DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
Claim Objections
Claims 6-7, 12 are objected to because of the following informalities:
-- by catalog -- should be -- by the catalog -- in claim 6 line 2.
-- for smart approval -- should be -- for the smart approval-- in claim 7 line 2.
-- to rules engine -- should be -- to the rules engine-- in claim 7 line 4, claim 12 line 2.
Appropriate correction is required.
Specification
The disclosure is objected to because of the following informalities:
-- th e -- should be -- the -- in [0004].
-- suitableform -- should be -- suitable form -- in [0056].
-- o f -- should be -- of -- in [0074].
-- b e -- should be --be -- in [0115].
Appropriate correction is required.
Drawing
The drawings are objected to because of the following minor informalities:
-- symbol for server 304 is drawn as database symbol -- in Fig. 3.
Missing symbol 302 in fig. 3 as described in [0069].
Fig. 5 is faded / not legible and should be replaced with legible drawing.
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 1-20 are rejected under 35 U.S.C. 112 (b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or joint inventor regards as the invention.
The following claim language is not clearly understood:
Claim 1 recites “a change to a product subject to a plurality of rules”. It is unclear if the change is to a subject or to a rules or both.
Claim 1 recites “product definition” without clearly reciting what constitutes the product and what constitutes the product definition.
Claim 1 recites “product subject” without clearly reciting what is being referred by product subject.
Claim 1 recites “rule engine serverless architecture”. It is unclear if the rule engine is serverless or cloud is serverless. It is also unclear what is meant by rule engine serverless architecture or rule engine itself.
Claim 1 recites “catalog rules architecture” without clearly reciting what is being referred by rules architecture or what constitute rules architecture.
Claim 6 recites “smart approval” without clearly reciting what constitutes the smart approval.
Claim 8 recites “database is accessed at REST”. It is unclear if the database is accessed using then REST or at REST.
Claim 14 recites “product block for the change” without clearly reciting what constitutes the product block.
Claim 15 recites “”attributes of existing product blocks” without clearly reciting what are the attributes of the product block.
Claims 19 and 20 recite elements of claim 1 and have similar deficiency as claim 1. Therefore, they are rejected for the same rational. Remaining dependent claims 2-18 are also rejected due to similar deficiency inherited from the rejected independent claims.
* Applicant is advised to at least indicate support present in the specification for further defining/clarifying the claim language in case Applicant believe amendments would unduly narrow the scope of the claim.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more or integrating into practical application.
claims 1-20 are determined to be directed to an abstract idea. Examples of abstract ideas include at least Mathematical concepts, Mental process and Certain Methods of organizing human activity. Independent claim 1 is directed to “determining compatibility of change request with plurality of rules and implementing the rule change if the request is compatible and prompting the user to modify the request if the request is incompatible” at a high level of generality.
Step 1
As described in MPEP § 2106, subsection III, Step 1 of the eligibility analysis asks: Is the claim to a process, machine, manufacture or composition of matter?
Claim 1 recites a method, which falls within the “process” category of 35 U.S.C. § 101. Claim 19 recites a system comprising memory/processors, which falls within the “machine” category of 35 U.S.C. § 101. Claim 20 recites a non-transitory medium, which falls within the “machine / manufacture” category of 35 U.S.C. § 101. Thus, the analysis determines whether the claims recite a judicial exception and fail to integrate the exception into practical application. See Memorandum, 84 Fed. Re. 54-55. If both elements are satisfied, the claims are directed to a judicial exception under the first step of the Alice/Mayo test, See id.
Step 2A Prong One
As described in MPEP § 2106, subsection III, Step 2A of the Office’s eligibility analysis is the first part of the Alice/Mayo test, i.e., the Supreme Court’s "framework for distinguishing patents that claim laws of nature, natural phenomena, and abstract ideas from those that claim patent-eligible applications of those concepts." Alice Corp. Pty. Ltd. v. CLS Bank Int'l, 573 U.S. 208, 217-18, 110 USPQ2d 1976, 1981 (2014) (citing Mayo, 566 U.S. at 77-78, 101 USPQ2d at 1967-68).
