Office Action Predictor
Last updated: April 15, 2026
Application No. 18/779,981

DATABASE PROCESSING METHOD, DEVICE, EQUIPMENT AND MEDIUM

Final Rejection §101§102§112
Filed
Jul 22, 2024
Examiner
BECHTEL, KEVIN M
Art Unit
2491
Tech Center
2400 — Computer Networks
Assignee
Beijing Volcano Engine Technology Co., LTD.
OA Round
2 (Final)
70%
Grant Probability
Favorable
3-4
OA Rounds
3y 2m
To Grant
97%
With Interview

Examiner Intelligence

Grants 70% — above average
70%
Career Allow Rate
312 granted / 448 resolved
+11.6% vs TC avg
Strong +27% interview lift
Without
With
+27.2%
Interview Lift
resolved cases with interview
Typical timeline
3y 2m
Avg Prosecution
28 currently pending
Career history
476
Total Applications
across all art units

Statute-Specific Performance

§101
15.3%
-24.7% vs TC avg
§103
32.3%
-7.7% vs TC avg
§102
20.1%
-19.9% vs TC avg
§112
22.6%
-17.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 448 resolved cases

Office Action

§101 §102 §112
DETAILED ACTION Notice of AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendment The amendment filed 2026-01-02 has been entered and fully considered. Response to Arguments Applicant’s arguments, see pages 8-9, filed 2026-01-02, with respect to the rejection of claims 1-7, 10-16, and 19-20 under 35 U.S.C. § 101 have been fully considered but they are not persuasive. In particular, Applicant argues that the claims have been amended to include a “trusted hardware based trusted execution environment (TEE) has a specific definition in the technical field of data processing” and thus the claims allegedly “clearly define a technical solution that must be implemented in a system with TEE”. The Examiner respectfully submits, however, that the mere presence of a trusted execution environment does not preclude interpretation as an abstract idea; See MPEP § 2106.04(a)(2)(III)(C). As noted in the rejection at ¶7, the steps performed by the claimed computer may still be processed by a person and are not inextricably linked to specialized computing hardware. Thus, the Examiner respectfully submits that the rejection is proper. Applicant’s arguments, see page 8, filed 2026-01-02, with respect to the rejection of claims 1-7, 10-16, and 19-20 under 35 U.S.C. § 112(a), and (b) have been fully considered but they are not persuasive. In particular, Applicant argues that the claim amendment traverses both of the grounds of rejection. The Examiner respectfully submits, however, that the amendment only partially cures the deficiencies indicated in the rejection. The Examiner has adjusted the grounds of rejection based on the amendment, but notes that some of the underlying deficiencies still exist. Thus, the Examiner respectfully submits that the rejection is proper. Applicant’s arguments, see page 9, filed 2026-01-02, with respect to the rejection of claims 10-16 under 35 U.S.C. § 102(a)(1) at ¶5 of the previous Office action have been fully considered but they are not persuasive. In particular, no arguments were presented as to the relevance of the amendment to the grounds of rejection. The Examiner respectfully submits that the grounds of the rejection have not changed and thus the Examiner respectfully submits that the rejection is proper. Applicant’s arguments, see pages 9-11, filed 2026-01-02, with respect to the rejection of claims 1-7, 10-16, and 19-20 under 35 U.S.C. § 102(a)(1) at ¶6 of the previous Office action have been fully considered but they are not persuasive. In response to applicant’s argument that Zaharia fails to anticipate the claimed invention, the Examiner respectfully disagrees. Applicant first argues that Zaharia fails to disclose or suggest the feature “the database is deployed in a trusted hardware based trusted execution environment” because “the database proposed by Zaharia is deployed in the cloud, whereas the database in the present application is deployed in a trusted haredware [sic] based TEE”. The Examiner respectfully submits, however, that the broadest reasonable interpretation of “a trusted hardware based trusted execution environment” is any execution environment that is “trusted” because it relies on “trusted” hardware that offers some level of hardware-based confidentiality and integrity. In this instance, the database of Zaharia is stored in a cloud, which necessarily requires hardware that has at least enough trust that users rely on it. There are no structural limitations of the claimed “trusted hardware based trusted execution environment” that distinguishes it from a generic cloud server trusted by a user. Thus, the Examiner respectfully submits that Zaharia anticipates the feature “the database is deployed in a trusted hardware based trusted execution environment”. Applicant second argues that Zaharia fails to disclose or suggest the feature “the specified data is encrypted data” because “Zaharia does not disclose whether the low-level data or high-level data is in an encrypted form”. The Examiner respectfully submits, however, that Zaharia recites “the system uses an encryption of a partition of low-level data object(s) corresponding to a high-level data object” [0031]; i.e. low-level data object(s) that are parts of a high-level object are encrypted. This can correspond to encryption of entire records (e.g. “a first row of a table can be encrypted” [0031]). Thus, the Examiner respectfully submits that Zaharia anticipates the feature “the specified data is encrypted data”. Finally, Applicant third argues that Zaharia