DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 5, 10-11 and 19 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
The term “statistically significant” in claim 5, “significant to testing” in Claims 10-11, and “testing-significant” in Claim 19 are all relative terms which render the claims indefinite. The term “statistically significant”, “significant to testing” and “testing-significant” are not defined by the claims, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention. These relative terms all modify a “parameter” element of the claims, and as such renders the “parameter” elements indefinite.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to modifying data and generating test cases without significantly more.
The limitation in Independent Claims 1, 7 and 16 of obfuscating data and generating test cases based on the obfuscated data, as drafted, are processes that, under their broadest reasonable interpretation, covers steps that could reasonably be performed in the mind, including with the aid of pen and paper, but for the recitation of generic computer components. That is, the limitations of “obfuscating… data in the requests to generate obfuscated request data” and “generating… test cases based on the obfuscated request data,” in Claims 1, 7 and 16, as drafted, are processes that, under their broadest reasonable interpretation, recite the abstract idea of mental processes. These limitations encompass a human mind carrying out these functions through observation, evaluation judgment and/or opinion, or even with the aid of pen and paper. Thus, these limitations recite and fall within the “Mental Processes” grouping of abstract ideas.
This judicial exception is not integrated into a practical application. Claims 1, 7 and 16 recite the following additional elements “receiving, by test-case generation software, requests for processing by a request processing software”, this limitation does nothing more than add insignificant extra solution activity to the judicial exception, such as data gathering and outputting the results of the abstract idea, see MPEP 2106.05(g). With regard to the additional limitations which recite, the steps are executed “by test-case generation software,” in Claims 1, 7 and 16, these limitations do nothing more than generally link the judicial exception to a particular technological environment, see MPEP 2106.05(h).
Further, with regard to the “configuring… a testing tool based on the test cases” elements of Claims 1, 7 and 16; the “one or more memories” and “one or more processors, the one or more processors configured to execute instructions stored in the one or more memories” elements of Claim 7; and the “Non-transitory computer readable media storing instructions operable to cause one or more processors to perform operations” of Claim 16, these elements are recited at a high-level of generality such that it amounts no more than mere instructions to apply the exception using a generic computer component, see MPEP 2106.05(f). Accordingly, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea.
With regard to the individual dependent claims:
Claim 2 recites, “generating the test cases based on a distribution of endpoints identified in the requests.”
Claim 3 recites, “generating the test cases based on a distribution of values of a parameter in the requests.”
Claim 4 recites, “identifying a combination of parameter values that co-occurs together.”
Claim 5 recites, “evaluating whether a parameter value of a parameter in the requests is statistically significant; and using one of the parameter value or a random value to generate test cases that include the parameter based on whether the parameter is statistically significant.”
Claim 8 recites, “replace at least some parameter values in the requests with respective hashed values.”
Claim 9 recites, “replace at least some parameter values in the requests with respective replacement data obtained from a catalogue of replacement values.”
Claim 10 recites, “obfuscate a parameter value of a parameter responsive to a determination that the parameter is not significant to testing.”
Claim 11 recites, “determine not to obfuscate a parameter value of a parameter responsive to a determination that the parameter is significant to testing.”
Claim 12 recites, “identify a parameter in a request of the requests; determine whether an obfuscation catalog includes the parameter; and in response to determining that that the obfuscation catalog includes the parameter, replace a value of the parameter with a random value in the obfuscated request data.”
Claim 17 recites, “generating the test cases based on a statistical analysis of the obfuscated request data.”
Claim 18 recites, “determining whether to obfuscate a parameter value of a parameter based on a lookup of the parameter in a catalogue of to-be-obfuscated parameters.”
Claim 19 recites, “determining whether to obfuscate a parameter value of a parameter based on a lookup of the parameter in a catalogue of testing-significant parameters.”
Claim 20 recites, “obfuscating a parameter value of a parameter based on a lookup of the parameter in a catalogue of replacement values.”
These limitations of Claims 2-5, 8-12 and 17-20, as drafted, are processes that, under their broadest reasonable interpretation, recite the abstract idea of a mental process. These limitations encompass a human mind carrying out this function through observation, evaluation judgment and/or opinion, or even with the aid of pen and paper. Thus, these limitations recite and fall within the “Mental Processes” grouping of abstract ideas. Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea.
