DETAILED ACTION
The Amendment filed on July 27th, 2021 has been entered and made of record.
Authorization for this Examiner’s Amendment was given in a telephone interview with Applicant’s representative, Mr. Nouri Babak on September 20th, 2021. During the telephone conference, Mr. Babak has agreed and authorized the Examiner to amend claims 1 & 11.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Examiner’s Amendment
An Examiner’s Amendment to the record appears below. Should the changes and/or additions be unacceptable to the Applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Claims
Replacing claims 1 & 11 as following:
Claim 1: (Currently Amended) A computer-implemented method for secure deployment of at least one application identity manager (AIM) security agent, the method comprising:            

authenticating, by an AIM helper web server, the change request, using a secure request fingerprint validation process, wherein the secure request fingerprint validation process comprises:
verifying a source internet protocol (IP) address and a hostname of the requesting server asserted in the change request message using a domain name server  (DNS);
confirming that the hostname asserted in the change request exists in a configuration management database (CMDB) and an approved change record for the installation of at least one AIM security agent on the requesting server exists on a change management server, wherein an approval for the installation of the at least one AIM security agent on the requesting server is obtained, by the change management server, based on information defined in the CMDB;  
, by the AIM helper web server, to a command line interface (CLI) based web service proxy to create a one-time temporary registration passcode for the [[an]] AIM client agent running on the requesting server based on successful completion of  the secure request fingerprint validation process;
sending the one-time temporary registration passcode to the requesting server, the one-time temporary registration passcode being used by the requesting server to securely register the AIM client agent with a selected password vault instance from a plurality of 
, by the AIM client agent, a continuously changing connection token for maintaining secure communication with the selected password vault, wherein the one-time temporary registration passcode is invalidated after registering the AIM client agent with the selected password vault instance using the one-time temporary registration passcode.


Claim 11: (Currently Amended) A computer-implemented system for secure deployment of at least one application identity manager (AIM) security agent, the system comprising:
an electronic memory; and
a computer processor, wherein the computer process is programmed to:
generate, by a requesting server, a change request for installation of at least one AIM security agent, to obtain secure access credentials to one or more computing resources associated with an information technology (IT) system;
authenticate 

confirm that the hostname asserted in the change request exists in a configuration management database (CMDB) and an approved change record for the installation of at least one AIM security agent on the requesting server exists on a change management server, wherein an approval for the installation of the at least one AIM security agent on the requesting server is obtained, by the change management server, based on information defined in the CMDB;
based on successful completion of the secure request fingerprint validation process; 
send the one-time temporary registration passcode to the requesting server, the one-time temporary registration passcode being used by the requesting server to securely register the AIM client agent with a selected password vault instance from a plurality of password vault instances accessible via the CLI-based web service proxy, wherein the selected password vault instance is determined by combining information associated with the AIM client agent configuration and the one-time temporary registration passcode; and
, by the AIM client agent, a continuously changing connection token to maintain secure communication with the selected password vault, wherein the one-time temporary registration passcode is invalidated after the AIM client agent is registered with the selected password vault instance using the one-time temporary registration passcode.

Examiner’s Statement of reason for Allowance
Claims 3-6 and 13-16 were canceled. Claims 1-2, 7-12 and 17-20 are allowed.
The following is an examiner’s statement of reasons for allowance:
The present invention is directed system and method for data security management. The closest prior arts, as previously recited, Cross (U.S. Pub. Number 2004/0162786) and Motukuru (U.S. Pub. Number 2017/0118249) are also generally direct to various aspects for digital identity management and managing security agents in a distributed environment. However, none of Cross and Motukuru teaches or suggests, alone or in combination, the particular combinations of steps or elements as recited in the independent claims 1 and 11. For example, none of the cited prior arts teaches or suggests the elements of “generating, by a requesting server, a change request for installation of at least one AIM security agent, to obtain secure access credentials to one or more computing resources associated with an information technology (IT) system; authenticating, by an AIM helper web server, the change request, using a secure request fingerprint validation process, wherein the secure request fingerprint validation process comprises: verifying a source internet protocol (IP) address and a hostname of the requesting server asserted in the change request message using a domain name server  (DNS); confirming that the hostname asserted in the change request exists in a configuration management database (CMDB) and an approved change record for the installation of at least one AIM security agent on the requesting server exists on a change management server, wherein an approval for the installation of the at least one AIM security agent on the requesting server is obtained, by the change management server, based on information defined in the CMDB; connecting, by the AIM helper web server, to a command line interface (CLI) based web service proxy to create a one-time temporary registration passcode for the AIM client agent running on the requesting server based on successful completion of  the secure request fingerprint validation process; sending the one-time temporary registration passcode to the requesting server, the one-time temporary registration passcode being used by the requesting server to securely register the AIM client agent with a selected password vault instance from a plurality of password vault instances accessible via the CLI-based web service proxy, wherein the selected password vault instance is determined by combining information associated with the AIM client agent configuration and the one-time temporary registration passcode; and generating, by the AIM client agent, a continuously changing connection token for maintaining secure communication with the selected password vault, wherein the one-time temporary registration passcode is invalidated after registering the AIM client agent with the selected password vault instance using the one-time temporary registration passcode.” Therefore, the claims are allowable over the cited prior arts.
Claims 2, 7-10, 12 & 17-20 are allowed because of their dependence from independent claims 1 & 11.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
           
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087.  The examiner can normally be reached on 9:00 AM - 5:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KHOI V LE/
Primary Examiner, Art Unit 2436