DETAILED ACTION	 
1	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office action is in reply to applicant communication filed on December 09, 2019. Claims 1-19 are pending. Claims 1, 11 and 18 are independent form are presented for examination.
IDS
2	The IDS filed on 02/25/2020, 03/24/2020, 08/26/2020 and 09/28/2020 have been considered.

Claim Objections
3	Claim 12 is objected to because of the following informalities:  
Claim 12 should be dependent on claim 11, not on claim 1.  
Appropriate correction is required.

	 Claim Rejections - 35 USC § 102
4	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

5	Claims 1, 2, 4-7, 10-12, 16 and 18 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Bush et al. (Bush, hereinafter) (U.S. Patent Application Publication No. 2014/0123276 A1).
Regarding claim 1, Bush discloses a method for computer security, the method comprising:
receiving an indication that a user is attempting to access a resource on a computing system ([0019] & [0025]; receiving user/component information that attempts a resource access request); 
determining a source identifier associated with the user ([0019] & [0025]; user or component data associated with the attempted access is identified); 
([0025] & [0018]; When an accessing component 14, 18, 22 is seeking access to an automation system component 24 the access control system receives from the component a request to access the system 12, as indicated at step 100. The access control system 10 then compares the component attributes to the attributes of all components that have been previously logged and authorized by the access control system 10…criteria 52 which contains attributes and the attributes such as user/accessing component identifying data that are being used for access permission, Fig. 2, 52 & 56) associated with the resource specifies the source identifier as allowable ([0018]-[0019], [0021], [0023] & [0025]; In this first operational state (e.g. maintenance state is a first/low restrictive criteria state, [0023] & Fig. 4, 78) less restrictive criteria are employed by the system 10 in making the decision 82 of whether the accessing component meets the criteria of interest. If the system determines that the less restrictive criteria are met by the accessing component, then the access control system allows the component access to the automation system… access to the automation system resource is allowed when the criteria is meet, Fig. 4, 84); and 
disallowing access to the resource when the source identifier is specified as not allowable ([0021]-[0022]; If the system determines that the criteria are not met by the accessing component, then the access control system denies the accessing component access to the automation system, as indicated at step 86…access to the automation system resource is disallowed, Fig. 4, 86).

Regarding claim 2, Bush further teaches the method of claim 1, further comprising: 
determining whether the computing system is executing maintenance mode ([0025] & [0021]; determining whether the system is working in a maintenance state… A decision 110 is made based on whether the operational state is currently in commissioning or maintenance mode, Fig. 5, 108-110); 
determining whether or not the resource can only be accessed in maintenance mode ([0025]; 106 access to the system resource is allowed only if 110 (or working in maintenance state is yes, See Fig. 5, 110-112-106 path), Fig. 5, 110-112-106); and 
controlling access based on whether or not (1) the source identifier is specified as allowable ([0025] & [0018]; at 102 components attributes including its identifier is compared to determine whether its access is allowed, Fig. 5, 102), (2) the resource can only be accessed in maintenance mode ([0025]; 106 access to the system resource is allowed only if 110 (or working in maintenance state) is yes, See Fig. 5, 110-112-106 path), and (3) the system is executing in maintenance mode ([0021]-[0023] & [0025]; system in first operational state, Fig. 4, 78 and/or Fig. 5, 100-112).


Regarding claim 4, Bush teaches the method of claim 1, wherein the receiving an indication that a user is attempting to access a resource on a computing system includes: 
receiving a user identifier associated with a process identifier that is associated with a program executing on the computing system ([0018]-[0019]; receiving user data 56 and target data 54 which include the information that the accessing component 14, 18, 22 wishes to send to or receive from the automation component 24 of interest).

Regarding claim 5, Bush further teaches the method of claim 1, wherein the receiving an indication that a user is attempting to access a resource on a computing system includes: 
receiving an indication that a program executed by the user is attempting to read, write, or execute a file ([0018]-[0019]; accessing/reading resources).

Regarding claim 6, Bush further teaches the method of claim 1, wherein the determining a source identifier associated with the user includes: receiving a network address of a computing system operated by the user ([0015]; the identifying information may include location information such as physical location, location on an internal network, or an external (e.g., Internet) location identifier).

Regarding claim 7, Bush teaches the method of claim 1, wherein the determining a source identifier associated with the user includes: receiving a hardware identifier of a computing system operated by the user ([0015] & [0018]-[0019]; component (non-human user) identifier information includes physical location and hardware type).

