SYSTEM AND METHOD FOR IMPLEMENTING A CLOUD AGNOSTIC DATA MESH MODULE

DETAILED ACTION This application has been examined. Claims 1-20 are pending. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Making Final Applicant's arguments filed 2/23/2026 have been fully considered but they are moot in view of the new grounds for rejection. The claim amendments regarding -- ‘wherein the single central hub account does not store copies of the published data and governs access to data that remains physically stored in the respective data lake locations of the plurality of data producer accounts, and wherein all cross-account access is mediated and governed exclusively by the single central hub account, preventing direct sharing of data resources between data producer accounts and data consumer accounts’ -- clearly change the literal scope of the independent and dependent claims and/or the range of equivalents for such claims. The said amendments alter the scope of the claims but do not overcome the disclosure by the prior art as shown below. The Examiner is presenting new grounds for rejection as necessitated by the claim amendments and is thus making this action FINAL. Response to Arguments Applicant's arguments filed 2/23/2026 have been fully considered but they are moot in view of the new grounds for rejection. While Satish-Ford substantially disclosed the claimed invention Satish-Ford does not disclose (re. Claim 1) wherein the single central hub account does not store copies of the published data and governs access to data that remains physically stored in the respective data lake locations of the plurality of data producer accounts, and wherein all cross-account access is mediated and governed exclusively by the single central hub account, preventing direct sharing of data resources between data producer accounts and data consumer accounts Chacko figure 2,Figure 5,Paragraph 60,Paragraph 65 disclosed a centralized system controller (also referred as control plane) wherein data from any sources within the enterprise, at any data silos, can now be available universally. Chacko Paragraph 100 disclosed wherein all metadata from all data sources will be consolidated at central controller, which is replicated to secondary, and then synced back to UFS modules, such as in 156 running at the site11006. Chacko disclosed (re. Claim 1) wherein the single central hub account does not store copies of the published data and governs access to data that remains physically stored in the respective data lake locations of the plurality of data producer accounts. (Chacko-figure 2,Figure 5,Paragraph 60,Paragraph 65,a centralized system controller (also referred as control plane) wherein data from any sources within the enterprise, at any data silos, can now be available universally.) Satish and Chacko are analogous art because they present concepts and practices regarding universal auditing of content access across all content of an enterprise. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Chacko into Satish. The motivation for the said combination would have been to enable allowing any data services, offered to any data object, with total decoupling experience of data object with data source.(Chacko-Paragraph 96) While Satish-Ford-Chacko substantially disclosed the claimed invention Satish-Ford-Chacko does not disclose (re. Claim 1) wherein all cross-account access is mediated and governed exclusively by the single central hub account, preventing direct sharing of data resources between data producer accounts and data consumer accounts Saxena Paragraph 71 disclosed wherein the access control system may determine that a set of users U1 have been granted access to a specific workload (W) and to a set of data objects O1 tagged as “sensitive.” Saxena disclosed (re. Claim 1) wherein all cross-account access is mediated and governed exclusively by the single central hub account, preventing direct sharing of data resources between data producer accounts and data consumer accounts . (Saxena-Paragraph 71, a rule may specify that if the data attribute=“Sensitive” and the users has role attribute=“Developer”, then access is to be denied to the user) Satish and Saxena are analogous art because they present concepts and practices regarding universal auditing of content access across all content of an enterprise. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Saxena into Satish. The motivation for the said combination would have been to enable continuous and automated verification of access control changes.(Saxena-Paragraph 62) Priority This application claims benefits of priority from Provisional Application 63/410792 filed September 28,2022. The effective date of the claims described in this application is September 28,2022. Information Disclosure Statement The Applicant is respectfully reminded that each individual associated with the filing and prosecution of a patent application has a duty of candor and good faith in dealing with the Office, which includes a duty to disclose to the Office all information known to that individual to be material to patentability as defined in 37 CFR 1.56. There were no information disclosure statements filed with this application. