Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsHoneywell International Inc. › 18672007
Last updated: April 19, 2026
Application No. 18/672,007

DATA SECURITY MANAGEMENT

Non-Final OA §101§103
Filed
May 23, 2024
Examiner
WANG, CHAO
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
Honeywell International Inc.
OA Round
1 (Non-Final)
80%
Grant Probability
Favorable
1-2
OA Rounds
2y 11m
To Grant
99%
With Interview

Interview Optional

+85.8% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 143 resolved cases, 2023–2026

Examiner Intelligence

WANG, CHAO View full profile →
Grants 80% — above average
80%
Career Allow Rate
114 granted / 143 resolved
+21.7% vs TC avg
Strong +86% interview lift
Without
With
+85.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
23 currently pending
Career history
166
Total Applications
across all art units

Statute-Specific Performance

§101
15.1%
-24.9% vs TC avg
§103
68.7%
+28.7% vs TC avg
§102
5.2%
-34.8% vs TC avg
§112
2.1%
-37.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 143 resolved cases

Office Action

§101 §103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This office Action is in response to Application 18672007 filed on 05/23/2024. Claims 1, 8, and 17 are independent claims. Claims 1-20 have been examined and are pending in this application. This Office Action is made Non-Final. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 8 and 14-16 are rejected under 35 U. S. C. 101 as being directed to non-statutory subject matter as being directed to an abstract idea without being integrated into a practical application or significantly more. Regarding claim 8, the claim is directed to an abstract idea as reciting the limitations “mask[ing] a portion of the certified aviation data …;” and “calculate[ing] flight medication parameters” Said steps are “mental process” as broadly interpreted said steps could be performed in the human mind and/or mathematical correlation. Therefore, the claims recite an abstract idea. Said abstract idea and/or judicial exception is not integrated into a practical application as the claim does not recite any other active steps that utilize determination result into a practical application. It’s noted that the claim recites the limitations “receive [] data;” Said step is not sufficiently to consider that the abstract idea is being integrated into a practical application as the steps cited at high level of generality of displaying information which is a form of insignificant extra-solution activity for data gathering (See MPEP 2106.05 for details). It's also noted that the claim also recites additional elements (i.e., electronic flight bag, aircraft, flight management system, etc.,). However, said additional elements are recited at a high-level of generality amouting no more than mere instructions to apply the exception or abstract idea using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements when considered both individually and as an ordered combination do not amount to significantly more than the abstract idea. As mentioned above, although the claims recite additional elements, said elements taken individually or as a combination, do not result in the claim amounting to significantly more than the abstract idea because as the additional elements perform generic computer content distributing functions routinely used in information technology field. See US Application 20180357561 and JP 2010178388. As discussed above, the additional elements recited at a high-level of generality such that they amount no more than mere instructions to apply the exception using a generic computer component. Therefore, the claim is directed to non-statutory subject matter. Regarding dependent 14-16; claims 14-16 are rejected under 35 U.S.C. 101 as being directed to an abstract idea without being integrated into a practical application or significantly more for the same reason discussed above. Claim Interpretation The following is a quotation of 35 U.S.C. 112(f): (f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The following is a quotation of pre-AIA 35 U.S.C. 112, sixth paragraph: An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art. The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is invoked. As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph: (A) the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; (B) the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and (C) the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier. Such claim limitations are: “a validation engine [] receive …” recited in claims 8, 10-13; “a masking engine [] receive …” recited in claims 8 and 15; “a flight parameter generation engine [] calculate …” recited in claims 8-9. Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof. If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph, applicant may: (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA 35 U.S.C. 112, sixth paragraph. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-3, 6, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Selvarajan et al. (“Selvarajan,” US 20180357561, published on 12/13/2018) in view of YOSHIDA et al. (“YOSHIDA,” JP 2010178388 A, published on 08/12/2010). Regarding Claim 1; Selvarajan discloses a method comprising: receiving uncertified data from each of a plurality of Electronic Flight Bag (EFB) applications, the uncertified data being associated with at least one of flight assistance parameters of an aircraft (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application (App) in an aviation environment; par 0034; the certified applications to pull data from the uncertified applications [] software triggered (e.g., the FMS requesting weather data from a weather server during performance predictions) [] software triggered (e.g., the FMS pushing the flight plan data to the EFB for a change in the flight plan)); receiving certified aviation data from a flight management system of the aircraft (par 0027; information exchange between certified and uncertified applications. The system