METHOD AND SYSTEM FOR ENFORCING SECONDARY USAGE CONTROL ON DATA ANALYTICS SERVICE

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s argument regarding the USC 101 rejection has been found persuasive. Applicant’s arguments with respect to the USC 103 rejection of the claim(s) have been considered but not persuasive. Examiner has included new prior art in an attempt to expedite prosecution, however as argued below, Examiner asserts the primary reference reasonably covers all of the current claim limitations. Applicant argues that the prior art does not incorporate the details of the specification. Examiner asserts the particular details regarding figure 6 of the instant specification cannot be mapped onto claim 1 and read into the claim limitations. Applicant argues that Borkar is insufficient because it is “silent with respect to output data which might be produced as a result of processing the original content and does not disclose any way of providing for usage control of secondary data. Examiner disagrees. Examiner points to Borkar which teaches that the DRM may allow for certain parties [0172] to edit, save, share the document, but refuse other parties this opportunity. Examiner asserts that editing and saving an original document would constitute “secondary” output based on original content. Borkar as an invention, teaches generation of documents which are automatically classified, and thus [0150] the system of Borkar with the generation of new output would additionally be classified according to the context of the document. Applicant argues that Borkar is not capable of applying any data usage controls for secondary data since there is no way for Borkar to keep track of data processing chains. As stated above Examiner disagrees. Borkar for example could have a document which has been marked as internal only. If the document is shared internally, and edited, the DRM system of Borkar will still apply a DRM preventing sharing of the document external of the enterprise. All documents are tracked, whether Borkar explicitly states “secondary” or not. In an alternate example in the system of Borkar if a document was not sensitive, but edited to include private data such as credit card information, the DRM system would apply new requirements on said secondary output [0149]. Applicant argues as per claim 7, that Borkar cannot track data and thus cannot generate a policy for output data including refusal access by third parties. Examiner again points at the DRM system of Borkar which tracks all documents including generating policies for documents based on their context, and prevention of “third party” access such as sharing documents externally. In the interest of advancing prosecution Examiner includes Kim US 2017/0357786. Examiner also points to Lee US 2010/0235925 which teaches secondary DRM usage. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Borkar US2020/0143016 in view of Kim US 2017/0357786. As per Claim 1 (Currently Amended): Borkar teaches A computer-implemented method of enforcing secondary data usage control, the method comprising: providing, via a policy manager, secondary data usage policies of a data owner of original data; [0149][0150][0151][0172][0174][0179][0205]-[0210] (original author/owner includes DRM policies attached to the data for usage control) Borkar teaches providing, via a service orchestrator, a description of a service intended to be applied by a data consumer to input data contained in the original data, the service including one or more data processing functions; matching, by a secondary usage control policy enforcement point; [0217][(teaches DRM agent is detecting/reporting data processing functions desired for the original input data) Borkar teaches (SUC PEP) component, the secondary data usage policies provided via the policy manager with the input data or specific classes of the input data and/or with data processing functions of the service provided via the service orchestrator; [0217]-[0220] (retrieving policy to determine access privileges associated with content/classes/permissions) Borkar teaches and applying, by the SUC PEP component, the matched secondary usage policies on the secondary data. [0221] (teaches applying policies per data) Borkar teaches applying policies to all data including secondary data that is produced as output data by the service processing the input data [0149][0150] (teaches editing primary content that is marked with DRM and that the system applies policies to all created documents, so newly created media would be marked with appropriate secondary drm) Kim teaches secondary usage control policy and applying the matched secondary usage policies on the secondary data that is produced as output data by the service processing the input data. [0023] [0024][0057][0066] [0070] [0073]-[0075] (teaches primary content being registered with a DRM server and a secondary usage contacting the DRM server which looks up a plurality of authority items including editing, resaving and using the content, and whether commercial use is allowed) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Kim with the prior art because it protects the content from illegal use. [0002] As per Claim 2 (Currently Amended): Borkar teaches The method according to claim 1, wherein the description of the service is provided as a composition of analytic tasks. [0172][0210] (read, write, execute) As per Claim 3 (Currently Amended): Borkar teaches The method according to claim 2, wherein each of the analytics tasks of the composition of analytic tasks is defined by the input data or specific classes of the input data, a data processing function, and output data. [0172][0210] (read, write, execute) As per Claim 4 (Currently Amended): Borkar teaches The method according to claim 1, wherein secondary data usage policies define the owner of the original data, the data targeted by the policy, the data consumer to whom the policy applies, at least one function targeted by the policy and at least one constraint specifying limitations on the usage of the targeted data. [0150][0151][0172][0174][0179][0205]-[0210] (DRM restrictions per content per users or groups, classes of data, read, write, execute, sharing, etc ) As per Claim 5 (Currently Amended): Borkar teaches The method according to claim 1, wherein applying the matched secondary usage policies on the secondary data comprises deciding on and then executing atomic actions that enforce the creation of new access or data usage control policies targeting output data. [0206][0213][0214][0215][0218][0220] (teaches automatically creating new DRM tags per content, generate/update policies ) As per Claim 6 (Currently Amended): Borkar teaches The method according to claim l, wherein applying the matched secondary usage policies on the secondary data comprises deciding on and then executing atomic actions that enforce instructions for a component that executes the service applied to the original data and/or for a component that handles the secondary data. [0217]-[0221] (executing enforcement on policies) As per Claim 7 (Currently Amended): Borkar teaches