DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-2 and 8-12 are amended.
Claims 1-20 are pending.

Response to Remarks
35 U.S.C. § 103
Applicant contends that the cited references do not teach or suggest the amended claim limitations of claim 1. Specifically, regarding reference Kremp, Applicant contends the claimed data access signature is a representation of account data, and not a "privilege scheme" allegedly disclosed by Kremp. Examiner respectively disagrees because Kremp in paras 40-41 define "privilege scheme", for instance, as comprising an identity-based access control model, as well as credentials such as job titles or identity credentials. The claimed data access signature is currently very broad, with the broadest reasonable interpretation being any data that may be associated with an account. Thus, as each of an identity-based access control model, credentials, job titles or identity credentials reads upon "account data", Kremp reads upon the amended claim limitations. Accordingly, this contention is unpersuasive. Examiner suggests to amend the claims with a narrower description of data access signature functionally used within the claim.
Applicant also contends, similar to Kremp, that reference Wailly fails to describe the "data access signature" of amended claim 1. Specifically, Applicant contends that Wailly rather describes detecting "abnormal behavior" based on analyzing events. Examiner respectfully disagrees because Wailly in para 41 defines "abnormal behavior", for instance, as comprising access by a program that is executed in the virtual machine to a memory area that is normally not accessed by that program. Thus, as this also similarly reads upon currently broad interpretation of "account data", Wailly reads upon the amended claim limitations. Accordingly, this contention is unpersuasive.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over US 2018/0165183 A1 to Kremp (hereinafter “Kremp”) in view of US 2017/0124326 A1 to Wailly et al. (hereinafter “Wailly”) in view of US 9,449,181 B1 to Umapathy et al. (hereinafter “Umapathy”).

Claims 1 and 11:
Kremp discloses:
a processor; and a memory coupled to the processor, the memory storing computer-executable instructions that, when executed by the processor, configure the processor to: (Section [0020])
in an automated test environment (e.g. framework for testing execution): launch a test instance (e.g. test container) of a first application (e.g. container) (Section [0019] and [0039])
obtain, via the test instance, a data access signature (e.g. privilege scheme) of the first application that indicates, for at least one application state of the first application, respective account data retrieved, by the first application, from a user account at a protected data resource in the at least one application state (e.g. The one or more privilege elements are selected from a set of privilege elements representing the privilege scheme. The set of privilege elements comprise fields representing one or more of credentials (e.g., roles, job titles, identity credentials, or system credentials), permissions (e.g., indications of an access mode), sessions, assignments, attributes (e.g., user attributes, resource or object attributes, action attributes, environmental attributes, or system attributes), geolocations, or any other suitable basis for granting an access control or privilege. Although described using certain privileges or bases for privileges, it should be understood that the one or more privilege elements may comprise any metric on which a privilege or access control may be based) (Section [0040]-[0042])
Kremp does not disclose:
receive, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data
detect a change in the data access signature of the first application
subsequent to receipt of the indication of access permissions
in response to detecting the change in the data access signature of the first application, notify the user of a change in data access behavior of the first application
Wailly, an analogous art of application execution environments, teaches:
detect a change in the data access signature of the first application (e.g. analyze events that occur in a virtual machine and to detect any abnormal behavior.  An abnormal behavior is for example access by a program that is executed in the virtual machine to a memory area that is normally not accessed by the program) (Section [0041])
in response to detecting the change in the data access signature of the first application, notify the user of a change in data access behavior of the first application (e.g. The analyzer is adapted to analyze the events detected as abnormal, where applicable to alert the client to whom the virtual machines belongs and where applicable to implement countermeasures) (Section [0041])
It would have been obvious to one of ordinary skill in the art as of the effective filing date of the claimed invention to modify the application execution in the test environment of Kremp to detect abnormal data access and alert the user when abnormal data access is detected, as taught by Wailly, in order to protect the user data and allow the user to know when their data may be compromised.
Kremp in view of Wailly does not disclose:
receive, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; subsequent to receipt of the indication of access permissions
Umapathy, an analogous art of data access control, teaches:
receive, from a client device associated with the user account, an indication of access permissions for the first application to access the user account for retrieving account data; subsequent to receipt of the indication of access permissions (e.g. a user using device 160 may interact with access information manager to create, define, view, modify, and/or delete one or more service profiles.  A user may be provided a mechanism to define one or more service profiles, and each of the service profiles may include one or more categories of data.  The user may decide which applications to associated with the service profiles.  Once an application is associated with a service profile, the application may access the categories of data included in the service profile) (Column 2, Ln 33-55 and Column 7, Ln 34-41)
It would have been obvious to one of ordinary skill in the art as of the effective filing date of the claimed invention to modify the application execution system/method of Kremp in view of Wailly to receive data access permission from the user, as taught by Umapathy, in order to allow the user to have control over what data they share with the application.

