DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to amendment filed on 5/13/2021.  Claims 1-20 have been examined.  Claims 1, 7, and 13 have been amended by the Applicant.   This office action is Final. 

Response to Amendment

Applicant's arguments filed 5/13/2021 have been fully considered but they are not persuasive. 
On page 9 of the Applicant’s arguments, the Applicant states that in regards to previous 101 rejection, that the “processor, data bus, and non-transitory computer readable instructions are part of a specialized information handling system, that is a specialized computing device”. The Applicant argues that the information handling system improves the functionality of the information handling system and provides a useful and concrete result of performing security analytics functions to identify anomalous, abnormal, unexpected or malicious user behavior”.  The Examiner disagrees with the Applicant.  The mere nominal recitation of a process, data bus, and non-transitory media does not take the claim limitations out of the mental process. The claim limitations do not integrated into a practical application, because the claim recites “monitoring”, the monitoring step is recited at a high level of generality as a general means of gathering user 
On page 10 of the Applicant’s arguments, the Applicant states that the prior art of Kshirsagar does not disclose, “a user profile which includes a mindset factor, the mindset factor comprising information used to determine a mental state of a user at a particular point in time”.
(A).  The Examiner disagrees with the Applicant.  Kshirsagar discloses a factor can be any pattern of observable values relating to a user interaction (Kshirsagar: para. 0019). When these observables are stored in a user profile, they are called historical activities (Kshirsagar: para. 0019). In particular, whenever an information system receives an event notification, that event notification may be stored as a historical activity in the user's profile (Kshirsagar: para. 0019). In general, these values are stored in a profile and used to determine factors such as usage patterns with one or more applications and/or one or more client devices, as well as the associated user preferences (Kshirsagar: para. 0019).           Kshirsagar discloses user behavior may be another factor (Kshirsagar: para. 0021). User behavior relates to correlations of usage patterns with other input other that the application or client device itself; an example, might be determining a user typically accesses (Kshirsagar: para. 0021).  A user mindset factor is associated with the users behavior, the mindset factor comprising information used to determine a mental state of a user at a particular point in time (Kshirsagar: para. 0021, user behavior is associated with the mindset factor, Kshirsagar discloses a user accessing a website www.fredspizza.com on rainy Sundays, indicating that the user does not typically go out for food when it is raining, thus the mindset factor comprising information used to determine a mental state; the mental state of a user a particular point in time, such as Sundays when it is raining, ordering pizza).  
 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.



Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claims recite gathering information related to an organization, and generating an organization specific security policy.  
The claims recite limitations of gathering information, and using electronic information to generate a plurality of organization specific rules, and generating an organization specific policy.  These limitations, as drafted, is a process that, under its broadest reasonable interpretation, covers performance of the limitations in the mind but for the recitation of generic 
The claim recite gathering information, and using the information to generate rules.  The gather step is merely data gathering which is a form of insignificant extra-solution activity.  Each of the additional limitations is no more than mere instructions to apply the exception using a generic computer components.  The additional elements in the claims amount to no more than mere instructions to apply the exception using generic computer components.  The Applicant’s specification does not provide any indication that the processor, data bus, and non-transitory computer readable medium is anything other than generic, off-the-shelf computer components, and the Symantec, TLI, and OIP Techs. court decisions cited in MPEP 2106.05(d)(II) indicate that mere collection of information over a network is well-understood, routine, and conventional function when it is claimed in a merely generic manner.  Accordingly, the gather step is well-understood, routine, conventional activity that is supported under Berkheimer.



Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



Claims 1, 5, 7, 11, 13, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Hutson et al (2008/0168453) in view of Kaufmann et al (2009/0300712), and further in view of Kshirsagar et al (2013/0055367).