Claim 4 further recites, “configuring at least a subset of the test cases based on the combination of the parameter values.”
Claim 13 recites, “wherein the test cases are based on a distribution of endpoints identified in the requests.”
Claim 14 recites, “wherein the test cases are based on a distribution of values of a parameter in the requests.”
Claim 15 recites, “wherein the test cases are based on a co-occurring parameter values in the requests.”
These limitations of Claims 4 and 13-15 are recited at a high-level of generality such that they amount to no more than mere instructions to apply the exception using generic computer components, see MPEP 2106.05(f). Accordingly, these additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea.
Further, these limitations of Claims 4 and 13-15 amount to no more than mere instructions to apply the exception using well-understood, routine and conventional computer components and functions, recited at a high level of generality, i.e. receiving/transmitting data over a network and storing/retrieving information in memory. As such, these additional elements do not amount to an inventive concept and are not by themselves sufficient to transform the judicial exception into a patent eligible invention, see MPEP 2106.05(d).
Claim 6 recites, “displaying results of an execution of the test cases via a user interface of the testing tool.”
These limitations of Claim 6 do nothing more than add insignificant extra solution activity to the judicial exception, such as data gathering, transmitting and outputting the results of the abstract idea, see MPEP 2106.05(g). Accordingly, these additional elements do not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea.
Further, these limitations of Claim 6 amount to no more than mere instructions to apply the exception using well-understood, routine and conventional computer components and functions, recited at a high level of generality, i.e. receiving/transmitting data over a network and storing/retrieving information in memory. As such, these additional elements do not amount to an inventive concept and are not by themselves sufficient to transform the judicial exception into a patent eligible invention, see MPEP 2106.05(d).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3-4, 6-7 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Raju et al. (US PGPUB 2021/0124842; hereinafter “Raju”) in view of Warfield et al. (US PGPUB 2023/0251959; hereinafter “Warfield”) and in view of Maddela (US PGPUB 2013/0042222; hereinafter “Maddela”).
Claim 1:
Raju teaches a method, comprising:
receiving, by test-case generation software, requests for processing by a request processing software ([0016] “The method includes receiving a first user request for a copy job.”); and
obfuscating, by the test-case generation software, data in the requests to generate obfuscated request data ([0016] “The first user request includes first parameters defining one or more occurrence of the copy job (i.e., copying user-specified production data from at least one of the production applications). The method further includes… executing the copy job to capture the production data from the at least one of the production applications and copy the captured production data to a first secure staging location. In addition the method includes (i) identifying, from within the data elements of the production data, the non-public information, and (ii) sanitizing the user-specified production data by replacing the identified non-public information with fictitious information. Further, the method includes copying the sanitized data to a second secure staging location,” wherein “sanitizing” is “obfuscating”.).
With further regard to Claim 1, Raju does not teach the following, however, Warfield teaches:
generating, by the test-case generation software, test cases based on the obfuscated request data ([0019] “generating test cases based on synthetic test data generated by the synthetic data generation system 106,” wherein the “synthetic test data” is the “sanitized data”, i.e. “obfuscated request data”, as taught above in Raju.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju with the generating of test cases as taught by Warfield in order to “generate optimized combinations between various attribute values with positive and negative test data combinations to complete test cases and improve test-case coverage” (Warfield [0005]).
With further regard to Claim 1, Raju in view of Warfield does not teach the following, however, Maddela teaches:
configuring, by the test-case generation software, a testing tool based on the test cases ([0039] “FIG. 3 provides a flowchart detailing one example process 300 for developing a set of test cases in a test set using a test case automation tool.” [0041] “A test set and test cases may be created or modified to perform testing of software application methods 330 for use in an automated test scenario with the test case automation tools.” [0045] “Once the test cases and test set are properly configured, the test case execution may be performed 370.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield with the configuring of a testing tool as taught by Maddela in order to “reduce the cost and effort involved in automating and maintaining a variety of test cases” (Maddela [0017]).
