DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 10/28/2022 has been entered.
 Response to Arguments
Applicant’s remarks filed on 10/28/2022 has been fully considered. 
Regarding claim[s] 1 – 20 under the various obviousness rejections, applicant’s remarks are moot because the new ground of rejection does not rely on all of the reference[s] applied in the prior rejection of record for any teaching or matter specifically challenged in the argument. Therefore, see the office action below. 
The examiner will respond to all other remarks that do not concern the prior art rejections, if any, in the office action below.
Response to Amendment
Status of the instant application:
Claim[s] 1 – 20 are pending in the instant application. 
Regarding claim[s] 1 – 20 under the various obviousness rejections, applicant’s claim amendments have been considered. Therefore, the rejections are withdrawn. However, there are new rejections on the claim[s] to address applicant’s newly added claim amendments. See the office action below. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
Claim[s] 1, 6, 8 – 10, 16, 17, 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hebert et al. [US PGPUB # 2021/0067551] in view of Alperovitch et al. [US PAT # 7949716], further in view of Girdhar et al. [US PGPUB # 20210089978]
As per claim 1. Hebert does teach a method [paragraph: 0013, lines 1 – 7, The examples described herein generally secure software applications against unauthorized access. Through the use of an identifier, the described examples allow detection and management of unauthorized users interacting with an application.], comprising: 
receiving, by a server, status information of a user event from one or more computing devices [paragraph: 0043, lines 6 – 10, Bob opens web browser 512 on client computer 514 and requests the home page “GET/”.[i.e. applicant’s user event] Bob is not yet authenticated, and therefore has not established a session, but a session cookie is assigned and stored. At this point, server computer(s) 502 have the following information: [0044] Session cookie: 793847892345 ], wherein the status information includes one or more of an indicator of a successful login, an indicator of a failed login, an indicator of a successful multifactor authentication, an indicator of a failed multifactor authentication, an indicator of a profile update [paragraphs: 0043 – 0056, specifically, at paragraphs: 0052 – 0056, at this point, server computer[s] 502 has the following information: session cookie: 79847892345, username: Bob, Fingerprint: a453bb345db56a3e], and metadata associated with the user event from the one or more computing devices [paragraphs: 0043 – 0056, session cookie: 79847892345 [i.e. applicant’s metadata associated with user event]];
updating, by the server, events based on a type of the status information received and storing the events in a data store [Figure # 5, and paragraph: 0034, lines 1 –16, FIG. 5 illustrates an identifier-based application security system 500 implemented on one or more server computer(s) 502. In system 500, functionality similar to proxy 108 of FIG. 1 is distributed among different components, including fingerprint agent 504, proxy 506, honeytoken manager 508, and IDP (identity provider module) 510.[i.e. applicant’s server] In a web application example, a user submits a request to establish an application session  through browser 512 running on client computer 514. The request can include one or more credentials [i.e. applicant’s status information], and IDP 510 authenticates the user based on the credentials. Fingerprint agent 504 [i.e. applicant’s server] determines a digital fingerprint for the user (e.g., for browser 512 and/or client computer 514) [i.e. applicant’s updating events based on type of the status information]. The fingerprint is stored in fingerprint storage 516. The fingerprint can be stored along with the username associated with the session request and/or a session cookie identifying the session request.].
	Hebert does not teach clearly determining, by the server, whether a problematic situation has occurred; and 
updating a reputation score of the user when the problematic situation is determined.
However, Alperovitch does teach determining, by the server, whether a problematic situation has occurred [col. 15, lines 49 – 54, Thus, it should be understood that reputation systems can be applied to identifying fraud in financial transactions. The reputation system can raise the risk score of a transaction depending on the reputation of the transaction originator or the data in the actual transaction (source, destination, amount, etc).]; and 
updating a reputation score of the user when the problematic situation is determined [col. 15, lines 49 – 54, Thus, it should be understood that reputation systems can be applied to identifying fraud in financial transactions. The reputation system can raise the risk score of a transaction depending on the reputation of the transaction originator].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Hebert and Alperovitch in order for the monitoring of the user requesting access to a web application thru a session from a client browser of the user by monitoring username, session cookie, and fingerprint of Hebert to include a real time internet protocol [IP] whitelist/blacklists of Alperovitch. This would allow for the monitoring and responding to the user’s session request and authentication data in real time. See col. 1, lines 63 – 66 and col. 2, lines 1 – 8 of Alperovitch.  
Hebert and Alperovitch do not clearly teach wherein the claim limitation of: “status information comprises a count of events, and in response to the count exceeding a threshold, updating the reputation score of the user comprises changing a risk amount in the reputation score of the user.”
However, Girdhar does teach “status information comprises a count of events, and in response to the count exceeding a threshold [paragraph: 0040, in some embodiments, when an API does not provide the metric or data point required in direct form, then access to data and/or events in log form may be analyzed, aggregated and calculated by the system to determine whether a certain threshold of events [i.e. applicant’s in response to the count exceeding a threshold] in time or quantity [i.e. applicant’s count of events] has occurred in order to indicate a change in status. An example would be when a certain number of specific types or classes of malware detection events are found within the Endpoint Protection event logs in a 24 hour time period.], updating the reputation score of the user comprises changing a risk amount in the reputation score of the user [Figure # 1, and paragraph: 0030, lines 4 – 11, The monitoring component uses a set of mappings to analyze software applications [i.e. applicant’s….. of a user] and/or individual data points against sets of pre-defined objectives to determine risk information for each organization [i.e. applicant’s….a risk amount]. The monitoring component 104 can determine a security status of the vendors, software applications, and/or organizational entity based on the received security status information, as discussed further herein.
Where further of Girdhar, at paragraph: 0069, Referring to step 414, once complete, the method 400 proceeds back to step 404. As described herein, the computing system can be configured such that it performs real – time collection of any new of modified security status information. In particular, the computing system can be configured to re-perform steps 404 – 414 upon receipt of new data [or when new data is available] and/or periodically, in order to provide a real – time, updated security score [i.e. applicant’s….. reputation score]].”
	It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Hebert as modified and Girdhar in order for the monitoring of the user requesting access to a web application thru a session from a client browser of the user by monitoring username, session cookie, and fingerprint of Hebert as modified to include a real time internet monitoring process of Girdhar. This would allow for the monitoring and responding to the user’s session request and authentication data in an automated - real time. See paragraphs: 0002, 0004, 0005 of Girdhar.
As per claim 6. Hebert does teach the method of claim 1, wherein the one or more computing devices include a user computing device used for accessing one or more sites or a computing device making the one or more sites available to the user [Hebert, paragraph: 0019, lines 6 – 9, Application 114 can be a web application accessed through a browser running on client computer 112 or an application accessible to client computer 112 locally or through a local network.].
As per claim 8. Hebert does teach the method of claim 1, wherein the status information comprises non-quantifiable data [Hebert, paragraph: 0020, lines 1 – 8, Session request 110 [i.e. applicant’s status information] includes at least one credential 116 and an identifier 118. Credential 116 can be, for example, a user name and/or password, a digital certificate, biometric information [i.e. applicant’s non – quantifiable data], single-sign-on token, or other credential.].
As per claim 9. Hebert does teach the method of claim 8, wherein the non-quantifiable data includes metadata defining authentication parameters [Hebert, Hebert, paragraph: 0020, lines 1 – 8, Session request 110 includes at least one credential 116 and an identifier 118. Credential 116 can be, for example, a user name and/or password, a digital certificate [i.e. applicant’s non – quantifiable data includes metadata defining authentication parameters],].
As per non – transitory computer readable storage medium claim 10 that includes the same or similar claim limitations as method claim 1, and is similarly rejected. 
***The examiner notes that applicant’s recited: “non-transitory computer readable storage medium,” “computer program instructions,” and “computer processor” is taught by the prior art of Hebert at paragraphs: 0130, 0131, respectively.
As per non – transitory computer readable storage medium claim 16 that includes the same or similar claim limitations as method claim 9, and is similarly rejected. 