includes a vehicle electronics data broker gateway, which is operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications, such as through one or more application programming interfaces. The data broker gateway can be implemented either as a certified application, or as an uncertified application (for example, as an electronic flight bag (EFB) application (App) in an aviation environment); for the one or more EFB applications determined to be not compromised, calculating flight modification parameters using the certified aviation data and the uncertified data of the one or more EFB applications (par 0074; information exchange between one or more vehicle electronics certified applications and one or more uncertified applications through one or more application programming interfaces operated by a vehicle electronics data broker gateway, the method comprising: generating one or more configuration files with a dedicated modeling tool based on user requirements [i.e., by calculation]; selecting a best data source amongst a plurality of data sources based on one or more criterions; receiving data from the data source, either based on pull from a client or push from the data source, wherein the data source comprises one of the vehicle electronics certified applications or one of the uncertified applications; converting the data received from the data source into a standard format supported by the one or more application programming interfaces; storing the data received from the data source before transmitting the data to the client); and transmitting the flight modification parameters to the flight management system of the aircraft (par 0074; information exchange between one or more vehicle electronics certified applications and one or more uncertified applications through one or more application programming interfaces operated by a vehicle electronics data broker gateway, the method comprising: generating one or more configuration files with a dedicated modeling tool based on user requirements [] converting the data received from the data source into a standard format supported by the one or more application programming interfaces; storing the data received from the data source before transmitting the data to the client; and transmitting the data to the client). Selvarajan discloses all the limitations as recited above, but do not explicitly disclose determining if one or more of the plurality of EFB applications are compromised by performing a validity test on the uncertified data; for the one or more compromised EFB applications, applying an isolation and neutralization technique for preventing transmission of the compromised uncertified data to the flight management system of the aircraft. However, in an analogous art, YOSHIDA discloses information communication system/method that includes: determining if one or more of the plurality of EFB applications are compromised by performing a validity test on the uncertified data (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value [i.e., according to specification par 0024; validation engine [] determines the document to be compromised if the file size is smaller than the predetermined file size], the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server); for the one or more compromised EFB applications, applying an isolation and neutralization technique for preventing transmission of the compromised uncertified data to the flight management system of the aircraft (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of YOSHIDA with the method/system of Selvarajan to include determining if one or more of the plurality of EFB applications are compromised by performing a validity test on the uncertified data; for the one or more compromised EFB applications, applying an isolation and neutralization technique for preventing transmission of the compromised uncertified data to the flight management system of the aircraft. One would have been motivated to use the first encryption key and transmitting the encrypted identification information to the first server, based on the authentication result (YOSHIDA: abstract). Regarding Claim 2; The combination of Selvarajan and YOSHIDA disclose the method as claimed in claim 1, YOSHIDA discloses wherein the performing of the validity test comprises: receiving a specific sequence of protocol handshaking from each of the plurality of EFB applications (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server; page 3, pars 10-11; an operation sequence of the information communication system 1shown in FIG. The sequence for acquiring the terminal ID is performed via the browser 114 as shown in FIG. When secure access from the browser 114 of the communication terminal device 10 to the portal server 20 is performed, encrypted communication is performed using an SSL session (defined in RFC 2246) or the like. In this SSL session, the browser 114 interprets the public key certificate (server certificate) signed by the certificate authority CA. Here, when the signature of the certificate authority CA is verified, a key exchange sequence for encrypted communication is executed as a correct server); verifying authenticity of the specific sequence of protocol handshaking (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server; page 3, pars 10-11; an operation sequence of the information communication system 1shown in FIG. The sequence for acquiring the terminal ID is performed via the browser 114 as shown in FIG. When secure access from the browser 114 of the communication terminal device 10 to the portal server 20 is performed, encrypted communication is performed using an SSL session (defined in RFC 2246) or the like. In this SSL session, the browser 114 interprets the public key certificate (server certificate) signed by the certificate authority CA. Here, when the signature of the certificate authority CA is verified, a key exchange sequence for encrypted communication is executed as a correct server); and authenticating the uncertified data of the EFB application based on the