Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
	Claims 1-20 are presented for examination.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-16 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claims 1, 11 and 16 recite the limitation "the insight" in lines 6 and 10.  There is insufficient antecedent basis for this limitation in the claim.  The dependent claims are rejected under the same rationale.  For examination purposes here within, all recitations of the term “the insight” will be assumed as “the cognitive insight”.   

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1)/(a)(2) as being anticipated by Bradley et al. US 10,069,842.
The applied reference has a common Assignee with the instant application. Based upon the earlier effectively filed date of the reference, it constitutes prior art under 35 U.S.C. 102(a)(2). This rejection under 35 U.S.C. 102(a)(2) might be overcome by: (1) a showing under 37 CFR 1.130(a) that the subject matter disclosed in the reference was obtained directly or indirectly from the inventor or a joint inventor of this application and is thus not prior art in accordance with 35 U.S.C. 102(b)(2)(A); (2) a showing under 37 CFR 1.130(b) of a prior public disclosure under 35 U.S.C. 102(b)(2)(B) if the same invention is not being claimed; or (3) a statement pursuant to 35 U.S.C. 102(b)(2)(C) establishing that, not later than the effective filing date of the claimed invention, the subject matter disclosed in the reference and the claimed invention were either owned by the same person or subject to an obligation of assignment to the same person or subject to a joint research agreement.

Regarding claim 1, Bradley discloses a method comprising: 
receiving a request to generate a cognitive insight from a requestor, the requestor associated with a requestor data security level;
generating the cognitive insight using a first machine learning model and a plurality of data sources, each data source associated with a respective data security level (col. 5, line 61-col. 6, line 2: cognitive security engine module 164 receives mined data for a requestor of secure resource 182 from data storage 170, and generates a set of information, or a security profile, that is relevant to a determination of a security risk level. Cognitive security engine module 164 may include techniques and algorithms from Natural Language Processing (NLP), sentiment analysis, user behavioral analytics, classification engines, and other machine learning techniques. Col. 6, line 35- 45: Security risk level module 166 receives the security profile and determines a security risk level score with respect to the requestor.  The security risk level score may include values for several security dimensions, such as access to different portions of secure resource 182.  Also see col. 6, lines 2-18); 
identifying, based on the insight and the plurality of data sources, an insight data security level for the generated cognitive insight (col. 6; lines 19-45: When cognitive security engine module 164 receives a request from secure resource proxy 172 to generate a set of security risk level information for a requestor, the cognitive security engine reads mined data for the requestor from data storage 170. Based on the training data and the various machine learning techniques used by cognitive security engine module 164, a set of security risk level information is generated.); 
modifying a first data security level associated with a data source of the plurality of data sources, based on the identified insight data security level (col. 6, lines 50-57: determines or sets levels of access to secure resource 182 by the requestor accordingly. Determined levels of access may be serviceable by secure resource proxy 172, to set or control the determined levels of access to secure resource 182 by the requestor.); and 
determining, based on the requestor data security level and the insight data security level, that the requestor is authorized to access the generated insight, and in response providing the generated insight to the requestor (col. 6, lines 57-61: Determined levels of access may be based on security risk level scores that meet one or more predetermined threshold values, which may be defined, for example, with respect to a spectrum of possible security risk level scores.).Regarding claim 2, Bradley further discloses the method of claim 1, wherein the identifying, based on the insight and the plurality of data sources, the insight data security level for the generated cognitive insight further comprises: determining the insight data security level by analyzing the insight and the plurality of data sources using a second machine learning model (col. 6, lines 35-41: Security risk level module 166 receives the security profile and determines a security risk level score with respect to the requestor. The security risk level score may include values for several security dimensions, such as access to different portions of secure resource 182). Regarding claim 3, Bradley further discloses the method of claim 2, wherein the insight relates to a subject matter area (col. 6, lines 19-25: the cognitive security engine 164 reads mined data for the requestor from data storage 170. Based on the training data and the various machine learning techniques used by cognitive security engine module 164) and wherein the second machine learning model is trained using data relating to the subject matter area (col. 6, lines 35-40: Security risk level module 166 receives the security profile and determines a security risk level score with respect to the requestor. The security risk level score may include values for several security dimensions, such as access to different portions of secure resource 182). Regarding claim 4, Bradley further discloses the method of claim 1, wherein the identifying, based on the insight and the plurality of data sources, the insight data security level for the generated cognitive insight further comprises: identifying one or more key words in the insight, the one or more key words corresponding with the insight data security level (col. 7, lines 13-15: a requestor may send a request that includes an identifier of the requestor by way of web browser 112). Regarding claim 5, Bradley further discloses the method of claim 4, further comprising: determining that the one or more key words correspond with the insight data security level based on identifying the one or more key words in data associated with the insight data security level (col. 7, lines 16-25: Data miner module 162 of secure resource access manager 160, which may also be residing on security management server 150, periodically mines data with respect to enterprise users having access to secure resource 182 (step 204) from each of social media application 122 residing on social media server 120, demographics database 132 residing on demographics