Claim 3:
Raju in view of Warfield and Maddela teaches all the limitations of claim 1 as described above. Raju in view of Warfield does not teach the following, however, Maddela teaches wherein generating, by the test-case generation software, the test cases based on the obfuscated request data comprises:
generating the test cases based on a distribution of values of a parameter in the requests ([0041] “Creation of the test cases and the test set may be automatically provided by actions of the test case automation tool, or each test set and test case may be manually specified by a testing user.” [0055] “a testing user may specify input parameters for the software application method, including input parameter values… The testing user may also be provided with the ability to test the proposed test parameters in a test run, displayed in an execution result window 460.” [0056] “The execution of the method and the values for the parameters of the method may be tied to the execution of other methods in the test case, or results of other test cases. Further, variables may be created to extend across multiple test cases in a test case.” [0064] “The test case automation tool may include a GUI to accept login and address parameters for a web service, and use of the appropriate input will create a test set based on WSDL (web service definition language) definitions of the various web service methods”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield with the generating of test cases based on parameter values as taught by Maddela in order “to enable a testing user to create and modify automated tests for a variety of software application frameworks” (Maddela [0049]).
Claim 4:
Raju in view of Warfield and Maddela teaches all the limitations of claim 1 as described above. Raju in view of Warfield does not teach the following, however, Maddela teaches wherein generating, by the test-case generation software, the test cases based on the obfuscated request data comprises:
identifying a combination of parameter values that co-occurs together ([0042] “Parameter and variable values may be specified or modified for the various methods of each test case 340. The parameter values provided to test the software application methods may comprise a static string or a type variable. The test case automation tool may be configured to internally handle the type casting mechanism for the given parameters. The parameter values may also be specified as a static string concatenated with variable(s).”); and
configuring at least a subset of the test cases based on the combination of the parameter values ([0041] “A test set and test cases may be created or modified to perform testing of software application methods 330 for use in an automated test scenario with the test case automation tools. Creation of the test cases and the test set may be automatically provided by actions of the test case automation tool, or each test set and test case may be manually specified by a testing user.” [0043] “Each software application method to be tested may be added to an appropriate test case 350 with use of the test case automation tool.” [0045] “Once the test cases and test set are properly configured, the test case execution may be performed 370.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield with the configuring of test cases based on parameter values as taught by Maddela in order “to enable a testing user to create and modify automated tests for a variety of software application frameworks” (Maddela [0049]).
Claim 6:
Raju in view of Warfield and Maddela teaches all the limitations of claim 1 as described above. Raju in view of Warfield does not teach the following, however, Maddela teaches further comprising:
displaying results of an execution of the test cases via a user interface of the testing tool ([0004] “the instructions may also cause the computer to display the results of test case execution in one of various formats in the testing user interface.” [0046] “Upon completion of the test case execution, the test case execution status for individual methods, test cases, or the test set as a whole may be provided 380 to a testing user, automated process, or other location. This may include presenting a detailed or summarized log of test case execution activities; a listing of pass/fail test case results; graphical indications; or alerts provided to a testing user.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield with the displaying results of test cases as taught by Maddela as this “provides an easy way to automate test cases and perform test execution of various software application methods through a single window without writing code” (Maddela [0047]).
Claims 7 and 14-15:
With regard to Claims 7 and 14-15, these claims are equivalent in scope to Claims 1 and 3-4 rejected above, merely having a different independent claim type, and as such Claims 7 and 14-15 are rejected under the same grounds and for the same reasons as discussed above with regard to Claims 1 and 3-4.
With further regard to Claim 7, the claim recites additional elements not specifically addressed in the rejection of Claim 1. The Raju reference also anticipates these additional elements of Claim 7, for example, wherein the system comprises:
one or more memories; and one or more processors, the one or more processors configured to execute instructions stored in the one or more memories ([0009] “A system extracting and sanitizing production data for testing and development environments… The system further includes a computing platform… The computing platform includes a memory and at least one processor in communication with the memory. The memory stores instructions that are executable by the at least one processor.”).
Claim 16:
With regard to Claim 16, this claim is equivalent in scope to Claim 1 rejected above, merely having a different independent claim type, and as such Claim 16 is rejected under the same grounds and for the same reasons as discussed above with regard to Claim 1.
With further regard to Claim 16, the claim recites additional elements not specifically addressed in the rejection of Claim 1. The Raju reference also anticipates these additional elements of Claim 16, for example, Raju teaches:
Non-transitory computer readable media storing instructions operable to cause one or more processors to perform operations ([0009] “The computing platform includes a memory and at least one processor in communication with the memory. The memory stores instructions that are executable by the at least one processor.” [0021] “A computer program product including a non-transitory computer-readable medium defines third embodiments of the invention.”).
