DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
	This action is responsive to application filed on 12/31/2019.  Claims 1-20 are presented for examination.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Swiller et al (USPN. 7,013,395).

Regarding claim 1, Swiller discloses a system comprising: one or more processors; and a memory; one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs including instructions that (fig. 2, network and machines): 
obtain a graph having paths, a path includes nodes and edges, the nodes of users, groups, and devices, the edges of relationships between each node connected to an edge, the graph representative of a tenant of a cloud service, wherein a node is classified as sensitive or non-sensitive (fig. 2, graph structure A-G, col. 7, lines 7-11, 50-55 and 59-63, all nodes other than GOAL nodes are non-sensitive, attach graph in a cloud network comprising plurality of machines and types of users);
identify a risky edge in paths that lead to a sensitive node (fig. 2 ,col. 9, lines 27-42 and col. 10, lines 23-35, added vulnerability by use of type of nodes, distance, edge weight); and 
perform an action to eliminate the relationship between nodes connected to the risky edge (fig. 2, col. 10, lines 21-34, Node C with number 10 does not represent the shortest path as it has value of 10 and is therefore eliminated from the path to node 2).

2. The system of claim 1, wherein an edge represents one of Administrator-Of, Has-Session, and Member-Of (fig. 2, Machines B, C, “Normal User”, “password of user” and Server Daemon access). 

3. The system of claim 1, wherein the one or more programs include further instructions that: update the graph periodically during operation of the cloud service (fig. 2, col. 9, lines 34-37, upon user gaining a plain text password on Machines B and C, the path is updated by the user gaining additional access to gain root).  

4. The system of claim 3, wherein the one or more programs include further instructions that: determine if another risky edge exists from the updated graph (fig. 2, col. 10, lines 19-27, the attacker gains access via edge A, added vulnerability shown in edges B,C and D). 

5. The system of claim 1, wherein the one or more programs include further instructions that: identify the risky edge from a risk score, the risk score based on a number of distinct detached non-sensitive nodes, a number of distinct detached sensitive nodes, and a number of distinct paths containing the risky edge (fig. 2, col. 10, lines 26-43, risk assessment on different paths, distances, types of nodes and passwords granted, see risk score based on cost to the attacker and edge weights, see also optimal paths).  

6. The system of claim 5, wherein the risk score is a weighted sum of the number of distinct detached non-sensitive nodes, the number of distinct detached sensitive nodes, and the number of distinct paths containing the risky edge  (fig. 2 and 10, lines 35-43, analysis of all paths based on shortest distance.  Note that each edge has different risk based on vulnerability such as edge weight, col. 7, lines 7-11).

7. The system of claim 1, wherein the one or more programs include further instructions that: identify the risky edge from a risk score, the risk score applies a first weight to a number of distinct detached non-sensitive nodes, applies a second weight to a number of distinct detached sensitive nodes, and applies a third weight to a number of distinct paths containing the risky edge (fig. 2 and col. 5, lines 10-30, defense placement based on critical nodes, conflicting  criteria, and weight function based on edge metrics comprising weights).

Regarding claim 8, Swiller discloses a method, comprising:
representing entities having access to resources in a tenant of a cloud service in a graph, the graph having nodes of entities and edges representing a relationship between two connected entities, at least one node representing a sensitive entity, at least one node representing a non-sensitive entity (fig. 2, network and machines with tenants); 
determining whether an edge in the graph is on a lateral movement path by traversing each path in the graph from a sensitive entity to each connected non-sensitive entity and computing a score for the edge that indicates whether the edge is on a lateral movement path (fig. 2, graph structure A-G, col. 7, lines 7-11, 50-55 and 59-63, all nodes other than GOAL nodes are non-sensitive, attack graph in a cloud network comprising plurality of machines and types of users, and col. 9, lines 27-42 and col. 10, lines 23-35, added vulnerability by use of type of nodes/users, distance and edge weight wherein initial attacker on Path A opens the vulnerability on all paths B, C, and D); and 
based on the score, eliminating a relationship between entities connected to the edge determined to be on the lateral movement path (fig. 2, col. 10, lines 21-34, Node C with number 10 does not represent the shortest path as it has value of 10 and is therefore eliminated from the path to node 2).  

