Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 4, 8, 13 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 4, 8, and 13 state “regaining/returning access control over a network node”.  It is unclear when the “access control” was lost, the claims do not imply an attack or loss of control. 
Additionally, Examiner points out that the term “access control” is generally used to denote security control to prevent unauthorized access to a resource.   Examiner’s reading of the claims in context, is that the Applicant intends to gain “control” of a node.  Clarification is required.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1, 3, 6 is/are rejected under 35 U.S.C. 103 as being unpatentable over Giakouminakis US 2011/0191854 in view of Inagaki US 20200050770As per claim 1. Giakouminakis teaches A method for enhanced enumeration of network exploits, the method comprising: scanning a network to identify and enumerate vulnerability exploit data from network scan results; accessing a vulnerability database to compare the vulnerability exploit data with stored vulnerability data; in response to identifying a match between the vulnerability exploit data and the stored vulnerability data, creating enhanced vulnerability exploit data; organizing the enhanced vulnerability exploit data for display on a computer graphical user interface (GUI); [0018]-[0022]; [0030][0031][0034]-[0036], [0045] [0053]
(teaches scanning to find vulnerability exploits by comparing exploit data to stored data, identifying a match and creating enhanced data by forming a report including risk levels and a GUI)
Inagaki teaches updating the vulnerability database with the enhanced vulnerability exploit data. [0101]-[0106] (Teaches updating vulnerability database with exploit data) 
It would have been obvious to one of ordinary skill in the art to useAs per claim 3. Giakouminakis teaches The method according to claim 1, wherein the enhanced vulnerability exploit data is organized in a table. [0031] (table)As per claim 6. Giakouminakis teaches The method according to claim 1, comprising: filtering the vulnerability exploit data. [0035] (filter based on threat or existence of actual vulnerability)Claim(s) 8, 9, 11, 12, 13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Giakouminakis US 2011/0191854 in view of Puente US 10,997,216 As per claim 8. Giakouminakis teaches A system for enhanced enumeration of network exploits, the system comprising: a computer having a graphical user interface (GUI) for initiating a network scan to identify and enumerate vulnerability exploit data from network scan results; a database accessible by the computer and containing stored vulnerability data for comparison with the vulnerability exploit data, wherein the computer, upon identifying a match, is configured for creating enhanced vulnerability exploit data based on exploits identified during the scan;  [0018]-[0022]; [0030][0031][0034]-[0036], [0045] [0053]
(teaches scanning to find vulnerability exploits by comparing exploit data to stored data, identifying a match and creating enhanced data by forming a report including risk levels and a GUI)

Puente teaches and a hot server configured for regaining access control over a network node identified via the enhanced vulnerability exploit data. (Column 5 line 40 to Column 6 line 46) (teaches a standby server/secondary server for a node that takes over the node for any reason if the primary is compromised or fails)   
It would have been obvious to use the hot server of Puente at the time the invention was filed with Giakouminakis because it ensures uninterrupted services.
As per claim 9. Giakouminakis teaches The system according to claim 8, wherein the GUI is configured to display the enhanced vulnerability data. [0031]As per claim 11. Giakouminakis teaches The system according to claim 9, wherein the enhanced vulnerability data is displayed as a table. [0031]As per claim 12. Giakouminakis teaches The system according to claim 8, wherein the computer is configured to filter the vulnerability exploit data. [0035]As per claim 13. Giakouminakis teaches A system for enhanced enumeration of network exploits, the system comprising: a computer for initiating a network scan to identify and enumerate vulnerability exploit data from network scan results; a database accessible by the computer and containing stored vulnerability data for comparison with the vulnerability exploit data, wherein the computer, upon identifying a match, is configured for creating enhanced vulnerability exploit data based on exploits identified during the scan; 0018]-[0022]; [0030][0031][0034]-[0036], [0045] [0053]
(teaches scanning to find vulnerability exploits by comparing exploit data to stored data, identifying a match and creating enhanced data by forming a report including risk levels and a GUI)


Puente teaches and a hot server configured for regaining access control over a network node identified via the enhanced vulnerability exploit data. (Column 5 line 40 to Column 6 line 46) (teaches a standby server/secondary server for a node that takes over the node for any reason if the primary is compromised or fails)   


Claim(s) 2 is/are rejected under 35 U.S.C. 103 as being unpatentable over Giakouminakis US 2011/0191854 in view of Inagaki US 20200050770 in view of Ouchn US 2017/0171236
As per claim 2. Ouchn teaches The method according to claim 1, wherein the enhanced vulnerability exploit data is organized in a hierarchal tree structure. [0043]
It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the tree of Ouchn with the prior art because it provides a clearer interpretation of data to a user.


Claim(s) 10 is/are rejected under 35 U.S.C. 103 as being unpatentable over Giakouminakis US 2011/0191854 in view of Puente US 10,997,216 in view of Ouchn US 2017/0171236
As per claim 10. Ouchn teaches The system according to claim 9, wherein the enhanced vulnerability data is displayed as a hierarchal tree structure. [0043]It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the tree of Ouchn with the prior art because it provides a clearer interpretation of data to a user.

Claim(s) 4, 5 is/are rejected under 35 U.S.C. 103 as being unpatentable over Giakouminakis US 2011/0191854 in view of Inagaki US 20200050770 in view of Puente US 10,997,216 
As per claim 4. Puente teaches The method according to claim 1, comprising: returning access control over a node from an exploit to a host server of the network, the node being identified using the enhanced vulnerability exploit data. (Column 5 line 40 to Column 6 line 46) (Column 12 line 55 to Column 13 line 12) (Fig 4B) 
 It would have been obvious at the time the invention was filed to use the control of Puente with the previous art because it ensures reliability.As per claim 5. Puente teaches The method according to claim 4, wherein returning access control over a node from an exploit to a host server of the network is initiated via a button on the GUI. (Column 12 line 55 to Column 13 line 12) (Fig 4B)

Claim(s) 7 is/are rejected under 35 U.S.C. 103 as being unpatentable over Giakouminakis US 2011/0191854 in view of Inagaki US 20200050770 in view of Hwang US 8,631,330

As per claim 7. Hwang teaches The method according to claim 1, wherein scanning a network to identify and enumerate vulnerability exploit data from network scan results initiated via the GUI.(Column 13 lines 10-20) Figure 11A  (teaches scanning via a GUI) 
It would have been obvious to use Hwang at the time the invention was filed with the prior art because a GUI improves usability.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833. The examiner can normally be reached M-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/CHRISTOPHER J BROWN/Primary Examiner, Art Unit 2439