DETAILED ACTION
This office action is in response to the original application filed on January 22, 2019.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Claims 1-20 are pending.


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider 

Claims 1-6, 8-11, and 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over Jayanti Venkata (US Pub. No. 2016/0088021) in view of Digiambattista (US Pub. No. 2017/0017795).

	As per claim 1 Jayanti Venkata discloses:
A computer-implemented method, comprising: (paragraph 12 of Jayanti Venkata, a method may be implemented by the computer system).
Receiving a request to monitor compliance of an enterprise infrastructure; (paragraph 55 of Jayanti Venkata, device access management system 120 may allow a remote device to access enterprise computer system 150 if a request is from a user identity associated with an identity of the remote device).
Generating an infrastructure change that is associated with the compliance of the enterprise infrastructure, based at least in part on a set of predetermined criteria; (paragraph 89 of Jayanti Venkata, information about endpoint device 380 may be determined based on communication between endpoint device 380 and device access management system 120, such as when device synchronization does not occur. In some embodiments, multiple non-compliances can be identified when compliance is assessed. The non-compliances may be related or may correspond to different types of non-compliance) and (paragraph 90 of Jayanti Venkata, device access management system 120 may assess compliance of endpoint device 380 by determining whether endpoint device 380 has been used in a non-compliant manner. Compliance may be assessed based on a compliance policy for accessing an enterprise system. A compliance policy may define non-compliances of a remote device. Examples of non-compliances are described with reference to FIGS. 7 and 8. Non-compliances may include, for example, non-conforming password, installation of an unauthorized application, inactivity of use of a remote device, altering hardware or software on a remote device, or losing a remote device)
adjusting a security configuration of a remote device in a manner that is non-compliant with a security policy for accessing an enterprise system, password policy violation (e.g., non-conforming password for a remote device), loss of a remote device, theft of a remote device, or inactivity corresponding to use of a remote device).
Generating a first set of event metadata associated with the one or more infrastructure change events; (paragraph 90 of Jayanti Venkata, in some embodiments, non-compliance may be determined based on one or more compliance rules indicated by the compliance policy. A non-compliance rule may be defined based one or more non-compliances. In some embodiments, a non-compliance rule may be defined for one or more user roles. Device access management 120 may determine a user role associated with an identity of a user registered for endpoint device 380).
Identifying at least one infrastructure change event of the one or more infrastructure change events that corresponds to a non-compliance of the enterprise infrastructure, based at least in part on the set of predetermined criteria; (paragraph 89 of Jayanti Venkata, Information about endpoint device 380 may be determined based on communication between endpoint device 380 and device access management system 120, such as when device synchronization does not occur. In some embodiments, multiple non-compliances can be identified when compliance is assessed. The non-compliances may be related or may correspond to different types of non-compliance) and (paragraph 90 of Jayanti Venkara, non-compliances may include, for example, non-conforming password, installation of an unauthorized application, inactivity of use of a remote device, altering hardware or software on a remote device, or losing a remote device).
Retrieving, from a policy database, a remedial response associated with the non- compliance of the enterprise infrastructure; (paragraph 59 of Jayanti Venkata, policies may be stored in and accessed from policy store 164 in data stores 160. Examples of policies may include, without limitation, enrollment policies, compliance policies, workspace policies, and device policies. Policies may be defined by an administrator of enterprise computer system 150 …. In some embodiments, device access management system 120 can perform remedial actions to adjust access for a remote device based on a policy. Device access management system 120 may communicate instructions to a remote device to instruct the remote device to take remedial action in response to compliance according to a policy. Notifications can be sent to remote devices 108 to inform them of compliance and/or non-compliance with a policy and a time period for compliance).
Jayanti Venkata teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
In response to executing the remedial response, analyzing a second set of event metadata associated with the at least one infrastructure change event to determine an effectiveness of the remedial response; and generating a verification report for the enterprise infrastructure.
 However, in the same field of endeavor, Digiambattista teaches this limitation as, (paragraph 61 of Digiambattista, an analytics engine 308 may then run analytics routines 310(a)-310(n) from time to time to identify threats. When a threat 312 is detected, the analytics engine 308 may create a record and populate the analytics store 306) and (paragraph 63 of Digiambattisa, a reporting tool 322 creates reports 324(a)-324(o) based on the records of the analytics store 306 and surfaces the availability of those reports on dashboard 302. In some cases, the reporting tool 322 make be invoked by the remediation engine 314 to surface recommended responses as recommendations).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and include the above limitation using the teaching of Digiambattista in order to secure the computing system by investigating the possible threat and report.

