DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 1-20 are pending.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims  1-5, 7-8, 12-16 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. 11140167 (Lin et al.) in view of US 2017/0091658 (Matthiesen et al.).

Regarding Claim 1, Lin teaches a computer system comprising: one or more processors; and one or more computer-readable media having stored thereon instructions that are executable by the one or more processors to configure the computer system to implement a method (C.5:L.51-58) for predicting a service account based on a key of the service account ([C.1:L.13-15] classifying user accounts as human accounts or service accounts based on keys from an identity management system) by performing at least the following:
obtaining a machine learning tool that is trained on key label data for service accounts and user accounts ([C.1:L.61-64] automatically classifying user accounts within an entity's computer network, using machine-based-learning modeling and keys from an identity management system. [C.3:L.2-24], uses machine-learning-based modeling and keys from an identity management system to classify accounts… creates a statistical model that maps individual keys, or sets of keys, from an identity management system to a probability of being associated with a service account… The model is trained using a set of inputs and a target variable. The inputs used to train the statistical model are identity management keys …the target variable for the model is whether an account is a service account. …the target variable could be whether the account is a human user account.);
identifying a key associated with an account comprising either a service account or a user account ([C.3:L.35-45], review the keys for a set of accounts to identify the accounts with a key or set of keys known to be specific only to service accounts at an entity);
determining whether the key is associated with the service account in response to applying the key to a machine learning tool that is trained to identify service accounts and/or to distinguish between user accounts and service accounts based on at least key of the service accounts ([C.3:L.57-59], Once the model is created, it can be used to automatically determine whether an unclassified account is a service account or human user account. [C.4:L.17-25], Referring again to FIG. 1, if the probability calculated in step 140 is above a threshold probability, the system classifies the account as a service account (step 145, 150). … if the probability is below the threshold, the account is classified as a human user account (step 160). [C.4:L.17-25], the positive class is the service account in that the model predicts the probability that an account is a service account. …the system could be easily configured such that the positive class is a human user account. In such case, the model is trained to predict the probability that an account is a human user account); and
While Lin teaches classify account based on the keys (for example, employeetype, employeenumber, title, etc. illustrated in Fig. 6) form an identity management system, however, Lin does not explicitly teach, but Matthiesen teaches classify account based on user name and performing an action that is selectively based on the determination that the user name corresponds to the service account rather than the user account [¶ 0069], provides supervised, iterative ML-based functionality, preferably with a user-generated training set for classification. The training set may include various types of data, including characteristics or attributes of the account types, the users [i.e., user name], or the like. A goal of the initial ML training is to enable the machine to identify specific characteristics or attributes that provide a good classification result, with the resulting classifications then applied within the identity and access management (IAM) system. …the output of the ML system may be used by the IAM system for enforcing rights [i.e., performing an action] associated with the identified accounts, modifying, suspending or deleting accounts, and so forth).
A person having ordinary skill in the art before the effective filing date of the claimed invention would have incorporated the Matthiesen 's Machine Learning system for classifying account with Lin’s Machine Learning system for classifying account because it would have allowed the system of a known technique for improvement to yield the predictable result of utilizing user name  to train a ML system to classify an account and enforcing rights based on the identified account type, without the requiring significant modifications to the Lin’s disclosure outside the scope of one having ordinary skill in the art before the effective filing date of the claimed invention.

Regarding Claim 2, Lin teaches the computer system of claim 1, wherein the user name [i.e., key] is identified from  a login request ([C.1:L.31-34] during a login session, an account is behaving as a service account, but it is known that it is a human user account, the login session may be a good candidate for an alert).

Regarding Claim 3, Lin teaches the computer system of claim 1, wherein the user name is determined to be associated with the service account without the computer system referencing a reference table or data structure that includes a listing of service accounts ([C.3:L.47-49 and 57-59], Using a supervised learning algorithm, the system leverages the manually classified accounts to “learn” and build the statistical model….Once the model is created, it can be used to automatically determine whether an unclassified account is a service account or human user account. Since Lin teaches using a model to determine the account, therefore, it would be appreciated that the determination whether the account is a service account or user account is made without referencing a reference table or data structure that includes a listing of service account).

Regarding Claim 4, Lin teaches the computer system of claim 1, wherein the user name is determined to be associated with the service account without the computer system referencing a reference table or data structure that explicitly identifies a convention for identifying service accounts ([C.3:L.47-49 and 57-59], Using a supervised learning algorithm, the system leverages the manually classified accounts to “learn” and build the statistical model….Once the model is created, it can be used to automatically determine whether an unclassified account is a service account or human user account. Since, Lin teaches using a model to determine the account, therefore, it would be appreciated that the determination whether the account is a service account or user account is made without referencing a reference table or data structure that explicitly identifies a convention for identifying service accounts).

Regarding Claim 5, Lin teaches the computer system of claim 1, wherein the method further includes the computer system generating and/or training the machine learning tool to identify service accounts and to distinguish service accounts from user accounts ([C.1:L.61 to C.2:L.5] automatically classifying user accounts within an entity's computer network, using machine-based-learning modeling and keys from an identity management system. …Using machine-learning-based modeling, the system creates a statistical model that maps individual keys or sets of keys to a probability of being associated with a first type of user account. The model is trained using a set of inputs and a target variable. [C.3:L.15-24], the model is trained using a set of inputs and a target variable. The inputs used to train the statistical model are identity management keys associated with manually-classified accounts. …the target variable for the model is whether an account is a service account. …the target variable could be whether the account is a human user account).

Regarding Claims 7 and 15, the claims limitations are identical and/or equivalent in scope to claim 1, therefore, rejected under the same rationale.