As per system claim 17 that includes the same or similar claim limitations as method claim 1, and is similarly rejected. 
***The examiner notes that applicant’s recited: “non-transitory computer readable storage medium,” “program instructions,” and “processor” is taught by the prior art of Hebert at paragraphs: 0130, 0131, respectively. 
As per system claim 19 that includes the same or similar claim limitations as method claim[s] 8, 9, and is similarly rejected. 

Claim[s] 2, 11, 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hebert et al. [US PGPUB # 2021/0067551] in view of Alperovitch et al. [US PAT # 7949716] and Girdhar et al. [US PGPUB # 20210089978] as applied to claim[s] 1 above, and further in view of Kinsel et al. [US PGPUB # 2011/0321129]
As per claim 2. Hebert and Alperovitch and Girdhar do teach what is taught in the rejection of claim 1 above. 
Hebert and Alperovitch and Girdhar do not clearly teach the method of claim 1, wherein the profile update comprises an indicator of an identity-defining component that identifies an identity of an owner of the profile.
However, Kinsel does teach the method of claim 1, wherein the profile update comprises an indicator of an identity-defining component that identifies an identity of an owner of the profile [paragraph: 0010, lines 4 – 11].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Hebert as modified and Kinsel in order for the monitoring of the user requesting access to a web application thru a session from a client browser of the user of Hebert as modified to include visual image authentication of Kinsel. This would allow for the authentication of the user visually, rather than convention user name and password. See paragraph: 0008 lines 24 – 29 of Kinsel.  
As per non – transitory computer readable storage medium claim 11 that includes the same or similar claim limitations as method claim 2, and is similarly rejected. 

