Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of Claims
This is a first office action on the merits in response to the application filed on January 29, 2025, a continuation of U.S. Application No. 18/059,559.
Claims 1-18 are pending and have been examined.
Priority
The applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged.
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 03/26/2025, is in compliance with provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claims 1, 7, and 13 are objected to because of the following informalities:
Claims 1, 7, and 13 recite “define, monitor, and manage data streams that facilitate movement of data packets between enterprise services, enterprise APIs, and the enterprise internal and/or external systems and/or products.” The abbreviation “API” should be spelled out as “application programming interface” when it is cited for the first time. Appropriate correction is required.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1, 3, 5, 7, 9, 11, 13, 15, and 17 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3 of U.S. Patent No. 12,248,918. Although the claims at issue are not identical, they are not patentably distinct from each other.
The mapping of claims 1, 3, 5, 7, 9, 11, 13, 15, and 17 of this application with claims 1-3 of the 918 patent is as follows:
This Application
Patent No. 12,248,918
Claim 1:
An integrated computer system for managing, visualizing, and monetizing data streams across enterprise internal and/or external systems and/or products, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, wherein the one or more processors are configured to execute:
the data stream ecosystem software module to: define, monitor, and manage data streams that facilitate movement of data packets between enterprise services, enterprise APIs, and the enterprise internal and/or external systems and/or products; track metadata and operational attributes of the data streams to ensure visibility, traceability, and compliance with organizational policies; provide tools for real-time monitoring, inspection, and visualization of the data streams and their associated metadata; enable users to map relationships between the data streams, data sources, and consuming systems for analytical or operational purposes; and enable secure connections to the data streams from internal and/or external systems and/or products through various interfaces across networks or domains; the data stream manipulator registry environment software module to: host an inventory of reusable data manipulation functions for transformation, enrichment, and augmentation of the data streams; enable third-party developers or implementors to create, contribute, license, deploy, and distribute the reusable data manipulation functions directly and/or through an integrated marketplace; and provide a framework for selecting, applying, and automating the reusable data manipulation functions to modify or enhance the data streams in real-time or on a scheduled basis; and the data stream license purchase software module to: facilitate secure access to the data streams by managing user and entity permissions through formalized access agreements; and enable monetization of data stream access through subscription-based or pay-per-use licensing models.
Claim 1:
An integrated computer system that enables an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a management platform software module, a multi-factor authentication (MFA) software module, a product license purchase software module, a data model registry software module, a gateway control system software module, a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, wherein the one or more processors are configured to execute:
the management platform software module to:
enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality; the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner; the management platform software module to (i) enable further division of the accounts within the one organization into domains and (ii) map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; the management platform software module to: enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products; the data model registry software module to enable the implementor to maintain an inventory of possible data types originating from the external systems and/or external products of the implementor along with associated metadata for robust searching, filtering, and visualization of relationships between the data types; the gateway control system software module to enable validation that an incoming request from one of the users, the external systems, and/or the external products maps to a specific one of the data types as stored in the one or more data model registry processors before allowing the incoming request to proceed to any intended destination;
the data stream ecosystem software module to: enable the implementor to define data streams and connect the external systems and/or the external products to the data streams to move data packets between the external systems and/or the external products; and enable the implementor to track metadata about the data streams, to inspect the data streams, to manipulate the data streams, to visualize the data packets within the data streams, to visualize inventory of the data streams, and to visualize relationships between the data streams; the gateway control system software module, the management platform software module, and the data stream ecosystem software module to work in concert to (i) map the incoming request to the one or more management platform processors and/or any of the external systems and/or any of the external products, back to the user making the incoming request, and (ii) send audit data through one of the data streams for consumption by any of the one or more external systems and/or any of the one or more external products, wherein one of the computing devices connected to the one or more processors is empowered to validate that one of the data packets maps to a specific one of the data types as stored in a computer-readable memory device of the one or more computer-readable memory devices associated with the data model registry software module before allowing the one data packet to enter one of the data streams;
the data stream manipulator registry environment software module to enable persons not directly affiliated with the implementor to create, upload, and/or make available business agnostic functions represented as blocks of code, wherein the implementor is enabled to then browse, select, license, and/or attribute to one or more of the data streams or other elements of the management platform software module to automate desired data changes and/or desired state changes, both one time and/or in an on-going manner; and the data stream license purchase software module to enable the implementor to request and gain access to at least one of the data streams in a formalized manner, wherein: the access to the data stream through the data stream license purchase software module can be monetized through a payment system; the common aspect corresponds to one of the accounts belonging to (i) a common entity external to an entity associated with the implementor and/or (ii) a common group within the entity associated with the implementor; and access to at least one of the external systems and/or at least one of the external products through the product license purchase software module can be monetized through the payment system.
Claim 3:
wherein the one or more computer-readable memory devices further store a management platform software module, wherein the one or more processors are configured to execute the management platform software module to: enable user identity and access management within the integrated computer system; enable a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain; map accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and authenticate and authorize the users and/or computing devices based on their roles and their permissions.
Claim 1:
An integrated computer system that enables an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a management platform software module … wherein the one or more processors are configured to execute: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality … the management platform software module to (i) enable further division of the accounts within the one organization into domains and (ii) map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; the management platform software module to: enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products.
Claim 5:
wherein the one or more computer-readable memory devices further store a management platform software module, wherein the one or more processors are configured to execute the management platform software module to: enable user identity and access management within the integrated computer system; enable a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain; map accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and authenticate and authorize the users and/or computing devices based on their roles and their permissions.
Claim 1:
An integrated computer system that enables an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a management platform software module … wherein the one or more processors are configured to execute: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality … the management platform software module to (i) enable further division of the accounts within the one organization into domains and (ii) map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; the management platform software module to: enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products.