As per claim 1, Hutson discloses a computer-implementable method for generating security policies, comprising: 
gathering information related to an organization(Hutson: para. 0014-0015, 0018,  the security and/or monitoring software devices gathers information (i.e. improper behavior) within an organization and communicates the information to the system), the information related to the organization comprising electronically-observable information related to the organization(Hutson: para. 0014-0015, information related to the organization comprising electronically-observable information, the Examiner asserts that the information is observed on the network, this includes electronically-observable information); 
 (Hutson: para. 0015-0017, the incident (i.e. electronically observable information) related to the organization is converted into the electronic information related to the organization, the Examiner asserts that this is the incident notification).
Hutson does not explicitly disclose using the electronic information related to the organization to automatically generate a plurality of organization specific rules; and, generating an organization specific security policy, the organization specific security policy comprising at least one organization specific rule, the organization specific security policy comprising an aggregation of a plurality of entity specific security policies, and using the organization specific security policy to perform a security analytics operation, the security analytics operation identifying anomalous, abnormal, unexpected or malicious user behavior. 
Kaufmann discloses using the electronic information related to the organization to automatically generate a plurality of organization specific rules(Kaufmann: para. 0011, 0013-0014, organization specific rules (i.e. business rules); and, generating an organization specific security policy(Kaufmann: para. 0086, organization specific security policy (i.e. business rules)), the organization specific security policy comprising at least one organization specific rule(Kaufmann: para. 0079, 0086, organization specific rule (i.e. business rule), the organization specific security policy comprising an aggregation of a plurality of entity specific security policies (Kaufmann: para. 0013-0014, i.e. entity specific security policies, the Examiner asserts are policies that are for a group of users, such as a department in an organization, the department or group of users are the entities, and Kaufmann discloses more than one policy can be defined for the entity), each of the plurality of entity specific security policies corresponding (Kaufmann: para. 0083), and using the organization specific security policy to perform a security analytics operation, the security analytics operation identifying anomalous, abnormal, unexpected or malicious user behavior (Kaufmann: para. 0033, anomalous (i.e. violations)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include using the electronic information related to the organization to automatically generate a plurality of organization specific rules; and, generating an organization specific security policy, the organization specific security policy comprising at least one organization specific rule, the organization specific security policy comprising an aggregation of a plurality of entity specific security policies, each of the plurality of entity specific security policies corresponding to a respective entity; and using the organization specific security policy to perform a security analytics operation, the security analytics operation identifying anomalous, abnormal, unexpected or malicious user behavior of Kaufmann with Hutson both are analogous in the art of enforcing security polices, the motivation is that a dynamic policy is more flexible can allow one to apply policies at run-time (Kaufmann: para. 0009, 0078).
Hutson and Kaufmann do not explicitly disclose each of the plurality of entity specific security policies corresponding to a respective entity, each respective entity having a corresponding user profile, each corresponding user profile comprising a collection of information that uniquely describes an identify of the respective entity, the collection of information comprising a user profile attribute, a user behavior factor and a user mindset factor; and the mindset factor comprising information used to determine a mental state of a user at a particular point in time.
(Kshirsagar: para. 0018-0023, a user the Examiner asserts is a respective entity, whose factors may be associated with a user’s identity, there are multiple factors, such as user behavior which is stored in a profile, factors are stored in a user profile, determine usage patterns (i.e. user profile attribute), a user mindset factor is associated with the users behavior, the mindset factor comprising information used to determine a mental state of a user at a particular point in time Kshirsagar: para. 0021, user behavior is associated with the mindset factor, Kshirsagar discloses a user accessing a website www.fredspizza.com on rainy Sundays, indicating that the user does not typically go out for food when it is raining, thus the mindset factor comprising information used to determine a mental state; the mental state of a user a particular point in time, such as Sundays when it is raining, ordering pizza).  
It would have obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include each respective entity having a corresponding user profile, each corresponding user profile comprising a collection of information that uniquely describes an identify of the respective entity, the collection of information comprising a user profile attribute, a user behavior factor and a user mindset factor, the mindset factor comprising information used to determine a mental state of a user at a particular point in time of Kshirsagar with Hutson-Kaufmann both are analogous in the art of enforcing security polices, the motivation is that this (Kshirsagar: para. 0018).

