DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment / Arguments
Regarding claims rejected under 35 USC 112(a):
Applicant’s amendment is considered to have overcome the applied rejection. Accordingly, the rejection has been withdrawn.
Regarding claims rejected under 35 USC 112(b):
Applicant’s arguments explaining the interpretation of “the first token identifier indicating a first type of PII for the first portion,” “the second token identifier indicating a second type of PII for the second portion,” “wherein the first token associated with the first token identifier indicates that the first portion is disclosable only,” and “wherein the second token associated with the second token identifier indicates that the second portion is disclosable only” have been fully considered and are persuasive. The rejection has been withdrawn; “indicating a first type of PII for the first portion,” “indicates that the first portion is disclosable only,” “indicating a second type of PII for the second portion,” and “indicates that the second portion is disclosable only” have been interpreted as statements of intended use concerning “the first token identifier,” “the second token identifier,” “the first token associated with the first token,” and “the second token associated with the second token identifier” respectively.
Regarding claims rejected under 35 USC 103:
A Applicant’s amendment is considered to have overcome the applied rejection. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Baig (US 2017/0201498 A1).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 3, 6-12, and 16-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Connolly (US 9,081,978 B1) in view of Gaeta (US 10,002,639 B1), Nagasundaram (US 2015/0112870 A1), Jain (US 2016/0119289 A1), and Baig (US 2017/0201498 A1).
Regarding claim 1, Connolly discloses: A system comprising: one or more computing devices, wherein the one or more computing devices comprises: memory to store instructions; and processing circuitry, coupled with the memory, operable to execute the instructions, that when executed, cause the processing circuitry to:
receive a [file or data stream];
Refer to at least 106 in FIG. 1 and Col. 12, Ll. 16-21 of Connolly with respect to received untokenized information, such as a file or data stream.
identify one or more personally identifiable information (PII) in the [file or data stream];
Refer to at least Col. 12, Ll. 38-63 of Connolly with respect to parsing the untokenized information for strings. Further refer to at least Col. 2, Ll. 50-61 of Connolly with respect to sensitive information including PII.
perform tokenization of a first PII from the one or more PII, the first PII comprising a first portion and a second portion,
Refer to at least Col. 5, Ll. 37-47 of Connolly with respect to tokenizing information in portions.
wherein the tokenization of the first PII comprises replacing the first portion of the PII with a first token and replacing the second portion with a second token, wherein the first and second tokens comprise non- sensitive information,
Refer to at least Col. 12, Ll. 64-Col. 13, LL. 12, Col. 14, Ll. 27-47 of Connolly with respect to tokenization (i.e., replacement of information with corresponding non-relatable tokens).
Refer to at least FIG. 1 and Col. 6, Ll. 27-33 of Connolly with respect to tokens for non-sensitive information.
and the first portion has a first access level, which is relative to a second access level associated with the second portion,
Refer to at least Col. 7, Ll. 7-33 of Connolly with respect to access control data associated with tokens, where different tokens and users have different access levels.
generate a tokenized [file or data stream], a tokenized video, or a tokenized image wherein the tokenized audio file, tokenized video, or tokenized image includes the first token in place of the first PII and the second token in place of the second PII;
Refer to at least FIG. 4 and Col. 11, Ll. 23-27 of Connolly with respect to the tokenized outcome as a separate file.
store the first PII in one or more secure databases or one or more secure storage devices,
Refer to at least Col 11, Ll. 25-27 of Connolly with respect to storing the original untokenized information in a secure datastore.
wherein the first portion is stored with a first token identifier associating the first portion with the first token, the first token identifier indicating a first type of PII for the first portion, and first mapping information to map the first token back to the first portion, and the second portion is stored with a second token identifier associating the second portion with the second token, the second token identifier indicating a second type of PII for the second portion, and second mapping information to map the second token back to the second portion;
Refer to at least Col. 4, Ll. 7-59 of Connolly with respect to token mapping data such as 1-to-1 mappings between tokens and strings in a key-value system. Refer to at least 128-130 and 122-116 in FIG. 1 of Connolly with respect to types of tokenized information.
determine whether (i) a user is requesting access to the [file or data stream] or (ii) the [file or data stream] is being provided to the user;
Refer to at least Col. 14, Ll. 55-67 and Col. 17, LL. 32-43 of Connolly with respect to a user requesting access to the tokenized information.
