Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the Amendment filed on 03/22/2021.
In the instant Amendment, No claim has been amended or added. Claims 1, 11 and 20 are independent claims.  Claims 1-4, 6-14 and 16-20 have been examined and are pending.  This Action is made FINAL.
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 03/22/2021 and 12/29/2020, are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Response to Arguments
Applicants’ arguments in the instant Amendment, filed on 03/22/2021, with respect to limitations listed below, have been fully considered but they are not persuasive.
 Applicant’s arguments: Applicant asserts that Roozen does not teach "configuring a protection account specific to the user" or "generating a protection portal for the user," as recited in claim 1.
enables the consumer to subscribe to UGC accounts associated with the identified contributors. For example, the consumer can use the social rank service to subscribe to a Twitter feed associated with one of the identified contributors (a protection account specific to the user). See also par. 0018. Therefore, Roozen does disclose configuring a protection account specific to the user.
Applicant’s arguments: Applicant asserts that neither Roozen, Foster, nor any combination thereof teaches "receiving, via a selection by the user within the protection portal, one or more thresholds associated with one or more types of security risks;" or "in response to identifying a security risk above the security risk's associated threshold, providing one or more alerts to the user on the protection portal, wherein the one or more alerts identify security risks associated with one or more of the user's social network accounts," as recited in claim 1.
The Examiner disagrees with the Applicants. The Examiner respectfully submits that the combination of Roozen and Foster, does teach receiving, via a selection by the user within the protection portal, one or more thresholds associated with one or more types of security risks and in response to identifying a security risk above the security risk's associated threshold, providing one or more alerts to the user on the protection portal, wherein the one or more alerts identify security risks associated with one or a particular social risk threshold associated with a particular user, organization or entity. A user provided with an option to select multiple risk thresholds. A user for example, specify as a threshold for determining that a risk is "very high" and 75 as a threshold for determining that a risk is "high.". See also par. 0127.  Therefore, the combination of Roozen and Foster, does teach receiving, via a selection by the user within the protection portal, one or more thresholds associated with one or more types of security risks.
Further as seen in paragraphs 0026, 0041and 0078 of Foster. Foster teaches that the security analysis engine compare the social risk score that is associated with the social entity in social risk database 104 to a social risk threshold that is associated with the user 106 (209), and determine whether the social risk score exceeds the social risk threshold (211). If the social risk score that is associated with the social entity exceeds the social risk threshold that is associated with the user 106, the security analysis engine initiate an appropriate security action (213). A security action include generating an alert and proving the generated alert to the protected social entity. Foster teaches that based on the result of analysis, the algorithm can score the risk posed by the social entity, and can recommend or take appropriate security action based on a comparison of the social risk score to a social risk threshold. A security action include generating an alert and proving the generated alert to the protected social entity. See also par. 0031, 0036-0038, 0045 and 0055). Therefore, the (security action) to the user on the protection portal, wherein the one or more alerts identify security risks associated with one or more of the user's social network accounts (based on the result of analysis and can recommend security action).
Independent claims 11 and 20 are directed to a method that perform a method at least similar to that disclosed in claim 15 and claims 2-4, 6-10, 12-14 and 16-19 depend from claims 1 and 11. Thus Applicants’ arguments with respect to claims 1-4, 6-10, 12-14 and 16-20, have been fully considered but they are not persuasive for at least the reasons explained above with respect to claim 1.
Thus, all the limitations are still obvious over the prior art of record. Please see the rejection below.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences 
Claims 1-4, 6-14, and 16-20 are rejected under 35 U.S.C. 103 as being unpatentable over Roozen (US 2013/0117284) and in view of Foster (US 2014/0337973).