Regarding Claims 8 and 16, the claims limitations are identical and/or equivalent in scope to claim 2, therefore, rejected under the same rationale.

Regarding Claims 12 and 19, the claims limitations are identical and/or equivalent in scope to claim 5, therefore, rejected under the same rationale.

Regarding Claims 13-14 and 20, the claims limitations are identical and/or equivalent in scope to claims 3 and 4, therefore, rejected under the same rationale.

Claims  6, 10 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over US Lin in view of Matthiesen, further in view of US 2018/0144256 (Saxena et al.).

Regarding Claim 6, while Lin teaches machine learning tool utilize Bernoulli Naïve Bayes algorithm, however, Lin in view of Matthiesen do not explicitly teach, but, Saxena teaches the computer system of claim 1, wherein the machine learning tool incorporates or utilizes a deep neural network to determine that the user name corresponds to the service account ([¶ 0035], machine learning process may include extracting feature values from a training set of accounts known to belong to a first category and a training set of accounts known to belong to a second category. The extracted features and their association with known categories or account types may be used to train a machine-learning prediction model. Once trained, the machine-learning model may be used to analyze similarly extracted feature values from an account of unknown usage type and predict how the account should be categorized/classified. [¶ 0050], the training data sets then be used to train the machine-learning model for predicting a given user account. Any suitable machine-learning model and any suitable training algorithm may be used, such as linear regression, logistic regression, neural networks, nearest neighbor methods, support vector machines, etc.).
A person having ordinary skill in the art before the effective filing date of the claimed invention would have incorporated the Saxena's neural network algorithm with Lin and Matthiesen’s Machine Learning system to classify account, because it would have allowed the system of a known technique for improvement to yield the predictable result of utilizing neural network algorithm, without the requiring significant modifications to the Lin’s disclosure outside the scope of one having ordinary skill in the art before the effective filing date of the claimed invention.

Regarding Claims 10 and 18, the claims limitations are identical and/or equivalent in scope to claim 6, therefore, rejected under the same rationale.

Claims  9 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over US Lin in view of Matthiesen, further in view of US 2018/0144256 (Saxena et al.).

Regarding Claim 9, while, Lin teaches maps individual keys, or sets of keys, from an identity management system to a probability of being associated with a service account [C.3:L.9-11], However, Lin in view of Matthiesen do not explicitly teach, however, Wang teaches the computer system of claim 7, wherein the user name corresponds to the service account ([¶ 0064], data stores may include a database, text, spreadsheet, folder, file, or the like, that may be configured to maintain and store information about users, user activities, services, statistical data, user names, account relationships, and the like …data stores may also include registration information for a user that associates a user name, with an secured content/service account).
A person having ordinary skill in the art before the effective filing date of the claimed invention would have incorporated the Wang's database with Lin and Matthiesen’s Machine Learning system to classify account, because it would have allowed the system of a known technique for improvement to yield the predictable result of utilizing database that include registration information for a user that associates a user name, with a service account without the requiring significant modifications to the Lin’s disclosure outside the scope of one having ordinary skill in the art before the effective filing date of the claimed invention.

Regarding Claim 17, the claim limitations are identical and/or equivalent in scope to claim 9, therefore, rejected under the same rationale.

Claim  11 is rejected under 35 U.S.C. 103 as being unpatentable over US Lin in view of Matthiesen, further in view of US 2019/0102098 (Biswas et al.).

Regarding Claim 11, Lin in view of Matthiesen do not explicitly teach, however, Biswas teaches the computer system of claim 7, wherein the machine learning tool is generated by and trained by a separate computer system that is different than the computer system that uses the machine learning tool to determine whether the behavior or request corresponds to the user account or the service account by applying the user name to the machine learning tool ([¶ 0036] …the machine learning server computer sends a machine learning configuration file, a training dataset, and the input file to a separate server computer. The separate server computer configures a machine learning system using the machine learning configuration file, trains the machine learning system using the training dataset, computes an output dataset from the input dataset using the machine learning system, and sends the output dataset back to the machine learning server computer. The use of separate servers allows the machine learning server computer to compute output datasets for different input datasets in parallel using different machine learning systems and different training datasets while reducing the amount of data stored on the machine learning server computer).
A person having ordinary skill in the art before the effective filing date of the claimed invention would have incorporated the Biswas's separate server for machine learning with Lin and Matthiesen’s Machine Learning system to classify account, because it would have allowed the system of a known technique for improvement to yield the predictable result of utilizing separate server configures a machine learning system using the machine learning configuration file, trains the machine learning system using the training dataset without the requiring significant modifications to the Lin’s disclosure outside the scope of one having ordinary skill in the art before the effective filing date of the claimed invention.

Written Authorization for Internet Communication
The Examiner recommends filing a written authorization for Internet communication in response to the present action. Doing so permit the USPTO to communicate with Applicant using Internet email to schedule interviews or discuss other aspects of the application. Without a written authorization in place, the USPTO cannot respond to Internet correspondence received from Application. The preferred method of providing authorization is by filing form PTO/SB/439 available at: https://www.uspto.gov/patent/forms/forms. See MPEP § 502.03 for other method of providing written authorization.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD YOUSUF A MIAN whose telephone number is (571)272-9206. The examiner can normally be reached Monday-Friday 9am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, PETER-ANTHONY PAPPAS can be reached on 571-272-7646. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
/MOHAMMAD YOUSUF A. MIAN/Examiner, Art Unit 2448                                                                                                                                                                                                        
/LANCE LEONARD BARRY/Primary Examiner, Art Unit 2448