([0021]-[0022]; The access control system 10 may then send a message to the accessing component that it has been denied access. This message may contain detailed information about the criteria not met resulting in the denied access. The message may also contain information regarding the ability of an administrator to change the record 40 of the component attempt to access in order to meet the relevant criteria 52…i.e. a component/user given another chance to be executed in the second state/environment, Fig. 4).

Regarding claim 11, Bush further teaches a method for computer security, the method comprising: 
receiving an indication that a user is attempting to access a resource on a computing system ([0019] & [0025]; receiving user/component information that attempts a resource access request, Fig. 5, 100);
determining whether the computing system has been booted in maintenance mode ([0025] & [0021]; determining whether the system is working in a maintenance state… A decision 110 is made based on whether the operational state is currently in commissioning or maintenance mode, Fig. 5, 108-110); 
determining whether or not the resource can only be accessed in maintenance mode  ([0025]; 106 access to the system resource is allowed only if 110 (or working in maintenance state is yes, See Fig. 5, 110-112-106 path), Fig. 5, 110-112-106); and 
when the resource can only be accessed in maintenance mode and when the system has not been booted in maintenance mode, disallowing access to the resource ([0021]-[0022] & [0025]; If the system determines that the criteria are not met by the accessing component, then the access control system denies the accessing component access to the automation system, as indicated at step 86…since system is not operating/not booted in a maintenance state, access to the automation system resource is disallowed, Fig. 5, 114-116).


receiving a user identifier associated with a process identifier that is associated with a program executing on the computing system ([0018]-[0019]; receiving user data 56 and target data 54 which include the information that the accessing component 14, 18, 22 wishes to send to or receive from the automation component 24 of interest).

Regarding claim 16, Bush further teaches the method of claim 11, further comprising: 
determining a source identifier associated with the user ([0019] & [0025]; user or component data associated with the attempted access is identified); 
determining whether or not an access control list ([0025] & [0018]; When an accessing component 14, 18, 22 is seeking access to an automation system component 24 the access control system receives from the component a request to access the system 12, as indicated at step 100. The access control system 10 then compares the component attributes to the attributes of all components that have been previously logged and authorized by the access control system 10…criteria 52 which contains attributes and the attributes such as user/accessing component identifying data that are being used for access permission, Fig. 2, 52 & 56) associated with the resource specifies the source identifier as allowable ([0018]-[0019], [0021] & [0023]; In this first operational state (e.g. maintenance state is a first/low restrictive criteria state, [0023] & Fig. 4, 78) less restrictive criteria are employed by the system 10 in making the decision 82 of whether the accessing component meets the criteria of interest. If the system determines that the less restrictive criteria are met by the accessing component, then the access control system allows the component access to the automation system… access to the automation system resource is allowed when the criteria is meet, Fig. 4, 84 & Fig. 5, 102 or 112); and 
controlling access based on whether or not (1) the source identifier is specified as allowable ([0025] & [0018]; at 102 components attributes including its identifier is compared to determine whether its access is allowed, Fig. 5, 102), (2) the resource can only be accessed in maintenance mode ([0025]; 106 access to the system resource is allowed only if 110 (or working in maintenance state) is yes, See Fig. 5, 110-112-106 path), and (3) the system is executing in maintenance mode ([0021]-[0023] & [0025]; system in first operational state, Fig. 4, 78 and/or Fig. 5, 100-112).

