Hybrid Approach To Data Governance

§102 §103 §112 §DP

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This is a non-final office action in response to applicant’s communication filed on 8/13/2024. Claims 1-22 are pending and being considered. Priority Applicant’s claim for the benefit of a prior-filed application (No. 62/322,722, filled on 4/14/2016) under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. This application is a continuation of 17/960,546, now US Patent No. 12,093,417B2. Specification The disclosure is objected to because of the following informalities: Abstract: line 4, “code includes and event collection interface,” may read “code includes an event collection interface,”. Appropriate correction is required. Claim Objections Claims 1, 5, 12, 19 are objected to because of the following informalities: Claim 1 line 1, “In a cloud-based data governance system, a method for providing data governance of …” is suggested to read “A method by a cloud-based data governance system for providing data governance of …”. Claim 5 lines 1-2, “… includes capturing metadata …” may read “… includes capturing the metadata …”. Similarly claim 16 line 2. Claim 12 line 3 recites “a network adapter electrically coupled to establish …”. Applicant is advised to clarify a network adapter electrically coupled to what. Claim 19 line 2, “said control message(s)” may read “said one or more control messages”. Appropriate correction is required. Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 19, 22 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Claim 19 line 1 recites “said enforcement module”. There is insufficient antecedent basis for this limitation in the claim. Claim 22 line 1 recites “said remote computer system”. There is insufficient antecedent basis for this limitation in the claim. Appropriate correction is required. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp. Claims 1-22 are rejected on the ground of nonstatutory double patenting as being anticipated by corresponding claims of US Patent No. 12,093,417 B2, as presented in the table below. Claim Comparison Instant Application 18/802,630 US Patent 12,093,417 B2 Claim 1 (similarly claim 12). In a cloud-based data governance system, a method for providing data governance of a remote data storage system associated with a remote file system, said method comprising: establishing a connection with said remote data storage system over a wide area network (WAN); capturing an event associated with said remote file system, said event being indicative of at least one file system operation executed on a data object of said remote data storage system; processing said event to determine whether said event conflicts with a governance policy of said data governance system; and executing a set of remediation actions, if said event does conflict with said governance policy. Claim 1 (claim 11). A method by a data governance server of a multi-tenant, cloud-based data governance system, said method for providing data governance of a plurality of remote data storage systems each including a remote file system, said method comprising: establishing a network connection between said data governance server and a first one of said plurality of remote data storage systems over a wide-area network (WAN); establishing a second network connection between said data governance server and a second one of said plurality of remote data storage systems over said WAN; receiving over said WAN first information from a first cloud client associated with a first one of said plurality of remote data storage systems; using said first information to customize a first set of data governance policies; associating said customized first set of data governance policies with said first cloud client; storing said customized first set of data governance policies in memory of said data governance server; receiving over said WAN a first metadata snapshot indicative of a first data set stored on said first one of said plurality of remote data storage systems; generating a first derivative data set based on said first metadata snapshot; associating said first derivative data set with said first cloud client; receiving over said WAN second information from a second cloud client associated with a second one of said plurality of remote data storage systems, said second cloud client being unaffiliated with said first cloud client; using said second information to customize a second set of data governance policies; associating said customized second set of data governance policies with said second cloud client; storing said customized second set of data governance policies in said memory of said data governance server; receiving over said WAN a second metadata snapshot indicative of a second data set stored on said second one of said plurality of remote data storage systems; generating a second derivative data set based on said second metadata snapshot; associating said second derivative data set with said second cloud client; capturing an event over said WAN, said event being associated with a first remote file system stored on said first one of said plurality of remote data storage systems, said event being indicative of at least one change made to object metadata corresponding to a data object of said first one of said plurality of remote data storage systems; processing said event using said first derivative data set to identify a conflict between said event and one or more of said customized first set of data governance policies; and executing a set of remediation actions, based on said conflict. Claim 2 (similarly claim 13). Claim 2. Claim 3 (similarly claim 14). Claim 1. Claim 4 (similarly claim 15). Claim 1. Claim 5 (similarly claim 16). Claim 3. Claim 6 (similarly claim 17). Claim 5. Claim 7 (similarly claim 18). Claim 6. Claim 8 (similarly claim 19). Claim 7. Claim 9. Claim 8. Claim 10. Claim 9. Claim 11. Claim 10. Claim 20. Claim 18. Claim 21. Claim 16. Claim 22. Claim 20. Claims 1-22 are rejected on the ground of nonstatutory double patenting as being anticipated by corresponding claims of US Patent No. 11,494,503 B2, as presented in the table below. Claim Comparison Instant Application 18/802,630 US Patent 11,494,503 B2 Claim 1 (similarly claim 12). In a cloud-based data governance