Claims 2 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Raju in view of Warfield and Maddela as applied to Claims 1 and 7 above, and further in view of Battiato et al. (US PGPUB 2023/0089336; hereinafter “Battiato”).
Claim 2:
Raju in view of Warfield and Maddela teaches all the limitations of claim 1 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Battiato teaches wherein generating, by the test-case generation software, the test cases based on the obfuscated request data comprises:
generating the test cases based on a distribution of endpoints identified in the requests ([0025] “test service 106 can analyze API specification 102 and parameters 104. Based on the analysis, test service 106 can generate (or prepare to generate) one or more executable load tests (e.g., tests), which are represented as test suites 108. The API can have one or more endpoints. Therefore, test service 106 can generate one or more tests for the one or more endpoints. Test service 106 can generate all possible tests for all possible endpoints or a smaller selection therefrom.” [0025] “Test generator 210 can be a BAT test generator for generating code for blackbox automated testing. Generating load tests can be based on: (a) the endpoints API; (b) transformations applied to the endpoints;”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield and Maddela with the generating of tests based on endpoints as taught by Battiato in order “to reduce a burden on the developer” (Battiato [0017]).
Claim 13:
With regard to Claim 13, this claim is equivalent in scope to Claim 2 rejected above, merely having a different independent claim type, and as such Claim 13 is rejected under the same grounds and for the same reasons as discussed above with regard to Claim 2.
Claims 5, 10-11 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Raju in view of Warfield and Maddela as applied to Claims 1, 7 and 16 above, and further in view of Gavish et al. (US PGPUB 2014/0172347; hereinafter “Gavish”).
Claim 5:
Raju in view of Warfield and Maddela teaches all the limitations of claim 1 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Gavish teaches wherein generating, by the test-case generation software, the test cases based on the obfuscated request data comprises:
evaluating whether a parameter value of a parameter in the requests is statistically significant ([0045] “There are cases where some of the parameters are considered more important to test in order to determine proper functionality of a DUT, whereas other parameters are not that important. In some cases it is desired to repeat certain parameters, whereas repeating other parameters is not that important (and therefore unnecessary).” [0058] “A methodological approach may be considered, in which the DUT may be analyzed and the groups of ‘interesting’ parameters which need to have all their permutations tested may be identified. For example, all data width values can be tested with all write modes, and all date width values can be tested with all read modes. However, it is not necessary to test all read modes with all write modes.” [0059] “sub-groups of the complete list of ‘interesting’ parameter groups mentioned hereinabove may be identified for various purposes, e.g., a sub-group that validates a certain feature”); and
using one of the parameter value or a random value to generate test cases that include the parameter based on whether the parameter is statistically significant ([0032] “methods and systems for test generation involving generating a random sub-space of a space of assignments for a set of generative variables are disclosed herein.” [0060] “Once these parameter relationships have been established, a technical solution that generates random/exhaustive sets of values may be employed.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield and Maddela with the determining of significant parameter values as taught by Gavish so that “the parameter sets are generated efficiently and provided to the testbench” (Gavish [0048]).
Claim 10:
Raju in view of Warfield and Maddela teaches all the limitations of claim 7 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Gavish teaches wherein to obfuscate, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises to:
obfuscate a parameter value of a parameter responsive to a determination that the parameter is not significant to testing ([0045] “There are cases where some of the parameters are considered more important to test in order to determine proper functionality of a DUT, whereas other parameters are not that important. In some cases it is desired to repeat certain parameters, whereas repeating other parameters is not that important (and therefore unnecessary).” [0058] “A methodological approach may be considered, in which the DUT may be analyzed and the groups of ‘interesting’ parameters which need to have all their permutations tested may be identified. [0032] “methods and systems for test generation involving generating a random sub-space of a space of assignments for a set of generative variables are disclosed herein.” [0056] “The method may also include applying 104 the user defined distribution traits on the space of assignments for a set of generative variables to generate the random sub-space of the space of assignments for a set of generative variables,” wherein the input parameter value is obfuscated since it is not used directly, but rather used to generate the “random sub-space of a space of assignments.” [0060] “Once these parameter relationships have been established, a technical solution that generates random/exhaustive sets of values may be employed.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield and Maddela with the determining of significant parameter values as taught by Gavish so that “the parameter sets are generated efficiently and provided to the testbench” (Gavish [0048]).
