan and remediate end user devices to ensure compliance is maintained.
Regarding claim 8, it is a system claim and recites the same concept as claim 1 and therefore rejected on same grounds.
	Regarding claim 13, it is a computer program product comprising a non-transitory computer readable claim and recites the same concept as claim 1 and therefore rejected on same grounds.
Regarding claims 2, 9 and 14, the combination of Barkovic and Lam discloses:
	The method of claim 1, wherein one or more of the one or more controls referenced in the loaded content further includes an accepted non-compliance switch indicating a non-compliant state is acceptable despite a determination that a current setting of a non-compliant control does not match the compliance value for the corresponding control listed in the loaded content (Barkovic: [0123]).
Regarding claim 9, it is a system claim and recites the same concept as claim 2 and therefore rejected on same grounds. 
14 it is a computer program product comprising a non-transitory computer readable medium claim and recites the same concept as claim 2 and therefore rejected on same grounds. 
Regarding claims 3, 10 and 15, the combination of Barkovic and Lam discloses:
The method of claim 1, further comprising generating a report based upon the captured information for each control in the subset of controls (Barkovic: [0106]).
Regarding claim 10, it is a system claim and recites the same concept as claim 3 and therefore rejected on same grounds. 
	Regarding claim 15, it is a computer program product comprising a non-transitory computer readable medium claim and recites the same concept as claim 3 and therefore rejected on same grounds. 
Regarding claims 4 and 16, the combination of Barkovic and Lam discloses:
	The method of claim 1, wherein determining the subset of controls from all controls comprises determining whether each control in the subset of controls is out of compliance by comparing the current setting of one of the all controls with the compliance value corresponding to the one of the all controls in the loaded content and on condition that the current setting and the compliance value do not match, determining that the one control is out of compliance (Barkovic: FIG. 19; [110]).
	Regarding claim 16, it is a computer program product comprising a non-transitory computer readable medium claim and recites the same concept as claim 4 and therefore rejected on same grounds. 
Regarding claims 5 and 17, the combination of Barkovic and Lam discloses:
Barkovic: [0110]).
	Regarding claim 17, it is a computer program product comprising a non-transitory computer readable medium claim and recites the same concept as claim 5 and therefore rejected on same grounds. 

Claims 6-7, 11-12 and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Barkovic et al., (US20190104156A1) in view of Lam et al., (US20180176254A1) and further in view of ANIMIREDDYGARI et al., (US20190188380A1) hereinafter referred as “ANIM”.
Regarding claims 6, 11 and 18, Barkovic discloses:
	The method of claim 1, further comprising:
determining that the received request is a remediate request ([0113] A second widget 2706 may provide an indication of compliant and non-compliant controls for each of the policy statements. Here, all of the controls associated with the policy statements are non-compliant, which indicates that remediation is needed).
Barkovic fails to teach:
the subset of controls including only controls in the computing environment determined to be out of compliance, the out of compliance state is not to be ignored, and the corresponding remediation value is defined in the loaded content for each control and also the 
However, Lam discloses:
the subset of controls including only controls in the computing environment determined to be out of compliance, the out of compliance state is not to be ignored, and the corresponding remediation value is defined in the loaded content for each control and also the current state of these controls (Lam: See FIG. 2; Step 240 “Trigger or Attempt Remediation”; [0042] If the compliance level is not above the first threshold, block 240 is performed; [0048] At block 240, remediation actions are triggered or attempted. The actions may include the actions described herein (e.g., described with respect to block 224). In some embodiments, the device that has a compliance level below the first and second thresholds is not granted network access or relatively restricted network access. Block 242 may be performed after one or more attempts at remediation have been performed; [0049] At block 242, network access is restricted).
The combination of Barkovic and Lam fails to disclose:
	in response to remediation request, creating a synchronous rollback file of the contents.
However, ANIM discloses:
	in response (i.e. interception request to make changes to one or more files) to remediation request, creating (i.e. create a restore copy of one or more files that is about to be changed) a synchronous rollback file of the contents (See FIG. 3; Steps 302 & 304; [0044] at 302, the computing device, which includes at least one processor and a system cache (e.g., the cache 202 shown in FIG. 2) is configured to store file modification information and intercept I/O requests to write to one or more files … the computing device stores a copy of the file in the cache before the file is modified. Thus, a previous version of the file is stored in cache immediately before the system writes to the file; [0045] at 304, the computing device stores, as file restore data, a restore copy of the one or more files to the system cache prior to performing write operations of the I/O requests and also stores identification information for one or more processes or entities making the corresponding I/O requests in the system cache).
	It would have been obvious to one of the ordinary person skilled in the art before the effective filing date of the claimed invention to modify the references of Barkovic and Lam and have a system which creates a restore copy of the one or more files to system cache prior to performing write operations, as disclosed by ANIM. 
	The motivation to create a restore copy of system files is to be able to revert to the restore copy incase system files is modified by a malware during write operations. 
Regarding claim 11, it is a system claim and recites the same concept as claim 6 and therefore rejected on same grounds. 
	Regarding claim 18, it is a computer program product comprising a non-transitory computer readable medium claim and recites the same concept as claim 6 and therefore rejected on same grounds. 
Regarding claims 7, 12 and 19, the combination of Barkovic, Lam and ANIM discloses:
The method of claim 6, further comprising:
on condition that administrative-level permissions have been acquired, remediating the current setting of each control in the subset of controls to the corresponding remediation value defined in the loaded content for each control (Barkovic: [0116] As mentioned above, non-compliance and/or issue reporting via the widgets 2701, 2706, 2708, 2716, and 2718 may indicate that remedial measures should be taken. Accordingly, operations personnel may perform remedial measures (e.g., adjusting the password complexity requirements on the non-compliant CIs 110)).
Regarding claim 12, it is a system claim and recites the same concept as claim 7 and therefore rejected on same grounds. 
	Regarding claim 19, it is a computer program product comprising a non-transitory computer readable medium claim and recites the same concept as claim 7 and therefore rejected on same grounds. 
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SYED M AHSAN whose telephone number is (571)272-5018.  The examiner can normally be reached on 8:30 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffery L. Nickerson can be reached on 469-295-9235.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished 
/S.M.A./Patent Examiner, Art Unit 2432       
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432