DETAILED ACTION
1. This office action is in response to application 19,053,161 filed on 2/13/2025. Claims 1-20 are pending in this office action.
Notice of Pre-AIA or AIA Status
2. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Double Patenting
3. The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1, 2, 4, 5, 7-9, 11, 12, 14-16, 18 and 19 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 4, 6, 2, and 8 of U.S. Patent No. 11,934,548 in view of US 2012/0311674 (hereinafter Hockings). Although the claims at issue are not identical, they are not patentably distinct from each other because the limitations in bold are the same and the differences would have been obvious to an artisan of ordinary skill in the art in view of Hockings. Hockings discloses access to a resource of the database server (See paragraphs 0041-0045, note the users access the external systems or applications through the portal which authenticates users and prevents unauthorized use of resources based on the security policy) and determine that the access condition is met based on the external access policy and the internal access policy indicating a grant of access (See paragraphs 0055-0060 note data can be returned to the user directly based on the internal caching and external authorization which directs the internal decision). It would have been obvious to an artisan of ordinary skill in the pertinent at the time the instantly claimed invention was filed to have incorporated the teaching of Hockings into the system of U.S. Patent No 11,934,548. The modification would have been obvious because the two references are concerned with the solution to problem of data management via policies (See Hockings and U.S. Patent No 11,934,548 abstracts), therefore there is an implicit motivation to combine these references (i.e. motivation from the references themselves). In other words, the ordinary skilled artisan, during his/her quest for a solution to the cited problem, would look to the cited references at the time the invention was made. Consequently, the ordinary skilled artisan would have been motivated to combine the cited references since Hocking’s teaching would enable users of the U.S. Patent No 11,934,548 system to have more definitive indications of grant of access to system resources.
19/053,161 11,934, 548
1. A system that comprises: a processor; and a memory that stores program instructions executable to cause the processor to: receive, at a database server, an external access policy from a central policy storage; responsive to receiving, from a user device, a resource access request to access to a resource of the database server, determine an access condition based at least on the external access policy and an internal access policy; determine that the access condition is met based on the external access policy and the internal access policy indicating a grant of access; and provide, to the user device, access to the resource based at least on the access condition being met.
1. A system that comprises: a memory that stores program instructions; and a processing system, comprising at least one processor, configured to execute the program instructions that, when executed, cause the processing system to: receive at each of a plurality of database servers in the system, from a central policy storage managed externally to the plurality of database servers, a plurality of external access policies that correspond to users; in response to receiving the plurality of external access policies, store at each of the plurality of database servers, in a cache of a respective database, the plurality of external access policies that are received; responsive to a resource access request received from a device of a user that specifies a resource internal to the database server, determine an access condition via a policy engine of one of the database servers, based at least on one of the plurality of external access policies and one of a plurality of internal access policies; determine that both the one of the plurality of external access policies and the one of the plurality of internal access policies indicate a grant of access; and provide data associated with the resource to the device of the user based at least on the access condition being met to access the resource.
2. The system of claim 1, wherein the program instructions are executed to further cause the processor to: provide, by the database server, a policy pull request to the central policy storage based on at least one of: a starting or restarting of the database server; a periodicity condition; or a failover condition, wherein the policy pull request specifies provisioning of the external access policy to the database server.
4. The system of claim 1, wherein the program instructions, when executed, cause the processing system to: provide, over a network from the one of the database servers, a policy pull request to the central policy storage based on one or more of: a starting or restarting of the one of the database servers; a periodicity condition; or a failover condition; wherein the policy pull request specifies provision of the plurality of external access policies to the one of the database servers.
4. The system of claim 1, wherein the external access policy comprise a granular access policy for at least one of: the database server; a database; a database schema; a database table; a column of data; a database object; or a database-related operation.
6. The system of claim 1, wherein one or more of the plurality of external access policies comprise a granular access policy corresponding to at least one of a database server, a database, a database schema, a database table, a column of data, a database object, or a database-related operation.