Step 2A is a two-prong inquiry, in which examiners determine in Prong One whether a claim recites a judicial exception, and if so, then determine in Prong Two if the recited judicial exception is integrated into a practical application of that exception.
Claim Elements
i
1. A method for centrally modifying a rule in a product definition, the method comprising:
preamble - intended use
ii
receiving, from a user, a change to a product subject to a plurality of rules;
information gathering
iii
determining, by a processor, whether the change is incompatible with the plurality of rules;
mental process abstract idea
iv
when the change is determined to be incompatible with the plurality of rules,
mental process abstract idea
v
prompting the user to modify the change without storing the data associated with the change in a dynamic database residing on a cloud network;
input/gathering information
vi
when the change is determined to be compatible with the plurality of rules
mental process abstract idea
vii
capturing data associated with the change in the dynamic database residing on the cloud network for first updating rules data;
information gathering
viii
publishing, to rules engine serverless architecture, a first data update event;
information transmission /output
ix
in response to receiving the first data update event, causing the rules engine serverless architecture to read first updated rules data from the dynamic database;
information gathering
x
generating a data object as a microservice based on the first updated rules data;
generic computing
xi
uploading the data object to catalog rules architecture for first updating a set of rule objects associated with the product; and
information transfer
xii
versioning the product based on the set of rule objects associated with the product.
mental process abstract idea
The overall process described by steps [iii]-[iv], [vi] and [xii] describes “concepts performed in the human mind” or “observation, evaluation, judgement, opinion.” Memorandum, 84 Fed. Reg, 52. Thus steps [iii]-[iv], [vi] and [xii] recite the abstract concept of [m]ental processes.” Id. For example, step [iii] recites “determining, by a processor, whether the change is incompatible with the plurality of rules”, which is a combination of observation, evaluation, judgement and opinion, and may be performed by human mind. Steps [iv] and [vi] also recites similar claim elements and can be performed by human mind with or without the help of pen and paper. Claim 1 step [xii] recites “versioning the product based on the set of rule objects associated with the product”, which can be performed by human mind with or without the help of physical aid because versioning can be performed by a combination of one or more of observation, evaluation, judgement, opinion. Therefore, steps [iii]-[iv], [vi] and [xii] resembles the idea of performing observation, evaluation, judgement and opinion according to the broadest reasonable interpretations of the claim elements and can be performed by human mind alone or with the aid of pen and paper. The courts consider a mental process (thinking) that "can be performed in the human mind, or by a human using a pen and paper" to be an abstract idea. CyberSource Corp. v. Retail Decisions, Inc., 654 F.3d 1366, 1372, 99 USPQ2d 1690, 1695 (Fed. Cir. 2011).
Thus, claim 1 recites a judicial exception. For these same reasons, claims 19-20 also recites judicial exception.
Step 2A, Prong Two
As described in MPEP § 2106, subsection III, Step 2A of the Office’s eligibility analysis is the first part of the Alice/Mayo test, i.e., the Supreme Court’s "framework for distinguishing patents that claim laws of nature, natural phenomena, and abstract ideas from those that claim patent-eligible applications of those concepts." Alice Corp. Pty. Ltd. v. CLS Bank Int'l, 573 U.S. 208, 217-18, 110 USPQ2d 1976, 1981 (2014) (citing Mayo, 566 U.S. at 77-78, 101 USPQ2d at 1967-68).
Step 2A is a two-prong inquiry, in which examiners determine in Prong One whether a claim recites a judicial exception, and if so, then determine in Prong Two if the recited judicial exception is integrated into a practical application of that exception.
