Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This final office action is prepared in response to amendments and arguments filed by Applicant on December 18, 2025 as a reply to the non-final office action mailed on .
Claims 1-11 are pending.
Claims 1-11 are rejected.
Response to Arguments
The claim amendments and Applicant’s arguments filed on December 18, 2025 have been carefully considered but deemed unpersuasive in view of Examiner’s rejection rationale as set forth in the section “Claim Rejection – 35 U.S.C. 103” below.
Accordingly, THIS ACTION IS MADE FINAL. See MPEP 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 5-11 are rejected under 35 U.S.C. 103 as being unpatentable over Xie (US 2009/0199296).
Regarding claim 1, Xie disclosed a data management system comprising a storage apparatus and a processor (Xie, [0001]), wherein
the storage apparatus stores an access policy for each entity (Xie, Fig. 3, “acceptable system call usage profile 308”),
for each entity, the access policy includes, with respect to each of one or a plurality of operation attributes, an access authority for data for use in an application or a model with respect to the entity (n is an integer of 0 or more) (Xie, Fig. 3 and [0056], “the one or more extracted behavioral patterns are stored (414) as an acceptable system call usage profile for calling the one or more system calls that corresponds to the first and second system calls.”),
the storage apparatus stores, for each operation,
an operation log that is a log of the operation, a data log that is a data log corresponding to source data as data for the operation and is associated with the operation log, and/or a data log that is a data log corresponding to target data as data as a result of the operation and is associated with the operation log (Xie, [0052], “The system call monitor 114A can effectively detect that one or more of the system calls SC.sub.1 . . . SC.sub.2 have been called and capture the call event and store it in the log 306. … an input/output monitor 114B can effectively monitor the input/output activity associated with the system calls SC.sub.1 . . . SC.sub.2 including any input and/or output activity associated with transitioning to, from, and/or between one or more of the system calls SC.sub.1 . . . SC.sub.n as they are being called by one or more application programs 104.”),
the storage apparatus stores an entity list based on the access policy with respect to an operation log and/or a data log, each entity list includes
an inclusion list that is a list of entities permitted to use data for operation or data corresponding to a log associated with the entity list, and/or an exclusion list that is a list of entities prohibited to use data for operation or data corresponding to a log associated with the entity list (Xie, [0043], “a plurality of system support provider components A, B, C and D are depicted which can each provide one or more services and/or resources to the application program(s) 104.”), and
the processor in response to a request (Xie, Fig. 4, step 452, “a call to a designated system call has been made?”), when one or more entity lists in which an entity specified based on the request is recorded are found from a plurality of the entity lists,
specifies a usage condition based on one or more operation logs and one or more data logs specified using the one or more entity lists (Xie, Fig. 4 and step 454 and [0057], “If a call to a designated system call has been detected (452), an acceptable system call usage profile and a current system call pattern for the system call are obtained (454)”); and
returns data indicating the specified usage condition to a request source of the request (Xie, Fig. 4, step 460 and [0057], “an unauthorized use indication is generated (460) that can effectively indicate that a system call is unauthorized, thereby allowing remedial action to be taken”).
Xie might not have explicitly disclosed that the data for use in an application or a model with respect to the entity is n-th order data (found in claim 1, clause 2), and wherein the n-th order data may be referred to as a data type and a value of n may be incremented every time data is used.
Regarding the meaning of “n-th order data”, Applicant disclosed in paragraph [0234] of the instant application the following:
“ “n-th order data” may be referred to as a data type, and the value of “n” may be incremented every time data is used (including, e.g., processing), such as zero-th order data (e.g., raw data such as privacy data), primary data (e.g., provided data), secondary data (e.g., feature data), tertiary data (e.g., model data), and the like.”
Using this interpretation of “n-th order”, Examiner identified the following teachings by Xie that would have either anticipated or rendered obvious the “n-th order data” in the claim.
Xie disclosed in [0068] “the processing of user inputs from a keypad / touchscreen” where “when a user presses a key, the keypad can send a corresponding raw scancodes to a keyboard driver (keyboard.c) in the kernel.”
Examiner considers the “raw scancodes” disclosed by Xie to anticipate the 0-th order data in the claim.
Xie then disclosed in the same paragraph [0068] that “The "handle scancode( )" function in the keypad driver parses the stream of scancodes and converts it into a series of key press and key release events called keycode by using a translation-table via a "kbd_translate( )" function”.
Examiner considers the “series of key press and key release events” disclosed by Xie to anticipate the 1st order data in the instant application.
Xie additionally disclosed in paragraph [0063] that “user-behavior features … including both the user's personal behavioral input/output patterns (e.g., the time between keystrokes, the keystroke duration) and the sequence of process state transitions.”
Examiner considers the “user’s personal behavioral input/output patterns” disclosed by Xie to anticipate the 2nd order data.
Furthermore, Xie disclosed in [0067] that “a behavior analyzer can collect keypad /display pairs and generate behavior graphs for a learning engine.”
Examiner considers the “behavior graphs” disclosed by Xie to anticipate the 3rd order data.
Furthermore, Xie disclosed in [0063] that “the learning engine can extract user-behavior features from the behavior graph.”
Examiner considers the “user behavior features” disclosed by Xie to anticipate the 4th order (or n-th order) data in the instant application.
In conclusion, Xie’s disclosure would have either anticipated or rendered obvious all the subject matter in the claim.
Regarding claim 2, Xie disclose the data management system according to claim 1.
