Detailed Action
Notice of Pre-AIA  or AIA  Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

 Response to Arguments
3. 	Applicant’s arguments filed on 03/01/2021 have been fully considered but they are not persuasive.  

Applicant’s arguments with respect to claims 1, 5, 10, 11 and 15 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

A – Applicant Argues: On page 7-12 of remarks of Applicant submits that the references and, in particular, Thomas does not teach (1) “determining a mapping of cloud assets to cloud resources deployed in cloud native environment.”  With respect to point (1), Applicant submits that a user is neither a cloud asset nor a cloud resource as would be understood by a person 

A – The Examiner respectfully disagrees: Thomas teaches mapped of cloud assets to the plurality of cloud computing facilities [Thomas, paragraph 63] the client may now have access to the cloud computing facility, such as through encrypted tunnels. In addition, data being transferred from the client 208 to the cloud computing facility [Thomas, paragraph 60]. Virtual images and patterns that can be securely deployed and managed within private or on-premise cloud computing environments [Chao, paragraph 65]. Thomas teaches security access protection of a user’s data as stored in cloud-computing facilities. Chao teaches the deployment in cloud native environment. The combination of Thomas-Chao teach the limitations as written. 


Applicant is reminded that claims must be given their broadest reasonable interpretation.


Claim Rejections - 35 USC § 103
4. In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


5. Claims 1-4, 9-14, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Thomas (US 20140020072 A1) and Chao (US 20140317716 A1) in view of Megahed (US 2019/0147089 A1)

6. Regarding Claim 1, Thomas discloses, a method for protecting cloud native environments based on cloud resource access, comprising: determining a mapping of a plurality of cloud assets to a plurality of cloud resources based on resource access data for a cloud native environment(Thomas, ¶[0005], In embodiments, the present invention may provide for a method and system including storing a plurality of proxy access credentials for a user to securely access each of a plurality of cloud computing facilities;), 
Thomas does not explicitly disclose the following limitations
that Chao teaches:
wherein the plurality of cloud assets and the plurality of cloud resources are deployed in the cloud native environment(Chao, ¶[0065], In operation, the appliance can provision standard and customized middleware virtual images and patterns that can be securely deployed and managed within private or on-premise cloud computing environments.), 
It would have been obvious for one of ordinary skill
in the art before the effective filing date of the claimed
invention to have modified Thomas to incorporate the teachings of Chao to modify and deploy the plurality of cloud assets to enhance security.
wherein each of the plurality of cloud assets is mapped to at least one associated cloud resource of the plurality of cloud resources(Thomas, ¶[0065], The proxy credential may be a randomly generated credential mapped to the plurality of cloud computing facilities, common for all of the plurality of cloud computing facilities, different for each of the plurality of cloud computing facilities, and the like.) 
Thomas and Chao does not explicitly disclose the following limitations that Megahed teaches:
wherein the resource access data includes historical resources accessed by each of the plurality of cloud assets (Megahed, Claim 7, wherein the historical data regarding historical time periods during which the plurality of cloud application instances were executing includes an actual number of queries serviced by each of the plurality of cloud application instances during each of the one or more historical time periods.); 
It would have been obvious for one of ordinary skill
in the art before the effective filing date of the claimed
invention to have modified Thomas in view of Chao to
incorporate the teachings of Megahed to include historical resources that are access by a plurality of cloud assets to enhance security. 

detecting at least one improper resource access based on the mapping and a cloud access security stream for the cloud native environment(Thomas, ¶[0063], a sixth step 414 of assessing a security state of the client device to determine if the client is in compliance with a security policy;), wherein each of the at least one improper resource access deviates from the mapping(Thomas, ¶[0058], In embodiments, the present invention may prevent unauthorized access to the cloud service by a device based on its type, state, and the like, using a cloud security service that proxies identity;); and performing at least one mitigation action with respect to the detected at least one improper resource access (Thomas, ¶[0037], The remedial action facility may carry out any commands that are received or parsed from a data file from the facility without performing any interpretation of the commands).

7. Regarding Claim 2, Thomas and Chao in view of Megahed discloses, a method of claim 1, wherein the mapping further indicates credentials used for accessing the plurality of cloud resources by each of the plurality of cloud assets (Thomas, ¶[0057], The user’s name and password may terminate at the cloud security service, which may randomly generate credentials and map those credentials to access the cloud service. That is, even if the user knows the user name and password, they may have to use the cloud security service to access the cloud service), wherein the at least one improper resource access includes at least one deviation from the mapping with respect to the credentials (Chaos ¶[0064], This physical security enables the appliance to serve as a secure vault for credentials, which can be tied to virtual images throughout their entire lifecycle (in storage, being dispensed, running in the cloud, or being removed from the cloud).). 
It would have been obvious for one of ordinary skill
in the art before the effective filing date of the claimed
invention to have modified Thomas to incorporate the teachings of Chao to modify the polarity of cloud computing facilities and to prevent unauthorized access to cloud by using a cloud security service. 

