DETAILED ACTION
Office Action Summary
Claims 1-20 are pending in the instant application.
Claims 1-20 are rejected under 35 USC § 102/103.
Claims 8, 11, 14-15 and 17-20 are rejected under 35 USC § 112.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Analysis – 35 USC § 112 (f)
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.
The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked.
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph:
(A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function;
(B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and
(C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function.
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function.
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function.
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitation(s) is/are: “detection information configured to display” in claim 8, “sensor being preconfigured”, “surveillance module configured to detect”, “hashing module configured to hash”, “communication module configured to transmit”, “communication module configured to receive”, “hashing module configured to hash”, and “communication module configured to receive the detection event information from the plurality of endpoint devices, a hashing module configured to hash the first hashes using a second salt to produce second hashes, and a storage module configured to store” in claim 11, “property gathering module configured to gather” in claim 14, “decryption module configured to decrypt” in claim 15, “search module configured to query” and “search module configured to hash” in claim 17, “consulting device having a display configured to display” in claim 18, “data encryption module configured to encrypt” in claim 19, “customer decryption module configured to: decrypt” and “consulting device is configured to: transmit” in claim 20.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph.
Since the claim limitation(s) invokes 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, claim(s) 1 has/have been interpreted to cover the corresponding structure described in the specification that achieves the claimed function, and equivalents thereof. Please also see the 112, 2nd paragraph, rejection below for further details.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 8, 11, 14-15 and 17-20 are rejected under 35 USC § 112 b.
“detection information configured to display” in claim 8, “sensor being preconfigured”, “surveillance module configured to detect”, “hashing module configured to hash”, “communication module configured to transmit”, “communication module configured to receive”, “hashing module configured to hash”, and “communication module configured to receive the detection event information from the plurality of endpoint devices, a hashing module configured to hash the first hashes using a second salt to produce second hashes, and a storage module configured to store” in claim 11, “property gathering module configured to gather” in claim 14, “decryption module configured to decrypt” in claim 15, “search module configured to query” and “search module configured to hash” in claim 17, “consulting device having a display configured to display” in claim 18, “data encryption module configured to encrypt” in claim 19, “customer decryption module configured to: decrypt” and “consulting device is configured to: transmit” in claim 20 invoke 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed function and to clearly link the structure, material, or acts to the function. Therefore, the claims are indefinite and is rejected under 35 U.S.C. 112(b) or pre-AIA 35 U.S.C. 112, second paragraph.
Applicant may:
(a) Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph;
(b) Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(c) Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, applicant should clarify the record by either:
(a) Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or
(b) Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function. For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-7 and 9-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Peterson et al. (US Pre-Grant Publication No: 2018/00219836) hereinafter referred to as Peterson.
As per claim 1, Peterson teaches A method for tracking propagation of sensitive data, comprising: detecting (Peterson, [0051], teaches “the PIG 10 will be in communication with a policy administration system 6 to ensure proper regulation of data being transmitted.” And [0037], teaches “The Policy Administration system 6 contains data policy information as to what is considered PII”) via a plurality of sensors (Peterson, figure 1, items 10, 12 and 13 AND [0034], teaches “a Personal Information Gateway (hereinafter “PIG”) 10 that processes data before it is sent outside of the organization 1”) deployed to a plurality of devices, (Peterson, figure 1, items 10, 12 and 13) sensitive data (Peterson, figure 2) within data assets (Peterson, figure 2, “Airline Flight database record”) accessible via the plurality of devices (Peterson, figure 1, items 10<->20 and figure 1 items 22<->12 and items 23<->13);
extracting, via the plurality of sensors, (Peterson, [0034], teaches PIG is connected to … a policy administration system and [0037], teaches “Policy Administration system 6 contains data policy information as to what is considered PII”) the sensitive data from the data assets (Peterson, [0035], “the data to be transmitted is split into PII records and non-PII records. The PII records are passed from the database 20 to the PIG 10 within the first organization 1”), and hashing the sensitive data using a first salt (Peterson, [0040], teaches “once the data is cleansed within the PIG 10, in step 70 optionally the record is hashed”) to produce first hashes (Peterson, [0040], teaches “The hash may use a communal salt (random data used as addition input) or other agreed-upon salt to transform the data.”);
