DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
This is a reply to the application filed on 08/03/2020 with preliminary amendment filed on 12/14/2020 and 03/21/2022, in which, claim(s) 1-4 are pending. Claims 1 and 3 are independent.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/03/2020, has been reviewed. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information disclosure statement.

Terminal Disclaimer
The terminal disclaimers filed on 03/14/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of US Patent No. 11,297,109 have been reviewed and are accepted.  The terminal disclaimers have been recorded.

Drawings
The drawings filed on 08/03/2020 with replacement sheet filed on 12/14/2020 are accepted by The Examiner.


EXAMINER’S AMENDMENT
An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner's amendment was given in a telephone interview with Attorney Brian S. Boon (Reg. No. 77,640) on 05/19/2022. 

Please replace claim 1 with:
1. (Currently amended) A system for management of distributed collaborative databases with validation of source reliability, comprising:
an in-memory associative array stored in a hardware memory of a cloud computing platform; 
a cloud-based storage bin stored in a non-volatile storage device of the cloud computing platform;
a reputation relationship graph stored the in-memory associative array comprising nodes representing reputation scores associated with a plurality of data services, and edges representing relationships between the nodes;
a breach content database stored in the cloud-based storage bin, the breach content database comprising historical data breach records;
a vulnerability and exploit database stored in the cloud-based storage bin, the vulnerability and exploit database comprising information about vulnerabilities and exploits associated with a data service;
a data extractor and pre-processor comprising a first plurality of programming instructions stored in the in-memory associative array of, and operating on a processor of, the cloud computing platform, wherein the first plurality of programming instructions, when operating on the processor, causes the cloud computing platform to:
periodically connect to, and pull data from, application programming interfaces (APIs) of the plurality of data services;
for each data pull from each API, extract metadata included in that data pull that identifies the data service and a content of the data in that data pull;
forward the data and its extracted metadata to a reputation management system; and
a reputation management system comprising a second plurality of programming instructions stored in the in-memory associative array of, and operating on a processor of, the cloud computing platform, wherein the second plurality of programming instructions, when operating on the processor, causes the cloud computing platform to:
receive the data and its extracted metadata;
establish a reputation score for the data in each data pull by:
comparing the extracted metadata identifying the content of the data against the breach content database;
comparing the extracted metadata for identifying the source of the data against the vulnerabilities and exploits database; and
generating a component reputation score for that data pull based on the comparisons using weighted averaging;
for each component reputation score generated, creating a new node in the reputation relationship graph representing the component reputation score, and associating the new node via one or more edges with one or more existing nodes in the reputation relationship graph for the data service from which the data was pulled; and
generating a new reputation score for each data service from which data was pulled by analyzing the new nodes and edges of the graph added for each component reputation score associated with that data service by:
for each data pull from each data service, updating the breach content database with the new reputation score and publishing the update on a first publication and subscription data feed for the breach content database; and
for each data pull from each data service, updating the vulnerabilities and exploits database with the new reputation score and publishing the update on a second publication and subscription data feed for the vulnerabilities and exploits database;
wherein the reputation relationship graph logically organizes the plurality of data services into a distributed collaborative database with a reliability of each data service being indicated by its reputation score.