fails to disclose or suggest the feature “querying an authorization information table in the database based on the user identifier of the accessing party, and detecting whether the accessing party is an authorized user of the specified data ...the authorization information table is used for recording authorized user information configured by a data party for the encrypted data” because “Zaharia does not specify how the authentication of the data requesting service is performed”, whereas “claim 1 specifically defines that the detection is performed by querying an authorization information table stored in the database”. The Examiner respectfully submits, however, that Zaharia recites that “data manager service 114 queries an authentication module to authenticate the data recipient” and receive “an indication of whether the data recipient is authorized (e.g., has requisite access permissions)” [0043]. Although Zaharia does not explicitly recite that the query is to a “database”, the Examiner respectfully submits that the broadest reasonable interpretation of “database” includes any data structure configured to store the data necessary to respond to such a query. Further, even if, arguendo, such an interpretation were not proper, the Examiner respectfully submits that use of a standard database to store permissions would be at once envisaged from the disclosure, given that’s it’s presumably the most common data storage type for store authentication and authorization information (e.g. Windows, Mac, Linux, etc); See MPEP § 2131.02(III). Thus, the Examiner respectfully submits that Zaharia anticipates the feature “querying an authorization information table in the database based on the user identifier of the accessing party, and detecting whether the accessing party is an authorized user of the specified data ...the authorization information table is used for recording authorized user information configured by a data party for the encrypted data”. Based on the above, the Examiner respectfully submits that Zaharia anticipates the argued claimed features. Thus, the Examiner respectfully submits that the rejection of claims 1-7, 10-16, and 19-20 under 35 U.S.C. § 102(a)(1) as being anticipated by Zaharia is proper. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-7, 10-16, and 19-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea (35 U.S.C. 101 Judicial Exception) without significantly more. The claims recite executing data processing instructions of authorized users, a form of observation, evaluation, and/or judgment, which is a concept performed in the human mind and thus grouped as Mental processes. This judicial exception is not integrated into a practical application because the generically recited computer elements do not add a meaningful limitation to the abstract idea because they amount to simply implementing the abstract idea on a computer. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional elements, when considered separately and in combination, do not add significantly more to the abstract idea, as they are well-understood, routine, conventional computer functions as recognized by the courts. Based upon consideration of all the relevant factors with respect to the claimed invention as a whole, the claims are determined to be directed to an abstract idea without significantly more. The rationale for this determination is explained infra: The following are Principles of Law: A patent may be obtained for “any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof”; 35 U.S.C. § 101. The Supreme Court has consistently held that this provision contains an important implicit exception: laws of nature, natural phenomena, and abstract ideas are not patentable; See Alice Corp. v. CLS Bank Int’l, 134 S. Ct. 2347, 2354 (2014); Gottschalk v. Benson, 409 U.S. 63, 67 (1972) (“Phenomena of nature, though just discovered, mental processes, and abstract intellectual concepts are not patentable, as they are the basic tools of scientific and technological work.”). Notwithstanding that a law of nature or an abstract idea, by itself, is not patentable, an application of these concepts may be deserving of patent protection; See Mayo Collaborative Servs. v. Prometheus Labs., Inc., 132 S. Ct. 1289, 1293–94 (2012). In Mayo, the Court stated that “to transform an unpatentable law of nature into a patent-eligible application of such a law, one must do more than simply state the law of nature while adding the words ‘apply it.’” Mayo, 132 S. Ct. at 1294 (citation omitted). In Alice, the Court reaffirmed the framework set forth previously in Mayo “for distinguishing patents that claim laws of nature, natural phenomena, and abstract ideas from those that claim patent-eligible applications of these concepts.” Alice, 134 S. Ct. at 2355. The test for determining subject matter eligibility requires a first step of determining whether the claims are directed to a process, machine, manufacture, or composition of matter. If the claims are directed to one of the four patent-eligible subject matter categories, then the Examiner must perform a two-part analysis to determine whether a claim that is directed to a judicial exception recites additional elements that amount to significantly more than the exception. The first part of the second step in the analysis is to “determine whether the claims at issue are directed to one of those patent-ineligible concepts.” Id. If the claims are directed to a patent-ineligible concept, then the