Claim 7:
A computer-implemented method for an integrated computer system for managing, visualizing, and monetizing data streams across enterprise internal and/or external systems and/or products, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, the method comprising the one or more processors executing:
the data stream ecosystem software module to: define, monitor, and manage data streams that facilitate movement of data packets between enterprise services, enterprise APIs, and the enterprise internal and/or external systems and/or products; track metadata and operational attributes of the data streams to ensure visibility, traceability, and compliance with organizational policies; provide tools for real-time monitoring, inspection, and visualization of the data streams and their associated metadata; enable users to map relationships between the data streams, data sources, and consuming systems for analytical or operational purposes; and enable secure connections to the data streams from internal and/or external systems and/or products through various interfaces across networks or domains; the data stream manipulator registry environment software module to: host an inventory of reusable data manipulation functions for transformation, enrichment, and augmentation of the data streams; enable third-party developers or implementors to create, contribute, license, deploy, and distribute the reusable data manipulation functions directly and/or through an integrated marketplace; and provide a framework for selecting, applying, and automating the reusable data manipulation functions to modify or enhance the data streams in real-time or on a scheduled basis; and the data stream license purchase software module to: facilitate secure access to the data streams by managing user and entity permissions through formalized access agreements; and enable monetization of data stream access through subscription-based or pay-per-use licensing models.
Claim 2:
A computer-implemented method for an integrated computer system to enable an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a management platform software module, a multi-factor authentication (MFA) software module, a product license purchase software module, a data model registry software module, a gateway control system software module, a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, the method comprising the one or more processors executing: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality; the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner; the management platform software module to: enable further division of the accounts within the one organization into domains; map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products; the data model registry software module to enable the implementor to maintain an inventory of possible data types originating from the external systems and/or external products of the implementor along with associated metadata for robust searching, filtering, and visualization of relationships between the data types; the gateway control system software module to enable validation that an incoming request from one of the users, the external systems, and/or the external products maps to a specific one of the data types as stored in the one or more data model registry processors before allowing the incoming request to proceed to any intended destination;
the data stream ecosystem software module to enable the implementor to define data streams and connect the external systems and/or the external products to the data streams to move data packets between the external systems and/or the external products; the data stream ecosystem software module to enable the implementor to track metadata about the data streams, to inspect the data streams, to manipulate the data streams, to visualize the data packets within the data streams, to visualize inventory of the data streams, and to visualize relationships between the data streams; the gateway control system software module, the management platform software module, and the data stream ecosystem software module to work in concert to (i) map the incoming request to the one or more management platform processors and/or any of the external systems and/or any of the external products, back to the user making the incoming request, and (ii) send audit data through one of the data streams for consumption by any of the one or more external systems and/or any of the one or more external products, wherein one of the computing devices connected to the one or more data-processors is empowered to validate that one of the data packets maps to a specific one of the data types as stored in a computer-readable memory device of the one or more computer-readable memory devices associated with the data model registry software module before allowing the one data packet to enter one of the data streams; the data stream manipulator registry environment software module to enable persons not directly affiliated with the implementor to create, upload, and/or make available business agnostic functions represented as blocks of code, wherein the implementor is enabled to then browse, select, license, and/or attribute to one or more of the data streams or other elements of the one or more management platform processors to automate desired data changes and/or desired state changes, both one time and/or in an on-going manner; and the data stream license purchase software module to enable the implementor to request and gain access to at least one of the data streams in a formalized manner, wherein: the access to the data stream through the data stream license purchase software module can be monetized through a payment system; the common aspect corresponds to one of the accounts belonging to (i) a common entity external to an entity associated with the implementor and/or (ii) a common group within the entity associated with the implementor; and access to at least one of the external systems and/or at least one of the external products through the product license purchase software module is monetized through the payment system.
Claim 9:
wherein the one or more computer- readable memory devices further store a management platform software module, wherein the one or more processors execute the management platform software module to: enable user identity and access management within the integrated computer system; enable a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain; map accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and authenticate and authorize the users and/or computing devices based on their roles and their permissions.
Claim 2:
A computer-implemented method for an integrated computer system to enable an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a management platform software module … the method comprising the one or more processors executing: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality; the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner; the management platform software module to: enable further division of the accounts within the one organization into domains; map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products.
Claim 11:
wherein the one or more computer- readable memory devices further store a management platform software module, wherein the one or more processors execute the management platform software module to: enable user identity and access management within the integrated computer system; enable a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain; map accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and authenticate and authorize the users and/or computing devices based on their roles and their permissions.
Claim 2:
A computer-implemented method for an integrated computer system to enable an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a management platform software module … the method comprising the one or more processors executing: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality; the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner; the management platform software module to: enable further division of the accounts within the one organization into domains; map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products.
Claim 13:
A non-transitory computer-readable storage medium, having encoded thereon program code comprising a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, wherein, when the program code is executed by one or more processors of an integrated computer system, the integrated computer system implements a method for managing, visualizing, and monetizing data streams across enterprise internal and/or external systems and/or products, the method comprising the one or more processors executing:
the data stream ecosystem software module to: define, monitor, and manage data streams that facilitate movement of data packets between enterprise services, enterprise APIs, and the enterprise internal and/or external systems and/or products; track metadata and operational attributes of the data streams to ensure visibility, traceability, and compliance with organizational policies; provide tools for real-time monitoring, inspection, and visualization of the data streams and their associated metadata; enable users to map relationships between the data streams, data sources, and consuming systems for analytical or operational purposes; and enable secure connections to the data streams from internal and/or external systems and/or products through various interfaces across networks or domains; the data stream manipulator registry environment software module to: host an inventory of reusable data manipulation functions for transformation, enrichment, and augmentation of the data streams; enable third-party developers or implementors to create, contribute, license, deploy, and distribute the reusable data manipulation functions directly and/or through an integrated marketplace; and provide a framework for selecting, applying, and automating the reusable data manipulation functions to modify or enhance the data streams in real-time or on a scheduled basis; and the data stream license purchase software module to: facilitate secure access to the data streams by managing user and entity permissions through formalized access agreements; and enable monetization of data stream access through subscription-based or pay-per-use licensing models.
