DETAILED ACTION
	Claims 1-20 are pending and presented on 08/26/2020 for examination in the amended listing of claims by preliminary amendment.  Claims 1, 9, and 10 are independent base claims.  

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Examiner's Instructions for filing Response to this Office Action
When the Applicant submits amendments regarding to the claims in response the Office Action, the Examiner would prefer that Applicant submit two sets of claims: 
Set #1 that includes indicators for the status of claim and all marked amendments to the claims; and 
Set #2 comprising a clean version of the claims with all the markups removed for entry, as an appendix to the Applicant Arguments/Remarks or a section following the Remarks.

Information Disclosure Statement
The information disclosure statement(s) (IDS) submitted for examination on merits is/are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement(s) is/are being considered by the examiner. See the annotated 1449 documents.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1-20 are provisionally rejected on the ground of non-statutory double patenting as being unpatentable over claim 1-20 of co-pending Application No. 16/975908 (hereinafter “APP 908”) in view of Sharma (US 20190286721 A1). 

Regarding claim 1, APP 098 discloses: 
A security evaluation system (APP 908, CLM. 1: A security evaluation system), comprising: 
a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation (APP 908, CLM. 1: a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation); 
a second graph generation part that generates a second evaluation graph representing [a personal relationship between users who can access the resources] (APP 908, CLM. 1: a second graph generation part that generates a second evaluation graph representing a connection relationship…); and 
a display part that displays the first evaluation graph and the second evaluation graph in association with each other (APP 908, CLM. 1: a display part that displays the first evaluation graph and the second evaluation graph in association with each other).  
However, APP 908 does not explicitly disclose that a connection relationship includes a personal relationship between users who can access the resources.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:
a evaluation graph representing a personal relationship between users who can access the resources (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations).
Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify APP 908 with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.
Independent claims 9 and 10 are similarly rejected for the same reason as shown above for claim 1.
Dependent claims 2-8 and 11-20 captures similar limitations of the corresponding claims of APP by using the same templates with exceptions on the user-resource types.  For example, claim 4 of the reference applications disclose the display part displays information of a user who is allowed to enter the space as additional information of the second evaluation graph while the instant application claims wherein the display part displays information of a user who has use right of the resources as additional information of the first evaluation graph.  The substitution of “connection relationship between areas where the resources are located” for “a personal relationship between users who can access the resources” (as seen in claim 9), for example, is obviously variants of the same subject matter that can be resolved by the teaching from Sharma; see par. 0023 and 0038-0042 in view of FIG. 3C of Sharma.  
This is a provisional non-statutory double patenting rejection.

Claim Objections
Claim 3, 12-13, 15, 17-18, and 20 are objected to because of the following informalities: 
Claims 3, 12, and 17 each recite an element of “a media” in the clause “the inter-user relationship through which an exchange of a media can be performed” deficiently. It should be noted that the word media is commonly a plural of medium.  The Examiner suggests changing the element to “media.”  It should be noted that the Applicant correctly recites “a medium” in claim 2.  For consistency purposes, appropriate correction is required.
Claims 12 and 17 each recite a wherein clause with the word “Wherein” capitalized.  For formality reasons, the word “wherein” should be in lower case.  Appropriate correction is required.
Claims 12 and 17 each recite a limitation “a second evaluation graph …is generated” in a passive voice, which is not in parallel with the steps specified in active voice in base claims 9 and 10, respectively.  The Examiner suggests changing the limitation to “generating a second evaluation graph …”
Similarly, claims 13, 15, 18, and 20 should use active voice for the displaying to be consistent with the base claims 9 and 10, respectively, for formality reasons.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
The rationale for this determination is explained below:  
First – following Step 1 of the guidance, claims 1-20 are directed to a system and method comprising a series of functional steps or a non-transitory computer readable medium.  Therefore, the claimed invention falls into one of the four statutory categories.
Secondly – following Step 2 of the guidance, claims 1-20 are analyzed for its underlying inventive concept with a new two-prong inquiry (1) does the claim recite an abstract idea, law of nature, or natural phenomenon, and/or judicial exceptions? And (2) does the claim recite additional elements that integrate the judicial exception into a practical application?
It is determined that claimed invention is directed to an abstract idea or at least one of the judicial exceptions, because the concept of the invention is basically drawing graphs to show relationships between resource; the first prone of the inquiry.  The idea of the invention is similar to well-known mental processes, such as concepts performed in the human mind (including an observation, evaluation, judgment, opinion).

