Methods and Systems for Data Platform Monitoring and Auditing

§101 §103

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claim(s) 1-6, 13-15, 17-20 is/are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. The claims fall within at least one of the four categories of patent eligible subject matter. However, the claimed invention is directed to performing steps that fall within the mental process groupings of abstract ideas because they cover concepts performed in the human mind. An analysis of the claims regarding subject matter eligibility follows: Step1: Claim(s) 1-6, 13-15, 17-20 recite a method and a method, therefore satisfying Step 1 of the analysis. Step 2A, Prong 1: Claim(s) 1, 13 recite monitoring a plurality of data events across one or more data platforms in the communication network, wherein each of the data events corresponds to an encryption operation or a decryption operation of a data record in the one or more data platforms; recording each of the data events into an event record, wherein each event record corresponding to a data event indicates at least one of client data describing a client associated with the data event, the data record associated with the data event, a key used for the data event, whether the data event corresponds to the encryption operation or the decryption operation, or a timestamp of the data event; generating client usage records based on event records detailing a set of one or more data events triggered by a request from the client; generating a periodic usage report for the client based on the client usage records, wherein the periodic usage report indicates data associated with operations performed across the one or more data platforms by the client within a predefined period of time, generating data access records based on second event records detailing a second set of one or more data events associated with the encryption operation or the decryption operation performed on the data record; generating key usage records based on third event records detailing a third set of one or more data events in which a key was used during the encryption operation or the decryption operation; and generating platform usage records based on fourth event records detailing a fourth set of one or more data events occurring at a data platform, which, under their broadest reasonable interpretation, covers performance of the limitations entirely in the human mind and/or with the aid of pen and paper. Specifically, the steps of monitoring, recording, generating may be practically performed in the human mind using observation, evaluation, and judgement of data events, client/key/platform usage records, usage report, or data access records. (MPEP 2106.04(a)(2), subsection Ill). For example, “monitoring” in the context of the claim(s) encompasses a user monitoring a plurality of data events across one or more data platforms in the communication network, wherein each of the data events corresponds to an encryption operation or a decryption operation of a data record in the one or more data platforms, “recording” in the context of the claim(s) encompasses the user recording each of the data events into an event record, wherein each event record corresponding to a data event indicates at least one of client data describing a client associated with the data event, the data record associated with the data event, a key used for the data event, whether the data event corresponds to the encryption operation or the decryption operation, or a timestamp of the data event, “generating” in the context of the claim(s) encompasses the user mentally generating client usage records based on event records detailing a set of one or more data events triggered by a request from the client; “generating” in the context of the claim(s) encompasses the user mentally generating a periodic usage report for the client based on the client usage records, wherein the periodic usage report indicates data associated with operations performed across the one or more data platforms by the client within a predefined period of time, “generating” in the context of the claim(s) encompasses the user mentally generating data access records based on second event records detailing a second set of one or more data events associated with the encryption operation or the decryption operation performed on the data record; “generating” in the context of the claim(s) encompasses the user mentally generating key usage records based on third event records detailing a third set of one or more data events in which a key was used during the encryption operation or the decryption operation; and “generating” in the context of the claim(s) encompasses the user mentally generating platform usage records based on fourth event records detailing a fourth set of one or more data events occurring at a data platform. Claim(s) 2-6, 14-15, 17-20 recite further limitations that fall under the judicial exception as recited in claim(s) 1, 13. Each of the further limitations encompass performance of the steps within the human mind. Step 2A, Prong 2: The additional elements recited in claim(s) 1, 13, “transmitting, by the monitoring application, the periodic usage report to the client,” and “performing, by the monitoring application, an action associated with at least one of the data records, the key, or the client based on at least one of the event records, the client usage records, the data access records, the key usage records, and/or the platform usage records” do not integrate