DATA MASKING

Detailed Action This Non-Final Office Action is in response to amendment filed on 12/16/2025. No Claims have been amended. No Claims have been cancelled. Claims 1-20 remain pending in the application. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment The amended filed on 12/16/2025 has been entered. See above on lines 1-3 of the office action. Response to Arguments Remarks regarding rejections under 35 U.S.C § 103 filed 12/16/2025 Applicant’s arguments are carefully considered and are persuasive. However, upon further consideration, arguments are moot in view of new grounds of rejection. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/16/2025 has been entered. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 1, 4 - 6, 8, 11 - 13, 15, and 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Youn et al. (US-8375224-B2 hereafter Youn), in view of Lei et al. (US-20040139043-A1 hereafter Lei). Regarding claim 1, Youn discloses a method, ( see Youn Col.3 lines 18: “Techniques are described herein”;), comprising: receiving a communication for data for a data source, the data source storing unencrypted data (see Youn Col.4 lines: “unencrypted values are stored in a database. A query is received from an application or user. If the application or user is associated with a role that has privilege to access the unencrypted data, then unencrypted values are returned in response to receiving the query.”); Youn does not explicitly teaches but however, Lei teaches rewriting the communication to generate a rewritten communication that utilizes data masking resources at the data source; ( see Lei par.0023: “if the query 221 references one or more restricted attributes, then the query 221 may be modified in order to restrict the rows that are returned to the user 210. However, if the query 221 does not reference restricted attributes, then the query 221 is not modified to restrict the rows that are returned to the user”, par.0029: “policy function 232 is designed to determine if and how the query 221 should be modified. According to one embodiment, if policy function 232 determines that query 221 should be modified, then policy function 232 returns a predicate that is appended to query 221 to create a modified query.”, par0031: “the attribute restriction metadata 243 indicates what values (referred to hereinafter as "masking values") may be used to mask data from restricted attributes. For example, assuming that "SALARY" is a restricted attribute, if John attempts to access names and salaries for all rows in table t2, John will receive the names from all of the rows but the data from the salary column may be masked with a masking value, such as an integer zero.”); and providing the rewritten communication to the data source; (see Lei par.0029: “policy function 232 is designed to determine if and how the query 221 should be modified. According to one embodiment, if policy function 232 determines that query 221 should be modified, then policy function 232 returns a predicate that is appended to query 221 to create a modified query.”, par0031: “the attribute restriction metadata 243 indicates what values (referred to hereinafter as "masking values") may be used to mask data from restricted attributes. For example, assuming that "SALARY" is a restricted attribute, if John attempts to access names and salaries for all rows in table t2, John will receive the names from all of the rows but the data from the salary column may be masked with a masking value, such as an integer zero. In this case, when John requests the names and salaries for all of the rows in table t2, the database server 230 retrieves all of the names and salaries from table t2 and stores the unmodified names and salaries in result set 235. The semantic analyzer 231 determines that John is attempting to access a restricted attribute, "SALARY". The result set 235 is passed to the masking routine 234, which uses the specified masking value, integer zero, to mask the restricted attribute "SALARY", thus, creating the masked result set 233. The masked result set 233 is provided to the database application 220.”); wherein masked data is generated from the unencrypted data by the data masking resources in response to the rewritten communication (see Lei par.0031: “In this case, when John requests the names and salaries for all of the rows in table t2, the database server 230 retrieves all of the names and salaries from table t2 and stores the unmodified names and salaries in result set 235. The semantic analyzer 231 determines that John is attempting to access a restricted attribute, "SALARY". The result set 235 is passed to the masking routine 234, which uses the specified masking value, integer zero, to mask the restricted attribute "SALARY", thus, creating the masked result set 233. The masked result set 233 is provided to the database application 220.”