Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendment
This Office action has been issued in response to amendment filed on 01/26/2026
Claims 1-20 pending. Applicants' arguments have been carefully and respectfully considered and addressed. Accordingly, this action has been made FINAL necessitated by amendment.
Response to Arguments
Applicant’s arguments regarding the amended claims were fully considered and are moot in view of the new ground of rejection.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
The following is a quotation of the first paragraph of pre-AIA 35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.
Claims 1, 14 and 20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. The amended claims recite “query execution module prior to execution of the first query” which does not have support in the formal disclosure. Paragraph [0041] of the instant specification, teaches:
“query execution flow 200 illustrates a process for obtaining one or more queries at a query execution module 205 which controls the execution of the one or more queries (e.g., by allowing the one or more queries to run or by blocking or killing the one or more queries) by comparing corresponding fingerprints associated with the one or more queries to a set of fingerprints (that correspond to previously blocked queries) stored in a fingerprint database” and Paragraph [0058]:
query execution module may kill the query ( e.g., if the first fingerprint is statistically similar to the set of fingerprints stored in the fingerprint database, then the query execution module may kill the query).
This means that the query is already executed and a determination is made to keep the query running or blocking/killing it.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1 and 14 are ejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. The independent claims recite “query execution module prior to execution of the first query”, however dependent claims 2 and 8-9 teach killing the execution of the query which mean the query is already executed in order to be killed or terminated. By virtue of the dependency, the scope the claims is unclear/ambiguous
Allowable Subject Matter
Claims 5 and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3, 13-14, 16 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demarne et al (hereinafter Demarne) US Publication No 20230350783 in view of Mehta et al (hereinafter Mehta) US Publication No. 20080270346.
As per claim 1, Demarne teaches:
A method, comprising:
obtaining, at a query execution module, a first query to interact with a database; comparing, by the query execution module, a first fingerprint associated with the first query to a plurality of fingerprints stored in a fingerprint database, wherein the plurality of fingerprints stored in the fingerprint database correspond to one or more respective queries that are associated with an execution restriction by the database based at least in part on a set of execution details stored with respective fingerprints of the plurality of fingerprints;
(Fig. 1 and Abstract and paragraphs [0003], [0024], [0029], [0034], [0054], [0078] and [0090])
and controlling the execution of the first query based at least in part on whether the first fingerprint has a corresponding matching fingerprint to at least one of the plurality of fingerprints stored in the fingerprint database.
(Abstract and paragraphs [0003], [0024], [0029], [0034], [0054], [0078] and [0090])
Demarne does explicitly teach comparing, by the query execution module prior to execution of the first query, a first fingerprint associated with the first query to a plurality of fingerprints stored in a fingerprint database, however in analogous art of query management, Mehta teaches:
comparing, by the query execution module prior to execution of the first query, a first fingerprint associated with the first query to a plurality of fingerprints stored in a fingerprint database.
(Paragraphs [0016], [0028], [0048] and [0052])
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta by incorporating the teaching of Mehta into the method of Demarne. One having ordinary skill in the art would have found it motivated to use the query management of Mehta into the system of Demarne for the purpose of estimating query execution and optimizing execution cost.
As per claim 3, Demarne and Mehta teach:
The method of claim 1, wherein controlling the execution of the first query comprises:
running the first query based at least in part on the first fingerprint lacking a matching fingerprint to at least one of the plurality of fingerprints stored in the fingerprint database.
(Fig. 1 and Abstract and paragraphs [0003], [0024], [0029], [0034], [0054], [0078] and [0090])( Demarne)
As per claim 13, Demarne and Mehta teach:
The method of claim 1, wherein the first query comprises a structured query language (SQL) query within code that sends the first query to the query execution module.
(Paragraph [0037])( Demarne)
Claims 14 and 16 are apparatus claims respectively corresponding to method claims 1 and 3 and they are rejected under the same rational as claims 1 and 3.