the judicial exception into a practical application. These limitations are directed to implementing the abstract idea using generic computer components (MPEP 2106.05(f)) and recite mere data gathering and outputting recited at a high level of generality, and thus are insignificant extra-solution activity (MPEP 2106.05(g)). Claim(s) 2-6, 14-15, 17-20 recite further details regarding a rule in a repository, or details of the periodic usage report. These claims contain no additional elements which would integrate the abstract idea into a practical application. Accordingly, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the identified abstract idea. Step 2B: Claim(s) 1, 13 do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed in Step 2A, Prong 2 above, the recitations of “transmitting, by the monitoring application, the periodic usage report to the client,” and “performing, by the monitoring application, an action associated with at least one of the data records, the key, or the client based on at least one of the event records, the client usage records, the data access records, the key usage records, and/or the platform usage records” are recited at a high level of generality. These elements amount to receiving or transmitting data over a network, and thus are well-understood, routine, conventional activity (MPEP 2106.05(d), subsection II). The claim recites only the idea of a solution or outcome i.e., the claim fails to recite details of how a solution to a problem is accomplished, and thus are mere instructions to apply an exception (MPEP 2106.05(f)). Regarding claim(s) 2-6, 14-15, 17-20, the additional elements are not sufficient to amount to significantly more than the judicial exception because they simply apply the exception using a generic computer. Therefore, claim(s) 1-6, 13-15, 17-20 recite an abstract idea without significantly more, and are not patent eligible. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-6, 13-15, 17 is/are rejected under 35 U.S.C. 103 as being unpatentable over Reddit (Tmobile Customer Service) in view of T-Mobile (Simplify workforce management and increase efficiency). Reddit discloses: 1. A method implemented in a communication network to perform data platform monitoring and auditing, comprising: recording, by the monitoring application, each of the data events into an event record, wherein each event record corresponding to a data event (p 2: Data usage over time) indicates at least one of client data describing a client associated with the data event, the data record associated with the data event, a key [examiner’s note: phone number, for example] used for the data event, whether the data event corresponds to the encryption operation or the decryption operation, or a timestamp (p 2: Jul, Aug, Sept) of the data event; generating, by the monitoring application, client usage records based on event records detailing a set of one or more data events (p 1: Data: 15.5 GB) triggered by a request from the client; generating, by the monitoring application, a periodic usage report for the client based on the client usage records, wherein the periodic usage report indicates data associated with operations performed across the one or more data platforms by the client within a predefined period of time; and (p 2: Usage details) transmitting, by the monitoring application, the periodic usage report to the client. (p 1-2) However, Reddit does not explicitly disclose, while T-Mobile teaches: monitoring, by a monitoring application of a monitoring system in the communication network, a plurality of data events across one or more data platforms in the communication network, wherein each of the data events corresponds to an encryption operation (data encryption) or a decryption operation of a data record in the one or more data platforms; (p 1: cloud-based solution; p 2: Get enhanced security with Encore Vault) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine mobile usage of Reddit with mobile solution of T-Mobile. One of ordinary skill in the art would have been motivated to do so in order to avoid paperwork and increase security and efficiency. (T-Mobile: p 2-3) Modified Reddit discloses: 2. The method of claim 1, further comprising generating, by the monitoring application, data access records based on second event records detailing a second set of one or more data events associated with the encryption operation (p 1: Calls: 1144 min) or the decryption operation performed on the data record. [examiner’s note: cell phone calls are generally encrypted between the phone and the cellular tower.] 3. The method of claim 1, further comprising generating, by the monitoring application, key usage records based on third event records detailing a third set of one or more data events (p 1: Messages: 1088 SMS) in which a key was used [examiner’s note: phone number, for example]. However, Reddit does not explicitly disclose, while T-Mobile teaches: during the encryption operation (p 2: data encryption) or the decryption operation. 4. The method of claim 1, further comprising generating, by the monitoring application, platform usage records based on fourth event records detailing a fourth set of one or more data events (p 1: Mobile Hotspot) occurring at the one or more data platforms. 