8. Regarding Claim 3, Thomas and Chao in view of Megahed discloses, the method of claim 1, wherein the at least one improper resource access includes a first cloud asset of the plurality of cloud assets accessing a first cloud resource of the plurality of cloud resources(Thomas, ¶[0005],  In embodiments, the present invention may provide for a method and system including storing a plurality of proxy access credentials for a user to securely access each of a plurality  of cloud computing facilities; receiving a request from a client device for access to one of the plurality of cloud computing facilities;), wherein the first cloud asset is not mapped to the first cloud resource (Thomas, ¶[0038], This may provide the capability of not allowing a streaming file or portions of the streaming file containing malicious code from entering the client facility 144, gateway facility, or network).

9. Regarding Claim 4, Thomas and Chao in view of Megahed discloses, the method of claim 1, wherein the at least one improper resource access includes an unknown cloud asset accessing one of the plurality of cloud resources, wherein the unknown cloud asset is not among the plurality of cloud assets (Thomas, ¶ [0057], The customer may set policies about which devices are able to access the cloud service, about the state of a client device (such as assessing the state of the client device as part of an authorization step), and the like. Unauthorized devices may not be able to access the customer's cloud service as the cloud security service will proxy access, such as through the identity and authentication of the user.).


11. Regarding Claim 9, Thomas and Chao in view of Megahed discloses, wherein the cloud access security stream includes at least one of: a plurality of Internet Protocol addresses of entities accessing each of the plurality of cloud resources, credentials used by each of the entities to access the plurality of cloud resources, and a plurality of authentication requests (Thomas, ¶[0059], Referring to FIG. 2, in embodiments the present invention may provide for an Internet cloud computing security protection method, system, and apparatus, where a user accessing at least one cloud computing facility 204 through a client device 208 is provided with security protection through a proxy server 202 providing a computer security service. The client 208 may be a mobile device 208A, client on an enterprise network 208B, and the like, where the client 208 accesses the cloud computing facilities 204 through the proxy server 202. Clients 218 may be blocked if they attempt an unauthorized direct access to the cloud computing facility 204 as the user of the client isn't aware of the proxied credentials to access 204. Client 208 through the proxy server 202 may be accompanied by authorization (e.g. through query of the client device state, access credentials for accessing the cloud security service).).

12. Regarding Claim 10, Thomas and Chao in view of Megahed discloses, a non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute a process, the process comprising: determining a mapping of a plurality of cloud assets to a plurality of cloud resources based on resource access data for a cloud native environment(Thomas, ¶[0005], In embodiments, the present invention may provide for a method and system including storing a plurality of proxy access credentials for a user to securely access each of a plurality of cloud computing facilities;), wherein the plurality of cloud assets and the plurality of cloud resources are deployed in the cloud native environment(Chao, ¶ [0065], In operation, the appliance can provision standard and customized middleware virtual images and patterns that can be securely deployed and managed within private or on-premise cloud computing environments.), wherein each of the plurality of cloud assets is mapped to at least one associated cloud resource of the plurality of cloud resources(Thomas, ¶[0065], The proxy credential may be a randomly generated credential mapped to the plurality of cloud computing facilities, common for all of the plurality of cloud computing facilities, different for each of the plurality of cloud computing facilities, and the like.) wherein the resource access data includes historical resources accessed by each of the plurality of cloud assets (Megahed, Claim 7, wherein the historical data regarding historical time periods during which the plurality of cloud application instances were executing includes an actual number of queries serviced by each of the plurality of cloud application instances during each of the one or more historical time periods.); detecting at least one improper resource access based on the mapping and a cloud access security stream for the cloud native environment(Thomas, ¶[0063], a sixth step 414 of assessing a security state of the client device to determine if the client is in compliance with a security policy;), wherein each of the at least one improper resource access deviates from the mapping(Thomas, ¶[0058], In embodiments, the present invention may prevent unauthorized access to the cloud service by a device based on its type, state, and the like, using a cloud security service that proxies identity;); and performing at least one mitigation action with respect to the detected at least one improper resource access (Thomas, ¶[0037], The remedial action facility may carry out any commands that are received or parsed from a data file from the facility without performing any interpretation of the commands).

