DETAILED ACTION
This office action is in response to the application filed on 12/23/2019. Claims 1-20 are pending and are examined.	
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Allowable Subject Matter
Claims 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance:

The closest prior arts made of records are, Donahue (U.S Pub No. 2018/0054429 A1, referred to as Donahue), Dietrich et al. (U.S Pub No. 2019/0005488 A1, referred to as Dietrich) and Frank et al. (U.S Pub No. 2019/0005098 A1, referred to as Frank). 
 
Donahue discloses system and method which are directed to the detection of access paths in a computer network that malicious actors can exploit. A credential security discovery system receives information about computer accounts and computer account credentials and credential artifacts from computer devices. The credential security discovery system derives information about the permissions and rights of these accounts across a network of computing devices, such as computers and computing systems. The credential security discovery system then evaluates the ability for malicious actors to access and exploit these artifacts to gain access to additional computing devices. In this way the owners and administrators of the computer devices are aware of the total impact of account compromise, for example, via credential theft, from one or more computing devices across all of their computer devices and across their network. The credential security discovery system can then interact with the computer devices to remove credentials and credential artifacts.

Dietrich discloses an access management system comprises one or more databases and one or more computers. The one or more databases may store access data, accessor data, restriction data, and/or biometric data. The one or more computers may comprise an account identifier management computer, an authorization server computer, and/or an account management server computer. The account identifier management computer may generate account identifiers for physical or virtual cards. The cards may have interface-specific account identifiers. The authorization server computer may be communicatively coupled to an account access system that is used to obtain account identifiers as input. The authorization server computer may apply one or more restrictions to an account identifier. The account identifier management server computer may enable monitoring account activity and/or generate ephemeral phone numbers that can be used to authenticate callers to call recipients.

Frank discloses an access management system includes a database configured to store access data including account identifiers and accessor identifiers, wherein the access data indicates particular accounts that have been accessed by particular accessors. The access management system also includes a computer system that receives a reservation request comprising an account identifier and an accessor identifier and determines whether the account identifier is included in the database. The computer system also determines, in response to the account identifier being present in the database, whether the access data correlates the account identifier to the accessor and authorizes the reservation of the one or more resources in the account by the accessor in response to the access data correlating the account identifier to the accessor.

However, regarding claims 1, 8 and 15, the prior art of Donahue, Dietrich and Frank  when taken in the context of the claim as a whole do not disclose nor suggest, “obtaining, by an emergency shutdown and restore module in response to a user instruction or a security breach occurring in an enterprise computing environment, an identity population definition, the identity population definition defining a population of identities in the enterprise computing environment based on a set of attributes of identity management artifacts; determining, by the emergency shutdown and restore module based at least on the identity population definition, a set of accounts associated with the population of identities, the set of accounts distributed across applications in the enterprise computing environment; determining, by the emergency shutdown and restore module, source systems of the set of accounts, each of the source systems having a source-specific connector; and requesting, by the emergency shutdown and restore module via the source-specific connector respectively, each of the source systems to shut down access to the applications by the set of accounts associated with the population of identities, or to exclude the set of accounts associated with the population of identities in shutting down access to the applications in the enterprise computing environment.”.

Claims 2-7 depend on claim 1, claims 9-14 depend on claim 8 and claims 16-20 depend on claim 15, and are of consequence allowed.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:  See PTO-892.  
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HASSAN SAADOUN whose telephone number is (571)272-8408. The examiner can normally be reached Mon-Fri 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on 571-272-3685. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/HASSAN SAADOUN/Examiner, Art Unit 2435 

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435