Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Allowable Subject Matter
Claims 6-8 and 15-17 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Available Prior Art does not explicitly teach the limitations set forth by the claim. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-4 and 12-13  is/are rejected under 35 U.S.C. 103 as being unpatentable over Kliger (US20200053090) in view of Koottayi (US20180288063).

Regarding Claims 1 and 12, Kliger discloses A method of configuring an access system for providing access to a 2resource, the method comprising, performing by the access system: 3receiving a set of historical access requests for a set of resources, (Paragraph [0006] Examiner Notation (E.N.) Access control rules are automatically generated to limit access based on historical access requests allowing some users to access the resource while blocking others.)
each of the set 4of historical access requests comprising access data identifying the resource of the set of 5resources (Paragraph [0006] E.N. The historical access request looks at users who have used the resource in the past. Limiting the access to the computer resources allows for less vulnerability to the system.)
and including requestor information of a requesting entity (Paragraph [0047] E.N. If a user credential from another department is used to access files, the access control rule for the file looks at historical access data to block the request which may have come from an attacker.)
and an outcome label 6regarding a validity of the historical access request; (Paragraph [0007] E.N. Access control rule is applied to the validation data set to determine a denial rate level. If the denial rate is below the threshold, the access control rule is determined to be valid.)
7receiving a rule profile comprising rules that are triggerable by the access data, (Paragraph [0051] E.N. The access control determines whether a rule is triggered that requires the access attempt to be blocked.)
8the rule profile defining a profile score based on weights of rules that are triggered for an access 9request and specifying access classifications of providing access to the set of resources managed 10by a resource computer based on the profile score; (Paragraph [0035] A policy can be produced using different features of the user characteristics which are scored. The threshold value and weight are applied to the score to produce a policy.)
11optimizing, using the set of historical access requests, the weights for the rules of 12the rule profile using a cost function that includes the access classifications of the set of historical 13access requests obtained using the weights, (Paragraph [0034] E.N. A machine learning can be used to determine policies by using a histogram or analysis of the training data.)
 17computing a current profile score for the rule profile based on the optimized 18weights; (Paragraph [0035] E.N. The user’s characteristic can be scored along with a threshold value and weight applied to each feature and weighted feature score to create a policy.)
19obtaining one or more classification thresholds for discriminating between 20different access request outcomes; (Figure 5E E.N. The access control rule is applied to the access request. The access control rule is applied to the properties of access request to allow or reject access to the computer resource.)
	
	Kliger does not, but in related art, Koottayi teaches: the cost function including penalties for false positive 14classifications and false negative classifications relative to the outcome labels; (Paragraph [0094 lines 10-16] E.N. Administrators can monitor the types of policies the machine learning model is triggering to make sure that it is not creating too many false positives. If there is a high alert to this pattern, the admin may adjust the policy or create a second factor authentication policy.) 
15receiving a current access request including new access data identifying a current 16resource and including current requestor information of a current requesting entity; (Paragraph [0107 lines 6-10] E.N. When an access request is received from a group of users, the information associated with the request is analyzed against the policy as well as behavior models to determine the anomality of the request.)
21using one or more classification thresholds and the current profile score to 22determine a current access classification for providing access to the current resource; (Paragraph [0123] E.N. Machine Learning or rule engines can be used to determine threshold level. If data crosses the threshold level, the rule-based risk will be assigned collecting user’s access pattern to determine threat score.)
and 23processing the current access request in accordance with the current access 24classification to provide a specified access to the current resource. (Figure 9 E.N. Access request is received and is analyzed before allowing or blocking access to the resource.)
	Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kliger to incorporate the teachings of Koottayi because Kliger already discloses a method providing access requests to resources and using historical access request to identify the requestor using threshold and weight while failing to explicitly teach profile scores and processing access requests which is taught by Koottayi. Incorporating the teachings of Koottayi to Kliger allows for a system to view access requests from users, verify the access requests using historical data as well as scoring the users based on a threshold and allowing access to the resource. 

Regarding Claim 2, Kliger in view of Koottayi teaches the method of claim 1. Kliger further discloses wherein the one or more classification thresholds 2for the rule profile are received from the resource computer. (Paragraph [0009] E.N. Threshold values are determined based on preset value, algorithmically value or value received from an administrator. Machine Learning can be used by the access control rule for analysis on computer resource.)