Regarding the second prone, the identified additional elements such as a computer-readable non-transient recording medium to integrate the idea of “graph generation” into a practical application.  The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception.  Further, the claim does not recite an improvement to another technology or technical field, an improvement to the functioning of the computer itself, or meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment.  Therefore, the claim is abstract without significantly more.
Dependent claims 2-8 and 11-20, when analyzed individually or as a whole, are held to be patent ineligible under 35 U.S.C. 101 because, the additional recited limitation(s) fail(s) to amount to “significantly more” than the judicial exception, and thereby non-statutory.

Please see “The 2019 Revised Patent Subject Matter Eligibility Guidance (or “2019 PEG” for short) published in January 2019 at USPTO Website.  Note that the groupings of abstract ideas in the 2019 PEG are not the same as those on the Abstract Ideas QRS or in the MPEP. The groupings in the 2019 PEG should be FOLLOWED for identifying abstract ideas. The 2019 PEG does not change the analysis at Step 2B which pertains to an improvement to conventional functioning of a computer or to technological processes; see also MPEP 2106.05(a).


Claim Interpretation - 35 USC § 112(f)
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

Claims 1-8 contain limitations invoking 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph as detailed in the following.
Each of the following Claim limitations
Claim 1: a first graph generation part that generates a first evaluation graph …;
Claim 1: a second graph generation part that generates a second evaluation graph…; 
Claim 1: a display part that displays the first evaluation graph and the second evaluation graph in association with each other;
Claim 2: the first graph generation part generates a first evaluation graph representing a data exchange path …;
Claim 2: the second graph generation part generates a second evaluation graph…; 
Claim 3: the second graph generation part generates a second evaluation graph…;
Claim 4: a use right storage part that stores information of a user who has use right of the resource, 
Claim 4: the display part displays information of a user who has use right of the resources…;
Claim 5: a third graph generating part that generates an attack graph for a resource as a target for the security evaluation…;
Claim 5: the display part further displays the first evaluation graph…;
Claim 6: a condition receiving part that receives a display condition …;
Claim 6: the display part displays a resource corresponding to the display condition of the first evaluation graph…;
Claim 7: a condition receiving part that receives a display condition including designation of the user;
Claim 7: the display part displays a user corresponding to the display condition of the second evaluation graph; 
Claim 8: a condition receiving part that receives designation of presence or absence of a data exchange path …; 
Claim 8: the display part displays a first evaluation graph without a data exchange path…;
has/have been interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because it uses/they use a generic placeholder “part” coupled with functional language without reciting sufficient structure to achieve the function.  Furthermore, the generic placeholder is not preceded by a structural modifier.  
Since the claim limitation(s) invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, claim(s) 1-8 has/have been interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof.  
A review of the specification shows that the following appears to be the corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitation: none.
If applicant wishes to provide further explanation or dispute the examiner’s interpretation of the corresponding structure, applicant must identify the corresponding structure with reference to the specification by page and line number, and to the drawing, if any, by reference characters in response to this Office action. 
If applicant does not intend to have the claim limitation(s) treated under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112 , sixth paragraph, applicant may amend the claim(s) so that it/they will clearly not invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, or present a sufficient showing that the claim recites/recite sufficient structure, material, or acts for performing the claimed function to preclude application of 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
For more information, see MPEP § 2173 et seq. and Supplementary Examination Guidelines for Determining Compliance With 35 U.S.C. 112 and for Treatment of Related Issues in Patent Applications, 76 FR 7162, 7167 (Feb. 9, 2011).

