Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1, 3 – 19 and 24 are pending.
Response to Arguments
Applicant’s arguments with respect to the 35 USC 101 rejection of claims 1 – 8 have been fully considered and are persuasive in view of the amended claim language. The 35 USC 101 rejection of claims 1 – 8 has been withdrawn.
In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., “database grouping is fundamentally based on cryptographic capabilities – specifically the shared privacy algorithm within the group”) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
The amended claims recite that the “plurality of databases belong to the a plurality of groups”, “databases of the plurality of databases that belong to a same group have a same privacy algorithm” and “databases of the plurality of databases that belong to different groups have different privacy algorithms”. However, this language does not disclose that the grouping itself is based on privacy algorithms of the databases prior to the group or to be applied after. The current claim language allows for the grouping themselves to be determined using other means or factors, and the privacy algorithms may be later applied and are the same within the groups and different between the groups. For the grouping to be based upon cryptographic capabilities, such language would need to be amended into the claim language. The specification does not provide limiting disclosure for the grouping process that would limit the interpretation of the claim language, nor does it provide limiting language for what a privacy algorithm comprises, so any specific determination of grouping based on such privacy algorithm isn’t inherent to the claim language. Therefore, the current claim language allows for both application of a privacy algorithm after the grouping of databases using other determining factors, or the grouping of databases based on the shared privacy algorithm.
However, see the current rejection below in view of Amazon modified by Banerjee.
In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., “The claimed "privacy algorithm" represents the core innovation that enables secure collaboration between potentially distrusting parties. As detailed in the specification at paragraph [0042], these privacy algorithms "comprise secure multi-party computation (MPC) methods respectively corresponding to several operation manners allowed by the plurality of target databases."”) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
The claims are silent as to what a “privacy algorithm” comprises. Furthermore, the cited paragraph [0042] (and paragraph [0043]) is directed to a specific example and does not provide limiting disclosure or interpretation of the “privacy algorithm” of the claim language. Further, no specific disclosure within the specification limits the disclosure of “privacy algorithm” beyond what is broadest reasonable interpretation (BRI) to one of ordinary skill in the art. Therefore, for any specific interpretation to limit the claim language, such interpretation needs to be amended into the claim language itself.
However, see the current rejection below in view of Amazon modified by Banerjee.
In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., “the overall architecture of Applicant's system represents a novel approach to secure data collaboration: Central Node: Serves as a coordinator for privacy-preserving protocols across independent databases with varying cryptographic capabilities, Database Groups: Organized by cryptographic compatibility, enabling flexible participation of databases with different privacy algorithms, Query Execution: Performed using privacy algorithms that prevent disclosure of raw data between participants”) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
As stated above, the claims do not disclose that the central node “serves as a coordinator for privacy-preserving protocols across independent databases with varying cryptographic capabilities”, nor do the claims recite that the database groups are “Organized by cryptographic compatibility, enabling flexible participation of databases with different privacy algorithms”, nor do the claims recites that the query execution is “Performed using privacy algorithms that prevent disclosure of raw data between participants”.
The claims only recited the role of the central node is to “determine a plurality of target databases related to a query request from the plurality of databases based on the query request; and send a query indication to a plurality of target query engines corresponding to the plurality of target databases through the first interface in the central node”. Other than determining target databases related to a query request, there is no further disclosure of privacy-preserving protocols being processed at the central node.
As stated above, the grouping of databases as claimed does not disclose the grouping is based on cryptographic compatibility, or any other mention of cryptographic compatibility. Clarification of the grouping process to be based on a cryptographic compatibility to determine the groups and privacy algorithms thereof may be sufficient in moving prosecution of the application forward and potentially help distinguish over the currently cited portions of the prior art, thereby requiring further consideration of the prior art as a whole and/or an updated search thereafter.
Further, there is no disclosure of raw data, or handling thereof, being protected by the privacy algorithms, or disclosure of modified/processed data being generated or allowed through the algorithms to limit the access to the raw data thereof. Clarification of such handling of raw data would need to be amended into the claim language.
However, see the current rejection below in view of Amazon modified by Banerjee.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1, 3 – 19 and 24 is/are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Patent No. 9,489,443 issued to Muniswamy-Reddy et al for Amazon Technologies, Inc. (hereinafter Amazon) in view of U.S. Patent No. 9,300,691 issued to Deb Banerjee (hereinafter Banerjee).