         As per claim 5, Hutson, Kaufmann, and Kshirsagar disclose the method of claim 1.
         Hutson does not explicitly disclose the plurality of rules comprise a rule associated with an event, the rule associated with the event comprising an indication of whether to allow a particular entity to perform the event, the organization specific security policy is associated with an entity; and, the organization security policy is applied to the entity.
Kaufmann discloses the plurality of rules comprise a rule associated with an event (Kaufmann: para. 0086, business rule), the rule associated with the event comprising an indication of whether to allow a particular entity to perform the event (Kaufmann: para. 0097, allowing a user (i.e. user) to perform the event (i.e. open the file)), the organization specific security policy is associated with an entity (Kaufmann: para. 0011); and, the organization security policy is applied to the entity (Kaufmann: para. 0032, apply policy).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the plurality of rules comprise a rule associated with an event, the rule associated with the event comprising an indication of whether to allow a particular entity to perform the event, the organization specific security policy is associated with an entity; and, the organization security policy is applied to the entity of Kaufmann with Hutson-Kshirsagar are analogous in the art of security policies, the motivation is that applying the appropriate the policy, more preferably dynamically and flexibly enforcing the policy (Kaufmann: para. 0009).

As per claim 7, Hutson discloses a system comprising: 
a processor (Hutson: para. 0006, processor); 
a data bus coupled to the processor (Hutson: para. 0006, 0019, discloses a bus because there is disclosed a computer); and 
a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for(Hutson: para. 0020): 
gathering information related to an organization, the information related to the organization comprising electronically-observable information related to the organization(Hutson: para. 0014-0015, 0018,  the security and/or monitoring software devices gathers information (i.e. improper behavior) within an organization and communicates the information to the system); 
converting the electronically-observable information related to the organization into electronic information related to the organization (Hutson: para. 0015-0017, the incident (i.e. electronically observable information) related to the organization is converted into the electronic information related to the organization, the Examiner asserts that this is the incident notification).
Hutson does not explicitly disclose using the electronic information related to the organization to automatically generate a plurality of organization specific rules; and, 
generating an organization specific security policy, the organization specific security policy comprising at least one organization specific rule, the organization specific security policy 
Kaufmann discloses using the electronic information related to the organization to automatically generate a plurality of organization specific rules(Kaufmann: para. 0011, 0013-0014, organization specific rules (i.e. business rules); and, generating an organization specific security policy(Kaufmann: para. 0086, organization specific security policy (i.e. business rules)), the organization specific security policy comprising at least one organization specific rule(Kaufmann: para. 0079, 086, organization specific rule (i.e. business rule), the organization specific security policy comprising an aggregation of a plurality of entity specific security policies (Kaufmann: para. 0013-0014, i.e. entity specific security policies, the Examiner asserts are policies that are for a group of users, such as a department in an organization, the department or group of users are the entities, and Kaufmann discloses more than one policy can be defined for the entity), each of the plurality of entity specific security policies corresponding to a respective entity (Kaufmann: para. 0083), using the organization specific security policy to perform a security analytics operation, the security analytics operation identifying anomalous, abnormal, unexpected, or malicious user behavior (Kaufmann: para. 0033, anomalous (i.e. violations)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include using the electronic information related to the organization to automatically generate a plurality of organization specific rules; and, generating an organization specific security policy, the organization specific security policy comprising at least one organization specific rule, the organization specific security policy comprising an aggregation of a plurality of entity specific security policies, each of the plurality of entity (Kaufmann: para. 0009, 0078).
Hutson and Kaufmann does not explicitly disclose each of the plurality of entity specific security policies corresponding to a respective entity, each respective entity having a corresponding user profile, each corresponding user profile comprising a collection of information that uniquely describes an identify of the respective entity, the collection of information comprising a user profile attribute, a user behavior factor and a user mindset factor; and the mindset factor comprising information used to determine a mental state of a user at a particular point in time.

