SYSTEM AND METHOD OF DYNAMIC SEARCH RESULT PERMISSION CHECKING

§103 §112

DETAILED ACTION Response to Arguments Claims 1, 2, 4, 6-8, 10, 11, 13, and 15-17 are currently pending. Claims 1, 2, 4, 6-8, 10, 11, 13, and 15-17 were amended. Claims 3, 5, 9, 12, 14, and 18 were canceled. The objection to the drawings has been withdrawn in response to the replacement drawings. The objections to claims 7, 16, and 17 due to informalities have been withdrawn in view of the claim amendments. The rejection of claims 5 and 14 under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement has been withdrawn in view of the cancellation of claims 5 and 14. The rejections of claims 1-18 under 35 U.S.C. 112(b) for being directed to indefinite subject matter has been withdrawn. However, the claim amendments have raised new issues regarding 35 U.S.C. 112(b). Furthermore, the amendments did not correct any of the indefiniteness issues raised in the previous Office Action when incorporating subject matter in the indefinite dependent claims to independent claim 1. See Claim Rejections - 35 USC § 112 for details. Applicant argues on pp. 7-8 of the REMARKS filed on September 1, 2025 that the applied prior art references in the 35 U.S.C. § 103 rejections do not teach, disclose, or suggest the features of the amended independent claims. After further review of the amended features, the Examiner agrees with the Applicant’s arguments. Therefore, the rejection under 35 U.S.C. § 103 of independent claim 1 has been withdrawn. However, the rejection of independent claim 10 is maintained. It is noted that claim 10 was not amended in the same manner as independent claim 1. Therefore, claim 10 remains rejected under the cited prior arts. See Claim Rejections – 35 USC § 103 for details. Claim Rejections - 35 USC § 112 The following is a quotation of the first paragraph of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112: The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention. Claims 1, 2, 4, and 6-8 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claim 1 recites: “wherein the method is further configured to address outdated permissions by validating user credentials”. However, review of the originally filed specifications, and the specifications filed in the provisional Appl. No. 63/418,016, do not disclose addressing outdated permissions by validating user credentials. At best, the specifications merely disclose validating credentials “on the fly”, and are silent on addressing any outdated, expired, invalid, lapsed, etc. permissions. Dependent claims 2, 4, and 6-8 are similarly rejected as parent claim 1. The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1, 2, 4, 6-8, 10, 11, 13, and 15-17 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Independent claim 1 recites: “the maximum number of permission checks”. There is insufficient antecedent basis for this limitation in the claim. Independent claims 1 and 10 recite: “the unfiltered retrieved results”. There is insufficient antecedent basis for this limitation in the claims. Independent claim 1 recites: “returning a set of results”. It is unclear if the set of results were intended to be directed to the “unfiltered retrieved results”, the “filtered search results”, or a completely new set of results. If the results are directed to a completely new set of results, it is unclear how these results are patentably associated with the rest of the claimed invention and why such results are returned. The limitation would be incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections. See MPEP § 2172.01. Independent claim 1 recites: “performing bulk checks”. It is unclear what checks are being performed. For the purposes of examination, the bulk checks are assumed to be permission checks recited in the earlier limitations of the claim, such as also described in [0064] on pp. 14-15 of the originally filed specifications. Dependent claim 2 recites: “a timeout”. However, parent claim 1 also recites “a timeout”. It is unclear if both timeouts are the same or referring to different timeouts. Dependent claim 6 recites: “user credentials”. However, parent claim 1 also recites “user credentials”. It is unclear if both user credentials are the same or referring to different sets of user credentials. Dependent claims 8 and 17 recite: “the end-user”. There is insufficient antecedent basis for this limitation in the claims. Dependent claim 13 recites: “all unfiltered results”. However, parent claim 10 recites “the unfiltered retrieved results”. It is unclear if these results are the same, or they are directed to different sets of results. Any remaining claims are not explicitly addressed above are similarly are rejected and/or rejected by virtue of their dependency to their respective independent claims. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 10, 13, and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over US 2007/0016583 to Lempel et al. (hereinafter, “Lempel”) in view of US 2018/0248886 to Hind (hereinafter, “Hind”). As per claim 10: Lempel discloses: A dynamic search result permission checking system configured for permission checking on data of an enterprise content management system (a method and a system for processing a search request to generate a final search result set by performing impersonation [Lempel, ¶0015]), the system comprising: a computer processor (an enterprise search server 140 is coupled to a web server 120 and multiple backend servers 160a…160n and includes an enterprise search engine 144 executed by a processor [Lempel, ¶0025; Fig. 1]); one or more file shares of the content management system configured to store one or more original documents (backend servers 160a…160b coupled to data stores of documents 166a…166b, respectively [Lempel, ¶0029; Fig. 1]); a content management system module configured to communicate with the file share of the content management system (the backend servers are coupled to an enterprise search server 140 [Lempel, ¶0028; Fig. 1]; wherein the enterprise search server crawls the documents to generate a search index [Lempel, ¶0034]); (“Control begins at block 500 with the enterprise search engine 144 receiving a search request.” [Lempel, ¶0048]); send a request for a permission filter to the system (each search request is appended with a security context [Lempel, ¶0043]; the security context contains a user’s associated one or more security groups indicating access (permissions) control to collections in a repository [Lempel, ¶0038, 0055-0057]); in response to receiving the request for the permission filter, check a search index of the Analytics Engine of the system and retrieve results from one or more associated data source (“In block 502, the enterprise search engine 144 generates a pre-filtered list of documents that match the search request terms as determined using the search index 146.” [Lempel, ¶0048]; the search index 146 is created from multiple native backend servers [Lempel, ¶0034]); perform a search until an end condition is met (“In block 504, the enterprise search engine 144 generates an interim result set from the pre-filtered list of documents that satisfy the search criteria in the search request by matching one or more indexed levels associated with each document to one or more security groups associated with a search request…”[Lempel, ¶0048]); perform one or more permission calls until all the unfiltered retrieved results from one or more associated data sources have been checked (“In block 506, the enterprise search engine 144 generates a final result set based on impersonation for the documents in the interim result set.” [Lempel, ¶0049]); return permission-filtered search results to (“In block 508, the enterprise search engine 144 provides the final result set to a user and enables the user to select documents that may then be provided by backend servers 160a . . . 