DETAILED ACTION
This final office action is in response to claims 1-16 filed on 03/25/2026 for examination. Claims 1-16 are being examined and are pending.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Restriction Election/Amendments
Applicant’s election without traverse of claims 1-16 in the reply filed 03/25/2026 is acknowledged.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 03/25/2026 have been considered by the examiner.
Response to Amendment
The amendment filed March 25, 2026 has been entered. Claims 1-16 remain pending in the application. The claims have been amended. Applicant’s arguments and amendments to the claims have overcome each and every claim objection previously set forth in the Non-Final Office Action mailed February 25, 2026. Claims 1-16 have been amended and have necessitated a new ground(s) of rejection in this Office Action. Further, Applicant’s arguments regarding claims 1-16 have been fully considered but are not persuasive to differentiate over the prior art. Particularly:
Applicant opines that the combination of Moktali (NPL: “Generative AI Data Privacy with Moktali LLM Privacy Vault”; May 18, 2023) in view of Cui et al. (US20080077806) fails to teach “encrypting sensitive data fields at a field level using a first encryption proxy in a data store; labeling the encrypted data fields with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field; […] and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies as defined in the metadata.” Remarks, pgs. 8-9. Applicant appears to argue that Moktali’s tokenization’s are distinct from encryption, and Applicant opines it therefore cannot read on the claims. Id. Examiner disagrees. While Moktali does not specifically denote the “deterministic token representation” generation as “encrypting” in their nomenclature – it functionally is encryption. Encryption is merely the process of changing information into a secret code that others cannot understand or use without special knowledge/equipment. While not presently relied upon, for additional reference see, e.g., Cambridge Dictionary (NPL: “Definition: Encryption”). This is clearly provided in Moktali: The vault system <i.e., data store> of Moktali identifies sensitive data elements/fields <e.g., phone numbers, social security numbers, etc.> and protects them by converting the sensitive data elements/fields into deterministic token representations <i.e., sensitive data fields are changed into secret code/ciphertext at a field level>. See, e.g., Moktali at pgs. 5-6, 8-9. The deterministic token representations cannot be deciphered into the original sensitive data by undesired systems/the AI system <i.e., the tokenization is encryption>. Id. The vault system <i.e., data store> also stores detokenization/permission information for the sensitive fields <i.e., is a data store>, and the deterministic token representations can be detokenized back into their original plaintexts <i.e., the encrypted fields can be decrypted>. Id. In view of the foregoing, as would be recognized by one of ordinary skill in the art before the effective filing date of the claimed invention, Moktali teaches encrypting sensitive data fields at a field level using a first encryption proxy in a data store, as well as the selective decrypting. Applicant’s associated remarks are unpersuasive. Additional note: Cui also explicitly teaches encryption/decryption of data values before input to a system/viewing at a field level, and similarly can satisfy the claimed language. See, e.g., Cui at abstract, [0026-028].
Next: Applicant opines that Moktali and Cui do not teach wherein “the encrypted data fields are labeled with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field; […] and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies as defined in the metadata.” Remarks, pgs. 9-10. Applicant opines Cui is directed to database-to-database sharing and does not teach interfacing encrypted, metadata labeled databases to a generative AI system. Remarks, pgs. 9-10. This argument is not persuasive as Cui is not relied upon to teach the generative AI system. In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Instead, Moktali is relied upon to teach the generative AI workflow. See, e.g., Moktali at pgs. 5-9, as well as hereinbelow with regards to 35 U.S.C. 103. Cui teaches using metadata with field level encryption to efficiently provide authorization-controlled decryption/access control policies. See, e.g., Cui at [0027-028] and [0033-034]. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the data protecting AI system of Moktali with the metadata system of Cui, the encrypted data fields are labeled with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field; […] and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies as defined in the metadata, so that the sensitive fields efficiently maintain field-specific security context and can be decrypted by desired users based on user authorization and access control information. See, e.g., Moktali at pgs. 10-11; with Cui at [0027-028] and [0033-034]. Applicant’s associated remarks are unpersuasive.