system, a method for providing data governance of a remote data storage system associated with a remote file system, said method comprising: establishing a connection with said remote data storage system over a wide area network (WAN); capturing an event associated with said remote file system, said event being indicative of at least one file system operation executed on a data object of said remote data storage system; processing said event to determine whether said event conflicts with a governance policy of said data governance system; and executing a set of remediation actions, if said event does conflict with said governance policy. Claim 1 (claim 17). A method performed with a data governance server of a cloud-based, multi-tenant data governance system, said method for providing data governance of a plurality of remote data storage systems, each remote data storage system being associated with a particular one of a plurality of different cloud clients, being located geographically remotely from said data governance server, and having a particular associated remote file system stored thereon, said method comprising: receiving instructions from a first one of said cloud clients to customize a first set of data governance policies and to associate said customized first set of data governance policies with said first cloud client; establishing said customized first set of data governance policies associated with said first cloud client, said first cloud client being associated with a first one of said remote data storage systems and a first one of said remote file systems; storing said customized first set of data governance policies within said data governance server; receiving instructions from a second one of said cloud clients to customize a second set of data governance policies and to associate said customized second set of data governance policies with said second cloud client; establishing said customized second set of data governance policies associated with said second cloud client, said second cloud client being associated with a second one of said remote data storage systems and a second one of said remote file systems, said first cloud client being separate from and unaffiliated with said second cloud client; storing said customized second set of data governance policies within said data governance server; establishing a network connection between said data governance server and said first one of said remote data storage systems over a public wide area network (WAN); capturing a first event associated with said first remote file system, said first event being generated responsive to and indicative of at least one file system operation executed on a data object of said first remote data storage system, said file system operation being a modification or an access of said data object of said first remote data storage system; processing at said cloud-based, multi-tenant data governance server said first event and not said data object of said first remote data storage system to determine whether said first event conflicts with a first data governance policy of said customized first set of data governance policies of said data governance system, said first data governance policy defining how said data governance server functions in response to processing said first event; executing a first set of remediation actions, if said first event does conflict with said first data governance policy; establishing a second network connection between said data governance server and said second one of said remote data storage systems over a public WAN; capturing a second event associated with said second remote file system, said second event being generated responsive to and indicative of a second file system operation executed on a data object of said second remote data storage system, said second file system operation being a modification or an access of said data object of said second remote data storage system; processing at said cloud-based, multi-tenant data governance server said second event and not said data object of said second remote data storage system to determine whether said second event conflicts with a second data governance policy of said customized second set data governance policies of said data governance system, said second data governance policy defining how said data governance server functions in response to processing said second event; and executing a second set of remediation actions, if said second event does conflict with said second data governance policy. Claim 2 (similarly claim 13). Claim 2. Claim 3 (similarly claim 14). Claim 3. Claim 4 (similarly claim 15). Claim 4. Claim 5 (similarly claim 16). Claim 5. Claim 6 (similarly claim 17). Claim 6. Claim 7 (similarly claim 18). Claim 8. Claim 8 (similarly claim 19). Claim 12. Claim 9. Claim 13. Claim 10 (similarly claim 21). Claim 14. Claim 11 (similarly claim 22). Claim 15. Claim 20. Claim 25. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action: A person shall be entitled to a patent unless – (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-2, 8, 10, 12-13, 19, 21 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Foley et al (US20170024408A1, hereinafter, "Foley"). Regarding claim 1, Foley teaches: In a cloud-based data governance system, a method for providing data governance of a remote data storage system associated with a remote file system (Foley, discloses system and method for centralized monitoring and auditing remote file systems having user configured policies. e.g. Fig. 3 shows system in cloud, and [0042]), said method comprising: establishing a connection with said remote data storage system over a wide area network (WAN) (See Fig.1 network 102. And [0025] the distributed data processing system 100 may also be implemented to include a number of different types of networks, such as for example, an intranet, a local area network (LAN), a wide area network (WAN)); capturing an event associated with said remote file system, said event being indicative of at least one file system operation executed on a data object of said remote data storage system (e.g., [0008] The centralized monitoring (of the sets of file servers) is provided by a security manager appliance (sometimes referred to as a "collection server" or