DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Response to Amendment
The Amendment filed on 12/22/2021 has been entered. 
Claims 1-20 are amended.
Claims 1-20 are pending of which claims 1, 8 and 15 are independent claims.

Response to Arguments
The applicant's arguments filed on 12/22/2021 regarding claims 1-20 have been fully considered but the arguments are essentially directed towards the newly introduced limitations and they are addressed in this Office Action, below.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


s 1-3, 7, 8, 10-12 and 14-17 are rejected under 35 U.S.C. 103 as being unpatentable over Petschulat et al. (Pub. No.: US 2019/0236191, hereinafter Petschulat) in view of Ross et al. (Pub. No.: US 2011/0072206, hereinafter Ross) and Gibson et al. (Pub. No.: US 2016/0162683). 
Regarding claim 1: Petschulat discloses A system for detecting anomalous access comprising: 
a non-transitory memory storing instructions; and 
one or more hardware processors coupled to the non-transitory memory and configured to read the instructions from the non-transitory memory to cause the system to perform operations (Petschulat -Fig. 4, computer 400) comprising: 
receiving, from a requesting user, a query for accessing a set of data from data storage (Petschulat - [0023]: The request processing module 130 processes the request to obtain data by obtaining data stored from the data store 134. The data can include data stored in a data table); 
determining a set of users that shares one or more common organizational attributes with the requesting user within an organization (Petschulat - [0037]: A group of users that are similar to each other can be evaluated by their titles, business units, associated tenant, and the like);
However Petschulat doesn’t explicitly teach:
obtaining a data access history associated with the set of users, wherein the data access history comprises data accesses of different data in the data storage by the set of users; 
assigning weights to the data accesses, wherein a first one of the data accesses conducted at a first time is assigned a larger weight than a second one of the data accesses conducted at a second time earlier than the first time;
calculating a likelihood of the requesting user requesting access the set of data based on the weighted data accesses by the set of users;
determining whether to restrict the user from accessing the set of data based on the calculated likelihood. 
However, Ross discloses:
Ross - [0043]: Counts per feature of stored files and recent accesses are gathered from each node (302)); 
assigning weights to the data accesses, wherein a first one of the data accesses conducted at a first time is assigned a larger weight than a second one of the data accesses conducted at a second time earlier than the first time (Ross - [0125]: the counts are decayed over time to give greater weight to more recent accesses);
calculating a likelihood of the requesting user requesting access the set of data based on the weighted data accesses by the set of users (Ross - [0125]: the accessed and stored object counts are aggregated and used to generate and distribute an access probability matrix);
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat with Ross so that larger weight is assigned to most recent access and a likelihood/probability is calculated based on the weighted access. The modification would have allowed the system to generate a access likelihood matrix.
However, the combination of Petschulat and Ross doesn’t explicitly teach but Gibson discloses
determining whether to restrict the user from accessing the set of data based on the calculated likelihood (Gibson - [0043]: The score can then be used by the respective application to determine a proper security function to perform (e.g., allow the user continuing access, restrict access to content)
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat and Ross with Gibson so that the access is restricted based on the calculated likelihood. The modification would have allowed the system to prevent unamortized data access for enhanced security. 

 
Regarding claim 2: Petschulat as modified discloses wherein the set of data comprises at least one of personal identifiable information of customers of the organization or unique identifiers of financial instruments (Petschulat - [0013]: a customer data table includes different data dimensions corresponding to different customer attributes such as first name, last name, middle name, age, education, location, house hold income, and the like).
Regarding claim 3: Petschulat as modified discloses wherein the determining the set of users that share the one or more common organizational attributes with the request user is based on a an  organization chart of the organization (Petschulat - [0037]: A group of users that are similar to each other can be evaluated by their titles, business units).
Regarding claim 7: Petschulat as modified discloses wherein the determining whether to restrict the user from accessing the set of data is further based on whether the calculated likelihood exceeds a predetermined threshold (Petschulat - [0051]: the data management module 132 selects the dimensions of which the relevance measures are greater than a threshold measure as relevant to the user).
Regarding claim 8: Petschulat discloses A system for detecting anomalous data access, the method comprising: 
Receiving, by one or more hardware processors from a requesting user, a query for accessing set of data from a data storage (Petschulat - [0023]: The request processing module 130 processes the request to obtain data by obtaining data stored from the data store 134. The data can include data stored in a data table); 
Determining, by the one or more hardware processors, that the requesting user does not have a history of accessing the data storage (Petschulat - [0038]: For users of a new tenant where usage information is not available, the relevance determination module 150 can leverage using usage information of other tenants related to the same data as the new tenant);  
determining a set of users similar to the requesting user (Petschulat - [0037]: A group of users that are similar to each other can be evaluated by their titles, business units, associated tenant, and the like);