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Satish (US Patent 12045201) further in view of Ford (USPGPUB 20170041296) further in view of Chacko (USPGPUB 20200201827) further in view of Saxena (USPGPUB 2019/0327271) Regarding Claim 1 Satish Column 190 Lines 5-10 disclosed a data intake and query system 108 or IT and security operations application 1602 may ingest, index, and store data received from each tenant network in association with a corresponding tenant identifier such that each tenant's data is segregated from other tenant data. Satish disclosed (re. Claim 1) implementing a cloud agnostic data mesh module (CADMM) (Satish-Column 19 Lines 40-45, data intake and query system 108 can receive data from different sources 202, Column 17 Lines 25-35, wherein data sources 202 include, without limitation, data files, directories of files, data sent over a network, event logs, registries, streaming data services , cloud-based services (e.g., AWS, Microsoft Azure, Google Cloud)) that provides scalable implementation and centralized seamless data access to application and to data consumers or data analyst, (Satish-Column 15 Lines 55-60, data intake and query system 108 can use different host computing systems or different isolated execution environments to process the data from the different tenants as part of the intake system 210, indexing system 212, and/or query system 214, ) wherein the CADMM includes various components including a building module,(Satish-Column 27 Lines 60-65, a forwarder 302 receives the raw data and may segment the data stream into “blocks”, possibly of a uniform data size, to facilitate subsequent processing steps) a calling module, a describing module, a publishing module,(Satish-Column 29 Lines 10-15, a set of push-based publishers 320 or a set of pull-based publishers 330. ) an incorporating module, a receiving module, and a controlling module, wherein each module being called via corresponding application programming interface (API) (Satish-Column 23 Lines 35-45, one or more components of the data intake and query system 108 can include their own API. The gateway 215 can communicate with the API of a component of the data intake and query system 108. Accordingly, the gateway 215 can translate requests received from an external device into a command understood by the API of the specific component of the data intake and query system 108. In this way, the gateway 215 can provide an interface between external devices and the API of the devices of the data intake and query system 108.) and wherein the CADMM is cloud agnostic that orchestrates and passes data through the various components to output a desired result regardless of cloud environment building, by calling the building module (Satish-Column 188 Lines 35, an orchestration, automation, and response (OAR) service 1616) implemented on a middleware platform) Satish disclosed (re. Claim 1) a method for providing centralized seamless data access by utilizing one or more processors along with allocated memory, the method comprising: architecture includes a plurality of data producer accounts, a single central hub account,(Satish-Column 15 Lines 55-60, data intake and query system 108 can use different host computing systems or different isolated execution environments to process the data from the different tenants as part of the intake system 210, indexing system 212, and/or query system 214, Column 190 Lines 5-10, a data intake and query system 108 or IT and security operations application 1602 may ingest, index, and store data received from each tenant network in association with a corresponding tenant identifier such that each tenant's data is segregated from other tenant data) and a plurality of data consumer accounts; (Satish-Column 189 Lines 10, creating and configuring user accounts) calling, by the plurality of data producer accounts, corresponding application programming interface to access different types of data from a plurality of data sources; (Satish-Figure 24, automatically configuring connectors…Column 210 Lines 1-5, executing a query against the data to identify the data value indicating the type of computing asset to which the data item relates, Column 210 Lines 30-35, the type of computing asset is a first type of computing asset and wherein the data is a first type of data) describing, in response to calling the application programming interface, what each type of data is with a corresponding tag, wherein each tag is a metadata associated with each type of data describing what that data is; (Satish-Column 210, identifying an attribute value associated with a computing asset of the type of computing asset present within the IT environment; and using the attribute value to configure an asset in the IT and security operations application based on the connector.) publishing, by the plurality of data producer accounts, the different types of data received from the plurality of data sources onto the single central hub account along with the corresponding metadata; (Satish-Column 208, Once a connector is configured, asset data objects corresponding to the connector can be created within the application for use (for example, the types of installed connectors may determine the types of asset data objects that can be created in the application) ) incorporating the metadata into an application within the single central hub account; (Satish-Column 208, Once a connector is configured, asset data objects corresponding to the connector can be created within the application for use (for example, the types of installed connectors may determine the types of asset data objects that can be created in the application) ) receiving a request, from the plurality of data consumer accounts, to access the published different types of data from the single central hub account; (Satish-Column 126 Lines 45-50, a search service or query system manager 502 receives and processes a user query. The user query can correspond to a query received from a client device 204 and can include one or more query parameters.) and controlling, by the single central hub account, in response to receiving the request, who from the plurality of data consumer accounts can access the published different types of data from the single central hub account based on the metadata.