As per system claim 18 that includes the same or similar claim limitations as method claim 2, and is similarly rejected. 

Claim[s] 5, 15, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hebert et al. [US PGPUB # 2021/0067551] in view of Alperovitch et al. [US PAT # 7949716] and Girdhar et al. [US PGPUB # 20210089978] as applied to claim[s] 1 above, and further in view of Ting [US PGPUB # 2015/0113603]
As per claim 5. Hebert and Alperovitch and Girdhar do teach what is taught in the rejection of claim 1 above. 
Hebert and Alperovitch and Girdhar do not clearly teach the method of claim 1, wherein in response to determining the problematic situation has occurred, the method comprises requiring the user to reverify.
However, Ting does teach the method of claim 1, wherein in response to determining the problematic situation has occurred, the method comprises requiring the user to reverify [paragraph: 0041, lines 1 – 3, A user 102 may also be required to re-authenticate himself to the identification server 108 based on one or more trigger events].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Hebert as modified and Ting in order for the monitoring of the user requesting access to a web application thru a session from a client browser of the user of Hebert as modified to include filtering access requests, and filtering data policies governing requested data of Ting. This would allow for the prevention of the user from making specific user session requests with web applications, and preventing the user from viewing specific web applications.  See paragraph: 0005, lines 4 – 9 of Ting. 
As per non – transitory computer readable storage medium claim 15 that includes the same or similar claim limitations as method claim 5, and is similarly rejected. 

As per system claim 20 that includes the same or similar claim limitations as method claim 5, and is similarly rejected. 

Claim[s] 7, 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hebert et al. [US PGPUB # 2021/0067551] in view of Alperovitch et al. [US PAT # 7949716] and Girdhar et al. [US PGPUB # 20210089978] as applied to claim[s] 1 above, and further in view of Agrawal [US PGPUB # 2012/0291087]
As per claim 7. Hebert and Alperovitch and Girdhar do teach what is taught in the rejection of claim 1 above. 
Hebert and Alperovitch and Girdhar do not clearly teach the method of claim 1, comprising alerting the user of a change to the user's reputation score.
However, Agrawal does teach the method of claim 1, comprising alerting the user of a change to the user's reputation score [paragraph: 0036, lines 7 – 14, Alternatively, the detection system 122 may be configured to allow the data transfer, but generate an alert to notify the user or an administrator. In another embodiment, the detection system 122 generates an alert when the reputation scores is less than the reputation threshold. The alert may be provided to the user of the client computing system 102 to accept or deny the data transfer.].
It would have been obvious to one of ordinary skilled in the art before the effective filing date of the claimed invention to combine the teachings of Hebert as modified and Agrawal in order for the monitoring of the user requesting access to a web application thru a session from a client browser of the user of Hebert as modified to include data loss prevention policies [DLP] of Agrawal. This would allow for monitoring of users session request and access to web applications based on access enforcement policies.     See paragraph: 0005 of Agrawal. 
As per non – transitory computer readable storage medium claim 14 that includes the same or similar claim limitations as method claim 7, and is similarly rejected. 
Allowable Subject Matter
Claim 3, 4, 12, 13 contain allowable subject matter, but as allowable subject matter has been indicated, applicant's reply must either comply with all formal requirements or specifically traverse each requirement not complied with.  See 37 CFR 1.111(b) and MPEP § 707.07(a).
Claim[s] 3, 4, 12, 13 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
***The examiner points out that a reason’s for allowance will be written in the next subsequent office action when applicant incorporates the declared allowed subject matter of record. 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
	Trudel et al. [US PAT # 10055466], who does teach extrapolating trends in trust scores, where a trust score may reflect the trustworthiness, reputation, membership, status, and/or influence of the entity in a particular community or in relation to another entity.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANT SHAIFER - HARRIMAN whose telephone number is (571)272-7910. The examiner can normally be reached M - F: 9am to 5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on 571- 272- 3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/DANT B SHAIFER HARRIMAN/Primary Examiner, Art Unit 2434