Kshirsagar discloses each respective entity having a corresponding user profile, each corresponding user profile comprising a collection of information that uniquely describes an identify of the respective entity, the collection of information comprising a user profile attribute, a user behavior factor and a user mindset factor, the mindset factor comprising information used to determine a mental state of a user at a particular point in time (Kshirsagar: para. 0018-0023, a user the Examiner asserts is a respective entity, whose factors may be associated with a user’s identity, there are multiple factors, such as user behavior which is stored in a profile, factors are stored in a user profile, determine usage patterns (i.e. user profile attribute), a user mindset factor is associated with the users behavior, the mindset factor comprising information used to determine a mental state of a user at a particular point in time Kshirsagar: para. 0021, user behavior is associated with the mindset factor, Kshirsagar discloses a user accessing a website www.fredspizza.com on rainy Sundays, indicating that the user does not typically go out for food when it is raining, thus the mindset factor comprising information used to determine a mental state; the mental state of a user a particular point in time, such as Sundays when it is raining, ordering pizza).  
It would have obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include each respective entity having a corresponding user profile, each corresponding user profile comprising a collection of information that uniquely describes an identify of the respective entity, the collection of information comprising a user profile attribute, a user behavior factor and a user mindset factor, the mindset factor comprising information used to determine a mental state of a user at a particular point in time of Kshirsagar with Hutson-Kaufmann are analogous in the art of enforcing security polices, the motivation is that this is an efficient method that each user has a critical mass of interactions that may be tracked whose factors may be associated with a user’s identity (Kshirsagar: para. 0018).

As per claims 11 and 17, rejected under similar scope as claim 5.

As per claim 13, rejected under similar scope as claim 1.


Claims 2, 8, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Hutson et al (2008/0168453) in view of Kaufmann et al (2009/0300712), and in view of Kshirsagar et al (2013/0055367), and further in view of Mehrabanzad et al (2016/0330746).

As per claim 2, Hutson, Kaufmann, and Kshirsagar disclose the method of claim 1.
(Hutson: para. 0014, 0018, monitoring improper behavior (i.e. user interactions) on a network (i.e. electronically-observable) of an entity (i.e. user); monitoring communications include email, instant messages, web postings, file transfers, and voice over Internet (i.e. electronically observable user interactions), the electronically-observable user interactions comprising corresponding the user behavior(Hutson: para. 0015-0016, 0027, electronically-observable user interactions (i.e. social security numbers within email communications), the information related to the organization comprising the user behavior(Hutson: para. 0015-0016, 0027, social security numbers within email communications); converting the electronically-observable user interactions into electronic information representing the user behavior(Hutson: para. 0016-0017, converting the electronically-observable user interactions (i.e. incidents) into electronic information representing the user behavior (i.e. electronic information/incident notification includes a copy of the electronic communication).
Hutson does not explicitly disclose evolving the organization specific security policy according to the electronically observable user interactions. 
Kaufmann discloses evolving the organization specific security policy according to the electronically observable user interactions (Kaufmann: para. 0059, 0079, evolving security policy (i.e. dynamic policy) according to the electronically observable user interactions (i.e. user actions/activities associated with the file). 
It would have been obvious to one of ordinary skill in the art at the time of the invention to include evolving the organization specific security policy according to the electronically observable user interactions of Kaufmann with Hutson, both are analogous in the art of enforcing (Kaufmann: para. 0009, 0078).
Hutson, Kaufmann, and Kshirsagar do not explicitly disclose evolving the organization specific security policy comprising revising rules associated with the organization specific security policy according to enactment of user behavior corresponding to an event.
Mehrabanzad discloses evolving the organization specific security policy comprising revising rules associated with the organization specific security policy according to enactment of user behavior corresponding to an event (Mehrabanzad: organization specific security policy (i.e. a user permitted to access a particular access point, and the user’s permitted QoS level), revising rules (i.e. alter rules) associated with the organization specific security policy according to enactment of user behavior corresponding to an event (i.e. the corporate executive may require a higher QoS level; however if the executive stops coming into the office and/or is no longer determined to be an executive, the rules can be revised based on the user behavior corresponding to the event)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include evolving the organization specific security policy comprising revising rules associated with the organization specific security policy according to enactment of user behavior corresponding to an event of Mehrabanzad with the combination of Hutson-Kaufmann-Kshirsagar all are analogous in the art of enforcing security policies, the motivation is that altering rules may further restrict user’s access to a network based on determined user behavior indicating a user’s behavior is risky or inappropriate for network use (Mehrabanzad: para. 0049).

