Prosecution Insights
Last updated: July 17, 2026
Application No. 18/797,307

DATABASE PROCESSING METHOD AND APPARATUS, DEVICE, AND MEDIUM

Non-Final OA §103
Filed
Aug 07, 2024
Priority
Aug 07, 2023 — CN 202310989108.7
Examiner
LOPEZ, MIGUEL ALEXANDER
Art Unit
2496
Tech Center
2400 — Computer Networks
Assignee
Beijing Volcano Engine Technology Co., Ltd.
OA Round
2 (Non-Final)
8%
Grant Probability
At Risk
2-3
OA Rounds
1y 2m
Est. Remaining
20%
With Interview

Examiner Intelligence

Grants only 8% of cases
8%
Career Allowance Rate
2 granted / 26 resolved
-50.3% vs TC avg
Moderate +12% lift
Without
With
+12.5%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
26 currently pending
Career history
60
Total Applications
across all art units

Statute-Specific Performance

§101
0.4%
-39.6% vs TC avg
§103
73.1%
+33.1% vs TC avg
§102
18.9%
-21.1% vs TC avg
§112
4.9%
-35.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 26 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Arguments Applicant’s arguments, see page 10, filed 04/15/2026, with respect to the rejection of claims 1-20 under 35 U.S.C. § 112(b) have been fully considered. The rejection of claims 1-20 under 35 U.S.C. § 112(b) has been withdrawn. Applicant’s arguments, see pages 10-13, filed 04/15/2026, with respect to the rejection of claims 1-3, 6-14, and 17-20 under 35 U.S.C. § 102(a)(1), and the rejection of claims 4-5 and 15-16 under 35 U.S.C. § 103 have been fully considered, but they are not persuasive. Applicant first argues that Jackson fails to disclose the claimed “the database is deployed in an independent, trusted execution environment”. The Examiner incorporates the contents of the previously presented Sprague reference into the rejection below as a response to this argument. Applicant next argues that the claimed invention differs from the Jackson reference in that “amended claim 1 of the present application, if the accessor is not an authorized user of the encrypted portion of the entire data, the encrypted portion is entirely masked, while the non-encrypted portion is returned without any processing”. The Examiner respectfully disagrees. The amended claim reads in part, “and in a case that the accessor is not an authorized user of the part of the first data, performing mask processing on the part of the first data to generate invisible masked data, and returning the masked data and remaining unencrypted first data in the first data in response to the access request”. The claim only requires that “a part” of the data is encrypted data, and in a case that the accessor is not an authorized user of the part of the first data, the part is masked, and the masked data and remaining unencrypted data is returned. There is no mention of “the encrypted portion is entirely masked, while the non-encrypted portion is returned without any processing”. Jackson clearly renders obvious this limitation by teaching at least “If the outcome of the test at step 705, however, indicates that the user with access authority does not have full access, the routine continues at step 706 to decrypt only a permitted subset of the encrypted column (e.g., the last four digits of the credit card or social security number) and masking the remainder” in paragraph [0067]. Clearly Jackson teaches returning a part of data unencrypted and another part of data is returned after being masked. In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., “the encrypted portion is entirely masked, while the non-encrypted portion is returned without any processing”) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Applicant’s arguments, see page 13, filed 04/15/2026, with respect to the rejection of claim 9 have been fully considered. Applicant argues that, “It is noted that claim 9 was listed as being included in one of the above grounds of rejection, but no rejection therefor was provided. Accordingly, any subsequent action rejecting claim 9 on grounds that could have been presented in the current Office action, must not be made final”. The Examiner respectfully disagrees. There was an outstanding rejection to claim 9 under 35 U.S.C. § 112(b) within the Non-Final Rejection mailed 01/15/2026. In the rejection rationale presented below, claim 9 is rejected under 35 U.S.C. § 103. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-3, 6-9, 11-14, and 17-20 are rejected under 35 U.S.C. 103 as being anticipated by Jackson et. al. (US Publication No. US 20140075571 A1) hereinafter Jackson in view of Sprague et. al. (US Publication No. US 2018/0254898 A1) hereinafter Sprague. Regarding Claims 1, 12, and 20: Claim 12. The combination of Jackson and Sprague further teaches an electronic device, comprising: a processor; and a memory configured to store instructions executable by the processor; wherein the processor is configured to read the instructions from the memory, and execute the instructions to implement a method comprising (Jackson Fig. 2, [0028-0030]): receiving an access request to a database, the access request carrying a user identifier of an accessor and a data processing instruction (Jackson Fig. 7; [0067] “The routine begins at step 700 upon receipt of a read request for reading the encrypted column data. At step 702, the role of the user associated with the read request is determined or ascertained. Steps 700 and 702 may be combined, as the request may identify the user's role”), wherein the data processing instruction is used to instruct to process specified data in the database to obtain first data (Jackson Fig. 7; [0067] “If the outcome of the test at step 705 indicates that the user has full access, the routine continues at step 707 to decrypt the entire column data (e.g., an entire credit card or social security number). Typically, decryption is performed by the OS and, in particular, by a resource access control facility.”), … in a case that a part of the first data is encrypted data, querying, based on the user identifier of the accessor, an authorization information table in the database, to detect whether the accessor is an authorized user of the part of the first data (Jackson Fig. 7; [0067] “At step 704, a test is made to determine whether the request has been received from a user in a role having authority to access the encrypted column.”; Jackson queries the role table disclosed in Fig. 6), wherein the encrypted data comprises data stored in the database in an encrypted form, and the authorization information table is used to record authorized user information configured by a data provider for the encrypted data (Jackson Fig. 6-7; [0067]); and in a case that the accessor is not an authorized user of the part of the first data, performing mask processing on the part of the first data to generate invisible masked data (Jackson Fig. 7; [0067] “If the outcome of the test at step 705, however, indicates that the user with access authority does not have full access, the routine continues at step 706 to decrypt only a permitted subset of the encrypted column (e.g., the last four digits of the credit card or social security number) and masking the remainder.”), and returning the masked data and remaining unencrypted first data in the first data in response to the access request (Jackson Fig. 7; [0067] “If the outcome of the test at step 705, however, indicates that the user with access authority does not have full access, the routine continues at step 706 to decrypt only a permitted subset of the encrypted column (e.g., the last four digits of the credit card or social security number) and masking the remainder.”). Jackson does not explicitly disclose and the database is deployed in an independent, trusted execution environment. Sprague teaches and the database is deployed in an independent, trusted execution environment (Sprague [0051-0054]). It would have been obvious to one having ordinary skill in the art before the time the invention was effectively filed to combine the database management method disclosed by Jackson with the trusted execution environment taught by Sprague. The motivation would be to protect code and data from malware and snooping as highlighted by Sprague [0051]. Claims 1 and 20 recite substantially the same content and are therefore rejected under the same rationales. Jackson further discloses a database processing method (Jackson claim 1), and a non-transitory computer readable storage medium having a computer program stored thereon for performing a method (Jackson claim 15). Regarding Claims 2 and 13: Claim 13. The combination of Jackson and Sprague further teaches the electronic device of claim 12 (Jackson Fig. 2, [0028-0030]), wherein the method further comprises: in a case that the accessor is an authorized user of the part of the first data, returning the first data in response to the access request (Jackson Fig. 7; [0067] “If the outcome of the test at step 705 indicates that the user has full access, the routine continues at step 707 to decrypt the entire column data (e.g., an entire credit card or social security number). Typically, decryption is performed by the OS and, in particular, by a resource access control facility.”). Claim 2 recites substantially the same content and is therefore rejected under the same rationales. Regarding Claims 3 and 14: Claim 14. The combination of Jackson and Sprague further teaches the electronic device of claim 12 (Jackson Fig. 2, [0028-0030]), wherein the method further comprises: in a case that all of the first data are encrypted data, querying, based on the user identifier of the accessor, the authorization information table in the database, to detect whether the accessor