DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1 - 20 are rejected under 35 U.S.C. 103 as being unpatentable over Madhu, publication number: US 2014/0282977 in view of Wolfin, publication number: US 202/0233961

As per claim 1, Madhu teaches a computer-implemented method for team-sourced anomaly vetting via automatically-delegated role definition within a computing system comprising, via one or more transceivers and/or processors:
automatically determining that an event of the computing system corresponding to activity of an end user is anomalous (Machine learning for determining anomalies, [0029]);
automatically generating and transmitting a notification to one or both of the end user and another end user, the notification providing access to an executable statement including code configured to be executed to remove an access restriction (Notifying user of anomaly and allowing user to trust or not trust, [0027][0032]);
automatically receiving a call to the executable statement generated by the other end user (Function call, [0034][0026]); 
Madhu does not clearly teach based on the anomalous event, automatically editing a permission store of the computing system to include an access restriction on the end user; 
automatically editing the permission store to remove the access restriction on the end user.
In an analogous art, Wolfin teaches based on the anomalous event, automatically editing a permission store of the computing system to include an access restriction on the end user (blocking operations of a running container, [0060]); 
automatically editing the permission store to remove the access restriction on the end user (unblocking a container, [0059-0060]).

Therefore, it would have been obvious to one of ordinary skill in the art, prior to the effective filing date of the claimed invention, to modify Madhu’s anomaly detection system to include changing access rights based on the possibility of an anomaly and reinstating access rights as described in Wolfin’s anomaly detection system for the advantages reducing false positives. 

As per claim 2, the combination teaches further comprising, via the one or more processors and/or transceivers automatically receiving identification information of the other end user in conjunction with the call of the executable statement;
automatically confirming that the identification information satisfies a criterion for
determining permission to execute the executable statement as a condition precedent for the removal of the access restriction (Madhu: API, [0034], Parent controlling access, [0027], Trusting or not trusting, [0032]).

As per claim 3, the combination teaches further comprising, via the one or more processors and/or transceivers, automatically confirming that the other end user has not exceeded a limit for unblocking statements as a further condition precedent for the removal of the access restriction (Wolfin: notification limit, [0059-0060]).

As per claim 4, the combination teaches the executable statement comprises a stored procedure, the computing system comprises an SQL server administering access to a database, the notification comprises an e-mail to the end user embedding a link to the stored procedure,
the identification information of the other end user is passed to the SQL server as context to the call (Madhu: SQL, [0062], email, [0027], Parent determining trust, [0027]).

As per claim 5, the combination teaches wherein the determination of the anomalous event is performed at least in part by a machine learning algorithm, further comprising, via the one or more processors and/or transceivers, re-training the machine learning algorithm based at least in part on the anomalous event and the removal of the access restriction (Madhu: training, [0032]).

As per claim 6, the combination teaches wherein the determination of the anomalous event includes generating a confidence indicator, and re-training the machine learning algorithm is based at least in part on the confidence indicator (Madhu: scores, [0021-0024], training [0032]).

As per claim 7, the combination teaches wherein the access restriction comprises addition of the end user to a pre-defined role restricting access to data,
the executable statement comprises a stored procedure called by the other end user to remove the end user from the pre-defined role (Wolfin: blocking and unblocking, [0059-0060]).

Claims 8-14 are rejected based on claims 1-7
Claims 15-20 are rejected based on claims 1-5 and 7

Conclusion








Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLUGBENGA O IDOWU whose telephone number is (571)270-1450. The examiner can normally be reached Monday-Friday 8am - 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung Kim can be reached on 5712723804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/OLUGBENGA O IDOWU/Primary Examiner, Art Unit 2494