13. Regarding Claim 11, Thomas and Chao in view of Megahed discloses, a system for cloud native discovery and protection, comprising: a processing circuitry; and a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: determining a mapping of a plurality of cloud assets to a plurality of cloud resources based on resource access data for a cloud native environment(Thomas, ¶[0005], In embodiments, the present invention may provide for a method and system including storing a plurality of proxy access credentials for a user to securely access each of a plurality of cloud computing facilities;), wherein the plurality of cloud assets and the plurality of cloud resources are deployed in the cloud native environment(Chao, ¶ [0065], In operation, the appliance can provision standard and customized middleware virtual images and patterns that can be securely deployed and managed within private or on-premise cloud computing environments.), wherein each of the plurality of cloud assets is mapped to at least one associated cloud resource of the plurality of cloud resources(Thomas, ¶[0065], The proxy credential may be a randomly generated credential mapped to the plurality of cloud computing facilities, common for all of the plurality of cloud computing facilities, different for each of the plurality of cloud computing facilities, and the like. ), wherein the resource access data includes historical resources accessed by each of the plurality of cloud assets (Megahed, Claim 7, wherein the historical data regarding historical time periods during which the plurality of cloud application instances were executing includes an actual number of queries serviced by each of the plurality of cloud application instances during each of the one or more historical time periods.); detect at least one improper resource access based on the mapping and a cloud access security stream for the cloud native environment (Thomas, ¶[0063], a sixth step 414 of assessing a security state of the client device to determine if the client is in compliance with a security policy;), wherein each of the at least one improper resource access deviates from the mapping(Thomas, ¶[0058], In embodiments, the present invention may prevent unauthorized access to the cloud service by a device based on its type, state, and the like, using a cloud security service that proxies identity;); and performing at least one mitigation action with respect to the detected at least one improper resource access (Thomas, ¶[0037], The remedial action facility may carry out any commands that are received or parsed from a data file from the facility without performing any interpretation of the commands).

14. Regarding Claim 12, Thomas and Chao in view of Megahed discloses, wherein the mapping further indicates credentials used for accessing the plurality of cloud resources by each of the plurality of cloud assets (Thomas, ¶[0057], The user’s name and password may terminate at the cloud security service, which may randomly generate credentials and map those credentials to access the cloud service. That is, even if the user knows the user name and password, they may have to use the cloud security service to access the cloud service), wherein the at least one improper resource access includes at least one deviation from the mapping with respect to the credentials (Chaos ¶[0064], This physical security enables the appliance to serve as a secure vault for credentials, which can be tied to virtual images throughout their entire lifecycle (in storage, being dispensed, running in the cloud, or being removed from the cloud).). 

15. Regarding Claim 13, Thomas and Chao in view of Megahed discloses, wherein the at least one improper resource access includes a first cloud asset of the plurality of cloud assets accessing a first cloud resource of the plurality of cloud resources(Thomas, ¶[0005],  In embodiments, the present invention may provide for a method and system including storing a plurality of proxy access credentials for a user to securely access each of a plurality  of cloud computing facilities; receiving a request from a client device for access to one of the plurality of cloud computing facilities;), wherein the first cloud asset is not mapped to the first cloud resource (Thomas, ¶[0038], This may provide the capability of not allowing a streaming file or portions of the streaming file containing malicious code from entering the client facility 144, gateway facility, or network).

16. Regarding Claim 14, Thomas and Chao in view of Megahed discloses, wherein the at least one improper resource access includes an unknown cloud asset accessing one of the plurality of cloud resources, wherein the unknown cloud asset is not among the plurality of cloud assets (Thomas, ¶ [0057], The customer may set policies about which devices are able to access the cloud service, about the state of a client device (such as assessing the state of the client device as part of an authorization step), and the like. Unauthorized devices may not be able to access the customer's cloud service as the cloud security service will proxy access, such as through the identity and authentication of the user.).