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(B)  CONCLUSION—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

The rejection(s) under 35 U.S.C. 112(b) is/are determined by the following reasons:
Claims 1-8 contain limitations that invokes 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph as discussed above.  Therefore the placeholders found in claims 1-8 require corresponding structure(s).  It is unclear whether the recited structure, material, or acts in these claims are sufficient for performing the claimed function because the Specification is unclear about the corresponding structure(s).  The block diagrams shown in FIGS. 1-5 do not provide indications of corresponding structure(s).  
If applicant wishes to have the claim limitation treated under 35 U.S.C. 112 (f), applicant may amend the claim so that the phrase “means for” or “step for” or the non-structural term is clearly not modified by sufficient structure, material, or acts for performing the claimed function, or present a sufficient showing that the claim limitation is written as a function to be performed and the claim does not recite sufficient structure, material, or acts for performing the claimed function.
If applicant does not wish to have the claim limitation treated under 35 U.S.C. 112 (f), applicant may amend the claim so that it will clearly not invoke 35 U.S.C. 112 (f), or present a sufficient showing that the claim recites sufficient structure, material, or acts for performing the claimed function to preclude application of 35 U.S.C. 112 (f).
Claims 1, 5, 9, 10, 14, 19 each recite a limitation “a target for the security evaluation” unclearly, because Applicant does not particularly point out what the target for the security evaluation is.  Furthermore, the dependent claims recite a same limitation for “a target for the security evaluation” without referring to the instance of “a target for the security evaluation” in the base claims, respectively.
Claim 2 unclearly recites two instances of “a data exchange path.”  Furthermore, the claim is unclear about how “resources defining a data exchange path” relates to “the resources.”  Does the Applicant mean: wherein the first graph generation part generates a first evaluation graph representing a data exchange path via a medium between the resources based on connection information of the medium between the resources?
Claims 4, 13, and 18 each recite two elements “use right of the resource” and “use right of the resources” without referring to each other in the respective claims.  It is also confusing that the former element has the word “resource” in singular form while the latter the word “resources” in plural form, causing confusion.
Claim 8 recites a limitation “a condition receiving part that receives designation of presence or absence of a data exchange path by way of a medium between the resources among the data exchange paths, wherein the display part displays a first evaluation graph without a data exchange path by way of a medium between the resources and an attack graph that does not need presence of a data exchange path by dislocation of a medium between the resources among attack graphs related to the first evaluation graph, when the designation of absence of the data exchange path by way of the medium between the resources is received” unclearly, because the receiving and displaying steps rely on mixed conditions.
Claims 2-8 and 11-20 are also rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, because they depend from the rejected base claims 1, 9, and 10, respectively.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.


In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Muller (US 20150106941 A1) in view of Sharma (US 20190286721 A1).

As per claim 1, Muller teaches a security evaluation system, comprising: 
a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation (Muller, FIG. 1 shows a graphical representation of resources in a facility and their connections; see par. 0012-0014 for nodes 16 representing areas and arcs 18 and pathways as a connection relationship between resources for security evaluation); 
a display part that displays the first evaluation graph and the second evaluation graph in association with each other (Muller, par. 0021: User interface 28 [presented] to a user (e.g., displaying visual images, graphs; and par. 0057: the graphical user interface may display a graph).  
However, Muller does not explicitly disclose that in a second graph a connection relationship includes a personal relationship between users who can access the resources.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:
a second graph generation part that generates a second evaluation graph representing a personal relationship between users who can access the resources (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations).
Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify Muller with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  Sharma’s graph can be used to substitute Muller’s cyber graph to for the second graph representing a personal relationship between users who can access the resources. For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.

As per claim 2, the references as combined above teach the he security evaluation system according to claim 1, wherein the first graph generation part generates a first evaluation graph representing a data exchange path by way of a medium between the resources based on connection information between resources defining a data exchange path including a data exchange path by way of a medium between the resources (Muller, par. 0013-0014: DMZ, firewall to safeguard … facility 10 may be modeled and utilized to simulate attacks of an adversary upon a target of the facility).  

As per claim 3, the references as combined above teach the security evaluation system according toSharma, par. 0023: relationships between different designations as the user transitions between jobs).  

As per claim 4, the references as combined above teach the security evaluation system according to claim 1, further comprising: 
a use right storage part that stores information of a user who has use right of the resource, wherein the display part displays information of a user who has use right of the resources as additional information of the first evaluation graph (Muller, par. 0032: granting facility wide access to all password controlled lock; par. 0044 and 0053-0054: restrict an adversary from traveling).  

As per claim 5, the references as combined above teach the security evaluation system according to claim 1, further comprising: 
a third graph generating part that generates an attack graph for a resource as a target for the security evaluation, wherein the display part further displays the first evaluation graph and the attack graph in association with each other (Muller, par. 0014, 0022, and 0032: simulate attacks of an adversary upon a target of the facility; par. 0057: the graphical user interface may display a graph, for example as shown in FIG. 1, and the relevant information during the execution of the model during an iteration (e.g., display event detection, response initiation, the path the adversary chooses).  

