Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

EXAMINER’S AMENDMENT

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Jeffrey T. Placker on 12/30/2021
The application has been amended as follow:

AMENDMENTS TO THE CLAIMS
1. (Original) A computer-implemented method, executed on a computing device, comprising: establishing connectivity with a plurality of security-relevant subsystems within a computing platform, including utilizing a respective application program interface (API) for accessing each of the plurality of security-relevant subsystems; [[and]] mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems; defining a unified query on a unified platform concerning the plurality of security- relevant subsystems; denormalizing the unified query to define a subsystem-specific query for each of the plurality of security-relevant subsystems, thus defining a plurality of subsystem- specific queries, including translating a syntax of the unified query to a syntax of each of the plurality of subsystem-specific queries; and providing the plurality of subsystem-specific queries to the plurality of security- relevant subsystems.

2. (Original) The computer-implemented method of claim 1 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: mapping one or more data fields within a query structure of the unified platform to one or more data fields within a query structure of each of the plurality of security- relevant subsystems.

3. (Original) The computer-implemented method of claim 1 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes:  Reply to Office Action of: 28 July 2021 mapping one or more data fields within a result set structure of each of the plurality of security-relevant subsystems to one or more data fields within a result set structure of the unified platform.

4. (Original) The computer-implemented method of claim 1 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: mapping one or more data fields of the unified platform to one or more data fields of each of the plurality of security-relevant subsystems at a defined periodicity.  

, including actively monitoring the plurality of security-relevant subsystems.  

6. (Original) The computer-implemented method of claim 1 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: reactively mapping one or more data fields of the unified platform to one or more data fields of each of the plurality of security-relevant subsystems. 
 
7. (Cancelled) 

 
8. (Original) The computer-implemented method of claim [[7]] 1 further comprising: receiving a plurality of subsystem-specific results sets from the plurality of security-relevant subsystems that were generated in response to the plurality of subsystem-specific queries.  

9. (Original) The computer-implemented method of claim 8 further comprising: normalizing the plurality of subsystem-specific results sets received from the plurality of security-relevant subsystems to define a unified result set.



11. (Original) A computer program product residing on a non-transitory computer readable medium having a plurality of instructions stored thereon which, when executed by a processor, cause the processor to perform operations comprising: establishing connectivity with a plurality of security-relevant subsystems within a computing platform, including utilizing a respective application program interface (API) for accessing each of the plurality of security-relevant subsystems; and mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems; defining a unified query on a unified platform concerning the plurality of security- relevant subsystems; denormalizing the unified query to define a subsystem-specific query for each of the plurality of security-relevant subsystems, thus defining a plurality of subsystem- specific queries, including translating a syntax of the unified query to a syntax of each of the plurality of subsystem-specific queries, and providing the plurality of subsystem-specific queries to the plurality of security- relevant subsystems.  

12. (Original) The computer program product of claim 11 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: mapping one or more data fields within a query structure of the unified platform to one or more data fields within a query structure of each of the plurality of security- relevant subsystems.

13. (Original) The computer program product of claim 11 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: mapping one or more data fields within a result set structure of each of the plurality of security-relevant subsystems to one or more data fields within a result set structure of the unified platform.  

14. (Original) The computer program product of claim 11 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: mapping one or more data fields of the unified platform to one or more data fields of each of the plurality of security-relevant subsystems at a defined periodicity.  

15. (Original) The computer program product of claim 11 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security- relevant subsystems includes: proactively mapping one or more data fields of the unified platform to one or more data fields of each of the plurality of security-relevant subsystems, including actively monitoring the plurality of security-relevant subsystems.
  
16. (Original) The computer program product of claim 11 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: reactively mapping one or more data fields of 
 
17. (Cancelled) 
 
18. (Original) The computer program product of claim [[17]] 11 further comprising: receiving a plurality of subsystem-specific results sets from the plurality of security-relevant subsystems that were generated in response to the plurality of subsystem-specific queries.  

19. (Original) The computer program product of claim 18 further comprising: normalizing the plurality of subsystem-specific results sets received from the plurality of security-relevant subsystems to define a unified result set.  

20. (Original) The computer program product of claim 19 further comprising: providing the unified result set to a third-party.  