5. The system of claim 1, wherein the program instructions are executed to further cause the processor to:
store the external access policy and the internal access policy in a hierarchical data structure of the database server, the hierarchical data structure comprising a plurality of nodes, each node comprising a Boolean expression.
2. The system of claim 1, wherein the plurality of internal access policies and the plurality of external access policies are stored in a hierarchical data structure in the cache.
7. The system of claim 1, wherein, to store the external access policy and the internal access policy, the program instructions are executed to cause the processor to: store the external access policy and the internal access policy in a cache of the database server.
8. The method of claim 7, wherein the plurality of internal access policies and the plurality of external access policies are stored in a hierarchical data structure in the cache.
Claims 8, 9, 11, 12, 14 are method claims substantially corresponding to the method of claims 1, 2, 4, 5 and 7 and are thus rejected for the same reasons as set forth in the rejection of claims 1, 2, 4, 5 and 7.
Claims 15, 16, 18 and 19 are computer readable medium claims substantially corresponding to the system of claims 1, 2, 4 and 5 and are thus rejected for the same reasons as set forth in the rejection of claims 1, 2, 4, and 5.
Claim Rejections - 35 USC § 102
4. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1, 4, 5, 7 8, 11, 12, 14, 15, 18 and 19 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by US 2012/0311674 (Hockings).
As for claim 1 Hockings discloses: A system that comprises: a processor; and a memory that stores program instructions executable to cause the processor to: (See paragraphs 0029-0035) receive at a database server, an external access policy from a central policy storage (See paragraphs 0041-0045, note the users access the external systems or applications through the portal which authenticates users and prevents unauthorized use of resources based on the security policy further See paragraphs 0006, and 0049-0053 note the authorization server includes a cache that stores authorization policies and the decision engine determines which policy to apply, if the policy is successful the new directive is stored at the authorization server for reuse); responsive to receiving, from a user device, a resource access request to access to a resource of the database server, determine an access condition based at least on the external access policy and an internal access policy (See paragraphs 0053-0057 note step 1 is to receive a request, all other actions are conducted in response to the received request including further note step 3 does an internal cache check for an access decision and if one does exist if not external authorization occurs); determine that the access condition is met based on the external access policy and the internal access policy indicating a grant of access; and provide, to the user device, access to the resource based at least on the access condition being met. (See paragraphs 0055-0060 note data can be returned to the user directly based on the internal caching and external authorization which directs the internal decision).
As for claim 4 the rejection of claim 1 is incorporated and further Hockings discloses: wherein the external access policy comprise a granular access policy for at least one of: the database server; a database; a database schema; a database table; a column of data; a database object; or a database-related operation. (See paragraphs 0044 and 0082 note the system uses granular access at the database object level).
As for claim 5 the rejection of claim 1 is incorporated and further Hockings discloses: wherein the program instructions are executed to further cause the processor to: store the external access policy and the internal access policy in a hierarchical data structure of the database server, the hierarchical data structure comprising a plurality of nodes, each node comprising a Boolean expression (See paragraph 0066 note the system combines the policies using a Boolean expression to determine authorization).
As for claim 7 the rejection of claim 1 is incorporated and further Hockings discloses: wherein the program instructions, wherein, to store the external access policy and the internal access policy, the program instructions are executed to cause the processor to: store the external access policy and the internal access policy in a cache of the database server. (See paragraphs 0049-0057 note the policies are cached and made available for reuse from storage, first the system checks the internal cache for stored policies and then the decision engine makes the decision).
Claims 8, 11, 12 and 14 are method claims substantially corresponding to the system of claims 1, 4, 5, and 7 and are thus rejected for the same reasons as set forth in the rejection of claims 1, 4, 5, and 7.
Claims 15, 18 and 19 are computer readable medium claims substantially corresponding to the system of claims 1, 4 and 5 and are thus rejected for the same reasons as set forth in the rejection of claims 1, 4 and 5.