Claim 3:
A non-transitory computer-readable storage medium, having encoded thereon program code comprising a management platform software module, a multi-factor authentication (MFA) software module, a product license purchase software module, a data model registry software module, a gateway control system software module, a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, wherein, when the program code is executed by one or more processors of an integrated computer system, the integrated computer system implements a method for the integrated computer system to enable an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the method comprising the one or more processors executing: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality; the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner; the management platform software module to: enable further division of the accounts within the one organization into domains; map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products; the data model registry software module to enable the implementor to maintain an inventory of possible data types originating from the external systems and/or external products of the implementor along with associated metadata for robust searching, filtering, and visualization of relationships between the data types; the gateway control system software module to enable validation that an incoming request from one of the users, the external systems, and/or the external products maps to a specific one of the data types as stored in the one or more data model registry processors before allowing the incoming request to proceed to any intended destination;
the data stream ecosystem software module to enable the implementor to define data streams and connect the external systems and/or the external products to the data streams to move data packets between the external systems and/or the external products; the data stream ecosystem software module to enable the implementor to track metadata about the data streams, to inspect the data streams, to manipulate the data streams, to visualize the data packets within the data streams, to visualize inventory of the data streams, and to visualize relationships between the data streams; the gateway control system software module, the management platform software module, and the data stream ecosystem software module to work in concert to (i) map the incoming request to the one or more management platform processors and/or any of the external systems and/or any of the external products, back to the user making the incoming request, and (ii) send audit data through one of the data streams for consumption by any of the one or more external systems and/or any of the one or more external products, wherein one of the computing devices connected to the one or more data processors is empowered to validate that one of the data packets maps to a specific one of the data types as stored in a computer-readable memory device of the one or more computer-readable memory devices associated with the data model registry software module before allowing the one data packet to enter one of the data streams; the data stream manipulator registry environment software module to enable persons not directly affiliated with the implementor to create, upload, and/or make available business agnostic functions represented as blocks of code, wherein the implementor is enabled to then browse, select, license, and/or attribute to one or more of the data streams or other elements of the one or more management platform processors to automate desired data changes and/or desired state changes, both one time and/or in an on-going manner; and the data stream license purchase software module to enable the implementor to request and gain access to at least one of the data streams in a formalized manner, wherein: the access to the data stream through the data stream license purchase software module can be monetized through a payment system; the common aspect corresponds to one of the accounts belonging to (i) a common entity external to an entity associated with the implementor and/or (ii) a common group within the entity associated with the implementor; and access to at least one of the external systems and/or at least one of the external products through the product license purchase software module is monetized through the payment system.
Claim 15:
wherein the storage medium further stores a management platform software module, wherein the one or more processors execute the management platform software module to: enable user identity and access management within the integrated computer system; enable a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain; map accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and authenticate and authorize the users and/or computing devices based on their roles and their permissions.
Claim 3:
A non-transitory computer-readable storage medium, having encoded thereon program code comprising a management platform software module … wherein, when the program code is executed by one or more processors of an integrated computer system, the integrated computer system implements a method for the integrated computer system to enable an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the method comprising the one or more processors executing: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality; the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner; the management platform software module to: enable further division of the accounts within the one organization into domains; map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products.
Claim 17:
wherein the storage medium further stores a management platform software module, wherein the one or more processors execute the management platform software module to: enable user identity and access management within the integrated computer system; enable a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain; map accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and authenticate and authorize the users and/or computing devices based on their roles and their permissions.
Claim 3:
A non-transitory computer-readable storage medium, having encoded thereon program code comprising a management platform software module … wherein, when the program code is executed by one or more processors of an integrated computer system, the integrated computer system implements a method for the integrated computer system to enable an implementor to integrate functionality into external systems and/or external products of the implementor to enable user identity and access management across the external systems and/or external products of the implementor, the method comprising the one or more processors executing: the management platform software module to: enable a unique pool of accounts and/or technical components which correspond to users and/or computing devices to be authenticated against the external systems and/or the external products; enable the authenticated accounts and/or the authenticated technical components to be authorized to perform particular functions within the external systems and/or the external products; enable a representation of the external systems and/or the external products to be mapped to identities, accesses, organizations, and permissions; and enable a representation of groups of the accounts organized by a common aspect, where the groups are able to request access to the external systems and/or the external products licensed by the groups; the MFA software module to enable various third-party MFA technologies to implement MFA functionality on the management platform software module, thereby enabling the accounts to use the MFA functionality; the product license purchase software module to enable an entity external to the implementor and represented by one of the organizations to request and gain access to at least one of the external systems and/or at least one of the external products in a formalized manner; the management platform software module to: enable further division of the accounts within the one organization into domains; map to the at least one external system and/or the at least one external product that has been licensed to the one organization enabling the accounts within the domains to inherit access to the at least one external system and/or the at least one external product; enable representation of personal information of one of the users that is inaccessible to any of the other users and/or any of the computing devices not associated with the one user without express permission of the one user; enable representation of identifying data that the one organization uses to manage users of the one organization without sacrificing security of the personal information of the one user unless allowed by the one user; enable representation of an action that can be taken against a target of any of the one or more external systems and/or any of the one or more external products as a permission, and map the representation of the action to one of the accounts and/or one of the technical components to guide authorization; enable creation of groupings of permissions that can be applied together to the one account and/or the one technical component as roles; and enable associated data to be communicated to any of the external systems and/or any of the external products for automated or manual enforcement of authentication and authorization configuration in the external systems and/or the external products.
Claims 4, 6, 10, 12, 16, and 18 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-3 of U.S. Patent No. 12,248,918 in view of Stickle et al. (US 9947033 B1).
Stickle discloses forming a proprietary and prescriptive platform that combines domain-specific metadata governance, validation, and data flow orchestration to create a unified data fabric; incorporating a federated data mesh framework that dynamically connects distributed data sources to enable aggregation, integration, and dissemination of data both within and across domains (see Fig. 1; col. 1, line 63 – col. 4, line 20; col. 5, lines 32-40; col. 8, line 61 – col. 9, line 31; col. 12, lines 42-67; and col. 14, lines 33-67); enable the data streams, domain metadata, and associated functions to be programmatically managed to enable enterprise-wide scalability, traceability, and monetization of data operations; and track usage metrics and generate billing information for authorized access to the data streams and associated services (see Fig. 1; col. 1, line 63 – col. 4, line 54; col. 8, line 61 – col. 9, line 31; col. 12, lines 42-67; col. 13, lines 39-67; and col. 14, lines 33-67).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the subject matter of Stickle in the 918 patent. Moreover, in order to improve the flexibility and efficiency of the 918 patent, one of ordinary skill in the art would have been motivated to form a platform to perform different functions associated with managing and distributing of data streams, so that the data streams can be effectively distributed to the required users.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
In this instance, claims 1-6 are directed to a system comprising one or more processors and one or more computer-readable memory devices, claims 7-12 are directed to a method, and claims 13-18 are directed to a non-transitory computer-readable storage medium. Therefore, claims 1-18 fall within the four statutory categories of invention.