As to claim 1, Amazon discloses a system of computing devices comprising a secure multi-party database, including a central node and a plurality of databases (web services being part of distributed system including a number of computing nodes, see Amazon: Col. 6 line 7 – 54, and multi-tenant environment, see Amazon: Col. 7 line 55 – Col. 8 line 23),
wherein the plurality of databases belong to a plurality of groups, databases that belong to a same group have a same privacy algorithm (database instances are configured to belong to a firewall or security group to limit the clients that are able to connect to the instance or access tables on the database instances, which is used in the direction and administration of requests, see Amazon: Col. 15 line 15 – 62, and further database replicas may be split and grouped, see Amazon: Col. 25 line 45 – Col. 26 line 15),
the central node has a disclosed first interface, and each of a plurality of query engines corresponding to the plurality of databases comprises a second interface that interacts with the first interface (web server and multiple clients configured to communicate via a communication network, the web server providing communication to multiple web services, see Amazon: Col. 5 line 54 – Col. 6 line 6, web server being a central node with an interface for communication to the services and clients, and web services being part of distributed system including a number of computing nodes, see Amazon: Col. 6 line 7 – 54, and multi-tenant environment, see Amazon: Col. 7 line 55 – Col. 8 line 23);
the central node can configured to determine a plurality of target databases related to a query request from the plurality of databases based on the query request (the web server processes requests from the clients and returns results from the web services, see Col. 5 line 54 – Col. 6 line 6); and
send a query indication to a plurality of target query engines corresponding to the plurality of target databases through the first interface in the central node (the web server sends the query to the target database(s) to which the query is directed, see Amazon: Col. 15 line 63 – Col. 16 line 59); and
the plurality of target query engines can configured to receive the query indication from second interfaces, and execute the query indication to obtain a query result (the web services (databases) received the query and return results to the web server, see Amazon: Col. 15 line 36 – Col. 16 line 59); and
send the query result to the first interface in the central node through the second interfaces in the plurality of target query engines (the results from the web services (databases) are sent back to the web server to be sent to the client, see Amazon: Col. 15 line 34 – Col. 16 line 59).
However, Amazon does not explicitly disclose wherein databases of the plurality of databases that belong to different groups have different privacy algorithms.
Banerjee teaches wherein the plurality of databases belong to a plurality of groups (subnets each comprising a database tier of databases, and test database tier, see Banerjee: Col. 6 lines 32 – 62, Col. 7 line 40 – Col. 8 line 34), databases that belong to a same group have a same privacy algorithm (databases in the database tier of the subnet has a security group policy, including a policy preventing sensitive information access to external networks, while another subnet database tier doesn’t have the policy for external networks , see Banerjee: Col. 6 lines 32 – 62, Col. 7 line 6 – Col. 8 line 34, Col. 9 lines 39 – Col. 10 line 29) and databases of the plurality of databases that belong to different groups have different privacy algorithms (security group policy is on a subnet to subnet basis, wherein some subnets may not have a security policy to prevent access of protected content to external networks, see Banerjee: Col. 6 lines 32 – 62, Col. 7 line 6 – Col. 8 line 34, Col. 9 lines 39 – Col. 10 line 29).
Banerjee and Amazon are analogous due to their disclosure of managing databases for access by external systems, including data search systems.
Therefore, it would have been obvious to one of ordinary skill in the art to modify Amazon’s use of services for processing client requests to target databases and returning results to the clients with Banerjee’s use of separate data security algorithms for protecting personally identifiable information in databases in database tiers of different subnets in order to address a need for additional and improved systems and methods for enforcing secure network segmentation for sensitive workloads (Banerjee: Col. 1).
As to claim 3, Amazon in view of Banerjee discloses the secure multi-party database according to claim 2, wherein the databases that belong to the same group are provided by a same service provider (the replicas of the groups are for the same originating partition for the web service, see Amazon: Col. 25 line 45 – Col. 28 line 48).
As to claim 4, Amazon in view of Banerjee discloses the secure multi-party database according to claim 1, wherein the central node stores metadata used to indicate groups to which the plurality of databases respectively belong and to indicate data information stored in the plurality of databases (replica GUIDs, hash key attribute values, etc. are stored in a table data structure that stores information about candidate partition management operation, see Amazon: Col. 25 line 45 – Col. 28 line 48).