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn teaching “a determination is made as to whether a user is privileged to access the underlying data based on roles to which the user belongs. For example, a set of data may be accessible only to users or applications that satisfy a role specified in an access list for the set of data. A user not privileged with respect to the requested data receives a masked value generated from the encrypted value as the result of the query, and a user with privilege to access the underlying data receives a decrypted value generated from the encrypted value as the result of the query.”, (see Youn Col.3 lines 60-67, Col.4 lines:1-3), with Lei teaching “ the database server 230 restricts user 210 from seeing data from the restricted attributes without restricting the rows returned to the user. Rather, access to the restricted information is prevented by masking the result set of the query before returning it to the user 210, as will be described in more detail. When masking is used to prevent the user from seeing values for restricted attributes, the masking may be performed selectively, allowing the user to see values for restricted attributes from some rows, and preventing the user from seeing values for restricted attributes from other rows.”, (see Lei par.0024). Regarding claim 8 is a system claim corresponding to the method claim 1 respectively, and rejected under the same rational set forth in connection with the rejection of claim 1. However, claim 8 also include limitations which are disclosed by the cited prior art Youn as following: a processor configured to (see Youn col.9 lines 24-31: “a computer system 600 upon which an embodiment of the invention may be implemented. Computer system 600 includes a bus 602 or other communication mechanism for communicating information, and a hardware processor 604 coupled with bus 602 for processing information. Hardware processor 604 may be, for example, a general purpose micro-processor.”): and a memory coupled to the processor and configured to provide the processor with instructions. (See Youn Col 9 lines 66-67 and Col.10 lines 1-6: “the techniques herein are performed by computer system 600 in response to processor 604 executing one or more sequences of one or more instructions contained in main memory 606. Such instructions may be read into main memory 606 from another storage medium, such as storage device 610. Execution of the sequences of instructions contained in main memory 606 causes processor 604 to perform the process steps described herein.”). Regarding claim 15 is a computer program product claim corresponding to the method claim 1 respectively, and rejected under the same rational set forth in connection with the rejection of claim 1. However, claim 15 also include limitations which are disclosed by the cited prior art Youn as following: computer program product embodied in a non-transitory computer readable medium and comprising computer instructions (see Youn col.10 lines 9-19: “The term "storage media" as used herein refers to any media that store data and/or instructions that cause a machine to operation in a specific fashion. Such storage media may comprise non-volatile media and/or volatile media. Non-volatile media includes, for example, optical or magnetic disks, such as storage device 610. Volatile media includes dynamic memory, such as main memory 606. Common forms of storage media include, for example, a floppy disk, a flexible disk, hard disk, solid state drive, magnetic tape, or any other magnetic data storage medium, a CD-ROM, any other optical data storage medium,”) Regarding claim 4 Youn in view of Lei discloses the method of claim 1, Lei further discloses wherein the rewriting the communication further includes: determining at least one field in the data to be masked; (see Lei par. [0023]: “a determination is made as to whether a query 221 references one or more restricted attributes of a database object. For example, if the query 221 references one or more restricted attributes, then the query 221 may be modified in order to restrict the rows that are returned to the user 210”); and replacing a portion of the communication corresponding to the at least one field with at least one query for the at least one field, and at least one call to the data masking resources. (See Lei par. [0029]: “policy function 232 is designed to determine if and how the query 221 should be modified. According to one embodiment, if policy function 232 determines that query 221 should be modified, then policy function 232 returns a predicate that is appended to query 221 to create a modified query.”, par.0031: “the attribute restriction metadata 243 indicates what values (referred to hereinafter as "masking values") may be used to mask data from restricted attributes. For example, assuming that "SALARY" is a restricted attribute, if John attempts to access names and salaries for all rows in table t2, John will receive the names from all of the rows but the data from the salary column may be masked with a masking value, such as an integer zero. In this case, when John requests the names and salaries for all of the rows in table t2, the database server 230 retrieves all of the names and salaries from table t2 and stores the unmodified names and salaries in result set 235. The semantic analyzer 231 determines that John is attempting to access a restricted attribute, "SALARY". The result set 235 is passed to the masking routine 234, which uses the specified masking value, integer zero, to mask the restricted