Because claims 1, 19 and 20 recite a judicial exception, analysis determines if the claims recites additional elements that integrate the judicial exception into practical application. In addition to the limitations of claim 1 discussed above that recite the abstract concepts, claim 1 also recites additional steps [i]-[ii], [v], [vii]-[xi]. Additional claim elements are analyzed to determine if additional claim elements, either alone or in combination, integrate the abstract idea into practical application. Claim 1 in step [i] recites method with intended use and is neither inventive nor provide improvements and therefore don’t integrate the abstract idea into practical application. Claim 1 in steps [ii], [v], [vii], [ix], [xi] are directed to information gathering / transmission, according to the broadest reasonable interpretation of the claim elements. Information gathering /transmission is considered insignificant extra solution activity and adding insignificant extra solution activity to the abstract idea do not make the abstract idea patent eligible. Claim 1 step [viii] recites additional claim elements of “publishing, to rules engine serverless architecture, a first data update event”, which is outputting information and is considered extra solution activity and do not impose limitations on the abstract idea in such as a manner to make the claim patent eligible. Claim 1 step [x] recites “generating a data object as a microservice based on the first updated rules data;”, which is generic computing method and is neither inventive nor provide improvement because the claim elements is referring to generating program providing data object based on the updated rules data. The Specification doesn’t provide additional details that would distinguish the additional limitations recited in claim 1 steps [i]-[ii], [v], [vii]-[xi] from a generic implementation of the abstract idea. Thus, the claim elements recited in steps [i]-[ii], [v], [vii]-[xi] , under broadest reasonable interpretation, do not integrate the judicial exception into a practical application.
Thus, claim 1 recites a judicial exception without integrating into practical application. For these same reasons and based on similar analysis as above, claims 19 and 20 also recites judicial exception without integrating into practical application.
Step 2B
As described in MPEP § 2106, subsection III, Step 2B of the Office’s eligibility analysis is the second part of the Alice/Mayo test, i.e., the Supreme Court’s "framework for distinguishing patents that claim laws of nature, natural phenomena, and abstract ideas from those that claim patent-eligible applications of those concepts." Alice Corp. Pty. Ltd. v. CLS Bank Int'l, 573 U.S. 208, 217, 110 USPQ2d 1976, 1981 (2014) (citing Mayo, 566 U.S. 66, 101 USPQ2d 1961 (2012)).
Step 2B asks: Does the claim recite additional elements that amount to significantly more than the judicial exception.
Because claims 1 , 19 and 20 are directed to judicial exception without integrating practical application, analysis must determine, according to Alice, whether these claims recite an element, or combination of elements that is enough to ensure that the claim is directed to significantly more than a judicial exception.
The Memorandum, Section III (B) (footnote 36) states:
In accordance with existing guidance, an Examiner’s conclusion that an additional element (or combination of elements) is well understood, routine, conventional activity must be supported with a factual determination. For more information concerning evaluation of well-understood, routine, convention activity, see MPEP 2106.05(d), as modified by the USPTO Berkheimer Memorandum.
The Berkheimer Memorandum, Section III(A)(1) states:
A Specification demonstrates the well-understood, routine, conventional nature of additional elements when it describes the additional elements as well-understood or routine or conventional (or an equivalent term), as a commercially available product, on in a manner that indicates that the additional elements are sufficiently well-known that the specification does not need to describe the particulars of such additional elements to satisfy 35 §U.S.C. 112(a). A finding that an element is well-understood, routine, or conventional cannot be based only on the fact that the specification is silent with respect to describing such element.
Claim 1 in step [i] recites method with intended use and does not amount to significantly more. Claim 1 in steps [ii], [v], [vii], [ix], [xi] are directed to information gathering, according to the broadest reasonable interpretation of the claim elements. Information gathering is considered insignificant extra solution activity and do not amount to significantly more. Claim 1 step [viii] recites additional claim elements of “publishing, to rules engine serverless architecture, a first data update event”, which is outputting information and is considered extra solution activity and is well-understood, routine and common activity (See background [0003]) and does not amount to significantly more.