Claim 1 as a whole is directed to managing data streams and data stream access, and monetizing the data stream access. In particular, the claim recites managing the data streams, tracking information associated with the data streams, providing tools, enabling users to map relationships, enabling secure connections, hosting an inventory of functions, enabling developers to manage the functions, providing a framework to utilize the functions, controlling the access of the data streams based on the access agreements, and enabling monetization of the access data streams via subscription or pay-per-use licensing. Therefore, the claim falls under the “Certain Methods of Organizing Human Activity” and/or “Mental Processes” groupings of abstract ideas in Step 2A Prong One (MPEP 2106.04(a)(d)) because the claim involves the steps for managing data streams and data stream access, and monetizing the data stream access, which could be a process related to managing personal behavior or relationships or interactions between people and/or commercial interactions. Additionally, the steps of defining, monitoring, and managing data streams; tracking metadata and operational attributes of the data streams; facilitating secure access by managing user and entity permissions through access agreements; and enabling monetization of data stream access can be performed by the human mind. More specifically, the following underlined claim elements recite an abstract idea while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a).
Claim 1 recites “[a]n integrated computer system for managing, visualizing, and monetizing data streams across enterprise internal and/or external systems and/or products, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, wherein the one or more processors are configured to execute: the data stream ecosystem software module to: define, monitor, and manage data streams that facilitate movement of data packets between enterprise services, enterprise APIs, and the enterprise internal and/or external systems and/or products; track metadata and operational attributes of the data streams to ensure visibility, traceability, and compliance with organizational policies; provide tools for real-time monitoring, inspection, and visualization of the data streams and their associated metadata; enable users to map relationships between the data streams, data sources, and consuming systems for analytical or operational purposes; and enable secure connections to the data streams from internal and/or external systems and/or products through various interfaces across networks or domains; the data stream manipulator registry environment software module to: host an inventory of reusable data manipulation functions for transformation, enrichment, and augmentation of the data streams; enable third-party developers or implementors to create, contribute, license, deploy, and distribute the reusable data manipulation functions directly and/or through an integrated marketplace; and provide a framework for selecting, applying, and automating the reusable data manipulation functions to modify or enhance the data streams in real-time or on a scheduled basis; and the data stream license purchase software module to: facilitate secure access to the data streams by managing user and entity permissions through formalized access agreements; and enable monetization of data stream access through subscription-based or pay-per-use licensing models.”
This judicial exception is not integrated into a practical application because, when analyzed under Step 2A Prong Two (MPEP 2106.04(d)), the non-underlined additional elements — an integrated computer system comprising one or more processors and one or more computer-readable memory devices, internal and/or external systems, a data stream ecosystem software module, a data stream manipulator registry environment software module, a data stream license purchase software module, and interfaces across networks or domains in claim 1 — perform managing data streams and data stream access, and monetizing the data stream access. The additional element of an integrated computer system is merely recited as a regular computer system comprising one or more processors and one or more computer-readable memory devices. The additional elements of a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module are merely recited as software instructions/applications stored in the one or more memory devices. The one or more processors included in the system execute these software instructions/applications to perform the abstract idea. Merely adding generic computer components to perform the abstract idea does not integrate the abstract idea into a practical application. The additional elements of internal and/or external systems are merely recited as participants of the system. The additional elements of interfaces across networks or domains are common features used in a system. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)); the claim does not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)); and the claim does not apply or use the abstract idea in some other meaningful ways beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claim does not, for example, purport to improve the functioning of a computer. Nor does it effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea. Claim 1 as a whole, judging from the additional elements individually and in combination, does not integrate the judicial exception into a practical application. Therefore, claim 1 as a whole fails to recite a practical application of the abstract idea.
Claim 1 does not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under Step 2B (MPEP 2106.05), using an integrated computer system comprising one or more processors and one or more computer-readable memory devices, internal and/or external systems, a data stream ecosystem software module, a data stream manipulator registry environment software module, a data stream license purchase software module, and interfaces across networks or domains to perform managing data streams and data stream access, and monetizing the data stream access amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using generic computer components cannot provide an inventive concept beyond the recited abstract idea. The additional element of an integrated computer system is merely recited as a regular computer system comprising one or more processors and one or more computer-readable memory devices. The additional elements of a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module are merely recited as software instructions/applications stored in the one or more memory devices. The one or more processors included in the system execute these software instructions/applications to perform the abstract idea. The additional elements of internal and/or external systems are merely recited as participants of the system. The additional elements of interfaces across networks or domains are common features used in a system. As discussed above, taking the additional elements separately, these additional elements perform the steps or functions that correspond to the actions required to perform the abstract idea. Therefore, the additional claim elements, when considered individually and in combination, fail to recite significantly more than the abstract idea.
Accordingly, claim 1 is rejected as being directed toward patent-ineligible subject matter.
Claim 7 recites the abstract idea similar to that discussed above in connection with claim 1. As discussed above, the additional elements of an integrated computer system comprising one or more processors and one or more computer-readable memory devices, internal and/or external systems, a data stream ecosystem software module, a data stream manipulator registry environment software module, a data stream license purchase software module, and interfaces across networks or domains do not integrate the judicial exception into a practical application and fail to recite significantly more than the abstract idea.
Claim 13 recites the abstract idea similar to that discussed above in connection with claim 1. As discussed above, the additional elements of an integrated computer system comprising one or more processors, internal and/or external systems, a data stream ecosystem software module, a data stream manipulator registry environment software module, a data stream license purchase software module, and interfaces across networks or domains do not integrate the judicial exception into a practical application and fail to recite significantly more than the abstract idea.
Claims 2-6, 8-12, and 14-18 have also been considered for subject-matter eligibility. However, these claims fail to recite patent-eligible subject matter for the following reasons:
Claim 2 as a whole is directed to data governance and validation. In particular, the claim recites maintaining an inventory of data components and data schemas, enabling versioning of the data components and data schemas, providing tools for visualizing relationships, serving the data components to other system components, validating the data packages, enforcing data governance policies, generating logs of validation results, and ensuring secure routing of authorized data. Therefore, the claim falls under the “Certain Methods of Organizing Human Activity” and/or “Mental Processes” groupings of abstract ideas in Step 2A Prong One (MPEP 2106.04(a)(d)) because the claim involves the steps for data governance and validation, which could be a process related to managing personal behavior or relationships or interactions between people. Additionally, the steps of enabling versioning of the data components and the data schemas, and validating the data packets can be performed by the human mind. More specifically, the following underlined claim elements recite an abstract idea while the non-underlined claim elements recite additional elements according to MPEP 2106.04(a).
