DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1. Claims 1 – 20 are currently pending in this application.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
The claims and specification are generally narrative and indefinite, failing to conform with current U.S. practice. They appear to be a literal translation into English from a foreign document and are replete with grammatical and idiomatic errors. The examiner will attempt a good faith interpretation of the claim language. However, appropriate correction/clarification is required.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ciampaglia et al. (Pre-Grant Publication No. US 2023/0090611 A1), hereinafter Ciampaglia, in view of Kulkarni (Pre-Grant Publication No. US 2013/0297346 A1), and in further view of Powers et al. (Pre-Grant Publication No. US 2010/0299430 A1), hereinafter Powers.
2. With respect to claims 1 and 11, Ciampaglia taught a method for trusted audit of personal-information deletion (0082), the method comprising: acquiring log data of an arbitrary source-domain personal-information deleting body in a network and of its associated-domain personal-information deleting bodies (0185, where this limitation is interpreted as obtaining a system’s deletion logs); and performing consistency-of-notification analysis and operation-compliance analysis on the log data by means of association analysis (0082, where the analysis can be seen in, at least, 0086).
However, Ciampaglia did not explicitly state normalizing the log data according to predetermined parsing rules and thereby generating normalized log data. On the other hand, Kulkarni did teach normalizing the log data according to predetermined parsing rules and thereby generating normalized log data (0012). Both of the systems of Ciampaglia and Kulkarni are directed towards auditing log files and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Ciampaglia, to utilize normalizing log data, as taught by Kulkarni, in order to more efficiently review the data by maintain a single format for management.
However, while it could be argued that the third-party nature of the device is the intended use of the system, in order to maintain a more compact prosecution, it is taken that Ciampaglia did not explicitly state that the audit was a third-party audit. On the other hand, Powers did teach that the audit was a third-party audit (0053 & 0090). Both of the systems of Ciampaglia and Kulkarni are directed towards auditing log files and therefore, it would have been obvious to a person having ordinary skill in the art, at the time of the effective filing of the invention, to modify the teachings of Ciampaglia, to utilize third-party auditing, as taught by Powers, in order to more easily access a multitude of audits.
3. As for claims 2 and 12, they are rejected on the same basis as claims 1 and 11 (respectively). In addition, Ciampaglia taught wherein in the step of acquiring the log data of the source-domain personal-information deleting body and the log data of the associated-domain personal-information deleting bodies: the log data include content data and tag data, and the content data are received after the tag data have passed verification, wherein the content data include notification-of-deletion logs, notification-of-deletion confirmation logs, operation-of-deletion logs, and result-of-deletion self-assessment logs (0032, where the PII tags are taught by the flagged PII data of, at least, 0027).
4. As for claims 3 and 13, they are rejected on the same basis as claims 2 and 12 (respectively). In addition, Kulkarni taught wherein the step of normalizing the log data according to the predetermined parsing rules and generating the normalized log data comprising: merging log information by filtering out useless fields from logs, extracting information of key fields from the log data, and reconstructing the information into corresponding normalized logs using a matching normalization format (0006).
5. As for claims 4 and 14, they are rejected on the same basis as claims 3 and 13 (respectively). In addition, Ciampaglia taught wherein the step of performing the consistency-of-notification analysis on the normalized log data by means of the association analysis comprises: analyzing entries in the normalized notification-of-deletion logs of the source-domain personal-information deleting body entry by entry and defining the entry analyzed currently as a first entry (0030, where the parsed log data is the first entry, and the data being normalized was previously taught by Kulkarni: 0012); according to the key fields in the first entry, identifying a corresponding second entry in the normalized notification-of-deletion confirmation logs of the associated-domain personal-information deleting bodies (0082, where the request to delete contains the second entry that matches the flag/key of the first entry data); and obtaining a consistency-of-notification-audit-analysis result according to a correspondence-of-existence result and a correspondence-of-content result between the first entry and the second entry (0082, where, at least, the reaction is a consistency of notification audit analysis result).
