DETAILED ACTION
This action is in response to the initial claims filed 2/172021.  Claims 1-20 are pending.  Independent claims 1, 8 and 15, and corresponding dependent claims are directed towards a method, apparatus and non-transitory computer readable storage medium for code tracking and identification.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Drawings
The drawings are objected to because:	Fig. 1F item 198 “CREDENTIEALS” should read “CREDENTIALS”;	Fig. 2D item 296 is not described in the specification;	Fig. 3C items 390, 392, 394, 396 and 398 are not described in the specification;	Fig. 4C item 460 is not described in the specification;	Fig. 4D item 498 is not described in the specification;	Fig. 6A item label 622 is used for two different items “RETRIEVE CODE” and “ONGOING COMMUNICATION”, suggest labelling “ONGOING COMMUNICATION” with “662” as done in Fig. 6B (also requires correction in [0113]);	Fig. 6B item 662 is not described in the specification;	Fig. 6D item 696 is not described in the specification; and	Fig. 7 item 707, 714, 716 and 718 are not described in the specification.	Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Specification
The disclosure is objected to because of the following informalities:	[0065] l. 8 “‘C’ 144” should read “‘C’ 146” (per Fig. 2C);	[0073] the sentence ending on l. 8 does not end with a period;	[0078] “290”, “292”, “294”, “296” and “298” should be replaced with “390”, “392”, “394”, “396” and “398” (per Fig. 3C);	[00113] l. 9 “its continued communication 622” should most likely read “its continued communication 662” (per Fig. 6B and that 622 is already used in Fig. 6A for a different item).	[00125], [00127] and [00128] label “706” is used for memory, while Fig. 7 shows label “707”;	[00128] should most likely begin with an “A program/utility” rather than “Program/utility”; and	[00130] ll. 5-6 recites “Such communication can occur via I/O interfaces 724 of the adapter 726”, however, Fig. 7 shows item 724 and 726 as separate items.  Suggest amending to “Such communication can occur via I/O interfaces 724 [[of]] or the adapter 726.”	Appropriate correction is required.
Claim Objections
Claims 2-3, 6-7, 10, 13-14, 16-17 and 19-20 are objected to because of the following informalities, shown with suggested amendments:	Claim 2 l. 4 “of moving [[the]]code, copying [[the]] code and storing [[the]] code” as this is the first recitation of the limitation “code”;	Claim 3 l. 1 “comprising:” as this is the beginning of a semi-colon list;	Claim 6 l. 1 “comprising:” as this is the beginning of a semi-colon list;	Claim 7 l. 2 “the :” as this is the beginning of a semi-colon list;	Claim 13 l. 1 “comprising:” as this is the beginning of a semi-colon list;	Claim 14 l. 2 “the 15” for proper antecedent basis;	Claim 16 ll. 4-5 “of moving [[the]]code, copying [[the]] code and storing [[the]] code” as this is the first recitation of the limitation “code”; and	Claim 17 ll. 1-2, Claim 19 ll. 1-2 and Claim 20 ll. 1-02 recite the limitation “wherein the processor is further configured to perform”, however, the parent claim is directed towards a medium “configured to store instructions that when executed cause a processor” showing that the steps are embodied in the “instructions” not the “processor”, suggest amending to “wherein the instructions when executed further cause the processor 
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claims 6, 13 and 20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.
Claim 6 l. 4 and Claim 20 l. 5 recite the limitation “creating an alert when the clone event threshold is exceeded” which is vague and indefinite as in the prior “determining” limitation it is shown in past tense that the threshold was “exceeded”, rendering the “creating an alert” upon the condition “when the clone event threshold is exceeded” not possible, as the condition has already passed.  For purposes of applying prior art the limitation has been construed as “creating an alert when the determination is made that the clone event threshold [[is]] was exceeded”.
Claim 13 l. 3 recites the limitation “create an alert when the clone event threshold is exceeded” which is vague and indefinite as in the prior “determine” limitation it is shown in past tense that the threshold was “exceeded”, rendering the ability to “create an alert” upon the condition “when the clone event threshold is exceeded” not possible, as the condition has already passed.  For purposes of applying prior art the limitation has been construed as “create an alert when the determination is made that the clone event threshold [[is]] was exceeded”.

Claim Rejections - 35 USC § 101
35 U.S.C. § 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 8-14 are rejected under 35 U.S.C. § 101 because the claimed invention is directed to non-statutory subject matter.
Regarding claim 8, the claimed invention is drawn to an “apparatus” comprising a “processor”.  Which can be broadly interpreted as software (e.g. virtual machine, virtualized processor).  Thus, it is not clear whether the claimed elements of the “apparatus” are tangibly-embodied structural features, or software, per se.  As such the invention does not fall within at least one of the four categories of patent eligible subject matter recited in 35 U.S.C § 101 (process, machine, manufacture or composition of matter).  Examiner notes that the inclusion of explicit hardware elements (e.g. a memory or non-transitory medium) would overcome the 35 U.S.C. § 101 rejection.