Claim 20 is a non-transitory computer-readable medium claim corresponding to method claim 1 and it is rejected under the same rational as claim 1.
Claims 2, 12 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demarne and Mehta in view of Udo Klein (hereinafter Klein) US Publication No. 20200097587.
As per claim 2, Demarne and Mehta teach conducting remediation when there is a mismatch between the signatures (Paragraph [0029])( Demarne) but do not explicitly teach killing the execution of the first query based at least in part on the first fingerprint having a matching fingerprint to at least one of the plurality of fingerprints stored in the fingerprint database, wherein the corresponding matching fingerprint is indicative of a blocked query, however in analogous art of query management, Klein teaches:
killing the execution of the first query based at least in part on the first fingerprint having a matching fingerprint to at least one of the plurality of fingerprints stored in the fingerprint database, wherein the corresponding matching fingerprint is indicative of a blocked query.
(Paragraphs [0036], [0052] and [0083])
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta and Klein by incorporating the teaching of Klein into the method of Demarne and Mehta. One having ordinary skill in the art would have found it motivated to use the query management of Klein into the system of Demarne and Mehta for the purpose of protecting database against malicious query.
As per claim 12, Demarne and Mehta teach conducting remediation when there is a mismatch between the signatures (Paragraph [0029])( Demarne) but do not explicitly teach killing the execution of the first query and one or more subsequent queries based at least in part on one or more characteristics of duress being present for the database associated with the first query, however in analogous art of query management, Klein teaches:
killing the execution of the first query and one or more subsequent queries based at least in part on one or more characteristics of duress being present for the database associated with the first query.
(Paragraphs [0036], [0052] and [0083])
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta and Klein by incorporating the teaching of Klein into the method of Demarne and Mehta. One having ordinary skill in the art would have found it motivated to use the query management of Klein into the system of Demarne and Mehta for the purpose of protecting database against malicious query.
Claim 15 is an apparatus claim corresponding to method claim 2 and it is rejected under the same rational as claim 2.
Claims 4 and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demarne and Mehta in view of Stephen Sheldon (hereinafter Sheldon) US Publication No. 20190354622.
As per claim 4, Demarne and Mehta do not explicitly teach adding the first fingerprint to the plurality of fingerprints stored in the fingerprint database based at least in part on a first instance of a run time of the first query exceeding a threshold run time, however in analogous art of query management, Sheldon teaches:
adding the first fingerprint to the plurality of fingerprints stored in the fingerprint database based at least in part on a first instance of a run time of the first query exceeding a threshold run time;
(Paragraphs [0002], [0008] and [0070]-[0074])
and releasing the first fingerprint from the plurality of fingerprints stored in the fingerprint database based at least in part on an expiration of a timeout duration associated with the first fingerprint.
(Paragraphs [0002], [0008] and [0070]-[0074])
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta and Sheldon by incorporating the teaching of Sheldon into the method of Demarne and Mehta. One having ordinary skill in the art would have found it motivated to use the query management of Sheldon into the system of De Demarne and Mehta for the purpose of managing query execution based on statistical analysis.
Claim 17 is an apparatus claim corresponding to method claim 4 and it is rejected under the same rational as claim 4.
Claims 6 and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demarne and Mehta in view of Woodward et al (hereinafter Woodward) US Publication No. 20240427876.
As per claim 6, Demarne and Mehta do not explicitly teach running the first query based at least in part on the first query being associated with a hint that overrides a block of the first query, however in analogous art of query management, Woodward teaches:
running the first query based at least in part on the first query being associated with a hint that overrides a block of the first query.
(Paragraph [0061])
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta and Woodward by incorporating the teaching of Woodward into the method of Demarne. One having ordinary skill in the art would have found it motivated to use the query management of Woodward into the system of Demarne and Mehta for the purpose of identifying query execution vulnerability.
Claim 19 is an apparatus claim corresponding to method claim 6 and it is rejected under the same rational as claim 6.
