DETAILED ACTION

Terminal Disclaimer
		The terminal disclaimer(s) filed on 5/31/2022 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration dates of the full statutory term of the patent(s) granted on U.S. patent(s) 10,848,499 has been reviewed and is accepted.  The terminal disclaimer has been recorded.

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

	Authorization for this Examiner’s Amendment was given in a telephone interview with Ariyeh Akmal (Reg. No. 51,388) on 5/31/2022.
This application has been amended as follows:
IN THE CLAIMS
Replace the following claims listed as follows.

CLAIM 1:
An identity management system of using identity graphs for risk detection, comprising: 
a data store; 
a hardware processor; 
a non-transitory, computer-readable storage medium, including computer instructions executable by the hardware processor for: 
presenting a role mining interface; 
presenting a role determined from an identity graph through the role mining interface, wherein the identity graph was created from identity management data, the identity management data utilized in identity management in a distributed enterprise computing environment and comprising data on a first set of identities and a first set of entitlements associated with the first set of identities, wherein the identity graph includes: 
a node for each of the first set of identities, and 
an edge between a first node and a second node for each first identity and second identity that share at least one entitlement of the first set of entitlements, wherein the first node and the second node respectively represent the first identity and the second identity and wherein the edge has a similarity weight based on the at least one shared entitlement between the first identity and the second identity; and 
wherein the role was determined by: 
pruning a first set of edges of the identity graph based on each similarity weight associated with each of the first set of edges to generate a second identity graph; 
clustering a second set of identities or a second set of entitlements represented in the pruned identity graph of the second identity graph into a peer group, the peer group including a set of nodes of the pruned identity graph of the second identity graph representing the second set of identities or a second set of edges of the pruned identity graph representing the second set of entitlements; 
determining the role, presented through the role mining interface, from the peer group of clustered second set of identities or second set of entitlements, wherein the role comprises the second set of entitlements determined from the peer group[[.]]; and
storing the determined role comprising the second set of entitlements in the data store. 

CLAIM 11:
A method of using identity graphs for risk detection, comprising: 
presenting a role mining interface; 
presenting a role determined from an identity graph through the role mining interface, wherein the identity graph was created from identity management data, the identity ATTORNEY DOCKET NO.Patent Application SAIL1220-2Customer No. 44654 70 management data utilized in identity management in a distributed enterprise computing environment and comprising data on a first set of identities and a first set of entitlements associated with the first set of identities, wherein the identity graph includes: 
a node for each of the first set of identities, and 
an edge between a first node and a second node for each first identity and second identity that share at least one entitlement of the first set of entitlements, wherein the first node and the second node respectively represent the first identity and the second identity and wherein the edge has a similarity weight based on the at least one shared entitlement between the first identity and the second identity; and 
wherein the role was determined by: 
pruning a first set of edges of the identity graph based on each similarity weight associated with each of the first set of edges to generate a second identity graph; 
clustering a second set of identities or a second set of entitlements represented in the pruned identity graph of the second identity graph into a peer group, the peer group including a set of nodes of the pruned identity graph of the second identity graph representing the second set of identities or a second set of edges of the pruned identity graph representing the second set of entitlements; 
determining the role, presented through the role mining interface, from the peer group of clustered second set of identities or second set of entitlements, wherein the role comprises the second set of entitlements determined from the peer group[[.]]; and
storing the determined role comprising the second set of entitlements in the data store. 



Allow Subject Matter

Claims 1 – 20 are allowed.
The following is an examiner’s statement of reasons for allowance:
The above mentioned claims are allowable over prior arts because the CPA (Cited Prior Art) of record fails to teach or render obvious the claimed limitations in combination with the specific added limitations recited in each of the independent claims 1 & 11 (& associated dependent claims).
The present invention is directed to a method for providing blockchain based email procedures. (In view of the closest prior arts such as U.S. PG-PUB: 2019/0114342 (by Orun) and U.S. PG-PUB: 9,679,125 (by Bailor), no singular art disclosing nor motivation to combine has been found to anticipate or render obvious the claimed invention in such particular details of doing so in the context of recited limitations such as presenting a role determined from an identity graph through the role mining interface, wherein the identity graph was created from identity management data, the identity management data utilized in identity management in a distributed enterprise computing environment and comprising data on a first set of identities and a first set of entitlements associated with the first set of identities, wherein the identity graph includes: a node for each of the first set of identities, and an edge between a first node and a second node for each first identity and second identity that share at least one entitlement of the first set of entitlements, wherein the first node and the second node respectively represent the first identity and the second identity and wherein the edge has a similarity weight based on the at least one shared entitlement between the first identity and the second identity; and 
wherein the role was determined by: pruning a first set of edges of the identity graph based on each similarity weight associated with each of the first set of edges to generate a second identity graph; clustering a second set of identities or a second set of entitlements represented in the pruned identity graph of the second identity graph into a peer group, the peer group including a set of nodes of the pruned identity graph of the second identity graph representing the second set of identities or a second set of edges of the pruned identity graph representing the second set of entitlements; and determining the role, presented through the role mining interface, from the peer group of clustered second set of identities or second set of entitlements, wherein the role comprises the second set of entitlements determined from the peer group.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788.  The examiner can normally be reached on Monday - Friday 9:00am-5:00pm.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

           /LONGBIT CHAI/Primary Examiner, Art Unit 2431                                                                                                                                                                                                                 (No. #2363 - 2022)