Claim 2 recites “wherein the one or more computer-readable memory devices further store a data model registry software module and a gateway control system software module for enterprise data governance and validation, wherein the one or more processors are configured to execute: the data model registry software module to: maintain an inventory of data components and data schemas organized by domains, each domain corresponding to a logical grouping of enterprise data; enable versioning of the data components and the data schemas to track changes over time; provide tools for visualizing relationships between the data components and the data schemas and facilitating search, filtering, and retrieval of the data components and the data schemas based on domain-specific attributes; and serve the data components to other system components or external systems for use in validating and processing the data streams; and the gateway control system software module to: validate the data packets of the data streams and application programming interface (API) requests against the data components stored in the data model registry software module; enforce data governance policies by blocking or flagging non-conforming or unauthorized data packets from entering or continuing within the data streams in the integrated computer system; generate logs of validation results for auditing and compliance purposes; and ensure secure, domain-specific routing of conforming or authorized data to authorized system components, data streams, or internal and/or external destinations.”
This judicial exception is not integrated into a practical application because, when analyzed under Step 2A Prong Two (MPEP 2106.04(d)), the non-underlined additional elements — one or more computer-readable memory devices, one or more processors, a data model registry software module, other system components or external systems, a gateway control system software module, and an integrated computer system in claim 2 — perform data governance and validation. One or more processors and one or more computer-readable memory devices are regular computer components. The integrated computer system is a regular computer system. The additional elements of a data model registry software module and a gateway control system software module are merely recited as software instructions/applications stored in the one or more memory devices. The one or more processors included in the system execute these software instructions/applications to perform the abstract idea. Merely adding generic computer components to perform the abstract idea does not integrate the abstract idea into a practical application. The additional elements of other system components or external systems are merely recited as components included in the system. The additional elements do not involve improvements to the functioning of a computer, or to any other technology or technical field (MPEP 2106.05(a)); the claim does not apply the abstract idea with, or by use of, a particular machine (MPEP 2106.05(b)); and the claim does not apply or use the abstract idea in some other meaningful ways beyond generally linking the use of the abstract idea to a particular technological environment, such that the claim as a whole is more than a drafting effort designed to monopolize the exception (MPEP 2106.05(e) and Vanda Memo). Therefore, the claim does not, for example, purport to improve the functioning of a computer. Nor does it effect an improvement in any other technology or technical field. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea. Claim 2 as a whole, judging from the additional elements individually and in combination, does not integrate the judicial exception into a practical application. Therefore, claim 2 as a whole fails to recite a practical application of the abstract idea.
Claim 2 does not include additional elements that are sufficient to amount to significantly more than the judicial exception because, when analyzed under Step 2B (MPEP 2106.05), using one or more computer-readable memory devices, one or more processors, a data model registry software module, other system components or external systems, a gateway control system software module, and an integrated computer system to perform data governance and validation amounts to no more than mere instructions to apply the exception using generic computer components. Mere instructions to apply an exception using generic computer components cannot provide an inventive concept beyond the recited abstract idea. One or more processors and one or more computer-readable memory devices are regular computer components. The integrated computer system is a regular computer system. The additional elements of a data model registry software module and a gateway control system software module are merely recited as software instructions/applications stored in the one or more memory devices. The one or more processors included in the system execute these software instructions/applications to perform the abstract idea. The additional elements of other system components or external systems are merely recited as components included in the system. As discussed above, taking the additional elements separately, these additional elements perform the steps or functions that correspond to the actions required to perform the abstract idea. Therefore, the additional claim elements, when considered individually and in combination, fail to recite significantly more than the abstract idea.
Accordingly, claim 2 is rejected as being directed toward patent-ineligible subject matter.
Claim 8 recites the abstract idea similar to that discussed above in connection with claim 2. As discussed above, the additional elements of one or more computer-readable memory devices, one or more processors, a data model registry software module, other system components or external systems, a gateway control system software module, and an integrated computer system do not integrate the judicial exception into a practical application and fail to recite significantly more than the abstract idea.
Claim 14 recites the abstract idea similar to that discussed above in connection with claim 2. As discussed above, the additional elements of one or more computer-readable memory devices, one or more processors, a data model registry software module, other system components or external systems, a gateway control system software module, and an integrated computer system do not integrate the judicial exception into a practical application and fail to recite significantly more than the abstract idea.
Claims 3, 5, 9, 11, 15, and 17 recite authenticating users based on the roles and permissions, which falls under the “Certain Method of Organizing Human Activity” and/or “Mental Processes” groupings of abstract ideas. The additional elements of one or more computer-readable memory devices, a management platform software module, one or more processors, an integrated computer system, and computer devices are recited at a high level of generality such that they amount to no more than mere instructions to apply the exception using generic computer components. These additional elements do not integrate the judicial exception into a practical application and do not offer significantly more than the abstract idea.
Claims 4, 6, 10, 12, 16, and 18 recite managing data flow and billing information, which falls under the “Certain Method of Organizing Human Activity” and/or “Mental Processes” groupings of abstract ideas. The additional element of an integrated computer system is recited at a high level of generality such that it amounts to no more than mere instructions to apply the exception using generic computer components. The additional element does not integrate the judicial exception into a practical application and does not offer significantly more than the abstract idea.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 6-7, 12-13, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Stickle et al. (US 9947033 B1) in view of Baitalmal et al. (US 20090037492 A1).
Claims 1, 7, and 13:
Stickle discloses the following:
an integrated computer system for managing, visualizing, and monetizing data streams across enterprise internal and/or external systems and/or products, the integrated computer system comprising one or more processors and one or more computer-readable memory devices storing a data stream ecosystem software module, a data stream manipulator registry environment software module, and a data stream license purchase software module, wherein the one or more processors are configured to execute. (See Fig. 1; col. 1, line 63 – col. 2, line 51, “[i]ndividuals, companies or organizations may provide streaming data to the streaming data marketplace as streams, and customers may subscribe to receive the streaming data…. Browsing and purchasing options may be provided for display to a customer of the streaming data to browse and purchase streaming data from one or more of the streaming data sellers…. The multi-streaming data service 132 includes an analysis module 135 to process the incoming data streams and may provide this processed information for purchase or subscription through a purchase module 138 to a customer 150 through real-time dashboards, alerts, recommendations and so forth”; Fig. 4; col. 8, line 35 – col. 9, line 6, “[t]he system may include any number of modules useful for enabling or providing the streaming data marketplace in the service provider environment 410. For example, the system may include an analysis module 430 to analyze streaming data in real time…. The system may include a permissions module to manage permissions. For example, the permissions module may define permissions that enable other publishers/resellers/customers at nodes in the social graph separated by three degrees of separation or less to access and utilize the streaming data. Various licensing terms may be associated with permissions to restrict how the streaming data may be used, resold, etc. after being consumed by a publisher/reseller/customer with the appropriate permissions”; Fig. 9; and col. 18, lines 22-37, “[t]he computing device 910 may include one or more processors 912 that are in communication with memory devices 920…. The memory device 920 may contain modules 930 that are executable by the processor(s) and data for the modules. A data store 922 may also be located in the memory device 920 for storing data related to the modules and other applications along with an operating system that is executable by the processor(s) 912.”)