In view of the foregoing, as well as hereinbelow with regards to 35 U.S.C. 103, applicant’s arguments regarding claims 1-16 have been fully considered but are not persuasive to differentiate over the prior art.
Claim Objections
Claim(s) 1 and 9 is/are objected to because of the following informalities:
Claim 1 recites “and access control policies as defined in the metadata” in line 15. For consistency (with claim 1, line 7), Examiner suggests amending to, e.g., “and the access control policies as defined in the metadata.” or similar, if intended. Claim 9 recites a similar deficiency, and is objected to under like rationale.
Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim(s) 1-16 is/are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Particularly: Claim 1 recites the limitation "the data field" in line 7. There is insufficient antecedent basis for this limitation in the claim. Further, claim 1 inconsistently alters between “the encrypted data fields” (e.g., claim 1, line 5), “the data fields” (e.g., claim 1, line 6), “the data field” (e.g., claim 1, line 7). If referring to the same element(s), the element(s) should be referenced in a consistent and clear manner. Claim 9 recites a similar deficiency, and is rejected under like rationale. Claims 2-8 and 10-16 incorporate the deficiency of their parent claim, and are rejected under like rationale.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-4 and 9-12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Moktali (NPL: “Generative AI Data Privacy with Moktali LLM Privacy Vault”; May 18, 2023; Herainfter “Moktali”) in view of Cui et al. (US20080077806; Hereinafter “Cui”).
Regarding claim 1, Moktali teaches a method for protecting sensitive data in a generative AI system (pgs. 5-9), comprising:
encrypting sensitive data fields at a field level using a first encryption proxy in a data store (Pgs. 5-9 and 2 – Skyflow’s vault system <i.e., data store> identifies sensitive data elements/fields <e.g., phone numbers, social security numbers, etc.> and protects them by converting the sensitive data elements/fields into deterministic token representations <i.e., sensitive data fields are encrypted at a field level>. The deterministic token representations cannot be deciphered into the original sensitive data by undesired systems/the AI system <i.e., the tokenization is encryption>. The vault system <i.e., data store> also stores detokenization/permission information for the sensitive fields <i.e., is a data store>, and the deterministic token representations can be detokenized back into their original plaintexts <i.e., the encrypted fields can be decrypted>);
interfacing the data store to the generative AI system (pg. 5-9 – the vault system is connected to the AI system);
receiving a user prompt at a second proxy (pgs. 5-6, 8-9, and 2 – a prompt can be generated for the AI system LLM. A vault <i.e., second proxy> receives the prompt and redacts sensitive data from the prompt before forwarding the prompt to the AI system LLM);
sending the user prompt to the generative AI system (pgs. 5-6, 8-9, and 2 – a prompt can be generated for the AI system LLM. A vault <i.e., second proxy> receives the prompt and redacts sensitive data from the prompt before the prompt is sent to the AI system LLM);
generating a response by the generative AI system based on the encrypted data fields [[and the metadata]] (pgs. 5-6, 8-9, and 2 – a prompt can be generated for the AI system LLM. A vault <i.e., second proxy> receives the prompt and redacts sensitive data/fields in the prompt before the prompt is sent to the AI system LLM. The sensitive data/fields are converted into the deterministic token representations <i.e., the encrypted data fields> that can subsequently be detokenized. A response is generated by the AI system LLM using the deterministic token representations <i.e., encrypted data fields> and returned to the requestor);
receiving the response from the generative AI system (pgs. 5-6, 8-9, and 2 – a prompt can be generated for the AI system LLM. A vault <i.e., second proxy> receives the prompt and redacts sensitive data from the prompt before the prompt is sent to the AI system LLM. A response is generated by the AI system LLM comprising the deterministic token representations and returned to the requestor); and
selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies [[as defined in the metadata]] (pgs. 5-6 and 8-9 – A response generated by the AI system LLM comprising deterministic token representations is provided to the vault. If the user is an authorized user permitted to view the deterministic token representations’ redacted data, the deterministic token representations are converted back into readable/actual values <i.e., decrypted>).
