DETAILED ACTION
 				Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination under 37 CFR 1.114
2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/11/2022 has been entered.

3.	Applicant's arguments and amendments, filed on 10/11/2022 has been entered and carefully considered. Claim 24, 25 are new. Claims 10, 20 and 22 are cancelled. Claims 1, 4, 11, 14 and 21 are amended. Claims 1-9, 11-19, 21 and 23-25 have been examined and rejected.
 
Response to Amendment and Arguments
4.	Applicant’s amendments and arguments filed on 10/11/2022 with respect to rejections of claims 1-9, 11-19, 21 and 23 have been considered but are moot in view of the new ground of rejection necessitated by applicant’s amendment.

Claim Rejections - 35 USC § 103
5.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

6.	Claims 1-4, 11-14, 21, 24 and 25 are rejected under AIA  35 U.S.C. 103 as being unpatentable over LEV RAN et al. (U.S. PGPub 2010/0169392 hereafter LEV) in view of Little et al.  (U.S. PGPub 2020/0302074).
As per claims 1, 11 and 21, 
LEV teaches a method of accessing a file comprising: determining whether a client requests a permission for a target file (LEV, see fig., 9 para 0317, the VFN receiver's lease client 38 requests a write lease from lease manager 44 of the VFN transmitter that is the resource owner, at a write lease request step 132, the lease manager checks whether any other lease clients hold valid read leases for the resource, at a read lease check step 134 if so the lease manager revokes all of the other outstanding read leases for the at step 142), 
the permission allowing the client to cache data associated with the target file (LEV, see para 0266 the VFN receiver support caching of authorized content., authorized caching is supported for content accessed through a VFN transmitter, and for content fetched retrieved directly by a VFN receiver from an origin Web site and implementing authorized content caching , the VFN receiver caches the resource's data, but, before it grants the client access to the data, the VFN receiver sends an authorization request to the proper VFN transmitter, which is responsible for granting access to the content, write operations can be performed using a write-back cache scheme); 
5in response to determining that the client requests the permission, obtaining pattern information from the open request received from the client, wherein the pattern information is related to an access pattern in which the client accesses the target file (LEV, see para 0242, 0313, 0317-0319, 0423, method is used whenever a client 28 requests an operation such as open, read, write, or close, on a resource R registered with the VFN system and held by a remote file server 25, the VFN receiver's lease client 38 requests a read lease from the lease manager 44 of the VFN transmitter that is the resource owner, at a read lease request at step 120, the lease manager checks whether any other lease clients hold valid write leases for the resource, at a write lease check at step 122, the lease manager denies the read lease request,  the VFN transmitter is configured to keep a resource on file server 25 open for a certain amount of time after the resource has been closed by client 28 of the VFN receiver, during this period, an open request from any of the clients of any of the peer VFN receivers of the VFN transmitter is handled locally by the VFN transmitter, without the need to interact with file server 25); 
LEV fails to exclusively teach wherein the pattern information is related to an access pattern in which the client accesses the target file and includes a time when the client requests the permission. determining availability of the permission to the client by applying the pattern information to a decision model, the decision model being trained based on training pattern information and training permission information; and 10providing, to the client, an indication on the availability.
In a similar field of endeavor Little teaches wherein the pattern information is related to an access pattern in which the client accesses the target file (Little see para 0073, 0074, at step 3, analytics server 406  capture user behavior relating to the current file access request and incorporate that information into historical user behavior information maintained by analytics server 406, including historical data regarding general file accesses by the user, historical data regarding observed locations of the user when making such file access requests, and historical data regarding observed times at which the user typically accesses files)
 and includes a time when the client requests the permission(Little see para 0061, information regarding historical user behavior can include historical data regarding general file access which includes one or more of a number of files accessed by the user over a predetermined period of time, types of files accessed, and applications used by the user over the predetermined period of time, observed locations of the user, and historical data regarding observed times at which the user accesses files, times when the file is requested, times when the user typically accesses a file).
determining availability of the permission to the client by applying the pattern information to a decision model (Little see para 0048, analytics server 106 can determine a risk score for the user based on multiple factors, including information regarding historical user behavior, the file access request and observed data determined based on the file access request, at block 304, behavior analytics functionality determine risk score for the user based on multiple factors, including, but not limited to information regarding historical user behavior, the file access request and observed data determined based on the file access request, include current location of the user as determined by the IP address, a time at which the file access was requested, and information regarding whether the user is accessing the file from a trusted location or an untrusted location), 
the decision model being trained based on training pattern information and training permission information (Little see para 0049, 0050, machine learning algorithm employed by analytics server 106  builds a model of user behavior in dependence on reference data, an example training set of input observations within the network environment at issue over a period of time,  model of user behavior may comprise a model of normal behavior, behavior which is not of a suspect nature, in dependence on normal reference data which reflects normal behavior of the users of the network environment at issue); 
and 10providing, to the client, an indication on the availability(Little see para 0072, block 352, the risk score can be compared with the first threshold value, if the risk score is less than the first threshold, at block 360, the permission server can provide full access to the file by returning the decryption key else at block 354, the risk score can be compared with the second threshold value, if the risk score is between first threshold value and the second threshold value, at block 362, the permission server can provide limited access to the file by returning the decryption key and specifying the limitations, else if the risk score is not between the first threshold value and the second threshold value, that is, at block 356, if the risk score is greater than the second threshold value, at block 358, the permission server can block access to the file by withholding the decryption key).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of LEV with the teaching of Little, as doing so would provide an efficient method for a machine-learning driven fine-grained file access control approach for an enterprise network using  information regarding historical user behavior of users of the enterprise network by observing file access requests initiated by the users (Little see para 0025).