just "collector"), which is operative to receive from each of the plural file systems audit trail data (i.e. event). Typically, the audit trail data is data that has been generated locally as file system access activity is intercepted at the file system by the local software agent in accordance with the applicable security policy); processing said event to determine whether said event conflicts with a governance policy of said data governance system (e.g., [0009] preferably the collector stores (in a database) the audit trail, so for review or further analysis that file data access audit data (i.e. trail data, not data object) is available to be searched, for example, for suspicious patterns or unauthorized intrusions (i.e. conflicts with governance policy). And [0045] a collector 504 includes …, and a policy manager component 508. The policy manager component 508 may execute on a collector appliance. And [0047] The policy manager 508 in the collector 504 enables policy-based filtering based on one or more security policies 512 stored in the data store 506. And [0050] The policy manager 508 is operative to apply a particular security policy 512 to the audit trail data that is collected and received at the central manager); and executing a set of remediation actions, if said event does conflict with said governance policy (e.g., [0008] In addition, preferably the collector also applies the security policy against the audit trail data received from at least one of the plural file systems and, in response thereto, takes a given action (i.e. remediation). The given action typically is one of: issuing an alert, performing an audit activity, restricting access to a file system resource, and reporting on the file system access activity). Regarding claim 12, claim 12 is system claim that encompasses limitations that are similar to those limitations of the method claim 1. Therefore, claim 12 is rejected with the same rationale as applied against claim 1. In addition, Foley teaches a cloud-based data governance system (Foley, discloses system and method for centralized monitoring and auditing remote file systems having user configured policies. See e.g. Fig. 3 shows system in cloud, see [0042]) comprising: a processing unit configured to execute code (Data processing system 200 is an example of a computer, such as server 104 or client 110 in FIG. 1, in which computer-usable program code or instructions ... data processing system 200 includes communications fabric 202, which provides communications between processor unit 204…); a network adapter electrically coupled to establish a connection with a remote data storage system associated with a remote file system over a wide-area network (WAN) (Fig. 2, Input/Output unit 212 (i.e. network adapter) is shown for each client device, Fig.1 network 102. And [0025] a wide area network (WAN)); and memory for storing data and said code (Fig. 2 Memory). Regarding claim 2, similarly claim 13, Foley teaches the method of Claim 1, the system of Claim 12, Foley further teaches: wherein said step of capturing an event associated with said remote file system includes: deploying an event collection service to said remote data storage system, said event collection service being operative to detect file system operations executed on data objects of said remote data storage system, generate events indicative of said file system operations, and push said events to said data governance system (Foley, [0043] the system enables the software TAP agent to be configured in various ways that can affect the overall architecture of the solution. Thus, for example, the software TAP agent 312 can be configured to relay the captured information to one collector, to two or more collectors, to load balance the captured data between multiple collectors, or the like. In one basic software TAP configuration option, the software TAP agent is configured to send (i.e. push) traffic to one collector only. Traffic includes all of the relevant activity (access and results) that the agent observes between the client (application, user, and so on) and the database. And [0047] The policy manager 508 in the collector 504 enables policy-based filtering based on one or more security policies 512 stored in the data store 506. In particular, file access control policies 512 dictate what folders, files and other file system objects (i.e. data object) are monitored); and receiving said events from said remote data storage system via said event collection service (e.g., [0041] Appliances typically include the following subcategories: collectors 306, aggregators 308, and a central manager 310. And [0043] In addition, data from multiple collectors can be aggregated to the aggregation server (the aggregator 308) to provide holistic views and generate enterprise-level reports). Regarding claim 8, similarly claim 19, Foley teaches the method of Claim 1, the system of Claim 12, Foley further teaches: wherein said step of executing a set of remediation actions includes pushing a control message to said remote data storage system, said control message indicating a set of file system operations to be executed on objects of said remote file system by said remote data storage system (Foley, [0050] The security policy also may define particular file system access permissions that override any native OS permissions, thereby providing another layer of security around sensitive files. Generalizing, a particular security policy identifies one or more of: who, what, when and how of a particular file system access, as well as potentially describing a given action to take (e.g., detect, log, block, notify, etc.)). Regarding claim 10, similarly claim 21, Foley teaches the method of Claim 1, the system of Claim 12, Foley further teaches: wherein said step of processing said event includes performing data analytics on said event (Foley, [0043] in a database activity monitoring mode (or in a vulnerability assessment monitoring mode), the collectors 306 monitor and analyze database activity to provide continuous fine-grained auditing and reporting. And [0074] the term "intrusion detection" refers to gathering and analyzing information from various areas within a file system to identify possible security breaches). Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. Claims 3-7, 9, 14-18 are rejected under 35 U.S.C. 103 as being unpatentable over Foley as applied above to claim 1, 12 respectively, in view of Wijayaratne et al (US20140040197A1, hereinafter, “Wijayaratne”). Regarding claim 3, similarly claim 14, Foley teaches the method of Claim 1, the system of Claim 12, Foley does not explicitly teach the following limitation, however in the same field of endeavor Wijayaratne teaches: further comprising: receiving a metadata snapshot from said remote data storage system, said metadata snapshot being indicative of said remote file system (Wijayaratne, discloses system and method for event-based synchronization of remote and local files system. See [Title]/[Abstract]. And e.g., [0046] a full rescan sync (FRS) process can be used to "walk" the LFS 204 and the RFS 202 and create metadata snapshots of these file systems at a time Ts. These snapshots can then be compared and the differences used to bi-directionally synchronize the two file systems); and generating a derivative data set indicative of said remote file system based on said metadata snapshot (e.g., [0129] For each two consecutive event records, RFS phase 1 module 906 utilizes a reduction API to access tables (FIGS. 10A-10D) to determine the appropriate event reduction). Examiner notes that Wijayaratne teaches event-based synchronization of remote and local file system with multi clients (see Fig. 1, and [0044] Local clients 110 can access cloud files by directly accessing files/objects stored on local cloud 104, via a local network 112). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Wijayaratne in the file monitoring and auditing system of Foley by creating metadata snapshot to the remote file system as event records. This would have been obvious because the person having ordinary skill in the art would have been motivated to generate and synchronize the event based snapshot as event records between local and remote data file systems to provide local and remote data access and remote data security (Wijayaratne, [Abstract], [0044], [0046]). Regarding claim 4, similarly claim 15, Foley-Wijayaratne combination teaches the method of Claim 3, the system of Claim 14, Wijayaratne further teaches: wherein said step of capturing an event associated with said remote file system includes capturing metadata associated with one or both of said at least one file system operation and said data object (Wijayaratne, Fig. 4, [0058] Changes made to RFS 202 specifically are referred to as "remote events", whereas changes made to LFS 204 will be referred to as local events. In the present embodiment, remote events originate as changes to the metadata stored in RFS metadata database 406). Same motivation as presented in claims 3, 14 would apply. Regarding claim 5, similarly claim 16, Foley-Wijayaratne combination teaches the method of Claim 4, the system of Claim 15, Wijayaratne further teaches: wherein said step of capturing metadata includes capturing metadata indicative of a particular user executing said at least one file system operation (Wijayaratne, [0093] New Path field 814 includes data indicating the new path assigned when an event occurred… The UQID field can be used, for example, to identify the same file system objects on different file systems (e.g., RFS 202 and LFS 204) and/or associate a virtual file system object (e.g., in metadata database 406) with the data file in the data store … Timestamp field 822 includes data indicating the time the event occurred. User ID field 824 include data identifying the user that caused the event). Same motivation as presented in claims 3, 14 would apply. Regarding claim 6, similarly claim 17, Foley-Wijayaratne combination teaches the method of Claim 5, the system of Claim 16, Foley further teaches: wherein said step of executing a set of remediation actions includes altering permissions associated with said particular user (Foley, [0008] In addition, preferably the collector also applies the security policy against the audit trail data received from at least one of the plural file systems and, in response thereto, takes a given action. The given action typically is one of: issuing an alert, performing an audit activity, restricting access to a file system resource (i.e. altering permissions)). Regarding claim 7, similarly claim 18, Foley-Wijayaratne combination teaches the method of Claim 3, the system of Claim 14, Foley further teaches: wherein said step of processing said event includes: updating said derivative data set based on said event; and performing data analytics on said derivative data set after said derivative data set has been updated (Foley, [0050] The security policy also may define particular file system access permissions that override any native OS permissions, thereby providing another layer of security around sensitive files. Generalizing, a particular security policy identifies one or more of: who, what, when and how of a particular file system access, as well as potentially describing a given action to take (e.g., detect, log, block, notify, etc.)). Regarding claim 9, Foley teaches the method of Claim 1, Foley does not explicitly teach the following limitation(s), however in the same field of endeavor Wijayaratne teaches: further comprising: collecting additional events, each event of said additional events being indicative of at least one additional file system operation executed on a data object of said remote file system stored on said remote data storage system (Wijayaratne, discloses system and method for event-based synchronization of remote and local files system. See [Title]/[Abstract]. And [0012] The methods can also include storing (e.g., chronologically) the event records in a first events database and storing (e.g., chronologically) the RFS (i.e. “remote file system”) event records in a second events database); storing said event and said additional events in an event database ([0015] The system can also include a first and second events database that store (e.g., chronologically) FS and RFS event records, respectively); and providing a client associated with said remote file storage system access to said event database ([0017] The file storage system includes memory storing a file system (FS) with FS objects, a client interface for providing client access to the FS, a file system module that monitors for changes being made to the FS by the client, and a data monitor that generates an event record responsive to a change being made to the FS). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Wijayaratne in the file monitoring and auditing system of Foley by collecting first and second event data base. This would have been obvious because the person having ordinary skill in the art would have been motivated to collect additional event data as indicative of additional system file operation on the data object for the purpose of monitoring changes to the file system (Wijayaratne, [00010], [0018]). Claims 11, 22 are rejected under 35 U.S.C. 103 as being unpatentable over Foley as applied above to claim 1, 12 respectively, in view of Kulkarni et al (US20140201848A1, hereinafter, “Kulkarni”). Regarding claim 11, similarly claim 22, Foley teaches the method of Claim 1, the system of Claim 12, Foley does not explicitly teach the following limitation(s), however in the similar field of endeavor Kulkarni teaches: wherein said step of establishing a connection with said remote data storage system includes establishing a connection with a third party cloud service provider (Kulkarni, discloses method for sharing data stored at different file path, see [Abstract]. And [0032] the same methods described above may be adapted to share data items that reside in different locations, which may include locations across several remote storage areas, local storage areas, and even different service provider storage areas. As long as a path can be defined for a particular data item, and that path is available and accessible via a URL, the data item may be included in a grouped share command. For instance, a third party service provider having remote storage may provide application programming interfaces (APIs) for linking to or downloading data items stored on the third party service provider's remote storage). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Kulkarni in the file monitoring and auditing system of Foley by utilizing a third party service provider. This would have been obvious because the person having ordinary skill in the art would have been motivated to utilize the third party service to manage shared stored data with a secondary operation on files having different, distinct and exclusive file paths (Kulkarni, [0032]). Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Foley as applied above to claim 12, in view of Wijayaratne et al (US20140040196A1, hereinafter, “Wijayaratne”), further in view of Dos Santos et al (US20160306827A1, hereinafter, “Dos Santos”). Regarding claim 20, Foley teaches the system of Claim 12, Foley further teaches: further comprising: an event database operative to store a record of said event (Foley, [0009] According to another aspect of this disclosure, preferably the collector stores (in a database) the audit trail, so for review or further analysis); Foley does not explicitly teach the following limitation(s), however in the same field of endeavor Wijayaratne teaches: and a client interface configured to provide a client associated with said remote file system access to said event database (Wijayaratne, [0017] The file storage system includes memory storing a file system (FS) with FS objects, a client interface for providing client access to the FS, a file system module that monitors for changes being made to the FS by the client, and a data monitor that generates an event record responsive to a change being made to the FS); and wherein said event collection interface is configured to collect additional events and store records of said additional events in said database, each event of said additional events being indicative of at least one additional file system operation executed on a data object of said remote file system stored on said remote data storage system (e.g., [0015] The system can also include a first and second events database that store (e.g., chronologically) FS and RFS event records, respectively); Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Wijayaratne in the file monitoring and auditing system of Foley by collecting first and second event data base. This would have been obvious because the person having ordinary skill in the art would have been motivated to collect additional event data as indicative of additional system file operation on the data object for the purpose of monitoring changes to the file system (Wijayaratne, [00010], [0018]). The combination of Foley-Wijayaratne does not specifically teach, in the same field of endeavor Dos Santos teaches: and said data governance service is additionally configured to perform batch data analysis functions on a subset of said records of said database (Dos Santos, discloses synchronizing data rules and corresponding metadata to implement data governance, see [Title]/[Abstract]. And [0023] A validation rule that checks the zip code ensures the field contains five numbers. As part of a batch load process, the zip code field is populated along with other fields. The validation rule is executed as part of the batch load process to identify records that do not satisfy the validation rule). Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Dos Santos in the file monitoring and auditing system of Foley-Wijayaratne by performing batch data analysis to implement data governance. This would have been obvious because the person having ordinary skill in the art would have been motivated to synchronize data rules and metadata to implement data governance (Dos Santos, [Abstract]). Citation of References The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action: Debo et al (US9465778B1) discloses method for regulating a plurality of collections of data includes analyzing collections of data to identify one or more deviations from a standard, guideline, or best practice governing the plurality of collections of data. Savage et al (US20150127607A1) discloses distributed data system with document management and access control. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975. The examiner can normally be reached on M-F: 8:30AM - 5:30PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /MICHAEL M LEE/Primary Examiner, Art Unit 2436