obtaining, by the one or more hardware processors, a data access history associated with the set of users, wherein the data access history comprises data accesses of different data in the data storage by the set of users; 
assigning, by the one or more hardware processors, weights to the data accesses, wherein a first one of the data accesses conducted at a first time is assigned a larger weight than a second one of the data accesses conducted at a second time earlier than the first time;
calculating, by the one or more hardware processors, a likelihood of the requesting user accessing the set of data based on the weighted data accesses by the set of users;
determining whether to restrict the user from accessing the set of data based on the calculated likelihood. 
However, Ross discloses:
obtaining, by the one or more hardware processors, a data access history associated with the set of users, wherein the data access history comprises data accesses of different data in the data storage by the set of users (Ross - [0043]: Counts per feature of stored files and recent accesses are gathered from each node (302)); 
assigning, by the one or more hardware processors, weights to the data accesses, wherein a first one of the data accesses conducted at a first time is assigned a larger weight than a second one of the data accesses conducted at a second time earlier than the first time (Ross - [0125]: the counts are decayed over time to give greater weight to more recent accesses);
calculating, by the one or more hardware processors, a likelihood of the requesting user accessing the set of data based on the weighted data accesses by the set of users (Ross - [0125]: the accessed and stored object counts are aggregated and used to generate and distribute an access probability matrix);
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat with Ross so that larger weight is assigned to most recent access and a likelihood/probability is calculated based 
However, the combination of Petschulat and Ross doesn’t explicitly teach but Gibson discloses
determining whether to grant the user access to the set of data based on the calculated likelihood (Gibson - [0043]: The score can then be used by the respective application to determine a proper security function to perform (e.g., allow the user continuing access, restrict access to content)).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat and Ross with Gibson so that the access is restricted based on the calculated likelihood. The modification would have allowed the system to prevent unamortized data access for enhanced security. 
Regarding claims 10 and 14: Claims are directed to apparatus/device claims and do not teach or further define over the limitations recited in claims 2-3. Therefore, claims 8, 10 and 14 are also rejected for similar reasons set forth in claims 23. 
Regarding claim 11: Petschulat as modified discloses wherein the set of users comprises a predefined number of users (Petschulat - [0037]: A group of users that are similar to each other).
Regarding claim 12: Petschulat as modified discloses wherein the set of users is identified further based on at least one of a manager associated with the requesting user, a title associated with the requesting user, or a department associated with the requesting user (Petschulat - [0037]: A group of users that are similar to each other can be evaluated by their titles, business units).
Regarding claims 15-17: Claims are directed to method/computer readable medium claims and do not teach or further define over the limitations recited in claims 1-3. Therefore, claims 15-17 are also rejected for similar reasons set forth in claims 1-3. 

Claims 4 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Petschulat et al. (Pub. No.: US 2019/0236191, hereinafter Petschulat) in view of Ross et al. (Pub. No.: US 2011/0072206, .
Regarding claims 4 and 18: Petschulat as modified doesn’t explicitly teach but Zaveri discloses wherein the determining the set of users that shares the one or more common organization attributes with the requesting user is further based on a common project to which the requesting user and the set of users area assigned (Zaveri - [Col. 12, Line 17-19]: Similarity ratings can also be adjusted based on files 313 having requisite amounts of given types of metadata and/or descriptive profile information in common, such as common ownership, edit histories, inclusion in common projects).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat, Ross and Gibson with Zaveri so that the similarity of users is based on inclusion in common projects. The modification would have allowed the system to determine user similarity based on common project assigned. 

Claims 5 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Petschulat et al. (Pub. No.: US 2019/0236191, hereinafter Petschulat) in view of Ross et al. (Pub. No.: US 2011/0072206, hereinafter Ross) and Gibson et al. (Pub. No.: US 2016/0162683) and Tariq (Pub. No.: US 2017/0220947).
Regarding claims 5 and 19: Petschulat as modified doesn’t explicitly teach but Tariq discloses wherein the determining the set of users that shares the one or more common organization attributes with the requesting user is based on historical data stored in the data storage (Tariq - [0035]: a prediction module 122 that determines a forecast for the user 102 based on the historical data 114 …  historical activity data for the user 102 or other users that are determined to be similar to the user 102).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat, Ross and Gibson with Tariq so that the similarity of users is based on historical data. The modification would have allowed the system to determine user similarity based on historical data. 

Claims 6, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Petschulat et al. (Pub. No.: US 2019/0236191, hereinafter Petschulat) in view of Ross et al. (Pub. No.: US 2011/0072206, hereinafter Ross) and Gibson et al. (Pub. No.: US 2016/0162683) and Szabo (Patent No.: US 7,181,438).
Regarding claims 6, 13 and 20: Petschulat as modified doesn’t explicitly teach but Szabo discloses wherein the likelihood is calculated using collaborative filtering (Szabo - [Col. 53, Line 28-31]: This probability may be calculated, for example, based on … a collaborative filtering scheme).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat, Ross and Gibson with Szabo so that the probability is calculated using collaborative filtering. . 

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Petschulat et al. (Pub. No.: US 2019/0236191, hereinafter Petschulat) in view of Ross et al. (Pub. No.: US 2011/0072206, hereinafter Ross) and Gibson et al. (Pub. No.: US 2016/0162683) and Meyer et al. (Patent No.: US 10,680,907).
Regarding claim 9: Petschulat as modified doesn’t explicitly teach but Meyer discloses wherein the requesting user is an employee of the organization (Meyer - [Col. 6, Line 28-32]: a new employee of the company having the same three roles, the access request would be consistent with the access already approved for the current employee; etc.)).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Petschulat, Ross and Gibson with Meyer so that a new employee is granted the consistent access for current employee. The modification would have allowed the new employee to have the access comparable with current employee. 

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Jayasingh et al (Pub. No.: US 2020/0167423) - DATABASE TOOL
Connolly et al. (Patent. No.: US 9,081,978) - High-dimensional data management and presentation 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729.  The examiner can normally be reached on M-F 8:30-5:30.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8729.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG LI/
Primary Examiner, Art Unit 2437