attribute "SALARY",”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn and Balakrishnan teaching of claim 1 with Lei teaching “ assume that "SSN" is a restricted attribute, and a query attempts to access the "SSN" attribute for all rows in table t2. In this case, semantic analyzer 231 determines, based on policy metadata 242, that the "SSN" attribute is restricted, and invokes policy function 232. Policy function 232 then determines whether this query may access the data in the "SSN" attribute. For example, if the query was issued by personnel in human resources, such as Priscilla in row 116, then the policy function 232 may determine that the query does not need to be modified, thus, returning the data from the "SSN" attribute to Priscilla. However, if the query was issued by someone other than personnel in human resources, such as Chris (referring to row 111), the policy function 232 may determine that the query may not access the data in the "SSN" attribute.”, (see Lei par.0033). Regarding claim 11 is the system claim corresponding to the method claim 4 respectively, and rejected under the same rational set forth in connection with the rejection of claim 4. Regarding claim 18 is the computer program product claim corresponding to the method claim 4 respectively, and rejected under the same rational set forth in connection with the rejection of claim 4. Regarding claim 5 Youn in view of Lei discloses the method of claim 1, Lei further disclose wherein the data masking resources include a user-defined function which performs data masking. (See Lei par [0029]: “The policy function 232 may be, for example, a user-supplied function that implements user-defined policies. There is virtually no limit to the functionality that may be designed into policy function 232. Consequently, policy function 232 is able to support arbitrarily complex policies. Policy function 232 may be designed, for example, to read user-supplied policy metadata and behave based on the content of that metadata. For the purpose of explanation, an embodiment shall be described in which policy function 232 is designed to determine if and how the query 221 should be modified.”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn and Lei teaching of claim 1 with Lei teaching “the policy function 232 returns a predicate to modify the database command to restrict the rows returned by the database command. For example, a predicate such as "WHERE 1=2", which always evaluates to false, may be appended to a query, thus, preventing Chris from seeing any data. Alternatively, the policy function 232 may append a predicate to restrict Chris to only the rows that correspond to personnel in Chris' department. For example, a predicate such as "WHERE t.dept=J21" may be appended to the query issued on Chris' behalf.”, (see Lei par.0048). Regarding claim 12 is the system claim corresponding to the method claim 5 respectively, and rejected under the same rational set forth in connection with the rejection of claim 5. Regarding claim 19 is the computer program product claim corresponding to the method claim 5 respectively, and rejected under the same rational set forth in connection with the rejection of claim 5. Regarding claim 6 Youn in view of Lei discloses the method of claim 1, Lei further discloses wherein the communication includes a request to retrieve the data, (see Lei par. [0020]: “System 200 includes a database application 220 that may be used by a user 210 to request information from a database 240. The database application 220 is designed to issue a query 221 to a database server 230 in response to user interaction. The database server 230 provides the requested information from the table t2 of database 240 to the database application 220, and wherein the method further includes: receiving the masked data. (See Lei par. [0057]: “ the database server 230 would handle a query that referenced the SALARY attribute as follows: The semantic analyzer 231 would determine that the query references a restricted attribute. Policy function 232 would modify the query to add a predicate that restricts the query to rows that are in the same department as the employee. Once the query is executed, the result set 235 would contain salary information from all of the retrieved rows. A masking routine 234 would then mask the result set 235 to create a masked result set 233 that only contains the salary information for the user that submitted the query. For all other rows in the masked result set, the SALARY column would contain a masking value. The masked result set 233 would then be provided to the database application 220 that submitted the query.”