The method according to claim l, wherein an atomic action comprises: generating a policy for each set of output data specifying that the respective set cannot be accessed by any third parties except the original data owner and the data consumer; and storing the generated policy into the policy manager. [0149][0150] (prevention of data loss and external sharing) As per Claim 8 (Currently Amended): Borkar teaches The method according to claim 1, wherein an atomic action comprises: generating a command routine for at least one processing node that execute the data processing functions of the service to alter the execution of the service; and sending the command routine to an execution environment of the service. [0221] (deny access, enforce actions based on user actions and DRM restrictions) As per Claim 9 (Currently Amended): Borkar teaches The method according to claim 1, wherein an atomic action comprises: modifying the service by prepending a processing function to the original data or appending a processing function to processed data. [0206][0213][0214][0215][0218][0220] (teaches automatically creating new DRM tags per content, generate/update policies ) As per Claim 10 (Currently Amended): Borkar teaches A system for enforcing secondary data usage control, the system comprising: a policy manager configured to provide secondary data usage policies of a data owner of original data; a service orchestrator configured to provide a description of a service intended to be applied by a data consumer to input data contained in the original data, the service including one or more data processing functions; and a secondary usage control policy enforcement point (SUC PEP) component configured to: match the secondary data usage policies provided via the policy manager with the input data or specific classes of the input data and/or with data processing functions of the service provided via the service orchestrator, and apply the matched secondary usage policies on the secondary data. [0150][0151][0172][0174][0179][0205]-[0210] (original author/owner includes DRM policies attached to the data for usage control) [0217][(teaches DRM agent is detecting/reporting data processing functions desired for the original input data) [0217]-[0220] (retrieving policy to determine access privileges associated with content/classes/permissions) [0221] (teaches applying policies per data) Borkar teaches applying policies to all data including secondary data that is produced as output data by the service processing the input data [0149][0150] (teaches editing primary content that is marked with DRM and that the system applies policies to all created documents, so newly created media would be marked with appropriate secondary drm) Kim teaches secondary usage control policy and applying the matched secondary usage policies on the secondary data that is produced as output data by the service processing the input data. [0023] [0024][0057][0066] [0070] [0073]-[0075] (teaches primary content being registered with a DRM server and a secondary usage contacting the DRM server which looks up a plurality of authority items including editing, resaving and using the content, and whether commercial use is allowed) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Kim with the prior art because it protects the content from illegal use. [0002] As per Claim 11 (Currently Amended): Borkar teaches The system according to claim 10, further comprising a data management system including a data broker protected by an access control system configured to receive the original data from the data owner and to provide the secondary data to the data consumer. [0006][0010][0011][0049][0050][0210] (teaches DRM and file sharing resources within an enterprise or cloud including authentication) As per Claim 12 (Currently Amended): Borkar teaches The system according to claim 11, wherein the SUC PEP component is configured to use the secondary data usage control policies from the policy manager to makes decisions, wherein the decisions relate to at least one of generating new policies, altering the functioning of the data management system, altering the service description by imposing data pre- or post-processing functions, and altering the processing of the processing nodes that execute the processing functions of the service. [0206][0213][0214][0215][0218][0220] (teaches automatically creating new DRM tags per content, generate/update policies ) As per Claim 13 (Currently Amended): Borkar The system according to claim 11, wherein the data management system, the policy manager, the service orchestrator and the SUC PEP component are part of a centralized execution environment authority. [0050] (centralized enterprise system) As per Claim 14 (Currently Amended): Borkar The system according to claim 11 wherein the data management system, the service orchestrator and the SUC PEP component are constructed to build up a federation of execution environment authorities. [0217]-[0221] (distributed DRM agents that access policies on the network) As per Claim 15 (Currently Amended): Borkar teaches The system according to claim 14, wherein the federation of execution environment authorities share a policy manager [0217]-[0221] (distributed DRM agents that access policies on the network) As per claim 16, Borkar teaches applying by the SUC PEP component the secondary data usage policies on a second service processing the secondary data as input data. [0221] (teaches applying policies per data) Borkar teaches applying policies to all data including secondary data that is produced as output data by the service processing the input data [0149][0150] (teaches editing primary content that is marked with DRM and that the system applies policies to all created documents, so newly created media would be marked with appropriate secondary drm) As per claim 17, Borkar teaches applying by the SUC PEP component the secondary data usage policies to further output data that is producted by the second service processing the secondary data as input data. [0221] (teaches applying policies per data) Borkar teaches applying policies to all data including secondary data that is produced as output data by the service processing the input data [0149][0150] (teaches editing primary content that is marked with DRM and that the system applies policies to all created documents, so newly created media would be marked with appropriate secondary drm) As per claim 18 Borkar teaches generating a policy for the further output data as an atomic action. [0221] (teaches applying policies per data) Borkar teaches applying policies to all data including secondary data that is produced as output data by the service processing the input data [0149][0150] (teaches editing primary content that is marked with DRM and that the system applies policies to all created documents, so newly created media would be marked with appropriate secondary drm) Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833. The examiner can normally be reached M-F 8-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CHRISTOPHER J BROWN/Primary Examiner, Art Unit 2439