Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This is in response to the amendment filed 06/29/2021.  Claims 1, 2, 9 and 12 have been amended.  Claims 1-22 are pending and have been considered below. 

Status of Claims
The following claims have been amended and or cancelled via examiner amendments: Claims 4, 5, 7, 9, 10, 13, 15, 16, 18, 20 and 21 have been amended.  Claims 1 and 12 have been cancelled.   

Terminal Disclaimer
The terminal disclaimer filed on 06/29/2021 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of 10375071 has been reviewed and is accepted.  The terminal disclaimer has been recorded.


Allowable Subject Matter
Claims 2-11 and 13-20 are allowed. 

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Mr. Gary M. Jacobs, Reg. No. 42920 on 08/10/2021.  An agreement was made on 08/11/2021.   

PLEASE AMEND THE CLAIMS AS FOLLOWS: 
1.  (Canceled)  

2.  (Previously Presented) An access control computing system for controlling access to multiple target servers in a networked environment, the access control computing system comprising:
an access control user interface accessible to the multiple target servers;
a computer memory storing an access control database providing information to the
access control user interface; and 
a management server including an access control processor, the access control processor implementing: 
a discovery engine for discovering user rights stored at the multiple target servers
and delivering the user rights stored at the multiple target servers over the network to the access control database; and
an event trigger engine invoked by detection of a security event from a first target server, the event trigger engine updating the user rights at a local cache on the first target server and delivering the updated user rights to the access control 
wherein a local agent comprising a System Center Operations Manager invokes a client action trigger engine stored at the management server, provides a notification through the access control user interface of a required action to the first target server, and updates the access control database with the required action.

3.  (Original) The system of claim 2, wherein the client action trigger engine utilizes notification capabilities of the System Center Operations Manager.

4.  (Currently Amended) The system of claim 2, wherein 

5.  (Currently Amended)  The system of claim 2, wherein 

6.  (Original) The system of claim 5, wherein the self-service user interface provides the capability to add or remove groups from and to a list of locally stored privileged groups.

claim 2, wherein 

8.  (Original) The system of claim 7, wherein the discovery engine performs enforcement of local audit policies stored on at least one of the multiple target servers. 

9.  (Currently Amended)  The system of claim 2, wherein 

10.  (Currently Amended) The system of claim 2, further 

11.  (Original) The system of claim 10, further comprising performing load balancing between the multiple target servers and the four web service interfaces.

12.  (Canceled) 

A method for managing access to multiple target servers in a networked environment, the method comprising: 
providing an access control user interface accessible to the multiple target servers; 
storing, in a computer memory, an access control database providing information to the access control user interface; and 
utilizing an access control processor stored at a management server for performing steps
including:
discovering with a discovery engine user rights stored at the multiple target servers and delivering the user rights stored at the multiple target servers over the network to the access control database; 
invoking an event trigger engine based on a detected security event from at least a first target server, the event trigger engine updating the user rights at a local cache on the first target server and delivering the updated user rights to the access control database, wherein the event trigger engine is configured to modify the discovery engine based on the detection of the security event; and 
implementing a System Center Operations Manager (SCOM) as a local agent invoking a client action trigger engine stored at the management server, providing a notification through the access control user interface of a required action to the first target server, and updating the access control database with the required action.



15.  (Currently Amended) The method of claim 13, further 

16.  (Currently Amended) The method of claim 13, further 

17.  (Original) The method of claim 16, further comprising providing, through the self-service interface, the capability to add or remove groups from and to a list of locally stored privileged groups.

18.  (Currently Amended) The method of claim 13, further 



20.  (Currently Amended) The method of claim 13, further 

21.  (Currently Amended The method of claim 13, further 

22.  (Original) The system of claim 21, further comprising performing load balancing between the multiple target servers and the four web service interfaces.


Examiner's Statement of Reasons for Allowance
The following is a statement of reasons for the indication of allowable subject matter:  
Regarding Claims 2 and 13:
The prior art references of record, either alone or in combination, do not describe or suggest all elements of the claimed invention as amended.  In 

Regarding claims 3-11 and 14-22, the claims are allowable based at least on their depending from an allowable claim.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FATOUMATA TRAORE whose telephone number is (571)270-1685.  The examiner can normally be reached on 6:30-3:00.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on 5712724219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




Friday, August 13, 2021


/FATOUMATA TRAORE/
Primary Examiner, Art Unit 2436