DATABASE SYSTEM WITH QUERY REDACTION AND METHODS FOR USE THEREWITH

§101 §103 §112

Notice of Pre-AIA or AIA Status 1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . DETAILED ACTION 2. This Office Action is in response to the filing with the office dated 12/02/2025. Claims 1-20 have been cancelled. New claims 21-39 have bend added. Claims 21 and 30 are independent claims. Claims 21-39 are presented in this office action. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. 3. Claims 29 and 39 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claims 29 and 39 recites the claim recites “wherein the data is stored data, incoming data, data being processed, data of a query, and data of a dataset”. It is not clear “the data is stored data, incoming data, data being processed, data of a query, and data of a dataset” mean. For examination purpose Examiner interprets the claim as receiving the data and storing the data. Response to amendment/arguments 4. Applicant’s amendment with respect to the new claims 56-58 under 35 U.S.C. § 112 (f) have been fully considered. As a result the rejection has been withdrawn. 5. Applicant’s arguments with respect to the rejection of claims under 35 U.S.C. § 102 (a)(i) and 103(a) have been fully considered but are moot in view of the new grounds of rejection. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. 6. Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. Determining whether claims are statutory under 35 U.S.C. 101 involves a two-step analysis. Step 1 requires a determination of whether the claims are directed to the statutory categories of invention. Step 2 requires a determination of whether the claims are directed to a judicial exception without significantly more. Step 2 is divided into two prongs, with the first prong having a part 1 and part 2. See MPEP 2106; See 2019 Revised Patent Subject Matter Eligibility Guidance (2019 PEG). Pursuant to Step 1, claim 19 recites a system which are directed to the statutory category of a machine. Claim 20 recites a computer readable storage medium, which are directed to a manufacture. Pursuant to Step 2A, part 1, claims are analyzed to determine whether they are directed to an abstract idea. Under the 2019 PEG, claims are deemed to be directed to an abstract idea if they fall within one of the enumerated categories of (a) mathematical concepts, (b) certain methods of organizing human activity, and (c) mental processes. Here, claims 1, 12 and 17 are directed to an abstract idea categorized under mental processes. Courts consider a mental process if it “can be performed in the human mind, or by a human using a pen and paper.” MPEP 2016(a)(2)(III). Courts also consider a mental process as one that can be performed in the human mind and is merely using a computer as a tool to perform the concept. MPEP 2016(a)(2)(III)(C)(3). Claim 1 recites actions of receiving statements for execution, manipulating and storing the data, but is recited at a high level of generality that merely used computers as a tool to perform the processes. See MPEP 2106(a)(2)(III). For example, claim 1 recites limitations of “identify…”, “determine…”, “”mark…”, “retrieve data…” are recited at a high level of generality and do not place meaningful limits on the abstract idea which is a task that can be performed by a human with the use of the computer as a tool. These limitations are essentially steps of generating and manipulating data at a high level of generality, which can be performed by a person using a computer as a tool. Pursuant to Step 2A, part 2, claims are analyzed to determine whether the recited abstract idea is integrated into a practical application. In this case, as explained above, claims 21 and 31 merely recite a mental process. The limitations “identify…”, “determine…”, “mark…”, are mental process. While claims 21 an 31 recite additional components in the form of “database system”, computing devices”, “computing nodes”,, “memory”, “retrieving…”, these components are recited at a high level of generality, which do not add meaningful limits on the recited abstract idea to integrate it into a practical application by providing an improvement to the functioning of a computer or technology, implementing the abstract idea with a particular machine or manufacture that is integral to the claim, effecting a transformation or reduction of a particular article to a different state or thing, nor applying the abstract idea in some meaningful way beyond linking its use to computer technology. See 2019 PEG. The additional elements “retrieving data” amount to mere data gathering steps which are insignificant extra-solution activity. Combination of these additional elements is no more than mere instructions to apply the exception using series of steps and outputting the result of the mental process. Accordingly, even in combination, the additional elements do not integrate the abstract idea into a practical application because they do not impose any meaningful limits on practicing the abstract idea. Pursuant to Step 2B, claims are analyzed to determine whether they recite significantly more than the abstract idea. In other words, it is determined whether the claims provide an inventive concept. In this case, claims 1, 19 and 20 do not recite limitations that amount to significantly more than the abstract idea. The limitations are steps involving processes that can be practically performed by a human with the aid of pen and paper, or as explained above, using a computer as a tool to perform the concept. For example, a The “retrieving data” element that was identified as insignificant extra-solution activity as mere data gathering when re-evaluated still does not provide significantly more. Considering the additional elements in combination and the claim as a whole does not change the analysis, and does not amount to significantly more. Thus the claims are abstract. The dependent claims 22-29 and 32-29 which impose additional limitations explained above also fail to claim patent-eligible subject matter because the limitations cannot be considered statutory. In reference