As per claim 2 Jayanti Venkata in view of Digiambattista discloses:
The computer-implemented method of claim 1, wherein the enterprise infrastructure corresponds to one of an organization conducting a compliance audit, a third-party agency monitoring enterprise-level compliance, or a government agency monitoring enterprise-level compliance with a set of regulations. (Paragraph 38 of Jayanti Venkata, computing system 100 may be part of an enterprise system implemented for an enterprise. Computing system 100 may include enterprise computer system 150, which provides access to one or more resources 152 provided by the enterprise system …. Resources 152 may be provided be enterprise computer system 150 or hosted by a third party provider and provided to remote devices by enterprise computer system 150).

As per claim 3 Jayanti Venkata in view of Digiambattista discloses:
The computer-implemented method of claim 1, wherein the enterprise infrastructure is associated with a third-party agency tasked with monitoring compliance of an enterprise- level cyber security system, (Paragraph 44 of Jayanti Venkata, security access system 110 may provide services to authenticate a user of a remote device. Security access system 110 may communicate with a user access management system 130 to obtain authorization for a user of a remote device).
Wherein the request further includes a set of predetermined criteria, the set of predetermined criteria including at least one predetermined criteria to verify performance of a preemptive or remedial cybersecurity action that indicates compliance of the enterprise-level cyber security system. (Paragraph 104 of Jayanti Venkata, Device access management system 120 may perform operations 410 to determine access to the resource(s) indicated by request 402. Compliance may be assessed to determine access to a resource. In some embodiments, access to resource(s) may be denied entirely based on a non-compliance. However, access to resources may be determined based on a level of non-compliance assessed for the non-compliance) and (paragraph 41 of Jayanti Venkata, Device access management system 120 may manage access by remotes devices 108 to resources 152 based on assessing compliance of each of remote devices 108. In some embodiments, access to resources 152 may be controlled with respect to each resource, such that access to each resource is determining individually. Based on a level of non-compliance, access to some of resources 152 may be permitted, while access to some of resources 152 may be denied)

As per claim 4 Jayanti Venkata in view of Digiambattista discloses:
Jayanti Venkata teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:

 However, in the same field of endeavor, Digiambattista teaches this limitation as, (paragraph 72 of Digiambattista, the orchestration tool 120 may be configured by an administrator 114 to run a particular security test, to perform continuous scanning, or to execute a script 122. The orchestration tool 120 may then perform the request as scheduled. Generally, the request may be performed on a mirror).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and include the above limitation using the teaching of Digiambattista in order to secure the computing system by investigating the possible threat and process remedial action.

As per claim 5 Jayanti Venkata in view of Digiambattista discloses:
Jayanti Venkata teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
The computer-implemented method of claim 1, further comprising: assigning the infrastructure change event with an identification number that is associated with the infrastructure change; and tracking the infrastructure change event is based at least in part on the identification number.
 However, in the same field of endeavor, Digiambattista teaches this limitation as, ((paragraph 84 of Digiambattista, each different safeguard interface module 118, corresponding to a safeguard software package 116, may be marked with an identifier such as a globally unique identifier (GUID). Whenever the package was detected as running, the dashboard 302 could track whether the package was used, for what purpose, and the frequency of use. Another model would be to charge per mirrored instance. Because the server side orchestration software 128 is responsible for mirroring, it could track the number of mirrors created and whether a test completed successfully. Individual mirrors could be tracked timestamp or alternatively via an identifier such as a GUID. In this way, the volume of computing resources could be tracked).