(Satish-Column 128 Lines 10-15, With each new dataset identified from the dataset association records, the query system manager 502 can authenticate the dataset. As part of authenticating the datasets, the query system manager 502 can determine whether the dataset referred to is imported by the dataset association record and/or whether the user has the proper credentials, authorizations, and/or permissions to access the dataset.) Satish disclosed (re. Claim 1) registering data lake locations associated with the plurality of data producer accounts, wherein each data lake location corresponds to a storage path; (Satish-Column 42 Lines 20-25, The acknowledgement that the data has been stored in common storage 216 can also include location information about the data within the common storage 216. For example, the acknowledgement can provide a link, map, or path to the copied data in the common storage 216.) owning and maintaining a central data catalog that indexes the registered data lake locations, wherein the data catalog is shared by the single central hub account with the plurality of data consumer accounts; (Satish-Column 21, Lines 35-45, data store catalog 220 can store information about the data stored in common storage 216, such as, but not limited to an identifier for a set of data or buckets, a location of the set of data, tenants or indexes associated with the set of data, timing information about the data, etc. For example, in embodiments where the data in common storage 216 is stored as buckets, the data store catalog 220 can include a bucket identifier for the buckets in common storage 216, a location of or path to the bucket in common storage 216) and enforcing attribute-based access control using tag-based policies, wherein metadata tags are associated with catalog resources at database, table, or column levels, and wherein access is granted or denied based on evaluation of the metadata tags,(Satish-Column 22 Lines 40-45, query system 214 can use the metadata catalog 221 to, among other things, interpret dataset identifiers in a query, verify/authenticate a user's permissions and/or authorizations for different datasets) wherein the central hub account prevents direct sharing of data resources between data producer accounts and data consumer accounts such that all cross-account access is mediated and governed exclusively by the central hub account. (Satish-Column 21 Lines 10-15, the query system 214 can read the buckets of data stored in common storage 216 by the indexing system 212, but may not be able to copy buckets or other data to the common storage 216, Column 190 Lines 25-35, a tenant corresponding to a business organization having large, separate departments or divisions may desire to logically isolate the data associated with each division. In such instances, a tenant can configure separate “departments” in the IT and security operations application 1602, where each department is associated with a respective tenant network or other defined collection of data sources ) While Satish substantially disclosed the claimed invention Satish does not disclose (re. Claim 1) building a data mesh architecture in a cloud environment. Ford Paragraph 106 disclosed data centers in a meshed configuration in a secure cloud, where each of the node entities in a mesh configuration. Ford disclosed (re. Claim 1) building a data mesh architecture in a cloud environment.( Ford-Paragraph 106, data centers in a meshed configuration in a secure cloud, where each of the node entities in a mesh configuration.) Satish and Ford are analogous art because they present concepts and practices regarding universal auditing of content access across all content of an enterprise. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Ford into Satish. The motivation for the said combination would have been to enable the content on each content node to remain secure and localized, and is not shared among various content nodes, or shared with an intermediate business entity operating the orchestration services 165 or providing other services to the user.(Ford-Paragraph 89) While Satish-Ford substantially disclosed the claimed invention Satish-Ford does not disclose (re. Claim 1) wherein the single central hub account does not store copies of the published data and governs access to data that remains physically stored in the respective data lake locations of the plurality of data producer accounts, and wherein all cross-account access is mediated and governed exclusively by the single central hub account, preventing direct sharing of data resources between data producer accounts and data consumer accounts Chacko figure 2,Figure 5,Paragraph 60,Paragraph 65 disclosed a centralized system controller (also referred as control plane) wherein data from any sources within the enterprise, at any data silos, can now be available universally. Chacko Paragraph 100 disclosed wherein all metadata from all data sources will be consolidated at central controller, which is replicated to secondary, and then synced back to UFS modules, such as in 156 running at the site11006. Chacko disclosed (re. Claim 1) wherein the single central hub account does not store copies of the published data and governs access to data that remains physically stored in the respective data lake locations of the plurality of data producer accounts. (Chacko-figure 2,Figure 5,Paragraph 60,Paragraph 65,a centralized system controller (also referred as control plane) wherein data from any sources within the enterprise, at any data silos, can now be available universally.) Satish and Chacko are analogous art because they present concepts and practices regarding universal auditing of content access across all content of an enterprise. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Chacko into Satish. The motivation for the said combination would have been to enable allowing any data services, offered to any data object, with total decoupling experience of data object with data source.