5. The method of claim 1, wherein the periodic usage report comprises text (p 1), a table (p 2), and a graph visually (p 2) representing the operations performed across the one or more data platforms by the client within the predefined period of time. 6. The method of claim 1, further comprising generating, by the monitoring application, an updated periodic usage report for the client based on the client usage records periodically according to a predefined time interval. (p 2: Current Cycle) Reddit discloses: 13. A method implemented in a communication network to perform data platform monitoring and auditing, comprising: recording, by the monitoring application, each of the data events into an event record, wherein each event record corresponding to a data event (p 2: Data usage over time) indicates at least one of client data describing a client associated with the data event, the data record associated with the data event, a key [examiner’s note: phone number, for example] used for the data event, whether the data event corresponds to the encryption operation or the decryption operation, or a timestamp (p 2: Jul, Aug, Sept) of the data event; generating, by the monitoring application, client usage records based on first event records detailing a first set of one or more data events (p 1: Data: 15.5 GB) caused by a request from the client; generating, by the monitoring application, data access records based on second event records detailing a second set of one or more data events associated with the encryption operation (p 1: Calls: 1144 min) or the decryption operation performed on the data record; [examiner’s note: cell phone calls are generally encrypted between the phone and the cellular tower.] generating, by the monitoring application, key usage records based on third event records detailing a third set of one or more data events (p 1: Messages: 1088 SMS) in which a key was used [examiner’s note: phone number, for example]. generating, by the monitoring application, platform usage records based on fourth event records detailing a fourth set of one or more data events occurring (p 1: Mobile Hotspot) at a data platform; and performing, by the monitoring application, an action (p 2: Usage details) associated with at least one of the data records, the key, or the client based on at least one of the event records, the client usage records, the data access records, the key usage records, and/or the platform usage records. (p 2: Usage details) However, Reddit does not explicitly disclose, while T-Mobile teaches: monitoring, by a monitoring application of a monitoring system in the communication network, a plurality of data events across one or more data platforms in the communication network, wherein each of the data events corresponds to an encryption operation or a decryption operation of a data record in the one or more data platforms; (p 1: cloud-based solution; p 2: Get enhanced security with Encore Vault) during the encryption operation (p 2: data encryption) or the decryption operation; It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine mobile usage of Reddit with mobile solution of T-Mobile. One of ordinary skill in the art would have been motivated to do so in order to avoid paperwork and increase security and efficiency. (T-Mobile: p 2-3) 17. The method of claim 13, further comprising storing, by the monitoring application, a rule (p 1: Unlimited) in a repository at the monitoring system, wherein the rule comprises an identifier of the client, a condition to be met, and the action to be performed by the monitoring application when the condition is met. (p 1: Usage) Claim(s) 14-15 is/are rejected as being the method implemented by the method of claim(s) 1, 5, and is/are rejected on the same grounds. Claim(s) 7-12, 16, 18-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Reddit (Tmobile Customer Service) in view of T-Mobile (Simplify workforce management and increase efficiency), and further in view of T-Mobile 2 (Prepaid account suspend & cancellations). Reddit discloses: 7. A method implemented in a communication network to perform data platform monitoring and auditing, comprising: recording, by the monitoring application, each of the data events into an event record, wherein each event record corresponding to a data event (p 2: Data usage over time) indicates at least one of client data describing a client associated with the data event, the data record associated with the data event, a key [examiner’s note: phone number, for example] used for the data event, whether the data event corresponds to the encryption operation or the decryption operation, or a timestamp (p 2: Jul, Aug, Sept) of the data event; generating, by the monitoring application, client usage records based on first event records detailing a first set of one or more data events (p 1: Data: 15.5 GB) caused by a request from the client; generating, by the monitoring application, key usage records based on second event records detailing a second set of one or more data events in which a key was used during the encryption operation (p 1: Calls: 1144 min) or the decryption operation; [examiner’s note: cell phone calls are generally encrypted between the phone and the cellular tower.] determining, by the monitoring application, a frequency that the client used the key for encryption or decryption across the one or more data platforms based on the key usage records; (p 1: Calls: 1144 min) However, Reddit does not explicitly disclose, while T-Mobile teaches: monitoring, by a monitoring application of a monitoring system in the communication network, a plurality of data events across one or more data platforms in the communication network, wherein each of the data events corresponds