Obviousness

A Person Having Ordinary Skill in the Art (POSA) in the context of US Patent 11722554 would be an individual with practical experience and knowledge in network administration, cloud computing, cybersecurity, and data visualization or graph theory. This individual would be familiar with existing tools and methods for managing and analyzing network infrastructure, particularly in distributed cloud environments.

The background section of US11722554 describes various existing network analysis solutions and their limitations, which a POSA would be aware of and motivated to overcome. These descriptions serve as the basis for identifying prior art concepts for the purpose of this obviousness analysis.

Prior Art References (as described in US11722554 Background):

• Reference A (Manual and Specialized Network Analysis): This includes "manual review of devices, connections, and networks" and "solutions directed to the monitoring of specific device types, such as, for example, firewall control systems," or "protocol-specific analysis solutions." These solutions are noted for being thorough for individual elements but prohibitive for large networks, or failing to provide streamlined monitoring for diverse devices and protocols.
• Reference B (Protocol-Agnostic Traffic Management): These solutions "provide for overall traffic management" but are criticized for being "over-broad, providing irrelevant or redundant information," requiring "specification of connections to monitor," and failing to provide "device-specific insights" or "integrated device and connection analysis."
• Reference C (Cloud Network Complexity and Vulnerabilities): The general state of "large, multi-layered network systems," particularly "code-to-cloud systems" in "cloud environments," which are increasingly vulnerable to "cyber-threats" and present difficulties in "management of network access and use." This reference highlights the problem space the invention seeks to address.
• Reference D (Graph Representation and Relationships): The core concept of representing networks as graphs with interconnected objects and relationships is implicitly acknowledged by the patent's "Prior art keywords" (network, objects, graph, relationships, identified) and is a foundational aspect of network engineering.
• Reference E (Data Tagging): The general concept of associating labels or tags with data or objects for organization, categorization, searching, and filtering is a well-known technique in data management and information retrieval. The patent itself describes tagging as enabling "enriched querying."

Obviousness Analysis under 35 U.S.C. § 103:

The independent claims of US11722554, such as Claim 1, outline a method for determining abnormal configurations by: (1) collecting network object data in a cloud environment; (2) constructing a visual network graph; (3) determining relationships; (4) analyzing to generate insights (abnormal connections); and (5) tagging network objects for which insights are generated. A POSA would have found it obvious to combine the prior art references described above to arrive at the claimed invention, driven by the explicit problems identified in the patent's background.

Combination 1: Reference A + Reference B + Reference C + Reference D (Covers Claim 1, elements 1-4)

• Motivation: A POSA, faced with the significant challenges of managing and securing "large, distributed network systems" and "multi-layer network systems" in "cloud environments" (Reference C), would immediately recognize the limitations of existing "manual review," "specific device type monitoring," "protocol-specific analysis" (Reference A), and "protocol-agnostic solutions" (Reference B). These prior art approaches are described as insufficient for integrated analysis, often providing irrelevant information, or being too time-consuming.
  • To overcome these deficiencies, a POSA would be motivated to adopt a more comprehensive and visual approach. Representing complex networks using a "network graph" (Reference D) is a known and intuitive method for visualizing interconnections and relationships. Therefore, it would be obvious to take the network object data collected by existing methods (Reference A and B's data collection aspects) and use it to "construct a network graph" (Claim 1, element 2) that includes a "visual representation of network objects" to better understand the network's topology and "determine relationships between the identified network objects" (Claim 1, element 3).
  • Once a comprehensive graph is available, the natural progression for a POSA concerned with "new vulnerabilities" and "management of network access and use" (Reference C) would be to "analyze the network graph and the determined relationships to generate insights" (Claim 1, element 4). This analysis would specifically target "abnormal connections" to address the critical security and configuration issues that prior art solutions failed to adequately detect or integrate. The patent's background explicitly calls out the failure of prior solutions to provide "device-specific insights" and "integrated device and connection analysis," directly motivating the claimed analysis step.

Combination 2: Combination 1 + Reference E (Covers Claim 1, element 5)

• Motivation: Having generated valuable insights, such as lists of abnormal connections, from the network graph analysis, a POSA would seek to make these insights actionable and easily manageable. In any system dealing with large amounts of data or numerous objects, "tagging" or labeling (Reference E) is a conventional and well-understood technique for categorization, organization, search, and filtering. The patent itself states that "tagging of network objects at S 250 may provide for enriched querying of graphs."
  • Therefore, it would be obvious for a POSA to apply this known data management technique to "tag network objects in the network graph for which the insight is generated" (Claim 1, element 5). This step directly enhances the utility of the generated insights, allowing administrators to efficiently query, filter, and track specific abnormal configurations or vulnerabilities identified by the system, thereby improving overall network security and administration.

In conclusion, the claimed invention, while addressing a real problem in cloud network security, combines known elements in a manner that would have been obvious to a POSA. The motivation for combining these elements is clearly articulated within the patent's own background section, which highlights the shortcomings of existing network analysis techniques and the pressing need for improved visibility and anomaly detection in complex, distributed cloud environments.