Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 1/31/2020 was filed after the mailing date of the application on 7/29/2019.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

s 1-8 and 11-20 are rejected under 35 U.S.C. 103 as being unpatentable over Wilson (US Patent 9,727,669) in view of Fisk (US Patent Pub. 20130035063). 


As per claims 1 and 19-20:  Wilson discloses a method involving a security heat map associated with a geographic region, the method comprising (see abstract):
receiving, by a server, current heat scores for one or more endpoint devices located within the geographic region (Col 1 lines 64-67-thru Col 2 lines 1-8; Raw heat scores for several geographic units of equal size are generated based on the pedestrian dataset, each raw heat score being indicative of a number of position fixes in the corresponding geographic unit); 
providing, by the server, for areas within the geographic region, respective aggregate heat scores based on the current heat scores for the one or more endpoint devices; based on the respective aggregate heat scores for the areas within the geographic region (Col 1 lines 64-67-thru Col 2 lines 1-8; A selection of a geographic area that contains some of the geographic units is received, and normalized heat scores for these geographic units are generated based on at least some of the generated raw heat scores), 
imposing, by the server, security policies on the one or more endpoint devices based on the security heat map (Col 3 lines 65-67-thru Col 4 lines 1-2; a positioning data collection module 30 configured to collect and process positioning data from various sources including the computing devices 20 in accordance with relevant privacy policies and user-selected configuration options).
See Fisk; Paragraph 4; receiving, by a mobile device, a message indicating that the mobile device is in a certain location, and determining a user-configured security policy of the mobile device based on the certain location. The method further includes at least one of disabling and enabling, by the mobile device, one or more functions of the mobile device based on the determined user-configured security policy).
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Wilson in view of Fisk in it’s entirety, to modify the technique of Wilson for normalized heat scores for these geographic units are generated based on at least some of the generated raw heat scores by adopting Wilson's teaching for determining a user-configured security policy of the mobile device based on the certain location. The motivation would have been to improve method of generating security heat maps associated with a geographic region.
As per claim 2:  A method as in claim 1 wherein providing the respective aggregate heat scores includes: 
for each area within the geographic region, calculating a respective aggregate heat score based on current heat scores for endpoint devices currently located within that area (Col 7, lines 35-43; normalized score generator 250 in different scenarios can normalize the heat scores based on the zoom level, the position of the viewport, or both. Moreover, in some scenarios, the normalized score generator 250 generates multiple zoom level-specific normalized scores for the same cell).
As per claim 3:  A method as in claim 2, further comprising:
receiving security scores and mobility scores for the one or more endpoint devices, and providing the current heat scores for the one or more endpoint devices based on the security scores and mobility scores (Claim 6; generating the normalized heat score for the target geographic unit based on raw heat scores of geographic units that lie within the normalization radius of the target geographic unit).
As per claim 4:  A method as in claim 3 wherein providing the current heat scores for the endpoint devices includes:
generating a first current heat score for a first endpoint device based on a first security score and a first mobility score for the first endpoint device, and generating a second current heat score for a second endpoint device based on a second security score and a second mobility score for the second endpoint device, the first endpoint device being different from the second endpoint device (Claim 6; generating the normalized heat score for the target geographic unit based on raw heat scores of geographic units that lie within the normalization radius of the target geographic unit).
As per claim 5:  A method as in claim 4, further comprising: 
providing, as the first security score, a current measure of trustworthiness contributed by the first endpoint device while the first endpoint device is operated by a first user, providing, as the first mobility score, a current measure of mobility for the first endpoint device while the first endpoint device is operated by the first user, providing, as Claim 6; generating the normalized heat score for the target geographic unit based on raw heat scores of geographic units that lie within the normalization radius of the target geographic unit).
As per claim 6:  A method as in claim 4 wherein the first endpoint device currently resides in a first area within the geographic region; wherein the second endpoint device currently resides in a second area within the geographic region that is different from the first area; and wherein calculating the respective aggregate heat score for each area includes: 
providing a first aggregate heat score for the first area based on the first current heat score for the first endpoint device, and providing a second aggregate heat score for the second area based on the second current heat score for the second endpoint device (Claim 6; generating the normalized heat score for the target geographic unit based on raw heat scores of geographic units that lie within the normalization radius of the target geographic unit).
As per claim 7:  A method as in claim 4 wherein both the first endpoint device and the second endpoint device currently reside in a particular area within the geographic region; and wherein calculating the respective aggregate heat score for each area includes: 
Claim 6; generating the normalized heat score for the target geographic unit based on raw heat scores of geographic units that lie within the normalization radius of the target geographic unit).
