Detailed Action:
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on December 25, 2025 has been entered.
Status of Claims:
Claims 1-20 are pending.
Claims 1 and 11 are amended.
Response to Remarks:
Regarding 101:
The Applicant asserts that the claims, particularly as amended, overcome 101 due to, at least, the August 4th Memo. On 101. The Examiner respectfully disagrees. Under both the Memo and the MPEP, a mental process are limitations that can be accomplished by the human mind, even if aided by a computer. Here, is such the case as clarified below. As read and understood by the Examiner all the claim limitations maybe done with a person’s mind with the aid of a computer. This is shown in most if not all of the claim limitations, such as, “…capturing…., generating…storing…reconstructing…and displaying….” Overall, the invention discloses how one may decide which information to exclude and use the computer for excluding such information. Thus, the Examiner rejects the Applicant’s assertion of a mental process not existing.
Regarding 103:
In response to applicant's argument that the prior art motivation to combine is nonanalogous art, it has been held that a prior art reference must either be in the field of the inventor’s endeavor or, if not, then be reasonably pertinent to the particular problem with which the inventor was concerned, in order to be relied upon as a basis for rejection of the claimed invention. See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992). In this case, all prior art is within the same realm of endeavor as the presented claims/invention.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-20 are directed towards a system, method, and product which are one of the four statutory categories.
However, they are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception (i.e., a law of nature, a natural phenomenon, or an abstract idea) without significantly more. The claims of 1, 11 are directed to a mental process with the aid of a computer. Specifically, the invention is directed towards using a workflow without sensitive data included within the workflow.
The Examiner has deemed this to be computer aided mental processes namely MPEP 2106.04(a)(2) III C #2 performing a mental process in a computer environment. (See also, MPEP 2106.04(A)(2) III paragraph 3 citing Synopsys, Inc. v. Mentor Graphics Corp., 839 F.3d 1138, 1139, 120 USPQ2d 1473, 1474 (Fed. Cir. 2016) (holding those claims to a mental process of "translating a functional description of a logic circuit into a hardware component description of the logic circuit" are directed to an abstract idea, because the claims "read on an individual performing the claimed steps mentally or with pencil and paper"). Also see MPEP 2106.04(A)(2) III paragraph 2. 1st sentence: "mental processes" abstract idea grouping is defined as concepts performed in the human mind, and examples of mental processes include observations, evaluations, judgments, and opinions")
Specifically, here, based on the MPEP 2106.04(a)(2) III paragraph 2 test above, all you have is computer aided observations and evaluations to come up to a judgement of reconstructing workflow events. Thus, similar to the example of MPEP 2106.04(a)(2) III paragraph 2 the claims would set forth the abstract mental processes. Additionally, or alternatively, the claims could also be argued as translating workflow descriptions or pointer events into a reconstructed description of the workflow events and thus, similar to Synopsys as cited by MPEP 2106.04(A)(2) III paragraph 3, above the current claims can once again be argued to set forth the abstract computer aided mental processes.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the additional limitations, such as, “…computing device… processor…memory…browser-based application…acyclic graph…”are all directed at narrowing the abstract idea. Furthermore, the limitations here implemented in a generic computer. This is evidenced by the Applicant’s Specification on paragraph 55 disclosing implementing the software on a generic computer using generic implementing software.
The dependent claims of 2-10, 12-20 do not independently overcome 101, and are therefore, rejected based on their dependency of claim 1, 11. The dependent claims alone are directed towards further narrowing the abstract idea, which does not serve to render the claim patent-eligible. Thus, all the claims are rejected under 101.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 2, 5-7,9-12,15-17, 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Redlich (US Pub. No. 20050138109) (Hereinafter, Redlich) in view of Tang (US Pub. No. 20180041530) (Hereinafter, Tang) in further view of McFall, et al. (US Pub. No. 20230359770), (Hereinafter, McFall)
As per claim 1.)
