DETAILED ACTION
Claims 1-23 are presented for examination.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims1-2, 5, 8-23 are rejected under 35 U.S.C. 103 as being unpatentable over Jan et al. (US Patent Application No. US 20140351176 A1) (Hereinafter Jan) in view of Sankaran et al. (US Patent No. 11816116) (Hereinafter Sankaran).
As per claim 1, Jan discloses a method of privatizing private data, the method comprising:
receiving, at a privacy-preserving engine, first sensitive identifiers from a first dataset (fig 8, ticket data source, ticket data) and second sensitive identifiers from a second dataset (fig 8, Asset data source, asset data) ;
determining, via a fuzzy match algorithm, matches between the first sensitive identifiers and the second sensitive identifiers to yield a fuzzy match determination (para 134, the fuzzy match between the asset and the tickets, as well as the extraction of information, e.g. server name, without fuzzy match (e.g. using a statistical modeling technique));
generating, via the fuzzy match algorithm, a set of unique identifiers in which each respective record of the first dataset (fig 8, ticket data source, ticket data) and the second dataset (fig 8, Asset data source, asset data) is augmented by a respective unique identifier from the set of unique identifiers (fig 8, identifiers);
and
linking records across the first dataset and the second dataset based on the respective unique identifier for each respective record (fig 8, para 6, linking those of the first subset of the tickets from which the server names have been extracted to corresponding server entries in a configuration information database).
Jan does not explicitly disclose receiving sensitive data and associating identifier with sensitive data, first sensitive identifiers from a first dataset and second sensitive identifiers from a second dataset, in real-time and while the first sensitive identifiers and the second sensitive identifiers remain in the protected state. However, Sankaran disclose receiving sensitive data and associating identifier with sensitive data (fig 2-3, col 2, lines 37-50, data items can include sensitive data describing one or more attributes of an entity), first sensitive identifiers from a first dataset and second sensitive identifiers from a second dataset (fig 2-3, col 1, lines 54-67, col 2, lines 34-49, tokenized or encrypted sensitive data maintained securely and queried without exposing the sensitive data in the clear) , in real-time and while the first sensitive identifiers and the second sensitive identifiers remain in the protected state (col 2, lines 34-49, performing searches/queries on encrypted or tokenized data without exposing the data in cleartext).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Jan and Sankaran. The motivation would have been to have a secure data repository that can be created within a secure data processing system for storing tokenized versions of PII or other entity data objects. The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.
As per claim 2, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein the first sensitive identifiers from the first dataset and the second sensitive identifiers from the second dataset comprise one or more of a name, an address, a phone number, a physical characteristic of a person, an email address, a social media handle, an age (fig 2, col 2, lines 37-50, PII data items can include sensitive data describing one or more attributes of an entity).
As per claim 5, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein records first dataset and the second dataset with sensitive identifiers that fuzzily match in the fuzzy match determination are augmented with a same unique identifier (fig 2, col 2, lines 37-50, PII .. fuzzy matching).
As per claim 8, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses the first dataset is associated with a first device, the second dataset is associated with a second device, and the privacy-preserving engine operates on a third-party independent computing device (col 8, lines 35-38, third party).
As per claim 9, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein the privacy-preserving engine further brokers an agreement between the first device and the second device to perform computations (fig 2, col 3, lines 37-50;applying different encryption schemes to different data elements in the data object).
As per claim 10, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Sankaran discloses wherein the privacy-preserving engine operates using one of secure multi-party computation or homomorphic encryption (fig 2, col 3, lines 37-50;applying different encryption schemes to different data elements in the data object).
As per claim 11, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein the fuzzy match algorithm performs according to a distance metric comprising one or more of a Jaro-Winkler metric, a step-wise algorithm, a neural network, a machine learning algorithm or other distance metric algorithm (para 6, machine learning technique).
As per claim 12, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein the fuzzy match algorithm performs fuzzy matching for pairs or records according to the first sensitive identifiers and the second sensitive identifiers (fig 8, ticket data source, ticket data).
As per claim 13, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein after determining, via the fuzzy match algorithm, matches between the first sensitive identifiers and the second sensitive identifiers to yield the fuzzy match determination, the method comprises: determining whether the fuzzy match determination is transitive (para 71-72, false positive and false negative).
As per claim 14, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses wherein, while the fuzzy match determination is not transitive, reducing a fuzziness of a matching operation until a non-transitivity state is eliminated (para 71-72, false positive and false negative).
As per claim 15, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses further comprising: distributively generating a respective random identifier, as part of the set of unique identifiers, for each transitive equivalence class of records of the fuzzy match determination (para 32, the tokens are matched against the dictionary using fuzzy matching algorithms).
As per claim 16, claim is rejected for the same reasons and motivations as claim 1, above.
As per claim 17, claim is rejected for the same reasons and motivations as claim 1, above. In addition, Jan discloses receiving, at a privacy-preserving engine, first sensitive identifiers from a first dataset of a set of primary datasets (fig 8, ticket data source, ticket data);
determining, via a fuzzy match algorithm, matches between the first sensitive identifiers and a second sensitive identifiers (fig 8, Asset data source, asset data) associated with auxiliary information to yield a fuzzy match determination (para 134, the fuzzy match between the asset and the tickets, as well as the extraction of information, e.g. server name, without fuzzy match (e.g. using a statistical modeling technique));
generating, via the fuzzy match algorithm, a set of unique identifiers in which each respective record of the first dataset is augmented by a respective unique identifier from the set of unique identifiers (fig 8, Asset data source, asset data) is augmented by a respective unique identifier from the set of unique identifiers (fig 8, identifiers); and
linking records across the first dataset and the auxiliary information based on the respective unique identifier for each respective record (fig 8, para 6, linking those of the first subset of the tickets from which the server names have been extracted to corresponding server entries in a configuration information database).
