DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the application filed on 05/30/2024.
Claims 1-20 are currently pending in this application.
No information disclosure statement (IDS) has been filed.
Examiner’s Note
Applicants are suggested to include information from paragraph [0059] of the specification (e.g., … responsive to determining that the access path is valid, processing logic removes the part of the query … generate a second query … for which the associated access path is determined to be value … etc.) into the claims to provide a better condition for an allowance.
Claim Objections
Claim 14 is objected to because of the following informalities: the claim recites “A non-transitory computer readable storage medium comprising instruction that, when executed by …”, which appears to be “A non-transitory computer readable storage medium storing instruction therein that, when executed by …”.
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B) CONCLUSION. —The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
Claims 1-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention.
Claim 1 (claims 8 and 14 include similar limitations) recites “… receiving, from a user device, a request comprising a query for data stored on a server … identifying a part of query, wherein the part is associated with an access path … sending, to the user device, an indication that the access path is not valid”, however, it is not clear (1) whether identified part of the query (not the whole query) includes the information of the requested data or not – it is not clear to define a boundary of the limitations; (2) whether sending the indication of the access path indicates any information of the requested data or not – or omitting necessary component/step which causes the limitations unclear.
Claims 2-7, 9-13 and 15-20 depend from the claim 1, 8 or 14, and are analyzed and rejected accordingly.
Claims 2, 9 and 15 recite “… generating a second query comprising the query (requesting for the data – see claim 1) with the part of the query associated with the access path … removed; and sending, to the server, the second query”, however, it is not clear whether the second query is still requesting for the data stored on a server or not – or it is not clear to define a boundary of the limitations.
Claims 6, 13 and 19 recite “… wherein the part of the query comprises an input parameter …”, however, it is not clear whether “the input parameter” is an input to the user device, the server or else – or omitting necessary step/component which cause the limitations unclear.
Claims 7 and 20 recite “… receiving, from the user device, an introspection request to view the data stored on the server; determining, based on a set of rules associated with the user profile, a subset of the data that is accessible to the user profile, wherein the set of rules comprises the rule …”, however, it is not clear (1) whether the introspection request is to view the data by the server or the user device – or it is not clear to define a boundary of the limitations; (2) how the subset of the data stored in the server is accessible (or able to reach) to the user profile – not the data is not a device or program to access the user profile; (3) how the rule of the set of rules, which is used to validate the access path (see the limitations of the claim 1) can be used to determine the subset of the data that is accessible to the user profile.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Hada et al. (US 8,775,468 B2).
As per claim 1, Hada teaches method comprising:
receiving, from a user device, a request comprising a query for data stored on a server, wherein the request is associated with a user profile; identifying a part of the query, wherein the part is associated with an access path [figs. 1, 4, 7; col. 2, lines 3-8; col. 3, lines 27-31, 40-42; col. 8, lines 18-28; col. 9, lines 32-47, 66-67; col. 10, lines 1-16 of Hada teaches receiving, from a user device, a request comprising a query for data stored on a server (e.g., a query on a node in the structured document in a collection/database), wherein the request is associated with a user profile (e.g., the condition table generated on step 404 expressing the user); identifying a part (e.g., the structured document identified in the query) of the query, wherein the part is associated with an access path (see the value expression for each path)];
determining, based on a rule associated with the user profile, whether the access path is valid; and responsive to determining that the access path is not valid: removing the part of the query from the request; and sending, to the user device, an indication that the access path is not valid [figs. 4, 6, 7; col. 8, lines 1-67; col. 9, lines 1-61; col. 10, lines 1-40 of Hada teaches determining, based on a rule (e.g., the rule 1, 2, 3 and/or 4, the propagated/combined rule, the value expression or the access control policy) associated with the user profile (e.g., the condition table generated on step 404 expressing the user), whether the access path is valid (e.g., evaluating the value expression corresponding to the path for the requested node); and responsive to determining that the access path is not valid (e.g., if the access is denied based on the rule 3): removing/hiding the part of the query from the request (e.g., the hidden part in the result output for the request); and sending, to the user device, an indication that the access path is not valid (e.g., returning the result set/output to the user with displaying the data to which the user is granted access, but hidden data to which the user is denied access or the user is prevented from gaining access to portions of the document)].
