DETAILED ACTION
Responsive to the Applicant reply filed on 10/04/2022, Applicant’s amendments to claims have been entered and respective arguments carefully considered and responded in the following.  Claims 1-2, 4-11, 13-16, and 18-20 are pending with claims 1, 9, and 10 being in independent form.  Claims 3, 12, and 17 are cancelled by this amendment.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Specification
The disclosure is objected to because of the following informalities:
At par. 0056, the specification describes an example to show a second evaluation graph representing a personal relationship between users who can access the resources.  It seems that in the example, [staff members] A and B are located under a leader of a base location A, a [staff member] C is located under a leader of a base location B and both leaders are located under a manager.  However, it appears that the word “stuff” in par. 0056 should have been spelled “staff.”
Appropriate correction is required.

Drawings
The drawings are objected to because FIG. 2 contain misspelled the word.  it appears that the word “stuff” in par. 0056 should have been spelled “staff.”  Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Response to Arguments
The claim amendments and remarks filed by the Applicant on 10/04/2022, have been carefully considered and are responded in the following.

In response to the Applicant arguments, page(s) 8 of the Remarks, regarding Claims 1-20 being rejected on the ground of obviousness double patenting, the applicant relies on the argument over Sharma (2019/0286721).  However, Sharma discloses a second evaluation graph representing a personal relationship between users who can access the resources, wherein in the second evaluation graph, a user having an access right to the resources is represented as a node and an inter-user relationship through which an exchange of a medium can be performed is represented as a link.  See detailed discussion in the following. It is noted that Applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.  Accordingly, the rejection remains.

In response to the Applicant arguments, page(s) 8, regarding objections, the amendments have resolved the issues. Therefore, the objections are withdrawn.  However, the amendment made on 10/04/2022 has raised a new issue that causes objections. See the following Office action for details.

In response to the Applicant arguments, page(s) 8-9, regarding Claims 1-20 being rejected under 35 U.S.C. 101, the amendments and the arguments are not persuasive, because the amended claims are essentially directed to graph drawing that may be performed mentally when the claims are given broadest reasonable interpretation.  The link representing an inter-user relationship through which an exchange of a medium can be performed, when drawn in graph, is simply a line for connecting the nodes representing users.  This kind of line for connection may be mentally performed with or without aid of a computer.  Claims can recite a mental process even if they are claimed as being performed on a computer. The Supreme Court recognized this in Benson, determining that a mathematical algorithm for converting binary coded decimal to pure binary within a computer’s shift register was an abstract idea. The Court concluded that the algorithm could be performed purely mentally even though the claimed procedures "can be carried out in existing computers long in use, no new machinery being necessary." 409 U.S at 67, 175 USPQ at 675. See also Mortgage Grader, 811 F.3d at 1324, 117 USPQ2d at 1699 (concluding that concept of "anonymous loan shopping" recited in a computer system claim is an abstract idea because it could be "performed by humans without a computer").
Here is another example of an abstract idea of performing a mental process on a generic computer - Voter Verified, Inc. v. Election Systems & Software, LLC, 887 F.3d 1376, 1385, 126 USPQ2d 1498, 1504 (Fed. Cir. 2018). In this case, the Federal Circuit relied upon the specification in explaining that the claimed steps of voting, verifying the vote, and submitting the vote for tabulation are "human cognitive actions" that humans have performed for hundreds of years. The claims therefore recited an abstract idea, despite the fact that the claimed voting steps were performed on a computer. 887 F.3d at 1385, 126 USPQ2d at 1504. Another example is Versata, in which the patentee claimed a system and method for determining a price of a product offered to a purchasing organization that was implemented using general purpose computer hardware. 793 F.3d at 1312-13, 1331, 115 USPQ2d at 1685, 1699. The Federal Circuit acknowledged that the claims were performed on a generic computer, but still described the claims as "directed to the abstract idea of determining a price, using organizational and product group hierarchies, in the same way that the claims in Alice were directed to the abstract idea of intermediated settlement, and the claims in Bilski were directed to the abstract idea of risk hedging." 793 F.3d at 1333; 115 USPQ2d at 1700-01.
Regarding the claimed invention, there is nothing in the claims themselves that foreclose graph drawing steps from being performed by a human mentally, even when the claims are attached to a general-purpose computer.  Therefore, the applicant arguments are not persuasive.

In response to the Applicant’s remarks, pages 9-10, regarding the claim interpretation under 35 USC 112(f), the amendments have resolved the issues. Therefore, the claims are no longer interpreted under 35 USC 112(f).