to claim 1, these dependent claims have also been reviewed with the same analysis as independent claim 1. The dependent claim(s) have been examined individually and in combination with the preceding claims, however they do not cure the deficiencies of claim 1 Claim Rejections - 35 U.S.C. § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 7. Claims 21-39 are rejected under 35 U.S.C. 103 as being unpatentable over Bogatov; Dmytro (US 12367314 B1) in view of Bhogal; Kulvir S. (US 20160321469 A1). Regarding independent claim 21, Bogatov; Dmytro (US 12367314 B1) teaches, a database system (Paragraph [0020]) comprises: a plurality of computing device clusters (Col 7, Lines 53-55 (39) the database service 102 includes one or more clusters. Also see Col 5, Lines, 18-20 (31)), wherein a computing device cluster of the plurality of computing device clusters includes a plurality of computing devices (Fig. 1 (Col 7, Lines 55-59 (39) A cluster 120 can be made up of one or more compute nodes 126), wherein a computing device of the plurality of computing devices includes pluralities of computing nodes (Col 8, Lines 44-51 (44) The leader node 124 and/or compute node(s) 126 of a cluster 120 can thus be executed by a single host computing device or by multiple host computing devices at a single location (e.g., rack, row, room, data center, building, AZ) or multiple such locations), wherein a set of computing nodes of the pluralities of computing nodes is operable to: identify a first sensitive portion of data in accordance with a redaction protocol; determine a first protection level for the first sensitive portion in accordance with the redaction protocol; mark, in accordance with the first protection level, the data with a first system-defined redaction character string that identifies the first sensitive portion as being subject to redaction upon data retrieval, wherein the first system-defined redaction character string is unique to the database system and includes one or more characters (Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol. (Examiner interprets different column as different portion of data)); when the data is to be retrieved and an access level is at the first protection level or lower, retrieve the data with the first sensitive data portion redacted in accordance with the first system-defined redaction character string (Fig. 8 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role) Bogatov et al fails to explicitly teach, and when the data is to be retrieved and the access level is higher than the first protection level, retrieve the data with the first sensitive data portion not being redacted. Bhogal; Kulvir S. (US 20160321469 A1) teaches, when the data is to be retrieved and the access level is higher than the first protection level, retrieve the data with the first sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Therefore it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention, to have modified the teachings of Bogatov et al by providing when the data is to be retrieved and the access level is higher than the first protection level, retrieve the data with the first sensitive data portion not being redacted, as taught by Bhogal et al (Paragraph [0040]). One of the ordinary skill in the art would have been motivated to make this modification, by doing so the collaborative editing system provides a technical solution for overcoming the problems of: concurrently redacting an electronic document for different audiences, redacting an electronic document based on changes to audience participants, and redacting an electronic document based on social relationships as taught by Bhogal et al (Paragraph [0048]). Regarding dependent claim 22, Bogatov et al and Bhogal et al teach, the database system of claim 21. Bogatov et al further teaches, wherein the set of computing nodes is further operable to: identify a second sensitive portion of the data in accordance with the redaction protocol; determine the first protection level for the second sensitive portion in accordance with the redaction protocol; mark the second sensitive portion with the first system-defined redaction character string to produce a second marked sensitive data portion (Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol (Examiner interprets different columns as different portions of the data)); determine a second protection level for the second sensitive portion in accordance with the redaction protocol (Fig. 8 Col 18, Lines, 45-67 (98)-(99) discloses, plurality of protection levels for different portion sensitive portion in accordance with the redaction protocol); and mark, in accordance with the first protection level, the data with the first system-defined redaction character string that identifies the second sensitive portion as being subject to redaction upon data retrieval, wherein the first system-defined redaction character string is unique to the database system and includes one or more characters (Fig. 10, Col 19, Lines, 64-67, Col 20, Lines 1-15 (105) discloses, marking the protection level based on the policy/ role); when the data is to be retrieved and an access level is at the first protection level or lower, retrieve the data with the second sensitive data portion redacted in accordance with the first system-defined redaction character string (Fig. 8 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role); Bhogal et al further teaches, and when the data is to be retrieved and the access level is higher than the first protection level, retrieve the data with the second sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Regarding dependent claim 23, Bogatov et al and Bhogal et al teach, the database system of claim 21. Bogatov et al further teaches, wherein the set of computing nodes is further operable to: identify a second sensitive portion of data in accordance with a redaction protocol; determine a second protection level for the second sensitive portion in accordance with the redaction protocol; mark, in accordance with the second protection level, the data with a second system-defined redaction character