verification (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server). The motivation is the same that of claim 1 above. Regarding Claim 3; The combination of Selvarajan and YOSHIDA disclose the method as claimed in claim 1, YOSHIDA discloses wherein the performing of the validity test comprises: receiving a unique code from each of the applications (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server); verifying authenticity of the unique code (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server); and authenticating the uncertified data of the application based on the verification (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server). The motivation is the same that of claim 1 above. Selvarajan further discloses the plurality of EFB applications (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). Regarding Claim 6; The combination of Selvarajan and YOSHIDA disclose the method as claimed in claim 1, YOSHIDA discloses wherein the applying of the isolation and neutralization technique comprises terminating the one or more applications determined to be compromised (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server). The motivation is the same that of claim 1 above. Selvarajan further discloses EFB applications (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). Regarding Claim 17; This Claim recites a non-transitory computer readable medium that perform the same steps as method of Claim 1, and has limitations that are similar to Claim 1, thus are rejected with the same rationale applied against claim 1. Regarding Claim 18; The combination of Selvarajan and YOSHIDA disclose the non-transitory computer readable medium as claimed in claim 17, YOSHIDA discloses wherein the non-transitory computer readable medium comprises: determining size of a file having the uncertified data for each of the plurality of EFB applications (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server); comparing the size of the file with a predetermined range of file size (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server); and upon determining that the size of the file is not within the predetermined range of file size, determining the EFB application to be compromised (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server). The motivation is the same that of claim 1 above. Selvarajan further discloses the EFB application (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). Regarding Claim 19; The combination of Selvarajan and YOSHIDA disclose the non-transitory computer readable medium as claimed in claim 17, Selvarajan discloses wherein the certified aviation data comprises at least one of a flight path, a traffic diversion status, minimum equipment list constraints, a cargo weight, and an estimate time of arrival of the aircraft at a stopover airport (Selvarajan: par 0034; the certified applications to pull data from the uncertified applications and vice versa, which can be either human triggered (e.g., a pilot signaling an EFB to fetch data from the FMS) or software triggered (e.g., the FMS requesting weather data from a weather server during performance predictions [] software triggered (e.g., the FMS pushing the flight plan data to the EFB for a change in the flight plan)). Regarding Claim 20; The combination of Selvarajan and YOSHIDA disclose the non-transitory computer readable medium as claimed in claim 17, Selvarajan discloses wherein the flight modification parameters comprise at least one of an increase in speed, a decrease in speed, an increase in altitude, a decrease in altitude, and a change in flight route (Selvarajan: par 0034; the certified applications to pull data from the uncertified applications and vice versa, which can be either human triggered (e.g., a pilot signaling an EFB to fetch data from the FMS) or software triggered (e.g., the FMS requesting weather data from a weather server during performance predictions [] software triggered (e.g., the FMS pushing the flight plan data to the EFB for a change in the flight plan)). Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Selvarajan et al. (US 20180357561) in view of YOSHIDA et al. (JP 2010178388), further in view of BENRACHI et al. (“BENRACHI,” WO 2015158998, published on 10/22/2015). Regarding Claim 4; The combination of Selvarajan and YOSHIDA disclose the method as claimed in claim 1, Selvarajan discloses wherein the performing of the validity test comprises: performing the validity test automatically during a startup of a flight operation of the aircraft (Selvarajan: par 0049; a determination is made whether the data is valid. If not, a determination is made whether another source is configured. If yes, chooses the next preferred source, and repeats starting. If another source is not configured declares the data invalid). The combination of Selvarajan and YOSHIDA disclose performing of the validity test as recited above, but do not explicitly disclose determining a validation setting, the validation setting being one of a manual validation setting and an auto validation setting; for the validation setting being the manual validation setting, performing the validity test on receiving a prompt from a user; and for the validation setting being the auto validation setting. However, in an analogous art, BENRACHI discloses quality metrology system/method that includes: determining a validation setting, the validation setting being one of a manual validation setting and an auto validation setting ;for the validation setting being the manual validation setting, performing the validity test on receiving a prompt from a user; and for the validation setting being the auto validation setting (BENRACHI: page 6, par 10; piece of data goes into the validation process. A test is then performed to determine whether this data is valid or not. In the event that the data is invalidated by the validation process of the "Quality Control" module, the data is sent to a "correction" collection. This collection allows to centralize all the invalidated data, not coherent or under awaiting later validation. If the validation process of the "Quality Control" module judges that the data is valid (automatic or manual validation), this data is identified as such and returns to a collection including "validated" data). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of BENRACHI with the method/system of Selvarajan and YOSHIDA to include determining a validation setting, the validation setting being one of a manual validation setting and an auto validation setting ;for the validation setting being the manual validation setting, performing the validity test on receiving a prompt from a user; and for the validation setting being the auto validation setting. One would have been motivated to data collection networks spread across different geographic locations. Validated measurements from a raw data validation process (BENRACHI: page 4, par 2). Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Selvarajan et al. (US 20180357561) in view of YOSHIDA et al. (JP 2010178388), further in view of Rineer et al. (“Rineer,” US 20040123101, published on 06/24/2004). Regarding Claim 5; The combination of Selvarajan and YOSHIDA disclose the method as claimed in claim 1, The combination of Selvarajan and YOSHIDA disclose all the limitations as recited above, but do not explicitly disclose wherein the validity test is one of a startup test, a continuous test, and an interactive test. However, in an analogous art, Rineer discloses managing data integrity system/method that includes: wherein the validity test is one of a startup test, a continuous test, and an interactive test (Rineer: par 0049; use the interactive test interface in the customization tools to verify that changes to rules produce the intended results at process step. Once satisfied with the outcome of the customizations as determined at decision). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Rineer with the method/system of Selvarajan and YOSHIDA to include wherein the validity test is one of a startup test, a continuous test, and an interactive test. One would have been motivated to perform the data integrity validation operations. The data integrity validation rules are stored in a knowledge base which is separate from and external to the data integrity validation application (Rineer: abstract). Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Selvarajan et al. (US 20180357561) in view of YOSHIDA et al. (JP 2010178388), further in view of ADAY et al. (“ADAY,” US 20240411881, filed on 06/09/2023). Regarding Claim 7; The combination of Selvarajan and YOSHIDA disclose the method as claimed in claim 1, YOSHIDA discloses wherein the applying of the isolation and neutralization technique comprises: blocking ports of the one or more applications determined to be compromised (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server). The motivation is the same that of claim 1 above. Selvarajan further discloses EFB applications (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). The combination of Selvarajan and YOSHIDA disclose isolation and neutralization technique as recited above, but do not explicitly disclose notifying a user about the blocked ports. However, in an analogous art, ADAY discloses identification system/method that includes: notifying a user about the blocked ports (ADAY: par 0050; If the comparison is over the threshold(s), the thread scanner takes an action to mitigate the malware. For example, the thread scanner quarantine the malware, may remove the malware, may send a notification to a user, may block a port). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of ADAY with the method/system of Selvarajan and YOSHIDA to include notifying a user about the blocked ports. One would have been motivated to predict a signature of the mutated source code for the type of malware. For example, the prediction algorithm is trained using existing source code of different types of malware to generate a prediction mode (ADAY: abstract). Claims 8-12 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Selvarajan et al. (US 20180357561) in view of YOSHIDA et al. (JP 2010178388), further in view of Nguyen et al. (“Nguyen,” US 20240126916, published on 04/18/2024). Regarding Claim 8; Selvarajan discloses a system comprising: a validation engine to: receive uncertified data from each of a plurality of Electronic Flight Bag (EFB) applications, the uncertified data being associated with at least one of flight assistance parameters of an aircraft (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application (App) in an aviation environment; par 0034; the certified applications to pull data from the uncertified applications [] software triggered (e.g., the FMS requesting weather data from a weather server during performance predictions) [] software triggered (e.g., the FMS pushing the flight plan data to the EFB for a change in the flight plan)); and a masking engine to: receive certified aviation data from the flight management system of the aircraft (par 0027; information exchange between certified and uncertified applications. The system includes a vehicle electronics data broker gateway, which is operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications, such as through one or more application programming interfaces. The data broker gateway can be implemented either as a certified application, or as an uncertified application (for example, as an electronic flight bag (EFB) application (App) in an aviation environment); and at least a portion of the certified aviation data to provide controlled access of the certified aviation data to the one or more EFB applications determined to be not compromised (par 0074; information exchange between one or more vehicle electronics certified applications and one or more uncertified applications through one or more application programming interfaces operated by a vehicle electronics data broker gateway, the method comprising: generating one or more configuration files with a dedicated modeling tool based on user requirements [i.e., by calculation]; selecting a best data source amongst a plurality of data sources based on one or more criterions; receiving data from the data source, either based on pull from a client or push from the data source, wherein the data source comprises one of the vehicle electronics certified applications or one of the uncertified applications; converting the data received from the data source into a standard format supported by the one or more application programming interfaces; storing the data received from the data source before transmitting the data to the client); and a flight parameter generation engine to: calculate flight modification parameters using unmasked portion of the certified aviation data and the uncertified data (par 0074; information exchange between one or more vehicle electronics certified applications and one or more uncertified applications through one or more application programming interfaces operated by a vehicle electronics data broker gateway, the method comprising: generating one or more configuration files with a dedicated modeling tool based on user requirements [i.e., by calculation]; selecting a best data source amongst a plurality of data sources based on one or more criterions; receiving data from the data source, either based on pull from a client or push from the data source, wherein the data source comprises one of the vehicle electronics certified applications or one of the uncertified applications; converting the data received from the data source into a standard format supported by the one or more application programming interfaces; storing the data received from the data source before transmitting the data to the client). Selvarajan discloses all the limitations as recited above, but do not explicitly disclose determine if one or more of the plurality of EFB applications are compromised by performing a validity test on the uncertified data; for the one or more compromised EFB applications, apply an isolation and neutralization technique for preventing transmission of the compromised uncertified data to a flight management system of the aircraft. However, in an analogous art, YOSHIDA discloses information communication system/method that includes: determine if one or more of the plurality of EFB applications are compromised by performing a validity test on the uncertified data (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value [i.e., according to specification par 0024; validation engine [] determines the document to be compromised if the file size is smaller than the predetermined file size], the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server); for the one or more compromised EFB applications, apply an isolation and neutralization technique for preventing transmission of the compromised uncertified data to a flight management system of the aircraft (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of YOSHIDA with the method/system of Selvarajan to include determine if one or more of the plurality of EFB applications are compromised by performing a validity test on the uncertified data; for the one or more compromised EFB applications, apply an isolation and neutralization technique for preventing transmission of the compromised uncertified data to a flight management system of the aircraft. One would have been motivated to use the first encryption key and transmitting the encrypted identification information to the first server, based on the authentication result (YOSHIDA: abstract). The combination of Selvarajan and YOSHIDA disclose all the limitations as recited above, but do not explicitly disclose mask, using a masking technique, at least a portion of the certified aviation data. However, in an analogous art, Nguyen discloses data protection system/method that includes: mask, using a masking technique, at least a portion of the certified aviation data (Nguyen: par 0082; based on detecting that the data being received by the router includes the sensitive data, a masking technique to at least a portion of the sensitive data received prior to transmitting the sensitive data from an application programming interface gateway). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nguyen with the method/system of Selvarajan and YOSHIDA to include mask, using a masking technique, at least a portion of the certified aviation data. One would have been motivated to detect that the data being received by the router includes sensitive data. Additionally, the machine learning model may detect an entry of sensitive data at one or more sensitive fields on one or more active user interfaces (Nguyen: abstract). Regarding Claim 9; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, Selvarajan discloses wherein the flight parameter generation engine to transmit the flight modification parameters to the flight management system of the aircraft (Selvarajan: par 0034; the certified applications to pull data from the uncertified applications and vice versa, which can be either human triggered (e.g., a pilot signaling an EFB to fetch data from the FMS) or software triggered (e.g., the FMS requesting weather data from a weather server during performance predictions [] software triggered (e.g., the FMS pushing the flight plan data to the EFB for a change in the flight plan)). Regarding Claim 10; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, YOSHIDA discloses wherein the validation engine is to: receive a specific sequence of protocol handshaking from each of the plurality of EFB applications (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server; page 3, pars 10-11; an operation sequence of the information communication system 1shown in FIG. The sequence for acquiring the terminal ID is performed via the browser 114 as shown in FIG. When secure access from the browser 114 of the communication terminal device 10 to the portal server 20 is performed, encrypted communication is performed using an SSL session (defined in RFC 2246) or the like. In this SSL session, the browser 114 interprets the public