the data stream ecosystem software module to: define, monitor, and manage data streams that facilitate movement of data packets between enterprise services, enterprise APIs, and the enterprise internal and/or external systems and/or products. (See Fig. 1; col. 1, line 63 – col. 4, line 4, “[i]ndividuals, companies or organizations may provide streaming data to the streaming data marketplace as streams, and customers may subscribe to receive the streaming data…. The multi-streaming data service 132 includes an analysis module 135 to process the incoming data streams and may provide this processed information for purchase or subscription through a purchase module 138 to a customer 150 through real-time dashboards, alerts, recommendations and so forth…. The electronic retailers may combine the shipping address with the bitcoin transaction data to create correlated data and republish the combined data as a combined data stream. A group of telecommunications providers may subscribe downstream to the combined data stream and be able to correlate the IP (Internet Protocol) addresses of the transactions to countries of origin. Government agencies may be able to subscribe downstream and correlate tax transaction data to help identify transaction participants…. The present technology may provide the streaming data marketplace 130 in a service provider environment 100 as a service for organizing, enabling, creating and marketing streaming analytics chains with multiple vendor relationships. For example, at a top level in the chain, a data publisher may publish a raw data stream…. Subsequent customers may attempt to join at any point in the chain or may request to consume data from any point in the chain. Subsequent customers may optionally obtain permission from one or each upstream participant to obtain access as a reseller and to validate the resale price”; and col. 11, lines 46-64, “[a]n application program interface (API) may be provided for each module to enable a second module to send requests to and receive output from the first module. Such APIs may also allow third parties to interface with the module and make requests and receive output from the modules.” By the broadest reasonable interpretation, the data stream ecosystem software module is software/application/instructions executed by the one or more processors to perform the defined functionalities. The software/application/instructions that perform the same steps as claimed could be interpreted as the data stream ecosystem software module.)
track metadata and operational attributes of the data streams to ensure visibility, traceability, and compliance with organizational policies; provide tools for real-time monitoring, inspection, and visualization of the data streams and their associated metadata. (See col. 3, line 45 – col. 4, line 4, “[f]or example, the publisher may set a policy whereby potential chain members request access to join the chain as resellers or streaming data sources 105…. Once granted permission, the customer 150 may add a consumer process as a combination module 140 that will enhance the data from the analysis module, such as through correlation or combination with other data, and the customer 150 may republish the data as a combined data stream”; col. 8, line 35 – col. 9, line 31, “[t]he system may include a purchase module 445 to enable customers to subscribe to and purchase data from one or more publishers or resellers of data streams. The system may further include a page module 455 to provide pages for display to a client device, including analytics information, alerts, statistics, charts and so forth as may be available from the streaming data marketplace…. For example, the permissions module may define permissions that enable other publishers/resellers/customers at nodes in the social graph separated by three degrees of separation or less to access and utilize the streaming data…. The data store 415 may also include a configuration data store 428 to store configuration data, such as, for example, permissions associated with a particular data stream, permissions held by customers and so forth. Other example configuration data may include state information of a data stream, tags in the stream, which chunk of the stream is going to be consumed and so forth”; and col. 14, lines 33-67, “[f]he permissions of the present technology may enable publishers to ensure there is an agreement of relationship. The publisher that originates the data thus may retain some control over where the data goes, who has access to the data, how the data is used and so forth…. Alternatively, a portion or an entirety of publishers or data sellers in the upstream chain may be displayed or available for display to the customer…. The publishers or links in the chain may be provided for display to the customer for the customer to know which publishers to add as a node on social graph or from which publishers to request permission in order to consume the data.”)
enable users to map relationships between the data streams, data sources, and consuming systems for analytical or operational purposes. (See col. 2, line 52 – col. 3, line 31, “[a]s the data from each of these entities is correlated and combined with the raw data, the data stream may become more valuable…. The electronic retailers may combine the shipping address with the bitcoin transaction data to create correlated data and republish the combined data as a combined data stream…. The combination module 140 may be used to correlate the streaming data and the other data and to combine and republish the combined data stream. At least one of the data sources combined to create the combined data stream may be one of the streaming data sources 105”; col. 3, line 45 – col. 4, line 53, “[t]he present technology may provide the streaming data marketplace 130 in a service provider environment 100 as a service for organizing, enabling, creating and marketing streaming analytics chains with multiple vendor relationships…. Once granted permission, the customer 150 may add a consumer process as a combination module 140 that will enhance the data from the analysis module, such as through correlation or combination with other data, and the customer 150 may republish the data as a combined data stream. Subsequent customers may attempt to join at any point in the chain or may request to consume data from any point in the chain…. In some examples, rather than simply publishing the combined data resulting from the combination of data from sources 2-3 115, 120 and 5 145, the customer may perform analytics on the combined data stream, source 4 125, to obtain a derivative of source 4 125 and publish the derivative stream to the streaming data marketplace 130 for consumption by other customers. The customer 150 may use the combined data stream, source 4 125, for the customer's own purposes or may make the combined data stream available for consumption by other customers, either publicly or with restricted access”; and col. 12, lines 42-67, “[t]he combination of data sources may be chain-like, with one source linking to another. The chain may include any number of branches and may form a hierarchical tree structure. Any number of chains may be present which may be independent of one another or may be linked together at one or more links in the chains.”)