18. Regarding Claim 19, Thomas and Chao in view of Megahed discloses, wherein the cloud access security stream includes at least one of: a plurality of Internet Protocol addresses of entities accessing each of the plurality of cloud resources, credentials used by each of the entities to access the plurality of cloud resources, and a plurality of authentication requests (Thomas, ¶[0059], Referring to FIG. 2, in embodiments the present invention may provide for an Internet cloud computing security protection method, system, and apparatus, where a user accessing at least one cloud computing facility 204 through a client device 208 is provided with security protection through a proxy server 202 providing a computer security service. The client 208 may be a mobile device 208A, client on an enterprise network 208B, and the like, where the client 208 accesses the cloud computing facilities 204 through the proxy server 202. Clients 218 may be blocked if they attempt an unauthorized direct access to the cloud computing facility 204 as the user of the client isn't aware of the proxied credentials to access 204. Client 208 through the proxy server 202 may be accompanied by authorization (e.g. through query of the client device state, access credentials for accessing the cloud security service).).

Claims 5, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Thomas (US 20140020072 A1), Chao (US 20140317716 A1) and Megahed (US 2019/0147089 A1) in view of
Simca (10,110,600 B1)

10. Regarding Claim 5, Thomas and Chao, Megahed, and Simca disclose, the method of claim 1, further comprising: Page 16 of 25TWSK P1398determining, based on the resource access data, an improperly configured cloud asset of the plurality of cloud assets, wherein the improperly configured cloud asset is configured to access an unnecessary cloud resource of the plurality of cloud resources, wherein the unnecessary cloud resource has been accessed by the improperly configured cloud asset below a threshold number of times (Simca, Col. 3 lines 35-45 According to a disclosed embodiment, the trusted server and spun up asset are in different system environments within the changing asset-to-asset cloud communication environment. According to a disclosed embodiment, the trained baseline context for the trusted server includes a first rule that a first one of the access rights may not be changed and second rule that a second one of the access rights may be changed within a defined threshold of variance. Col. 19 Lines 31-37, the creation and activity of assets in the cloud environment may differ significantly from what is expected during regular operation of the cloud environment. In some embodiments, changes to certain access rights (e.g., highly sensitive access rules) in the context may be restricted to times when the context is in maintenance mode, in order to prevent improper tampering with the context.)	
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to configure a threshold number of times that it takes to improperly access a cloud asset.

17. Regarding Claim 15, Thomas and Chao, Megahed, and Simca disclose, wherein the system in further configured to: determine, based on the resource access data, an improperly configured cloud asset of the plurality of cloud assets, wherein the improperly configured cloud asset is configured to access an unnecessary cloud resource of the plurality of cloud resources, wherein the unnecessary cloud resource has been accessed by the improperly configured cloud asset below a threshold number of times(Simca, Col. 3 lines 35-45 According to a disclosed embodiment, the trusted server and spun up asset are in different system environments within the changing asset-to-asset cloud communication environment. According to a disclosed embodiment, the trained baseline context for the trusted server includes a first rule that a first one of the access rights may not be changed and second rule that a second one of the access rights may be changed within a defined threshold of variance. Col. 19 Lines 31-37, the creation and activity of assets in the cloud environment may differ significantly from what is expected during regular operation of the cloud environment. In some embodiments, changes to certain access rights (e.g., highly sensitive access rules) in the context may be restricted to times when the context is in maintenance mode, in order to prevent improper tampering with the context.)

19. Claims 6-8 and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over Thomas (US 20140020072 A1), Chao (US 20140317716 A1), Megahed (US 2019/0147089 A1) and Simca (10,110,600 B1)in view of Sarukkai (US 10771469 B1)

20. Regarding Claim 6, Thomas, Chao, Megahed, and Simca in view of Sarukkai disclose, 
Thomas, Chao, Megahed, and Simca does not explicitly teach the
following limitations that Sarukkai teaches:
the method of claim 5, wherein the mitigation actions further include reconfiguring the improperly configured cloud asset(Sarukkai, Col. 4 lines 10-15, The cloud service security system 40 may perform monitoring functions including performing configuration audits to determine whether the application instances created by the account at the cloud computing service are configured  correctly. ), wherein the reconfigured cloud asset is not configured to access the at least one unnecessary resource (Sarukkai, Col. 7, lines 35-40,  In one example, the configuration audit may detect that an instance of an application on the cloud computing service has not been configured correctly and the method 150 may alert the user or system administrator to take corrective action.).
It would have been obvious for one of ordinary skill
in the art before the effective filing date of the claimed
invention to have modified Thomas, Chao, Megahed, and Simca to
incorporate the teachings of Sarukkai to modify the polarity of cloud computing facilities and to prevent unauthorized access to cloud by using a cloud security service. 