Claims 7-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demarne and Mehta in view of Singh et al (hereinafter Singh) US Publication No. 20230342356.
As per claim 7, Demarne and Mehta do not explicitly teach running the first query based at least in part on the first query lacking a threshold quantity of statistical similarities to one or more second queries that have corresponding matching fingerprints to at least one of the plurality of fingerprints stored in the fingerprint database, however in analogous art of query management, Singh teaches:
running the first query based at least in part on the first query lacking a threshold quantity of statistical similarities to one or more second queries that have corresponding matching fingerprints to at least one of the plurality of fingerprints stored in the fingerprint database.
(Paragraphs [0003], [0051], [0066] and [0072]-[0075])
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta and Singh by incorporating the teaching of Singh into the method of Demarne and Mehta. One having ordinary skill in the art would have found it motivated to use the query management of Singh into the system of Demarne and Mehta for the purpose of quantifying similarity of queries and managing there execution accordingly.
As per claim 8, Demarne and Mehta do not explicitly teach killing the execution of the first query based at least in part on the first query having a threshold quantity of statistical similarities to one or more second queries that have corresponding matching fingerprints to at least one of the plurality of fingerprints stored in the fingerprint database, however in analogous art of query management, Singh teaches:
killing the execution of the first query based at least in part on the first query having a threshold quantity of statistical similarities to one or more second queries that have corresponding matching fingerprints to at least one of the plurality of fingerprints stored in the fingerprint database.
(Paragraphs [0051]-[0055], wherein preventing the stalling of the query )
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta and Singh by incorporating the teaching of Singh into the method of Demarne and Mehta. One having ordinary skill in the art would have found it motivated to use the query management of Singh into the system of Demarne and Mehta for the purpose of managing query execution based on workload criteria and managing there execution accordingly.
As per claim 9, Demarne and Mehta and Singh teach:
The method of claim 8, wherein killing the execution of the first query further comprises: killing the execution of the first query based at least in part on a database load associated with query execution of the database exceeding a load threshold.
(Paragraphs [0051]-[0055], wherein preventing the stalling of the query )( Singh)
Claims 10-11 are rejected under 35 U.S.C. 103(a) as being unpatentable over Demarne and Mehta in view of Srinivasan et al (hereinafter Srinivasan) US Publication No. 20250086175.
As per claim 10, Demarne and Mehta do not explicitly teach wherein the fingerprint database stores the plurality of fingerprints and corresponding metadata associated with the plurality of fingerprints, however in analogous art of query execution, Srinivasan teaches:
fingerprint database stores the plurality of fingerprints and corresponding metadata associated with the plurality of fingerprints.
(Paragraph [0073])
Therefore, it would have been obvious to a person in the ordinary skill in the art at the time of the filling of the invention to combine Demarne and Mehta and Srinivasan by incorporating the teaching of Srinivasan into the method of Demarne and Mehta. One having ordinary skill in the art would have found it motivated to use the query management of Srinivasan into the system of Demarne and Mehta for the purpose of monitoring query execution.
As per claim 11, Demarne and Mehta and Srinivasan teach:
The method of claim 10, wherein the corresponding metadata associated with the plurality of fingerprints comprises a quantity of attempted executions for a respective query, time data for a duration of time taken to execute the respective query, a quantity of returned errors for the respective query, one or more indications of whether the respective query is internally blocked, externally blocked, or both, a quantity of timeouts associated with the respective query, or any combination thereof.
(Paragraph [0073])( Demarne) and (Paragraphs [0027] and [0048] and [0070])( Mehta)
Conclusion
As necessitated by amendment, THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of
the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tarek Chbouki whose telephone number is 571-2703154. The examiner can normally be reached on Mon-Fri 9 am to 6:00 pm EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Aleksandr Kerzhner can be reached at 571-2701760. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/TAREK CHBOUKI/Primary Examiner, Art Unit 2165 3/28/2026