Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-7, 10-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Zhou et al (“Zhou” US 2009/0282240 A1), published on November 12, 2009 in view of Blakrishnan et al (“Blakrishnan” US 11,593,521 B1), published on February 28, 2023.
As to claim 1, Zhou teaches “storing a plurality of datasets in a data vault for provisioning to dynamically generated workspaces associated with users” in paragraphs [0030-0032] (a plurality of storage devices corresponds to storing a plurality of datasets) and par. 0045 (permission bit mask shows workspaces generated from different user role or member).
Zhou teaches “wherein the dynamically generated workspaces are computer environments through which the users can perform operations on the one or more datasets” in par. 0042, fig. 3 (different user member or roles can get accessed to different data).
Zhou teaches “receiving a request, from a user, for access to a specified dataset” in par. 0019 (“…The security manager or users in the application client sign the request, and then send the request and signature to the storage device…”).
Zhou teaches “retrieving a data usage agreement (DUA) corresponding to a pairing of the user with the specified dataset” in par. 0037 (“member access control list” with respect to a storage device corresponds to a data usage agreement (DUA) corresponding to a pairing of the user with the specified dataset).
It appears Zhou does not explicitly teach “wherein the DUA specifies a level of obfuscation to be applied to the specified dataset when provisioning a workspace associated with the user, with the specified dataset”.
However, Blakrishnan teaches “wherein the DUA specifies a level of obfuscation to be applied to the specified dataset when provisioning a workspace associated with the user, with the specified dataset” in col. 19: 3-14 (masking policy corresponds to a level of obfuscation to be applied to the specified dataset).
Zhou and Blakrishnan are analogous art because they are in the same field of endeavor, database management. It would have been obvious to one of ordinary skill in the art before the effective filling date of the claim invention to enhance the data usage agreement (disclosed by Zhou) to include “wherein the DUA specifies a level of obfuscation to be applied to the specified dataset when provisioning a workspace associated with the user, with the specified dataset”, as suggested by Blakrishnan in order to provide various masking policy supporting data obfuscation (see Blakrishnan col. 19).
Blakrishnan teaches “dynamically generating, on-demand, the workspace associated with the user based on the retrieved DUA” in col. 3: 40-60 (masking policy are created by user on demand to generate obfuscated data or workspace associated with the user based on the retrieved DUA).
Blakrishnan teaches “automatically provisioning, on-demand, the dynamically generated workspace with a version of the specified dataset corresponding to the level of obfuscation specified in the DUA” in col. 15: 50-60. (user can dynamically assign a new tag to data (table, column…) in order to create new dataset corresponding to the level of obfuscation specified in the DUA).
As to claim 11, it is rejected for similar reason as claim 1.
As to claim 20, it is rejected for similar reason as claim 1.
As to claim 2, Blakrishnan teaches “wherein automatically provisioning, on-demand, the dynamically generated workspace comprises selecting a version of the specified dataset that has the level of obfuscation specified in the DUA from a plurality of versions of the specified dataset stored in the data vault” in col. 17: 1-5 (masking policy can be assigned dynamically during query runtime to provided the level of obfuscation specified in the DUA from a plurality of versions of the specified dataset stored in the data vault).
As to claim 12, it is rejected for similar reason as claim 2.
As to claim 3, Blakrishnan teaches “wherein the dynamically generated workspace is one of a cloud virtual machine, an integrated development computer environment, or a computer desktop instance” in col. 8: 5-15.
As to claim 13, it is rejected for similar reason as claim 3.
As to claim 4, Zhou teaches “automatically determining whether to approve or deny the request based on a generated representation of the request in a multi-dimensional project space representing at least a pairing of the user and the specified dataset, and comparing the representation of the request to representations of previous requests” in paragraphs [0037-0039] (“member access control list” contains representations of previous requests).
As to claim 14, it is rejected for similar reason as claim 4.
As to claim 5, Zhou teaches “wherein the multi-dimensional project space is a three dimensional project space having a user profile dimension, a dataset dimension, and a compute environment dimension, wherein the user profile dimension comprises one or more characteristics of the user from which the request is received” in paragraphs [0033-0036] (member’s identity corresponds to a user profile dimension).
Zhou teaches “the dataset dimension comprises one or more characteristics representing at least a security level required for accessing a corresponding dataset” in par. 0005 (“access privilege information” corresponds to at least a security level required for accessing a corresponding dataset).
Zhou teaches “and the compute environment dimension comprises one or more characteristics representing a level of security afforded by a corresponding compute environment” in par. 0016 (“access control list” corresponds to one or more characteristics representing a level of security afforded by a corresponding compute environment).
As to claim 15, it is rejected for similar reason as claim 5.
As to claim 6, Zhou teaches “comparing a first point in the multi-dimensional project space corresponding to the request, to a plurality of second points corresponding to other requests with which an approval or denial has been previously associated; and automatically determining whether to approve or deny the request based on results of the comparison, wherein the dynamically generating and automatically provisioning operations are performed in response to approval of the request” in paragraphs [0037-0039] (searching member access control list and role access control list in order to determine whether to deny the access request or not).
As to claim 16, it is rejected for similar reason as claim 6.
As to claim 7, Zhou teaches “wherein comparing the first point to the plurality of second points comprises determining whether the first point falls within a safe range of the plurality of second points, falls within a decline range of the plurality of second points, or falls within a boundary edge case range of the plurality of second points” in paragraphs [0037-0039], figure 4 (access control list is a data structure including first access control entry to last access control entry. The list of access control entries corresponds to a safe range, decline range and boundary edge case).
As to claim 17, it is rejected for similar reason as claim 7.
As to claim 10, Blakrishnan teaches “wherein the plurality of versions of the specified dataset comprise a first version of the specified dataset in which all personal health information or personally identifiable information is obfuscated, a second version of the specified dataset in which some, but not all, personal health information or personally identifiable information is obfuscated, and a third version of the specified dataset in which none of the personal health information or personally identifiable information is obfuscated” in col. 19: 3-30 (social security mask is applied partially or fully to provide different version of obfuscation).
Allowable Subject Matter
Claims 8-9, 18-19 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicants’ disclosure:
. Wrenn et al (US 2022/0300653 A1)
. Gupta et al (US 2021/0294797 A1)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Loc Tran whose telephone number is 571-272-8485. The examiner can normally be reached on Mon-Fri. 7:30am-5pm; First Fri Off.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amy Ng can be reached on (571)-270-1698. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/LOC TRAN/
Primary Examiner, Art Unit 2164