 	As per claims 2 and 12,
LEV in view of Little teaches the method of claim 1, wherein obtaining the pattern information comprises: determining whether the target file is being accessed or is to be accessed by a further client; 15in response to determining that the target file is being accessed or is to be accessed by the further client, determining that the permission has a first permission level; and in response to determining that no further client is accessing or is to access the target file, determining that the permission has a second permission level higher than the first permission level (LEV, see para 0313, 0317-0319, the VFN receiver's lease client 38 requests a read lease from the lease manager 44 of the VFN transmitter that is the resource owner, at a read lease request at step 120, the lease manager checks whether any other lease clients hold valid write leases for the resource, at a write lease check at step 122, the lease manager denies the read lease request,  as shown in fig. 9, lease client 38 requests a write lease from lease manager 44 of the VFN transmitter that is the resource owner, at a write lease request step 132, the lease manager checks whether any other lease clients hold valid read leases for the resource, at a read lease check step 134, the lease manager revokes all of the other outstanding read leases for the resource, the lease manager then grants the write lease or grants the lease immediately, if no read leases were revoked, at a lease grant step 139);

As per claims 3 and 13,
LEV in view of Little teaches the method of claim 2, wherein the first permission level corresponds to a shared permission, and the second permission level corresponds to an exclusive permission (LEV, see para 0313, the VFN receiver's lease client 38 requests a read lease from the lease manager 44 of the VFN transmitter that is the resource owner, at a read lease request step 120, the lease manager checks whether any other lease clients hold valid write leases for the resource, at a write lease check step 122. In such a case, the lease manager denies the read lease request, at a lease denial step 128, access to the requested resource is still provided to the client, at a validated access step 130, in the manner described above with reference to steps 102 through 118 of fig. 6).

As per claims 4 and 14,
LEV in view of Little teaches the method of claim 2, wherein obtaining the pattern information further comprises obtaining: an operation to be performed on the target file by the client, and an identification of the client (Little see para 0048, analytics server 106 can determine a risk score for the user based on multiple factors, including information regarding historical user behavior, the file access request and observed data determined based on the file access request, at block 304, behavior analytics functionality determine risk score for the user based on multiple factors, including, but not limited to information regarding historical user behavior, the file access request and observed data determined based on the file access request, include current location of the user as determined by the IP address, a time at which the file access was requested, and information regarding whether the user is accessing the file from a trusted location or an untrusted location).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of LEV with the teaching of Little, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 1, 11 and 21;

As per claim 24, 
LEV in view of Little teaches the method of claim 1, wherein the time the client requests the permission comprises a year, month, and day when the open request was sent from the client (Little see para 0060, the file access requests can be initiated by the users using client machines and can include or be supplemented to include information such as an IP address and geographical location of the access, time of the access, a user identifier of the accessor or user, the name of the file attempting to be accessed, and it would be obvious to one with skill in the art at the time of invention that the time will include year, month and day in the time stamp).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of LEV with the teaching of Little, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claim 1;

As per claim 25, 
LEV in view of Little teaches the method of claim 1 wherein determining that the client requests the permission for the target file comprises determining that the open request received from the client includes a request from the client for the permission LEV, see para 0242, 0313, 0317-0319, 0423, method is used whenever a client 28 requests an operation such as open, read, write, or close, on a resource R registered with the VFN system and held by a remote file server 25, the VFN receiver's lease client 38 requests a read lease from the lease manager 44 of the VFN transmitter that is the resource owner, at a read lease request at step 120, the lease manager checks whether any other lease clients hold valid write leases for the resource, at a write lease check at step 122, the lease manager denies the read lease request,  the VFN transmitter is configured to keep a resource on file server 25 open for a certain amount of time after the resource has been closed by client 28 of the VFN receiver, during this period, an open request from any of the clients of any of the peer VFN receivers of the VFN transmitter is handled locally by the VFN transmitter, without the need to interact with file server 25);