Please replace claim 3 with:
3. (Currently amended) A method for management of distributed collaborative databases with validation of source reliability, comprising the steps of:
storing a reputation relationship graph in a cloud-based storage bin stored in a non-volatile storage device of a cloud computing platform, the reputation relationship graph comprising nodes representing reputation scores of a plurality of data services, and edges representing relationships between the nodes;
storing a breach content database [[stored]] in the cloud-based storage bin, the breach content database comprising historical data breach records;
storing a vulnerability and exploit database [[stored]] in the cloud-based storage bin, the vulnerability and exploit database comprising information about vulnerabilities and exploits associated with a data service;
using a data extractor operating as a software module stored in an in-memory associative array of a hardware memory of the cloud computing platform:
periodically connecting to, and pulling data from, application programming interfaces (APIs) of [[a]]the plurality of data services;
for each data pull from each API, extracting metadata included in the data pull that identifies the source and content of data in that data pull;
forwarding the data and its extracted metadata to a reputation management system operating as a software module stored in the in-memory associative array of the cloud computing platform;
using the reputation management system:
receiving the data and its extracted metadata;
establishing a component reputation score for the data in each data pull by:
comparing the extracted metadata identifying the content of the data against the breach content database;
comparing the extracted metadata for identifying the source of the data against the vulnerabilities and exploits database;
generating the component reputation score for that data pull based on the comparisons using weighted averaging;
for each component reputation score generated, creating a new node in the reputation relationship graph representing the component reputation score, and associating the new node via one or more edges with one or more existing nodes in the reputation relationship graph for the data service from which the data was pulled; and
generating a new reputation score for each data service from which data was pulled by analyzing the new nodes and edges of the graph added for each component reputation score associated with that data service, by performing the following steps:
for each data pull from each data service, updating the breach content database with the new reputation score and publishing the update on a first publication and subscription data feed for the breach content database; and
for each data pull from each data service, updating the vulnerabilities and exploits database with the new reputation score and publishing the update on a second publication and subscription data feed for the vulnerabilities and exploits database;
wherein the reputation relationship graph logically organizes the plurality of data services into a distributed collaborative database with a reliability of each data service being indicated by its reputation score.

Please replace claim 4 with:
4. (Currently amended) The method of claim [[1]]3, further comprising the steps of:
using a cyber open data market exchange operating as a software module stored in the in-memory associative array of the cloud computing platform:
extracting data from external score and metric databases;
extracting user data from internal databases;
generating a cyber score from the combination of external data and internal data, wherein the score is calculated from a plurality of scoring metrics; 
sending the cyber score to the cyber open market exchange; and
wherein the cyber open market exchange facilitates transactional behavior among market participants.


Allowable Subject Matter
Claims 1-4 are allowed.

The following is an examiner's statement of reasons for allowance:
Independent Claim(s) and their respective dependent claims are allowable over prior arts since the prior arts taken individually or in combination fails to particular discloses, fairly suggest or render obvious the following italic limitations:

In claims 1 and 3:
“generating a new reputation score for each data service from which data was pulled by analyzing the new nodes and edges of the graph added for each component reputation score associated with that data service by:
for each data pull from each data service, updating the breach content database with the new reputation score and publishing the update on a first publication and subscription data feed for the breach content database; and
for each data pull from each data service, updating the vulnerabilities and exploits database with the new reputation score and publishing the update on a second publication and subscription data feed for the vulnerabilities and exploits database;
wherein the reputation relationship graph logically organizes the plurality of data services into a distributed collaborative database with a reliability of each data service being indicated by its reputation score” in combination with other limitations recited as specified in the independent claim(s). 


The closest prior art made of record are:
Harris et al. (US 2016/0080399 A1) teaches threat detection using reputation scores for particular actions that expire after a predetermined time.
Dixon et al. (US 2006/0253580 A1) teaches receiving a request for web content from a client computing facility, presenting the web content, and retrieving an indicia of a reputation assessment of the web content and delivering the indicia to the client computing facility in coordination with delivery of the web content to the client computing facility. 
James Michael Knight (US 2004/0255167 A1) teaches a remote security management center to provide many of the monitoring and protection functions traditionally carried out by an information technology support center located at a particular network site. The remote center can monitor a protected network and intervene to thwart hacking or viral/worm attacks against the separate protected network through the global network attached to the protected network.
Sander et al. (US 2018/0013774 A1) teaches a collaborative security list comprising a list of entries known to be secure or a list of entries known to be insecure and providing a candidate security list comprising at least the first candidate entry to the community and obtaining, from a second user of the community, a first score indicating how confident the second user is that the first candidate entry is secure.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186. The examiner can normally be reached Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497