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn and Lei teaching of claim 1 with Lei teaching “database server 235 obtains data for the "NAME" and "ID" attributes for all of the rows 111-117 of table t2 and stores this data in the result set 235. The semantic analyzer 231 determines that query 221, as depicted in Q2, does reference an attribute (e.g., "SALARY") that is designated as a restricted attribute. The masking routine 234 obtains masking values from attribute restriction metadata 243, replaces the data from the "SALARY" attribute with the masking value, integer zero. The modified data is stored in masked result set 233.”, (see Lei par.0074). Regarding claim 13 is the system claim corresponding to the method claim 6 respectively, and rejected under the same rational set forth in connection with the rejection of claim 6. Claims 2 - 3, 9 - 10, and 16 - 17 are rejected under 35 U.S.C. 103 as being unpatentable over Youn et al. (US-8375224-B2 hereafter Youn), in view of Lei et al. (US-20040139043-A1 hereafter Lei), in view of Balakrishnan et al. (US 20130191650 A1 hereafter Balakrishnan), in view of Mital et al. (US-20200236108-A1 hereafter Mital). Regarding claim 2 Youn in view of Lei discloses the method of claim 1, Youn in view of Lei appear to be silence however Balakrishnan teaches wherein the receiving includes receiving, at a sidecar, the communication, (see Balakrishnan par. [0050]: “application issues a query, which the proxy intercepts and rewrites: it anonymizes each table and column name, and, using the master key MK, encrypts each constant in the query with an encryption scheme.”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn and Lei teaching of claim 1 with Balakrishnan teaching “method further includes transforming the input query to an encrypted query using the selected encryption scheme for each data item specified in the query, and executing the encrypted query at the database system,", (see Balakrishnan par.004). Youn in view of Lei, and Balakrishnan do not explicitly but however, Mital: explicitly teaches the sidecar including a dispatcher and at least one service, the dispatcher receiving the communication and being data agnostic (see Mital par. [0032]: “receiving a communication for a data source at a sidecar The sidecar includes a dispatcher and at least one service. The dispatcher receives the communication and is data agnostic.”); and wherein the method further includes providing the communication from the dispatcher to the at least one service, the at least one service performing the rewriting. (See Mital par. [0060]: “Dispatcher 112 of sidecar 110 receives a communication from a client, at 502. For example, dispatcher 112 may receive a communication from client 106-2 with a query for data source 104. One or more services 114 are desired to be used with the communication. services 114 may be used for authentication of various types, query analysis, federated identity management, behavioral modeling, query rewriting, caching, tokenization or encryption of sensitive data and/or other processes.”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn in view of Lei, and Balakrishnan teaching described above with Mital teaching “The method and system include receiving a communication for a data source at a sidecar. The sidecar includes a dispatcher and at least one service. The dispatcher…is data agnostic”. (See Mital par.[0032]). Along with “services 114 may be used for authentication of various types, query analysis, federated identity management, behavioral modeling, query rewriting, caching, tokenization or encryption of sensitive data and/or other processes”, (see Mital par. [0060]). Regarding claim 9 is the system claim corresponding to the method claim 2 respectively, and rejected under the same rational set forth in connection with the rejection of claim 2. Regarding claim 16 is the computer program product claim corresponding to the method claim 2 respectively, and rejected under the same rational set forth in connection with the rejection of claim 2. Regarding claim 3 Youn in view of Lei, Balakrishnan and Mital discloses the method of claim 2, Mital further teaches wherein the dispatcher is an OSI Layer 4 data agnostic dispatcher and wherein the at least one service is at least one OSI Layer 7 service. (See Mital par. [0032]: “the dispatcher is an open system inter connection (OSI) Layer 4 dispatcher and the service(s) include OSI Layer 7 service(s).”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn and Balakrishnan teaching of claim 2, with Mital teaching “The dispatcher is an OSI layer 4 and data agnostic the at least one service includes OSI layer 7”. (See Mital par. [0032]). Regarding claim 10 is the system claim corresponding to the method claim 3 respectively, and rejected under the same rational set forth in connection with the rejection of claim 3. Regarding claim 17 is the computer program product claim corresponding to the method claim 3 respectively, and rejected under the same rational set forth in connection with the rejection of claim 3. Claims 7, 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Youn et al. (US-8375224-B2 hereafter Youn), in view of Lei et al. (US-20040139043-A1 hereafter Lei), in further view of Mital et al. (US-20200236108-A1 hereafter Mital). Regarding claim 7 Youn in view of Lei discloses the method of claim 1, Youn in view of Lei do not explicitly teach but however, Mital explicitly teaches wherein the communication includes a request to store data, (see Mital par. [0086]: “A request from a client to store sensitive data at a data source is received by a sidecar. The dispatcher, which is data agnostic, forwards the request to an encryption/ tokenization service for anonymization of the sensitive data desired to be stored”). Examiner interpret that communication included in the request is “based on “the query analysis” provided by the service and the policies and capabilities provided by the service”, (see par. [0080 -0086]), and wherein the masked data is stored by the data source. (See Mital par. [0086]: “The anonymized data is stored in the data source.”