While Moktali teaches generating a response by the generative AI system based on the encrypted data fields; receiving the response from the generative AI system; and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies (see, e.g., pgs. 5-6, 8-9, and 2), Moktali appears to fail to specifically disclose labeling the encrypted data fields with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field; generating a response by the generative AI system based on the encrypted data fields and the metadata, and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies as defined in the metadata.
However, Cui teaches a similar system for encrypting sensitive data fields for controlled sharing to a recipient (see, e.g., Cui at [0004-007] and [0019]), comprising labeling the encrypted data fields with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field ([0027-028] and [0033-035] – the data to be shared into a database is encrypted and labeled with metadata information. The data can be encrypted at a field level. The encrypted data’s associated metadata information can comprise, e.g., an encryption Key ID used to determine the decryption key and authorized users/associated permissions);
generating a response based on the encrypted data fields and the metadata ([0019], [0046-050], and [0023] – a user may submit a request <e.g., a read request> to the database. A response is generated comprising the encrypted data fields and returned to the encryption manager <i.e., response based on encrypted data fields>. The encrypted data fields of the response encrypted using/based on the metadata information <i.e., response generated based on the encrypted data fields and metadata information>); and
selectively decrypting sensitive data in the response based on user authorization and access control policies as defined in the metadata ([0040] and [0046-50] – the sensitive data fields may be decrypted based on authorization/access control policies in the metadata).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to implement the privacy preserving AI system of Moktali with the field-level metadata teachings of Cui. Particularly comprising: labeling the encrypted data fields with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field; generating a response by the generative AI system based on the encrypted data fields and the metadata, and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies as defined in the metadata, so that the sensitive fields efficiently maintain field-specific security context and can be decrypted by desired users based on user authorization and access control information (see, e.g., Moktali at pgs. 10-11; with Cui at [0027-028] and [0033-034]).
Regarding claim 2, the combination of Moktali and Cui teach the method of claim 1, wherein the metadata comprises encryption key information and the access control policies (Cui at [0027-028] and [0033-034] – the data to be shared into a database is encrypted and labeled with metadata. The data can be encrypted at a field level. The encrypted data’s associated metadata can comprise, e.g., an encryption Key ID used to determine the decryption key and authorized users).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Moktali with the teachings of Cui, wherein the metadata comprises encryption keys information and access control policies, to ensure the data can be properly decrypted and accessed by only permitted users (see, e.g., Moktali at pgs. 10-11; with Cui at [0027-028] and [0033-034]).
Regarding claim 3, the combination of Moktali and Cui teach the method of claim 1, wherein encrypting sensitive data fields is based on a declarative policy defining which data values require protection (Moktali at pgs. 4-5 and 7 – the encryption system may be operated based on a regulatory policy the company is following <i.e., declarative policy> that defines e.g., social security information, phone numbers, etc. must be protected).
Regarding claim 4, the combination of Moktali and Cui teach the method of claim 3, wherein the declarative policy specifies a location of sensitive data in the data store and a protection method for the sensitive data (Moktali at pgs. 4-5 and 7 – the encryption system may be operated based on a regulatory policy the company is following <i.e., declarative policy> that defines e.g., social security information, phone numbers, etc. must be tokenized/protected <i.e., protection method> before storage or sharing. E.g., before they enter the LLM system <i.e., a location>).