Redlich teaches,
a system for privacy-preserving workflow analysis, comprising:
a computing device comprising at least one processor and memory storing instructions that, when executed, cause the computing device to:
(Abstract)
capture workflow events from a browser-based application;
(Paragraph 59, noting “…implement a method and apparatus for targeted extraction and encryption of security sensitive items. The extraction capabilities of the system enable different workflow modes. The system enables extraction and encryption of important and critical content. In essence, only the critical content is extracted and/or encrypted, whereas the rest of the document remains as plaintext…”)
Redlich does not explicitly teach; however, Tang does teach,
generate event pointers for the captured workflow events, wherein each event pointer comprises temporal data and interaction type data…
(paragraph 82 & 84, noting on 82 “…the characteristic may be extracted from at least one of the following dimensions: upstream and downstream information, a server dimension, a web page programming language dimension, a time dimension, and web page description information…”)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of filing to incorporate the teachings of Tang within the invention of Redlich with the motivation of an accurate result of malicious web address detection, can detect various newly emerging malicious web addresses, and are user-friendly. (Tang Abstract)
Redlich does teach,
…while automatically excluding sensitive content detected within the captured workflow events
(claim 1, noting “…extracting with said filter said security sensitive words, characters or data objects and said retrieved data to obtain extracted data and remainder data therefrom…”)
Redlich/Tang do not teach; however, McFall does teach,
wherein generating event pointers comprises automatically excluding sensitive content by applying format-preserving tokenization to structured data fields,
(paragraphs 16, 17, 23, and 85)
applying consistent hashing to repeated values to maintain consistency across the workflow,
(paragraphs 23, 410, and 644)
and applying pattern-based masking to semi-structured data;
(paragraphs 23 and 85)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of filing to incorporate the teachings of McFall within the invention of Redlich/Tang with the motivation of allowing the identification and protection of sensitive data in multiple ways, which can be combined for different workflows, data situations or use cases. The system scans datasets to identify sensitive data or identifying datasets, and to enable the anonymization of sensitive or identifying datasets by processing that data to produce a safe copy.
Redlich teaches,
store the event pointers in a data structure maintaining a sequence corresponding to the workflow events;
(Paragraph 167, noting “ Step 252 stores the common data or the remainder data. …Step 258 stores a map.”; the common or remainder data are the data that is not the sensitive content from above in Redlich, thus, when combined with Tang, it would become the event pointer data corresponding to the workflow as the remaining or common data)
reconstruct the workflow events using the stored event pointers by correlating the temporal data and interaction type data to recreate workflow states without the excluded sensitive content;
(paragraph 170; noting on paragraph 170, “If the user has correctly input the security code, the system in step 318 releases the keys (to decrypt) and the map and releases the reconstruction request to the remote storage for the extracted data. This could be computer storage I-ext. 156 or computer storage B-ext. 110. In step 320, the user's access to the extracted data is logged in along with the time and day and type of data request. In step 322, the system downloads the extracted data into RAM 166 and/or hard drive 168 of computer 140. In step 324, an error routine is operated on the extracted data in order to ensure that the extracted data properly matches the common or remainder previously stored.)
Redlich/Tang do not teach; however, McFall teaches,
Wherein reconstructing the workflow events comprises constructing a directed acyclic graph representing temporal and causal relationships between events and traversing the directed acyclic graph to recreate workflow states;
(paragraphs 468, read in light of 474, 101, 157, 449, 568, )
Therefore, it would have been obvious to one of ordinary skill in the art at the time of filing to incorporate the teachings of McFall within the invention of Redlich/Tang with the motivation of allowing the identification and protection of sensitive data in multiple ways, which can be combined for different workflows, data situations or use cases. The system scans datasets to identify sensitive data or identifying datasets, and to enable the anonymization of sensitive or identifying datasets by processing that data to produce a safe copy.
Redlich teaches,
and
display the reconstructed workflow events in a user interface.
(paragraph 178)
As per claim 2,
Redlich teaches,
the system of claim 1, wherein reconstructing the workflow events comprises:
substituting synthetic data for sensitive content in the reconstructed workflow events.