Regarding claim 18, Bush teaches a system for computer security, the system comprising: 
a processor (processing circuitry 44, Fig. 1); and 
a module (memory circuitry 46) configured, when executed by the processor, to: 
receive an indication that a user is attempting to access a resource on the computing system ([0019] & [0025]; receiving user/component information that attempts a resource access request, Fig. 5, 100);
 determining a source identifier associated with the user ([0018]-[0019] & [0025]; user or component data associated with the attempted access is identified); 
determine whether or not an access control list ([0025] & [0018]; When an accessing component 14, 18, 22 is seeking access to an automation system component 24 the access control system receives from the component a request to access the system 12, as indicated at step 100. The access control system 10 then compares the component attributes to the attributes of all components that have been previously logged and authorized by the access control system 10…criteria 52 which contains attributes and the attributes such as user/accessing component identifying data that are being used for access permission, Fig. 2, 52 & 56) associated with the resource specifies the source identifier as allowable ([0018]-[0019], [0021] & [0023]; In this first operational state (e.g. maintenance state is a first/low restrictive criteria state, [0023] & Fig. 4, 78) less restrictive criteria are employed by the system 10 in making the decision 82 of whether the accessing component meets the criteria of interest. If the system determines that the less restrictive criteria are met by the accessing component, then the access control system allows the component access to the automation system… access to the automation system resource is allowed when the criteria is meet, Fig. 4, 84 & Fig. 5, Fig. 5, 102);
determine whether the computing system is executing maintenance mode ([0025] & [0021]; determining whether the system is working in a maintenance state… A decision 110 is made based on whether the operational state is currently in commissioning or maintenance mode, Fig. 5, 108-110); 
([0025]; 106 access to the system resource is allowed only if 110 (or working in maintenance state is yes, See Fig. 5, 110-112-106 path), Fig. 5, 110-112-106); and
control access based on whether or not (1) the source identifier is specified as allowable ([0025] & [0018]; at 102 components attributes including its identifier is compared to determine whether its access is allowed, Fig. 5, 102), (2) the resource can only be accessed in maintenance mode ([0025]; 106 access to the system resource is allowed only if 110 (or working in maintenance state) is yes, See Fig. 5, 110-112-106 path), and (3) the system is executing in maintenance mode ([0021]-[0023] & [0025]; system in first operational state, Fig. 4, 78 and/or Fig. 5, 100-112).

Claim Rejections - 35 USC § 103
6	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

7	Claim 3, 13 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Bush et al. (Bush, hereinafter) (U.S. Patent Application Publication No. 2014/0123276 A1) in view of Ono et al. (Ono, hereinafter) (JP2006001087A). 
Regarding claim 3, But Bush didn’t explicitly disclose the limitation of claim 3.
However, Ono in analogous art, discloses wherein the determining whether the computing system is executing maintenance mode includes: 
determining (Page 4, para. 6; S14 determination step) whether an operating system executing on the computing system is operating in single-user diagnostic mode (Page 4, para. 6-7 & Page 3, para. 6-10; when the password for special mode transition is received by the input receiving unit 42, that is, when the password is input by the operator (S14: YES), the control device 40 determines that the control device 40 is the image forming apparatus 1. The operation mode is changed from the normal mode to the maintenance mode, and the image forming apparatus 1 is operated in the maintenance mode (S15)…special mode whose use should be limited to a specific administrator. Here, the special mode is a maintenance mode for maintenance (also referred to as a diagnosis mode or a service mode) whose use is permitted only by a maintenance engineer…single-user diagnostic mode).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Ono to the system of Bush in order to optimize the system performance my designating specialized personnel for system maintenance.

Regarding claim 13, But Bush didn’t explicitly disclose the limitation of claim 13.
However, Ono in analogous art, discloses wherein the determining whether the computing system has been booted in maintenance mode includes: 
determining (Page 4, para. 6; S14 determination step) whether an operating system executing on the computing system is operating in single-user diagnostic mode (Page 4, para. 6-7 & Page 3, para. 6-10; when the password for special mode transition is received by the input receiving unit 42, that is, when the password is input by the operator (S14: YES), the control device 40 determines that the control device 40 is the image forming apparatus 1. The operation mode is changed from the normal mode to the maintenance mode, and the image forming apparatus 1 is operated in the maintenance mode (S15)…special mode whose use should be limited to a specific administrator. Here, the special mode is a maintenance mode for maintenance (also referred to as a diagnosis mode or a service mode) whose use is permitted only by a maintenance engineer…single-user diagnostic mode).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Ono to the system of Bush in order to optimize the system performance my designating specialized personnel for system maintenance.

Regarding claim 14, But Bush didn’t explicitly disclose the limitation of claim 14.

determining (Page 4, para. 6; S14 determination step) whether an operating system executing on the computing system is operating in a mode that allows only administrative users to log in (Page 4, para. 6-7 & Page 3, para. 6-10; when the password for special mode transition is received by the input receiving unit 42, that is, when the password is input by the operator (S14: YES), the control device 40 determines that the control device 40 is the image forming apparatus 1. The operation mode is changed from the normal mode to the maintenance mode, and the image forming apparatus 1 is operated in the maintenance mode (S15)…special mode whose use should be limited to a specific administrator. Here, the special mode is a maintenance mode for maintenance (also referred to as a diagnosis mode or a service mode) whose use is permitted only by a maintenance engineer…single-user diagnostic mode).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Ono to the system of Bush in order to optimize the system performance my designating specialized personnel for system maintenance.