Claim 1 step [x] recites “generating a data object as a microservice based on the first updated rules data”, which is well-understood, routine and conventional (See Silk [0002] ) and do not amount to significantly more. Further, the Specification does not provide additional details that would distinguish the recited components from generic implementation in the combination. As such these additional claim elements are not directed to anything beyond conventional nature of these elements or otherwise more than well-understood, routine, conventional activity in the field of computing. These limitations either alone or in combination simply append well-understood, routine, conventional activities previously known to the industry, specified at a high level of generality, to the judicial exception. As such, it has been recognized by court that receiving, processing, and storing data as well as receiving or transmitting data over a network are a well-understood, routine and conventional activities. Mortg. Grader, Inc. v. First choice Loan Servs. Inc., 811 F.3d 1314 (Fed. Cir. 2016) (generic computer components, such as interface, “network”, and “database,” fail to satisfy the inventive concept requirement); see also TLI Commc’ns, 823 F.3d 607; Elec. Power, 830 F.3d at 1350. There is no indication that the recited claim elements override the conventional use of known features or involve an unconventional arrangement or combination of elements such that the particular combination of generic technology results in anything beyond well-understood, routine, and conventional data gathering and output. Alice, 573 U.S. at 223 (“[T]he mere recitation of a generic computer cannot transform a patent ineligible abstract idea into a patent-eligible invention.”) See also Customedia Techs. LLC v. Dish Network Corp., 951 F.3d 1359, 1366(Fed. Cir. 2020) (“[T]he invocation of ‘already-available computers that are not themselves plausibly asserted to be an advance…amounts to a recitation of what is well-understood, routine, and conventional.”)(quoting SAP Am., Inc. v. InvestPic, LLC, 898F3.d 1161, 1170 (Fed. Cir. 2018)); and buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355(Fed. Cir 2014)(“That a computer receives and sends the information over a network -- with no further specification -- is not even arguably inventive.”). Thus, additional claim elements in claims 1 do not amount to significantly more than a patent ineligible concept.
Thus, claim 1 recites a judicial exception without integrating into practical application. For these same reasons and based on similar analysis as above, claims 19 and 20 also recites judicial exception without integrating into practical application.
Claim 2 is directed notifying plurality of users of the updated version of the product, which is considered post extra solution activity, and is neither inventive nor amount to significantly more.
Claim 3 is directed to customizing data object, and is and is neither inventive nor amount to significantly more.
Claim 4 is directed to notifying is performed using email transmissions, and is neither inventive nor amount to significantly more and is well-understood, routine and conventional.
Claim 5 is directed to availability of plurality of versions of the product for utilization, which is further describing the availability of the different product versions, and is neither inventive nor amount to significantly more.
Claim 6 recites transmitting and receiving information, which is directed information transmission and distribution, and is well-understood, routine and conventional.
Claim 7 is directed to second data update event similar to first data update event as recited in claim 1. Therefore, it is rejected for the same rationale.
Claim 8 recites “wherein one or more encryption keys are utilized to access the dynamic database, and wherein the dynamic database is accessed at representational state transfer (REST)”, which is neither inventive nor amount to significantly more.
Claim 9 recites “wherein the change to the product is inputted on a uniform template that is utilized by a front office, a middle office and operations responsible for generating the product”, which is well-understood, routine and conventional (See Background [0003]).
Claim 10 recites “wherein the determining of whether the change is incompatible with the plurality of rules includes whether the change is unable to be implemented together with at least one of the plurality of rules of the product”, which is directed to combination of observation, evaluation, judgement and opinion and therefore is directed to mental process abstract idea.
Claim 11 is directed to storing sets of rules associated with different versions of the product in the catalog, and is well-understood, routine and conventional idea of storing information e.g. database.
Claim 12 is directed to a technological environment of the cloud network includes a catalog data architecture, the catalog rules architecture, the dynamic database, a rules engine serverless architecture and the digital platform notification serverless architecture. Adding / implementing abstract idea to a technical environment doesn’t make the abstract idea patent eligible.
Claim 13 recites “wherein the uniform template is updated in response to the versioning”, which is directed to information gathering. Information gathering is considered insignificant extra solution activity.
Claim 14 recites “obtaining a product block for the change, wherein the product block combines with other product blocks to form the product”, which is directed to information gathering. Information gathering is considered insignificant extra solution activity.