enable secure connections to the data streams from internal and/or external systems and/or products through various interfaces across networks or domains. (See col. 3, line 45 – col. 4, line 4, “[f]or example, the publisher may set a policy whereby potential chain members request access to join the chain as resellers or streaming data sources 105. When a customer registers with the streaming data marketplace 130 the customer 150 may apply to join the analytics chain as a reseller. The customer may propose a reseller price that the owner of the chain may approve or reject…. Subsequent customers may optionally obtain permission from one or each upstream participant to obtain access as a reseller and to validate the resale price”; col. 11, lines 5-12, “[t]he client device(s) 470 may communicate with the computing device over any appropriate network, including an intranet, the Internet, a cellular network, a local area network (LAN), a wide area network (WAN), a wireless data network or a similar network or combination of networks”; col. 15, lines 11-33, “[t]he use of cryptographic tokens may enable a customer to ensure the accuracy of stated sources in a chain of data sources. The method may include requesting permission on behalf of a customer and/or in response to a request received from a customer, from a single link in the chain to access the combined stream of data, or from multiple of the links in the chain to access the combined stream of data”; col. 18, lines 51-60, “[n]etworking devices 916 and similar communication devices may be included in the computing device 910. The networking devices 916 may be wired or wireless networking devices 916 that connect to the internet, a LAN, WAN, or other computing network”; and col. 20, lines 35-49, “[a] web service may have an interface described in a machine-processable format, such as the Web Services Description Language (WSDL). Other systems may interact with the web service in a manner prescribed by the description of the web service's interface. For example, the web service may define various operations that other systems may invoke, and may define a particular application programming interface (API) to which other systems may be expected to conform when requesting the various operations.”)
the data stream manipulator registry environment software module to: host an inventory of reusable data manipulation functions for transformation, enrichment, and augmentation of the data streams; enable third-party developers or implementors to create, contribute, […], deploy, and distribute the reusable data manipulation functions directly and/or through an integrated marketplace. (See col.1, lines 5-33, “[a]uch a service enables developers to write applications that process information in real-time from sources such as web site click-streams, marketing and financial information, manufacturing instrumentation and social media, operational logs, metering data and so forth…. Applications can be built which respond to changes in the streaming data in seconds, at any scale”; Fig. 1; col 2, lines 28-51, “[t]he multi-streaming data service 132 may be able to collect and process hundreds of terabytes of data per hour from thousands of sources, allowing developers to write applications that process information in real-time or near real time with relatively low latency, from sources such as web site click-streams, marketing and financial information, manufacturing instrumentation and social media, operational logs, metering data and so forth…. Based on the analyzed data, developers can build applications which respond to changes in a data stream in seconds or even less time, at any scale, while paying for the resources actually used”; and col. 3, line 15 – col. 4, line 4, “FIG. 1 illustrates that the streaming data marketplace 130 further includes a combination module 140. The combination module 140 may be used to combine data from a data source (e.g., source 5 145) with one or more of the streaming data sources 105 available through the streaming data marketplace 130. The combination module 140 may be used to correlate the streaming data and the other data and to combine and republish the combined data stream.” By the broadest reasonable interpretation, the data stream manipulator registry environment software module is software/application/instructions executed by the one or more processors to perform the defined functionalities. The software/application/instructions that perform the same steps as claimed could be interpreted as the data stream manipulator registry environment software module.)
provide a framework for selecting, applying, and automating the reusable data manipulation functions to modify or enhance the data streams in real-time or on a scheduled basis. (See Fig. 1; col 2, lines 28-51, “[b]ased on the analyzed data, developers can build applications which respond to changes in a data stream in seconds or even less time, at any scale, while paying for the resources actually used”; and col. 3, line 15 – col. 4, line 4, “FIG. 1 illustrates that the streaming data marketplace 130 further includes a combination module 140. The combination module 140 may be used to combine data from a data source (e.g., source 5 145) with one or more of the streaming data sources 105 available through the streaming data marketplace 130. The combination module 140 may be used to correlate the streaming data and the other data and to combine and republish the combined data stream…. Once granted permission, the customer 150 may add a consumer process as a combination module 140 that will enhance the data from the analysis module, such as through correlation or combination with other data, and the customer 150 may republish the data as a combined data stream.”)
the data stream license purchase software module to: facilitate secure access to the data streams by managing user and entity permissions through formalized access agreements. (See col. 3, line 45 – col. 4, line4, “[t]he streaming data marketplace 130 enables the publisher to define a policy describing how customers can consume the raw data stream or how the customers may add themselves to the streaming data and republish the modified data to form a chain. For example, the publisher may set a policy whereby potential chain members request access to join the chain as resellers or streaming data sources 105”; col. 8, line 61 – col. 9, line 31, “[t]he system may include a permissions module to manage permissions. For example, the permissions module may define permissions that enable other publishers/resellers/customers at nodes in the social graph separated by three degrees of separation or less to access and utilize the streaming data. Various licensing terms may be associated with permissions to restrict how the streaming data may be used, resold, etc. after being consumed by a publisher/reseller/customer with the appropriate permissions…. The data store 415 may also include a configuration data store 428 to store configuration data, such as, for example, permissions associated with a particular data stream, permissions held by customers and so forth”; and col. 13, lines 30-39, “[o]ne aspect of granting permission may involve setting and agreeing on a price for the data.” By the broadest reasonable interpretation, the data stream license purchase software module is software/application/instructions executed by the one or more processors to perform the defined functionalities. The software/application/instructions that perform the same steps as claimed could be interpreted as the data stream license purchase software module.)
enable monetization of data stream access through subscription-based or pay-per-use licensing models. (See col. 2, lines 28-51, “[t]he multi-streaming data service 132 includes an analysis module 135 to process the incoming data streams and may provide this processed information for purchase or subscription through a purchase module 138 to a customer 150 through real-time dashboards, alerts, recommendations and so forth”; col. 5, lines 19-31, “[e]ach of sources 2-4 may thus represent optional enhancements to data from source 1 to which a customer may select whether to subscribe. A customer may pay for a subscription and/or a defined amount of data from any one of the outputs 240 illustrated here.”)
Stickle does not explicitly disclose developers or implementors to license the reusable data manipulation functions.
However, Baitalmal, an analogous art of creating and distributing applications, discloses developers or implementors to license the reusable functions (i.e., a software application). (See paragraph [0226], “[f]or example, if a developer builds a web-based application based on the Linux, Apache HTTP server, MySQL, and PHP (LAMP) web development environment, the web-based application can be used in the AOP framework with little or no code changes”; paragraph [0417], “[t]his might be the case where a developer can license a first software application, write more code to add value to it, and resell the enhanced software application to the marketplace.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the subject matter of Baitalmal in the Stickle system. Moreover, in order to improve the efficiency of the Stickle system, one of ordinary skill in the art would have been motivated to allow the developers to license the software application, so that the software application can be effectively implemented based on the licensing information.