to an encryption operation or a decryption operation of a data record in the one or more data platforms; (p 1: cloud-based solution; p 2: Get enhanced security with Encore Vault) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine mobile usage of Reddit with mobile solution of T-Mobile. One of ordinary skill in the art would have been motivated to do so in order to avoid paperwork and increase security and efficiency. (T-Mobile: p 2-3) However, Reddit does not explicitly disclose, while T-Mobile 2 teaches: comparing, by the monitoring application, the frequency (p 1: refill your prepaid account to renew your service) with a threshold indicated in a rule associated with the client (p1: Accounts in Not Paid status for more than 120 days) to determine whether the frequency is less than the threshold; and when the frequency is less than the threshold: ( p1: Accounts in Not Paid status for more than 120 days may be cancelled and your mobile number will be lost.) preventing, by the monitoring application, the client from using the key for future encryption or decryption operations across the one or more data platforms; and (p 1: Accounts in Not Paid status for more than 120 days may be cancelled and your mobile number will be lost.) causing, by the monitoring application, one or more active directories of the one or more data platforms to indicate that the client is prohibited from using the key. (p 1: Accounts in Not Paid status for more than 120 days may be cancelled and your mobile number will be lost.) It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine mobile usage of Reddit with suspensions and cancellations of T-Mobile 2. One of ordinary skill in the art would have been motivated to do so in order to prevent loss of funds on lost or stolen devices. (T-Mobile 2: p 1) Modified Reddit discloses: 8. The method of claim 7, further comprising: However, Reddit does not explicitly disclose, while T-Mobile 2 teaches: tagging, by the monitoring application, a current data event triggered by the client as suspicious based on the client usage records and a rule; and (p 1: Prepaid accounts will be automatically suspended if the account enters Not Paid status.) transmitting, by the monitoring application, a notification to the client regarding the current data event triggered by the client that is tagged as suspicious with a request for the client to verify the one or more data events. (p 1: You must refill your Prepaid account to renew your service.) [examiner’s note: "No service" is a way to notify the user that the account is in an unpaid status.] 9. The method of claim 7, further comprising governing, by the monitoring application, future decryption or encryption operations requested to be performed by the client based on at least one of the event records, the client usage records, and one or more rules (p 1: Unlimited). 11. The method of claim 7, further comprising transmitting, by the monitoring application to the client, an efficient function call to search for one or more data records. (p 1: Check usage details; p 2: View by Line) 16. The method of claim 13, further comprises: determining, by the monitoring application, based on a rule (p 1: Unlimited) associated with the client, a frequency that the client used the key for encryption or decryption across the one or more data platforms based on the key usage records (p 1: Usage); However, Reddit does not explicitly disclose, while T-Mobile 2 teaches: comparing, by the monitoring application, the frequency (p 1: refill your prepaid account to renew your service) with a threshold indicated in a rule (p1: Accounts in Not Paid status for more than 120 days) to determine whether the frequency is less than the threshold; and when the frequency is less than the threshold: ( p1: Accounts in Not Paid status for more than 120 days may be cancelled and your mobile number will be lost.) preventing, by the monitoring application, the client from using the key for future encryption or decryption operations across the one or more data platforms; and (p 1: Accounts in Not Paid status for more than 120 days may be cancelled and your mobile number will be lost.) causing, by the monitoring application, an active directory of the one or more data platforms to be updated to indicate that the client is prohibited from using the key. (p 1: Accounts in Not Paid status for more than 120 days may be cancelled and your mobile number will be lost.) 19. The method of claim 18, further comprising However, Reddit does not explicitly disclose, while T-Mobile 2 teaches: tagging, by the monitoring application, the one or more data events triggered by the client as suspicious when the current data event is associated with a count that exceeds a threshold indicated in the rule. (p 1: Prepaid accounts will be automatically suspended if the account enters Not Paid status.) Claim(s) 10, 12 is/are rejected as being the method implemented by the method of claim(s) 1, 3-4, and is/are rejected on the same grounds. Claim(s) 18, 20 is/are rejected as being the method implemented by the method of claim(s) 8, 9, and is/are rejected on the same grounds. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to KATHERINE LIN whose telephone number is (571)431-0706. The examiner can normally be reached Monday-Friday; 8 a.m. - 5 p.m. EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Bryce Bonzo can be reached at (571) 272-3655. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /KATHERINE LIN/ Primary Examiner, Art Unit 2113