As per claim 6, the references as combined above teach the security evaluation system according to claim 1, further comprising: 
a condition receiving part that receives a display condition including at least one designation of ID of the resource or type of the resource, wherein the display part displays a resource corresponding to the display condition of the first evaluation graph and the second evaluation graph corresponding to the resource or an attack graph related to the resource (Muller, par.0021-0024: receiving inputs from the user …[for displaying a resource on graph for analysis], for example, defining the physical and cyber architectures of a facility to be analyzed; par. 0026 and 0031: safeguard IDs … to model multiple safeguards existing on a single pathway).  

As per claim 7, the references as combined above teach the security evaluation system according to claim 1, further comprising: 10Docket No. J-20-0141 
a condition receiving part that receives a display condition including designation of the user, wherein the display part displays a user corresponding to the display condition of the second evaluation graph, a partial graph of the first evaluation graph related to the user and an attack graph related to the partial graph (Muller, par.0021-0024: receiving inputs from the user …[for displaying a resource on graph for analysis], for example, defining the physical and cyber architectures of a facility to be analyzed; par.0062-0063: displaying graphical information for a user interface).   

As per claim 8, the references as combined above teach the security evaluation system according to claim 2, further comprising: 
a condition receiving part that receives designation of presence or absence of a data exchange path by way of a medium between the resources among the data exchange paths, wherein the display part displays a first evaluation graph without a data exchange path by way of a medium between the resources and an attack graph that does not need presence of a data exchange path by dislocation of a medium between the resources among attack graphs related to the first evaluation graph, when the designation of absence of the data exchange path by way of the medium between the resources is received (Muller, par.0021-0024: receiving inputs from the user …[for displaying a resource on graph for analysis], for example, defining the physical and cyber architectures of a facility to be analyzed; par. 0026-0028: impeding or delaying the adversary).  

As per claim 9, Muller teaches a security evaluation method, comprising: 
generating a first evaluation graph representing a connection relationship between resources as a target for security evaluation (Muller, FIG. 1 shows a graphical representation of resources in a facility and their connections; see par. 0012-0014 for nodes 16 representing areas and arcs 18 and pathways as a connection relationship between resources for security evaluation); 
displaying the first evaluation graph and the second evaluation graph in association with each other (Muller, par. 0021: User interface 28 [presented] to a user (e.g., displaying visual images, graphs; and par. 0057: the graphical user interface may display a graph).  
However, Muller does not explicitly disclose a second evaluation graph representing a personal relationship between users who can access the resources.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:
generating a second evaluation graph representing a personal relationship between users who can access the resources (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations).
Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify Muller with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  Sharma’s graph can be used to substitute Muller’s cyber graph to for the second graph representing a personal relationship between users who can access the resources. For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.

As per claim 10, Muller teaches a computer-readable non-transient recording medium recording a program, the program, causing a computer comprising a processor and a recording device to perform processes of: 
generating a first evaluation graph representing a connection relationship between resources as a target for security evaluation (Muller, FIG. 1 shows a graphical representation of resources in a facility and their connections; see par. 0012-0014 for nodes 16 representing areas and arcs 18 and pathways as a connection relationship between resources for security evaluation); 
displaying the first evaluation graph and the second evaluation graph in association with each other (Muller, par. 0021: User interface 28 [presented] to a user (e.g., displaying visual images, graphs; and par. 0057: the graphical user interface may display a graph).  
However, Muller does not explicitly disclose that in a second graph a connection relationship includes a personal relationship between users who can access the resources.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:
generating a second evaluation graph representing a personal relationship between users who can access the resources (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations).
 Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify Muller with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  Sharma’s graph can be used to substitute Muller’s cyber graph to for the second graph representing a personal relationship between users who can access the resources. For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.

As per claim 11, the references as combined above teach the method according to claim 9, wherein in the generating the first evaluation graph, a first evaluation graph representing a data exchange path by way of a medium between the resources is generated based on connection information between resources defining a data exchange path including a data exchange path by way of a medium between the resources (Muller, par. 0013-0014: DMZ, firewall to safeguard … facility 10 may be modeled and utilized to simulate attacks of an adversary upon a target of the facility).  