Claims 9-14 further fail to recite any positive structural limitations to overcome the 35 U.S.C. §101 issues of claim 8 discussed above, and are also rejected.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5, 8-12 and 15-19 are rejected under 35 U.S.C. 103 as being unpatentable over Lim (US 2014/0090012 A1), published Mar. 27, 2014, in view of Hildebrand et al. (US 2008/0288330 A1), published Nov. 20, 2008.
As to claims 1, 8 and 15, Lim substantially discloses a method (Lim [0010] method), apparatus (Lim [0015] apparatus) and non-transitory computer readable storage medium (Lim [0075] medium), hereinafter referred to as apparatus, comprising:	a processor (Fig. 27 item 2704 processor) configured to		identify a plurality of code access events over a period of time (Lim [0070] policy enforcement of “documents” which can be source code or code fragments; [0130] collection of log data from policy enforcers; [0133] event (log) correlation identifying trends, repetitions and bad practices by users; [0136] event-level document access activity by user or document);		determine whether any of the code access events included any sensitive code segments (Lim [0070] policy enforcement of “documents” which can be source code or code fragments; [0193] user attempts to copy sensitive document; [0354]-[0355] policy definition showing document as “Highly-Sensitive” denies access to users outside of specified group; [0130] collection of log data from policy enforcers; [0133] event (log) correlation identifying trends, repetitions and bad practices by users);		determine whether any of the code access events which included the sensitive code segments were unauthorized (Lim [0193] user attempts to copy sensitive document; [0354]-[0355] policy definition showing document as “Highly-Sensitive” denies access to users outside of specified group; [0130] collection of log data from policy enforcers; [0133] event (log) correlation identifying trends, repetitions and bad practices by users); and		performing one or more automated actions to restrict code access (Lim [0073] perform remediation action as a result of document access attempt).	Lim fails to explicitly disclose performing one or more automated actions to restrict access permissions of one or more user profiles.	Hildebrand describes a method for user access risk scoring.	With this in mind, Hildebrand discloses performing one or more automated actions to restrict access permissions of one or more user profiles (Hildebrand Fig. 2 item 208; [0054] risk compensating controls include revoking improper and questionable user access entitlements; [0057] take corrective action if risk scores exceed selected threshold; [0052] access to sensitive resources).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the revoking of user entitlements of Hildebrand with the document access control system of Lim, such that user entitlements are revoked upon detection of bad practices by users during access log analysis, as it would advantageously enhance security and reduce access risk (Hildebrand [0123]).
As to claims 2, 9 and 16, Lim and Hildebrand disclose the invention as claimed as described in claims 1, 8 and 15, respectively, including wherein the one or more automated actions comprise one or more of revocation of the user profile code access permissions (Hildebrand [0054] risk compensating controls include revoking improper and questionable user access entitlements), locked access to the sensitive code segments (Hildebrand [0054] risk compensating controls include revoking improper and questionable user access entitlements), and prevention of code egress operations (Lim [0151] file server policy enforcer enforces document access policies controlling whether users can move or copy files), wherein the code egress operations comprise one or more of a code move, a code copy and a code storage in a new data storage location (Lim [0151] file server policy enforcer enforces document access policies controlling whether users can move or copy files; [0159] usage policies dictating whether user can send document).
As to claims 3, 10 and 17, Lim and Hildebrand disclose the invention as claimed as described in claims 1, 8 and 15, respectively, including wherein the processor is further configured to:	sum weights assigned to the unauthorized code access events (Hildebrand [0083]-[0084] customization of BAR subcomponent weights, in which level of access risk can be characterized for each policy violation risk associated with user);	create a score based on the summed weights (Hildebrand [0092] overall baseline access risk (BAR) score for reporting access risk on user-by-user basis); and	determine whether the score exceeds a threshold (Hildebrand [0018] pinpoint at-risk individuals where score exceeds threshold).
As to claims 4, 11 and 18, Lim and Hildebrand disclose the invention as claimed as described in claims 3, 10 and 17, respectively, including wherein when the score exceeds the threshold, the processor creates a code access violation notification (Hildebrand [0020] alert users of need to re-certify users that have risk levels exceeding threshold).
As to claim 5, Lim and Hildebrand disclose the invention as claimed as described in claim 3, comprising	initiating a code audit operation which identifies the code access events over the period of time based on code events stored in a code log (Lim [0145] activity audit information related to document access is logged in central database, and used for auditing; [0095] periodic access risk assessment repeated).
As to claim 12, Lim and Hildebrand disclose the invention as claimed as described in claim 11, including wherein the processor is further configured to	initiate a code audit operation which identifies the code access events over the period of time based on code events stored in a code log (Lim [0145] activity audit information related to document access is logged in central database, and used for auditing; [0095] periodic access risk assessment repeated).