In response to the Applicant arguments, page(s) 9-10, regarding claim rejections under 35 U.S.C. 112(b), the amendments for claims 13 and 18 are inconsistent with the remarks in the last paragraph of page 10. Therefore, the rejections of claims 13 and 18 remain.

Applicant’s arguments, page 10 of the Remarks, with regards to claim rejections under 35 U.S.C. § 103 have been considered carefully. 
Applicant argues the Sharma reference with respect to Claims 1, 9, and 10, now incorporating limitations from claims 3, 12, and 17, respectively.
In response, the Examiner respectfully disagrees because, Sharma clearly discloses generating graphs that contain nodes and edges linking two nodes wherein the edges are mapped to the link in the instant application; see par. 0006.  In Sharma, the nodes and the directed edges connecting the nodes may depict relationships existing between the attributes included in the one or more resource profiles. For example, the graph representative of an employee profile may depict the employment history of a user including, for example, relationships between different designations as the user transitions between jobs; par. 0023.  Therefore, the edge in Sharma is similar to the link representing an inter-user relationship in terms of job profiles; par. 0038-0039.  Sharma’s jobs are resource that the user can access.  As shown in FIG. 3C, different resource profiles including, for example, job profiles, employee profiles, and/or the like are generated as a graph.  As such, the resulting graph 360 may depict the transitions between designations (or job sites) undertaken by various different employees as well as the skills required to qualify for these designations.  It is evident that Sharma discloses a user relationship group where the user has an access right to the resources (i.e., jobs).  The user or user’s job destination is represented as a node linking to another node for an exchange of a attributes (or medium) for the transitions between designations undertaken by various different users/employees; see par. 0038-0040.  Therefore, Sharma disclose the limitation “wherein in the second evaluation graph, a user having an access right to the resources is represented as a node and an inter-user relationship through which an exchange of a medium can be performed is represented as a link” of claim 1.  Applicant’s arguments are not persuasive.


Claim Objections
Claims 13 and 18 are objected to because of the following informalities:  
Claims 13 and 18 each recited a limitation for “the resource” in singular form in the clause “storing information of a user who has a use right of the resource” while the claims later recite a plural form limitation “the resources.”  The Examiner suggests changing the limitation for “the resource” to “the resources.”  It is noted that claim 4 is consistent with Applicant remarks in the last paragraph of page 10.
Appropriate correction is required.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 1-20 are provisionally rejected on the ground of non-statutory double patenting as being unpatentable over claim 1-20 of co-pending Application No. 16/975908 (hereinafter “APP 908”) in view of Sharma (US 20190286721 A1). 

Regarding claim 1 (Currently Amended), APP 098 discloses: 
A security evaluation system (APP 908, CLM. 1: A security evaluation system) comprising: 
at least a processor; and a memory in circuit communication with the processor, wherein the processor is configured to execute program instructions stored in the memory to: 
that are a target for security evaluation (APP 908, CLM. 1: a first graph generation part that generates a first evaluation graph representing a connection relationship between resources as a target for security evaluation); 
wherein the first evaluation graph and the second evaluation graph permit risk assessment of a computer system security incident on which basis a countermeasure can be undertaken as a result (APP 908, CLM. 1: a display part that displays the first evaluation graph and the second evaluation graph in association with each other).
However, APP 908 does not explicitly disclose that a connection relationship includes a personal relationship between users who can access the resources.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:
, wherein in the second evaluation graph, a user having an access right to the resources is represented as a node and an inter-user relationship through which an exchange of a medium can be performed is represented as a link (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations).
Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify APP 908 with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.
Independent claims 9 and 10 are similarly rejected for the same reason as shown above for claim 1.
Dependent claims 2, 4-8, 11, 13-16, and 18-20 capture similar limitations of the corresponding claims of APP 908 and are obvious variants of the same subject matter as found in the reference application, and thereby rejected under the judicially created doctrine of obviousness-type double patenting.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):