As per claim 8:  A method as in claim 2 wherein calculating the respective aggregate heat score for each area includes:
for a first area within the geographic region, calculating a first aggregate heat score based on current heat scores for a group of first endpoint devices currently located in the first area, and for a second area within the geographic region (Claim 6; generating the normalized heat score for the target geographic unit based on raw heat scores of geographic units that lie within the normalization radius of the target geographic unit), 
calculating a second aggregate heat score based on current heat scores for a group of second endpoint devices currently located in the second area, the second area being different from the first area, and the second endpoint devices being different from the first endpoint devices (Claim 6; generating the normalized heat score for the target geographic unit based on raw heat scores of geographic units that lie within the normalization radius of the target geographic unit).
As per claim 11:  A method as in claim 2, further comprising:
after the security heat map is generated, receiving an indication signal indicating occurrence of an area-specific event, the indication signal identifying a particular area within the geographic region, and in response to the indication signal, calculating a new Col 1 lines 64-67-thru Col 2 lines 1-8; Raw heat scores for several geographic units of equal size are generated based on the pedestrian dataset, each raw heat score being indicative of a number of position fixes in the corresponding geographic unit). 
As per claim 12:  A method as in claim 11, further comprising:
based on the new aggregate heat score selecting, among multiple selectable security levels, a particular security level for the particular area to update the security heat map defining the one or more security zones within the geographic region (Col 1 lines 64-67-thru Col 2 lines 1-8; Raw heat scores for several geographic units of equal size are generated based on the pedestrian dataset, each raw heat score being indicative of a number of position fixes in the corresponding geographic unit).
As per claim 13:  A method as in claim 12 wherein a first selectable security level was selected for the particular area based on the earlier aggregate heat score prior to receiving the indication signal; and wherein selecting the particular security level includes:
choosing, as the particular security level, a second selectable security level for the particular area based on the new aggregate heat score, the second selectable security level being different from the first selectable security level (Col 1 lines 64-67-thru Col 2 lines 1-8; Raw heat scores for several geographic units of equal size are generated based on the pedestrian dataset, each raw heat score being indicative of a number of position fixes in the corresponding geographic unit).
As per claim 14:  A method as in claim 13 wherein receiving the indication signal indicating the occurrence of the area-specific event includes:
receiving, as part of the indication signal, an indication that the number of endpoint devices residing within the particular area has changed by more than a predefined threshold number within a predefined amount of time (See Fisk; Paragraph 4; receiving, by a mobile device, a message indicating that the mobile device is in a certain location, and determining a user-configured security policy of the mobile device based on the certain location. The method further includes at least one of disabling and enabling, by the mobile device, one or more functions of the mobile device based on the determined user-configured security policy). 
As per claim 15:  A method as in claim 13 wherein receiving the indication signal indicating the occurrence of the area-specific event includes:
receiving, as part of the indication signal, an indication that a predefined number of endpoint devices residing within the particular area have detected a security incident (See Fisk; Paragraph 4; receiving, by a mobile device, a message indicating that the mobile device is in a certain location, and determining a user-configured security policy of the mobile device based on the certain location. The method further includes at least one of disabling and enabling, by the mobile device, one or more functions of the mobile device based on the determined user-configured security policy).
As per claim 16:  A method as in claim 11, further comprising:
after receiving the indication signal and before calculating the new agoregate heat score, receiving new heat scores for endpoint devices currently located within the Col 1 lines 64-67-thru Col 2 lines 1-8; A selection of a geographic area that contains some of the geographic units is received, and normalized heat scores for these geographic units are generated based on at least some of the generated raw heat scores).
As per claim 17:  A method as in claim 11, further comprising:
in response to the indication signal, calculating new aggregate heat scores for other areas within the geographic region and replacing earlier aggregate heatscores for the other areas with the new aggregate heat scores (Col 1 lines 64-67-thru Col 2 lines 1-8; A selection of a geographic area that contains some of the geographic units is received, and normalized heat scores for these geographic units are generated based on at least some of the generated raw heat scores).
As per claim 18:  A method as in claim 1 wherein imposing the security policies on the one or more endpoint devices based on the security heat map includes:
instructing, based on the security heat map, each of the one or more endpoint devices to apply a selected security policy (See Fisk; Paragraph 4; receiving, by a mobile device, a message indicating that the mobile device is in a certain location, and determining a user-configured security policy of the mobile device based on the certain location. The method further includes at least one of disabling and enabling, by the mobile device, one or more functions of the mobile device based on the determined user-configured security policy).