As per claim 18, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Jan discloses wherein the fuzzy match algorithm operates one at a time on respective datasets from the set of primary datasets using the auxiliary information (fig 8, Asset data source, asset data; ticket data source, ticket data; identifiers ).
As per claim 19, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Jan discloses wherein the auxiliary information comprises a master person index and other data comprising one or more of consumer data and social media data (col 4, lines 38-67, such consumer identification data include a street address or other geographical location).
As per claim 20, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Jan discloses Jan discloses wherein the auxiliary information is held by a tokenization entity (para 32, the tokens are matched against the dictionary using fuzzy matching algorithms).
As per claim 21, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Sankaran discloses wherein the tokenization entity is distributed cryptographically across several distributed computing devices (col 4, lines 38-67, such consumer identification data include a street address or other geographical location).
As per claim 22, claim is rejected for the same reasons and motivations as claim 17, above. In addition, Sankaran discloses wherein the tokenization entity is distributed cryptographically across several distributed computing devices via use of secure multi-party computation (col 4, lines 38-67, encrypting sensitive data).
As per claim 23, claim is rejected for the same reasons and motivations as claim 17, above.
Claims 3-4 and 6-7 are rejected under 35 U.S.C. 103 as being unpatentable over Jan et al. (US Patent Application No. US 20140351176 A1) (Hereinafter Jan) in view of Sankaran et al. (US Patent No. 11816116) (Hereinafter Sankaran) in further view of Borden et al. (US Patent Application No. 20240005231) (Hereinafter Borden).
As per claim 3, Jan in view of Sankaran does not explicitly disclose wherein the fuzzy match determination is computed using an edit distance metric. However, Borden discloses wherein the fuzzy match determination is computed using an edit distance metric (para 57, Hamming distance, Jaro -Winkler distance).
As per claim 4, claim is rejected for the same reasons and motivation as claim 3, above. In addition, Borden discloses wherein the edit distance metric comprises a Jaro-Winkler similarity string metric (para 57, Hamming distance, Jaro-Winkler distance).
As per claim 6, claim is rejected for the same reasons and motivation as claim 3, above. In addition, Borden discloses wherein the set of unique identifiers comprises a set of pseudorandom strings (para 23, textual data may be parsed into tokens).
As per claim 7, claim is rejected for the same reasons and motivation as claim 3, above. In addition, Borden discloses wherein the respective unique identifier comprises a respective pseudorandom string of the set of pseudorandom strings (para 23, textual data may be parsed into tokens).
.Response to Arguments
Applicant's arguments filed 03/10/2026 have been fully considered but they are not persuasive, therefore rejections to claims 1-23 is maintained.
In the remarks applicants argued that:
In response to Applicant’s arguments against the references individually, one cannot show non-obviousness by attacking references individually where the rejections are based on combinations of references. In this case Jan discloses receiving, at a privacy-preserving engine, first sensitive identifiers from a first dataset (fig 8, ticket data source, ticket data) and second sensitive identifiers from a second dataset (fig 8, Asset data source, asset data) ; determining, via a fuzzy match algorithm, matches between the first sensitive identifiers and the second sensitive identifiers to yield a fuzzy match determination (para 134, the fuzzy match between the asset and the tickets, as well as the extraction of information, e.g. server name, without fuzzy match (e.g. using a statistical modeling technique)); generating, via the fuzzy match algorithm, a set of unique identifiers in which each respective record of the first dataset (fig 8, ticket data source, ticket data) and the second dataset (fig 8, Asset data source, asset data) is augmented by a respective unique identifier from the set of unique identifiers (fig 8, identifiers); and linking records across the first dataset and the second dataset based on the respective unique identifier for each respective record (fig 8, para 6, linking those of the first subset of the tickets from which the server names have been extracted to corresponding server entries in a configuration information database).
Sankaran disclose receiving sensitive data and associating identifier with sensitive data (fig 2-3, col 2, lines 37-50, data items can include sensitive data describing one or more attributes of an entity), first sensitive identifiers from a first dataset and second sensitive identifiers from a second dataset (fig 2-3, col 1, lines 54-67, col 2, lines 34-49, tokenized or encrypted sensitive data maintained securely and queried without exposing the sensitive data in the clear) , in real-time and while the first sensitive identifiers and the second sensitive identifiers remain in the protected state (col 2, lines 34-49, performing searches/queries on encrypted or tokenized data without exposing the data in cleartext). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Jan and Sankaran. The motivation would have been to have a secure data repository that can be created within a secure data processing system for storing tokenized versions of PII or other entity data objects.
Conclusion
Please see the attached PTO-892 for the prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD A SIDDIQI whose telephone number is (571)272-3976. The examiner can normally be reached Monday-Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl G Colin can be reached at 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMMAD A SIDDIQI/Primary Examiner, Art Unit 2493