(B)  CONCLUSION—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 


Claims 13 and 18 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

Claims 13 and 18 each recite two elements “use right of the resource” (singular form) and “the use right of the resources” (plural form) unclearly, causing confusion whether or not they are the same.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-2, 4-11, 13-16, and 18-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more.
The rationale for this determination is explained below:  
First – following Step 1 of the guidance, claims 1-20 are directed to a system and method comprising a series of functional steps or a non-transitory computer readable medium.  Therefore, the claimed invention falls into one of the four statutory categories.
Secondly – following Step 2 of the guidance, claims 1-20 are analyzed for its underlying inventive concept with a new two-prong inquiry (1) does the claim recite an abstract idea, law of nature, or natural phenomenon, and/or judicial exceptions? And (2) does the claim recite additional elements that integrate the judicial exception into a practical application?
It is determined that claimed invention is directed to an abstract idea or at least one of the judicial exceptions, because the concept of the invention is basically drawing graphs to show relationships between resource; the first prone of the inquiry.  The idea of the invention is similar to well-known mental processes, such as concepts performed in the human mind (including an observation, evaluation, judgment, opinion).
Regarding the second prone, the identified additional elements such as a computer-readable non-transient recording medium to integrate the idea of “graph generation” into a practical application.  The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception.  Further, the claim does not recite an improvement to another technology or technical field, an improvement to the functioning of the computer itself, or meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment.  Therefore, the claim is abstract without significantly more.
Dependent claims 2, 4-8, 11, 13-16, and 18-20, when analyzed individually or as a whole, are held to be patent ineligible under 35 U.S.C. 101 because, the additional recited limitation(s) fail(s) to amount to “significantly more” than the judicial exception, and thereby non-statutory.

Please see “The 2019 Revised Patent Subject Matter Eligibility Guidance (or “2019 PEG” for short) published in January 2019 at USPTO Website.  Note that the groupings of abstract ideas in the 2019 PEG are not the same as those on the Abstract Ideas QRS or in the MPEP. The groupings in the 2019 PEG should be FOLLOWED for identifying abstract ideas. The 2019 PEG does not change the analysis at Step 2B which pertains to an improvement to conventional functioning of a computer or to technological processes; see also MPEP 2106.05(a).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claims 1-2, 4-11, 13-16, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Muller (US 20150106941 A1) in view of Sharma (US 20190286721 A1).

 As per claim 1 (Currently Amended), Muller teaches A security evaluation system[[,]] comprising: 
at least a processor (par. 0018); and 
a memory in circuit communication with the processor, wherein the processor is configured to execute program instructions stored in the memory (par. 0020) to: 
that are a target for security evaluation (Muller, FIG. 1 shows a graphical representation of resources in a facility and their connections; see par. 0012-0014 for nodes 16 representing areas and arcs 18 and pathways as a connection relationship between resources for security evaluation); 
wherein the first evaluation graph and the second evaluation graph permit risk assessment of a computer system security incident on which basis a countermeasure can be undertaken as a result (Muller, par. 0021: User interface 28 [presented] to a user (e.g., displaying visual images, graphs; and par. 0057: the graphical user interface may display a graph.  In FIG. 1, Muller shows notes and arcs/links connecting cyber elements to physical elements; for example, The cyber and physical portions of the system are modeled as connected graphs with the nodes 16 and arcs 18 in the embodiment shown in FIG. 1; par. 0014. Muller also discloses the connected graphs permit risk assessment; par. 0015. Muller also discloses using the graphs for security evaluation and providing information regarding a security risk of a facility; par. 0015-0017).  
However, Muller does not explicitly disclose that a second evaluation graph representing a personal relationship between users who can access the resources and using a link to represent an inter-user relationship.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:
, wherein in the second evaluation graph, a user having an access right to the resources is represented as a node and an inter-user relationship through which an exchange of a medium can be performed is represented as a link (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations. In Sharma, employees are users and jobs are resources.  Graph nodes are connected by edges; see FIG. 3C and par. 0023 and 0026-0027).
Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify Muller with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  Sharma’s graph can be used to substitute Muller’s cyber graph to for the second graph representing a personal relationship between users who can access the resources. For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.


As per claim 2 (Currently Amended), the references as combined above teach the security evaluation system according to claim 1, wherein the further represents a data exchange path between the resources that is generated the connection information between the resources Muller, par. 0013-0014: DMZ, firewall to safeguard … facility 10 may be modeled and utilized to simulate attacks of an adversary upon a target of the facility).  

3. (Cancelled)  

As per claim 4 (Currently Amended), the references as combined above teach the security evaluation system according to claim 1, wherein the processor is configured to execute the program instructions to further: first evaluation graph further includes the user who has the use right of the resources, as additional information of the first evaluation graph (Muller, par. 0032: granting facility wide access to all password controlled lock; par. 0044 and 0053-0054: restrict an adversary from traveling).  

As per claim 5 (Currently Amended), the references as combined above teach the security evaluation system according to claim 1, wherein the processor is configured to execute the program instructions to further: the resources [[as]] that are [[a]] the target for the security evaluation[[,]]; and the attack graph in association with the first evaluation graphMuller, par. 0014, 0022, and 0032: simulate attacks of an adversary upon a target of the facility; par. 0057: the graphical user interface may display a graph, for example as shown in FIG. 1, and the relevant information during the execution of the model during an iteration (e.g., display event detection, response initiation, the path the adversary chooses).  