160b.” [Lempel, ¶0051]); wherein the system is configured to search an index built from content from one or multiple source repositories, and only display results for which the user has sufficient permissions at source to view (the general concept of impersonation involves filtering search results in real-time based on an access control list, thereby removing documents a user is not allowed to see [Lempel, ¶0011]; Lempel enables search result filtering through impersonation for multiple backend servers hosting documents [Lempel, ¶0036; 0059]). Lempel does not explicitly disclose the “analytics” and “visualizer” modules with “a graphical user interface”. These feature are generally understood to be a software application providing a user interface with components for performing search queries. A user interface for performing search queries is not explicitly described or illustrated in Lempel. At best, Lempel illustrates a screen 400 for inputting login credentials to multiple repositories with a “Search” tab [Lempel, Fig. 4; ¶0045] but is not further described. However, Hind is directed to analogous art of permissions-filtering search results [Hind, Abstract]. Hind discloses a user interface (“a graphical user interface”) presented to a user to enter search terms and present permissions-filtered search results via a user interface view (“analytics/visualizer”) [Hind, ¶0024, 0029]. Thus, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to implement a user interface in Lempel to perform searches and receive search results, such as disclosed in Hind. A user interface would have enabled users to manually enter custom search terms to perform custom queries. Furthermore, a user interface would have provided a visual means to navigate and/or review the search results. As per claim 13: Lempel in view of Hind disclose all limitations of claim 10. Furthermore, Lempel discloses: further comprising the step of performing one or more permission calls until all unfiltered results have been checked further comprises the system asynchronously checking permissions against the appropriate data source and returning the permission information (the final search result set is generated through impersonation, wherein impersonation is achieved by obtaining security credentials of the user from the security context and provides the credentials to each of the backend servers to obtain authorized documents [Lempel, ¶0050]). As per claim 15: Lempel in view of Hind disclose all limitations of claim 10. Furthermore, Lempel discloses: wherein user credentials are validated “on the fly”, such that the permission checks are performant across a multiple of possible back-end repositories sequentially or simultaneously (“…all security credentials for that user are supplied on each individual search because it is not known in advance which backend servers 160a . . . 160b may be impersonated.” [Lempel, ¶0050]; it is noted that when performing the search and obtaining the final search results, impersonation is used that involves using user credentials to check access to a document of a particular backend server (i.e., “on the fly” during the actual search [Lempel, 0049]). As per claim 16: Lempel in view of Hind disclose all limitations of claim 10. Furthermore, Lempel discloses: wherein the resultant search results from the index are sourced from many disparate repositories, the repositories having unique permission structures to view individual items (“…creating a search index…Control begins in block 200 with the enterprise search engine 144 crawling for documents with ‘super’ user access. In block 202, the enterprise search engine 144 retrieves one or more native levels of access control list information from native backend servers, which will be referred to herein as "native levels"…. The native levels of access control list information may be, for example, associated with a server, a database, and with each document.” [Lempel, ¶0034; Fig. 2]; i.e., the search index is comprised of documents from many different kinds of backend repositories and contain access control information from different security domains [Lempel, ¶0059]). As per claim 17: Lempel in view of Hind disclose all limitations of claim 10. Furthermore, Lempel discloses: further comprising a step of searching the index from content in multiple source repositories in a secure and performant fashion in order to only display search results that the end-user is allowed to view based on source system permissions (the final search results provided to the user contain data from backend servers that the user is authorized to access based on the security credentials and associated security group(s) [Lempel, ¶0048-0051]). Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Lempel in view of Hind and in further view of US 2019/0087431 to Qui et al. (hereinafter, “Qui”). As per claim 11: Lempel in view of Hind disclose all limitations of claim 10. Furthermore, Lempel and Hind do not explicitly disclose, but Qui discloses: wherein the end condition further comprises returning a set of results, reaching or a timeout (a timeout parameter that specifies a length of time to spend for performing a search [Qui, ¶0142]). Thus, it would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to include a timeout parameter in the search operations or search requests of Lempel, such as disclosed in Qui. A timeout parameter would have improved the utilization of computing resources by limiting the length a search can be performed. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 2019/0394208: User permissions for a search on managed content are evaluated, wherein the search results are constrained before returning the results. See Abstract. US 6,976,024: API calls are aggregated within a higher-level Batch Submission API (BSA). See Abstract. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ROBERT B LEUNG whose telephone number is (571)270-1453. The examiner can normally be reached Mon - Thurs: 10am-7pm ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG KIM can be reached at 571-272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ROBERT B LEUNG/Primary Examiner, Art Unit 2494