7.	Claims 5-9, 15-19 and 23 are rejected under AIA  35 U.S.C. 103 as being unpatentable over LEV RAN et al. (U.S. PGPub 2010/0169392 hereafter LEV) in view of Little et al. (U.S. PGPub 2020/0302074) in view of NEVATIA et al. (U.S. PGPub 2020/0412726).
30	As per claims 5 and 15,
LEV in view of Little teaches the method of claim 1, yet fails to teach further comprising: determining event information associated with providing of the availability, the 21Attorney Docket No.: 1003-1068 event information indicating at least one of maintenance of the permission, disabling of the permission and access to the target file; determining, for the decision model, a feedback corresponding to the availability, based on the event information; and 5updating the decision model with the feedback corresponding to the availability.  
In a similar field of endeavor NEVATIA teaches further comprising: determining event information associated with providing of the availability, the 21Attorney Docket No.: 1003-1068 event information indicating at least one of maintenance of the permission, disabling of the permission and access to the target file; determining, for the decision model, a feedback corresponding to the availability, based on the event information; and 5updating the decision model with the feedback corresponding to the availability (NEVATIA, see para 0039 as shown in fig 1C, the security monitoring platform apply the one or more reinforcement learning techniques to update the access rights data model based on the feedback received from the client device, the reinforcement learning technique(s) may include a deep Q-network (DQN) learning technique, a Q-learning technique, a Markov decision process (MDP), and/or the like, the reinforcement learning technique may be based on a lookup table a Q-table that includes a set of possible states and a set of actions that are possible for each state, the set of possible states correspond to a mapping between a set of features and a particular access level and/or the like, and the set of actions may include maintaining, revising, revoking, elevating, and/or modifying the access level).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the code provisioning system of LEV in view of Little with the teaching of NEVATIA, as doing so would provide an efficient method for security monitoring platform may apply a reinforcement learning technique to update the access rights data model based on feedback related to the one or more actions (NEVATIA see para 0002-0003).

As per claims 6 and 16,
LEV in view of Little in of NEVATIA teaches the method of claim 5, wherein the availability indicates that the client is refused to be granted the permission, and wherein determining the feedback corresponding to the availability comprises: 10in response to the event information indicating that the target file is not accessed by a further client during a period of time, determining that the feedback corresponding to the availability is a negative feedback (NEVATIA see para 0021, 0027 ,  the attributes can be used to describe users a name, role, clearance level, job title, organization, department, and/or the like, resources, a data type, sensitivity level, classification, and/or the like, contexts., a location, time, , actions read, delete, modify, view, and/or the like, in an ABAC scheme, a PBAC scheme, and/or the like, policies can be defined to control access to resources based on certain combinations of attributes, the security monitoring platform perform the dimensionality reduction using a principal component analysis technique to determine a linear mapping of the historical data to a lower-dimensional space, using a non-negative matrix factorization to decompose a non-negative matrix to a product of two non-negative matrices, the security monitoring platform may perform feature hashing to transform the historical data into numeric values to enable certain machine learning algorithms that may depend on having a numeric representation of data to facilitate processing and statistical analysis).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of LEV in view of Little with the teaching of NEVATIA, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 5 and 15;

As per claims 7 and 17,
LEV in view of Little teaches the method of claim 5, wherein the availability indicates that the client is allowed to be 15granted the permission, and wherein determining the feedback corresponding to the availability comprises: in response to the event information indicating that the permission is maintained during a period of time, determining that the feedback corresponding to the availability is a positive feedback; and 20in response to the event information indicating that the permission is disabled during the client accessing the target file, determining that the feedback corresponding to the availability is a negative feedback ( NEVATIA see para 0036, 0037, the probability scores that are determined using the access rights data model may generally be dependent upon a particular time or environmental state that existed at a time that the access rights data model was trained, access control policies that affect user access rights within the cloud applications may change from time to time, and these policy changes may lack a basis in the historical data that was used to train the access rights data model, the security monitoring platform performs actions to maintain, revoke, elevate, or otherwise revise user access rights based on the trained access rights data model over time, the reinforcement learning techniques enable the security monitoring platform to perform self-learning through feedback data that rewards or penalizes the actions that are performed based on whether the feedback data indicates that the actions were correct or incorrect).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of LEV in view of Little with the teaching of NEVATIA, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 5 and 15;