As to claim 19, Lim and Hildebrand disclose the invention as claimed as described in claim 15, wherein the processor is further configured to perform:	initiating a code audit operation which identifies the code access events over the period of time based on code events stored in a code log (Lim [0145] activity audit information related to document access is logged in central database, and used for auditing; [0095] periodic access risk assessment repeated).
Claims 6, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Lim (US 2014/0090012 A1), published Mar. 27, 2014, in view of Hildebrand et al. (US 2008/0288330 A1), published Nov. 20, 2008, in view of Tiffe et al. (US 8,819,856 B1), issued Aug. 26, 2014.
As to claims 6, 13 and 20, Lim and Hildebrand substantially disclose the invention as claimed as described in claims 1, 8 and 15, respectively, failing, however, to explicitly disclose wherein the processor is further configured to: determine whether a number of code clone events exceeded a clone event threshold; and create an alert when the determination is made that the clone event threshold was exceeded and locking access to the sensitive code segments.	Tiffe describes detecting and preventing noncompliant use of source code.	With this in mind, Tiffe discloses wherein the processor is further configured to: determine whether a number of code clone events exceeded a clone event threshold; and create an alert when the determination is made that the clone event threshold was exceeded (Tiffe col. 2 ll. 47-65 generating data used to alert use location contains code clones when number identified meets threshold) and locking access to the sensitive code segments (Tiffe col. 2 ll. 23-38 number of identified clones meets a threshold, prevent portions of source code from being copied).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the detecting and preventing noncompliant use of source code of Tiffe with the access control system of Lim and Hildebrand, such that cloned code segments are not allowed to exceed a specified threshold, as it would advantageously allow for code protection by limiting the places that the code can exist (Tiffe col. 1 l. 58 – col. 2 l. 5).
Claims 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Lim (US 2014/0090012 A1), published Mar. 27, 2014, in view of Hildebrand et al. (US 2008/0288330 A1), published Nov. 20, 2008, in view of Brannon et al. (US 2006/0080546 A1), published Apr. 13, 2006.
As to claims 7 and 14, Lim and Hildebrand disclose the invention as claimed as described in claims 1 and 8, respectively, including wherein the processor is further configured to determine whether the one or more unauthorized code access events (Lim [0133] event (log) correlation identifying trends, repetitions and bad practices by users) were based on unauthorized code storage locations (Lim [0553] attempt to copy to destination not having a policy enforcer results in denial of operation) and unauthorized user profiles (Lim [0355] denies access to users outside of specified group).	Lim and Hildebrand fail to explicitly disclose access attempts which did not use authorized tokens.	Brannon describes a method for regulating access to objects in a content repository.	With this in mind, Brannon discloses access attempts which did not use authorized tokens (Brannon [0007] selected object is provided only if access control token succeeds, token may be provide by rogue device and not be authorized).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the content repository access control tokens system of Brannon with the access control system of Lim and Hildebrand, such that access control tokens are used for access events, as it would advantageously allow for proxy caching of premium content without compromising enforcement of access control rules (Brannon [0004]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Povey, Dean “Optimistic security: a new access control paradigm” is related to a punitive access control methodology.
Biddle et al. (US 2018/0129497 A1) is related to monitoring code sensitivity to cause build breaks.
Lim (US 2014/0090012 A1) is related to policy-based application and access control of source code.
Hildebrand et al. (US 2008/0288330 A1) is related to user access risk scoring.
Linga et al. (US 2016/0285835 A1) is related to data security and access management for documents including software code.
Foley et al. (US 2015/0067861 A1) is related to detecting malware using revision control logs.
Murthy et al. (US 2018/0097787 A1) is related to logging authentication failed access events to a source code repository.
Schreiner et al. (US 2007/0061782 A1) is related to limiting access to proprietary/confidential source-code.
Chacko et al. (US 2014/0283127 A1) is related to masking restricted source code during viewing.
Hameau et al. (US 2006/0048230 A1) is related to designation of code portions as sensitive with varying security levels.
Schawntes (US 2020/0242536 A1) is related to automated role engineering.
Tiffe et al. (US 8,819,856 B1) is related to detecting and preventing noncompliant use of source code.
Misra et al. (US 2010/0007489 A1) is related to adaptive learning for enterprise threat management, including source code modification/transfer policy violations.
Arora et al. (US 2021/0243223 A1) is related to threat-score calculation for cyber-risk.
Couvering (US 8,432,570 B1) is related to identifying source code as sensitive.
Bigus et al. (US 2009/0293121 A1) is related to deviation detection of usage patterns of computer resources.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERIC W SHEPPERD whose telephone number is (571)270-5654.  The examiner can normally be reached on Monday - Thursday, Alt. Friday, 7:30AM - 5:00PM, EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571)272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Eric W Shepperd/Primary Examiner, Art Unit 2492