21. (Original) A computing system including a processor and memory configured to perform operations comprising: establishing connectivity with a plurality of security-relevant subsystems within a computing platform, including utilizing a respective application program interface (API) for accessing each of the plurality of security-relevant subsystems; and mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems; defining a unified query on a unified platform concerning the plurality of security- relevant subsystems; denormalizing the unified query to define a subsystem-specific query for each of the plurality of security-relevant subsystems, thus defining a plurality of subsystem- specific queries, including translating a syntax of the unified query to a syntax of each of the plurality of subsystem-specific queries; and providing the plurality of subsystem-specific queries to the plurality of security- relevant subsystems.  

22. (Original) The computing system of claim 21 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: Amendment Dated: mapping one or more data fields within a query structure of the unified platform to one or more data fields within a query structure of each of the plurality of security- relevant subsystems.
  
23. (Original) The computing system of claim 21 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: mapping one or more data fields within a result set structure of each of the plurality of security-relevant subsystems to one or more data fields within a result set structure of the unified platform. 
 
24. (Original) The computing system of claim 21 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: mapping one or more data fields of the unified platform to 
 
25. (Original) The computing system of claim 21 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security- relevant subsystems includes: proactively mapping one or more data fields of the unified platform to one or more data fields of each of the plurality of security-relevant subsystems, including actively monitoring the plurality of security-relevant subsystems. 
 
26. (Original) The computing system of claim 21 wherein mapping one or more data fields of a unified platform to one or more data fields of each of the plurality of security-relevant subsystems includes: reactively mapping one or more data fields of the unified platform to one or more data fields of each of the plurality of security-relevant subsystems.  

27. (Cancelled) 

28. (Currently Amended) The computing system of claim [[27]] 21 further comprising: receiving a plurality of subsystem-specific results sets from the plurality of security-relevant subsystems that were generated in response to the plurality of subsystem-specific queries.  



30. (Original) The computing system of claim 29 further comprising: providing the unified result set to a third-party.   

Allowable Subject Matter
Claims 1-6, 8-16, 18-26 and 28-30 are allowed.
The following is an examiner’s statement of reasons for allowance:

The closest prior arts made of records are, Murphy et al. (U.S. Pub. No. 2017/0006058 A1, referred to as Murphy), Purathepparambil et al. (U.S. Pub. No. 2020/0021620 A1, referred to as Purathepparambil) and Bartal et al. (Firmato: A Novel Firewall Management Toolkit, ACM, pages 381-420, November 2004, referred to as Bartal).

Murphy discloses a method and a system for importing threat data from a plurality of threat data sources, thus generating a plurality of raw threat data definitions. The plurality of raw threat data definitions are processed, thus generating a plurality of processed threat data definitions. The plurality of processed threat data definitions are processed to form a master threat data definition. The master threat data definition is provided to one or more client electronic devices.

Purathepparambil discloses a method and a system for contextually managing and executing a change in security behavior of a target user are provided. The system extracts multiple context attributes including activity telemetry, skill, etc., from multiple external applications. The system dynamically generates one or more security behavioral models for each user based on behavior modeling criteria.

Bartal discloses techniques for configuring and managing firewalls to improve the protection of an entity’s intranet, based on appropriate security policy for the particular needs of the entity.

However, regarding claims 1, 11 and 21, the prior art of Murphy, Purathepparambil and Bartal when taken in the context of the claim as a whole do not disclose nor suggest, “defining a unified query on a unified platform concerning the plurality of security- relevant subsystems; denormalizing the unified query to define a subsystem-specific query for each of the plurality of security-relevant subsystems, thus defining a plurality of subsystem- specific queries, including translating a syntax of the unified query to a syntax of each of the plurality of subsystem-specific queries; and providing the plurality of subsystem-specific queries to the plurality of security- relevant subsystems.”.
 
Claims 2-6 and 8-10 depend on claim 1, claims 12-16 and 18-20 depend on claim 11 and claims 22-26 and 28-30 depend on claim 21, and are of consequence allowed.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:  See PTO-892.  

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN SAADOUN whose telephone number is (571)272-8408. The examiner can normally be reached Mon-Fri 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and 





/HASSAN SAADOUN/Examiner, Art Unit 2435                                                                                                                                                                                                        

/YOGESH PALIWAL/Primary Examiner, Art Unit 2435