DETAILED ACTION
This communication is responsive to the application # 17/037,107 filed on September 29, 2020. Claims 1-32 are pending and are directed toward NETWORK ASSET LIFECYCLE MANAGEMENT.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Objections
Claim 11 is objected to because of the following informalities:  “embodiment 10” should be “claim 10”.  Appropriate correction is required.
  
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


 Claims 1-7, 10, 12-15, 18 and 19 are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Crabtree et al. (US 2018/0219919, Pub. Date: Aug. 2, 2018), hereinafter referred to as Crabtree.
As per claim 1, Crabtree teaches a method comprising:
scanning a computer network that includes Internet-accessible systems that are external to a specified entity, wherein scanning the set of computer networks includes, for each Internet-accessible system (Today's port scanning software is able to perform massive port scans up to the complete IPv4 space within minutes. Once a device is connected to the Internet, it will be almost immediately scanned for open ports and services. Most of these scans are done by anonymous individuals, in particular targeting at finding and exploiting system vulnerabilities. However, there is also a variety of individuals and organizations openly practicing massive port scanning and pursuing different objectives. Crabtree, [0004]):
providing a payload to all accessible network systems on all accessible ports of the Internet-accessible system ; determining that a response is received from one or more of the accessible network systems (a system and methods for cybersecurity rating using active and passive external reconnaissance, comprising a web crawler that send message prompts to external hosts and receives responses from external hosts, Crabtree, [0007]); and
scanning each accessible network system from which a response is received using a follow-up probe based at least in part on the response received; receiving response data from the one or more accessible network systems based on the scanning (produce time-series data based on at least a portion of a received response message; Crabtree, [0008]);
processing the response data to identify an ephemeral Internet-accessible network asset (Using a hybrid time-series graph, timestamps may be associated with ongoing changes to reveal these updates over time. In a next step 234, a plurality of additional endpoints may be scanned, such as (for example, including but not limited to) internet-of-things (IoT) devices that may be scanned and fingerprinted, end-user devices such as personal smartphones, tablets, or computers, or social network endpoints, Crabtree, [0061]) associated with the specified entity (In a next step 235, open-source intelligence feeds may be checked, such as company IP address blacklists, search domains, or information leaks Crabtree, [0061]); and
storing asset data indicative of the ephemeral Internet-accessible network asset in a network asset database (The multiple dimension time series data store module may also store any time series data encountered by the system such as but not limited to enterprise network usage data, component and system logs, performance data, network service information captures such as, but not limited to news and financial feeds, and sales and service related customer data. Crabtree, [0050]).
As per claim 2, Crabtree teaches the method of claim 1, wherein the ephemeral Internet-accessible network asset includes any of an Internet Protocol (IP) address, a range of IP addresses, a domain name, a digital certificate, or a cloud infrastructure account (Crabtree, Fig. 2A).
As per claim 3, Crabtree teaches the method of claim 1, where processing the response data to identify the ephemeral Internet-accessible network asset includes: identifying a related entity that is responsible for the ephemeral Internet-accessible network asset; wherein the asset data is further indicative of the related entity; wherein the specified entity is an enterprise organization and wherein the related entity is any of an individual or department associated with the enterprise organization (Crabtree, [0058], [0061]).
