DETAILED ACTION
This action is in response to the initial claims filed 10/26/2020.  Claims 1-20 are pending.  Independent claims 1,8 and 15, and corresponding dependent claims are directed towards a method, system and computer-readable storage medium for machine learning-based techniques for identifying deployment environments and enhancing security thereof.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Drawings
The drawings are objected to because:	Fig. 8 items 800 and 802, are directed towards a “mobile device” and “components” per the specification, however, in Fig. 8 both labels are pointing to the same box which is labeled “Mobile Device”; and	Fig. 8 the “Physical Connector 860” should read  “Physical Connector 860”, per [0073].	Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Specification
The disclosure is objected to because of the following informalities:	[0032] the first recitation of the acronym TDIDF is not expanded;	[0032] l. 7 “Featurizer 2004” should be “Featurizer 204”;	[0068] the first recitation of the acronyms RAM, ROM and GSM are not expanded;	[0072] the first recitation of the acronyms 3G, 4G, 5G are not expanded;	[0073] the first recitation of the acronyms USB, IEEE and RS are not expanded;	[0076] the first recitation of the acronyms CD and DVD are not expanded; and	[0081] the first recitation of the acronyms MEM and RF are not expanded.	Appropriate correction is required.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

 (a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-4, 7-11 and 14-18 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Shackleton et al. (US 2021/0182403 A1), national stage with international filing date of Oct. 11, 2018.
As to claim 1, 8 and 15, Shackleton discloses a method (Shackleton [0009]), system (Shackleton [0014] system) and computer-readable storage medium (Shackleton [0014] memory with instructions for performing method), hereinafter referred to as system, for enhancing security for a deployment environment comprising a plurality of computing resources (Shackleton [0003]-[0005] managing security for many virtual machines (VM)(s)), comprising:	at least one processor circuit (Shackleton [0014] processor); and	at least one memory that stores program code configured to be executed by the at least one processor circuit (Shackleton [0014] memory with instructions for performing method), the program code comprising:		a deployment environment determiner (Shackleton Fig. 2 components 204 Machine Learning Algorithm (ML), 210 VM Vulnerability Vector  and 214 Security Configuration Selector; [0026]) configured to:			receive usage data associated with the plurality of computing resources (Shackleton [0030] use of VM log file data and state – requires acquisition);			generate a feature vector based on the usage data (Shackleton Fig. 2 item 202;  [0030] encode a configuration state of a VM into a VM configuration vector 202, which can include log file data);			provide the feature vector as input to a machine learning model (Shackleton Fig. 2 showing 202 provided to Machine Learning Algorithm 204; [0030]) that determines the deployment environment of the plurality of computing resources based on the feature vector(Shackleton Fig. 2 showing output of VM Vulnerability Vector 210 from Machine Learning Algorithm 204 algorithm [0031]); and			determine a security policy from a plurality of security policies that is applicable for the determined deployment environment (Shackleton [0026] Security Configuration aligned to a security policy is selected based on risk determined from global/local threat information and the vulnerability vector 210).
As to claims 2, 9 and 16, Shackleton discloses the invention as claimed as described in claims 1, 8 and 15, respectively, including wherein the machine learning model is generated by:	providing first features associated with first past usage data as first training data to a machine learning algorithm, the first past usage data labeled as associated with a first deployment environment (Shackleton [0032]-[0034] training machine learning algorithm with multiple labeled VM configurations from multiple VMs); and	providing second features associated with second past usage data as second training data to the machine learning algorithm, the second past usage data labeled as associated with a second deployment environment that is different than the first deployment environment (Shackleton [0032]-[0034] training machine learning algorithm with multiple labeled VM configurations from multiple VMs),	wherein the machine learning algorithm generates the machine learning model based on the first training data and the second training data (Shackleton [0032]-[0034] training machine learning algorithm with multiple labeled VM configurations from multiple VMs).
As to claims 3, 10 and 17, Shackleton discloses the invention as claimed as described in claims 1, 8 and 15, respectively, including wherein the determined security policy comprises a plurality of recommended security settings to be implemented for the plurality of computing resources of the determined deployment environment (Shackleton [0006] security policy defines security configuration for VM including configuration characteristics of VM).
As to claims 4, 11 and 18, Shackleton discloses the invention as claimed as described in claims 3, 10 and 17, respectively, including wherein the deployment environment determiner is further configured to:	for each of the recommended security settings, receive an indication as to whether the plurality of computing resources is in compliance with the recommend security setting (Shackleton [0013] VM configuration vector includes state of each of a plurality of configuration characteristics); and	determine a security score for the determined deployment environment based on the indication received for each of the recommended security settings, the security score being indicative of a level of compliance of the determined deployment environment with respect to the determined security policy (Shackleton [0028] determination of a degree of vulnerability of target VM, based on VM vulnerability vector (derived by machine learning from configuration vector) having a vector of metrics each corresponding to an indication of an extent of a weakness; [0012] selection of security configuration is based upon weighting elements in the vulnerability vector based on characteristic identified).