As per claims 8 and 14, rejected under similar scope as claim 2.

Claims 3, 9, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Hutson et al (2008/0168453) in view of Kaufmann et al (2009/0300712), and in view of Kshirsagar et al (2013/0055367) further in view of Lang (2019/0014153).

As per claim 3, Hutson, Kaufmann, and Kshirsagar disclose the method of claim 1.
Hutson, Kaufmann, and Kshirsagar do not explicitly disclose each of the plurality of entity-specific security policies comprise an automatically generated entity-specific rule.
Lang discloses each of the plurality of entity specific security policies comprise an automatically generated entity-specific rule (Lang: para. 0065-0066, entity (i.e. IT system) specific security policies received a plurality of policy inputs, and automatically generate machine-enforceable rule).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include each of the plurality of entity specific security policies comprise an automatically generated entity-specific rule of Lang with the combination of Hutson-Kaufmann-Kshirsagar all are analogous in the art of security policies, the motivation is that the world need better policy management method and systems that can manage meaningful policies, which are preventive, in a way that is manageable, and that supports IT agility, and that is repeatable/traceable/verifiable (Lang: para. 0005).  

As per claim 9, Hutson, Kaufmann, and Kshirsagar discloses the system of claim 7.    
Hutson further discloses the organization specific security policy comprises an entity-specific security policy (Hutson: para. 0015, entity specific security policy (i.e. organization and/or user(s)).
As per claim 15, Hutson, Kaufmann, and Kshirsagar discloses the non-transitory, computer-readable storage medium claim 13.  Hutson further the organization specific security policy comprises an entity-specific security policy (Hutson: para. 0015, entity specific security policy (i.e. organization and/or user(s)).

Claims 4, 10, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Hutson et al (2008/0168453) in view of Kaufmann et al (2009/0300712), and in view of Kshirsagar et al (2013/0055367) further in view of Gibson et al (8,776, 168).

As per claim 4, Hutson, Kaufmann, and Kshirsagar discloses the method of claim 1.
            Hutson further discloses the organization specific security policy comprises a risk-adaptive security policy(Hutson: See Fig. 2, para. 0016, 0025, 0027,  organization specific security policy the policy looks at social security numbers within email, comprises a risk adaptive security policy (i.e. how many social security numbers within email communications). 
	Hutson, Kaufmann, and Kshirsagar do not explicitly disclose a security policy implemented to be revised to adaptively remediate risk associated with a user behavior, the user behavior being represented via a plurality of risk adaptive behavior factors, the plurality of risk-adaptive behavior factors comprising at least one user behavior factor and a user mindset factor.
	Gibson discloses a security policy implemented to be revised to adaptively remediate risk associated with a user behavior, the user behavior being represented via a plurality of risk adaptive behavior factors, the plurality of risk-adaptive behavior factors comprising at least one user behavior factor and a user mindset factor (Gibson: col. 4, lines 26-51, col. 7, lines 25-34, col. 9, lines 10-24, Gibson only needs to disclose one, which Gibson discloses user behavior factor, the security policy is revised to remediate risk associated with a user behavior).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include a security policy implemented to be revised to adaptively remediate risk associated with a user behavior, the user behavior being represented via a plurality of risk adaptive behavior factors, the plurality of risk-adaptive behavior factors comprising at least one user behavior factor and a user mindset factor of Gibson with the combination of Hutson-Kaufmann-Kshirsagar a security policy implemented to be revised to adaptively remediate risk associated with a user behavior, the user behavior being represented via a plurality of risk adaptive behavior factors, the plurality of risk-adaptive behavior factors comprising at least one user behavior factor and a user mindset factor of Gibson all are analogous in the art of security policies, the motivation is that there is currently no solution available to system administrators that measure that security risk of users based on user behaviors across devices (Gibson: col. 1, lines 47-49).  Therefore, there is a need in the art for a solution that measures the security risk posed by behaviors of individual users and group of users, and adjusts security policies based on these risks (Gibson: col. 1, lines 52-55).
	As per claims 10 and 16, rejected under similar scope as claim 4.