second part of the second step in the analysis is to consider the elements of the claims “individually and ‘as an ordered combination”’ to determine whether there are additional elements that “‘transform the nature of the claim’ into a patent-eligible application.” Id. (quoting Mayo, 132 S. Ct. at 1298, 1297). In other words, the second step in the analysis is to “search for an ‘inventive concept’‒ i.e., an element or combination of elements that is ‘sufficient to ensure that the patent in practice amounts to significantly more than a patent on the [ineligible concept] itself.’” Id. (brackets in original) (quoting Mayo, 132 S. Ct. at 1294). The prohibition against patenting an abstract idea “cannot be circumvented by attempting to limit the use of the formula to a particular technological environment or adding insignificant post-solution activity.” Bilski v. Kappos, 561 U.S. 593, 610–11 (2010) (citation and internal quotation marks omitted). The Court in Alice noted that “[s]imply appending conventional steps, specified at a high level of generality,” was not “enough” [in Mayo] to supply an “‘inventive concept.’” Alice, 134 S. Ct. at 2357 (quoting Mayo, 132 S. Ct. at 1300, 1297, 1294). In the “2019 Revised Patent Subject Matter Eligibility Guidance” (2019 PEG), the USPTO has prepared revised guidance for use by USPTO personnel in evaluating subject matter eligibility based upon rulings by the courts. The Examiner is bound by and applies the framework as set forth by the Court in Mayo and reaffirmed by the Court in Alice and follows the 2019 PEG for determining whether the claims are directed to patent-eligible subject matter. Step 1: Are the claims at issue directed to a process, machine, manufacture, or composition of matter? The Examiner finds that the claims are directed to one of the four statutory categories. Step 2A – Prong One: Does the claim recite an abstract idea, law of nature, or natural phenomenon? The Examiner finds that the claims are directed to the abstract idea of executing data processing instructions of authorized users, a form of observation, evaluation, and/or judgment, which is a concept performed in the human mind and thus grouped as Mental processes. Step 2A – Prong Two: Does the claim recite additional elements that integrate the Judicial Exception into a practical application? The abstract idea is not integrated into a practical application because the generically recited computer elements do not add a meaningful limitation to the abstract idea because they amount to simply implementing the abstract idea on a computer. In determining whether the abstract idea was integrated into a practical application, the Examiner has considered whether there were any limitations indicative of integration into a practical application, such as: (1) Improvements to the functioning of a computer, or to any other technology or technical field; See MPEP § 2106.05(a) (2) Applying or using a judicial exception to effect a particular treatment or prophylaxis for a disease or medical condition; See Vanda Memo (Recent Subject Matter Eligibility Decision: Vanda Pharmaceuticals Inc. v. West-Ward Pharmaceuticals) (3) Applying the judicial exception with, or by use of, a particular machine; See MPEP § 2106.05(b) (4) Effecting a transformation or reduction of a particular article to a different state or thing; See MPEP § 2106.05(c) (5) Applying or using the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception; See MPEP § 2106.05(e) and Vanda Memo The Examiner notes that clam features of: executing data processing instructions of authorized users do not improve the functioning of a computer or technical field, do not effect a particular treatment or prophylaxis for a disease or medical condition, do not apply or use a particular machine, do not effect a transformation or reduction of a particular article to a different state or thing, and do not apply or use the judicial exception in some other meaningful way beyond generally linking the use of the judicial exception to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception. Instead of a practical application, the claim features of executing data processing instructions of authorized users merely use a general-purpose computer as a tool to perform the abstract idea (See MPEP § 2106.05(f)) and merely generally link the use of the abstract idea to a field of use (See MPEP § 2106.05(h)). Thus, the Examiner finds that the claimed invention does not recite additional elements that integrate the Judicial Exception into a practical application. Step 2B: Is there something else in the claims that ensures that they are directed to significantly more than a patent-ineligible concept? The claims, as a whole, require nothing significantly more than generic computer implementation or can be performed entirely by a human. The additional element(s) or combination of element(s) in the claims other than the abstract idea per se amount to no more than recitation of generic computer structure (e.g. electronic device, processor, and memory) that serves to perform generic computer functions (e.g. receiving an access request, determining if data is encrypted, querying a table, detecting if a party is authorized, executing a processing instruction, ...) that are well-understood, routine, and conventional activities previously known to the pertinent industry. The claimed database, access request, user identifier, data processing instruction, specified data, target data, execution