Claim 15 recites “wherein the determining of whether the change is incompatible with the plurality of rules includes, uploading the product block to a catalog data architecture for checking against attributes of existing product blocks”, which is a combination of observation, evaluation, judgement and opinion and therefore is directed to mental process abstract idea.
Claim 16 recites in response to the determining of whether the change is incompatible with the plurality of rules, determining corresponding changes that should be implemented along with the change received from the user, which is a combination of observation, evaluation, judgement and opinion and therefore is directed to mental process abstract idea.
Claim 17 describes the product as including a set of rules without further imposing limitation in such a manner as to make the claim patent eligible.
Claim 18 is directed to updating rules by user, which is neither inventive nor amount to significantly more.
Claims 19-20 also recites additional claim elements beyond claim 1, however these are recited in dependent claims of claim 1, and are rejected for the same respective rationales.
Therefore, the claim(s) 1-20 are rejected under 35 U.S.C. 101 as being directed to judicial exception without integrating into practical application or significantly more.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-7, 9-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Silk et al. (US 2010/0185963 A1, hereafter Silk) in view of Chud (US 10,616,281 B1).
As per claim 1, Silk teaches the invention substantially as claimed including a method for centrally modifying a rule in a product definition ([0028] modify, set of rules, list of placement rules, rule specification module, [0019] storage grid system, storage services to external applications, application package data, stored, discrete object, initial storage process), the method comprising:
receiving, from a user, a change to a product subject to a plurality of rules ([0035] user interfaces, allowing user interfaces, users, input rules [0029] user, creates, placement rules, object to which rules apply [0028] allows users to augment, diminish, or modify the set of rules [0019] application, discrete object);
determining, by a processor, whether the change is incompatible with the plurality of rules ([0043] rule matching criteria, overlaps between multiple rules i.e. overlapping rules may be considered as compatible or incompatible);
when the change is determined to be incompatible with the plurality of rules ([0043] rule matching criteria, overlaps between multiple rules i.e. non-overlapping rules may be considered incompatible rules), prompting the user to modify the change without storing the data associated with the change in a dynamic database residing on a cloud network;
when the change is determined to be compatible with the plurality of rules ([0043] rule matching criteria, overlaps between multiple rules i.e. compatible rules), capturing data associated with the change in the dynamic database residing on the cloud network for first updating rules data ([0078] databases [0028] placement rule specification module, information about the topology, utilization, other properties, maintains, list of placement rules, set of rules [0002] computer storage system, connected, network, form a grid );
publishing, to rules engine serverless architecture, a first data update event ([0037] rules, changed, configuration interface, re-processing of objects on a rules change [0048] named notification event [0061] rules evaluation triggers a notification to be sent to one or more external system);
in response to receiving the first data update event ([0068] when a rule is added/modified), causing the rules engine serverless architecture to read first updated rules data from the dynamic database ([0068] rules, added or modified rule are identified, rule, associated objects, specification of the added or modified rule [0028] placement rules, allow users to modify the set of rules 102 [0032] rules, summarized into a tree data structure i.e. dynamic, stored);
generating a data object as a microservice based on the first updated rules data ([0037] rules, changed, configuration interface, objects, re-processing of objects, [0068] identifying objects, require updating, rule is added / modified, rules changed trigger is invoked [0076] features of the system, available, hosted application service);
uploading the data object to catalog rules architecture for first updating a set of rule objects associated with the product ([0068] identify object that require updating, rule is added or modified [0075] modify rules, affect objects within administrative domains; fig. 1 set of rules 102 rule 103 object storage 105); and
versioning the product based on the set of rule objects associated with the product.
Silk doesn’t specifically teach prompting the user to modify the change without storing the data associated with the change in a dynamic database residing on a cloud network; publish to the serverless architecture the event; uploading the data object to catalog; versioning the product based on the set of rule objects associated with the product.
