Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communications received 1/22/2021. Claims 26-45 are pending, claims 1-25 are cancelled in preliminary amendments received 1/22/2021.

Priority
The present application is a CON of 16684756 now US patent 10904269, which is a CON of 14912743, now US 10484398, and claims priority from provisional application filed on 9/29/2013.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 26-32 are rejected under 35 USC 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because the claims are directed to an apparatus comprising software only; the specification fails to describe a processor as including hardware and describes the network interface in an exemplary way as a combination of logical and physical interface. However, network interfaces have been described as including only the copy of a network interface software and device driver software. The examiner recommends to include in the claimed apparatus a piece of hardware such as a memory, hardware processor, a network interface including hardware ...

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claims 41-45 are rejected under 35 USC 112 d because the claims do not depend on a previously set forth claim. Claim 15 has been cancelled. For examination purposes, claims 41-45 will be considered as depending from claim 40. Correction is kindly requested.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 26-29, 32-36, 39-43  are rejected under 35 U.S.C. 103 as being unpatentable over US 20130104236 to Ray et al., hereinafter Ray, and further in view of US 20140109190 to Cam-Winget et al., hereinafter Cam-Winget. Ray and Cam-Winget are cited in IDS dated 1/22/2021.
Regarding claim 26, Ray discloses 
A computing apparatus (Fig. 2, [0085]: computers in enterprise wide network, Fig. 4 : Monitored and Controlled Elements MCE) , comprising: a network interface that receives a message from an enterprise service bus ([0085]: communicate using ESB;[0096]: messages are monitored by MCEs, including SBRAE (Fig.4)); and a processor configured to update a composite score for the object, at least in part based on the message ([0110]: threat information reduced to a number, probabilistic distribution, program, category; also SBRAE output a prioritized risk ([0129][0132]); perform a determination that an issue with the object has been encountered ([0110][0129] receive security threat state, warnings ...); and publish a security instruction over the enterprise service bus to an endpoint, at least in part based on the determination (Fig. 6, [0161][0162]: at each execution cycle, generate security instructions, adjust domain knowledge database with vulnerabilities adjustments for instance; [0167]: publish to all subscribers about security status and postures, the communications thru the ESB [0085]) ).
Although Ray discloses receiving specific data including situational awareness, operating system states ... ([0109]), Ray does not explicitly teach a reputation, and   the message having a topic for an object. In an analogous art, Cam-Winget discloses a plurality of computing elements ([0003]) connected thru a communication fabric (Fig. 1, [0011]).  The elements include different providers of content that publish different type of data e.g identity, flow, reputation data ... The communication fabric enables the elements operating as publishers to share data with elements acting as consumers or subscribers ([0013]); messages for publishing or subscribing include the type of data ([0032][0033] therefore Cam-Winget discloses reputation data and  the message having a topic for an object.   It would have been obvious to a skilled artisan at the time of the filing to use the teaching of Cam-Winget and include reputation data in the data used to compute the composite score of Ray , and include a topic for an object in the message because it would allow to verify whether the entity sending the request is authorized to publish (or consume) such type of data and would promote the authentication/authorization of the entities and their associated operations ([0020], ([0024]: ISE is not allowed to publish Netflow data).

Regarding claim 27, Ray in view of Cam-Winget discloses the computing apparatus of claim 26, wherein the issue is a security event, a security alert, a designation of the object as malware, or a security breach (Ray, [0129]: the issue is a change to one of the inputs including a threat state (security alert).

Regarding claim 28, Ray in view of Cam-Winget discloses the computing apparatus of claim 26, wherein the processor further is configured to subscribe to a private topic for the endpoint (Cam-Winget [0004][0015], Fig. 1: publish data such as identity, threat, reputation ... (private data), consume the data by subscription).

Regarding claim 29, Ray in view of Cam-Winget discloses the computing apparatus of claim 26, wherein the network interface receives a notification of a subscription of the endpoint to the topic for the object, and the processor further is configured to publish that the computing apparatus is subscribed to the topic (Cam-Winget Fig.3, step 190: subscription request,  step 210: subscribe successful); and distribute the message to the endpoint, at least in part based on the topic (Cam-Winget Fig 3 step 240).