As to claims 7 and 14, Shackleton discloses the invention as claimed as described in claims 1 and 8, respectively, including wherein the usage data comprises at least one of:	one or more network ports utilized by each of the plurality of computing resources (Shackleton [0028] nature, number, extent and security of open ports is reflected by metrics in VM vulnerability vector (i.e. expose ports are determined by using configuration vector));	at least one of a type or number of network packets transmitted by each of the plurality of computing resources (optional – not required);	at least one of a type or number of network packets received by each of the plurality of computing resources (optional – not required);	an amount of memory utilized by each of the plurality of computing resources (optional – not required);	a measure of processing usage for each of the plurality of computing resources (optional – not required); or	a pattern of account logins with respect to the plurality of computing resources (optional – not required).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 5, 12 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Shackleton et al. (US 2021/0182403 A1), national stage with international filing date of Oct. 11, 2018, in view of Xie et al. (US 2018/0324219 A1), published on Nov. 8, 2018.
As to claims 5, 12 and 19, Shackleton substantially discloses the invention as claimed as described in claims 3, 10 and 17, respectively, failing to explicitly disclose wherein the deployment environment determiner is further configured to perform one of:  provide a first notification that indicates which of the recommend security settings have been implemented for the determined deployment environment; provide a second notification that indicates which of the recommend security settings have not been implemented for the determined deployment environment; or automatically activate at least one of the recommended security settings.	Xie describes a network security framework based scoring metric generation and sharing.	With this in mind, Xie discloses provide a second notification that indicates which of the recommend security settings have not been implemented for the determined deployment environment (Xie [0057] report security criteria that are causing a low score for network segment; Fig. 8 and Fig. 9A showing recommendations not implemented and triggering a low score; [0074]-[0075]).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the environment analysis and reporting of Xie with the security configuration determination of Shackleton, such that compliance reporting is made available as a summary of the implementation of a security configuration, as it would advantageously assist in determination if an implemented security configuration is sufficient for the level of security required (Xie [0005]-[0006]).
Claims 6, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Shackleton et al. (US 2021/0182403 A1), national stage with international filing date of Oct. 11, 2018, in view of Sastry et al. (US 2016/0315965 A1), published on Oct. 27, 2016.
As to claims 6, 13 and 20, Shackleton substantially discloses the invention as claimed as described in claims 1, 8 and 15, respectively, failing, however, to explicitly disclose wherein the determined deployment environment comprises one of: a test environment;	a production environment; or a staging environment.	Sastry describes cloud-based authorization policy customization.	With this in mind, Sastry discloses wherein the determined deployment environment comprises one of: a test environment; a production environment; or a staging environment (Sastry [0039] policy migration to test, staging and production environments).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the cloud based authorization policy customization of Sastry with the security configuration determination of Shackleton, such that the security policy configuration can be applied to multiple environment types as in Sastry, as it would advantageously allow for automation of the customization of authorization policies for customers of a cloud service (Sastry [0004]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Aleks et al. (US 2021/0037040 A1) is related to machine learning generation of security configurations or policies to cure vulnerabilities.
White et al. (US 2021/0051177 A1) is related to machine learning updating of security policies.
Ashlock et al. (US 2021/0350276 A1) is related to machine learning based policy recommendations.
Wright et al. (US 2022/0131904 A1) is related to hardening of security for applications using machine learning.
Cheng et al. (US 2010/0332422 A1) is related to policy evolution using machine learning.
Salman et al. (US 2020/0177638 A1) is related to automatic generation of security rules for network micro and nano-segmentation.
Bargury et al. (US 2019/0286826 A1) is related to machine learning detection of unused open ports.
Kilger et al. (US 2019/0007415 A1) is related to an access control manager.
Kliger et al. (US 2020/0053090 A1) is related to automated access control policy generation for computer resources.
Vayman (US 2006/0075461 A1) is related to learning about the effectiveness of a policy rule prior to implementation.
Zhao (US 2017/0250870 A1) is related to virtual network policy configuration.
Woodard et al. (US 2005/0097199 A1) is related to scanning network devices for policy compliance.
Kulkarni et al. (US 2008/0244690 A1) is related to deriving remediations from security compliance rules.
Alagappan et al. (US 10,713,664 B1) is related to reporting of microservice regulatory compliance.
Hulick, JR. (US 2020/0026865 A1) is related to an application security policy management agent.
Parees et al. (US 2018/0027051 A1) is related to policy control for migration of an application between environments.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERIC W SHEPPERD whose telephone number is (571)270-5654.  The examiner can normally be reached on Monday - Thursday, Alt. Friday, 7:30AM - 5:00PM, EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571)272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Eric W Shepperd/Primary Examiner, Art Unit 2492