As per claim 6 (Currently Amended), the references as combined above teach the security evaluation system according to claim 1, wherein the processor is configured to execute the program instructions to further: ; and[[,]] the [[a]] resources corresponding to the display condition of the first evaluation graph and the second evaluation graph corresponding to the resources or an attack graph related to the resources (Muller, par.0021-0024: receiving inputs from the user …[for displaying a resource on graph for analysis], for example, defining the physical and cyber architectures of a facility to be analyzed; par. 0026 and 0031: safeguard IDs … to model multiple safeguards existing on a single pathway).  

As per claim 7 (Currently Amended), the references as combined above teach the security evaluation system according to claim 1, wherein the processor is configured to execute the program instructions to further: ; and  the [[a]] user corresponding to the display condition of the second evaluation graph, a partial graph of the first evaluation graph related to the user, and an attack graph related to the partial graph (Muller, par.0021-0024: receiving inputs from the user …[for displaying a resource on graph for analysis], for example, defining the physical and cyber architectures of a facility to be analyzed; par.0062-0063: displaying graphical information for a user interface).  

As per claim 8 (Currently Amended), the references as combined above teach the security evaluation system according to claim 2, wherein the processor is configured to execute the program instructions to further: receive[[s]] designation of the data exchange path; anddisplay the first evaluation graph without [[a]] the data the data exchange pathMuller, par.0021-0024: receiving inputs from the user …[for displaying a resource on graph for analysis], for example, defining the physical and cyber architectures of a facility to be analyzed; par. 0026-0028: impeding or delaying the adversary).  

As per claim 9 (Currently Amended), Muller teaches A security evaluation method[[,]] performed by a computer, comprising: 
generating a first evaluation graph representing a connection relationship between resources [[as]] that are a target for security evaluation (Muller, FIG. 1 shows a graphical representation of resources in a facility and their connections; see par. 0012-0014 for nodes 16 representing areas and arcs 18 and pathways as a connection relationship between resources for security evaluation); 
displaying the first evaluation graph and the second evaluation graph in association with each other, wherein the first evaluation graph and the second evaluation graph permit risk assessment of a computer system security on which basis a countermeasure can be undertaken as a result (Muller, par. 0021: User interface 28 [presented] to a user (e.g., displaying visual images, graphs; and par. 0057: the graphical user interface may display a graph.  In FIG. 1, Muller shows notes and arcs/links connecting cyber elements to physical elements; for example, The cyber and physical portions of the system are modeled as connected graphs with the nodes 16 and arcs 18 in the embodiment shown in FIG. 1; par. 0014. Muller also discloses the connected graphs permit risk assessment; par. 0015. Muller also discloses using the graphs for security evaluation and providing information regarding a security risk of a facility; par. 0015-0017).  
However, Muller does not explicitly disclose that a second evaluation graph representing a personal relationship between users who can access the resources and using a link to represent an inter-user relationship.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:
generating a second evaluation graph representing a personal relationship between users who can access the resources, wherein in the second evaluation graph, a user having an access right to the resources is represented as a node and an inter-user relationship through which an exchange of a medium can be performed is represented as a link (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations. In Sharma, employees are users and jobs are resources.  Graph nodes are connected by edges; see FIG. 3C and par. 0023 and 0026-0027).
Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify Muller with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  Sharma’s graph can be used to substitute Muller’s cyber graph to for the second graph representing a personal relationship between users who can access the resources. For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.


As per claim 10 (Currently Amended) Muller teaches A computer-readable non-transient recording medium recording a program, the program[[,]] causing a computer comprising a processor and a recording device to perform a process comprising:
generating a first evaluation graph representing a connection relationship between resources [[as]] that are a target for security evaluation (Muller, FIG. 1 shows a graphical representation of resources in a facility and their connections; see par. 0012-0014 for nodes 16 representing areas and arcs 18 and pathways as a connection relationship between resources for security evaluation); 
displaying the first evaluation graph and the second evaluation graph in association with each other, wherein the first evaluation graph and the second evaluation graph permit risk assessment of a computer system security on which basis a countermeasure can be undertaken as a result (Muller, par. 0021: User interface 28 [presented] to a user (e.g., displaying visual images, graphs; and par. 0057: the graphical user interface may display a graph).  
However, Muller does not explicitly disclose that in a second graph a connection relationship includes a personal relationship between users who can access the resources.  This aspect of the claim is identified as a difference.
In a related art, Sharma teaches:

generating a second evaluation graph representing a personal relationship between users who can access the resources, wherein in the second evaluation graph, a user having an access right to the resources is represented as a node and an inter-user relationship through which an exchange of a medium can be performed is represented as a link (Sharma, par. 0023: the graph representative of …the employees currently associated with each designation within the organization, the transition of employees between different designations, the retention rate and/or attrition rate associated with different designations within the organization; par. 0038-0040: the graph 360 may also depict the employees currently associated with each of the plurality of designations as well as the skills required to qualify for these designations).
 Sharma is analogous art to the claimed invention in a similar field of endeavor in improving graphs to display relationship between users/employees who can access the organizational resources.  Thus, it would have been obvious to one of ordinary in the art, before the effective filing date of the claimed invention, to modify Muller with Sharma’s teaching on graphs that represent a personal relationship between users or employees who can access the resources, for example, job designations.  Sharma’s graph can be used to substitute Muller’s cyber graph to for the second graph representing a personal relationship between users who can access the resources. For this combination, the motivation would have been to improve connections of nodes in graph that represent relationship between users.

As per claim 11 (Currently Amended), the references as combined above teach the method according to claim 9, wherein the first evaluation graph further represents a data exchange path between the resources that is generated the connection information between the resourcesMuller, par. 0013-0014: DMZ, firewall to safeguard … facility 10 may be modeled and utilized to simulate attacks of an adversary upon a target of the facility).  

12 (Cancelled)  

As per claim 13 (Currently Amended), the references as combined above teach the method according to claim 9, further comprising: the first evaluation graph further includes the user who has [[a]] the use right of the resources as additional information of the first evaluation graphMuller, par. 0032: granting facility wide access to all password controlled lock; par. 0044 and 0053-0054: restrict an adversary from traveling).  

As per claim 14 (Currently Amended), the references as combined above teach the method according to claim 9, further comprising: the resources [[as]] that are [[a]] the target for the security evaluation[[,]]; attack graph in associate with the first evaluation graphMuller, par. 0014, 0022, and 0032: simulate attacks of an adversary upon a target of the facility; par. 0057: the graphical user interface may display a graph, for example as shown in FIG. 1, and the relevant information during the execution of the model during an iteration (e.g., display event detection, response initiation, the path the adversary chooses).  

As per claim 15 (Currently Amended), the references as combined above teach the method according to claim 9, further comprising: receiving a display condition including at least one designation of ID of the resources or type of the resources; and[[,]] the [[a]] resource corresponding to the display condition of the first evaluation graph and the second evaluation graph corresponding to the resource or an attack graph related to the resourcesMuller, par. 0026 and 0031: safeguard IDs … to model multiple safeguards existing on a single pathway).  

As per claim 16 (Currently Amended), the references as combined above teach the medium according to claim 10, wherein the first evaluation graph further represents a data exchange path between the resources that is generated the connection information between the resources Muller, par. 0013-0014: DMZ, firewall to safeguard … facility 10 may be modeled and utilized to simulate attacks of an adversary upon a target of the facility).  
 
17 (Cancelled)  

As per claim 18 (Currently Amended), the references as combined above teach the medium according to claim 10, wherein the process further comprisesthe first evaluation graph further includes the user who has [[a]] the use right of the resources as additional information of the first evaluation graphMuller, par. 0032: granting facility wide access to all password controlled lock; par. 0044 and 0053-0054: restrict an adversary from traveling).  

As per claim 19 (Currently Amended), the references as combined above teach the medium according to claim 10, wherein the process further comprisesthe resources [[as]] that are [[a]] the target for the security evaluation[[,]]; attack graph in associate with the first evaluation graphMuller, par. 0014, 0022, and 0032: simulate attacks of an adversary upon a target of the facility; par. 0057: the graphical user interface may display a graph, for example as shown in FIG. 1, and the relevant information during the execution of the model during an iteration (e.g., display event detection, response initiation, the path the adversary chooses).  

As per claim 20 (Currently Amended), the references as combined above teach the medium according to claim 10, wherein the process further comprises; and[[,]] the [[a]] resource corresponding to the display condition of the first evaluation graph and the second evaluation graph corresponding to the resource or an attack graph related to the resourcesMuller, par. 0026 and 0031: safeguard IDs … to model multiple safeguards existing on a single pathway).

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Don Zhao whose telephone number is (571)272-9953.  The examiner can normally be reached on 9 am to 5 pm Monday thru Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/Don G Zhao/
Examiner, Art Unit 2493
11/30/2022