string that identifies the second sensitive portion as being subject to redaction upon data retrieval, wherein the second system-defined redaction character string is unique to the database system and includes one or more characters (Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol (Examiner interprets different columns as different portions of the data)); when the data is to be retrieved and an access level is at the second protection level or lower, retrieve the data with the second sensitive data portion redacted in accordance with the second system-defined redaction character string (Fig. 8 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role); Bhogal et al further teaches, and when the data is to be retrieved and the access level is higher than the second protection level, retrieve the data with the second sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Regarding dependent claim 24, Bogatov et al and Bhogal et al teach, the database system of claim 23. Bogatov et al further teaches, wherein the set of computing nodes is further operable to: identify a third sensitive portion of data in accordance with a redaction protocol; determine a third protection level for the third sensitive portion in accordance with the redaction protocol; mark, in accordance with the third protection level, the data with a third system-defined redaction character string that identifies the third sensitive portion as being subject to redaction upon data retrieval, wherein the third system-defined redaction character string is unique to the database system and includes one or more characters (Figs. 8, 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol) when the data is to be retrieved and an access level is at the third protection level or lower, retrieve the data with the third sensitive data portion redacted in accordance with the third system-defined redaction character string (Fig. 8, 10 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role); Bhogal et al further teaches, and when the data is to be retrieved and the access level is higher than the third protection level, retrieve the data with the third sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Regarding dependent claim 25, Bogatov et al and Bhogal et al teach, the database system of claim 24. Bogatov et al further teaches, wherein the redaction protocol comprises: literal-type data corresponds to the first protection level (Fig. 5 Col 16, Lines, 49-54 (84) full mask, which is a default masking policy); credential-type data corresponds to the second protection level (Fig. 6, Col 17, Lines, 15-44 (88) discloses, partial masking policy based on a user role); and full-statement-type data corresponds to the third protection level (Col 10, Lines, 19-32 (53), (54) discloses, attaching the masking policies indicating which masking policies 132 are attached to which columns, relations, users, user groups, etc with associated priority values). Regarding dependent claim 26, Bogatov et al and Bhogal et al teach, the database system of claim 21. Bogatov et al further teaches, wherein the database system is configured to store, for each protection level of the redaction protocol, a corresponding redacted version of the data in a respective log file, and wherein access to each log file is determined based on an access level associated with a request to retrieve data from the log file (Fig. 9, Col 19, Lines. 6-67 Paragraph (100)-(104) discloses, accessing the redaction logfile based on the user role). Regarding dependent claim 27, Bogatov et al and Bhogal et al teach, the database system of claim 21. Bogatov et al further teaches, wherein the first, second, and third system-defined redaction characters are maintained internally by the database system and are not user-modifiable (Col 13, Lines, 62-67, Col 7, Lines, 1-11 (68) discloses, system defined redaction characters based on the role of the user). Regarding dependent claim 28, Bogatov et al and Bhogal et al teach, the database system of claim 21. Bogatov et al further teaches, wherein the set of computing nodes is further operable to sanitize the data to remove user-supplied instances of the system-defined redaction characters (Col 17, Lines, 30-44 (90) discloses, sanitizing the data by rewriting the query based on the user role and provide the redacted data associated with the user role (Examiner interprets remove user-supplied instances of the system-defined redaction characters as not including the data which does not belong to the user role and policy). Regarding dependent claim 29, Bogatov et al and Bhogal et al teach, the database system of claim 21. Bogatov et al further teaches, wherein the data is stored data, incoming data, data being processed, data of a query, and data of a dataset (Col 10, Lines, 19-24 (53) storing the masking policy with the associated data). Regarding independent claim 30, Bogatov; Dmytro (US 12367314 B1) teaches, a computer readable memory device that comprises: a memory that stores operational instructions (Fig. 12, Col 24, Lines, 1-14 (129)) that, when executed by a database system including a plurality of computing device clusters (Col 7, Lines 53-55 (39) the database service 102 includes one or more clusters. Also see Col 5, Lines, 18-20 (31)) , wherein a computing device cluster of the plurality of computing device clusters includes a plurality of computing devices (Fig. 1 (Col 7, Lines 55-59 (39) A cluster 120 can be made up of one or more compute nodes 126), wherein a computing device of the plurality of computing devices includes pluralities of computing nodes (Col 8, Lines 44-51 (44) The leader node 124 and/or compute node(s) 126 of a cluster 120 can thus be executed by a single host computing device or by multiple host computing devices at a single location (e.g., rack, row, room, data center, building, AZ) or multiple such locations), causes a set of computing nodes of the pluralities of computing nodes to: identify a first sensitive portion of data in accordance with a redaction protocol; determine a first protection level for the first sensitive portion in accordance