(Chacko-Paragraph 96) While Satish-Ford-Chacko substantially disclosed the claimed invention Satish-Ford-Chacko does not disclose (re. Claim 1) wherein all cross-account access is mediated and governed exclusively by the single central hub account, preventing direct sharing of data resources between data producer accounts and data consumer accounts Saxena Paragraph 71 disclosed wherein the access control system may determine that a set of users U1 have been granted access to a specific workload (W) and to a set of data objects O1 tagged as “sensitive.” Saxena disclosed (re. Claim 1) wherein all cross-account access is mediated and governed exclusively by the single central hub account, preventing direct sharing of data resources between data producer accounts and data consumer accounts . (Saxena-Paragraph 71, a rule may specify that if the data attribute=“Sensitive” and the users has role attribute=“Developer”, then access is to be denied to the user) Satish and Saxena are analogous art because they present concepts and practices regarding universal auditing of content access across all content of an enterprise. Before the time of the effective filing date of the claimed invention it would have been obvious to combine Saxena into Satish. The motivation for the said combination would have been to enable continuous and automated verification of access control changes.(Saxena-Paragraph 62) Regarding Claim 8 Claim 8 (re. system) recites substantially similar limitations as Claim 1. Claim 8 is rejected on the same basis as Claim 1. Regarding Claim 15 Claim 15 (re. non-transitory computer readable medium) recites substantially similar limitations as Claim 1. Claim 15 is rejected on the same basis as Claim 1. Regarding Claim 2,9,16 Satish-Ford-Chacko-Saxena disclosed (re. Claim 2,9,16) wherein each data producer account of the plurality of data producer accounts is configured to manage procurement, transformation, and presentation of data (Satish-Column 161 Lines 20-25, query system 214 allows the vendor's administrator to search the log data from the three systems, thereby obtaining correlated information, such as the order number and corresponding customer ID number of the person placing the order. The system also allows the administrator to see a visualization of related events via a user interface ,Column 171 Lines 10-15, the graphical user interface of the report editor may enable a user to define reporting criteria for the report using the fields associated with the selected data model object, and the events used to generate the report may be constrained to the events that match, or otherwise satisfy, the search constraints of the selected data model object.) and delegate responsibility for controlling access to their data to the single central hub account.(Satish-Column 164 Lines 60-65, query system 214 allows the vendor's administrator to search the log data from the three systems, thereby obtaining correlated information, such as the order number and corresponding customer ID number of the person placing the order. The system also allows the administrator to see a visualization of related events via a user interface.) Regarding Claim 3,10,17 Satish-Ford-Chacko-Saxena disclosed (re. Claim 3,10,17) wherein the single central hub account is configured to connect the plurality of data producer accounts and the plurality of data consumer accounts in a manner such that the data consumer accounts can only access data of the data producer accounts via the single central hub account. (Satish-Figure 24, automatically configuring connectors…Column 210 Lines 1-5, executing a query against the data to identify the data value indicating the type of computing asset to which the data item relates, Column 210 Lines 30-35, the type of computing asset is a first type of computing asset and wherein the data is a first type of data) Regarding Claim 4,11,18 Satish-Ford-Chacko-Saxena disclosed (re. Claim 4,11,18) wherein each data consumer account among the plurality of data consumer accounts is configured to enable analytic environments in which end users can access data exposed by the data producer accounts through the single central hub account.(Satish-Fig. 24,Column 203 Lines 20-25 , obtaining and analyzing data reflecting activity within an IT environment (e.g., timestamped event data or other types of data generated based on the activity of computing devices in the IT environment)) Regarding Claim 5,12,19 Satish-Ford-Chacko-Saxena disclosed (re. Claim 5,12,19) implementing the data mesh architecture in a manner such that data is not duplicated outside of the data producer accounts.(Satish-Column 21 Lines 10-15, the query system 214 can read the buckets of data stored in common storage 216 by the indexing system 212, but may not be able to copy buckets or other data to the common storage 216.) Regarding Claim 6,13,20 Satish-Ford-Chacko-Saxena disclosed (re. Claim 6,13,20) wherein in the data mesh architecture, each type of data is treated and enabled as data product and the plurality of data sources are product owners of corresponding data product in the data mesh architecture.(Satish-Column 206 Lines 40-45, the data stored in multi-tenant database(s) 1636 includes an identifier of the IT environment from which the data originated and thus can be identified based on the associated identifier.) Regarding Claim 7,14,20 Satish-Ford-Chacko-Saxena disclosed (re. Claim 7,14,20) wherein the different types of data include data received from system of records that owns system of record data products, data received from utility data sources that won utility data products; data received from product data sets; and data received from third party data sets.(Satish-Column 29 Lines 55-60, enable the data intake and query system 108 to ingest data associated with third party data sources 202.) Conclusion Examiner’s Note: In the case of amending the claimed invention, Applicant is respectfully requested to indicate the portion(s) of the specification which dictate(s) the structure relied on for proper interpretation and also to verify and ascertain the metes and bounds of the claimed invention. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to GREG C BENGZON whose telephone number is (571)272-3944. The examiner can normally be reached on Monday - Friday 8 AM - 4:30 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John Follansbee can be reached on (571) 272-3964. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /GREG C BENGZON/ Primary Examiner, Art Unit 2444