determine an access level of the user;
Refer to at least Col. 17, Ll. 44-47 of Connolly with respect to a determination of whether the user is permitted access based on access control data.
and (i) in response to the determination that the access level of the user meets a predefined access threshold level,
Refer to at least Col. 7, Ll. 7-33 and Col. 17, Ll. 44-Col. 18, Ll. 3 of Connolly with respect to determining user access levels.
dynamically generate an output comprising the first token from the tokenized [file or data stream] and the second portion of the first PH from the one or more secure databases or one or more secure storage devices such that the first portion of the first PH is tokenized by the first token and the second portion of the first PH is not tokenized and
Refer to at least FIG. 5, Col. 7, Ll. 7-33, and Col. 15, Ll. 57-Col.16, Ll. 9 of Connolly with respect to detokenizing based on whitelisted tokens and access control—e.g., partial detokenization.
(ii) in response to the determination that the access level of the user exceeds the predefined access threshold level,
Refer to at least Col. 7, Ll. 7-33 and Col. 17, Ll. 44-Col. 18, Ll. 3 of Connolly with respect to determining user access levels.
dynamically generate the output comprising the first portion and the second portion of the first PH from the one or more secure databases or one or more secure storage devices such that the first and second portions of the first PH are not tokenized, and
Refer to at least FIG. 9, Col. 7, Ll. 7-33, and Col. 15, Ll. 57-Col.16, Ll. 9 of Connolly with respect to detokenizing based on whitelisted tokens and access control—e.g., full detokenization.
Connolly does not specify: the [file or data stream] further comprising an audio file, a video, or an image; wherein the identification of the one or more PIIs performed by a machine learning model or a classification model; the first and second token identifiers respectively indicating what portion of the audio file, video, or image is being tokenized in the first portion and what portion of the audio file, video, or image is being tokenized in the second portion; wherein the first token associated with the first token identifier indicates that the first portion is disclosable only if the user exceeds the predefined access threshold level based on the first type of PII, and wherein the second token associated with the second token identifier indicates that the second portion is disclosable only if the user meets or exceeds the predefined access threshold level based on the second type of PII; wherein the first token and the second token each comprise a portion number indicating to which portion of the PII the first token and second token respectively correspond. However, Connolly in view of Gaeta discloses: the [file or data stream] further comprising an audio file, a video, or an image;
Refer to at least the abstract, FIG. 1-2, and Col. 2, Ll. 36-52 of Gaeta with respect to identifying PII in audio and/or video files for removal or alteration.
wherein the identification of the one or more PIIs performed by a machine learning model or a classification model;
Refer to at least the abstract, Col. 2, Ll. 26-35, and Col. 4, Ll. 13-23 of Gaeta with respect to identifying potential confidential information for redaction via machine learning.
The teachings of Connolly and Gaeta both concern redacting information from files, and are considered to be within the same field of endeavor and combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Connolly to further implement a machine learning model for identifying confidential information for at least the purpose of automation and particularly flagging the information for tokenization (i.e., improving efficiency). It further would have been obvious to implement specific file types such as audio and video because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time (i.e., the specific file and/or file format).
Connolly-Gaeta does not disclose: the first and second token identifiers respectively indicating what portion of the audio file, video, or image is being tokenized in the first portion and what portion of the audio file, video, or image is being tokenized in the second portion; wherein the first token associated with the first token identifier indicates that the first portion is disclosable only if the user exceeds the predefined access threshold level based on the first type of PII, and wherein the second token associated with the second token identifier indicates that the second portion is disclosable only if the user meets or exceeds the predefined access threshold level based on the second type of PII; wherein the first token and the second token each comprise a portion number indicating to which portion of the PII the first token and second token respectively correspond. However, Conolly-Gaeta in view of Jain discloses: the first and second token identifiers respectively indicating what portion of the audio file, video, or image is being tokenized in the first portion and what portion of the audio file, video, or image is being tokenized in the second portion.
Refer to at least [0041]-[0043] of Jain with respect to encoding sensitive data including an index or identifier associated with a particular tokenization context, such as a portion of sensitive data.