Chud, however, teaches when the change is determined to be incompatible with the plurality of rules (col 7 lines 55-67 policies, out-of-date, non-compliant with new access policy guidelines), prompting the user to modify the change (col 8 lines 1-12 authorization service, notify service user, non-compliant access policy, such that service user may update the access policy to ensure compliance, modifying a policy to ensure compliance with updated access policy guidelines) without storing the data associated with the change in a dynamic database residing on a cloud network (col 8 lines 45-55 service users to implement shadowed access policies, representing access policies to be compared to a currently in-force policy, prior to or without placing the shadow policy into force; col 1 lines 23-33 data centers, network accessible service, data storage services, on-demand basis col 5 lines 44-55 on-demand code execution system, serverless);
publish to the serverless architecture the event (col 15 lines 5-15 update, correspond to release by the network service of a new version of access policy guidelines, service 110 may notify the authorization service of such an update fig. 5 502 client device, interact with network services 110 col 5 lines 30-35 configure service instances network services, authorization service; col 5 lines 44-50 network service 110 service instance 112 data storage service, serverless code execution systems);
uploading the data object to catalog (col 7 lines 5-15 endpoint, access policy, stored within the configuration data store 124; col 17 lines 15-20 client, submit the shadow policy, authorization service, uploading of a text file, interface);
versioning the product based on the set of rule objects associated with the product (col 14 lines 29-41 network services, utilize versioning information, access policy guidelines, each set of access policy guidelines, associated with an advancing version number, enable, number of version).
It would have been obvious to one of ordinary skills in the art before the effective filing date of the invention was made to combine the teachings of Silk with the method of Chud of prompting user to change the request for update in case the update request is non-compliant before replacing and enforcing the guideline, new release of service update, uploading the access policy to the configuration data store, use versioning to associate each set policy guidelines with advancing version identifier to improve efficiency and allow prompting the user to modify the change without storing the data associated with the change in a dynamic database residing on a cloud network; publish to the serverless architecture the event; uploading the data object to catalog; versioning the product based on the set of rule objects associated with the product to the method of Silk as in the instant invention. The combination would have been obvious because applying the teachings of Chud of updating and versioning update guidelines to the method of Silk to yield expected result and resource efficiency.
As per claim 2, Chud teaches in response to the uploading of the data object, notifying a plurality of users of the product that an updated version of the product is available (col 7 lines 55-65 changes in access policy guidelines, detect changes to access guidelines for a service, notify service users of access policies col 15 lines 5-15 update, correspond to release by the network service of a new version of access policy guidelines, service 110 may notify the authorization service of such an update fig. 5 502 client device, interact with network services 110 col 5 lines 30-35 configure service instances network services, authorization service; col 5 lines 44-50 network service 110 service instance 112 data storage service, serverless code execution systems).
As per claim 3, Silk teaches wherein the data object is a custom rules object ([0019] application packaged data, discrete objects [0007] user-specified rules, object, matches, given rule, object’s metadata and other attributes [0068] metadata, set of objects, rule).
As per claim 4, Chud teaches wherein the notifying is performed using email transmissions (col 7 lines 55-65 notify service users of access policies).
As per claim 5, Chud teaches wherein a plurality of versions of the product is available for utilization (col 14 lines 29-41 network services, utilize versioning information, access policy guidelines, each set of access policy guidelines, associated with an advancing version number, enable specification of access policies under a number of versions, number of version).
As per claim 6, Chud teaches transmitting, by catalog data architecture and to a data center residing outside of the cloud network and via a firewall, a request for smart approval (col 12 lines 10-20 client device, submits, access request to the service instance, col 1 lines 7-20 services to third parties, data centers; col 2 lines 50-60 request to the authorization service; col 1 lines 51-55 security mechanism, integrity of services, firewalls); and
receiving, by the catalog data architecture and from the data center, a response to the request for smart approval (col 12 lines 50-60 send a default authorization response e.g. denial of access to the service instance, grant/deny ).