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn and Balakrishnan teaching of claim 1, with Mital teaching “receiving by a sidecar a request from a client to store sensitive data at a data source”, (see Mital par. [0086]). Regarding claim 14 is the system claim corresponding to the method claim 7 respectively, and rejected under the same rational set forth in connection with the rejection of claim 7. Regarding claim 20 Youn in view of Lei discloses the computer program product of claim 15, Lei further discloses wherein for the communication including a request to retrieve the data (see Lei par. [0020]: “System 200 includes a database application 220 that may be used by a user 210 to request information from a database 240. The database application 220 is designed to issue a query 221 to a database server 230 in response to user interaction. The database server 230 provides the requested information from the table t2 of database 240 to the database application 220,”) and the computer instructions further include instructions for: receiving the masked data; (See Lei par. [0057]: “ the database server 230 would handle a query that referenced the SALARY attribute as follows: The semantic analyzer 231 would determine that the query references a restricted attribute. Policy function 232 would modify the query to add a predicate that restricts the query to rows that are in the same department as the employee. Once the query is executed, the result set 235 would contain salary information from all of the retrieved rows. A masking routine 234 would then mask the result set 235 to create a masked result set 233 that only contains the salary information for the user that submitted the query. For all other rows in the masked result set, the SALARY column would contain a masking value. The masked result set 233 would then be provided to the database application 220 that submitted the query.”), Youn in view of Lei do not explicitly teach and wherein for the communication including a request to store data, the masked data is stored by the data source. However, Mital explicitly teaches: teaches and wherein for the communication including a request to store data, the masked data is stored by the data source. (See Mital par. [0086]: “A request from a client to store sensitive data at a data source is received by a sidecar. The dispatcher, which is data agnostic, forwards the request to an encryption/ tokenization service for anonymization of the sensitive data desired to be stored, the anonymized data is stored in the data source.”). It would have been obvious to one or ordinary skill in the art before the effective filing date of the claim invention to combine Youn and Lei teaching of claim 15 with Mital teaching “receiving by a sidecar a request from a client to store sensitive data at a data source”, (see Mital par. [0086]). Conclusion The prior art made of record and not relied upon are considered pertinent to applicant's Disclosure: Boukobza et al. (US-9418237-B2) A system, computer-readable medium, and method for masking data including receiving a request, applying a rule set to the request to identify sensitive data, rewriting the request, based on the rule set, so the written request will result in the sensitive data being retrieved and converted into masked format according to the instructions in the rewritten request. D’Costa et al (US-9621680-B2) a system masks data objects across a plurality of different data resources. perform masking within a database server system. A set of user-defined functions (UDFs) and user-defined table. Niu et al. (US-20200301917-A1) Masking resource receives data request information sent by a client; a preset policy corresponding to an identity of the client carried in the data request information is acquired and the database execution engine performs a data protection operation for requested data according to the preset policy to obtain target data; and the database execution engine sends the target data to the client. Li et al. (CN-109409129-A) Application program sends SQL request to proxy, parses proxy to original SQL statement, then is rewritten. Proxy will be then stored on cloud database data encryption according to the sensitive field of user configuration. When user reads data, Proxy obtains ciphertext data from cloud database and then replies to application program to data deciphering. Proxy rewrites the algorithm that SQL statement uses homomorphism encryption and decryption. Any inquiry concerning this communication or earlier communications from the examiner should be directed to DUILIO MUNGUIA whose telephone number is (571)270-5277. The examiner can normally be reached M-F 9:30 - 5:00Pm:00pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867 The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /DUILIO MUNGUIA/Examiner, Art Unit 2497 /ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497