environment, encrypted data, authorization information table, and authorized user information are all numbers, data structures, or datum. Each of these elements are individually dispositive of patent eligibility because of the following legal holdings: “Data in its ethereal, non-physical form is simply information that does not fall under any of the categories of eligible subject matter under section 101.” Digitech Image Techs., LLC v. Electronics for Imaging, Inc., 758 F.3d 1344, 1350 (Fed. Cir. 2014). The Supreme Court has also explained that “[a]bstract software code is an idea without physical embodiment,” i.e., an abstraction. Microsoft Corp. v. AT&T Corp., 550 U.S. 437, 449 (2007). A claim that recites no more than software, logic, or a data structure (i.e., an abstract idea) – with no structural tie or functional interrelationship to an article of manufacture, machine, process or composition of matter does not fall within any statutory category and is not patentable subject matter; data structures in ethereal, non-physical form are non-statutory subject matter. In re Warmerdam, 33 F.3d 1354, 1361 (Fed. Cir. 1994); see Nuijten, 500 F.3d at 1357. Furthermore, the claimed invention does not have a specific asserted improvement in computer capabilities, nor is it a specific implementation of a solution to a problem in the software arts; See Enfish, LLC v. Microsoft Corp., 822 F.3d 1327 (Fed. Cir. 2016). Rather, the claims are merely directed towards executing data processing instructions of authorized users, which is similar to ideas that the courts have found to be abstract, as noted supra, and the claims are without a “practical application” or anything “significantly more”. Considering each of the claim elements in turn, the function performed by the computer system at each step of the process does no more than require a generic computer to perform a well-understood, routine, and conventional activity at a high level of generality. For example, “receiving an access request” and “returning the target data” are merely forms of receiving or transmitting data over a network, which has been found by the courts to be a well-understood, routine, conventional activity in computers; See e.g. Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); TLI Communications LLC v. AV Auto. LLC, 823 F.3d 607, 610, 118 USPQ2d 1744, 1745 (Fed. Cir. 2016) (using a telephone for image transmission); OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network). Further “determining that the specified data is encrypted data”, “querying an authorization information table”, “detecting whether the access party is an authorized user”, and “executing the data processing instruction” are merely forms of performing repetitive calculations, which has been found by the courts to be a well-understood, routine, conventional activity in computers; See e.g. Flook, 437 U.S. at 594, 198 USPQ2d at 199 (recomputing or readjusting alarm limit values); Bancorp Services v. Sun Life, 687 F.3d 1266, 1278, 103 USPQ2d 1425, 1433 (Fed. Cir. 2012) (“The computer required by some of Bancorp’s claims is employed only for its most basic function, the performance of repetitive calculations, and as such does not impose meaningful limits on the scope of those claims”). Further note that the abstract idea of executing data processing instructions of authorized users to which the claimed invention is directed has a prior art basis outside of a computing environment, e.g. banks verifying transactions before executing them. The prohibition against patenting an abstract idea “cannot be circumvented by attempting to limit the use of the formula to a particular technological environment or adding insignificant post-solution activity.” Bilski v. Kappos, 561 U.S. 593, 610–11 (2010) (citation and internal quotation marks omitted). The Court in Alice noted that “[s]imply appending conventional steps, specified at a high level of generality,” was not “enough” [in Mayo] to supply an “‘inventive concept.’” Alice, 134 S. Ct. at 2357 (quoting Mayo, 132 S. Ct. at 1300, 1297, 1294). Viewed as a whole, the claims simply recite the steps of using generic computer components. The claims do not purport, for example, to improve the functioning of the computer system itself. Nor does it effect an improvement in any other technology or technical field. Instead, the claims amount to nothing significantly more than an instruction to implement the abstract idea using generic computer components. This is insufficient to transform an abstract idea into a patent-eligible invention. The dependent claims likewise incorporate the deficiencies of a claim upon which they ultimately depend and are also directed to non-patent-eligible subject matter. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(a): (a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention. The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. Claims 1-7, 10-16, and 19-20 are rejected under 35 U.S.C. 112(a) as failing to comply with the written description requirement. The claims contain subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor at the time the application was filed, had possession of the claimed invention. In particular, claim 1 recites the limitations “the specified data is encrypted data”, “executing the data processing instruction to obtain the target data selected from the specified data”, and “returning the target data”, and the specification lacks the “full, clear, concise, and exact” written description such that one skilled in the art can reasonably conclude that the inventor had possession of the claimed invention at the time of filing. It is first noted that if an application as filed does not disclose the complete structure (or acts of a process) of the claimed invention as a whole, it should be determined whether the specification discloses other relevant identifying characteristics sufficient to describe the claimed invention in such full, clear, concise, and exact terms that a skilled artisan would recognize inventor was in possession of the claimed invention, and that original claims may lack adequate written description if the specification does not have such a full, clear, concise, and exact written description; See MPEP § 2163(II)(A)(3)(a). In this instance, the claim recites “returning the target data in response to the access request” after “executing the data processing instruction to obtain the target data selected from the specified data”; however, neither the claims nor specification is “full” and “clear” as to whether the returned target data is encrypted. The specification only seems to provide antecedent support for the feature (e.g. [0053]) without further resolution. Moreso, if the target data is encrypted, there’s no disclosure of what type of data processing instruction is performed and how such instruction is performed (e.g. is it decrypted for a simple query, homomorphically operated upon in an encrypted state, etc). At best, the specification merely states “multiple encryption and decryption processes between the client and the database are avoided by the permission authorization, for example, there is no need to perform the following: the acquired target data is encrypted and then transmitted to the database, and the database encrypts the target data and then sends the same to the client where the access party is located, thereby improving the efficiency of data processing”, but does not actually describe what is performed and how it avoids the need to perform the acts allegedly not needed (or even why they would be needed). Further, if the data is encrypted (as suggested by the last line of [0053]), the specification does not describe how the operation is performed on encrypted data (which, without some other mitigating modification, should not be possible). However, for adequate written description, “the algorithm or steps/procedure taken to perform the function must be described with sufficient detail so that one of ordinary skill in the art would understand how the inventor intended the function to be performed”; See MPEP § 2161.01(I). Claims 10 and 19 are rejected under a similar rationale. The dependent claims included in the statement of rejection but not specifically addressed in the body of the rejection have inherited the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, they are rejected based on the same rationale as applied to their parent claims above. Claims 1-7, 10-16, and 19-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention. Specifically, claim 1 recites the limitations “the specified data is encrypted data”, “executing the data processing instruction to obtain the target data selected from the specified data”, and “returning the target data”, and the limitations are unclear as noted in the §112(a) rejection at ¶8. Claims 10 and 19 are rejected under a similar rationale. The dependent claims included in the statement of rejection but not specifically addressed in the body of the rejection have inherited the deficiencies of their parent claim and have not resolved the deficiencies. Therefore, they are rejected based on the same rationale as applied to their parent claims above. Claim Rejections - 35 USC § 102 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. Claims 10-16 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by a general-purpose computer. The Examiner notes that the United States Patent and Trademark Office (USPTO) is obliged to give claims their broadest reasonable interpretation consistent with the specification during proceedings before the USPTO; See In re ZIetz, 893 F.2d 319 (Fed. Cir. 1989) (during patent examination the pending claims must be interpreted as broadly as their terms reasonably allow); See also MPEP 2111.01. It is noted that claims are directed towards an apparatus comprising a processor and “memory, configured to store an executable instruction for the processor” that, when executed, perform the recited acts. As opposed to, e.g., a processor and memory with executable instructions that, when executed by the processor, causes the processor to perform acts, the instant claim merely recites a memory “configured to store” the executable instructions (i.e. an intended use). That is, the claim does not require that the computer be programmed to perform the steps that follow (i.e., the claim does not require that the memory actually store the instructions that when executed perform the steps; instead, the claim encompasses embodiments such as a generic, non-programmed computer that could be programmed to perform the steps. Thus, the claim is met by any general-purpose computer with sufficient hardware and instruction set that could be operable to perform the claimed acts vs a computer programmed to perform the recited acts. Therefore, the claims are clearly anticipated by any general-purpose computing machine with sufficient hardware and instruction set that is operable to perform the claimed steps. Claims 1-7, 10-16, and 19-20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Zaharia et al. (US Pre-Grant Publication No. 20250131118-A1, hereinafter “Zaharia”). With respect to independent claim 1, Zaharia discloses a database processing method, comprising: receiving an access request for a database, wherein the access request carries a user identifier of an access party and a data processing instruction, the data processing instruction is used for instructing to process specified data in the database to obtain target data {paras. 