6. As for claims 5 and 15, they are rejected on the same basis as claims 4 and 14 (respectively). In addition, Ciampaglia taught wherein the correspondence-of-existence result indicates whether a said corresponding second entry can be identified according to the key fields in the first entry; and the correspondence-of-content result indicates whether the first entry and the second entry are correspondent with each other in terms of target, granularity and method related to deletion of the personal information (0082, where at least the replacement, after the data is matched, teaches this limitation).
7. As for claims 6 and 16, they are rejected on the same basis as claims 5 and 15 (respectively). In addition, Ciampaglia taught wherein the step of performing the operation-compliance analysis on the normalized log data by means of the association analysis comprises: analyzing entries in the normalized operation-of-deletion logs of the source-domain personal-information deleting body and the associated-domain personal-information deleting bodies entry by entry and defining the entry analyzed currently as the first entry (0030, where the parsed log data is the first entry, and the data being normalized was previously taught by Kulkarni: 0012); according to the key fields in the first entry, identifying the corresponding second entry in the normalized result-of-deletion self-assessment logs of the same domain (0082, where the request to delete contains the second entry that matches the flag/key of the first entry data); and generating an operation-compliance-audit-analysis result according to the correspondence-of-existence result and the compliance-of-content result between the first entry and the second entry (0082, where, at least, the reaction is a consistency of notification audit analysis result).
8. As for claims 7 and 17, they are rejected on the same basis as claims 6 and 16 (respectively). In addition, Ciampaglia taught wherein the correspondence-of-existence result indicates whether the corresponding second entry in the normalized result-of-deletion self-assessment logs can be identified according to the key fields in the first entry in the normalized operation-of-deletion logs (0082, where the key data can be seen); and the compliance-of-content result indicates whether a consistency-of-deletion-request assessment result, a consistency-of-deletion-operation assessment result, a deletion-operation-effectiveness assessment result, and a deletion-irrevocability assessment result in the second entry in the normalized result-of-deletion self-assessment logs are compliant (0082).
9. As for claims 8 and 18, they are rejected on the same basis as claims 7 and 17 (respectively). In addition, Ciampaglia taught wherein further comprising: after completing the association analysis of the normalized log data, generating third-party-audit-of-deletion logs; and based on the third-party-audit-of-deletion logs, identifying the log data related to abnormality of deletion for retrospective forensics of the original log data (0082, the results. Where the use of third-party auditing was previously taught by Powers: 0053 & 0090).
10. As for claims 9 and 19, they are rejected on the same basis as claims 8 and 18 (respectively). In addition, Ciampaglia taught wherein the step of, based on the third-party-audit-of-deletion logs, identifying the log data related to abnormality of deletion for retrospective forensics of the original log data comprises: acquiring the consistency-of-notification result and the operation-compliance-audit-analysis result related to the abnormal deletion, locating the entry having the related log data and providing a forensic analysis result (0036, where the system analyzing and deeming the data worthy teaches the results of the forensic analysis under obviousness and broadest reasonable interpretation).
11. As for claims 10 and 20, they are rejected on the same basis as claims 9 and 19 (respectively). In addition, Ciampaglia taught wherein the audit subject may be any source-domain personal-information deleting body and its associated-domain personal-information deleting bodies in the network, the deletion-responsible body may be a device, software, or an individual, the source-domain personal-information deleting body may be a smart terminal, and its associated-domain personal-information deleting bodies may include various authorized network platforms or APPs (0030, where this, at least, teaches the device limitation. Accordingly, the network devices can be seen in 0051).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
(a) Kuo et al. (Pre-Grant Publication No. US 2017/0270315 A1), 0005, 0037, & 0051.
(b) Hahn et al. (Pre-Grant Publication No. US 2008/0168567 A1), 0040.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSEPH L GREENE whose telephone number is (571)270-3730. The examiner can normally be reached Monday - Thursday, 10:00am - 4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas R. Taylor can be reached at 571 272-3889. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JOSEPH L GREENE/Primary Examiner, Art Unit 2443