As to claim 5, Amazon in view of Banerjee discloses the secure multi-party database according to claim 4, wherein the central node can is configured to receive a registration request from a current database, wherein the registration request indicates at least a group to which the current database belongs, and the registration request is sent by the current database through a second interface corresponding to the current database (replica operations, including splits, are performed and given updated partition GUIDs that are managed in the database list or structure that manages the candidate partition management operations, see Amazon: Col. 25 line 45 – Col. 28 line 48, assigning a GUID to replicas and replica groups for routing requests is a form of registration); and
the central node updates the metadata based on the registration request (partition replicas and operations including splits, moves, etc. GUIDs are updated at the data structure that manages the candidate partition management operations, see Amazon: Col. 25 line 45 – Col. 28 line 48).
As to claim 6, Amazon in view of Banerjee discloses the secure multi-party database according to claim 1, wherein the query request comprises a query statement and a first group identifier of a first group (queries/service requests including queries directed to attributes, items, operations to be performed, etc., see Amazon: col. 13 line 38 – Col 14, line 59, and service request is directed to a partition and serviced by replicas for the group of the original partition, see Amazon: Col. 25 line 45 – Col. 26 line 57); and
the central node can configured to determine, based on the first group identifier, several databases that belong to the first group, and determine the plurality of target databases from the several databases based on the query statement (replicas belonging to the group for the original indicated partition are used to service the request, see Amazon: Col. 25 line 45 – Col. 26 line 57, and data of the request is used to determine the replicas that support the data or may no longer support the data, see Amazon: Col. 25 line 45 – Col. 26 line 57).
As to claim 7, Amazon in view of Banerjee discloses the secure multi-party database according to claim 1,wherein the first interface sends the query indication to the second interfaces in the target query engines by using a remote procedure call (the services provided to the clients include remote computing systems and services such as those over a virtual private network (VPN) or virtual private cloud (VPC) environment, see Amazon: Col. 5 line 38 – Col. 6 line 6, VPN allows remote services as if local services, which is a remote procedure call (RPC) service); and
the second interfaces send the query result to the first interface in the central node by using a remote procedure call (the web service is used for accessing the remote web services over the VPN/VPC, as if local services, see Amazon: Col. 5 line 38 – Col. 6 line 6).
As to claim 8, Amazon in view of Banerjee discloses the secure multi-party database according to claim 1,wherein privacy algorithms that the plurality of target databases have comprise secure multi-party computation MPC methods respectively corresponding to several operation manners allowed by the plurality of target databases (requests from multiple clients are managed and clients are only allowed to access those databases that they are given access to, see Amazon: Col. 5 line 38 – Col. 6 line 6 and Col. 15 line 15 - 62); and
the query request relates to at least one of the several operation manners (database requests include partition operations based on resources and capacities, see Amazon: Col. 3 line 19 – Col 6 line 6).
Claims 9 – 16 are rejected using similar rationale to the rejection of claims 1 – 8 above.
As to claim 17, Amazon discloses a data query method for a secure multi-party database, wherein the secure multi-party database comprises a central node and a plurality of databases (web services being part of distributed system including a number of computing nodes, see Amazon: Col. 6 line 7 – 54, and multi-tenant environment, see Amazon: Col. 7 line 55 – Col. 8 line 23),
the plurality of databases belong to a plurality of groups, databases of the plurality of database that belong to a same group have a same privacy algorithm (database instances are configured to belong to a firewall or security group to limit the clients that are able to connect to the instance or access tables on the database instances, which is used in the direction and administration of requests, see Amazon: Col. 15 line 15 – 62, and further database replicas may be split and grouped, see Amazon: Col. 25 line 45 – Col. 26 line 15),
the central node has a disclosed first interface, each of a plurality of query engines corresponding to the plurality of databases comprises a second interface that interacts with the first interface (web server and multiple clients configured to communicate via a communication network, the web server providing communication to multiple web services, see Amazon: Col. 5 line 54 – Col. 6 line 6, web server being a central node with an interface for communication to the services and clients, and web services being part of distributed system including a number of computing nodes, see Amazon: Col. 6 line 7 – 54, and multi-tenant environment, see Amazon: Col. 7 line 55 – Col. 8 line 23), and the method is applied to the central node and comprises:
determining a plurality of target databases related to a query request from the plurality of databases based on the query request (the web server processes the request query and sends the query to the target database(s) to which the query is directed, see Amazon: Col. 15 line 63 – Col. 16 line 59);
sending a query indication to a plurality of target query engines corresponding to the plurality of target databases through the first interface, so that the plurality of target query engines execute the query indication to obtain a query result (the web server processes the request query and sends the query to the target database(s) of the web services to which the query is directed , the web services (databases) received the query and return results to the web server, see Amazon: Col. 15 line 36 – Col. 16 line 59); and
receiving, through the first interface, the query result sent by the plurality of target query engines through second interfaces in the plurality of target query engines (the results from the web services (databases) are sent back to the web server to be sent to the client, see Amazon: Col. 15 line 34 – Col. 16 line 59).