Regarding claim 1, Roozen discloses a computer-implemented method comprising: generating, by one or more processors, an activation request (Roozen par. 0031 and Fig.3. Roozen teaches that the social rank service provides an account claiming interface to the contributor);
 receiving, from a user device, an activation confirmation (Roozen par. 0032 and Fig.3. Roozen teaches that receives input from the contributor to claim a UGC account); 
configuring a protection account specific to the user (to subscribe to a Twitter feed associated with one of the identified contributors) (Roozen par. 0027 and 0032. Roozen teaches that the UGC service prompt the contributor to provide a username and password before allowing the social rank service 200 to access the contributor's status updates. For example, the consumer can use the social rank service to subscribe to a Twitter feed associated with one of the identified contributors), wherein configuring the protection account comprises: identifying one or more of the user's social network accounts (Roozen par. 0027. Roozen teaches that the social rank service enables the consumer to subscribe to UGC accounts associated with the identified contributors. For example, the consumer can use the social rank service to subscribe to a Twitter feed associated with one of the identified contributors. See also par. 0018); 
(Roozen par. 0032-0033 and Fig.3. Roozen teaches that the UGC service prompt the contributor to provide a username and password before allowing the social rank service to access the contributor's status updates. Subsequently, the social rank service receives an access response from the UGC service. The access response indicates whether the social rank service 200 has been granted access to the UGC account); and 
generating a portal for the user (digital profile that is comprised of multiple "social media profiles"); providing a link to the portal to the user (Roozen par. 0034 and 0036. Roozen teaches that provides a topic association interface to the contributor (320). The topic association interface includes controls that allow the contributor to associate various topics with claimed UGC accounts. The user can claim multiple profiles and combine them under one account. This allows a user to increase their score by creating a more comprehensive "digital profile" that is comprised of multiple "social media profiles" from other networks. See also par. 0031 and 0063);
 Roozen teaches identifying one or more of the user's social network accounts and generating a protection portal; however Roozen does not explicitly teaches receiving, via a selection by the user within the protection portal, one or more thresholds, each threshold being associated with one type of security risk; and in response to identifying a security risk above the security risk's associated threshold, providing one or more alerts to the user on the protection portal, wherein the one or more alerts identify security risks associated with one or more of the user's social network accounts. 
(Foster par. 0035, 0128. Foster teaches that a social risk threshold represents a level of tolerance for risk, and a particular social risk threshold associated with a particular user, organization or entity. A user provided with an option to select multiple risk thresholds. A user for example, specify as a threshold for determining that a risk is "very high" and 75 as a threshold for determining that a risk is "high.". See also par. 0127); and 
in response to identifying a security risk above the security risk's associated threshold, providing one or more alerts to the user on the protection portal (Foster par. 0041 and 0078. Foster teaches that the security analysis engine compare the social risk score that is associated with the social entity in social risk database 104 to a social risk threshold that is associated with the user 106 (209), and determine whether the social risk score exceeds the social risk threshold (211). If the social risk score that is associated with the social entity exceeds the social risk threshold that is associated with the user 106, the security analysis engine initiate an appropriate security action (213). A security action include generating an alert and proving the generated alert to the protected social entity. See also par. 0036-0037 and 0045), wherein the one or more alerts identify security risks (risk score) associated with one or more of the user's social network accounts (Foster par. 0026 and 0078. Foster teaches that based on the result of analysis, the algorithm can score the risk posed by the social entity, and can recommend or take appropriate security action based on a comparison of the social risk score to a social risk threshold. A security action include generating an alert and proving the generated alert to the protected social entity. See also par. 0031, 0038 and 0055).
 Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Foster with the method and system of Roozen, wherein receiving, via a selection by the user within the protection portal, one or more thresholds, each threshold being associated with one type of security risk; and in response to identifying a security risk above the security risk's associated threshold, providing one or more alerts to the user on the protection portal, wherein the one or more alerts identify security risks associated with one or more of the user's social network accounts. The motivation is to provide users with a means for alerting the user to the potential risk and take appropriate security action based on a comparison of the social risk score to the user's social risk threshold (Foster par. 0036).   
Regarding claim 2, Roozen and Foster disclose the method of claim 1,
Foster further discloses further comprising, scanning data that is maintained on the one or more social networks, wherein scanning data that is maintained on the one or more social networks comprises identifying, by one or more processors, data that is associated with the one or more social entities (Foster par. 0044. Foster teaches that the security analysis engine configured to actively scan one or more social networks for data that is available and that pertains to a social entity. The active scanning of the one or more social networks for data may be implemented by the user analysis engine. See also par. 0046).
 (Foster par. 0036).
Regarding claim 3, Roozen and Foster disclose the method of claim 2,
Foster further discloses wherein scanning data that is maintained on the one or more social networks is performed on a continuous basis, without user initiation (Foster par. 0049 and 0098. Foster teaches that security analysis engine, for example, actively scan social networks for publicly or authorized available information. The security analysis engine may continuously scan one or more social networks for data, and predict the level of risk associated with data related to the first detected occurrence of an action or a posting by a social entity).  
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Foster with the method and system of Roozen, wherein receiving, via a selection by the user within the protection portal, one or more thresholds, each threshold being associated with one type of  (Foster par. 0036).   
