Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Office Action is in response to the Reply filed on 1/19/2022. Claims 1-20 are pending. This Office Action is Final.

Response to Arguments
A) Applicant argues that Koshy fails to disclose, teach or even suggest “determining the number of DLP networks to process,” regarding claim 1.  Examiner respectfully disagrees.
Examiner submits that Koshy teaches “determining the number of DLP networks to process.”  Koshy, Col. 5 Lines 30-43 recites “Although only one server computing system 106 is illustrated in FIG. 1, the DLP system 108 may be hosed on one or more machines, including one or more server computers, client computers, gateways or other computing devices. In yet another configuration, the DLP service may reside on a single server, or on different servers, coupled to other devices via a public network (e.g., the Internet) or a private network (e.g., LAN). In one embodiment, the DLP system 108 is part of an organization's system referred to herein as entity. In another embodiment, a service provider hosts the DLP system 108. The hosted service provider may also have multiple instances of the DLP system 108 on multiple networks that communicate with the service provider over a public or private network.”
Applicant appears to argue that Koshy only has a single DLP system.  However, Koshy explicitly teaches “The hosted service provider may also have multiple instances 


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was 

Claims 1, 5, 7, 8, 12, 14, 15 and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Koshy et al. (US 8,990,882) in view of Brisebois et al. (US 9,349,016).

	As per claim 1, Koshy teaches a computer-implementable method for routing data loss prevention (DLP) events across different network levels comprising: determining the number of DLP networks to process; processing the remaining DLP networks (Koshy, Col. 5 Lines 30-43 recites “Although only one server computing system 106 is illustrated in FIG. 1, the DLP system 108 may be hosed on one or more machines, including one or more server computers, client computers, gateways or other computing devices. In yet another configuration, the DLP service may reside on a single server, or on different servers, coupled to other devices via a public network (e.g., the Internet) or a private network (e.g., LAN). In one embodiment, the DLP system 108 is part of an organization's system referred to herein as entity. In another embodiment, a service provider hosts the DLP system 108. The hosted service provider may also have multiple instances of the DLP system 108 on multiple networks that communicate with the service provider over a public or private network.”).
	But fails to teach determining classification of a DLP networks and data to be received from the DLP networks; processing certain data including an entity risk level, and holding certain data of the DLP network; providing the processed the entity risk level to the DLP network; and passing all processed and held data to a computing platform.
	However, in an analogous art Brisebois teaches determining classification of a DLP networks and data to be received from the DLP networks; processing certain data including an entity risk level, and holding certain data of the DLP network; providing the processed the entity risk level to the DLP network; and passing all processed and held data to a computing platform (Brisebois, Col. 2 Lines 11-29 recites “In one embodiment, an information handling system includes a processing unit, wherein the processing unit is operable to implement a method. The method includes determining a user context of at least one user device currently accessing an enterprise communication platform. The method further includes selecting a dynamic data loss prevention (DLP) policy applicable to the at least one user device based, at least in part, on the user context. The dynamic DLP policy specifies one or more communication events of interest. In addition, the method includes monitoring communication events initiated by the at least one user device for the one or more communication events of interest. Moreover, the method includes, responsive to each communication event of interest: assessing the communication event of interest based, at least in part, on a content-based classification of a communication associated with the communication event of interest; and responsive to a risk assessment meeting certain criteria, taking at least one action specified by the dynamic DLP policy.”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Brisebois’ System and method for user-context-based data loss prevention with Koshy’s Pre-calculating and updating data loss prevention (DLP) policies prior to distribution of sensitive information because the use of having dynamic policies, helps with flexibility when working with different networks. 

	As per claim 5, Koshy in combination with Brisebois teaches the method of claim 1, Koshy further teaches wherein a repository holds data and passes the held data to a controller that processes the data (Koshy, Col. 6 Lines 38-44 recites “In one embodiment, the detection system 206 is configured to use the DLP submission tool 122 (client side) to submit information in the outbound data transfer 203 to be protected by the DLP policies 112 before distribution of the outbound data transfer 203.”).

	As per claim 7, Koshy in combination with Brisebois teaches the method of claim 1, Brisbois further teaches wherein intermediately processed networks are passed through an edge device (Brisebois, Col. 61 Lines 26-31 recites “If, for example, the user context indicates that the at least one user device is currently inside a given corporate firewall, the DLP risk-assessment criteria may be relaxed or nonexistent. Conversely, if, for example, the user context indicates that the at least one user device is in a public location, the DLP risk-assessment criteria may be more stringent.”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Brisbois’ System and method for user-context-based data loss prevention with Koshy’s Pre-calculating and updating data loss prevention (DLP) 

Regarding claims 8 and 15, claims 8 and 15 are directed to a non-transitory readable medium and a computing device associated with the method of claim 1. Claims 8 and 15 are of similar scope to claim 1, and are therefore rejected under similar rationale.

Regarding claims 12 and 19, claims 12 and 19 are directed to a non-transitory readable medium and a computing device associated with the method of claim 5. Claims 12 and 19 are of similar scope to claim 5, and are therefore rejected under similar rationale.