As per claim 7, Silk teaches rules engine, a second data update event ([0037] rules, changed, configuration interface, re-processing of objects on a rules change [0048] named notification event [0061] rules evaluation triggers a notification to be sent to one or more external system);
in response to receiving the second data update event([0068] when a rule is added/modified), causing the rules engine to read second updated rules data from the dynamic database ([0068] rules, added or modified rule are identified, rule, associated objects, specification of the added or modified rule [0028] placement rules, allow users to modify the set of rules 102 [0032] rules, summarized into a tree data structure i.e. dynamic, stored);
generating a second data object as a microservice based on the second updated rules data ([0037] rules, changed, configuration interface, objects, re-processing of objects, [0068] identifying objects, require updating, rule is added / modified, rules changed trigger is invoked [0076] features of the system, available, hosted application service); and
uploading the second data object to catalog rules architecture for second updating the set of rule objects associated with the product ([0068] identify object that require updating, rule is added or modified [0075] modify rules, affect objects within administrative domains; fig. 1 set of rules 102 rule 103 object storage 105).
Chud teaches remaining claim elements of the capturing data associated with the response to the request for smart approval in the dynamic database residing on the cloud network for second updating rules data (col 12 lines 50-60 send a default authorization response e.g. denial of access to the service instance, grant/deny; col 1 lines 23-33 data centers, network accessible service, data storage services, on-demand basis col 5 lines 44-55 on-demand code execution system, serverless);
publish to the serverless architecture the event (col 15 lines 5-15 update, correspond to release by the network service of a new version of access policy guidelines, service 110 may notify the authorization service of such an update fig. 5 502 client device, interact with network services 110 col 5 lines 30-35 configure service instances network services, authorization service; col 5 lines 44-50 network service 110 service instance 112 data storage service, serverless code execution systems);
uploading the data object to catalog (col 7 lines 5-15 endpoint, access policy, stored within the configuration data store 124; col 17 lines 15-20 client, submit the shadow policy, authorization service, uploading of a text file, interface);
As per claim 9, Silk teaches wherein the change to the product is inputted on a uniform template that is utilized by a front office, a middle office and operations responsible for generating the product ([0035] user interfaces, allowing for users to input rules [0036] rules are specified in the user interface, rules are summarized into a tree data structure; fig. 1 object storage 105 [0039] possible user interface, placement rules [0019] provide storage service to external applications [0076] fully hosted application service).
As per claim 10, Chud teaches wherein the determining of whether the change is incompatible with the plurality of rules includes whether the change is unable to be implemented together with at least one of the plurality of rules of the product (col 3 lines 30-37 non-compliant, access policy, does not comply with any positions of a set of access policy guidelines including requirements, element disallowed / discouraged).
As per claim 11, Silk teaches wherein the catalog rules architecture stores sets of rules associated with different versions of the product ([0028] maintains, list, set of rules 102).
Chud teaches remaining claim elements of rules associated with different versions of the product (fig. 1 configuration data store 124; col 14 lines 30-40 set of access policy guidelines, advancing version identifier).
As per claim 12, Silk teaches wherein the cloud network includes a catalog data architecture, the catalog rules architecture (fig. 1 set of rules 102 [0002] computer storage systems, connected, network, grid of computers), the dynamic database ([0078] databases), a rules engine serverless architecture (fig. 1 rule execution module 104) and the digital platform notification serverless architecture ([0025] notification, destination, internal/external).
Chud teaches remaining claim elements of serverless architecture (col 5 lines 44-50 network service 110 service instance 112 data storage service, serverless code execution systems).
As per claim 13, wherein the uniform template is updated in response to the versioning ([0035] user interfaces, allowing for users to input rules [0036] rules are specified in the user interface, rules are summarized into a tree data structure; fig. 1 object storage 105 [0039] possible user interface, placement rules).
Chud teaches remaining claim elements of updated in response to the versioning (col 14 lines 29-35 versioning information, access policy guidelines, advancing version identifier).