transmitting data detection event information comprising at least the first hashes from the plurality of sensors (Peterson, [0048], teaches “the matching nodes 15 receive the shredded and hashed data from the PIG 12 and 10”) to a backend server (Peterson, [0043], teaches “the PIG 10 will then transmit the data into one or more nodes 15 through the cloud”);
receiving the data detection event information at the backend server (Peterson, [0046], teaches “node 15 that receives data creates a unique hash salt that each inbound record is hashed against in step 95. Therefore, the previously shredded and communal hashed data is optionally hashed again to create a double hash”);
hashing the first hashes at the backend server using a second salt to produce second hashes; and (Peterson, [0046], teaches “node 15 that receives data creates a unique hash salt that each inbound record is hashed against in step 95. Therefore, the previously shredded and communal hashed data is optionally hashed again to create a double hash. The data is hashed two times—the first as the data leaves the PIG 10, 12, 13, and the second time as the data is received by a node 15”)
storing the second hashes in storage accessible via the backend server, (Peterson, figure 9 and [0046], teaches “The data is hashed two times—the first as the data leaves the PIG 10, 12, 13, and the second time as the data is received by a node 15”) each of the second hashes corresponding to a detection event and being stored in association with properties comprising at least: a timestamp corresponding to when the sensitive data was detected, (Peterson, figure 9 shows the time stamps of the detection) and an identifier of a data asset from which the sensitive data was extracted. (Peterson, figure 9, teaches token and figure 4 teaches the different tokens from different databases.)
As per claim 2, Peterson teaches The method of claim 1, further comprising the step of gathering, via the plurality of sensors, one or more metadata selected from the list comprising: file metadata, host metadata, and match metadata; wherein the data detection event information further comprises the one or more metadata. (Peterson, figure 4)
As per claim 3, Peterson teaches The method of claim 2, wherein the one or more metadata is encrypted using a first key of an asymmetric key pair before being transmitted to the backend server. (Peterson, [0046] and [0047])
As per claim 4, Peterson teaches The method of claim 1, wherein the tracking is implemented for a plurality of customers, each of the plurality of sensors being associated with one customer of the plurality of customers, wherein hashing the sensitive data further comprises obtaining a first salt specific to the one customer. (Peterson, figure 9 and [0048], teaches “In step 120, as shown in FIGS. 9 and 10, the matching nodes compare the results field by field to determine whether a match exists and in some embodiments what the probability of the match is. Where the hash results match, the underlying PII element data will also match, and the node 15 creates a match table entry for the token ID of organizations 1, 2.”)
As per claim 5, Peterson teaches The method of claim 1, wherein the second salt is stored in a service- provider key vault accessible via the backend server, wherein hashing the first hashes at the backend server further comprises querying the service-provider key vault to obtain the second salt. (Peterson, [0047], teaches “the contributing party will encrypt or hash their data using a key or salt known only to them” and figure 1)
As per claim 6, Peterson teaches The method of claim 1, further comprising receiving, at the backend server, a search request corresponding to a specific sensitive data value and, in response thereto: responsive to the search request not comprising a first search hash, hashing the specific sensitive data value using the first salt to produce a first search hash; hashing the first search hash using the second salt to produce a second search hash; and searching for second hashes in the storage matching the second search hash. (Peterson, [0047], teaches “contributing party will encrypt or hash their data using a key or salt known only to them”, [0040], teaches “the hash may use a … agreed-upon salt” and [0046], teaches “ the first hash is not a communal hash, rather it is chosen by the contributing organization before the data exits”)
As per claim 7, Peterson teaches The method of claim 1, further comprising causing a display device to display, for a specified type of sensitive data, a plurality of elements, wherein each element comprises: one sensitive data of the specified type that was detected within at least one data asset accessible via at least one of the plurality of devices; and at least one of: a number of individuals having access to at least one of the data assets where the sensitive data was detected, a number of devices having access to at least one of the data assets where the sensitive data was detected, and a number of files where the sensitive data was detected. (Peterson, [0046], teaches “node 15 that receives data creates a unique hash salt that each inbound record is hashed against in step 95”)
As per claim 9, Peterson teaches The method of claim 7, further comprising causing the display device to display, for a specified individual, at least one of: a list of the sensitive data that was detected within data assets accessible via a device corresponding to the specified individual; and a list of files in which the sensitive data of the specified type was detected within data assets accessible via a device corresponding to the specified individual. (Peterson, [0046], teaches “node 15 that receives data creates a unique hash salt that each inbound record is hashed against in step 95”)
Claim 10 teaches a non-transitory computer-readable medium that corresponds to the method claim 1 and is rejected using the same rational.