key certificate (server certificate) signed by the certificate authority CA. Here, when the signature of the certificate authority CA is verified, a key exchange sequence for encrypted communication is executed as a correct server); verify authenticity of the specific sequence of protocol handshaking (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server; page 3, pars 10-11; an operation sequence of the information communication system 1shown in FIG. The sequence for acquiring the terminal ID is performed via the browser 114 as shown in FIG. When secure access from the browser 114 of the communication terminal device 10 to the portal server 20 is performed, encrypted communication is performed using an SSL session (defined in RFC 2246) or the like. In this SSL session, the browser 114 interprets the public key certificate (server certificate) signed by the certificate authority CA. Here, when the signature of the certificate authority CA is verified, a key exchange sequence for encrypted communication is executed as a correct server); and authenticate the uncertified data of the EFB application based on the verification (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server). The motivation is the same that of claim 8 above. Selvarajan further discloses the plurality of EFB applications (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). Regarding Claim 11; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, YOSHIDA discloses wherein the validation engine is to: receive a unique code from each of the plurality of EFB applications (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server); verify authenticity of the unique code (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server); and authenticate the uncertified data of the EFB application based on the verification (YOSHIDA: page 5, pars 3-4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information of the communication terminal device. Here, when the acquired terminal ID matches a predetermined value, the authentication unit 303 outputs authentication data indicating that authentication has been performed to the communication processing unit 301. The communication processing unit 301 transmits this authentication data to the portal server). The motivation is the same that of claim 8 above. Selvarajan further discloses the plurality of EFB applications (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). Regarding Claim 12; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, YOSHIDA discloses wherein the validation engine is to terminate the one or more EFB applications determined to be compromised (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server). The motivation is the same that of claim 8 above. Selvarajan further discloses EFB applications (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). Regarding Claim 16; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, Selvarajan discloses wherein the flight management system of the aircraft is at least one of an onboard flight management system located onboard the aircraft or a remote flight management system located remotely from the aircraft (Selvarajan: par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application (App) in an aviation environment; par 0034; the certified applications to pull data from the uncertified applications [] software triggered (e.g., the FMS requesting weather data from a weather server during performance predictions) [] software triggered (e.g., the FMS pushing the flight plan data to the EFB for a change in the flight plan)), and the certified aviation data is received from at least one of the onboard flight management system onboard or the remote flight management system (Selvarajan: par 0027; information exchange between certified and uncertified applications. The system includes a vehicle electronics data broker gateway, which is operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications, such as through one or more application programming interfaces. The data broker gateway can be implemented either as a certified application, or as an uncertified application (for example, as an electronic flight bag (EFB) application (App) in an aviation environment). Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Selvarajan et al. (US 20180357561) in view of YOSHIDA et al. (JP 2010178388), further in view of Nguyen et al. (US 20240126916) and ADAY et al. (“ADAY,” US 20240411881, filed on 06/09/2023). Regarding Claim 13; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, YOSHIDA discloses wherein the validation engine is to: block ports of the one or more EFB applications determined to be compromised; and notify a user about the blocked ports (YOSHIDA: page 5, par 4; the authentication unit 303 functions as an authentication unit that authenticates the communication terminal device based on the decrypted identification information [] if the acquired terminal ID does not match the predetermined value, the authentication unit 303 outputs unauthenticated data indicating that the authentication could not be performed to the portal server). The motivation is the same that of claim 1 above. Selvarajan further discloses EFB applications (par 0027; operative to exchange information between a plurality of vehicle electronics certified applications and a plurality of uncertified applications [] as an uncertified application (for example, as an electronic flight bag (EFB) application). The combination of Selvarajan and YOSHIDA disclose isolation and neutralization technique as recited above, but do not explicitly disclose notifying a user about the blocked ports. However, in an analogous art, ADAY discloses identification system/method that includes: notifying a user about the blocked ports (ADAY: par 0050; If the comparison is over the threshold(s), the thread scanner takes an action to mitigate the malware. For example, the thread scanner quarantine the malware, may remove the malware, may send a notification to a user, may block a port). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of ADAY with the method/system of Selvarajan and YOSHIDA to include notifying a user about the blocked ports. One would have been motivated to predict a signature of the mutated source code for the type of malware. For example, the prediction algorithm is trained using existing source code of different types of malware to generate a prediction mode (ADAY: abstract). Claims 14 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Selvarajan et al. (US 20180357561) in view of YOSHIDA et al. (JP 2010178388), further in view of Nguyen et al. (US 20240126916) and Aggarwal et al. (“Aggarwal,” US 20220188454, published on 06/16/2022). Regarding Claim 14; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, Nguyen discloses the masking technique (Nguyen: par 0082; based on detecting that the data being received by the router includes the sensitive data, a masking technique to at least a portion of the sensitive data received prior to transmitting the sensitive data from an application programming interface gateway). The motivation is the same that of claim 8 above. The combination of Selvarajan, YOSHIDA, and Nguyen the masking technique as recited above, but do not explicitly disclose the masking technique is one of a pseudonymization masking technique, an anonymization masking technique, a lookup substitution masking technique, a data shuffling masking technique, and a data redaction masking technique. However, in an analogous art, Aggarwal discloses securely storing system/method that includes: the masking technique is one of a pseudonymization masking technique, an anonymization masking technique, a lookup substitution masking technique, a data shuffling masking technique, and a data redaction masking technique (Aggarwal: par 0014; uses data anonymization for securely storing sensitive information in unstructured data. The data anonymization masks the sensitive information while leaving the unmasked information available). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Aggarwal with the method/system of Selvarajan and YOSHIDA and Nguyen to include the masking technique is one of a pseudonymization masking technique, an anonymization masking technique, a lookup substitution masking technique, a data shuffling masking technique, and a data redaction masking technique. One would have been motivated to anonymize, by the processor, sensitive data associated with the sensitive relationship by replacing, a first portion of the sensitive data with generalized information (Aggarwal: abstract). Regarding Claim 15; The combination of Selvarajan, YOSHIDA, and Nguyen disclose the system as claimed in claim 8, Nguyen discloses wherein the masking engine is to apply the masking technique on the certified aviation data (Nguyen: par 0082; based on detecting that the data being received by the router includes the sensitive data, a masking technique to at least a portion of the sensitive data received prior to transmitting the sensitive data from an application programming interface gateway). The motivation is the same that of claim 8 above. The combination of Selvarajan, YOSHIDA, and Nguyen wherein the masking engine is to apply the masking technique on the certified aviation data as recited above, but do not explicitly disclose masking technique on the certified aviation data depending on one or more of security policies and monetary policies. However, in an analogous art, Aggarwal discloses securely storing system/method that includes: masking technique on the certified aviation data depending on one or more of security policies and monetary policies (Aggarwal: par 0024; identifies quasi-attributes that need to be anonymized in schema. Anonymization assumes that it may not be enough to simply mask a sensitive attribute since other identifying attributes (or quasi-attributes) may still reveal an identity of an individual, when one is trying to protect personal identifying information. For example, if a social security number is a sensitive attribute, then just masking the SSN may not be sufficient because a person's “Name,” “date of birth,” “place of birth”, “place a passport was issued” may reveal an individual's identity. In this example, the attributes, name, date of birth and the place a passport was issued are referred to as quasi-attributes). Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Aggarwal with the method/system of Selvarajan and YOSHIDA and Nguyen to include masking technique on the certified aviation data depending on one or more of security policies and monetary policies. One would have been motivated to anonymize, by the processor, sensitive data associated with the sensitive relationship by replacing, a first portion of the sensitive data with generalized information (Aggarwal: abstract). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHAO WANG whose telephone number is (313)446-6644. The examiner can normally be reached on Monday-Friday 7:30-4:30PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /C.W./Examiner, Art Unit 2439 /LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439
Read full office action

Prosecution Timeline

May 23, 2024
Application Filed
Dec 29, 2025
Non-Final Rejection — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/504,732
Patent 12596797
IDENTIFY POTENTIAL PATTERNS OF COMPROMISE ON LOG FILES
2y 5m to grant Granted Apr 07, 2026
18/037,390
Patent 12572646
EXECUTION PROTECTION USING DATA COLOURING
2y 5m to grant Granted Mar 10, 2026
18/444,942
Patent 12547708
Known-Deployed File Metadata Repository and Analysis Engine
2y 5m to grant Granted Feb 10, 2026
18/504,386
Patent 12536275
SYSTEM FOR DETECTION OF UNAUTHORIZED COMPUTER CODE USING AN ARTIFICIAL INTELLIGENCE-BASED ANALYZER
2y 5m to grant Granted Jan 27, 2026
17/946,298
Patent 12511397
SECURE FIRMWARE UPLOAD
2y 5m to grant Granted Dec 30, 2025
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
80%
Grant Probability
99%
With Interview (+85.8%)
2y 11m
Median Time to Grant
Low
PTA Risk
Based on 143 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month