As per claim 6 Jayanti Venkata in view of Digiambattista discloses:
The computer-implemented method of claim 1, wherein the first set of event metadata and the second set of event metadata includes one or more of a date stamp, a time stamp, a first description of a preemptive action that was performed, a second description of a remedial action that was performed, and a corresponding success or failure status associated with the first description and the second description. (Paragraph 66 of Jayanti Venkata, compliance may vary with respect to many factors, including user roles, device types, and resources being accessed. Users may be burdened with having to manage each of their many remote devices for compliance. A device access management system can remotely control compliance by sending notifications to remote devices providing specific information about non-compliance to users and the remedial actions that can be performed to cure the non-compliances. Depending a type of non-compliance, a notification may instruct a remote device automatically perform a remedial action).

As per claim 8 Jayanti Venkata in view of Digiambattista discloses:
The computer-implemented method of claim 1, wherein at least one of the first set of event metadata or the second set of event metadata further includes at least one of a user rating or a user annotation that is associated with the infrastructure change event. (Paragraph 66 of Jayanti Venkata, compliance may vary with respect to many factors, including user roles, device types, and resources being accessed. Users may be burdened with having to manage each of their many remote devices for compliance. A device access management system can remotely control compliance by sending notifications to remote devices providing specific information about non-compliance to users and the remedial actions that can be performed to cure the non-compliances. Depending a 

As per claim 9 Jayanti Venkata in view of Digiambattista discloses:
Jayanti Venkata teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
The computer-implemented method of claim 1, wherein the remedial response corresponds to a script that implements at least one of a configuration change, a code change, or a binary patch that mitigates a non-compliance of the enterprise infrastructure.
 However, in the same field of endeavor, Digiambattista teaches this limitation as, (paragraph 62 of Digiambattista, a remediation logic module 316 may be a hardcoded script from an administrator 114. For example, the remediation logic module 316 may simply state that where unauthorized access is via an open port, the module 316 is to close the port and surface a report. A remediation logic module 316 may employ a similarity measure and based on past behavior the administrator closed an open port upon detection of an unauthorized access, and the logic module 316 then closes all unused open ports proactively).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and include the above limitation using the teaching of Digiambattista in order to secure the computing system by investigating the possible threat and process remedial action.

As per claim 10 Jayanti Venkata in view of Digiambattista discloses:
The computer-implemented method of claim 1, wherein the verification report identify a first set of individual instances of compliance within the enterprise infrastructure, a second set of individual instances of the non-compliance within the enterprise infrastructure, or a third set of individual instances of remedial responses performed within the enterprise infrastructure to mitigate the non-compliance. (Paragraph 63 of Jayanti Venkata, access to one or more of resources 152 may be permitted despite detecting non-compliance. Access to resources 152 may be assessed based on the compliance policy for a level of Device access management system 120 may deny access to some resources 152 based on the level of non-compliance. Denying access may include removing account access to a resource and/or preventing communication of a request for the resource to enterprise computer system 150).