is an authorized user of all of the first data (Jackson Fig. 7; [0067] “At step 704, a test is made to determine whether the request has been received from a user in a role having authority to access the encrypted column.”; Jackson queries the role table disclosed in Fig. 6); in a case that the accessor is the authorized user of all of the first data, returning all of the first data in response to the access request (Jackson Fig. 7; [0067] “If the outcome of the test at step 705 indicates that the user has full access, the routine continues at step 707 to decrypt the entire column data (e.g., an entire credit card or social security number). Typically, decryption is performed by the OS and, in particular, by a resource access control facility.”); or in a case that the accessor is not the authorized user of all of the first data, returning a processing failure notification message in response to the access request (Jackson Fig. 7 step 708 deny access to data if access authority returns no). Claim 3 recites substantially the same content and is therefore rejected under the same rationales. Regarding Claims 6 and 17: Claim 17. The combination of Jackson and Sprague further teaches the electronic device of claim 12 (Jackson Fig. 2, [0028-0030]), wherein the method further comprises: receiving an authorization deleting instruction sent by the data provider, the authorization deleting instruction carrying a user identifier of the data provider, a data identifier of the first data, and a user identifier of the authorized user, wherein the authorization deletion instruction is used to instruct to delete configuration information that the authorized user is authorized to access the first data (Jackson Fig. 6 DBA SYSADM creates, updates, and maintains tables; [0050] “Members of the group with SYSADM authority can perform the following tasks: migrate databases, modify the database manager configuration and database configuration files, safeguard the data by performing database and log file backups, and perform restoration of databases and database objects such as table spaces, and grant and revoke other authorities and privileges to and from users, groups, or roles, for example, SYSCTRL, SYSMAINT, SYSMON, DBADM, and SECADM.”); and in response to the authorization deletion instruction, deleting, from the authorization information table, a corresponding relationship among the user identifier of the data provider, the data identifier of the first data, and the user identifier of the authorized user (Jackson Fig. 6 DBA SYSADM creates, updates, and maintains tables; [0050] “Members of the group with SYSADM authority can perform the following tasks: migrate databases, modify the database manager configuration and database configuration files, safeguard the data by performing database and log file backups, and perform restoration of databases and database objects such as table spaces, and grant and revoke other authorities and privileges to and from users, groups, or roles, for example, SYSCTRL, SYSMAINT, SYSMON, DBADM, and SECADM.”). Claim 6 recites substantially the same content and is therefore rejected under the same rationales. Regarding Claims 7 and 18: Claim 18. The combination of Jackson and Sprague further teaches the electronic device of claim 12 (Jackson Fig. 2, [0028-0030]), wherein, for a piece of first data of the data provider, user identifiers of multiple authorized users are configured in the authorization information table (Jackson Fig. 6 application developer, user, and auditor all have access to the column data). Claim 7 recites substantially the same content and is therefore rejected under the same rationales. Regarding Claims 8 and 19: Claim 19. The combination of Jackson and Sprague further teaches the electronic device of claim 12 (Jackson Fig. 2, [0028-0030]), wherein the authorization information table is dynamically updated with an authorization configuration instruction sent by the data provider (Jackson Fig. 6 DBA SYSADM creates, updates, and maintains tables; [0050]). Claim 8 recites substantially the same content and is therefore rejected under the same rationales. Regarding Claim 9: The combination of Jackson and Sprague further teaches the method of claim 1 (Jackson claim 1), wherein the first data comprises at least one column of encrypted data corresponding to a specified column identifier in at least one data table, or the first data comprises at least one row of encrypted data corresponding to a specified row identifier in at least one data table, or the first data comprises at least one encrypted data element corresponding to a specified column identifier and a specified row identifier in at least one data table (Jackson Fig. 6 encrypted column data). Regarding Claim 11: The combination of Jackson and Sprague further teaches