0021 and 0028: “receive, by a data manager service from a data requesting service, a request using an identifier for a high-level data object to access a set of data associated with the high-level data object” and/or “in connection with requesting access to a high-level data object, the data requesting service provides authentication information to the data manager service”}, and the database is deployed in a trusted hardware based trusted execution environment {paras. 0038, 0046, and 0052: “database 116 are implemented by a single server or a same set of one or more servers”, the server has “one or more security policies that are to be enforced”, and “database 116 comprises a cloud-based storage system that is distinct from the system that requests the data”}, and the specified data is encrypted data {para. 0031: “the system uses an encryption of a partition of low-level data object(s) corresponding to a high-level data object”, e.g. a “first row of a table can be encrypted”}. querying an authorization information table in the database based on the user identifier of the access party, and detecting whether the access party is an authorized user of the specified data {para. 0028: “the data manager service uses the authentication to authenticate the data requesting service and/or determine access permissions/authorizations for the data requesting service”}, wherein the encrypted data is data stored in the database in an encrypted form {para. 0031: “the system uses an encryption of a partition of low-level data object(s) corresponding to a high-level data object to enforce access rights”}, and the authorization information table is used for recording authorized user information configured by a data party for the encrypted data {paras. 0028 and 0031: “determine the access permissions for the data requesting service” and “enforce access rights” such as “determination that access to the first file/row/column/section is to be provided and that access to the second file/row/column/section is to be restricted”}. in response to determining that the access party is the authorized user of the specified data {note that the broadest reasonable interpretation of the claim does not require the following limitations, as the steps are not required if the contingency is not met; See MPEP §2111.04(II)}, executing the data processing instruction to obtain the target data selected from the specified data, and returning the target data in response to the access request {paras. 0031-0032: “the system (e.g., the data manager service) provides access to a set of data (e.g., a set of low-level data objects associated with a high-level data object) by communicating one or more URLs to the data requesting service”}. With respect to dependent claim 2, Zaharia discloses: receiving an authorization configuration instruction sent by the data party, wherein the authorization configuration instruction carries a user identifier of the data party, a data identifier of the specified data and a user identifier of the authorized user, and the authorization configuration instruction is used for instructing to configure that the authorized user is authorized and allowed to access to the specified data {paras. 0027-0028 and 0034: “an administrator of data sharing system (e.g., an administrator of a dataset) can provide a data requesting service with access to a dataset by adding the data recipient (e.g., the entity associated with the data requesting service) to a policy or account or access control metadata structure”}. in response to the authorization configuration instruction, recording, in the authorization information table, a correspondence among the user identifier of the data party, the data identifier of the specified data and the user identifier of the authorized user {paras. 0027-0028 and 0034: “an administrator of data sharing system (e.g., an administrator of a dataset) can provide a data requesting service with access to a dataset by adding the data recipient (e.g., the entity associated with the data requesting service) to a policy or account or access control metadata structure”}. With respect to dependent claim 3, Zaharia discloses wherein the authorization configuration instruction further comprises an authorized access time limit; the authorization information table records a correspondence among the user identifier of the data party, the data identifier of the specified data, the user identifier of the authorized user and the authorized access time limit; and the authorized access time limit is used for limiting an access time of the authorized user for the specified data {para. 0030: “the URL expires after a predefined period of time (e.g., an amount of time after generation of the URL or an amount of time after sending the URL to the data requesting service or other system associated with the corresponding data access request)”}. With respect to dependent claim 4, Zaharia discloses: receiving an authorization deletion instruction sent by the data party, wherein the authorization deletion instruction carries a user identifier of the data party, a data identifier of the specified data and a user identifier of the authorized user, and the authorization deletion instruction is used for instructing to delete configuration information that the authorized user is authorized and allowed to access the specified data {paras. 