21. Regarding Claim 7, Thomas, Chao, Megahed, and Simca in view of Sarukkai disclose, 
Thomas, Chao, Megahed, and Simca does not explicitly teach the
following limitations that Sarukkai teaches:
the method of claim 1, further comprising: detecting presence of at least one set of unnecessary credentials in the cloud native environment, wherein the at least one improper resource access includes the presence of the at least one set of unnecessary credentials, wherein the at least one set of unnecessary credentials includes at least one of (Sarukkai, Col. 7, lines 20-30, In the event that the account is determined  to be a managed or authorized account, the method 150 allows the managed account to make console access  at the destination cloud computing service (156). However, in the event that the account is determined  to be an unmanaged or unauthorized account, the method 150 initiates a work flow to put the account under management. More specifically, the method 150 redirects the user device to a registration portal (158). In some embodiments, the registration portal is served by the cloud service security system 40. Through the registration portal, the method 150 requests the credentials for the unauthorized/unmanaged account (160). The method 150 then receives the credentials for the unauthorized /unmanaged account (162). ): a set of credentials stored in a user folder, a set of credentials that has not been used in at least a threshold period of time, and a set of credentials stored by a user who is not authorized to store credentials (Thomas, ¶[0058], In embodiments, the present invention may prevent unauthorized access to the cloud service by a device based on its type, state, and the like, using a cloud security service that proxies identity; provide single credentials access for a customer to various cloud services from a cloud security service; provide a multi-factor authentication, access control, and encryption to a plurality of cloud services; provide a cloud security service for a customer accessing a plurality of cloud services; prevent unauthorized  device access, restrict access to the cloud  services (e.g. as a function of user , device state) via a policy, encrypt and/or tokenize data before being stored in the cloud service, and the like; provide anonymous/pseudonym-based access for a user to various cloud services from a cloud security service (i.e., if more than one user is authorized to access the cloud services); prevent access to a cloud service from a vulnerable network environment, such as based on location, detection of `man-in-the-middle` attack; and the like.).
It would have been obvious for one of ordinary skill
in the art before the effective filing date of the claimed
invention to have modified Thomas, Chao, Megahed, and Simca to
incorporate the teachings of Sarukkai to modify the pluarity of cloud computing facilities and to prevent unauthorized access to cloud by using a cloud security service. 

22. Regarding Claim 8, Thomas, Chao, Megahed, and Simca in view of Sarukkai disclose, further comprising: obtaining the resource access data, wherein obtaining the resource access data includes at least one of: retrieving a list of permissions for each of the plurality of cloud assets, querying a metadata application programming interface for credentials used by the plurality of cloud assets(Thomas, ¶[0063], A transfer of data from the one of the plurality of cloud computing facilities to the client device may be provided, wherein the data that is transferred is at least one of de-tokenized, decrypted, and the like. The access credential may include a username, a password, and the like. The security policy may enable the user to create an access rule, where the access rule may determine a of authorized client devices, may be a plurality of authorized user, and the like. The proxy credential may be a randomly generated credential mapped to the plurality of cloud computing facilities, common for all of the plurality of cloud computing facilities, different for each of the plurality of cloud computing facilities, and the like.), 
Thomas, Chao, Megahed, and Simca does not explicitly teach the
following limitations that Sarukkai teaches:
accessing historical access data for a cloud provider of the cloud native environment, checking credential use stored in memory (Sarukkai, Col. Lines 25-30, The method 150 further stores the account identifier (such as the user ID) and the credentials and other metadata in the managed account database), and retrieving historical authentication information from at least one firewall deployed in the cloud native environment (Thomas, [0016], The threat, no matter how it is categorized, may need to be stopped at various points of a networked computing environment, such as one of an enterprise facility 102, including at one or more laptops, desktops, servers, gateways, communication ports, handheld or mobile devices, firewalls, and the like).
It would have been obvious for one of ordinary skill
in the art before the effective filing date of the claimed
invention to have modified Thomas, Chao, Megahed, and Simca to
incorporate the teachings of Sarukkai to modify the credientials that are stored in memory when accessing historical data for the cloud provider.

23. Regarding Claim 16, Thomas, Chao, Megahed, and Simca in view of Sarukkai disclose, wherein the mitigation actions further include reconfiguring the improperly configured cloud asset(Sarukkai, Col. 4, The cloud service security system 40 may perform monitoring functions including performing configuration audits to determine whether the application instances created by the account at the cloud computing service are configured  correctly. ), wherein the reconfigured cloud asset is not configured to access the at least one unnecessary resource (Sarukkai, Col. 7, lines 35-40, In one example, the configuration audit may detect that an instance of an application on the cloud computing service has not been configured correctly and the method 150 may alert the user or system administrator to take corrective action.).