s 9-10 are rejected under 35 U.S.C. 103 as being unpatentable over Wilson (US Patent 9,727,669) in view of Fisk (US Patent Pub. 20130035063) and in view of Do (US Patent Pub. 20200288306). 

As per claim 9:  A method as in claim 8 wherein generating the security heat map defining the one or more security zones within the geographic region includes (See Fisk; Paragraph 4; receiving, by a mobile device, a message indicating that the mobile device is in a certain location, and determining a user-configured security policy of the mobile device based on the certain location. The method further includes at least one of disabling and enabling, by the mobile device, one or more functions of the mobile device based on the determined user-configured security policy):
Wilson in view of Fisk do not specifically disclose based on the first aggregate heat score selecting, among multiple selectable security levels, a first security level for the first area to provide at least a portion of a first security zone within the geographic region, and based on the second aggregate heat score selecting, among the multiple selectable security levels, a second security level for the second area to provide at least a portion of a second security zone within the geographic region that is different from the first security zone (See Do; Paragraph 34-36, 39; see, Fig.2 step 208 and 222, activates different security measures to authorize access to a network resource corresponding to different security risk predictions (risk level) based on the geographic locations of user device 12, risk level corresponding to different measures such as disabling any sensitive traffic at high risk level, and allowing logins to applications, features or network locations without passwords when it is low risk, restricts communications to emergency communications when high security risk).
Therefore, it would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains, having the teachings of Wilson in view of Fisk and in view of Do in it’s entirety, to modify the technique of Wilson for normalized heat scores for these geographic units are generated based on at least some of the generated raw heat scores by adopting Do's teaching for different security risk predictions (risk level) based on the geographic locations of user device. The motivation would have been to improve method of generating security heat maps associated with a geographic region.
As per claim 10:  A method as in claim 8 wherein generating the security heat map defining the one or more security zones within the geographic region includes (See Fisk; Paragraph 4; receiving, by a mobile device, a message indicating that the mobile device is in a certain location, and determining a user-configured security policy of the mobile device based on the certain location. The method further includes at least one of disabling and enabling, by the mobile device, one or more functions of the mobile device based on the determined user-configured security policy):
based on the first aggregate heat score selecting, among multiple selectable security levels, a particular security level for the first area to provide at least a portion of a particular security zone within the geographic region, and based on the second aggregate heat score selecting, among the multiple selectable security levels, the See Do; Paragraph 34-36, 39; see, Fig.2 step 208 and 222, activates different security measures to authorize access to a network resource corresponding to different security risk predictions (risk level) based on the geographic locations of user device 12, risk level corresponding to different measures such as disabling any sensitive traffic at high risk level, and allowing logins to applications, features or network locations without passwords when it is low risk, restricts communications to emergency communications when high security risk).


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANTHONY D BROWN whose telephone number is (571)270-1472.  The examiner can normally be reached on 730-330pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.







/ANTHONY D BROWN/Primary Examiner, Art Unit 2433