As per claim 11 Jayanti Venkata discloses:
One or more non-transitory computer-readable media storing computer-executable instructions that, when executed on one or more processors, cause the one or more processors to perform acts comprising: (paragraph 12 of Jayanti Venkata, a method may be implemented by the computer system). 
Receiving, from a registered user, a request to monitor compliance of an enterprise infrastructure; (paragraph 55 of Jayanti Venkata, device access management system 120 may allow a remote device to access enterprise computer system 150 if a request is from a user identity associated with an identity of the remote device).
Generating an infrastructure change that is associated with the compliance of the enterprise infrastructure, based at least in part on a set of predetermined criteria; (paragraph 89 of Jayanti Venkara, information about endpoint device 380 may be determined based on communication between endpoint device 380 and device access management system 120, such as when device synchronization does not occur. In some embodiments, multiple non-compliances can be identified when compliance is assessed. The non-compliances may be related or may correspond to different types of non-compliance) and (paragraph 90 of Jayanti Venkara, device access management system 120 may assess compliance of endpoint device 380 by determining whether endpoint device 380 has been used in a non-compliant manner. Compliance may be assessed based on a compliance policy for accessing an enterprise system. A compliance policy may define non-compliances of a remote device. Examples of non-compliances are described with reference to FIGS. 7 and 8. Non-compliances may include, for example, non-conforming password, installation of an unauthorized application, inactivity of use of a remote device, altering hardware or software on a remote device, or losing a remote device).
adjusting a security configuration of a remote device in a manner that is non-compliant with a security policy for accessing an enterprise system, password policy violation (e.g., non-conforming password for a remote device), loss of a remote device, theft of a remote device, or inactivity corresponding to use of a remote device).
Generating a verification report for the enterprise infrastructure, based at least in part on the one or more infrastructure change events; (paragraph 90 of Jayanti Venkara, in some embodiments, non-compliance may be determined based on one or more compliance rules indicated by the compliance policy. A non-compliance rule may be defined based one or more non-compliances. In some embodiments, a non-compliance rule may be defined for one or more user roles. Device access management 120 may determine a user role associated with an identity of a user registered for endpoint device 380).
Jayanti Venkata teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
Transmitting the verification report to a registered user associated with the request.
However, in the same field of endeavor, Digiambattista teaches this limitation as, (paragraph 63 of Digiambattisa, a reporting tool 322 creates reports 324(a)-324(o) based on the records of the analytics store 306 and surfaces the availability of those reports on dashboard 302. In some cases, the reporting tool 322 make be invoked by the remediation engine 314 to surface recommended responses as recommendations).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and include the above limitation using the teaching of Digiambattista in order to secure the computing system by investigating the possible threat and report to the user/device.

As per claim 13 Jayanti Venkata in view of Digiambattista discloses:
In some embodiments, multiple non-compliances can be identified when compliance is assessed. The non-compliances may be related or may correspond to different types of non-compliance) and (paragraph 90 of Jayanti Venkara, non-compliances may include, for example, non-conforming password, installation of an unauthorized application, inactivity of use of a remote device, altering hardware or software on a remote device, or losing a remote device).
Retrieving, from a policy database, a remedial response associated with the non- compliance of the enterprise infrastructure; (paragraph 59 of Javamto Vemlara, policies may be stored in and accessed from policy store 164 in data stores 160. Examples of policies may include, without limitation, enrollment policies, compliance policies, workspace policies, and device policies. Policies may be defined by an administrator of enterprise computer system 150 …. In some embodiments, device access management system 120 can perform remedial actions to adjust access for a remote device based on a policy. Device access management system 120 may communicate instructions to a remote device to instruct the remote device to take remedial action in response to compliance according to a policy. Notifications can be sent to remote devices 108 to inform them of compliance and/or non-compliance with a policy and a time period for compliance).
Jayanti Venkata teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
In response to executing the remedial response, analyzing event metadata associated with the at least one infrastructure change event to determine an effectiveness of the remedial response, and wherein generating the verification report is based at least in part on analysis of the event metadata.
an analytics engine 308 may then run analytics routines 310(a)-310(n) from time to time to identify threats. When a threat 312 is detected, the analytics engine 308 may create a record and populate the analytics store 306) and (paragraph 63 of Digiambattisa, a reporting tool 322 creates reports 324(a)-324(o) based on the records of the analytics store 306 and surfaces the availability of those reports on dashboard 302. In some cases, the reporting tool 322 make be invoked by the remediation engine 314 to surface recommended responses as recommendations).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and include the above limitation using the teaching of Digiambattista in order to secure the computing system by investigating the possible threat and report to the user/device.