Regarding claim 9, Moktali teaches a system for protecting sensitive data in a generative Al application (pgs. 5-9), comprising:
a first encryption proxy configured to encrypt sensitive data fields at a field level in a data store (pgs. 5-9 and 2 – Skyflow’s vault system <i.e., data store> identifies sensitive data elements/fields <e.g., phone numbers, social security numbers, etc.> and protects them by converting the sensitive data elements/fields into deterministic token representations <i.e., sensitive data fields are encrypted at a field level>. The deterministic token representations cannot be deciphered into the original sensitive data by undesired systems/the AI system <i.e., the tokenization is encryption>. The vault system <i.e., data store> also stores detokenization/permission information for the sensitive fields <i.e., is a data store>, and the deterministic token representations can be detokenized back into their original plaintexts <i.e., the encrypted fields can be decrypted>);
a generative Al model utilizing the encrypted and labeled data for context (pg. 5-9 – the vault system is connected to the AI system, and an AI model uses the tokenized data); and
a second proxy configured to:
receive user prompts (pgs. 5-6, 8-9, and 2 – a prompt can be generated for the AI system LLM. A vault <i.e., second proxy> receives the prompt and redacts sensitive data from the prompt before forwarding the prompt to the AI system LLM), send
the prompts to the generative Al model (pgs. 5-6, 8-9, and 2 – a prompt can be generated for the AI system LLM. A vault <i.e., second proxy> receives the prompt and redacts sensitive data from the prompt before the prompt is sent to the AI system LLM),
receive responses from the generative Al model(pgs. 5-6, 8-9, and 2 – a prompt can be generated for the AI system LLM. A vault <i.e., second proxy> receives the prompt and redacts sensitive data from the prompt before the prompt is sent to the AI system LLM. A response is generated by the AI system LLM and returned to the requestor), and
selectively decrypt sensitive data in the responses based on user authorization and access control policies [[defined in the metadata]] (pgs. 5-6 and 8-9 – A response generated by the AI system LLM comprising deterministic token representations is provided to the vault. If the user is an authorized user permitted to view the deterministic token representations’ redacted data, the deterministic token representations are converted back into readable/actual values <i.e., decrypted>).
While Moktali teaches generating a response by the generative AI system based on the encrypted data fields; receiving the response from the generative AI system; and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies (see, e.g., pgs. 5-6, 8-9, and 2), Moktali appears to fail to specifically disclose labeling the encrypted data fields with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field; and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies as defined in the metadata.
However, Cui teaches a similar system for encrypting sensitive data fields for controlled sharing to a recipient (see, e.g., Cui at [0004-007] and [0019]), comprising labeling the encrypted data fields with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field ([0027-028] and [0033-035] – the data to be shared into a database is encrypted and labeled with metadata information. The data can be encrypted at a field level. The encrypted data’s associated metadata information can comprise, e.g., an encryption Key ID used to determine the decryption key and authorized users/associated permissions); and
selectively decrypt sensitive data in the responses based on user authorization and access control policies as defined in the metadata ([0040] and [0046-50] – the sensitive data fields may be decrypted based on authorization/access control policies in the metadata).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to implement the privacy preserving AI system of Moktali with the field-level metadata teachings of Cui. Particularly comprising: labeling the encrypted data fields with metadata in the data store, the metadata including any of: information relating to encryption keys to encrypt the data fields, a nature of the data field, and access control policies for the data field; and selectively decrypting, by the second proxy, sensitive data in the response based on user authorization and access control policies as defined in the metadata, so that the sensitive fields efficiently maintain field-specific security context and can be decrypted by desired users based on user authorization and access control information (see, e.g., Moktali at pgs. 10-11; with Cui at [0027-028] and [0033-034]).
Regarding claim 10, the combination of Moktali and Cui teach the system of claim 9, wherein the metadata includes information about encryption keys used, nature of the data, and access control policies (Cui at [0027-028] and [0033-034] – the data to be shared into a database is encrypted and labeled with metadata. The data can be encrypted at a field level. The encrypted data’s associated metadata can comprise, e.g., an encryption Key ID used to determine the decryption key and authorized users <Note: sensitive data is a nature of data indicated by the encryption/metadata>. The encryption algorithm is also indicated <i.e., nature of encrypted data>).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement Moktali with the teachings of Cui, wherein the metadata includes information about encryption keys used, nature of the data, and access control policies, to ensure the data can be properly decrypted and accessed by only permitted users (see, e.g., Moktali at pgs. 10-11; with Cui at [0027-028] and [0033-034]).