As per claim 2, Hada teaches the method of claim 1.
Hada further teaches generating a second query comprising the query with the part of the query associated with the access path that is not valid removed; and sending, to the server, the second query [figs. 1, 7; col. 2, lines 47-50; col. 10, lines 1-40 of Hada teaches generating a second query comprising the query with the part of the query (e.g., the next requested node – see fig. 7) associated with the access path that is not valid removed; and sending, to the server, the second query (e.g., returning the portions of documents satisfying the query)].
As per claim 3, Hada teaches the method of claim 1.
Hada further teaches responsive to determining that the access path is not valid, determining not to send the query to the server [col. 2, lines 47-50; col. 10, lines 1-40 of Hada teaches responsive to determining that the access path is not valid (e.g., not granted), determining not to send the query (e.g., the hiding the requested data in the result output of the query) to the server (e.g., the database)].
As per claim 4, Hada teaches the method of claim 1.
Hada further teaches receiving, from the server, a response; and appending, to the response, the indication that the access path is not valid prior to the sending the response to the user device [col. 10, lines 1-49 of Hada teaches receiving, from the server (e.g., the database or the DBMS is returning), a response (e.g., portions of the requested documents); and appending, to the response, the indication (e.g., hiding or the statement of the value expression) that the access path is not valid (e.g., access the path is not granted) prior to the sending the response (e.g., portions of the requested documents) to the user device].
As per claim 5, Hada teaches the method of claim 1.
Hada further teaches wherein identifying the part of the query comprises: generating a syntax tree for the query, wherein the syntax tree comprises a plurality of nodes and a plurality of branches, wherein a first node of the plurality of nodes represents a first type of the part, and wherein one or more of the plurality of branches represents the access path [fig. 3; col. 3, lines 27-45; col. 5, lines 4-42; col. 7, lines 26-50 of Hada teaches generating a syntax tree (e.g., the syntax defined as XPath step or the node tree representing structured document in the collection) for the query, wherein the syntax tree comprises a plurality of nodes and a plurality of branches (e.g., a plurality of nodes forming the hierarchical node tree), wherein a first node of the plurality of nodes represents a first type (e.g., the name) of the part, and wherein one or more of the plurality of branches represents the access path (e.g., the value expressions or access path representing the node tree)].
As per claim 6, Hada teaches the method of claim 1.
Hada further teaches wherein the part of the query comprises an input parameter, and wherein the rule associated with the user profile places a limit on the input parameter [fig. 7; col. 10, lines 1-22 of Hada teaches wherein the part of the query comprises an input parameter (e.g., access to the node in a structured document), and wherein the rule associated with the user profile places a limit (e.g., grant or deny for the access) on the input parameter – see also rejections to the claim 1].
As per claim 7, Hada teaches the method of claim 1.
Hada further teaches receiving, from the user device, an introspection request to view the data stored on the server; determining, based on a set of rules associated with the user profile, a subset of the data that is accessible to the user profile, wherein the set of rules comprises the rule; and displaying, on the user device, the subset of the data that is accessible to the user profile [figs. 1, 7; col. 2, lines 29-50; col. 10, lines 1-40 of Hada teaches receiving, from the user device, an introspection request (e.g., requesting to read, to a node in a structured document in a collection) to view the data stored on the server (e.g., the requested data stored in the database is viewable to the user); determining, based on a set of rules associated with the user profile (e.g., the condition table generated on step 404 expressing the user), a subset of the data that is accessible to the user profile (e.g., returning the portions of documents satisfying the query), wherein the set of rules comprises the rule; and displaying, on the user device, the subset of the data that is accessible to the user profile (e.g., displaying the portions of the data that is access granted to the user) – see also rejections to the claim 1].
Claims 8-13 are system claims that correspond to the method claims 1-6, and are analyzed and rejected accordingly.
Claims 14-20 are medium claims that correspond to the method claims 1-7, and are analyzed and rejected accordingly.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571) 270-7845. The examiner can normally be reached on Monday - Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MAUNG T LWIN/Primary Examiner, Art Unit 2495