Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/04/21 has been entered.
This office action is in response to correspondence 10/04/21 regarding application 16/801,984, in which claims 1 and 11 were amended. Claims 1-11 and 13-20 are pending in the application and have been considered.

Response to Arguments
Applicant has amended independent claims 1 and 11 such that the claim language requires that “the first communication is in a format unreadable by a second application” and that “the mediated communication including a translated attribute from the first communication that is in a format readable and processable by the second application”, and argues that the amended claims are patentably distinct from O’Neill and Goode. The examiner respectfully disagrees. Goode teaches receiving a natural language policy text 102 in a Microsoft word document, which is fairly considered “unreadable” to access control software application running on access control system, because access control system requires a policy file in its desired format, e.g. XACML or NGAC, see Fig 7, step 704, Col 8 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-5 and 9-11, and 13-20 are rejected under 35 U.S.C. 103 as being unpatentable over O’Neill et al. (8,769,642) in view of Good et al. (10,606,957).

Consider claim 1, O’Neill discloses a non-transitory computer readable medium including instructions that, when executed by at least one processor (computer readable medium, Col 9 lines 23-32), cause the at least one processor to perform operations for automatically mediating among diversely 
O’Neill does not specifically mention a first communication is in a format unreadable by a second application; applying a natural language processing protocol to the first communication to extract a plurality of features from the first communication; normalizing, based on the application of the natural language processing protocol and the extracted features, the first communication; and a translated attribute in a format readable and processable by the second application.
Good discloses a first communication is in a format unreadable by a second application (natural language policy text 102 in a Microsoft word document is “unreadable” to access control software application running on access control system, which requires a policy file in its desired format, e.g. XACML or NGAC, Fig 7, step 704, Col 8 lines 28-34, lines 53-58) applying a natural language processing protocol to the first communication to extract a plurality of features from the first communication (the process 500 for identification and translation of natural language policy rules is shown. Once a natural 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of O’Neill by including a first communication is in a format unreadable by a second application; applying a natural language processing protocol to the first communication to extract a plurality of features from the first communication; normalizing, based on the application of the natural language processing protocol and the extracted features, the first communication; and a translated attribute in a format readable and processable by the second application in order to address the disconnect between authors of security policy and cyber security engineers, as suggested by Good (Col 1 lines 14-30).

Consider claim 11, O’Neill discloses a computer-implemented method for automatically mediating among diversely structured operational policies, the method comprising: identifying a first communication of a first application or a first code instance that is associated with a first operational policy, the first operational policy having a vocabulary and a syntax (distributed computing environment utilizing communication links, Col 9 lines 33-37, user specified policy, Col 15 lines 38-67); applying a language processing protocol to the first communication (user-specified policies may be transformed or processed into a normal policy form, Col 6 lines 34-36); normalizing, based on the application of the 
O’Neill does not specifically mention a first communication is in a format unreadable by a second application; applying a natural language processing protocol to the first communication to extract a plurality of features from the first communication; normalizing, based on the application of the natural language processing protocol and the extracted features, the first communication; and a translated attribute in a format readable and processable by the second application.
Good discloses a first communication is in a format unreadable by a second application (natural language policy text 102 in a Microsoft word document is “unreadable” to access control software application running on access control system, which requires a policy file in its desired format, e.g. XACML or NGAC, Fig 7, step 704, Col 8 lines 28-34, lines 53-58) applying a natural language processing protocol to the first communication to extract a plurality of features from the first communication (the process 500 for identification and translation of natural language policy rules is shown. Once a natural language policy text 102 is input into the policy composer 104, various natural language processing tasks are performed on the text, to include but not be limited to named entity recognition, part-of-speech tagging, lemmatization, and morphological segmentation in step 502, Fig 5, Col 5-6 lines 63-7); normalizing, based on the application of the natural language processing protocol and the extracted features, the first communication (the conversion into XACML is considered “normalizing” since it can then be imported into any XACML compliant system in step 512, Fig 5, Col 6 lines 7-59); and a translated 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of O’Neill by including a first communication is in a format unreadable by a second application; applying a natural language processing protocol to the first communication to extract a plurality of features from the first communication; normalizing, based on the application of the natural language processing protocol and the extracted features, the first communication; and a translated attribute in a format readable and processable by the second application for reasons similar to those for claim 1.


Consider claim 2, O’Neill discloses the mediated communication is an instruction for the first operational policy to take precedence over a second operational policy (different policies may enforce different or overlapping regions of the policy space, therefore which policy is being enforced on a particular region is considered to take precedence, Col 17 lines 19-49).