Regarding claim 11, the combination of Moktali and Cui teach the system of claim 9, further comprising a policy engine configured to define a declarative policy specifying which data values require protection (Moktali at pgs. 4-5 and 7 – the encryption system may be operated based on a regulatory policy the company is following <i.e., declarative policy> that defines e.g., social security information, phone numbers, etc. must be protected).
Regarding claim 12, the combination of Moktali and Cui teach the system of claim 11, wherein the declarative policy specifies a location of sensitive data in the data store and a protection method for the sensitive data (Moktali at pgs. 4-5 and 7 – the encryption system may be operated based on a regulatory policy the company is following <i.e., declarative policy> that defines e.g., social security information, phone numbers, etc. must be tokenized/protected <i.e., protection method> before storage or sharing. E.g., before they enter the LLM system <i.e., a location>).
Claim(s) 5-7 and 13-15 is/are rejected under 35 U.S.C. 103 as being unpatentable over Moktali in view of Cui, further in view of Hugot et al. (EP3429156; Hereinafter “Hugot”).
Regarding claim 5, the combination of Moktali and Cui teach the method of claim 1. Yet, the combination of Moktali and Cui appear to fail to specifically disclose wherein user authorization is determined based on identity management frameworks comprising at least one of OpenID Connect (OIDC) or Security Assertion Markup Language (SAML).
However, Hugot teaches a system for granting access to protected assets (see, e.g., abstract), wherein user authorization is determined based on identity management frameworks comprising at least one of OpenID Connect (OIDC) or Security Assertion Markup Language (SAML) ([0015] – user authorization is based on identity management frameworks such as OIDC or SAML).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Moktali and Cui with the teachings of Hugot, wherein user authorization is determined based on identity management frameworks comprising at least one of OpenID Connect (OIDC) or Security Assertion Markup Language (SAML), to implement the user authorization securely and without major impact on the network system (see, e.g., Hugot at [0015]).
Regarding claim 6, the combination of Moktali, Cui, and Hugot teach the method of claim 5, further comprising applying Role Based Access Control (RBAC) policies to control a level of access for each authorized user or group of users (Moktali at pgs. 10-11 – only authorized users <i.e., users in an authorized role> are permitted to use the data in plain text form; see additionally, e.g., Cui at [0033-034] – only specific authorized users and/or groups of users <i.e., users of a role> may be permitted to access the data and/or decrypt the data).
Regarding claim 7, the combination of Moktali, Cui, and Hugot teach the method of claim 6, wherein selectively decrypting sensitive data comprises applying different levels of access to different users based on roles of each user as defined in the RBAC policies (Moktali at pgs. 10-11 – only authorized users <i.e., users in an authorized role> are permitted to use the unsensitive data and also the sensitive data in plain text form. Unauthorized users <i.e., another level of access> are permitted to use only unsensitive data in its plain text form <i.e., their roles/permissions are defined by the access policy>; see additionally, e.g., Cui at [0033-034] – only specific authorized users and/or groups of users <i.e., users of a role> may be permitted to access the data and/or decrypt the data. Other users may not access the data in plain text <i.e., different levels>).
Regarding claim 13, the combination of Moktali and Cui teach the system of claim 9. Yet, the combination of Moktali and Cui appear to fail to specifically disclose wherein user authorization is determined based on identity management frameworks comprising at least one of OpenID Connect (OIDC) or Security Assertion Markup Language (SAML).
However, Hugot teaches a system for granting access to protected assets (see, e.g., abstract), wherein the second proxy is further configured to determine user authorization based on identity management frameworks including OpenID Connect (OIDC) or Security Assertion Markup Language (SAML) ([0015] – user authorization is based on identity management frameworks such as OIDC or SAML).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Moktali and Cui with the teachings of Hugot, wherein user authorization is determined based on identity management frameworks comprising at least one of OpenID Connect (OIDC) or Security Assertion Markup Language (SAML), to implement the user authorization securely and without major impact on the network system (see, e.g., Hugot at [0015]).
