DETAILED ACTION
This action is in response to communication filed on 2/20/2026.
Claims 1-20 are pending.
Claims 1, 8, and 15 have been amended.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's arguments filed, see pages 7-9, filed 2/20/2026, with respect to the rejection(s) of claim(s) 1, 8 and 15 under 35 USC § 103 have been fully considered but they are not persuasive. The applicant contends that the combination of Liang and Redlich fails to disclose or render obvious the recited sanitizing limitation because, Redlich “discloses encrypting all data” and therefore “directly contradicts” Liang. Applicant asserts that Redlich does not teach pruning or redacting lower-sensitivity data and that encryption is applied uniformly rather than selectively to only a “third” (lowest) sensitivity level. These arguments are respectively traversed.
Liang discloses a system that intercepts application log messages (the claimed “data packet”), determines the sensitivity of individual data values within those messages using pattern matching and validation, and sanitizes the messages by pruning (removing) or redacting (masking) the sensitive values before the messages are written to the log. See Liang col. 5/lines 16 - col. 6/lines 15 (interception and pattern-based search for sensitive data values); col. 6/lines 3-37 (validation and filtering candidates) col. 7/lines 50 – col. 8/lines 15 (protection module that removes or masks validated sensitive data prior to logging).
Liang therefore teaches the overarching framework of receiving a data packet for logging, determining sensitivity levels of its data values, and sanitizing those values (via pruning or redaction) before logging.
Redlich cures the deficiency noted in the prior Office by expressly teaching a multi-level security system in which data is extracted, sanitized according to different sensitivity levels, and stored or reconstructed only in accordance with a user’s security clearance; [0046] “The cryptographically separated, need to know, security levels correspond to respective ones of the plurality of security levels and the method includes, in one embodiment, encrypting subsets of extracted data with corresponding degrees of encryption associated with the plurality of security levels”.
Redlich therefore teaches selective encryption of extracted subsets tied to specific security levels (the claimed “third sensitivity level”). Contrary to Applicant’s assertion, Redlich does not require that every piece of data be encrypted, only the extracted subsets corresponding to each security level receive the appropriate degree of encryption.
Redlich also teaches pruning (complete removal) of the most sensitive data via its “scrubber” functionality; [0029] “It is a further object to create a credit card number or financial data scrubber. The scrubber may be employed to remove any security critical data” and [0049] “The scrubber may utilize a pop-up window to enable user activation of the scrubber on an email or a web browser communication”.
Redlich further teaches redaction via placeholder substitution for intermediate sensitivity levels; [0174] “A replacement of the extract (sometimes called a placeholder) can also be substituted on-the-fly to provide updated results…”.
Thus Redlich discloses a graduated, multi-level sanitization scheme in which (1) highest-sensitivity data is pruned/removed by the scrubber, (2) medium-sensitivity data is redacted via placeholder substitution, and (3) lower-sensitivity extracted data is encrypted with a degree of encryption corresponding to the security level.
It would have been obvious to a person of ordinary skill in the art at the time of the invention to combine Liang’s log-message interception and sanitization framework with Redlich’s multi-level pruning/scrubber, placeholder-redaction, and graduated-encryption technique. The motivation is explicit in both references. See Redlich, abstract and [0046] (cryptographically separated security levels for reconstruction only upon appropriate clearance) and Liang, col. 1/lines 45-55 (protecting sensitive data in logs without losing operational value).
One of ordinary skill would have recognized that assigning Liang’s pruning/redaction actions to Redlich’s highest and medium sensitivity levels, and Redlich’s selective encryption to the lowest sensitivity level, would yield predictable results (secure yet usable logged data packets) using known techniques for their know purposes. Applicant’s assertion of “direct contradiction” is unsupported; Redlich’s graduated encryption complements rather than contradicts Liangs removal/masking operations.
The claim language does not require any specific ordering of the three sensitivity level beyond “from among the plurality,” nor does it preclude the use of different sanitization technique for different levels. Accordingly, the combination of Liang and Redlich renders obvious every element of the amended independent claims.
Double Patenting
The rejection of claims 1-20 on the grounds of non-statutory obviousness-type double patenting over claims 1, 9, and 15 of U.S. Patent No. 12,058,021 is maintained. Applicant’s request to hold this rejection in abeyance is noted but does not overcome the rejection. A terminal disclaimer, or other appropriate action is still required.
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-20 rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 9, and 17 of U.S. Patent No. 12,058,021. Although the claims at issue are not identical, they are not patentably distinct from each other because the current claims are an obvious variation of the US 12,058,021 patent’s claims. The core sanitization mechanism (multi-level pruning/redacting/encrypting based on sensitivity) is identical in substance, but the current claims omit the error monitoring, cause determination, and dynamic configuration adjustment. This makes the current claims broader, covering the basic process without the resilience enchantments. The differences are not patentably distinct; the error handling is an obvious addition to the basic sanitization to improve reliability in distributed systems (motivated by the shared specification’s discussion of dynamic adjustments for accuracy and troubleshooting). Applying § 103 principles, one skilled in the art would combine the basic tiers with error-based feedback for better system resilience.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-4, 8-11 and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over Liang et al. (US 9,552,272) in view of Redlich et al. (US 2005/0132070).