As per claim 14, Silk teaches further comprising obtaining a product block for the change ( [0028] user, augment, diminish or modify the set of rules [0035] users, input rules [0036] rules are specified in the user interface), wherein the product block combines with other product blocks to form the product ([0028] user augment, modify the set of rules [0037] rules, changed through configuration interface [0068] rule added or modified [0068] identify object that require updating, rule is added or modified [0075] modify rules, affect objects within administrative domains; fig. 1 set of rules 102 rule 103 object storage 105]).
As per claim 15,Chud teaches wherein the determining of whether the change is incompatible with the plurality of rules (col 7 lines 55-67 policies, out-of-date, non-compliant with new access policy guidelines) includes, uploading the product block to a catalog data architecture for checking against attributes of existing product blocks (col 7 lines 55-67 policies, out-of-date, non-compliant with new access policy guidelines; col 7 lines 5-15 endpoint, access policy, stored within the configuration data store 124; col 17 lines 15-20 client, submit the shadow policy, authorization service, uploading of a text file, interface; col 3 lines 30-40 non-compliant, access policy, element disallowed under, deprecated by, or a discouraged under access policy).
As per claim 16, Chud teaches in response to the determining of whether the change is incompatible with the plurality of rules (col 7 lines 55-67 policies, out-of-date, non-compliant with new access policy guidelines), determining corresponding changes that should be implemented along with the change received from the user (col 8 lines 1-12 authorization service, notify service user, non-compliant access policy, such that service user may update the access policy to ensure compliance, modifying a policy to ensure compliance with updated access policy guidelines)
As per claim 17, Silk teaches wherein the product includes a set of rules to abide by ([0005] users, configure rules, governing the placement of objects on the grid [0002] computer storage system, connected, network, grid of computers).
Chud teaches remaining claimed by rules as initially specified by a configuration application in the datacenter (col 1 15-25 data centers col 2 lines 43-50 authorization service, manages access control policies of service instances).
As per claim 18, Chud teaches wherein the set of rules is configured to be updated by the user (col 3 lines 20-25 user, modifying, access policy, updated access policy).
Claim 19 recites a system comprising: at least one memory; and at least one processor; wherein the system is configured to implement elements of claim combination of 1, 6, 7 and 12. Therefore, it is rejected for the same rationale.
Claim 20 recites non-transitory computer readable storage medium that stores a computer program for when executed by a processor, causing a system to perform a plurality of processes comprising elements similar to claim 1, 6, and 7 in combination. Therefore, it is rejected for the same rationale.
Claims 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Silk in view of Chud, as applied to above claims, and further in view of Zheng et al. (US 9,037,870 B1).
As per claim 8, Silk teaches access the dynamic database, and wherein the dynamic database is accessed ([0078] databases; fig. 1 set of rules 102).
Silk and Chud, in combination, do not specifically teach wherein one or more encryption keys are utilized to access the database, database is accessed at representational state transfer (REST).
Zheng doesn’t specifically teach wherein one or more encryption keys are utilized to access the database (col 1 lines 45-55 access to a file system containing file system data is obtained, data blocks), database is accessed at representational state transfer (REST) (col 15 lines 5-15 retrieve encryption keys from the REST service).
It would have been obvious to one of ordinary skills in the art before the effective filing date of the invention was made to combine the teachings of Silk and Chud with the teachings of Zheng of accessing the data using encryption keys from the REST service to improve security and allow wherein one or more encryption keys are utilized to access the database using representational state transfer (REST) to the method of Silk and Chud as in the instant invention. The combination would have been obvious because applying the known method of accesses data using encryption keys from the REST as taught by Zheng to yield expected result and improved security and efficiency.
Examiners Note
Applicant is further reminded of that the cited paragraphs and in the references as applied to the claims above for the convenience of the applicant(s) and although the specified citations are representative of the teachings of the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested from the applicant in preparing responses, to fully consider all of the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABU ZAR GHAFFARI whose telephone number is (571)270-3799. The examiner can normally be reached on Monday-Thursday 9:00 - 17:00 Hrs.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Aimee Lee can be reached on 571-272-4169. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ABU ZAR GHAFFARI/Primary Examiner, Art Unit 2195