DETAILED ACTION
This Office Action is in response to the application 16/953,014 filed on 11/19/2020.
Claims 1-23 have been examined and are pending in this application.


Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Election/Restrictions
For the record, the Examiner acknowledges that NO restrictions warranted at applicants initial time of filing for patent.


Priority
For the record, the Examiner acknowledges that NO foreign priority claimed at applicant’s initial time of filing for patent.


Information Disclosure Statement
For the record, the Examiner acknowledges that NO information disclosure statement (IDS), claimed at applicant’s initial time of filing for patent.


Oath/Declaration
For the record, the Examiner acknowledges that the Oath/Declaration submitted on 11/19/2020 has been accepted.

Drawings
For the record, the Examiner acknowledges that the drawings filed on 11/19/2020 has been accepted.

Specification
For the record, the Examiner acknowledges that the Applicant's specification filed on 11/19/2020 has been accepted.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-23 are rejected under 35 U.S.C. 102 (a)(1) as being anticipated by NPL Peter Mell et al. (hereinafter Mell): “Restricing Insider Access Through Efficient Implementation of Mutli-Policy Access Control Systems.”, Oct. 28, 2016, pages 13-21.

Referring to claim 1, Mell teaches in a digital medium environment for graph-based access control, a method implemented by at least one computing device, the method comprising: 
generating a next generation access control (NGAC) graph configured with multiple policy classes as enforceable access criteria by which users are allowed or denied access to resources, the NGAC graph having a bifurcated structure with a user section that includes the users modeled as user elements and an object section that includes the resources modeled as object elements (pgs. 15-16, sec. 3, NGAC specification, access control graph and fig. 1); 
modeling policy binding nodes as user attributes in the user section of the NGAC graph, the policy binding nodes modeled for each of the multiple policy classes and each of the policy binding nodes assigned to a corresponding one of the multiple policy classes (pgs. 15-16, sec. 3, set of policy class (pc) and figs. 1 and 2); 
assigning a user element as a member of a policy binding node, the user element being contained by the corresponding policy class, and the policy binding node delineating at least one policy permission on an object element and granting the policy permission on the object element to the user element (pgs. 15-16, sec. 3, evaluating NGAC graph and fig. 2); and 
evaluating the NGAC graph with a graph evaluation procedure to determine graph analysis information relative to at least one of the user element, the granted policy permission, or the object element based in part on a singular traversal path through the NGAC graph between the user element and the object element via the policy binding node (pgs. 15-16, sec. 3, example of evaluating NGAC graph and figs. 1 and 2).

Referring to claim 2, Mell further teaches wherein the NGAC graph is a directed acyclic graph (DAG) structure generated and stored as a bi-directional graph structure facilitating the evaluating of the NGAC graph with the graph evaluation procedure (pg. 15, sec. 3 and fig. 1; the overall graph is a directed acyclic graph (DAG)).

Referring to claim 3, Mell further teaches wherein the graph evaluation procedure comprises computing an access control decision given the user element, the policy permission, and the object element to determine whether or not the user element is granted access to the object element based on the policy permission (pgs. 15-16, sec. 3, evaluating NGAC graph and figs. 1 and 2).

Referring to claim 4, Mell further teaches wherein the graph evaluation procedure comprises generating a user list given the user element and the granted policy permission to identify a set of the object elements that the user element can access based on the granted policy permission (abstract; pgs. 15-16, sec. 3, evaluating NGAC graph and figs. 1 and 2).

Referring to claim 5, Mell further teaches wherein the graph evaluation procedure comprises generating an object list given the object element and the granted policy permission to identify a set of the user elements that can access the object element based on the granted policy permission (abstract; pgs. 15-16, sec. 3, evaluating NGAC graph and figs. 1 and 2).

Referring to claim 6, Mell further teaches wherein the graph evaluation procedure comprises generating a permissions test given the user element and the object element to identify a set of granted policy permissions that the user element is assigned on the object element (abstract; pgs. 15-16, sec. 3, evaluating NGAC graph and figs. 1 and 2).

Referring to claim 7, Mell further teaches wherein the graph evaluation procedure comprises performing an explain procedure given the object element and the user element to determine the singular traversal path through the NGAC graph between the user element and the object element (abstract; pgs. 15-16, sec. 3, evaluating NGAC graph and figs. 1 and 2).

Referring to claim 8, Mell further teaches wherein the graph evaluation procedure comprises performing a precheck-audit procedure given the obj ect element and the user element to determine an effect of an off-line policy permission before the off-line policy permission is granted (abstract; pgs. 15-16, sec. 3, evaluating NGAC graph and figs. 1 and 2).

Referring to claim 9, Mell further teaches wherein the graph evaluation procedure comprises performing an audit-explain procedure given a previous state snapshot of the NGAC graph and a logical timestamp to determine why an access by the user element was allowed or not allowed on the object element based on the granted policy permission (abstract; pgs. 15-16, sec. 3, evaluating NGAC graph and figs. 1 and 2).

Referring to claim 10, This claim is similar in scope to claim 1, and is therefore rejected under similar rationale.

Referring to claim 11, This claim is similar in scope to claim 3, and is therefore rejected under similar rationale.

Referring to claim 12, This claim is similar in scope to claims 4-6, and is therefore rejected under similar rationale.

Referring to claim 13, This claim is similar in scope to claim 7, and is therefore rejected under similar rationale.

Referring to claim 14, This claim is similar in scope to claims 8-9, and is therefore rejected under similar rationale.

Referring to claim 15, This claim is similar in scope to claim 1, and is therefore rejected under similar rationale.

Referring to claim 16, This claim is similar in scope to claim 2, and is therefore rejected under similar rationale.

Referring to claim 17, This claim is similar in scope to claim 3, and is therefore rejected under similar rationale.

Referring to claim 18, This claim is similar in scope to claim 4, and is therefore rejected under similar rationale.

Referring to claim 19, This claim is similar in scope to claim 5, and is therefore rejected under similar rationale.

Referring to claim 20, This claim is similar in scope to claim 6, and is therefore rejected under similar rationale.

Referring to claim 21, This claim is similar in scope to claim 7, and is therefore rejected under similar rationale.

Referring to claim 22, This claim is similar in scope to claim 8, and is therefore rejected under similar rationale.

Referring to claim 23, This claim is similar in scope to claim 9, and is therefore rejected under similar rationale.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Please see the attached PTO-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YONAS A BAYOU whose telephone number is (571)272-7610. The examiner can normally be reached Monday-Friday 7AM-4PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on 571-272-3951. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/YONAS A BAYOU/Primary Examiner, Art Unit 2499                                                                                                                                                                                                        08/18/2022