However, Amazon does not explicitly disclose databases of the plurality of databases that belong to different groups have different privacy algorithms.
Banerjee teaches the plurality of databases belong to a plurality of groups (subnets each comprising a database tier of databases, and test database tier, see Banerjee: Col. 6 lines 32 – 62, Col. 7 line 40 – Col. 8 line 34), databases of the plurality of databases that belong to a same group have a same privacy algorithm (databases in the database tier of the subnet has a security group policy, including a policy preventing sensitive information access to external networks, while another subnet database tier doesn’t have the policy for external networks , see Banerjee: Col. 6 lines 32 – 62, Col. 7 line 6 – Col. 8 line 34, Col. 9 lines 39 – Col. 10 line 29) and databases of the plurality of databases that belong to different groups have different privacy algorithms (security group policy is on a subnet to subnet basis, wherein some subnets may not have a security policy to prevent access of protected content to external networks, see Banerjee: Col. 6 lines 32 – 62, Col. 7 line 6 – Col. 8 line 34, Col. 9 lines 39 – Col. 10 line 29).
Banerjee and Amazon are analogous due to their disclosure of managing databases for access by external systems, including data search systems.
Therefore, it would have been obvious to one of ordinary skill in the art to modify Amazon’s use of services for processing client requests to target databases and returning results to the clients with Banerjee’s use of separate data security algorithms for protecting personally identifiable information in databases in database tiers of different subnets in order to address a need for additional and improved systems and methods for enforcing secure network segmentation for sensitive workloads (Banerjee: Col. 1).
As to claim 18, Amazon in view of Banerjee discloses the method according to claim 17, wherein the query request comprises a query statement and a first group identifier of a first group (queries/service requests including queries directed to attributes, items, operations to be performed, etc., see Amazon: col. 13 line 38 – Col 14, line 59, and service request is directed to a partition and serviced by replicas for the group of the original partition, see Amazon: Col. 25 line 45 – Col. 26 line 57); and
the determining a plurality of target databases related to a query request from the plurality of databases based on the query request specifically comprises:
determining, based on the first group identifier, several databases that belong to the first group (replicas belonging to the group for the original indicated partition are used to service the request, see Amazon: Col. 25 line 45 – Col. 26 line 57), and
determining the plurality of target databases from the several databases based on the query statement (data of the request is used to determine the replicas that support the data or may no longer support the data, see Amazon: Col. 25 line 45 – Col. 26 line 57).
As to claim 19, Amazon in view of Banerjee discloses the method according to claim 17, further comprising:
receiving a registration request from a current database, wherein the registration request indicates at least a group to which the current database belongs, and the registration request is sent by the current database through a second interface in the current database (replica operations, including splits, are performed and given updated partition GUIDs that are managed in the database list or structure that manages the candidate partition management operations, see Amazon: Col. 25 line 45 – Col. 28 line 48, assigning a GUID to replicas and replica groups for routing requests is a form of registration); and
updating, based on the registration request, metadata stored in the central node (partition replicas and operations including splits, moves, etc. GUIDs are updated at the data structure that manages the candidate partition management operations, see Amazon: Col. 25 line 45 – Col. 28 line 48).
Claim 24 is rejected using similar rationale to the rejection of claim 17 above.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MARK E HERSHLEY whose telephone number is (571)270-7774. The examiner can normally be reached M-F: 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amy Ng can be reached at (571) 270-1698. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MARK E HERSHLEY/Primary Examiner, Art Unit 2164