Claims 2 and 12:
Kremp in view of Wailly in view of Umapathy discloses all of the limitations of claims 1 and 11 above. Kremp further discloses:
store the data access signature in association with the access permissions for the first application to access the user account (e.g. in some embodiments, the data set used in testing execution is injected into memory for portions of the data set relevant to access control testing) (Section [0036])

Claims 3 and 13:
Kremp in view of Wailly in view of Umapathy discloses all of the limitations of claims 1 and 11 above. Kremp further discloses:
wherein the at least one application state of the first application comprises an execution state (e.g. operation mode) of the first application (Section [0050] and [0066]-[0068])

Claims 4 and 14:
Kremp in view of Wailly in view of Umapathy discloses all of the limitations of claims 1 and 11 above.  Umapathy further discloses:
wherein the data access signature indicates, for the at least one application state, one or more first types of account data which are accessed by the first application in the application state (e.g. The user may decide which applications to associated with the service profiles.  Once an application is associated with a service profile, the application may access the categories of data included in the service profile) (Column 2, Ln 33-55 and Column 7, Ln 34-41)

Claims 5 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Kremp in view of Wailly in view of Umapathy, as applied to claims 4 and 14 above, in further view of US 2018/0095857 A1 to Sarir et al. (hereinafter “Sarir”).

Claims 5 and 15:
Kremp in view of Wailly in view of Umapathy does not disclose:
wherein detecting a change in the data access signature comprises detecting that, in the at least one application state, the first application retrieves a type of account data that is different from the one or more first types
Sarir, an analogous art of detecting anomalies in data access, discloses:
wherein detecting a change in the data access signature comprises detecting that, in the at least one application state, the first application retrieves a type of account data (e.g. request type data) that is different from the one or more first types (e.g. determine whether the data retrieval request comprises at least one request anomaly based on the historical retrieval request data) (Section [0004], [0009], and [0013])
Since each individual element and its function are shown in the prior art, albeit shown in separate references, the difference between the claimed subject matter and the prior art rests not on any individual element or function but in the very combination itself that is in the substitution of the anomaly detection of Staring for the anomaly detection of Wailly.  Thus, the simple substitution of one known element for another producing a predictable result renders the claim obvious. 

Claims 6, 7, 16, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Kremp in view of Wailly in view of Umapathy, as applied to claims 1 and 11 above, in further view of US 2021/0073097 A1 to Upadhyay et al. (hereafter “Upadhyay”).

Claims 6 and 16:
Kremp in view of Wailly in view of Umapathy does not disclose:
wherein the data access signature indicates, for the at least one application state, a first frequency of retrieval of account data from the user account
Upadhyay, an analogous art of detecting anomalies in data access, discloses:
wherein the data access signature indicates, for the at least one application state, a first frequency of retrieval of account data from the user account (e.g. analyze a component of the decomposed time-series to determine an acceptable range for a number of occurrences of the first type of event) (Section [0007], [0009], [0011], [0430], [0432], and [0434])
Since each individual element and its function are shown in the prior art, albeit shown in separate references, the difference between the claimed subject matter and the prior art rests not on any individual element or function but in the very combination itself that is in the substitution of the frequency of retrieval data access signature of Upadhyay for the data access signatures of Kremp. Thus, the simple substitution of one known element for another producing a predictable result renders the claim obvious. 

Claims 7 and 17:
Kremp in view of Wailly in view of Umapathy in view of Upadhyay discloses all of the limitations of claims 6 and 16 above.  Upadhyay further discloses:
wherein detecting a change in the data access signature comprises detecting that, in the at least one application state, the first application retrieves account data from the user account more frequently than the first frequency (e.g. determine that an anomaly exists at a first time in response to a determination that a number of occurrences of the first type of event falls outside the acceptable range) (Section [0007], [0009], [0011], [0430], [0432], and [0434])

Claims 8-10 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kremp in view of Wailly in view of Umapathy, as applied to claims 1 and 11 above, in further view of US 2018/0144138 A1 to Zhang (hereinafter “Zhang”).

Claims 8 and 18:
Kremp in view of Wailly in view of Umapathy discloses all of the limitations of claims 1 and 11 above.  Umapathy further discloses:
identify an application category for the first application (e.g. the service profiles may include at least one category of data accessible by the third-party application) (Column 5, Ln 62 – Column 6, Ln 3)
Kremp in view of Wailly in view of Umapathy does not disclose:
assign, to the first application, a risk score that is based on the data access signature for the first application
Zhang, an analogous art of data security, discloses:
assign, to the first application, a risk score (e.g. risk score) that is based on the data access signature for the first application (Section [0023]-[0025])
It would have been obvious to one of ordinary skill in the art as of the effective filing date of the claimed invention to modify the application anomaly detection of Kremp in view of Wailly in view of Umapathy to include the use of risk scores assigned to the applications, as taught by Zhang, in order to provide a more robust risk analysis to protect the users data (See Zhang Section [0002]).

Claims 9 and 19:
Kremp in view of Wailly in view of Umapathy in view of Zhang discloses all of the limitations of claims 8 and 18 above.  Zhang further discloses:
determine a ranking (e.g. risk ranking) of the first application relative to one or more other applications of the application category based on the risk score (e.g. risk score) (Section [0023]-[0025])

Claims 10 and 20:
Kremp in view of Wailly in view of Umapathy in view of Zhang discloses all of the limitations of claims 9 and 19 above.  Zhang further discloses:
notifying the user of the determined ranking of the first application (e.g. data security and risk ranking tool may determine that the calculated risk score is a high risk and proceed to security alert/action when an alert is sent and/or an action is performed) (Section [0023]-[0025])

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Ari Shahabi whose telephone number is (571)272-2565. The examiner can normally be reached M-F: 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached on 571-272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/Ari Shahabi/Examiner, Art Unit 3685            

/JOHN W HAYES/Supervisory Patent Examiner, Art Unit 3685