Claim 11:
Raju in view of Warfield and Maddela teaches all the limitations of claim 7 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Gavish teaches wherein to obfuscate, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises to:
determine not to obfuscate a parameter value of a parameter responsive to a determination that the parameter is significant to testing ([0045] “There are cases where some of the parameters are considered more important to test in order to determine proper functionality of a DUT, whereas other parameters are not that important. In some cases it is desired to repeat certain parameters, whereas repeating other parameters is not that important (and therefore unnecessary).” [0072] “a) Exhaustive rules: The generation engine may be configured to receive a user-specified set or user-specified sets of attributes (x.sub.1, . . . x.sub.k) indicated by the user as necessary for exhaustive testing,” wherein the parameters indicated as ‘important’ are exhaustively tested without being modified, i.e. obfuscated.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield and Maddela with the determining of significant parameter values as taught by Gavish so that “the parameter sets are generated efficiently and provided to the testbench” (Gavish [0048]).
Claim 17:
Raju in view of Warfield and Maddela teaches all the limitations of claim 16 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Gavish teaches wherein generating, by the test-case generation software, test cases based on the obfuscated request data comprises:
generating the test cases based on a statistical analysis of the obfuscated request data ([0045] “There are cases where some of the parameters are considered more important to test in order to determine proper functionality of a DUT, whereas other parameters are not that important. In some cases it is desired to repeat certain parameters, whereas repeating other parameters is not that important (and therefore unnecessary).” [0058] “A methodological approach may be considered, in which the DUT may be analyzed and the groups of ‘interesting’ parameters which need to have all their permutations tested may be identified. For example, all data width values can be tested with all write modes, and all date width values can be tested with all read modes. However, it is not necessary to test all read modes with all write modes.” [0059] “sub-groups of the complete list of ‘interesting’ parameter groups mentioned hereinabove may be identified for various purposes, e.g., a sub-group that validates a certain feature.” [0032] “methods and systems for test generation involving generating a random sub-space of a space of assignments for a set of generative variables are disclosed herein.” [0060] “Once these parameter relationships have been established, a technical solution that generates random/exhaustive sets of values may be employed.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the computer readable media as disclosed by Raju in view of Warfield and Maddela with the determining of significant parameter values as taught by Gavish so that “the parameter sets are generated efficiently and provided to the testbench” (Gavish [0048]).
Claims 8-9, 12 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Raju in view of Warfield and Maddela as applied to Claims 7 and 16 above, and further in view of Krajec et al. (US PGPUB 2014/0019598; hereinafter “Krajec”).
Claim 8:
Raju in view of Warfield and Maddela teaches all the limitations of claim 7 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Krajec teaches wherein to obfuscate, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises to:
replace at least some parameter values in the requests with respective hashed values ([0047] “The obfuscation process may consist of a hash function, which may be lossy or not.” [0064] “The obfuscator 108 may use various hash functions, encryption algorithms, substitution schemes, or other techniques”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield and Maddela with the replacing of parameter values as taught by Krajec in order to “protect the sensitive data” (Krajec [0064]).
Claim 9:
Raju in view of Warfield and Maddela teaches all the limitations of claim 7 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Krajec teaches wherein to obfuscate, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises to:
replace at least some parameter values in the requests with respective replacement data obtained from a catalogue of replacement values ([0064] “the obfuscator 108 may create a lookup database 112 that may contain the raw and obfuscated values for the traced data.” [0076] “a lookup database 112 may be used to store the hashed and raw values, so that results 118 may be converted back to raw, un-hashed values.” [0078] “a lookup database 112 may be used to assign a random or sequential value to a raw value. For example, a record for each new raw value may be assigned an incrementing index and the index may serve as the obfuscated value.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield and Maddela with the replacing of parameter values as taught by Krajec in order to “protect the sensitive data” (Krajec [0064]).
