Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This action is in response to the communication filed on 4/26/2021.
Claim 1- 25 are rejected. 

Response to Arguments
Applicant’s arguments dated 4/26/2021 with respect to claim(s) 1-25 have been considered but are moot because the new ground of rejection does not rely on any reference for teaching or matter specifically challenged in the argument.
Examiner notes that new mapping of claim amendment(s) is described in action below. 
Any objections or rejections not set forth below have been withdrawn.  
Examiner tried to reach out to Attorney David Judson yet no reply was received for the purpose of compact prosecution. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having 

Claims 1-25 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication 2015/0350174 to Reno et al hereinafter (“Reno”) and in view of by U.S. Publication 2018/0018459 to Zhang et al (hereinafter (“Zhang”) and further in view of U.S.Publication 2017/0026393 to Walsh et al (hereinafter (“Walsh”).  
As per claim 1 Reno teaches, a method for access control in a computing environment in
which clients interact with an application deploying one or more non-authenticating endpoints to which application programming interface (API)-based requests are directed, comprising (Reno Fig 2 para 34 teaches - request made by API by PDP and PEP  elements 122 and 124 based on API request by IP address of the source node): 
responsive to receipt of an API access request from an unauthenticated client (Reno Fig 2 element 100, 200 para 31-32 teaches where source node / client device / user device which is interpreted as unauthenticated client by examiner. Examiner further describes that unauthenticated client is interpreted with broad interpretation of claim language and specification as client device / enterprise device as described in specification which is similar to source node), applying a classifier to the API access request, the classifier having been generated by training a neural network (Reno Fig 2 and 8 para 65-72 specifically para 66 teaches generation of API score based on PDP policy decision point to analyze API request to ‘classify / categorize API’. Additionally, Fig 8 and 10 para 80-81 teaches PDP with neural network to analyst the API request) according to a policy to distinguish at least first and second classes of behavior with respect to programmatic access to the one or more non-authenticating endpoints (Reno Fig 8 and 10 para 65-72 and 78-83 teaches  A - generation of risk assessment score of API transaction(s) (including request and reply of API), B – generated score of API request categorizes API into benign or malicious categories – Block API or Process API – Safe or Malicious API – this two categories of API is similar to classification of API into first class or second class of API as described in claim limitation); 
upon a determination by the classifier that the API access request from the unauthenticated client is within the first class of behavior, allowing the API access request; and upon a determination by the classifier that the API access request from the unauthenticated client is within the second class of behavior, taking a given action (Reno Fig 8 and 10 para 65-72 and 78-83 as explained above. In addition examiner add that – generation of API request score categorizes source node (unauthenticated client) into safe or malicious category which covers claimed limitation, where first class classification is interpreted as safe and second class as malicious).
Although Reno teaches categories of API request into normal or malware API, Reno does not teach however Zhang teaches classification of API’s as malicious or benign (normal kind) (Zhang para 33 teaches teaches apps being classified as benign or malicous based on various factors and APK Id (API Id) and system classification factors based on different classification modules of dynamic, behavior or static classification engines). 
Reno teaches API risk assessment with request at source node and generation of score to indicate trustworthiness of API request (abstract). Reno does not teach however Zhang teaches classification of API into two categories benign and malicious (abstract and para 33). Reno – Zhang are analogous art because they are from secure API analysis. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art, having the teachings of Reno - Zhang before him or her, to combine Reno’s API score generation to detect safe or malicious API request and combine with Zhang’s API classification request into benign and malicious. The suggestion/motivation for doing so would have been to enhance cyber security of system to detect multiple types of attacks (Zhang para 2). 
