DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3-5, 7-10, 12-14, 16-19, and 21-25 are rejected under 35 U.S.C. 103 as being unpatentable over Duri et al., USPN 2004/0267410, in view of HE, CN 110971620 A, as outlined using the attached translation.
With regard to claims 1, 10, and 19, Duri discloses a method, applied to a target vehicle (0009, 0050), wherein the method includes receiving a first configuration file (0009, 0046, 0017, 0050), determining, based on the first configuration file, a first configuration policy (0017, 0050), for configuring a protection manner of user data associated with a first application (0050, 0059), and performing a first operation based on the first configuration policy (0041, 0051, 0060) wherein the first operation includes one or more of data access control, data storage security control, data deletion, or data transmission security control (0041, 0060). Duri does not disclose obtaining an operation record of the current user, wherein the operation record includes information indicating execution results of the first operation, and generating a configuration log of the current user, wherein the configuration log is used to update the first configuration file, and wherein updating the first configuration file based on the configuration log includes modifying the first configuration policy to optimize protection of the user data based on the execution results of the first operation. HE discloses a method of configuring a vehicle to control user data access (abstract, page 3) similar to that of Duri, and further discloses obtaining an operation record of the current user (page 4), and generating a configuration log of the current user, wherein the operation record includes information indicating execution results of the first operation (page 4), wherein the configuration log is used to update the first configuration file (pages 4-5), and wherein updating the first configuration file based on the configuration log includes modifying the first configuration policy to optimize protection of the user data based on the execution results of the first operation (pages 4-5). It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date, to implement the configuration logging and updating of HE in the method of Duri for the motivation of improving the recording of data, system monitoring, and system security.
With regard to claims 3 and 12, Duri in view of HE discloses the method of claim 1, as outlined above, and Duri further discloses the first configuration file includes configuration information (0041), and wherein the method further includes obtaining a first account associated with a current user (0041, 0060), performing authentication on the first account (0042, 0060), determining that authentication on the first account succeeds (0043, 0060), and controlling a user interface to display the configuration information (0041, 0049-0050, 0066, 0060).
With regard to claims 4 and 13, Duri in view of HE discloses the method of claim 1, as outlined above, and Duri further discloses the configuration information includes at least one of a data protection type or a data protection manner (0043-0047, 0060), and the determining a first configuration policy based on the first configuration file includes receiving a first instruction entered by the current user (0060, 0041, 0045), wherein the first instruction indicates at least one of a first data protection type selected by the current user from the data protection type for the user data associated with the first application, and/or a first data protection manner selected by the current user from the data protection manner for the user data associated with the first application (0060, 0041, 0045), and determining the first configuration policy based on the at least one of the first data protection type or the first data protection manner (0060, 0041, 0045).
With regard to claims 5 and 14, Duri in view of HE discloses the method of claim 1, as outlined above, and Duri further discloses the controlling a user interface to display the configuration information includes after detecting a trigger event (0041, 0049-0050, 0066, 0060), controlling the user interface to display the configuration information (0041, 0049-0050, 0066, 0060), detecting the user data associated with the first application, or detecting a change of a data protection policy associated with the first application ( 0041, 0049-0050, 0066, 0059-0061).
With regard to claims 7 and 16, Duri in view of HE discloses the method of claim 1, as outlined above, and Duri further discloses the target vehicle includes a central controller and an agent controller (0050, 0060), and the agent controller is associated with the first application (0050, 0060), and the method further includes receiving, by the central controller, a second instruction of the current user, wherein the second instruction indicates to determine a second configuration file of the current user (0079, 0041), and the second configuration file is a preference configuration of the current user (0079, 0041), determining, by the central controller, a second configuration policy based on the second configuration file, and sending the second configuration policy to the agent controller (0041, 0050, 0060), and performing, by the agent controller, a second operation based on the second configuration policy (0041, 0050, 0060).
With regard to claims 8 and 17, Duri in view of HE discloses the method of claim 1, as outlined above, and Duri further discloses receiving, by the central controller, a third instruction of the current user, wherein the third instruction indicates to delete the user data associated with the first application (0041), sending, by the central controller, the third instruction to the agent controller; and in response to the third instruction, deleting, by the agent controller, the user data associated with the first application (0041, 0050, 0060).
With regard to claims 9, 18, 23, and 25, Duri in view of HE discloses the method of claim 1, as outlined above, but does not disclose in response to detecting that storage duration of the user data associated with the first application exceeds preset duration, generating, by the central controller, a fourth instruction, and sending the fourth instruction to the agent controller; and deleting, by the agent controller according to the fourth instruction, the user data associated with the first application. The examiner took official notice that it is well known in the art to delete data that exceeds a storage duration. This notice was not traversed in applicant’s response filed 30 September 2025, and is thus taken as admitted prior art. It would have been obvious for one of ordinary skill in the art to delete the user data, in Duri in view of HE, if it exceeded a storage duration, for the motivation of improving system security and maintenance.
With regard to claim 21, Duri in view of HE discloses the method of claim 1, as outlined above, and Duri further discloses the first configuration file is associated with a user of the target vehicle (0041-0046, 0050).
With regard to claim 22, Duri in view of HE discloses the method of claim 1, as outlined above, and Duri further discloses the first configuration file includes configuration information that includes at least one of a data protection type or a data protection manner (0041-0046, 0060).
With regard to claims 24, Duri in view of HE discloses the method of claim 1, as outlined above, but does not discloses deleting the user data associated with the first application includes determining a running status of the target vehicle, and deleting the user data associated with the first application when the target vehicle is in a non- running status. The examiner took official notice that it is well known to delete data after a change in state. This notice was not traversed in applicant’s response filed 20 January 2026, and is thus taken as admitted prior art. It would have been obvious for one of ordinary skill in the art, prior to the instant effective filing date, to delete the user data in Duri in view of HE after the target vehicle is in a non-running status for the motivation of saving memory, and improved memory management.
Response to Arguments
Applicant’s arguments, filed 20 January 2026, have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new grounds of rejection is made in view of Duri in view of HE, as outlined above.
References Cited
Kafzan et al., USPN 2019/0312781, discloses a method of updating vehicle configuration data based on logged activity (0070-0071).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JACOB LIPMAN whose telephone number is (571)272-3837. The examiner can normally be reached 5:30AM-6:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ali Shayanfar can be reached at 571-270-1050. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JACOB LIPMAN/Primary Examiner, Art Unit 2434