Claim 12:
Raju in view of Warfield and Maddela teaches all the limitations of claim 7 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Krajec teaches wherein to obfuscate, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises to:
identify a parameter in a request of the requests; determine whether an obfuscation catalog includes the parameter; and in response to determining that that the obfuscation catalog includes the parameter, replace a value of the parameter with a random value in the obfuscated request data ([0064] “the obfuscator 108 may create a lookup database 112 that may contain the raw and obfuscated values for the traced data.” [0076] “a lookup database 112 may be used to store the hashed and raw values, so that results 118 may be converted back to raw, un-hashed values.” [0078] “a lookup database 112 may be used to assign a random or sequential value to a raw value. For example, a record for each new raw value may be assigned an incrementing index and the index may serve as the obfuscated value.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method as disclosed by Raju in view of Warfield and Maddela with the replacing of parameter values as taught by Krajec in order to “protect the sensitive data” (Krajec [0064]).
Claim 18:
Raju in view of Warfield and Maddela teaches all the limitations of claim 16 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Krajec teaches wherein obfuscating, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises:
determining whether to obfuscate a parameter value of a parameter based on a lookup of the parameter in a catalogue of to-be-obfuscated parameters ([0064] “the obfuscator 108 may create a lookup database 112 that may contain the raw and obfuscated values for the traced data.” [0076] “a lookup database 112 may be used to store the hashed and raw values, so that results 118 may be converted back to raw, un-hashed values.” [0078] “a lookup database 112 may be used to assign a random or sequential value to a raw value. For example, a record for each new raw value may be assigned an incrementing index and the index may serve as the obfuscated value.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the computer readable media as disclosed by Raju in view of Warfield and Maddela with the replacing of parameter values as taught by Krajec in order to “protect the sensitive data” (Krajec [0064]).
Claim 19:
Raju in view of Warfield and Maddela teaches all the limitations of claim 16 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Krajec teaches wherein obfuscating, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises:
determining whether to obfuscate a parameter value of a parameter based on a lookup of the parameter in a catalogue of testing-significant parameters ([0062] “the tracer 106 may handle or come in contact with information that includes sensitive data. In such a circumstance, the data may be obfuscated prior to leaving the secure environment 10,” wherein “sensitive data” is “testing-significant” data. [0064] “the obfuscator 108 may create a lookup database 112 that may contain the raw and obfuscated values for the traced data.” [0076] “a lookup database 112 may be used to store the hashed and raw values, so that results 118 may be converted back to raw, un-hashed values.” [0078] “a lookup database 112 may be used to assign a random or sequential value to a raw value. For example, a record for each new raw value may be assigned an incrementing index and the index may serve as the obfuscated value.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the computer readable media as disclosed by Raju in view of Warfield and Maddela with the replacing of parameter values as taught by Krajec in order to “protect the sensitive data” (Krajec [0064]).
Claim 20:
Raju in view of Warfield and Maddela teaches all the limitations of claim 16 as described above. Raju in view of Warfield and Maddela does not teach the following, however, Krajec teaches wherein obfuscating, by the test-case generation software, the data in the requests to generate the obfuscated request data comprises:
obfuscating a parameter value of a parameter based on a lookup of the parameter in a catalogue of replacement values ([0064] “the obfuscator 108 may create a lookup database 112 that may contain the raw and obfuscated values for the traced data.” [0076] “a lookup database 112 may be used to store the hashed and raw values, so that results 118 may be converted back to raw, un-hashed values.” [0078] “a lookup database 112 may be used to assign a random or sequential value to a raw value. For example, a record for each new raw value may be assigned an incrementing index and the index may serve as the obfuscated value.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the computer readable media as disclosed by Raju in view of Warfield and Maddela with the replacing of parameter values as taught by Krajec in order to “protect the sensitive data” (Krajec [0064]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure is as follows:
Danthuluri et al. (US PGPUB 2022/0100642) discloses methods and systems for providing for the creation of test cases for web services testing automation, wherein test cases are generated based on request parameters.
Li et al. (“Sanitizing And Minimizing Databases For Software Application Test Outsourcing,” 2014) discusses an approach for Protecting and mInimizing databases for Software TestIng taSks (PISTIS) that both sanitizes and minimizes a database that comes along with an application, wherein PISTIS uses a weight-based data clustering algorithm that partitions data in the database using information obtained using program analysis that describes how this data is used by the application
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Joanne G. Macasiano whose telephone number is (571)270-7749. The examiner can normally be reached Monday to Thursday, 10:30 AM to 6:00 PM Eastern Standard Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Bradley Teets can be reached at (571) 272-3338. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JOANNE G MACASIANO/Examiner, Art Unit 2197