the first class of behavior designated in the policy as appropriate activity initiated in a permitted context of the application and representing API requests accessing the non-authenticating API endpoints, and the second class of behavior designated in the policy as inappropriate activity initiated outside of the permitted context and representing API requests accessing the non-authenticating API endpoints (Walsh Fig 1 para 61-66 teaches checking of API call, para 81-85 teaches tagging of API call as verified based on policies and checking if the URI includes blacklisted websites, trust of an owner and other factors. Further examiner interprets ‘client device’ (interpreted as non-authenticated device)). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art, having the teachings of Reno - Zhang – Walsh before him or her, to combine Reno-Zhang’s API analysis to detect safe or malicious API request with analyzing API request as appropriate or inappropriate activity based on rules. The suggestion/motivation for doing so would have been to verify security level of application via API request (Walsh para 2). 
As per claim 2 combination of Reno – Zhang - Walsh teaches, the method as described in claim 1, further including training the neural network classifier (Reno Fig 6 – para 56 determines API – safe or blocks does not teach classifier but function of categorizing API as safe / malicious is similar to claimed function). 
As per claim 3 combination of Reno – Zhang - Walsh teaches, the method as described in claim 2, wherein training the neural network classifier includes defining a feature set comprising a set of elements representing a set of non-authenticating endpoints associated with a particular API access request from a client (Reno para 69-70 teaches API request / transactions analyzed with different factors such as network address, content items, API protocols etc). 
As per claim 4 combination of Reno – Zhang - Walsh teaches, the method as described in claim 3, wherein an endpoint is defined with respect to a given time window (Reno para 70-72), and wherein the element associated with the non-authenticating endpoint is assigned a value that represents appropriate activity or inappropriate activity (Reno para 70-72 teaches to generate summary score over a threshold time factor of the API activity by source code). 
As per claim 5 combination of Reno – Zhang - Walsh teaches, the method as described in claim 4, wherein the feature set is derived from log data associated with API access requests that were found to be allowed (Reno para 70-72 teaches API transactions which is interpreted as log data), wherein the neural network classifier associates the feature set with appropriate activity (Reno para 70-71). 
As per claim 6 combination of Reno – Zhang - Walsh teaches, the method as described in claim 4, wherein the feature set is derived by simulating at least some endpoint values as violating the policy, wherein the neural network classifier associated the feature set with inappropriate activity (Reno para 68-72 teaches classifying activity with score generation to block as malware). 
As per claim 7 combination of Reno – Zhang - Walsh teaches, the method as described in claim 1, wherein the API is a RESTful API (Reno para 52 teaches Restful API). 
As per claim 8 combination of Reno – Zhang - Walsh teaches, the method as described in claim 1, wherein the given action is one of: 
permitting the API access request (Reno para 68-72), 
(Reno para 68-72 teaches classification of API request into safe or malicious categories and process the API based on generated score which is similar to claimed  function of API access or process the API or block or delete API request), 
initiating an audit operation associated with permitting or blocking the API access request, and blacklisting the unauthenticated client (Examiner describes that Reno teaches ‘one of the’ limitation as described in claim therefore Reno covers the claimed limitation). 
Claim 9, 
Claim 9 is rejected in accordance with claim 1.
Claim 10, 
Claim 10 is rejected in accordance with claim 2.
Claim 11, 
Claim 1 is rejected in accordance with claim 3.
Claim 12, 
Claim 12 is rejected in accordance with claim 4.
Claim 13, 
Claim 13 is rejected in accordance with claim 5.
Claim 14, 
Claim 14 is rejected in accordance with claim 6.
Claim 15, 
Claim 15 is rejected in accordance with claim 7.
Claim 16, 
Claim 16 is rejected in accordance with claim 8.
Claim 17, 
Claim 17 is rejected in accordance with claim 1.
Claim 18, 
Claim 18 is rejected in accordance with claim 2.
Claim 19, 
Claim 19 is rejected in accordance with claim 3.
Claim 20, 
Claim 20 is rejected in accordance with claim 4.
Claim 21, 
Claim 22 is rejected in accordance with claim 5.
Claim 22, 
Claim 22 is rejected in accordance with claim 6.
Claim 23, 
Claim 23 is rejected in accordance with claim 7.
Claim 24, 
Claim 24 is rejected in accordance with claim 8.