As per claim 12, the references as combined above teach the method according to claim 9, Wherein in the generating the second evaluation graph, a second evaluation graph in which a user having an access right to the resources is represented as a node and the inter-user relationship through which an exchange of a media can be performed is represented as a link is generated (Sharma, par. 0023: relationships between different designations as the user transitions between jobs). 
 
As per claim 13, the references as combined above teach the method according to claim 9, further comprising: 12Docket No. J-20-0141 
a use right storage storing information of a user who has a use right of the resource, wherein in the display, information of a user who has a use right of the resources as additional information of the first evaluation graph is displayed (Muller, par. 0032: granting facility wide access to all password controlled lock; par. 0044 and 0053-0054: restrict an adversary from traveling).  

As per claim 14, the references as combined above teach the method according to claim 9, further comprising: 
a third graph generating of generating an attack graph for a resource as a target for the security evaluation, wherein in the displaying, the first evaluation graph and the attack graph are further displayed in association with each other (Muller, par. 0014, 0022, and 0032: simulate attacks of an adversary upon a target of the facility; par. 0057: the graphical user interface may display a graph, for example as shown in FIG. 1, and the relevant information during the execution of the model during an iteration (e.g., display event detection, response initiation, the path the adversary chooses).  

As per claim 15, the references as combined above teach the method according to claim 9, further comprising: receiving a display condition including at least one designation of ID of the resource or type of the resource, wherein in the displaying, a resource corresponding to the display condition of the first evaluation graph and the second evaluation graph corresponding to the resource or an attack graph related to the resource are displayed (Muller, par. 0026 and 0031: safeguard IDs … to model multiple safeguards existing on a single pathway).  

As per claim 16, the references as combined above teach the medium according to claim 10, wherein in the process of generating the first evaluation graph, a first evaluation graph representing a data exchange path by way of a medium between the resources is generated based on connection information between resources defining a data exchange path including a data exchange path by way of a medium between the resources (Muller, par. 0013-0014: DMZ, firewall to safeguard … facility 10 may be modeled and utilized to simulate attacks of an adversary upon a target of the facility).  

As per claim 17, the references as combined above teach the medium according to claim 10, Wherein in the process of generating the second evaluation graph, a second evaluation graph in which a user having an access right to the resources is represented as a node and the inter-user relationship through which an exchange of a media can be performed is represented as a link is generated (Sharma, par. 0023: relationships between different designations as the user transitions between jobs).  

As per claim 18, the references as combined above teach the medium according to claim 10, further comprising: a use right storage process of storing information of a user who has a use right of the resource, wherein in the process of display, information of a user who has a use right of the resources as additional information of the first evaluation graph is displayed (Muller, par. 0032: granting facility wide access to all password controlled lock; par. 0044 and 0053-0054: restrict an adversary from traveling).  

As per claim 19, the references as combined above teach the medium according to claim 10, further comprising: a third graph generating process of generating an attack graph for a resource as a target for the security evaluation, wherein in the process of displaying, the first evaluation graph and the attack graph are further displayed in association with each other (Muller, par. 0014, 0022, and 0032: simulate attacks of an adversary upon a target of the facility; par. 0057: the graphical user interface may display a graph, for example as shown in FIG. 1, and the relevant information during the execution of the model during an iteration (e.g., display event detection, response initiation, the path the adversary chooses).  

As per claim 20, the references as combined above teach the medium according to claim 10, further comprising: a process of receiving a display condition including at least one designation of ID of the resource or type of the resource, 14Docket No. J-20-0141 wherein in the process of displaying, a resource corresponding to the display condition of the first evaluation graph and the second evaluation graph corresponding to the resource or an attack graph related to the resource are displayed (Muller, par. 0026 and 0031: safeguard IDs … to model multiple safeguards existing on a single pathway).



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure as the prior art additionally discloses certain parts of the claim features (See “PTO-892 Notice of Reference Cited”).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DON ZHAO whose telephone number is (571)272.9953.  The examiner can normally be reached on Monday to Friday, 7:30 A.M to 5:00 P.M EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached on 571.272.3862.  The fax phone number for the organization where this application or proceeding is assigned is 571.273.8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866.217.9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800.786.9199 (IN USA OR CANADA) or 571.272.1000.


/Don G Zhao/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        07/01/2022