Regarding claim 1, Liang discloses a method comprising:
receiving, by at least one processor, a data packet for logging (see Liang col. 4/lines 21-52; detx 16; the sensitive data protection subsystem 103 intercepts messages from an application 105 at runtime, which are intended to be logged in a log data store 150, 160. The intercepted message is received specifically for logging purposes);
determining, by the at least one processor, for each data value within the data packet, a corresponding sensitivity level being one of a plurality of different sensitivity levels (see Liang col. 9/lines 15-30; detx 36; processing logic performs the search using sensitive data patterns associated with the types of sensitive information. Processing logic searches the content of the original message for data expressed in a format that matches any of the sensitive data patterns for a particular type. This determines sensitivity (sensitive vs. non-sensitive) for data values);
sanitizing, by the at least one processor, the data packet into a sanitized data packet based on the determined sensitivity levels of the data values within the data packet (see Liang col. 11/lines 1-13; detx 42; the number of iterations can be based on the number of predefined sensitive data patterns. For example, there may be three pre-defined sensitive data patterns, such as patterns for social security numbers, credit card numbers, and telephone numbers. Processing logic can search an intercepted message for pattern matches pertaining to a first sensitive data pattern (e.g., social security numbers), validate any matching candidates for the first sensitive data pattern, filter out exceptional cases pertaining to the first sensitive data pattern, and protect the sensitive data, and subsequently perform method 400 for the sensitive data patterns for credit card numbers and for telephone numbers. This discloses the sensitive data is classified by type (e.g., SSN, credit card, telephone)), the sanitizing including:
pruning each data value determined to have a first sensitivity level (see Liang col. 10/lines 4-30; detx 39; by removing, masking, and/or redacting the sensitive information),
redacting each data value determined to have a second sensitivity level (see Liang col. 10/lines 4-30; detx 39; by removing, masking, and/or redacting the sensitive information).
However, the prior art does not explicitly disclose the following:
encrypting each data value determined to have a third sensitivity level from among the plurality of different sensitivity levels; and
logging, by the at least one processor, the sanitized data packet into a data repository.
Redlich discloses a process, program and system which operates to secure files and data objects in a computer system and network with an editor. The editor assists in the extraction of security sensitive data and data objects on a granular basis, and the balance of the system disperses data, via a controlled release, to storage locations, and permits reconstruction utilizing security protocols to provide a security system for data. In particular, Redlich teaches the following:
encrypting each data value determined to have a third sensitivity level from among the plurality of different sensitivity levels (see Redlich [0046]; the cryptographically separated, need to know, security levels correspond to respective ones of the plurality of security levels and the method includes, in one embodiment, encrypting subsets of extracted data with corresponding degrees of encryption associated with the plurality of security levels. This discloses “encrypting each data value” as encrypting extracted “subsets of extracted data” (sensitive data values like words/objects) that are “determined to have” a specific sensitivity via automatic selection “third sensitivity level from among the plurality of different sensitivity levels” maps to one of the “plurality of security level” with “corresponding degrees of encryption,” where encryption is applied per level (e.g., “third” level is inherently one among multiple, as Redlich describes variable degrees/types for different sensitivities). This discloses the element because sensitive data values are encrypted based on their assigned level among multiple levels); and
logging, by the at least one processor, the sanitized data packet into a data repository (see Redlich [0046]; the subsets of extracted data are stored in one or more computer memories in the network identified as extracted stores. The remainder data is also stored in the network if necessary).
Therefore, it would have been obvious to a person of ordinary skill in the art at the time the invention was effectively filed to modify the prior art with the teaching of Redlich to incorporate techniques for securing sensitive data/objects found in a data source document. One would have been motivated because it would enhance privacy protection in distrusted security system by removing or securing sensitive information from monitored data packets.
Regarding claim 2, Liang-Redlich discloses the method of claim 1, wherein the data packet includes, for each data value, a respective label (see Redlich [0046]; filtering data from the data input computer, extracting security sensitive words, phrases, characters, icons, or data objects and forming subsets of extracted data and remainder data).
Regarding claim 3, Liang-Redlich discloses the method of claim 2, further comprising classifying each data value into a respective one of the first sensitivity level, the second sensitivity level, or the third sensitivity level based on the respective label (see Redlich [0055]; the innovation enables automatic response to security challenges and threats. The innovation can maintain, upgrade and downgrade the levels of security through implementation of a leveled granular extraction process and a controlled-release mechanism).
Regarding claim 4, Liang-Redlich discloses the method of claim 3, wherein the classifying is further based on a classification configuration (see Redlich [0055]; the innovation enables automatic response to security challenges and threats. The innovation can maintain, upgrade and downgrade the levels of security through implementation of a leveled granular extraction process and a controlled-release mechanism).
Regarding claim(s) 8-11 and 15-17, do(es) not teach or further define over the limitation in claim(s) 1-4 and 1-3 respectively. Therefore claim(s) 8-11 and 15-17, is/are rejected for the same rationale of rejection as set forth in claim(s) 1-4 and 1-3 respectively.
Allowable Subject Matter
Claims 5-7, 12-14 and 18-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
For the reason above, claims 1-20 have been rejected and remain pending.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JIMMY H TRAN whose telephone number is (571)270-5638. The examiner can normally be reached Monday-Friday 9am-5pm PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Chris Parry can be reached at 571-272-8328. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
JIMMY H TRAN
Primary Examiner
Art Unit 2451
/JIMMY H TRAN/Primary Examiner, Art Unit 2451