with the redaction protocol; mark, in accordance with the first protection level, the data with a first system-defined redaction character string that identifies the first sensitive portion as being subject to redaction upon data retrieval, wherein the first system-defined redaction character string is unique to the database system and includes one or more characters (Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol. (Examiner interprets different column as different portion of data)); when the data is to be retrieved and an access level is at the first protection level or lower, retrieve the data with the first sensitive data portion redacted in accordance with the first system-defined redaction character string (Fig. 8 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role); Bogatov et al fails to explicitly teach, and when the data is to be retrieved and the access level is higher than the first protection level, retrieve the data with the first sensitive data portion not being redacted. Bhogal; Kulvir S. (US 20160321469 A1) teaches, when the data is to be retrieved and the access level is higher than the first protection level, retrieve the data with the first sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Regarding dependent claim 31, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 30. Bogatov et al further teaches, wherein the instructions further cause the set of computing nodes to: identify a second sensitive portion of the data in accordance with the redaction protocol; determine the first protection level for the second sensitive portion in accordance with the redaction protocol; mark the second sensitive portion with the first system-defined redaction character string to produce a second marked sensitive data portion (Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol (Examiner interprets different columns as different portions of the data)); and mark, in accordance with the first protection level, the data with the first system-defined redaction character string that identifies the second sensitive portion as being subject to redaction upon data retrieval, wherein the first system-defined redaction character string is unique to the database system and includes one or more characters (Fig. 10, Col 19, Lines, 64-67, Col 20, Lines 1-15 (105) discloses, marking the protection level based on the policy/ role); when the data is to be retrieved and an access level is at the first protection level or lower, retrieve the data with the second sensitive data portion redacted in accordance with the first system-defined redaction character string (Fig. 8 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role); Bhogal et al further teaches, and when the data is to be retrieved and the access level is higher than the first protection level, retrieve the data with the second sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Regarding dependent claim 32, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 30. wherein the instructions further cause the set of computing nodes to identify a second sensitive portion of data in accordance with a redaction protocol (Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol (Examiner interprets different columns as different portions of the data)); determine a second protection level for the second sensitive portion in accordance with the redaction protocol (Fig. 8 Col 18, Lines, 45-67 (98)-(99) discloses, plurality of protection levels for different portion sensitive portion in accordance with the redaction protocol); mark, in accordance with the second protection level, the data with a second system-defined redaction character string that identifies the second sensitive portion as being subject to redaction upon data retrieval, wherein the second system-defined redaction character string is unique to the database system and includes one or more characters (Fig. 10, Col 19, Lines, 64-67, Col 20, Lines 1-15 (105) discloses, marking the protection level based on the policy/ role); when the data is to be retrieved and an access level is at the second protection level or lower, retrieve the data with the second sensitive data portion redacted in accordance with the second system-defined redaction character string (Fig. 8 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role); Bhogal et al further teaches, and when the data is to be retrieved and the access level is higher than the second protection level, retrieve the data with the second sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Regarding dependent claim 33, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 32. Bogatov et al further teaches, wherein the instructions further cause the set of computing nodes to: identify a third sensitive portion of data in accordance with a redaction protocol; determine a third protection level for the third sensitive portion in accordance with the redaction protocol Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) identifying various columns of a table such with different columns and redating the data according to the redaction protocol (Examiner interprets different columns as different portions of the data)); mark, in accordance with the third protection level, the data with a third system-defined redaction character string that identifies the third sensitive portion as being subject to redaction upon data retrieval, wherein the third system-defined redaction character string is unique to the database system and includes one or more characters (Fig. 10, Col 19, Lines, 64-67, Col 20, Lines 1-15 (105) discloses, marking the protection level based on the policy/ role); when the data is to be retrieved and an access level is at the third protection level or lower, retrieve the data with the third sensitive data portion redacted in accordance with the third system-defined redaction character string (Fig. 8 Col 18, Lines 19-67 (94)-(99) discloses, retrieving the data based on the access level assigned to the role); Bhogal et al further teaches, and when the data is to be retrieved and the access level is higher than the third protection level, retrieve