As per claim 4, Crabtree teaches the method of claim 1, where processing the response data to identify the ephemeral Internet-accessible network asset includes any of: identifying a service that is implemented using the ephemeral Internet-accessible network asset, wherein the asset data is further indicative of the identified service; identifying entity data that is stored or processed using the ephemeral Internet-accessible network asset, wherein the asset data is further indicative of the entity data; identifying a particular network system used to implement the ephemeral Internet-accessible network asset, wherein the asset data is further indicative of the particular network system (Crabtree, [0050], [0052]); or
identifying a registration record associated with the ephemeral Internet-accessible network asset, wherein the asset data is further indicative of the registration record (Crabtree, [0058]).
As per claim 5, Crabtree teaches the method of claim 1, further comprising: continually updating the network asset database as additional network assets associated with the specified entity are identified (Crabtree, [0081]).
As per claim 6, Crabtree teaches the method of claim 1, further comprising: receiving network information associated with the specified entity from a stored network information database, wherein the ephemeral Internet-accessible network asset is identified by processing the response data and the network information from the network information database (Crabtree, [0058], [0061], [0076]); and/or
receiving a registration record from a third-party registration service, wherein the ephemeral Internet-accessible network asset is identified by processing the response data and the registration record received from the third-party registration service (Crabtree, [0058], [0061]).
As per claim 7, Crabtree teaches the method of claim 1, wherein processing the response data to identify the ephemeral Internet-accessible network asset associated with the specified entity includes: accessing a fingerprint associated with the specified entity (Crabtree, [0053]);
comparing the fingerprint with the response data to determine that the response data is from a particular network system associated with the specified entity (Crabtree, [0058]);
and extracting an identifier from the response data, the identifier indicative of the ephemeral Internet-accessible network asset (Crabtree, [0060]).
As per claim 10, Crabtree teaches the method of claim 1, further comprising: accessing a policy rule associated with the specified entity; determining that an activity associated with the ephemeral Internet-accessible network asset violates the policy rule (Crabtree, [0060]); and performing an automated action to remedy the policy rule violation (Crabtree, [0079]).
Claims 12-15, 18 and 19 have limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of anticipation as used above. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 8. 9 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Crabtree et al. (US 2018/0219919, Pub. Date: Aug. 2, 2018), in view of Kim et al. (US 2014/0162601, Pub. Date: Jun. 12, 2014), hereinafter referred to as Crabtree and Kim.
As per claim 8, Crabtree teaches the method of claim 1, but does not teach expiration, Kim however teaches further comprising: determining, based on the asset data, that a registration associated with the ephemeral Internet-accessible network asset will expire, the registration owned by the specified entity; and performing an automated action to preserve the registration associated with the ephemeral Internet-accessible network asset before the registration expires (The database 134 may contain a record associated with each user. The record for each user may include an ephemeral identifier assigned to the user and a private identifier associated with an identity of the user. The private identifier may include a phone number, an e-mail address, a username, or other unique identifying information. The ephemeral identifier may be periodically replaced or updated with a new value. The record for each user may include an indication of an update frequency or an expiration time for the ephemeral identifier assigned to the user. In one example, the provider 130 may set a minimum expiration time (e.g., one day) or update frequency (e.g., one hour) for all ephemeral identifiers. The update frequency or expiration time may be configured by the provider 130, or individually by each user. Kim, [0021]).
Crabtree in view of Kim are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Crabtree in view of Kim. This would have been desirable because there are general needs for systems and methods that reduce exposure of personal or identifying information to unauthorized devices, while allowing associated users or devices to securely discover and communicate with each other (Kim, [0003]).