0027-0028 and 0034: “access permissions can be defined in a security policy (e.g., a security policy that is configurable by an administrator of the system, etc.)”, the Examiner submits that removing permissions is “at once envisaged” from the more generic configurable security policy, as configuring permissions only has three species – adding permissions, removing permissions, and modifying permissions; See MPEP § 2131.02(II)}. in response to the authorization deletion instruction, deleting, from the authorization information table, a correspondence among the user identifier of the data party, the data identifier of the specified data and the user identifier of the authorized user {paras. 0027-0028 and 0034: “access permissions can be defined in a security policy (e.g., a security policy that is configurable by an administrator of the system, etc.)”, the Examiner submits that removing permissions is “at once envisaged” from the more generic configurable security policy, as configuring permissions only has three species – adding permissions, removing permissions, and modifying permissions; See MPEP § 2131.02(II)}. With respect to dependent claim 5, Zaharia discloses wherein user identifiers of a plurality of authorized users are configured for one piece of specified data of the data party in the authorization information table {paras. 0027-0028 and 0034: “access permissions to corresponding low-level data objects to determine one or more low-level objects, if any, to which a user or system (e.g., a data requesting service) associated with a data access request has appropriate permissions to access”}. With respect to dependent claim 6, Zaharia discloses wherein the authorization information table is dynamically updated with the authorization configuration instruction sent by the data party {paras. 0027-0028 and 0034: “an administrator … [performs] adding the data recipient (e.g., the entity associated with the data requesting service) to a policy or account or access control metadata structure”}. With respect to dependent claim 7, Zaharia discloses: wherein the specified data is at least one column of encrypted data in at least one data table corresponding to a specified column identifier, or, the specified data is at least one row of encrypted data in at least one data table corresponding to a specified row identifier {para. 0031: “any other portions of a table are encrypted using different keys-for example, a column, an area, a volume, a range of rows, a range of columns, a section, etc. In response to receiving a data access request and a determination that access to the first file/row/column/section is to be provided and that access to the second file/row/column/section is to be restricted”}, or the specified data is at least one encrypted data element in at least one data table corresponding to the specified column identifier and the specified row identifier {para. 0019: “low-level data object can correspond to a row of a table, a column of a table, a subset of rows and/or columns in a table”}. With respect to claims 10-16, a corresponding reasoning as given earlier in this section with respect to claims 1-7 applies, mutatis mutandis, to the subject matter of claims 10-16; therefore, claims 10-16 are rejected, for similar reasons, under the grounds as set forth for claims 1-7. With respect to claims 19-20, a corresponding reasoning as given earlier in this section with respect to claims 1-2 applies, mutatis mutandis, to the subject matter of claims 19-20; therefore, claims 19-20 are rejected, for similar reasons, under the grounds as set forth for claims 1-2. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kevin Bechtel whose telephone number is 571-270-5436. The examiner can normally be reached Monday - Friday, 09:00 - 17:00 ET. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William (“Bill”) Korzuch can be reached at 571-272-7589. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /Kevin Bechtel/ Primary Examiner, Art Unit 2491
Read full office action

Prosecution Timeline

Jul 22, 2024
Application Filed
Sep 26, 2025
Non-Final Rejection — §101, §102, §112
Jan 02, 2026
Response Filed
Jan 28, 2026
Final Rejection — §101, §102, §112
Mar 30, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12585790
TRAFFIC PROCESSING METHOD AND PROTECTION SYSTEM
2y 5m to grant Granted Mar 24, 2026
Patent 12587524
Authentication System and Method for Windows Systems
2y 5m to grant Granted Mar 24, 2026
Patent 12585800
EXTERNAL MULTI-CHANNEL COMMUNICATION MODULARIZATION, ROUTING, TRANSMISSION, AND ACCESS CONTROL IN A DATABASE SYSTEM
2y 5m to grant Granted Mar 24, 2026
Patent 12574410
NETWORK-BASED SECURITY WITH DECOYS AND DECEPTIVE BALANCING
2y 5m to grant Granted Mar 10, 2026
Patent 12572673
HIERARCHICALLY CONFIGURED INTERCONNECT-BASED ACCESS MECHANISM
2y 5m to grant Granted Mar 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
70%
Grant Probability
97%
With Interview (+27.2%)
3y 2m
Median Time to Grant
Moderate
PTA Risk
Based on 448 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month