Consider claim 3, O’Neill discloses the mediated communication is an instruction for the first application or the first code instance to take precedence over the second application or the second code instance (different policies may enforce different or overlapping regions of the policy space, therefore which policy is being enforced on a particular region is considered to take precedence, Col 17 lines 19-49).



Consider claim 5, O’Neill discloses the mediated communication is transmitted to a control application that is configured to control the second application (policy management service 602, Fig 6).

Consider claim 9, O’Neill discloses the operations further comprise applying a security policy for the first communication (security measure through privileges, Col 31 lines 5-29).

Consider claim 10, O’Neill discloses the security policy is a least-privilege security policy (security measure through privileges, Col 31 lines 5-29).

Consider claim 13, O’Neill discloses the translated attribute is based on a translated portion of the vocabulary or syntax (generating normalized policies corresponding to the user-specified policies, Col 16 lines 1-9).

Consider claim 14, O’Neill discloses the translated attribute is a rule defined by a condition and an action (the policy indexes the normalized policy set 608 with respect to multiple different policy elements 408-414, Col 17 lines 19-49).

Consider claim 15, O’Neill discloses sending the mediated communication to a control application (policy management service 602, Fig 6).



Consider claim 17, O’Neill discloses the control application is configured to identify anomalous or potentially malicious actions (anomalous behavior diagnosis, Col 11 lines 15-20).

Consider claim 18, O’Neill discloses the control application is configured to transmit the first communication to the second application (transmissions between devices in distributed computing environment utilizing communication links, Col 9 lines 33-37).

Consider claim 19, O’Neill discloses normalizing the first communication includes modifying the first communication to adhere to a reference vocabulary or a reference syntax (generating normalized policies corresponding to the user-specified policies, Col 16 lines 1-9).

Consider claim 20, O’Neill discloses the reference vocabulary and the reference syntax are developed based on the language processing protocol (user-specified policies may be transformed or processed into a normal policy form, Col 6 lines 34-36).
O’Neill does not specifically mention natural language.
Good discloses natural language (the process 500 for identification and translation of natural language policy rules is shown. Once a natural language policy text 102 is input into the policy composer 104, various natural language processing tasks are performed on the text, to include but not be limited to named entity recognition, part-of-speech tagging, lemmatization, and morphological segmentation in step 502, Fig 5, Col 5-6 lines 63-7).
.



Claims 6 and 7 are rejected under 35 U.S.C. 103 as being unpatentable over O’Neill et al. (8,769,642) in view of Good et al. (10,606,957), in further view of Han et al. (“Automatically Constructing a Normalisation Dictionary for Microblogs”. Proceedings of the 2012 Joint Conference on Empirical Methods in Natural Language Processing and Computational Natural Language Learning, pages 421-432, Jeju Island, Korea, 12-14 July 2012).

Consider claim 6, O’Neill and Good do not, but Han discloses the operations further comprise identifying a conflict of form among the first communication and a second communication; and wherein the normalizing is further based on the identified conflict of form (lexical normalization of conflicting variants found in tweets such as “tmrw” and “2morw” are normalized to “tomorrow”, pages 421-422).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of O’Neill and Good such that the operations further comprise identifying a conflict of form among the first communication and a second communication; and wherein the normalizing is further based on the identified conflict of form in order to improve speed and simplicity, as suggested by Han (page 422).




It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of O’Neill and Good such that the operations further comprise identifying a conflict among the mediated communication and a second communication for reasons similar to those for claim 6.

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over O’Neill et al. (8,769,642) in view of Good et al. (10,606,957), in further view of Mahaffey et al. (2015/0188949).
Consider claim 8, O’Neill and Good do not, but Mahaffey discloses the operations further comprise generating a recommendation for implementing a security control for the first communication ([0310], Fig 13).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of O’Neill and Good such that the operations further comprise generating a recommendation for implementing a security control for the first communication in order to protect against threats, as suggested by Mahaffey ([0003]).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
2018/0302443 Weiss discloses dividing a data processing device into separate security domains, each with their own policies, which are mediated
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jesse Pullias whose telephone number is 571/270-5135. The examiner can normally be reached on M-F 8:00 AM - 4:30 PM. The examiner’s fax number is 571/270-6135.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Andrew Flanders can be reached on 571/272-7516. 

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).


/Jesse S Pullias/
Primary Examiner, Art Unit 2655                                         11/22/21