the method of claim 1 (Jackson claim 1), wherein the database is deployed in a trusted hardware-based trusted execution environment (Sprague [0051-0054]). Claim(s) 4-5 and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Jackson and Sprague as applied to claims 1-3, and further in view of Niu et. al. (US Publication No. US 2023/0289464 A1), hereinafter Niu. Regarding Claims 4 and 15: Claim 15. The combination of Jackson and Sprague further teaches the electronic device of claim 12 (Jackson Fig. 2, [0028-0030]). The combination of Jackson and Sprague does not explicitly teach wherein the method further comprises: receiving an authorization configuration instruction sent by the data provider, the authorization configuration instruction carrying a user identifier of the data provider, a data identifier of the first data, and a user identifier of the authorized user, wherein the authorization configuration instruction is used to instruct to configure the authorized user to be authorized to access the first data; and in response to the authorization configuration instruction, recording, in the authorization information table, a corresponding relationship among the user identifier of the data provider, the data identifier of the first data, and the user identifier of the authorized user. Niu teaches wherein the method further comprises: receiving an authorization configuration instruction sent by the data provider, the authorization configuration instruction carrying a user identifier of the data provider, a data identifier of the first data, and a user identifier of the authorized user (Niu Fig. 4 managing field-level security policy, [0087-0095]), wherein the authorization configuration instruction is used to instruct to configure the authorized user to be authorized to access the first data (Niu Fig. 4 managing field-level security policy, [0087-0098]); and in response to the authorization configuration instruction, recording, in the authorization information table, a corresponding relationship among the user identifier of the data provider, the data identifier of the first data, and the user identifier of the authorized user (Niu Fig. 4 managing field-level security policy, [0087-0098]). It would have been obvious to one having ordinary skill in the art before the time the invention was effectively filed to combine the database management disclosed by Jackson with the trusted execution environment taught by Sprague, further with the granular field-level security management taught by Niu. The motivation for this combination would be to ensure that all illegal access is blocked by providing a flexible and effective policy updating scheme as discussed by Niu [0099]. Claim 4 recites substantially the same content and is therefore rejected under the same rationales. Regarding Claims 5 and 16: Claim 16. The combination of Jackson, Sprague, and Niu further teaches the electronic device of claim 15 (Jackson Fig. 2, [0028-0030]), wherein the authorization configuration instruction further comprises: an access time limit for authorization that is used to limit an access time of the authorized user to the first data (Niu Fig. 4, [0052-0057] access parameters may include the time trust condition used for restricting the access time), wherein the authorization information table specifically records a corresponding relationship among the user identifier of the data provider, the data identifier of the first data, the user identifier of the authorized user, and the access time limit for authorization (Niu Fig. 4, [0052-0057] access parameters may include the time trust condition used for restricting the access time). Claim 5 recites substantially the same content and is therefore rejected under the same rationales. Conclusion The prior art made of record in the submitted PTO-892 Notice of References Cited and not relied upon is considered pertinent to applicant’s disclosure. Any inquiry concerning this communication or earlier communications from the examiner should be directed to MIGUEL A LOPEZ whose telephone number is (703)756-1241. The examiner can normally be reached 8:00AM-5:00PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 5712727624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /M.A.L./ Examiner, Art Unit 2496 /JORGE L ORTIZ CRIADO/ Supervisory Patent Examiner, Art Unit 2496
Read full office action

Prosecution Timeline

Aug 07, 2024
Application Filed
Jan 15, 2026
Non-Final Rejection mailed — §103
Apr 15, 2026
Response Filed
Jun 10, 2026
Non-Final Rejection mailed — §103 (current)

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

2-3
Expected OA Rounds
8%
Grant Probability
20%
With Interview (+12.5%)
3y 1m (~1y 2m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 26 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month