8	Claim 8, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Bush et al. (Bush, hereinafter) (U.S. Patent Application Publication No. 2014/0123276 A1) in view of Hydell et al. (Hydell, hereinafter) (U.S. Patent Application Publication No. 2019/0312872 A1).
Regarding claim 8, Bush doesn’t explicitly disclose the limitations of claim 8. However, Hydell in analogous art, teaches wherein the determining a source identifier associated with the user includes: 
receiving a token generated during an authentication process between the user and the computing system; and determining the source identifier based on the token ([0003]; Before allowing the subject to access a resource, the system checks to determine whether the access token for the subject is authorized to access the object and complete the desired task. The system does this by comparing information in the access token with access control entries contained in an access control list for the resource). 


Regarding claim 17, Bush doesn’t explicitly disclose the limitations of claim 17. However, Hydell in analogous art, teaches wherein the determining whether the computing system has been booted in maintenance mode includes: 
receiving a token generated during an authentication process between the user and the computing system ([0003]; The system does this by comparing information in the access token with access control entries contained in an access control list for the resource) ; and 
determining the source identifier based on the token ([0003]; Before allowing the subject to access a resource, the system checks to determine whether the access token for the subject is authorized to access the object and complete the desired task. The system does this by comparing information in the access token with access control entries contained in an access control list for the resource). 
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Hydell to the system of Bush in order to optimize the security of the stored files and its associated metadata.

9	Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Bush et al. (Bush, hereinafter) (U.S. Patent Application Publication No. 2014/0123276 A1) in view of Frerking (U.S. Patent Application Publication No. 2006/0076404 A1).
Regarding claim 9, Bush doesn’t explicitly disclose the limitations of claim 9. 
However, Frerking in analogous art, teaches wherein the disallowing access to the resource includes: 
terminating the program ([0019]; terminate authorization), suspending the program, and/or raising an exception.


10	Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Bush et al. (Bush, hereinafter) (U.S. Patent Application Publication No. 2014/0123276 A1) in view of Kavuri et al. (Kavuri, hereinafter) (U.S. Patent Application Publication No. 2005/0226059 A1).
Regarding claim 15, Bush doesn’t explicitly disclose the limitations of claim 15. 
However, Kavuri in analogous art, teaches wherein the determining whether the computing system has been booted in maintenance mode includes: 
determining whether an operating system executing on the computing system is operating in a mode that allows log in only from a local console ([0326]; A system setting determines which state of operation is entered when the system is powered up. Normally this will be set to online, but a lower level can be set to allow diagnostics or maintenance to be performed without starting the complete system… Note that when the system is in diagnostic (maintenance) mode, the only access is via direct logon (i.e.no network access). The web server is disabled in this mode, so remote CLI commands and the GUI are not available).
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Kavuri to the system of Bush in order to optimize the system control operation.

11	Claim 19 is rejected under 35 U.S.C. 103 as being unpatentable over Bush et al. (Bush, hereinafter) (U.S. Patent Application Publication No. 2014/0123276 A1) in view of Batten (U.S. Patent Application Publication No. 2018/0191510 A1).
Regarding claim 19, Bush doesn’t explicitly disclose the limitations of claim 19. 
([0070]; a secure on-board storage module 806) that checks a digital signature of every code module executed during system startup ([0070]-[0071]; Secure boot chain module 808 is configured such that during the device boot up (i.e. startup) process associated with digital license plate 804, each boot stage is verified by a preceding boot stage before the boot stage is executed). 
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention was made to utilize the teaching of Batten to the system of Bush in order to optimize the security of the stored files and its associated metadata.
.

Conclusion
12	Any inquiry concerning this communication or earlier communications from the examiner should be directed to MELAKU Y HABTEMARIAM whose telephone number is (571)272-8373.  The examiner can normally be reached on Mon - Fri 9 am - 5pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, joon Hwang can be reached on 5712724036.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).




/M. H. /
Melaku Habtemariam
Examiner, Art Unit 2447
8/20/21

/JOON H HWANG/Supervisory Patent Examiner, Art Unit 2447