the data with the third sensitive data portion not being redacted (Paragraph [0040] discloses, when the access level is higher than the protection level, retrieving the unredacted data). Regarding dependent claim 34, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 33. Bogatov et al further teaches, wherein storing the data includes storing the data such that the first, second, and third system-defined redaction characters remain within the data during handling, transformation, or propagation of the data within the database system (Fig. 10, Col 19, Lines 6-10, Col 20, Lines 53-61 (100), (111) discloses, different redaction characters remain within the data during handling, transformation, or propagation of the data within the database system). Regarding dependent claim 35, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 34. Bogatov et al further teaches, wherein the redaction protocol comprises: literal-type data corresponds to the first protection level (Fig. 5 Col 16, Lines, 49-54 (84) full mask, which is a default masking policy); credential-type data corresponds to the second protection level (Fig. 6, Col 17, Lines, 15-44 (88) discloses, partial masking policy based on a user role); and full-statement-type data corresponds to the third protection level (Col 10, Lines, 19-32 (53), (54) discloses, attaching the masking policies indicating which masking policies 132 are attached to which columns, relations, users, user groups, etc with associated priority values). Regarding dependent claim 36, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 30. Bogatov et al further teaches, wherein the database system is configured to store, for each protection level of the redaction protocol, a corresponding redacted version of the data in a respective log file, and wherein access to each log file is determined based on an access level associated with a request to retrieve data from the log file (Fig. 9, Col 19, Lines. 6-67 (100)-(104) discloses, accessing the redaction logfile based on the user role). Regarding dependent claim 37, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 30. Bogatov et al further teaches, wherein the first, second, and third system-defined redaction characters are maintained internally by the database system and are not user-modifiable (Col 13, Lines, 62-67 (68) discloses, system defined redaction characters based on the role of the user which is maintained by the database system). Regarding dependent claim 38, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 30. Bogatov et al further teaches, wherein the instructions further cause the database system to sanitize the data to remove user-supplied instances of the system- defined redaction characters (Col 17, Lines, 30-44 (90) discloses, sanitizing the data by rewriting the query based on the user role and provide the redacted data associated with the user role (Examiner interprets remove user-supplied instances of the system-defined redaction characters as not including the data which does not belong to the user role and policy). Regarding dependent claim 39, Bogatov et al and Bhogal et al teach, the computer readable memory device of claim 30. wherein the data is stored data, incoming data, data being processed, data of a query, and data of a dataset (Col 10, Lines, 19-24 (53) storing the masking policy with the associated data). Closest Prior Art 8. The prior art made of record and not relied upon is considered pertinent to the applicant’s disclosure. Ho; Min-Hank (US 20130144901 A1) teaches, [0037] In one embodiment, whenever a redaction policy is initially established in database 102, the redaction policy is analyzed to determine all of the columns to which the redaction policy potentially applies. In such an embodiment, each column to which a redaction policy applies has a bit or flag associated with that column responsively set to "true" to indicate that some redaction policy applies to that column. Consequently, the insertion of the masking operators into the internal representation of the query during semantic analysis is quickened, since the internal database semantic analysis code can quickly determine, by reference to the value of each column's associated bit or flag, whether the internal database semantic analysis code needs to search for redaction policies that could cause the internal database semantic analysis code to insert one or more masking operators for that particular column; columns whose associated bit or flag has not been set are known not to need any masking operators. 9. Examiner has pointed out particular references contained in the prior arts of record in the body of this action for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and Figures may apply as well. It is respectfully requested from the applicant, in preparing the response, to consider fully the entire references as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior arts or disclosed by the examiner. It is noted that any citation to specific pages, columns, figures, or lines in the prior art references any interpretation of the references should not be considered to be limiting in any way. A reference is relevant for all it contains and may be relied upon for all that it would have reasonably suggested to one having ordinary skill in the art. In re Heck, 699 F.2d 1331-33, 216 USPQ 1038-39 (Fed. Cir. 1983) (quoting In re Lemelson, 397 F.2d 1006, 1009, 158 USPQ 275, 277 (CCPA 1968))). Conclusion Applicant’s amendments/Arguments necessitated new grounds of rejection as presented in this office action. THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SUMAN RAJAPUTRA whose telephone number is (571) 272-4669. The examiner can normally be reached between 8:00 AM - 5:00 PM. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi (571) 272-4078 can be reached. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/ patents/ apply/ patent-center for more information about Patent Center and https://www.uspto.gov/ patents/ docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /S. R./ Examiner, Art Unit 2163 /ALEX GOFMAN/ Primary Examiner, Art Unit 2163