	Regarding claim 14, claim 14 is directed to a similar system associated with the method of claim 7 respectively. Claim 14 is similar in scope to claim 7, respectively, and are therefore rejected under similar rationale. 




Claims 2, 9 and 16  is/are rejected under 35 U.S.C. 103 as being unpatentable over Koshy et al. (US 8,990,882) and  Brisebois et al. (US 9,349,016) and in further view of Manthena (US 2020/0195517).

	As per claim 2, Koshy in combination with Brisebois teaches the method of claim 1, but fails to teach wherein the routing is directed to unified access management.
	However, in an analogous art Manthena teaches wherein the routing is directed to unified access management (Manthena, Paragraph 0115 recites “a service to protect against a distributed denial-of-service (DDoS) attack, a user firewall service, and/or a unified access control service, may, at an ingress portion of a network device, perform tasks associated with layers 2-4.”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Manthena’s system for identifying and assisting in the creation and implementation of a network service configuration using hidden markov models (hmms) with Koshy’s Pre-calculating and updating data loss prevention (DLP) policies prior to distribution of sensitive information because the use unified access, is a more efficient way of routing data. 

Regarding claims 9 and 16, claim 9 and 16 are directed to a non-transitory readable medium and a computing device associated with the method of claim 2. Claims 12 and 19 are of similar scope to claim 2, and are therefore rejected under similar rationale.

Claims 3, 4, 10, 11, 17 and 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Koshy et al. (US 8,990,882) and  Brisebois et al. (US 9,349,016) and in further view of Collins et al. (US 2020/0279139).

	As per claim 3, Koshy in combination with Brisebois teaches the method of claim 1, but fails to teach wherein the data includes topic sets and certificates.
	However, in an analogous art Collins wherein the data includes topic sets and certificates (Collins, Paragraph 0083 recites “Once the number of sets/tiers of controls are determined, and external services (e.g., ETL to generate test data, network DLP to intercept and control distribution of classified data, etc.) are present, the required integrations may be built into the platforms (e.g., automated jobs to scan for classified data and replace with test data; certificates permitting network interception and decryption of encrypted data for DLP; endpoint DLP agents).”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Collins’ Systems and methods for data protection with Koshy’s Pre-calculating and updating data loss prevention (DLP) policies prior to distribution of sensitive information because the use certificates with data is a more secure way to manage data in a network.

	As per claim 4, Koshy in combination with Brisebois teaches the method of claim 1, but fails to teach wherein held data are certificates which are processed by the computing platform.
	However, in an analogous art Collins wherein held data are certificates which are processed by the computing platform (Collins, Paragraph 0083 recites “Once the number of sets/tiers of controls are determined, and external services (e.g., ETL to generate test data, network DLP to intercept and control distribution of classified data, etc.) are present, the required integrations may be built into the platforms (e.g., automated jobs to scan for classified data and replace with test data; certificates permitting network interception and decryption of encrypted data for DLP; endpoint DLP agents).”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Collins’ Systems and methods for data protection with Koshy’s Pre-calculating and updating data loss prevention (DLP) policies prior to distribution of sensitive information because the use certificates with data is a more secure way to manage data in a network.

Regarding claims 10 and 17, claims 10 and 17 are directed to a non-transitory readable medium and a computing device associated with the method of claim 3. Claims 10 and 17 are of similar scope to claim 3, and are therefore rejected under similar rationale.

Regarding claims 11 and 18, claims 11 and 18 are directed to a non-transitory readable medium and a computing device associated with the method of claim 4. Claims 11 and 18 are of similar scope to claim 4, and are therefore rejected under similar rationale.
Claims 6, 13 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Koshy et al. (US 8,990,882) and  Brisebois et al. (US 9,349,016) and in further view of Mahaffey et al. (US 2017/0339178).

	As per claim 6, Koshy in combination with Brisebois teaches the method of claim 1, but fails to teach wherein the computing platform is a functional behavior assessment (FBA) platform.
	However, in an analogous art Mahaffey teaches wherein the computing platform is a functional behavior assessment (FBA) platform (Mahaffey, Paragraph 0298 recites “The systems containing these databases can be connected to share anonymized data gathered from a larger population of devices to facilitate analysis and evaluation, determination of norms of behavior, assessment of application prevalence, etc. .”).
	It would have been obvious to a person of ordinary skill in the art, at the earliest effective filing date, to use Mahaffey’s response generation after distributed monitoring and evaluation of multiple devices with Koshy’s Pre-calculating and updating data loss prevention (DLP) policies prior to distribution of sensitive information because the use behavior analysis helps with diagnosing network issues.

Regarding claims 13 and 20, claims 13 and 20 are directed to a non-transitory readable medium and a computing device associated with the method of claim 6. Claims 13 and 20 are of similar scope to claim 6, and are therefore rejected under similar rationale.





Conclusion
	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to RODERICK TOLENTINO whose telephone number is (571)272-2661. The examiner can normally be reached Mon- Fri 8am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 571-270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

RODERICK . TOLENTINO
Examiner
Art Unit 2439



/RODERICK TOLENTINO/Primary Examiner, Art Unit 2439