As per claims 8 and 18,
LEV in view of Little in view of NEVATIA teaches the method of claim 7, wherein amounts of the positive feedback and the negative 25feedback depend on at least one of a type of the permission and duration of the permission ( NEVATIA see para 0036, 0037, the probability scores that are determined using the access rights data model may generally be dependent upon a particular time or environmental state that existed at a time that the access rights data model was trained, access control policies that affect user access rights within the cloud applications may change from time to time, and these policy changes may lack a basis in the historical data that was used to train the access rights data model, the security monitoring platform performs actions to maintain, revoke, elevate, or otherwise revise user access rights based on the trained access rights data model over time, the reinforcement learning techniques enable the security monitoring platform to perform self-learning through feedback data that rewards or penalizes the actions that are performed based on whether the feedback data indicates that the actions were correct or incorrect).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the teaching of LEV in view of Little with the teaching of NEVATIA, and the motivation to combine the teachings will be the same a stated above for the motivation with relation to claims 5 and 15;
 
As per claims 9 and 19,
LEV in view of Little teaches the method of claim 1, yet fails to teach wherein the decision model is a model based on reinforcement learning.  
In a similar field of endeavor NEVATIA teaches wherein the decision model is a model based on reinforcement learning (NEVATIA, see para 0039 as shown in fig 1C, the security monitoring platform apply the one or more reinforcement learning techniques to update the access rights data model based on the feedback received from the client device, the reinforcement learning technique(s) may include a deep Q-network (DQN) learning technique, a Q-learning technique, a Markov decision process (MDP), and/or the like, the reinforcement learning technique may be based on a lookup table a Q-table that includes a set of possible states and a set of actions that are possible for each state, the set of possible states correspond to a mapping between a set of features and a particular access level and/or the like, and the set of actions may include maintaining, revising, revoking, elevating, and/or modifying the access level).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the code provisioning system of LEV in view of Little with the teaching of NEVATIA, as doing so would provide an efficient method for security monitoring platform may apply a reinforcement learning technique to update the access rights data model based on feedback related to the one or more actions (NEVATIA see para 0002-0003).

As per claim 23
LEV in view of Little teaches the method of claim 5, yet fails to teach wherein determining the feedback corresponding to the availability further comprises: determining as the feedback a reward in response to a period of time during which the permission is maintained; wherein the reward has a first value in the event that a break in the permission happens before the period of time during which the permission is maintained reaches an average permission duration; wherein the reward has a second value in the event that a break in the permission happens after the period of time during which the permission is maintained reaches the average permission duration; and wherein the first value is less than the second value.
In a similar field of endeavor NEVATIA teaches wherein determining the feedback corresponding to the availability further comprises: determining as the feedback a reward in response to a period of time during which the permission is maintained; wherein the reward has a first value in the event that a break in the permission happens before the period of time during which the permission is maintained reaches an average permission duration ( NEVATIA see para 0036, 0037, the probability scores that are determined using the access rights data model may generally be dependent upon a particular time or environmental state that existed at a time that the access rights data model was trained, access control policies that affect user access rights within the cloud applications may change from time to time, and these policy changes may lack a basis in the historical data that was used to train the access rights data model, the security monitoring platform performs actions to maintain, revoke, elevate, or otherwise revise user access rights based on the trained access rights data model over time, the reinforcement learning techniques enable the security monitoring platform to perform self-learning through feedback data that rewards or penalizes the actions that are performed based on whether the feedback data indicates that the actions were correct or incorrect); 
wherein the reward has a second value in the event that a break in the permission happens after the period of time during which the permission is maintained reaches the average permission duration; and wherein the first value is less than the second value (NEVATIA, see para 0041, a state-action pair in the lookup table may be initialized based on a score that represents the probability that the current access level assigned to the at least one user is correct and the exploration and exploitation technique to update the score associated with the state-action pair based on the feedback by applying a reward that increase the score as the second value based on the feedback indicating that the modification to the current access level is approved or by applying a penalty  that  decreases the score as the first value based on the feedback indicating that the modification to the current access level is revised or rejected).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the code provisioning system of LEV in view of Little with the teaching of NEVATIA, as doing so would provide an efficient method for security monitoring platform may apply a reinforcement learning technique to update the access rights data model based on feedback related to the one or more actions (NEVATIA see para 0002-0003).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANJOY K ROY whose telephone number is (571)270-0675.  The examiner can normally be reached on 9 AM - 5 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas Taylor can be reached on 571-272-3889.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/SANJOY ROY/
Examiner, Art Unit 2443


/NICHOLAS R TAYLOR/Supervisory Patent Examiner, Art Unit 2443