As per claim 9, Crabtree in view of Kim teaches the method of claim 8, wherein performing the automated action includes any of: generating a ticket indicative of the expiration of the registration and inputting the ticket into an asset management system; generating a notification indicative of the expiration of the registration; or transmitting automatically a renewal request to a registration service to renew the registration (Kim, [0030], [0021], [0036]).
Crabtree in view of Kim are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Crabtree in view of Kim. This would have been desirable because there are general needs for systems and methods that reduce exposure of personal or identifying information to unauthorized devices, while allowing associated users or devices to securely discover and communicate with each other (Kim, [0003]).

Claim 20 has limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of obviousness as used above.
Claims 11, 16 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Crabtree et al. (US 2018/0219919, Pub. Date: Aug. 2, 2018), in view of Stamos (US 8,990,392, Mar.24,2015), hereinafter referred to as Crabtree and Stamos.
As per claim 11, Crabtree teaches the method of embodiment 10, but does not teach a ticket indicative of the policy rule violation and inputting the ticket into an asset management system, Stamos however teaches wherein performing the automated action includes any of: generating a ticket indicative of the policy rule violation and inputting the ticket into an asset management system; generating a notification indicative of the policy rule violation; or adjusting automatically the activity associated with the ephemeral Internet-accessible network asset to remedy the policy rule violation (In FIG. 17, Joe has clicked on one of the tickets shown to him in interface 1600 (ticket 1602). Interface 1700 shows the details of a particular ticket, such as ticket 1602. Here, Joe can review the various features of the ticket, such as what type of ticket it is, what type of scan generated the ticket, which scanning company was used to perform the scan, the scanning company's scan identifier, the date and time that the scan was performed, the date and time that the ticket was generated, the priority level for the scan's resulting violation, the date required for customer to remediate the violation and remain in compliance with the associated policy regime, the asset associated with the violation, and the policy regime that was applied to that asset. Additionally, Joe can read from the ticket's description that the test that resulted in the ticket being generated requires an operator to map the result ( of an external scan) to a violation of a rule in the .secure policy regime. Joe can perform the mapping by selecting a rule from dropdown 1702. Stamos, Column 23, lines 31-48).
Crabtree in view of Stamos are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Crabtree in view of Stamos. This would have been desirable because an entity, such as large enterprise, might have written policies that govern the management of its computing resources. As one example, the enterprise might have written policies describing which sorts of applications are permitted to run on enterprise-owned servers that are accessible via the Internet. Unfortunately, such policies can be very difficult to enforce. As one example, it can be difficult for the enterprise to become aware of when a new server is brought online, and thus difficult to determine whether the new server is in compliance with applicable policies. As another example, it can likewise be difficult to know when an existing server makes available a service it did not previously offer, or makes available a service in a manner that is not consistent with the written policy. Improvements in techniques for monitoring computing systems are therefore desirable (Stamos, Column 1, lines 22-36).

Claim 16 has limitations similar to those treated in the above rejection, and are met by the references as discussed above, and are rejected for the same reasons of obviousness as used above.
As per claim 17, Crabtree in view of Stamos teaches the method of claim 16, wherein adjusting automatically the property and/or activity associated with the ephemeral Internet-accessible network asset includes any one of:
configuring a firewall setting associated with the ephemeral Internet-accessible network asset (6. Must filter inbound ICMP messages at network edge firewalls. 7. Must filter outbound type 3 "unreachable" ICMP messages at network edge firewalls. Stamos, Column 9, lines 39-42);
blocking a service implemented using the ephemeral Internet-accessible network asset; or removing data that is stored or processed using the ephemeral Internet-accessible network asset (d. All other services will be flagged for further review when first detected: i. A map of approved services will be maintained for each host. ii. Accepted services will be added to the list of approved services. iii. Rejected services will be flagged as an unnecessary service which should be eliminated. Stamos, Column 10, lines 1-8).
Crabtree in view of Stamos are analogous art to the claimed invention, because they are from a similar field of endeavor of systems, components and methodologies for providing secure communication between computer systems. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify Crabtree in view of Stamos. This would have been desirable because an entity, such as large enterprise, might have written policies that govern the management of its computing resources. As one example, the enterprise might have written policies describing which sorts of applications are permitted to run on enterprise-owned servers that are accessible via the Internet. Unfortunately, such policies can be very difficult to enforce. As one example, it can be difficult for the enterprise to become aware of when a new server is brought online, and thus difficult to determine whether the new server is in compliance with applicable policies. As another example, it can likewise be difficult to know when an existing server makes available a service it did not previously offer, or makes available a service in a manner that is not consistent with the written policy. Improvements in techniques for monitoring computing systems are therefore desirable (Stamos, Column 1, lines 22-36).



Allowable Subject Matter
Claims 1-16 are allowed.
The following is an examiner’s statement of reasons for allowance: none of the prior art of record alone or in combination teaches in combination with other limitations: 
processing the response data to identify a combined attack surface associated with a plurality of entities associated with a supply chain; and
enabling a first entity of the plurality of entities to access a first view of the combined attack surface.
The closest prior art made of record are:
NPL Ellison et al. “Evaluating and Mitigating Software Supply Chain Security Risks”, TECHNICAL NOTE CMU/SEI-2010-TN-016, May 2010, 50 pages;
NPL Wang “Knowledge Set of Attack Surface and Cybersecurity Rating for Firms in a Supply Chain”, (November 3, 2017), SSRN, 23 pages;
US PgPub No. 2019/0258953 by Lang et al .
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to OLEG KORSAK whose telephone number is (571)270-1938.  The examiner can normally be reached on 5:00 AM- 4:00 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/OLEG KORSAK/
Primary Examiner, Art Unit 2492