As per claim 14 Jayanti Venkata in view of Digiambattista discloses:
The one or more non-transitory computer-readable media of claim 11, further storing instructions that, when executed cause the one or more processors to perform acts comprising: generating event metadata associated with the at least one infrastructure change event, (paragraph 90 of Jayanti Venkara, in some embodiments, non-compliance may be determined based on one or more compliance rules indicated by the compliance policy. A non-compliance rule may be defined based one or more non-compliances. In some embodiments, a non-compliance rule may be defined for one or more user roles. Device access management 120 may determine a user role associated with an identity of a user registered for endpoint device 380).
Wherein the event metadata includes one or more of a date stamp, a time stamp, a first description of a preemptive action that was performed, a second description of a remedial action that was performed, and a corresponding success or failure status associated with the first description and the second description. (Paragraph 66 of Jayanti Venkata, compliance may vary with respect to many factors, including user roles, device types, and resources being accessed. Users may be burdened with having to manage each of their many remote devices for compliance. A device access management system can remotely control compliance by sending notifications to remote devices providing specific information about non-compliance to users and the remedial actions that can be performed to cure the non-compliances. Depending a type of non-compliance, a notification may instruct a remote device automatically perform a remedial action).

Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Jayanti Venkata (US Pub. No. 2016/0088021) in view of Digiambattista (US Pub. No. 2017/0017795) and further in view of Crabtree (US Pub. No. 2017/0230285).

As per claim 7:
The combination of Jayanti Venkata and Digiambattista teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
The computer-implemented method of claim 1, wherein at least one of the first set of event metadata and the second set of event metadata is stored within a decentralized secure ledger service that uses blockchain technology.
However, in the same field of endeavor, Crabtree teaches this limitation as, (paragraph 36 of Crabtree, for maximal forensic analysis opportunity and change tracking capabilities, embodiments of the write ahead log 140, which hold the current, working, set of both routing and policy rules as well as records of all previous rules may incorporate a distributed ledger. One distributed ledger mechanism that may be used are available blockchains).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and Digiambattista to include the above limitation using the teaching of Crabtree in order to store the security data in a protected way and secure the computing system.

Claims 12 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Jayanti Venkata (US Pub. No. 2016/0088021) in view of Digiambattista (US Pub. No. 2017/0017795) and further in view of Lyne (US Pub. No. 2010/0251365).

As per claim 12:
The combination of Jayanti Venkata and Digiambattista teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
The one or more non-transitory computer-readable media of claim 11, further storing instructions that, when executed cause the one or more processors to perform acts comprising: parsing through the request to identify authentication credentials associated with the registered user; in response verifying the authentication credentials, identifying a set of verification data associated with the request, and wherein, generating the verification report is based at least in part on the set of verification data.
However, in the same field of endeavor, Lyne teaches this limitation as, (paragraph 37 of Lyne, the network access rules facility 124 may incorporate rule evaluation; the rule evaluation may parse network access requests and apply the parsed information to network access rules. The network access rule facility 124 may have a generic set of rules that may be in support of an enterprise facility's 102 network access policies, such as denying access to certain types of websites 158, controlling instant messenger 162 accesses, or the like. Rule evaluation may include regular expression rule evaluation, or other rule evaluation method for interpreting the network access request and comparing the interpretation to the established rules for network access) and (paragraph 27 of Lyne, The policy management facility 112 may be a set of rules or policies that may indicate enterprise facility 102 access permissions for the client facility 144, such as access permissions associated with the network, applications, external computer devices, and the like) and (paragraph 25 of Lyne, feedback of information may also be associated with behaviors of individuals within the enterprise, such as being associated with most common violations of policy, network access, unauthorized application loading, unauthorized external device use, and the like).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and Digiambattista to include the above limitation using the teaching of Lyne in order to secure the computing system by authenticating the user with the correct credential.