As per claim 25 Reno teaches, Software-as-a-service implemented in a network- accessible cloud compute infrastructure comprising hardware and software, comprising: a network-accessible application (Reno Fig 1 element 122 122y 124 – PDP PEP are network based application on device 120); 
(Reno Fig 8 element 808 neural network) deployed in association with a set of non-authenticating endpoints (Reno Fig 8 elements 100 source nodes) that are accessible via an application program interface (API) by an unauthenticated client (Reno para 34 Fig 2 element 100, 200 para 31-32 teaches where source node / client device / user device which is interpreted as unauthenticated client by examiner. Examiner further describes that unauthenticated client is interpreted with broad interpretation of claim language and specification as client device / enterprise device as described in specification which is similar to source node)) seeking access to the network-accessible application, the neural network trained according to a policy to distinguish at least first and second classes of behavior with respect to programmatic access to the one or more non- authenticating endpoints (Reno para 68-72 creating a score or API request from source nodes and categorizing into allowed or blocked nodes. In addition examiner add that – generation of API request score categorizes source node (unauthenticated client) into safe or malicious category which covers claimed limitation, where first class classification is interpreted as safe and second class as malicious)), 

a service, responsive to receipt of a plurality of interface access requests to the network-accessible application during a given time period (Reno para 70-72), to apply the neural network to make a determination whether the plurality of interface access requests satisfy the permitted context, and to apply an access control based on the determination (Reno 68-72 teaches classifying activity with score generation to block as malware. Further specifically para 66 teaches generation of API score based on PDP policy decision point to analyze API request to ‘classify / categorize API’. Additionally, Fig 8 and 10 para 80-81 teaches PDP with neural network to analyst the API request)). 
Although Reno teaches categories of API request into normal or malware API, Reno does not teach however Zhang teaches classification of API’s as malicious or benign (normal kind) (Zhang para 33 teaches teaches apps being classified as benign or malicous based on various factors and APK Id (API Id) and system classification factors based on different classification modules of dynamic, behavior or static classification engines). 
Reno teaches API risk assessment with request at source node and generation of score to indicate trustworthiness of API request (abstract). Reno does not teach however Zhang teaches classification of API into two categories benign and malicious (abstract and para 33). Reno – Zhang are analogous art because they are from secure API analysis. 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art, having the teachings of Reno - Zhang before him or her, to combine Reno’s API score generation to detect safe or malicious API request and combine with Zhang’s API classification request into benign and malicious. The suggestion/motivation for doing so would have been to enhance cyber security of system to detect multiple types of attacks (Zhang para 2).
the first class of behavior initiated in a permitted context of the network-accessible application and representing API requests accessing the non- authenticating API endpoints, and the second class of behavior initiated outside of the permitted context and representing API requests accessing the non-authenticating API endpoints (Walsh Fig 1 para 61-66 teaches checking of API call, para 81-85 teaches tagging of API call as verified based on policies and checking if the URI includes blacklisted websites, trust of an owner and other factors. Further examiner interprets ‘client device’ (interpreted as non-authenticated device)). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art, having the teachings of Reno - Zhang – Walsh before him or her, to combine Reno-Zhang’s API analysis to detect safe or malicious API request with analyzing API request as appropriate or inappropriate activity based on rules. The suggestion/motivation for doing so would have been to verify security level of application via API request (Walsh para 2). 
Conclusion 

Claims 1-25 have been rejected. 

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to VIRAL S LAKHIA whose telephone number is (571)270-3363.  The examiner can normally be reached on 8 am - 6 pm.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/VIRAL S LAKHIA/Examiner, Art Unit 2431                                                                                                                                                                                                        
/LYNN D FEILD/Supervisory Patent Examiner, Art Unit 2431