Regarding claim 4, Roozen and Foster disclose the method of claim 1,
Roozen further discloses wherein generating an activation request comprises generating a user specific activation URL for a user associated with a corporate entity (Roozen par. 0031. Roozen teaches that the social rank service provides an account claiming interface to the contributor).  
Regarding claim 6, Roozen and Foster disclose the method of claim 1,
Roozen further discloses further comprising, receiving personal identifying data from the user (Roozen par. 0030. Roozen teaches that the profile may include a user name, an email address, biographical information, geographical information, and/or other personal information about the contributor).67 ATT'Y DOCKET No.: 37979-0016001  
Regarding claim 7, Roozen and Foster disclose the method of claim 6,
Roozen further discloses wherein the personal identifying data includes the user's email address (Roozen par. 0030. Roozen teaches that the profile may include a user name, an email address, biographical information, geographical information, and/or other personal information about the contributor).67 ATT'Y DOCKET No.: 37979-0016001    
Regarding claim 8, Roozen and Foster disclose the method of claim 6,
Roozen further discloses wherein the personal identifying data includes one or more images of the user (Roozen par. 0053 and Fig.6. Roozen teaches that each of the contributor icons 606 contains an image associated with a different one of the contributors. The social rank service 200 can automatically pull this image from a UGC account, such as a Facebook profile or a Twitter account. See also par. 0073).  
Regarding claim 9, Roozen and Foster disclose the method of claim 6,
Roozen further discloses wherein the personal identifying data includes one or more aliases of the user (Roozen par. 0021. Roozen teaches that some of the contributors 112 can generate content using multiple profiles on the same UGC service. For example, one of the contributors 112 can generate tweets about professional matters using one Twitter account and can generate tweets about personal matters using another Twitter account. In another example, one of the contributors 112 can use one of the UGC services to manage two or more separate blogs).  
Regarding claim 10, Roozen and Foster disclose the method of claim 1,
Foster further discloses wherein the one or more alerts identify security risks selecting from the group consisting of social media based impersonation risks, phishing risks, social engineering risks, and malware risks (Foster par. 0078 and 0124. Foster teaches that a security action include generating an alert and proving the generated alert to the protected social entity. The security analysis engine 101 may determine a risk to the protected social entity, based on monitoring data on one or more social networks that is related to the protected social entity (1105). A risk to the protected social entity may be a risk associated with another social entity, for example, a risk associated with a friend or follower of the protected social entity engaged in distributing malware, with an imposter generating and maintaining a fraudulent profile impersonating the protected social entity, and/or with a malicious bot. A security analysis engine determine, for example, that an imposter profile maintained by a malicious bot engaged in phishing poses a high risk to the protected social entity. See also par. 0045 and 0110).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine the teachings of Foster with the method and system of Roozen, wherein receiving, via a selection by the user within the protection portal, one or more thresholds, each threshold being associated with one type of security risk; and in response to identifying a security risk above the security risk's associated threshold, providing one or more alerts to the user on the protection portal, wherein the one or more alerts identify security risks associated with one or more of the user's social network accounts. The motivation is to provide users with a means for alerting the user to the potential risk and take appropriate security action based on a comparison of the social risk score to the user's social risk threshold (Foster par. 0036).
Regarding claim 11; claim 11 is directed to a system associated with the method claimed in claim 1. Claim 11 is similar in scope to claim 1, and is therefore rejected under similar rationale respectively.  Roozen also teaches the additional limitations of claim 11 as follows:
 one or more processing devices (Roozen Fig.9 and par. 0084); and 
(Roozen Fig. 9 and par. 0082 and 0094). 
Regarding claims 12-14 and 16-19; claims 12-14 and 16-19 are directed to a system associated with the method claimed in claims 2-4, 6-7 and 9-10 respectively. Claims 12-14 and 16-19 are similar in scope to claims 2-4, 6-7 and 9-10 respectively, and are therefore rejected under similar rationale respectively.
Regarding claim 20; claim 20 is directed to a non-transitory computer readable storage device associated with the method claimed in claim 1. Claim 20 is similar in scope to claim 1, and is therefore rejected under similar rationale. Roozen also teaches the additional limitations of claim 20 as follows:
A non-transitory computer-readable storage device encoded with a computer program, the program comprising instructions that when executed by a data processing apparatus cause the data processing apparatus to perform operations (Roozen Fig. 9 and par. 0082 and 0094).
Conclusion
THIS ACTION IS MADE FINAL.
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907.  The examiner can normally be reached on M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information 






/SANCHIT K SARKER/Examiner, Art Unit 2495                                                                                                                                                                                                        

/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495