Regarding claim 32, Ray in view of Cam-Winget discloses the computing apparatus of claim 26, wherein the security instruction includes an expiration (Ray, [0113][0114][0162]: the outcome of the risk analysis based on collected data is used to update a knowledge database periodically, on significant changes in the domains; it would have been obvious to a skilled artisan at the time of the filing to have the message include an expiry because it would ease the scheduling of updates).

Regarding claims 33 and 40, the claims recite substantially the same content as claim 26 and are rejected substantially by the rationales set forth for claim 26.
Regarding claims 34 and 41, the claims recite substantially the same content as claim 27 and are rejected substantially by the rationales set forth for claim 27.
Regarding claims 35 and 42, the claims recite substantially the same content as claim 28 and are rejected substantially by the rationales set forth for claim 28.
Regarding claims 36 and 43, the claims recite substantially the same content as claim 29 and are rejected substantially by the rationales set forth for claim 29.
Regarding claim 39, the claim recites substantially the same content as claim 32 and is rejected substantially by the rationales set forth for claim 32.


Claims 30, 37 and 44 are rejected under Ray and Cam-Winget, in view of publication titled “An efficient multicast protocol for content-based publish-subscribe systems”, by Banavar et al, IEEE, 1999, hereinafter Banavar.

Regarding claims 30, Ray in view of Cam-Winget discloses the computing apparatus of claim 26, wherein the security instruction is to block the object (Cam-Winget [0024]: unauthorized request is blocked).
Ray in view of Cam-Winget does not explicitly teach the object is broadcast to a plurality of devices. In an analogous art, Banavar disclose multicasting in a pub-sub environment by using the flooding approach, where data is flooded to all destinations (p. 2, on right). It would have been obvious to a skilled artisan at the time of the filing to broadcast data to subscribers as taught by Banavar because it is an efficient mean of delivering data particularly when the number of subscribers is limited.
Regarding claims 37 and 44, the claims recite substantially the same content as claim 30 and are rejected substantially by the rationales set forth for claim 30.


Claims 31, 38 and 45 are rejected under 35 USC 103 as being unpatentable over Ray, Cam-WInget , in view of US 20070130351 to Alperovitch et al., hereinafter Alperovitch. Alperovitch is cited in IDS dated 1/22/2021.
Regarding claims 31, Ray in view of Cam-Winget discloses the computing apparatus of claim 26; additionally, Ray discloses a pub-sub environment in which a request can be received and a response provided (Ray [0083][0084]). Cam-WInget also  teaches subscribing to topic such as identity, threat, reputation (Cam-Winget , Fig. 1, [0004][0015], and Fig. 3, step 230-240: query and receive response). The combination of Ray and Cam-Winget does not explicitly teach wherein the network interface receives a message having a request topic for a reputation of the object; and provides the composite reputation score via a message having a response topic for the reputation of the object.
In an analogous art, Alperovitch discloses security agents aggregating reputation data ([0007][0033][0040]), provided to a server, which determines a global reputation ([0060]), that is provided to entities querying the server for the global reputation ([0060][0063]). Therefore, Alperovitch discloses the limitations. It would have been obvious to a skilled artisan at the time of the filing of the invention to include reputation data in the data collected in the system of Ray, calculate a composite score and provide it to requesting entities as taught by Alperovitch because the transmitting of the  reputation data thru ESB within the enterprise network would allow to safely disseminate information (Ray, [0008]).
Regarding claims 38 and 45, the claims recite substantially the same content as claim 31 and are rejected substantially by the rationales set forth for claim 31.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
The following prior art of records disclose an Enterprise Service Bus (ESB) used to convey requests and receive responses:
Rogers et al 20100324942 ;  Oberhofer et al 20100169148 ; Jalinous 20080133300 ; Domenikos et al 20080103798.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        12/2/2022