As per claim 15:
The combination of Jayanti Venkata and Digiambattista teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
The one or more non-transitory computer-readable media of claim 11, further storing instructions that, when executed cause the one or more processors to perform acts comprising: parsing through the request to identify authentication credentials associated with the registered user; determining access privileges associated with the registered user, based at least in part on the authentication credentials, and wherein the verification report includes content that is redacted based in part on access privileges associated with the registered user.
However, in the same field of endeavor, Lyne teaches this limitation as, (paragraph 37 of Lyne, the network access rules facility 124 may incorporate rule evaluation; the rule evaluation may parse network access requests and apply the parsed information to network access rules. The network access rule facility 124 may have a generic set of rules that may be in support of an enterprise facility's 102 network access policies, such as denying access to certain types of websites 158, controlling instant messenger 162 accesses, or the like. Rule evaluation may include regular expression rule evaluation, or other rule evaluation method for interpreting the network access request and comparing the interpretation to the established rules for network access) and (paragraph 27 of Lyne, The policy management facility 112 may be a set of rules or policies that may indicate enterprise facility 102 access permissions for the client facility 144, such as access permissions associated with the network, applications, external computer devices, and the like) and (paragraph 25 of Lyne, feedback of information may also be associated with behaviors of individuals within the enterprise, such as being associated with most common violations of policy, network access, unauthorized application loading, unauthorized external device use, and the like).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and Digiambattista to include the .

Claims 16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Jayanti Venkata (US Pub. No. 2016/0088021) in view of Lyne (US Pub. No. 2010/0251365) and further in view of Crabtree (US Pub. No. 2017/0230285).

As per claim 16
A system comprising: one or more processors; memory coupled to the one or more processors, the memory including one or ore modules that are executable by the one or more processors to: receive, from a registered user, a request for a verification report that is associated with an enterprise infrastructure, the verification report to verify a compliance of the enterprise infrastructure with a set of predetermined criteria; (paragraph 55 of Jayanti Venkata, device access management system 120 may allow a remote device to access enterprise computer system 150 if a request is from a user identity associated with an identity of the remote device).
Identify event metadata associated with the request; (paragraph 90 of Jayanti Venkara, in some embodiments, non-compliance may be determined based on one or more compliance rules indicated by the compliance policy. A non-compliance rule may be defined based one or more non-compliances. In some embodiments, a non-compliance rule may be defined for one or more user roles. Device access management 120 may determine a user role associated with an identity of a user registered for endpoint device 380).
Retrieve infrastructure change events associated with the event metadata, the infrastructure change events indicating a compliance or a non-compliance with the set of predetermined criteria; (Paragraph 137 of Jayanti Venkara, adjusting a security configuration of a remote device in a manner that is non-compliant with a security policy for accessing an enterprise system, password policy violation (e.g., non-conforming password for a remote device), loss of a remote device, theft of a remote device, or inactivity corresponding to use of a remote device).
access to one or more of resources 152 may be permitted despite detecting non-compliance. Access to resources 152 may be assessed based on the compliance policy for a level of non-compliance. Device access management system 120 may deny access to some resources 152 based on the level of non-compliance. Denying access may include removing account access to a resource and/or preventing communication of a request for the resource to enterprise computer system 150).
Jayanti Venkata teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
Parse through the request to identify authentication credentials associated with the registered user; In response verifying the authentication credentials, identify a set of verification data associated with the request;
However, in the same field of endeavor, Lyne teaches this limitation as,  (paragraph 37 of Lyne, the network access rules facility 124 may incorporate rule evaluation; the rule evaluation may parse network access requests and apply the parsed information to network access rules. The network access rule facility 124 may have a generic set of rules that may be in support of an enterprise facility's 102 network access policies, such as denying access to certain types of websites 158, controlling instant messenger 162 accesses, or the like. Rule evaluation may include regular expression rule evaluation, or other rule evaluation method for interpreting the network access request and comparing the interpretation to the established rules for network access) and (paragraph 27 of Lyne, The policy management facility 112 may be a set of rules or policies that may indicate enterprise facility 102 access permissions for the client facility 144, such as access permissions associated with the network, applications, external computer devices, and the like) and (paragraph 25 of Lyne, feedback of information may also be associated with behaviors of individuals within the enterprise, such as being associated with most common violations of policy, network access, unauthorized application loading, unauthorized external device use, and the like).