24. Regarding Claim 17, Thomas, Chao, Megahed, and Simca in view of Sarukkai disclose, further configured: detect presence of at least one set of unnecessary credentials in the cloud native environment, wherein the at least one improper resource access includes the presence of the at least one set of unnecessary credentials, wherein the at least one set of unnecessary credentials includes at least one of (Sarukkai, Col. 7, lines 20-30, In the event that the account is determined  to be a managed or authorized account, the method 150 allows the managed account to make console access  at the destination cloud computing service (156). However, in the event that the account is determined  to be an unmanaged or unauthorized account, the method 150 initiates a work flow to put the account under management. More specifically, the method 150 redirects the user device to a registration portal (158). In some embodiments, the registration portal is served by the cloud service security system 40. Through the registration portal, the method 150 requests the credentials for the unauthorized/unmanaged account (160). The method 150 then receives the credentials for the unauthorized /unmanaged account (162). ): a set of credentials stored in a user folder, a set of credentials that has not been used in at least a threshold period of time, and a set of credentials stored by a user who is not authorized to store credentials (Thomas, ¶[0058], In embodiments, the present invention may prevent unauthorized access to the cloud service by a device based on its type, state, and the like, using a cloud security service that proxies identity; provide single credentials access for a customer to various cloud services from a cloud security service; provide a multi-factor authentication, access control, and encryption to a plurality of cloud services; provide a cloud security service for a customer accessing a plurality of cloud services; prevent unauthorized  device access, restrict access to the cloud  services (e.g. as a function of user , device state) via a policy, encrypt and/or tokenize data before being stored in the cloud service, and the like; provide anonymous/pseudonym-based access for a user to various cloud services from a cloud security service (i.e., if more than one user is authorized to access the cloud services); prevent access to a cloud service from a vulnerable network environment, such as based on location, detection of `man-in-the-middle` attack; and the like.).

25. Regarding Claim 18, Thomas, Chao, Megahed, and Simca in view of Sarukkai disclose, further configured: obtaining the resource access data, wherein obtaining the resource access data includes at least one of: retrieving a list of permissions for each of the plurality of cloud assets, querying a metadata application programming interface for credentials used by the plurality of cloud assets(Thomas, ¶[0063], A transfer of data from the one of the plurality of cloud computing facilities to the client device may be provided, wherein the data that is transferred is at least one of de-tokenized, decrypted, and the like. The access credential may include a username, a password, and the like. The security policy may enable the user to create an access rule, where the access rule may determine a of authorized client devices, may be a plurality of authorized user, and the like. The proxy credential may be a randomly generated credential mapped to the plurality of cloud computing facilities, common for all of the plurality of cloud computing facilities, different for each of the plurality of cloud computing facilities, and the like.), accessing historical access data for a cloud provider of the cloud native environment, checking credential use stored in memory (Sarukkai, Col. Lines 25-30, The method 150 further stores the account identifier (such as the user ID) and the credentials and other metadata in the managed account database), and retrieving historical authentication information from at least one firewall deployed in the cloud native environment (Thomas, [0016], The threat, no matter how it is categorized, may need to be stopped at various points of a networked computing environment, such as one of an enterprise facility 102, including at one or more laptops, desktops, servers, gateways, communication ports, handheld or mobile devices, firewalls, and the like).

Conclusion

26. 	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
 Any inquiry concerning this communication or earlier
communications from the examiner should be directed to MAYASA
SHAAWAT whose telephone number is (571)272-3939. The examiner
can normally be reached on M-F, 8 AM TO 5 PM. If attempts to
reach the examiner by telephone are unsuccessful, the examiner's
supervisor, JEFFREY PWU can be reached on (571)272-6789. The fax
phone number for the organization where this application or
proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person,
and video conferencing using a USPTO supplied web-based
collaboration tool. To schedule an interview, applicant is
encouraged to use the USPTO Automated Interview Request (AIR) at
http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be
obtained from the Patent Application Information Retrieval
(PAIR) system. Status information for published applications
may be obtained from either Private PAIR or Public PAIR. Status
information for unpublished applications is available through
Private PAIR only. For more information about the PAIR system,
see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have
questions on access to the Private PAIR system, contact the
Electronic Business Center (EBC) at 866-217-9197 (toll-free). If
you would like assistance from a USPTO Customer Service
Representative or access to the automated information system,
call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MAYASA SHAAWAT/
Examiner, Art Unit 2433

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433