9. The method of claim 8, wherein the score is based on a number of distinct detached non-sensitive entities (fig. 2 A-G and col. 10, lines 35-43, analysis of all paths based on shortest distance.  Note that each edge has different risk based on vulnerability such as edge weight, col. 7, lines 7-11).

10. The method of claim 8, wherein the score is based on a number of distinct detached sensitive entities (fig. 2 A-G, and col. 10, lines 35-43, analysis of all paths based on shortest distance.  Note that each edge has different risk based on vulnerability such as edge weight, col. 7, lines 7-11).

11. The method of claim 8, wherein the score is based a number of distinct paths containing the edge (col. 5, lines 11-29, edge weights, optimal paths, all paths and time used to determine defense placement).

12. The method of claim 8, wherein the score is a sum of a number of distinct detached non-sensitive entities, a number of distinct detached sensitive entities and a number of distinct paths containing the edge (fig. 2 and col. 10, lines 35-43, analysis of all paths based on shortest distance.  Note that each edge has different risk based on vulnerability such as edge weight, col. 7, lines 7-11). 

13. The method of claim 8, wherein the score is sum of a first weight applied to a number of distinct detached non-sensitive entities, a second weight applied to a number of distinct detached sensitive entities, and a third weight applied to a number of distinct paths containing the edge (fig. 2, col. 10, lines 26-43, risk assessment on different paths, distances, types of nodes and passwords granted, see risk score based on cost to the attacker and edge weights, see also optimal paths).  

14. The method of claim 8, wherein an edge represents a relationship of Administrator- Of, Has-Session, or Member-Of (fig. 2, Machines B, C, “Normal User”, “password of user” and Server Daemon access).

15. The method of claim 8, wherein an entity represents a user account, a group, or a device (fig. 2, user account, Root or normal).  

Regarding claim 16, Swiller discloses a device, comprising: a processor coupled to a memory; wherein the processor is configured to  (fig. 2, network and machines):
 obtain a graph of paths, a path includes nodes connected by edges, a node associated with a sensitive entity or a non-sensitive entity, an edge representing a relationship between two connected nodes, wherein the graph represents a configuration of entities having access to resources of a tenant of a cloud service (fig. 2, graph structure A-G, col. 7, lines 7-11, 50-55 and 59-63, all nodes other than GOAL nodes are non-sensitive, attach graph in a cloud network comprising plurality of machines and types of users);
compute a risk score for each edge in a path, the risk score based on a number of distinct detached non-sensitive nodes, a number of distinct detached sensitive nodes, and a count of distinct paths containing the edge (fig. 2, col. 10, lines 26-43, risk assessment on different paths, distances, types of nodes and passwords granted, see risk score based on cost to the attacker and edge weights, see also optimal paths); and 
identify a risky edge in a path based on a risk score (fig. 2 and col. 5, lines 10-30, defense placement based on critical nodes, conflicting criteria, and weight function based on edge metrics comprising weights).

17. The device of claim 16, wherein an edge represents an Administrator-Of, Has- Session, or Member-Of relationship between two connected nodes (fig. 2, Machines B, C, “Normal User”, “password of user” and Server Daemon access).   

18. The device of claim 16, wherein a node represents a user account, a device or group (fig. 2, user account, Root or normal).    

19. The device of claim 16, wherein the risk score is a sum of a number of distinct detached non-sensitive entities, a number of distinct detached sensitive entities and a number of distinct paths containing an edge (fig. 2, col. 10, lines 26-43, risk assessment on different paths, distances, types of nodes and passwords granted, see risk score based on cost to the attacker and edge weights, see also optimal paths).  

20. The device of claim 16, wherein the risk score is sum of a first weight applied to a number of distinct detached non-sensitive entities, a second weight applied to a number of distinct detached sensitive entities, and a third weight applied to a number of distinct paths containing the edge (fig. 2 and col. 10, lines 35-43, analysis of all paths based on shortest distance.  Note that each edge has different risk based on vulnerability such as edge weight, col. 7, lines 7-11).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure in the field of risk assessment:
USPN. 8,938,781
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MARCIN R FILIPCZYK whose telephone number is (571)272-4019. The examiner can normally be reached M-F 7-4 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alford Kindred can be reached on 571-272-4037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





May 24, 2022
/MARCIN R FILIPCZYK/Primary Examiner, Art Unit 2153