DETAILED ACTION
The Amendment filed on June 22th, 2021 has been entered and made of record.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative, Mr. Ankur Garg on September 10th, 2021. During the telephone conference, Mr. Garg has agreed and authorized the Examiner to amend claims 1, 3, 5, 7, 10, 12, 14, 16 & 19 and to cancel claims 2, 4, 11, 13 & 20.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Claims
Replacing claims 1, 3, 5, 7, 10, 12, 14, 16 & 19 and canceling claims 2, 4, 11, 13 & 20 as following:
Claim 1: (Currently Amended) A method of authenticating a user of a computer system, wherein the user accesses the computer system using a computing device through a 
receiving, from the computing device, authentication credentials;
determining that the authentication credentials match an authorized user of the computer system;
extracting from the computing device values of features of the computing device;
retrieving a machine learning (ML) model associated with the authorized user, wherein the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model;
executing the ML model to authenticate the values of features of the computing device;
based on the values of features of the computing device not being authenticated by the ML model, performing a secondary authentication process to determine whether a user using the computing device is the authorized user;
based at least in part on the executing the ML model, providing the computing device access to a virtual desktop running within a virtual computing instance (VCI) of the computer system; and

based on the secondary authentication process determining that the user using the computing device is the authorized user:
when the ML model is an unsupervised ML model, refitting the ML model such that bounds of normal data points encompass a data point represented by the values of features of the computing device; or
when the ML model is a supervised ML model, adding the extracted values of features to a historical training file and retraining the supervised ML model using the historical training file.

Claim 2: (Canceled)

Claim 3: (Currently Amended) The method of claim [[2]] 1, wherein the ML model is 

Claim 4: (Canceled)

Claim 5: (Currently Amended) The method of claim [[4]] 1, wherein the ML model is a logistic regression model.

Claim 7: (Currently Amended) The method of claim 1, the method further comprising, subsequent to the executing the ML model to authenticate the values of features of the computing device:
assigning the VCI to the computing device, wherein the VCI is executing within a host computer of the computer system;
establishing a user session within the VCI for the computing device; and
frames of [[a]] the virtual desktop to the computing device.

Claim 10: (Currently Amended) A non-transitory computer readable medium comprising instructions to be executed in a processor of a computer system, the instructions when executed in the processor cause the computer system to carry out a method of authenticating a user of [[a]] the computer system, wherein the user accesses the computer system using a computing device through a network, wherein the computer system implements a virtual desktop infrastructure (VDI), the method comprising:
receiving, from the computing device, authentication credentials;
determining that the authentication credentials match an authorized user of the computer system;
extracting from the computing device values of features of the computing device;
retrieving a machine learning (ML) model associated with the authorized user, wherein the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model; 
executing the ML model to authenticate the values of features of the computing device; 
based on the values of features of the computing device not being authenticated by the ML model, performing a secondary authentication process to determine whether a user using the computing device is the authorized user;
at least in part on the executing the ML model, providing the computing device access to a virtual desktop running within a virtual computing instance (VCI) of the computer system; and

based on the secondary authentication process determining that the user using the computing device is the authorized user:
when the ML model is an unsupervised ML model, refitting the ML model such that bounds of normal data points encompass a data point represented by the values of features of the computing device; or
when the ML model is a supervised ML model, adding the extracted values of features to a historical training file and retraining the supervised ML model using the historical training file.

Claim 11: (Canceled)

Claim 12: (Currently Amended) The non-transitory computer readable medium of claim [[1]] 10, wherein the ML model is 

Claim 13: (Canceled)

Claim 14: (Currently Amended) The non-transitory computer readable medium of claim [[13]] 10, wherein the ML model is a logistic regression model.

Claim 16: (Currently Amended) The non-transitory computer readable medium of claim 10, the method further comprising, subsequent to the executing the ML model to authenticate the values of features of the computing device:
assigning the VCI to the computing device, wherein the VCI is executing within a host computer of the computer system;
establishing a user session within the VCI for the computing device; and
executing a VDI client within the VCI, the VDI client configured to transmit frames of [[a]] the virtual desktop to the computing device.

Claim 19: (Currently Amended) A computer system comprising:
a network;
a machine learning (ML) model; and
a hardware processor, wherein the hardware processor is programmed to carry out a method of authenticating a user of the computer system, wherein the user accesses the computer system using a computing device through a network, wherein the computer system implements a virtual desktop infrastructure (VDI), the method comprising:
receiving, from the computing device, authentication credentials;
determining that the authentication credentials match an authorized user of the computer system;

retrieving the ML model associated with the authorized user, wherein the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model; 
executing the ML model to authenticate the values of features of the computing device; 
based on the values of features of the computing device not being authenticated by the ML model, performing a secondary authentication process to determine whether a user using the computing device is the authorized user;
based at least in part on the executing the ML model, providing the computing device access to a virtual desktop running within a virtual computing instance (VCI) of the computer system; and

based on the secondary authentication process determining that the user using the computing device is the authorized user:
when the ML model is an unsupervised ML model, refitting the ML model such that bounds of normal data points encompass a data point represented by the values of features of the computing device; or
when the ML model is a supervised ML model, adding the extracted values of features to a historical training file and retraining the supervised ML model using the historical training file.

Claim 20: (Canceled)

Examiner’s Statement of reason for Allowance
Claims 2, 4, 11, 13 and 20 were canceled. Claims 1, 3, 5-10, 12, 14-19 and 21 are allowed.
The following is an examiner’s statement of reasons for allowance:
The present invention is directed a method, a non-transitory computer readable medium and a system for secure digital workspace using machine learning and microsegmentation. The closest prior arts, as previously recited, Altman (U.S. Patent Number 10,924,514) and Toth (U.S. Pub. Number 2019/0245877) are also generally direct to various aspects for detection of adversaries through collection and correlation of assessments and adversarial input identification using reduced precision deep neural networks. However, none of Altman and Toth teaches or suggests, alone or in combination, the particular combinations of steps or elements as recited in the independent claims 1, 10 and 19. For example, none of the cited prior arts teaches or suggests the elements of “receiving, from the computing device, authentication credentials; determining that the authentication credentials match an authorized user of the computer system; extracting from the computing device values of features of the computing device; retrieving a machine learning (ML) model associated with the authorized user, wherein the ML model is at least one of (a) a supervised ML model or (b) an unsupervised ML model; executing the ML model to authenticate the values of features of the computing device; based on the values of features of the computing device not being authenticated by the ML model, performing a secondary authentication process to determine whether a user using the computing device is the authorized user; based at least in part on the executing the ML model, providing the computing device access to a virtual desktop running within a virtual computing instance (VCI) of the computer system; and based on the secondary authentication process determining that the user using the computing device is the authorized user: when the ML model is an unsupervised ML model, refitting the ML model such that bounds of normal data points encompass a data point represented by the values of features of the computing device; or when the ML model is a supervised ML model, adding the extracted values of features to a historical training file and retraining the supervised ML model using the historical training file.” Therefore, the claims are allowable over the cited prior arts.
Claims 3, 5-9, 11-12, 14-18 & 21 are allowed because of their dependence from independent claims 1, 10 & 19.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
           
Conclusion

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KHOI V LE/
Primary Examiner, Art Unit 2436