Claims 6, 12, and 18:
Stickle in view of Baitalmal discloses the limitations shown above.
Stickle further discloses the following:
forming a proprietary and prescriptive platform that combines domain-specific metadata governance, validation, and data flow orchestration to create a unified data fabric; incorporating a federated data mesh framework that dynamically connects distributed data sources to enable aggregation, integration, and dissemination of data both within and across domains. (See Fig. 1; col. 1, line 63 – col. 4, line 20, “[i]ndividuals, companies or organizations may provide streaming data to the streaming data marketplace as streams, and customers may subscribe to receive the streaming data…. For example, a group of electronic or internet retailers who accept bitcoin transactions may have a shipping address that may correlate with the bitcoin address. The electronic retailers may combine the shipping address with the bitcoin transaction data to create correlated data and republish the combined data as a combined data stream. A group of telecommunications providers may subscribe downstream to the combined data stream and be able to correlate the IP (Internet Protocol) addresses of the transactions to countries of origin. Government agencies may be able to subscribe downstream and correlate tax transaction data to help identify transaction participants…. For example, the publisher may set a policy whereby potential chain members request access to join the chain as resellers or streaming data sources 105…. Once granted permission, the customer 150 may add a consumer process as a combination module 140 that will enhance the data from the analysis module, such as through correlation or combination with other data, and the customer 150 may republish the data as a combined data stream”; col. 5, lines 32-40, “[f]or example, any number of streaming data sources may be available as independent sources, with any number of independent or dependent sources available in a chain, mesh or other connected structure, and may combine in any manner desired by or useful to customers”; col. 8, line 61 – col. 9, line 31; col. 12, lines 42-67; and col. 14, lines 33-67);
enable the data streams, domain metadata, and associated functions to be programmatically managed to enable enterprise-wide scalability, traceability, and monetization of data operations; and track usage metrics and generate billing information for authorized access to the data streams and associated services. (See Fig. 1; col. 1, line 63 – col. 4, line 54; col. 8, line 61 – col. 9, line 31; col. 12, lines 42-67; col. 13, lines 39-67; and col. 14, lines 33-67.)
Claims 5, 11, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Stickle et al. (US 9947033 B1) in view of Baitalmal et al. (US 20090037492 A1), and further in view of Yu et al. (CN 108268795 A).
Claims 5, 11, and 17:
Stickle in view of Baitalmal discloses the limitations shown above.
Stickle further discloses enabling user identify and access management within the integrated computer system. (See col. 17, line 59 – col. 18, line 2.)
Neither Stickle nor Baitalmal explicitly discloses the following:
enabling a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain;
mapping accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and
authenticating and authorize the users and/or computing devices based on their roles and their permissions.
However, Yu, an analogous art of managing users to access a system, discloses enabling a representation of groups of the users and groups of computing devices organized by common aspects such as organization and/or domain; mapping accounts corresponding to user identities and/or technical components corresponding to computing devices to organization-specific and/or domain-specific roles and permissions for secure and governed interaction with system resources and data; and authenticating and authorize the users and/or computing devices based on their roles and their permissions. (See Abstract, “[t]he role for receiving the account number of the enterprise document administrator type authorizes instruction and the user terminal is set as corresponding user role type so that the user terminal has the corresponding authority of corresponding user role type; The user terminal permission of the user terminal is calculated according to the user role type of the user terminal”; Section of Specific Embodiment, pages 8-10, “[w]herein, each user role type includes the different operating right (user role i.e. in step 102 The corresponding authority of type), it is as follows: Enterprise document safety officer: Possess security document management backstage whole menu function … Department document security administrator: Possess security document management backstage part menu function … Ordinary user: Possess document security back partition menu function … Log audit administrator: Possess security document management backstage part menu function…. 202: The role for receiving the account number of the enterprise document administrator type authorizes instruction and is authorized according to the role The user terminal is set as corresponding user role type by instruction so that the user terminal has corresponding user The corresponding authority of character types; 203: It receives user role type and authorizes instruction and root for the department role of the account number of department document security administrator Instruction is authorized according to the department role, the user terminal is set as corresponding user role type so that the user terminal Corresponding authority with corresponding user role type.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the subject matter of Yu in the Stickle system as modified. Moreover, in order to improve the efficiency of the Stickle system as modified, one of ordinary skill in the art would have been motivated to group users based on the user types and map the user accounts with different permissions based on the types, so that the system can effectively manage the permissions for different types of users.
Allowable Subject Matter
Claims 2-4, 8-10, and 14-16 are objected to as being dependent upon the rejected base claims 1, 7, and 13, respectively. These claims would be allowable if the double patenting and the 101 rejection, set forth in this office action, are overcome and, if rewritten in independent form, including all of the limitations of the base claim and any intervening claims. The reason for allowance will be furnished upon allowance of the application.
Conclusion
The prior art, made of record and not relied upon, is considered pertinent to the applicant’s disclosure.
Ford et al. (US 20150310188 A1) discloses managing digital rights management (DRM) protected content sharing in a networked secure collaborative computer data exchange environment through a secure exchange facility managed by an intermediate organizational entity among users of a plurality of other organizational entities, wherein computer data content and access rights for the computer data content are shared between a first user and second user, the computer data content and access rights for the computer data content are transformed into a DRM-protected computer data content through communications with a DRM engine, wherein the DRM engine is selected based on a content type of the computer data content, and the DRM engine is provided by an entity other than the intermediate organizational entity and other than any of the plurality of other organizational entities.
Hill et al. (CN 103562947 A) discloses that a content management system couples DRM protection of content items with a digital content store to allow content items to be transferred or resold from one user to another.
Jung et al. (US 12438727 B1) discloses storing the layouts of the digital assets and authenticating the digital assets based on the stored layouts.
Bentkofsky et al. (US 20120095974 A1) discloses validating whether data packages are consistent with the predefined schemas.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHUNLING DING, whose telephone number is (571)270-3605. The examiner can normally be reached 9:30 - 7:30 M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, an applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neha Patel, can be reached at 571-270-1492. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/CHUNLING DING/Primary Examiner, Art Unit 3699