The teachings of Jain likewise concern tokenizing sensitive data, and are considered to be within the same field of endeavor and combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Connolly-Gaeta to further include an identifier associated with a portion of sensitive data for at least the purpose of improving detokenization (i.e., properly matching tokenized portions with their respective values).
Conolly-Gaeta-Jain does not disclose: wherein the first token associated with the first token identifier indicates that the first portion is disclosable only if the user exceeds the predefined access threshold level based on the first type of PII, and wherein the second token associated with the second token identifier indicates that the second portion is disclosable only if the user meets or exceeds the predefined access threshold level based on the second type of PII; wherein the first token and the second token each comprise a portion number indicating to which portion of the PII the first token and second token respectively correspond. However, Connolly-Gaeta-Jain in view of Nagasundaram discloses: wherein the first token associated with the first token identifier indicates that the first portion is disclosable only if the user exceeds the predefined access threshold level based on the first type of PII, and wherein the second token associated with the second token identifier indicates that the second portion is disclosable only if the user meets or exceeds the predefined access threshold level based on the second type of PII.
Refer to at least FIG. 2, [0010], [0026], [0050], and [0057]-[0058] of Nagasundaram with respect to a token bearing contextual information including a data type which identifies whether it is banking information (PAN) or personal information such as PII or PHI.
Refer to at least [0040] of Nagasundaram with respect to performing different actions on tokens having different types of data. The data type field may indicate the purpose of the token.
The teachings of Connolly-Gaeta-Jain and Nagasundaram each concern data privacy and redaction, and are considered to be within the same field of endeavor. Accordingly, they are considered to be combinable.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Connolly-Gaeta-Jain to further include contextual information such as a data type within the token for at least the reasons discussed in [0003]-[0005] of Nagasundaram (i.e., provision of all necessary information from the stored token to improve efficiency of tokenization system by eliminating extraneous layers of processing).
Connolly-Gaeta-Jain-Nagasundaram does not disclose: wherein the first token and the second token each comprise a portion number indicating to which portion of the PII the first token and second token respectively correspond. However, Connolly-Gaeta-Jain-Nagasundaram in view of Baig discloses: wherein the first token and the second token each comprise a portion number indicating to which portion of the PII the first token and second token respectively correspond.
Refer to at least [0053] of Baig with respect to a token being substituted in place of data such as a PAN or an SSN (e.g., [0070] concerning sensitive portions of an SSN), where the token comprises an identifier. Further refer to at least FIG. 9 and [0091]-[0092] of Baig with respect to tokens mapped to their respective sensitive portions of the data.
The teachings of Baig likewise concern tokenizing sensitive data, and are considered to be within the same field of endeavor and combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Connolly-Gaeta-Jain-Nagasundaram to further implement the mapping token identifiers to respective sensitive portions because all of the claimed elements (token identifiers; mapping tokens to plaintext data in token tables; tokenizing sensitive portions of received data) were known in the prior art and one skilled in the art could have combined the elements as claimed by known methods with no change in their respective functions, and the combination would have yielded predictable results to one of ordinary skill in the art at the time (i.e., mapping token identifiers to respective sensitive portions of plaintext data in the token tables).
Regarding claim 3, Connolly-Gaeta-Jain-Nagasundaram-Baig discloses: The system of claim 1, wherein the access to the audio file, the video, or the image comprises playing, listening, viewing, and/or watching the audio file, the video, or the image.
Refer to at least FIG. 4 of Connolly with respect to viewing requested information from the tokenized file or data stream.
Regarding claim 6, Connolly-Gaeta-Jain-Nagasundaram-Baig discloses: The system of claim 1, wherein the non-sensitive information is one or more of the following: (i) a plurality of random numbers, (ii) static noise, (iii) white noise, (iv) silence, (v) an image mask, (vi) a blurred image, (vii) a single-color image, and (viii) a voice-over.
Refer to at least Col. 11, Ll. 36-40 of Connolly with respect to random numbers.
Regarding claim 7, Connolly-Gaeta-Jain-Nagasundaram-Baig discloses: The system of claim 1, wherein the first PII comprises one or more of the following: (i) a credit card number, (ii) a debit card number, (iii) an account number, (iv) a social security number, (v) a birthdate, (vi) an address, (vii) a phone number, (viii) a pin number, (ix) a customer face, (x) an account balance, (xi) one or more transaction amounts, (xii) a paper check, (xiii) a vehicle license plate number, and (xiv) a license number.