server 130, and enterprise application 142 and enterprise database 144 residing on enterprise server 140. Data mined may be stored on data storage 170 for later retrieval and use.). Regarding claim 6, Bradley further discloses the method of claim 1, wherein modifying the first data security level further comprises: determining, based on the insight data security level, that the first data security level should be increased, and in response increasing the first data security level to match the insight data security level (col. 2, lines 34-40: The behavioral patterns and human factors of a requestor are determined based on mined psychometric information, demographic information, and social media history information of the requestor. A level of security risk is determined with respect to the requestor, and access to the secure resource is restricted accordingly.). Regarding claim 7, Bradley further discloses the method of claim 6, wherein the determining, based on the insight data security level, that the first data security level should be increased further comprises: determining that the insight data security level is higher than the plurality of respective data security levels associated with the plurality of data sources (col. 6, lines 57-61:  Determined levels of access may be based on security risk level scores that meet one or more predetermined threshold values, which may be defined, for example, with respect to a spectrum of possible security risk level scores.). Regarding claim 8, Bradley further discloses the method of claim 1, further comprising: setting a data security level for the generated cognitive insight to the identified insight data security level (col. 6 lines 35-40: Security risk level module 166 receives the security profile and determines a security risk level score with respect to the requestor. The security risk level score may include values for several security dimensions, such as access to different portions of secure resource 182, and whether various types of security related education are recommended or required.). Regarding claim 9, Bradley further discloses the method of claim 1, further comprising: providing the identified insight data security level to a system administrator using a user interface; receiving a response from the system administrator accepting the identified insight data security level; and setting the data security level for the generated cognitive insight to the identified insight data security level, based on the response (col. 1, lines 60-65: a system administrator may define access restrictions to secure sensitive information, which may require users who request access to the secure information to possess certain privileges in order to gain access. Privileges may be given to users based on, for example, job roles, job functions, seniority, and assigned tasks to be completed.  Col. 8, lines 8-16: generated and communicated commands with respect to security risk level scores that meet or exceed one or more predetermined threshold values may relate to, for example, generating and communicating an alert to one or more system administrators, requiring the requestor to complete education regarding security habits)). Regarding claim 10, Bradley further discloses the method of claim 1, further comprising: receiving a second request to generate a second cognitive insight from a second requestor, the second requestor associated with a second requestor data security level; generating the second cognitive insight using a second machine learning model and a second plurality of data sources, each data source associated with a second respective data security level; identifying, based on the second insight and the second plurality of data sources, a second insight data security level for the generated second cognitive insight; and determining, based on the second requestor data security level and the second insight data security level, that the second requestor is not authorized to access the generated second insight, and in response declining to provide the second insight to the second requestor (col. 7, lines 25-30:  Cognitive security engine module 164 receives mined data with respect to each enterprise user having access to secure resource 182, and generates a corresponding security profile containing the mined data for each of the enterprise users.). 
As per claims 11-15 and 16-20, this is a system and computer readable medium version of the claimed method discussed above in claims 1-10 wherein all claimed limitations have also been addressed and/or cited as set forth above.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 2015/0356430 to Saxena et al. teaches providing cognitive insights comprising: a cognitive inference and learning system, the cognitive inference and learning system comprising a plurality of agents, the plurality of agents processing streams of data from a plurality of data sources, the processing the streams of data from the plurality of data sources via the plurality of agents performing a respective plurality of cognitive operations on the streams of data, at least one of the plurality of agents generating cognitive insights based upon the performing the respective plurality of cognitive operations on the streams of data from the plurality of data sources (paragraph 0007).
US 2021/0157923 to Mallay teaches a cognitive analysis of the cumulative insights across the given cluster, and the newly added virtual machine, a decision may then be made regarding the effect of the newly added virtual machine to a given cluster. For example, before a first virtual machine 420-5 is migrated into cluster 410, its insights and security level are conveyed to existing first CDVS clients 430 (paragraph 0068).
JP 2019008568A teaches obtaining security level information in which the security levels for prescribed events are stipulated; an access enabled/disabled determination part 112 for, on the basis of the security level information for each resource relating to prescribed accesses, determining whether the prescribed accesses are enabled or disabled by using prescribed algorithms; and a security level update part 113 for updating the security level information of the prescribed resources relating to the prescribed accesses by using the prescribed algorithms.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUBREY H WYSZYNSKI whose telephone number is (571)272-8155. The examiner can normally be reached M-F 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, KAMBIZ ZAND can be reached on 571-272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AUBREY H WYSZYNSKI/Examiner, Art Unit 2434                                                                                                                                                                                                        /KAMBIZ ZAND/Supervisory Patent Examiner, Art Unit 2434