Regarding claim 14, the combination of Moktali, Cui, and Hugot teach the system of claim 13, further comprising a Role Based Access Control (RBAC) module configured to control a level of access for each authorized user or group of users (Moktali at pgs. 10-11 – only authorized users <i.e., users in an authorized role> are permitted to use the data in plain text form; see additionally, e.g., Cui at [0033-034] – only specific authorized users and/or groups of users <i.e., users of a role> may be permitted to access the data and/or decrypt the data).
Regarding claim 15, the combination of Moktali, Cui, and Hugot teach the system of claim 14, wherein the second proxy is configured to apply different levels of access to different users based on roles of each user as defined in the RBAC module when selectively decrypting or masking sensitive data in the responses (Moktali at pgs. 10-11 – only authorized users <i.e., users in an authorized role> are permitted to use the unsensitive data and also the sensitive data in plain text form. Unauthorized users <i.e., another level of access> are permitted to use only unsensitive data in its plain text form <i.e., their roles/permissions are defined by the access policy>; see additionally, e.g., Cui at [0033-034] – only specific authorized users and/or groups of users <i.e., users of a role> may be permitted to access the data and/or decrypt the data. Other users may not access the data in plain text <i.e., different levels>).
Claim(s) 8 and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Moktali in view of Cui, further in view of Jose (NPL: “Introducing the Skyflow Data Governance Engine”; Hereinafter “Jose”).
Regarding claim 8, the combination of Moktali and Cui teach the method of claim 1. Yet the combination of Moktali and Cui appear to fail to specifically disclose wherein selectively decrypting further comprises selectively masking, by the second proxy, the sensitive data in the response based on the user authorization.
However, Moktali 2 teaches a similar system for protecting data input/output from a system (see, e.g., pgs. 1-5), wherein selectively decrypting further comprises selectively masking, by the second proxy, the sensitive data in the response based on the user authorization (pgs. 1-5 – some specific output data from the system is selectively unmasked <i.e., decrypted> for an authorized user, while other output data is masked <e.g., first portion of social security digits, records from outside a doctor’s state, specific fields/columns the recipient is not allowed to access>).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Moktali and Cui with the teachings of Jose, wherein selectively decrypting further comprises selectively masking, by the second proxy, the sensitive data in the response based on the user authorization, so that only authorized/intended users can view sensitive data (see, e.g., Jose as pgs. 1-5, as well as Moktali at pg. 9 linking to Jose).
Regarding claim 16, the combination of Moktali and Cui teach the system of claim 9. Yet the combination of Moktali and Cui appear to fail to specifically disclose wherein the second proxy is further configured to selectively mask sensitive data in the responses based on the user authorization.
However, Moktali 2 teaches a similar system for protecting data input/output from a system (see, e.g., pgs. 1-5), wherein the second proxy is further configured to selectively mask sensitive data in the responses based on the user authorization (pgs. 1-5 – some specific output data from the system is selectively unmasked <i.e., decrypted> for an authorized user, while other output data is masked <e.g., first portion of social security digits, records from outside a doctor’s state, specific fields/columns the recipient is not allowed to access>).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combination of Moktali and Cui with the teachings of Jose, wherein the second proxy is further configured to selectively mask sensitive data in the responses based on the user authorization, so that only authorized/intended users can view sensitive data (see, e.g., Jose as pgs. 1-5, as well as Moktali at pg. 9 linking to Jose).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Luitjens (US20240346162) teaches a system for creating prompts, sanitizing sensitive information from the prompts, sending the prompts to an AI, receiving responses, and de-sanitizing the responses (see, e.g., Luitjens at [0003-011]). Wu (NPL: “What is Fine-Grained Access Control for Sensitive Data?”; February 22, 2023) teaches a system for implementing role based access control for sensitive data shared with a central system (see, e.g., Wu at pgs. 5-9). Vilvovsky (US20180191506) teaches a field/storage level encryption where associated metadata includes data access information including keys and location, as well as an access control policy (see, e.g., Vilvovsky at abstract [0013-014] and [0047]).
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365. The examiner can normally be reached Monday-Thursday, & Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached at 5712723787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/J.R.W./Examiner, Art Unit 2438 /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438