Refer to at least Col. 2, Ll. 50-61 of Connolly with respect examples of sensitive information.
Regarding claim 8, it is rejected for substantially the same reasons as claim 1 above (i.e., the citations to Col. 7, Ll. 7-33 and Col. 17, Ll. 44-Col. 18, Ll. 3 of Connolly with respect to access control).
Regarding claim 9, it is rejected for substantially the same reasons as claim 1 above (i.e., the citations to Nagasundaram and Connolly’s access control; the obviousness rationale).
Regarding claim 10, it is rejected for substantially the same reasons as claim 1 above (i.e., the citations to Col. 7, Ll. 7-33 and Col. 17, Ll. 44-Col. 18, Ll. 3 of Connolly with respect to access control).
Regarding claims 11-12, they are rejected for substantially the same reasons as claim 1 above (i.e., the citations to Gaeta and the obviousness rationale; the sensitive information of Connolly).
Regarding independent claim 16, it is substantially similar to claim 1 above, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and obviousness rationale).
Regarding claims 17-18, they are substantially similar to claims 6-7 above, and are therefore likewise rejected.
Regarding independent claim 19, it is substantially similar to claim 1 above, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and obviousness rationale).
Claims 13 and 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Connolly-Gaeta-Jain-Nagasundaram-Baig as applied to claims 1, 3, 6-12, and 16-19 above, and further in view of Official Notice.
Regarding claim 13, Connolly-Gaeta-Jain-Nagasundaram-Baig discloses machine learning generally, but does not specify: wherein the classification model is a logistic regression model, a decision tree model, a random forest model, or a Bayes model. However, the examiner hereby takes official notice that such implementations were known in the art before the filing date of Applicant’s invention, and that one of ordinary skill in the art would have been motivated to modify the teachings of Connolly-Gaeta-Jain-Nagasundaram-Baig to include such because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time of the invention.
Regarding claim 14, Connolly-Gaeta-Jain-Nagasundaram-Baig discloses machine learning generally, but does not specify: wherein the classification model is based on a convolutional neural network (CNN) algorithm, a recurrent neural network (RNN) algorithm, or a hierarchical attention network (HAN) algorithm. However, the examiner hereby takes official notice that such implementations were known in the art before the filing date of Applicant’s invention, and that one of ordinary skill in the art would have been motivated to modify the teachings of Connolly-Gaeta-Jain-Nagasundaram-Baig to include such because the substitution of one known element for another would have yielded predictable results to one of ordinary skill in the art at the time of the invention.
Claim 15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Connolly-Gaeta-Jain-Nagasundaram-Baig as applied to claims 1, 3, 6-12, and 16-19 above, and further in view of Carter (US 9,767,585 B1).
Regarding claim 15, Connolly-Gaeta-Jain-Nagasundaram-Baig does not fully disclose all aspects of: wherein the processing circuitry of the one or more computing devices is further caused to: perform optical character recognition (OCR) on the PII; determine actual PII in the PII based on the performed OCR; and perform tokenization on the actual PII. However, Connolly-Gaeta-Jain-Nagasundaram-Baig in view of Carter discloses: wherein the processing circuitry of the one or more computing devices is further caused to: perform optical character recognition (OCR) on the PII; determine actual PII in the PII based on the performed OCR; and perform tokenization on the actual PII.
Refer to at least Col. 6, Ll. 24-31 of Carter with respect to OCR for detecting confidential information in scanned documents.
The teachings of Connolly-Gaeta-Jain-Nagasundaram-Baig and Carter concern protecting sensitive information, and are considered to be within the same field of endeavor.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Griffin-Gaeta to include support for OCR because design incentives or market forces provided a reason to make an adaptation, and the invention resulted from application of the prior knowledge in a predictable manner (i.e., scanning and uploading paper documents to, e.g., email or cloud storage applications such as those discussed in the Griffin reference).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VADIM SAVENKOV whose telephone number is (571)270-5751. The examiner can normally be reached 12PM-8PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached at (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432
/V.S/Examiner, Art Unit 2432