Xie further disclosed wherein the usage condition is a lineage specified on the basis of the specified one or more operation logs and one or more data logs, and the lineage is a directed acyclic graph (DAG) in which data or operation is a node, and a model corresponds to an intermediate node or a leaf node (Xie, Fig. 5 and [0060, 0078], “the event logs can be used to construct a directed behavior graph "Gopenbased" based on data captured from the key-pad inputs and GUI displays. In directed behavior graph, observations can be defined as graph nodes and evolutions (links or transitions) between observations as directed edges.”).
Regarding claim 5, Xie disclose the data management system according to claim 1.
Xie further disclosed wherein with respect to a model as m-th order data, the access policy includes an access authority for each of a plurality of types of models, and the usage condition includes a number of models for each type of model generated using data of the specified entity (Xie, [0064]).
Regarding claim 6, Xie disclose the data management system according to claim 1.
Xie further disclosed wherein the usage condition includes a usage condition before an access authority in an access policy of the specified entity is changed and a usage condition after the change (Xie, [0062], “the policy file can be effectively dynamically adjusted as various applications are being used on a device.”).
Regarding claim 7, Xie disclose the data management system according to claim 1.
Xie further disclosed wherein at least one of an operation log and a data log associated with the operation log includes reproducibility information that is information indicating reproducibility of data, and with respect to the reproducibility information that the specified one or more operation logs and one or more data logs have, the usage condition includes reproducibility indicated by reproducibility information after an access authority changes (Xie, Abstract, Fig. 2B and [0050-0051]).
Regarding claim 8, Xie disclose the data management system according to claim 1.
Xie further disclosed wherein in a case where a usage condition after an access authority is changed satisfies a predetermined condition, the processor presents promotion of relaxation or change cancellation of the access authority to the request source (Xie, Abstract, Fig. 2B and [0050-0051]).
Regarding claim 9, Xie disclose the data management system according to claim 1.
Xie further disclosed wherein the entity list exists for each operation log and for each data log (Xie, Fig. 3 shows that the system call input pattern data 320 exists for SC1, SC2, SC3 and SC4 separately).
Regarding claim 10, Xie disclose the data management system according to claim 1.
Xie further disclosed a plurality of client computers including a client computer having the processor and the storage apparatus; and a server computer that communicates with the plurality of client computers, wherein the server computer generates a model by federated learning using machine learning models from the plurality of client computers and transmits the generated model to the plurality of client computers, also in the server computer, an operation log and a data log related to operation performed by the server computer are stored, an operation list is associated with the operation log and the data log in the server computer instead of the entity list, and the operation list includes an inclusion list that is a list of operation or data corresponding to an entity permitted to use data for operation or data corresponding to a log associated with the operation list, and/or an exclusion list that is a list of operation or data corresponding to an entity prohibited to use data for operation or data corresponding to a log associated with the operation list (Xie, [0053, 0062-0063, 0067, 0082-0088], “pattern extract/learning engine”, “HMM learning”).
Claim 11 lists substantially the same elements as claim 1, in data management method form rather than data management system form. Therefore, the rejection rationale for claim 1 applies equally as well to claim 11.
Claims 3-4 are rejected under 35 U.S.C. 103 as being unpatentable over Xie (US 2009/0199296) as applied to claim 1, further in view of Brezinski et al. (US 9,225,730).
Regarding claim 3, Xie disclose the data management system according to claim 1.
Xie might not have explicitly disclosed but Brezinski disclosed wherein the usage condition includes a contribution degree of the specified entity, the contribution degree includes a value calculated based on a total number of data and a number of available data, the total number of data is a number of data in (m-k)-th order data that can be used to generate a model as m-th order data (both m and k are integers less than or equal to a maximum value of n, and m is greater than k), and of the total number of data, the number of available data is a number of data corresponding to entities for which an access authority is permitted up to the m-th order data in an access policy (Brezinski disclosed in Figs. 6-7 example graphs as an arrangement of event data, including vertices corresponding to entities such as devices, processes, or services in a computing environment, and including edges corresponding to events in which one entity accesses another entity. Brezinski additionally disclosed in the Abstract and col. 3, lines 43-46 that the edge of the graph may carry a rarity metric that indicates a rarity or a frequency of events of that type that have occurred between the entities. Brezinski further disclosed in col. 10, lines 21-65 that the rarity metric is calculated by counting the number of occurrence of a particular event between two vertices against the total number of events between those two nodes. Brezinski’s disclosure would have made the subject matter in this claim obvious.)
One or ordinary skill in the art would have been motivated to combine Xie and Brezinski because both references disclosed methods that detects anomalous activities in a network by analyzing the access/activity log to build directed acyclic graphs to visualize how activities occur among network entities overtime (Xie, Fig. 6 and [0078], “directed behavior graph”; Brezinski, Abstract and Figs. 4-7).
Regarding claim 4, Xie and Brezinski disclosed the data management system according to claim 3.
Brezinski further disclosed wherein with respect to the model as the m-th order data, the access policy includes an access authority for each of a plurality of types of models, and the calculated value is based on the total number of data and the number of available data, and a number of predetermined types of models for which an access authority is permitted among the plurality of types of models (Brezinski, Figs. 4-7).
The rationale for combining Xie and Brezinski is the same as that provided in the rejection rationale for claim 3 above
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHIRLEY X ZHANG whose telephone number is (571)270-5012. The examiner can normally be reached 8:30am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joon H Hwang can be reached at 571-272-4036. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SHIRLEY X ZHANG/Primary Examiner, Art Unit 2447