The combination of Jayanti Venkata and Lyne teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
Retrieve infrastructure change events associated with the event metadata from a decentralized secure ledger service
However, in the same field of endeavor, Crabtree teaches this limitation as, (paragraph 36 of Crabtree, for maximal forensic analysis opportunity and change tracking capabilities, embodiments of the write ahead log 140, which hold the current, working, set of both routing and policy rules as well as records of all previous rules may incorporate a distributed ledger. One distributed ledger mechanism that may be used are available blockchains).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata and Lyne to include the above limitation using the teaching of Crabtree in order to securely store the computing system information.

As per claim 18 Jayanti Venkata in view of Lyne and further in view of Crabtree:
The system of claim 16, wherein the one or more modules are further executable by the one or more processors to: determine that an infrastructure change associated with instances of the infrastructure change events is incomplete; generate a discrepancy indication associated with the infrastructure change that is incomplete; and associate the discrepancy indication with the instances of the infrastructure change events, and wherein, the verification report further includes the discrepancy indication. (Paragraph 8 of Jayanti Venkata, the device access management system may manage compliance of remote devices using a compliance policy. A compliance policy may indicate one or more non-compliances for accessing an enterprise system using a remote device. A non-compliance may be defined by a compliance rule).

	As per claim 19 Jayanti Venkata in view of Lyne and further in view of Crabtree:
The system of claim 16, wherein the one or more modules are further executable by the one or more processors to: determine access privileges associated with the registered user, based at least in part on the authentication credentials, and, wherein the verification report includes content that is redacted based in part on access privileges associated with the registered user. (paragraph 35 of Jayanti Venkata, a compliance rule may be further defined based on one or more user roles for accessing the enterprise system. The compliance policy may indicate one or more remedial actions that can be performed to remedy non-compliances).

Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Jayanti Venkata (US Pub. No. 2016/0088021) in view of Lyne (US Pub. No. 2010/0251365) and further in view of Crabtree (US Pub. No. 2017/0230285) and Grieco (US Pub. No. 2016/0232358).

As per claim 17:
The combination of Jayanti Venkata, Lyne, and Crabtree teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
The system of claim 16, wherein the event metadata includes at least one of a Common Vulnerability Exposure (CVE) identification number, a software patch identifier, an attack vector identifier, a response identifier that corresponds to an attack vector, a test identifier that corresponds to a test suite execution event, an administration decision event associated with deployment of an infrastructure change, or an identifier associated with an infrastructure change event.
However, in the same field of endeavor, Grieco teaches this limitation as, (paragraph 15 of Grieco, the global security risk metadata entries 52 may include a common vulnerability identifier, such as the Common Vulnerabilities and Exposures (CVE.RTM.) identifier. OVAL.RTM. and CVE.RTM. are registered trademarks of The MITRE Corporation).
.

Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Jayanti Venkata (US Pub. No. 2016/0088021) in view of Lyne (US Pub. No. 2010/0251365) and further in view of Crabtree (US Pub. No. 2017/0230285) and Digiambattista (US Pub. No. 2017/0017795).

As per claim 20:
The combination of Jayanti Venkata, Lyne, and Crabtree teaches the method of managing compliance of remote device that access an enterprise system (see paragraph 2 of Jayanti Venkata) but fails to disclose:
The system of claim 16, wherein the verification report is delivered to the registered user via email or a reporting dashboard of a client device associated with the registered user.
However, in the same field of endeavor, Digiambattista teaches this limitation as, (paragraph 35 of Digiambattista, the orchestration tool provides the administrator 114 with a user interface, including a dashboard to receive notifications and alerts from the safeguard software packages 116 in an integrated fashion).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Jayanti Venkata, Lyne, and Crabtree to include the above limitation using the teaching of Digiambattista in order to securely notify the user about the alert. 

Conclusion
The prior art made or record and not relied upon is considered pertinent to applicant’s disclosure is Jacobson (US Pub. No. 2013/0276055), Jocobson discloses the system and method of maintaining network security policy compliance.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to TESHOME HAILU whose telephone number is (571)270-3159. The examiner can normally be reached M-F 8 a.m. - 5 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/TESHOME HAILU/Primary Examiner, Art Unit 2434