Claim Rejections - 35 USC § 103
5. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 2, 3, 6, 9, 10, 13 16, 17 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Hockings as applied to claims 1, 8 and 15 above, and further in view of US 10,719,373 (hereinafter Koponen).
Per claims 2, 9, and 16 the rejection of claims 1, 8, and 15 are incorporated respectively and further Koponen discloses: provide, by the database server, a policy pull request to the central policy storage based on at least one of: a starting or restarting of the database server; a periodicity condition; or a failover condition, wherein the policy pull request specifies provisioning of the external access policy to the database server (See column 9 line 64 – column 10 line 10 note Koponen discloses that a pull request can be sent based on parameters or periodically via the local agent over a network). It would have been obvious to an artisan of ordinary skill in the pertinent at the time the instantly claimed invention was filed to have incorporated the teaching of Koponen into the system of Hockings. The modification would have been obvious because the two references are concerned with the solution to problem of data management via policies (See Koponen abstract and Hockings abstract), therefore there is an implicit motivation to combine these references (i.e. motivation from the references themselves). In other words, the ordinary skilled artisan, during his/her quest for a solution to the cited problem, would look to the cited references at the time the invention was made. Consequently, the ordinary skilled artisan would have been motivated to combine the cited references since Koponen’s teaching would enable users of the Hockings system to have more efficient processing of policy information.
Per claims 3, 10, and 17 the rejection of claims 2, 9 and 16 are incorporated respectively and further Koponen discloses: wherein the periodicity condition is based on an amount of time that has elapsed since a policy pull request was provided by the database server (See column 9 line 64 – column 10 line 10 note Koponen discloses that a pull request can be sent based periodically via the local agent over a network). It would have been obvious to an artisan of ordinary skill in the pertinent at the time the instantly claimed invention was filed to have incorporated the teaching of Koponen into the system of Hockings. The modification would have been obvious because the two references are concerned with the solution to problem of data management via policies (See Koponen abstract and Hockings abstract), therefore there is an implicit motivation to combine these references (i.e. motivation from the references themselves). In other words, the ordinary skilled artisan, during his/her quest for a solution to the cited problem, would look to the cited references at the time the invention was made. Consequently, the ordinary skilled artisan would have been motivated to combine the cited references since Koponen’s teaching would enable users of the Hockings system to have more efficient processing of policy information.
Per claims 6, 13, and 20 the rejection of claims 5, 12 and 19 are incorporated respectively, and further Koponen discloses: wherein, to determine that the access condition is met based on the external access policy and the internal access policy indicating the grant of access, the program instructions are executed to cause the processor to: recursively iterate over the hierarchical data structure to determine a Boolean value of a root node of the hierarchical data structure (See column 3 line 65-column 4 line 10 and column 30 lines 45-60 note the system will recursively work through the tree to determine which policies should be implemented based on the hash and any flags); and determine that the access condition is met based on the Boolean value of the root node of the hierarchical data structure (See column 22 lines 23-37 note the Boolean flag is used to determine the policy). It would have been obvious to an artisan of ordinary skill in the pertinent at the time the instantly claimed invention was filed to have incorporated the teaching of Koponen into the system of Hockings. The modification would have been obvious because the two references are concerned with the solution to problem of data management via policies (See Koponen abstract and Hockings abstract), therefore there is an implicit motivation to combine these references (i.e. motivation from the references themselves). In other words, the ordinary skilled artisan, during his/her quest for a solution to the cited problem, would look to the cited references at the time the invention was made. Consequently, the ordinary skilled artisan would have been motivated to combine the cited references since Koponen’s teaching would enable users of the Hockings system to have more efficient processing of policy information.
Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ELIYAH STONE HARPER whose telephone number is (571)272-0759. The examiner can normally be reached on Monday-Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Sanjiv Shah can be reached on (571) 272-4098. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Eliyah S. Harper/Primary Examiner, Art Unit 2166 December 9, 2025