Regarding Claim 3 and Claim 13, Kliger in view of Koottayi teaches the method of claim 1 and the system of claim 12. Kliger further discloses wherein optimizing the weights for the rule profile is based on stepwise regression and/or logistic regression, a neural network, one or more decision 3trees, or other machine learning technique. (Paragraph [0034] E.N. A machine learning or statistical method can be used by the policy generator to generate policies)

	Regarding Claim 4, Kliger in view of Koottayi teaches the method of claim 1. Kliger further comprising receiving a user selection of 2the rules to be optimized. (Paragraph [0037] The validator receives a policy (rule) and applies the access control rule to the data set receive.  It is then determined if the access control rule will be presented to the admirative user via user interface or Application program Interface.)

Regarding Claim 11 and 20, Kliger in view of Koottayi teaches the method of claim 1 and the system of claim 12. Kliger further discloses wherein computing the profile score further 2comprises summing a respective value of a respective weight of the optimized weights for a 3respective rule that is triggered. (Paragraph [0076] E.N. The scores are collected to produce a cumulative score which is then compared to a threshold value.)

Claim 5,9,10,14,18 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Kliger (US20200053090) in view of Koottayi (US20180288063) in further view of Ge (CN106506454A).

Regarding Claim 5 and Claim 14, Kliger in view of Koottayi teaches the method of claim 1 and the system of claim 12. However, the combination of Kliger and Koottayi do not, but in related art Ge teaches: adding, to the rules, or removing, from the rules, at least one trial rule; and 3computing an updated accuracy in response to the adding or removing. Paragraph [0061] E.N. Rules can be added to the rule engine, which in turn with the updated engine can provide more accurate data. One in the art can make the connection that when a rule is added it would be a trial rule at first to determine if the rule helps the accuracy.)
Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kliger in view of Koottayi to incorporate the teachings of Ge because the combination of Kliger and Koottayi both fail to explicitly disclose adding rules and computing the updated accuracy due to the newly added rules. Incorporating the teachings of Ge into Kliger and Koottayi allows for a system that can change its rules by adding or removing while also allowing the administrator to check if the changed in the rule helped in the accuracy before finalizing the rules. 

Regarding Claim 9 and Claim 18, Kliger in view of Koottayi teaches the method of claim 1 and the system of claim 12. However, the combination of Kliger and Koottayi do not, but in related art Ge teaches: wherein computing the profile score uses logistic 2regression, a neural network, or one or more decision trees that include the optimized weights. (Paragraph [0071] E.N. The classifier model is used with the rule engine to generate a final judgement result of the customer (See Paragraph [0036 lines 5-7]). The algorithm used by the classifier model can be a decision tree algorithm, neural network or a logistic regression algorithm)
Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kliger in view of Koottayi to incorporate the teachings of Ge because the combination of Kliger and Koottayi both fail to explicitly disclose logistic regression, neural network and decision trees which is taught by Ge. Incorporating the teachings of Ge into Kliger and Koottayi allows for a system to use a neural network, logistic regression algorithm to obtain a final judgement result (score) of the customer before allowing them access to the resource.

Regarding Claim 10 and Claim 19, Kliger in view of Koottayi teaches the method of claim 1 and the system of claim 12. However, the combination of Kliger and Koottayi do not, but in related art Ge teaches: wherein the cost function is used to obtain the one 2or more classification thresholds after optimizing an area under a curve in a Receiver Operating 3Characteristic (ROC) analysis. (Paragraph [0050] E.N. The classifier is trained and evaluated with an evaluation system which includes one or more of the following: ROC curve, correct rate, false positive rate etc.)


Therefore, it would be obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kliger in view of Koottayi to incorporate the teachings of Ge because the combination of Kliger and Koottayi both fail to explicitly disclose Receiving Operating Characteristic (ROC) which is taught by Ge. Incorporating the teachings of Ge to Kliger and Koottayi allows for a system to use ROC curve obtain information or evaluate information regarding the system.


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AAYUSH ARYAL whose telephone number is (571)272-2838. The examiner can normally be reached 8:00 a.m. - 5:30 p.m..
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joesph Hirl can be reached on (571) 272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/AAYUSH ARYAL/Patent Examiner, Art Unit 2435 

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435