Claims 6, 12, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Hutson et al (2008/0168453) in view of Kaufmann et al (2009/0300712) and in view of Kshirsagar et al (2013/0055367) and further in view of Luk et al (7,813,944).
As per claim 6, Hutson, Kaufmann, and Kshirsagar disclose the method of claim 1.
             Hutson and Kshirsagar do not explicitly disclose wherein: the generating the organization specific security.
             Kaufmann further discloses wherein: the generating the organization specific security (Kaufmann: para. 0086).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include wherein: the generating the organization specific security of Kaufmann with the Hutson-Kshirsagar combination are analogous in the art of security policies, the motivation is that the policy is classified within an organization, such as a department (financial, human resources) and or users having a given level or type or responsibility (Kaufmann: para. 0013).
	Hutson, Kaufmann, and Kshirsagar do not explicitly disclose policy comprises performing a machine learning operation; and, performing the machine learning operation on the security policy trains the security policy to recognize a true positive occurrence, a false positive occurrence, a true negative occurrence, a false negative occurrence and an indeterminate occurrence of an event.
	Luk discloses policy comprises performing a machine learning operation (Luk: col. 4, lines 65-67, predictive model (i.e. machine learning operation)); and, performing the machine learning operation on the security policy trains the security policy to recognize a true positive occurrence, a false positive occurrence, a true negative occurrence, a false negative occurrence and an indeterminate occurrence of an event (Luk: col. 4, lines 27-41, col. 5, lines 1-22).
(Luk: col. 5, lines 1-13).
	As per claims 12 and 18, rejected under similar scope as claim 6.

Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Hutson et al (2008/0198453) in view of Kaufmann et al (2009/0300712) and in view of Kshirsagar et al (2013/0055367) and further in view of Williams et al (2012/0079107).

As per claim 19, Hutson, Kaufmann, and Kshirsagar disclose the non-transitory, computer-readable storage medium of claim 13.
Hutson, Kaufmann, and Kshirsagar do not explicitly disclose wherein the computer executable instructions are deployable to a client system from a server system at a remote location.
Williams discloses the computer executable instructions are deployable to a client system for a server system at a remote location (Williams: para. 0074, 0094, compliance server instructions to be deployable on a client system).
(Williams: para. 0094).

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Hutson et al (2008/0198453) in view of Kaufmann et al (2009/0300712) and in view of Kshirsagar et al (2013/0055367) and further in view of Dwyier (2016/0277360).

As per claim 20, Hutson, Kaufmann, and Kshirsagar disclose the non-transitory, computer-readable storage medium of claim 13.
Hutson, Kaufmann, and Kshirsagar do not explicitly disclose wherein the computer executable instructions are provided by a service provider to a user on an on-demand basis.
Dwyier discloses the computer executable instructions are provided by a service provider to a user on an on-demand basis (Dwyier: para. 0013, 0053, on demand basis (i.e. real-time)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the computer executable instructions are provided by a service provider to a user on an on-demand basis of Dwyier with the combination of Hutson-Kaufmann-Kshirsagar are analogous in the art of security policies, the motivation is that this is an efficient method that protects sensitive data in real-time by programming data protection policies (Dwyier: para. 0005).


Conclusion

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JENISE E JACKSON whose telephone number is (571)272-3791.  The examiner can normally be reached on M-F 8:00am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu T Pham can be reached on (571)270-5002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications 



8/10/2021
/J.E.J/Examiner, Art Unit 2439                 


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439