Claims 11-20 teach a system that corresponds to the method claims 1-9 and are rejected using the same rational.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Peterson et al. (US Pre-Grant Publication No: 2018/0219836) hereinafter referred to as Peterson in view of Lowevberg et al. (US Pre-Grant Publication No: 2018/0082082) hereinafter referred to as Lowevberg.
As per claim 8, Peterson teaches The method of claim 7,
But does not teach further comprising causing the display device to display detection information, wherein the detection information is configured to display: on a first axis, a plurality of individuals; on a second axis, a plurality of timestamps; and at least one set of aggregated information relative to detection events, each displayed on the second axis next to the individual who triggered the detection event and on the first axis next to the one or more timestamps representing the moments when the detection events occurred, each of the at least one set of aggregated information comprising at least one of: a number of sensitive data that was detected within data assets accessible via a device corresponding to the individual who triggered the detection event, a number of files in which the sensitive data was detected within data assets accessible via a device corresponding to the individual who triggered the detection event, and a duration for which the sensitive data of the specified type was detected within data assets accessible via a device corresponding to the individual who triggered the detection event.
However, Lowevberg figure 4 and [0055], teaches “In step 406, a receiving device 202 of the second anonymization system 104 may receive the request from the first anonymization system 102 with the hashed identifiers and/or requested data values … second anonymization system 104 may initiate a call through the API of the hosting entity 106 to request data values corresponding to double-hashed identifiers (e.g., generated by the hashing module 210 if applicable) ”)
It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention to modify the invention of Peterson with the method of Lowevberg.
Other Art of Record
Locher et al. (20210286885 ) teaches “At step 101, heuristics can be applied to discover sensitive data fields in a small data set stored in the database 72. As an example, data containing sensor data that are regarded as being confidential, e.g., because they are critical to the secure operation of an industrial or electric power system, can be identified as being sensitive data based on such heuristics. For further illustration, the identity, names, contact information, billing information, access timestamps, video recordings, and photos can all be used to decide whether a specific record or its associated data field in the database might contain sensitive information.”
Morgan (9910632) teaches “a tilt sensor, an orientation sensor, one or more speakers, one or more microphones, one or more ambient light sensors, one or more biometric sensors and systems (e.g., fingerprint reader, iris reader, camera, face recognition system, voice recognition system, and/or the like) to unlock the supplemental display device 502, make payments, and/or to access sensitive data (e.g., credit card information, account information, or the like)”
Oberhauser (20190222575) teaches “The PDS may store sensitive data associated with the identifiable object, such as public and/or private keys associated with the identifiable object, data collected by the identifiable object (e.g., by one or more sensors of the identifiable object)”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMON P KANAAN whose telephone number is (571)270-3906. The examiner can normally be reached on M-F (7AM-4PM).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Catherine Thiaw can be reached on (571) 272-1183. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SIMON P KANAAN/Primary Examiner, Art Unit 2407