(paragraph 180)
As per claim, 5,
Redlich does not teach; however, Tang does teach,
the system of claim 1, wherein each event pointer comprises:
a timestamp;
(paragraph 82, noting “…a time dimension…”)
an event type identifier;
(paragraph 82, noting “…web page description information…”)
a target element identifier;
(Paragraph 280, noting “…In step 708, place holders are added to replace the extracted security data in the remainder data and a hyperlink is added to the open field remainder data providing a link to the secure data ASP. In step 710, the user selects the “send button” or any other indicator on the HTML page triggering an operation which transmits the open field data (which is now remainder data) to the web server…”)
a template identifier;
(Paragraph 91, noting “…the method/process/program obtains a security safe document formatted as a safe document object model. Security exons are copied from the content data and meta data binary files into the security safe document (template) formatted as the safe document object model…”)
and compliance status data
(Paragraph 167, noting “…Step 250 conducts an error check on the extracted data. This error check is helpful in discerning problems in the storage of the data prior to closing down the data security system. Step 252 stores the common data or the remainder data. Step 254 conducts an error check on the common or remainder data. …”; Examiner noting the error check functioning as the compliance status).
As per claim 6,
Redlich teaches,
the system of claim 1, wherein the instructions further cause the computing device to:
maintain different privacy contexts for training, quality assurance, and compliance monitoring
(Paragraph 41, noting “…matches the current protocols for various security levels, which can be configured to match security concerns with compliance with law, regulation or policy, privacy, national, organizational or private security concerns…” noting on paragraph 71, “…It can adjust the security defenses based on the performance needs of the network… training requirements…”)
As per claim 7,
Redlich teaches,
the system of claim 1, wherein the browser-based application comprises a customer relationship management system
(paragraph 37, noting the prior art giving examples of applications of CRM).
As per claim 9,
Redlich teaches,
the system of claim 1, wherein the instructions further cause the computing device to: validate reconstructed workflow events against predefined compliance rules
(paragraph 41, noting “…matches the current protocols for various security levels, which can be configured to match security concerns with compliance with law, regulation or policy, privacy, national, organizational or private security concerns…”)
As per claim 10,
Redlich teaches,
the system of claim 1, wherein displaying the reconstructed workflow events comprises:
displaying visual indicators highlighting current interaction points in the workflow
(Paragraph 272, noting “…The filter is used in step 604. In step 612, security words are highlighted or distinguished in the e-mail prior to the actual sending of the e-mail to the addressee. ...”)
As per claims 11, 12, 15-17, 19-20:
Claims 11-12, 15-17, and 19-20 disclose similar limitations to the claims above, however, in a method form. Redlich teaches such a form, see, Redlich Abstract. Therefore, claims 11-12, 15-17, and 19-20 are rejected under similar rationale as the claims above.
Claims 3,8,13, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Redlich in view of Tang in further view of McFall and in further view of Romey (US Pub. No. 20220141523) (Hereinafter, Romey).
As per claim 3,
Redlich/Tang/McFall do not teach, however, Romey does teach,
the system of claim 1, wherein the user interface comprises:
playback controls for controlling replay of the reconstructed workflow events;
(paragraph 8, noting the present disclosure includes a method for initiating sync playback within a client web browser by requesting a plurality of data and processing the plurality of data so that the plurality of data is compatible with the client web browser…”)
a timeline showing the sequence of workflow events;
(paragraph 26, noting “…The video timeline displays those timestamps formatted like 3 pm . . . 4 pm or 10/19 . . . 10/25 (depending on timeline zoom level) as that makes the most sense to the end user and helps navigating through the video material…”)
and an event details panel displaying metadata about current workflow events.
(Fig. 4 and corresponding text paragraph 44-56).
Therefore, it would have been obvious to one of ordinary skill in the art at the time of filing to incorporate the teachings of Romey within the invention of Redlich/Tang/McFall with the motivation of improving the accessibility of sync playback, operators can search in workflow videos in a more efficient manner. (Romey paragraph 2)
As per claim 8,
Redlich/Tang/McFall do not explicitly teach; however, Romney does teach,
the system of claim 1, wherein the instructions further cause the computing device to: enable addition of annotations during replay of the reconstructed workflow events
(paragraph 26, noting “…The video timeline displays those timestamps formatted like 3 pm . . . 4 pm or 10/19 . . . 10/25 (depending on timeline zoom level) as that makes the most sense to the end user and helps navigating through the video material…”)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of filing to incorporate the teachings of Romey within the invention of Redlich/Tang/McFall with the motivation of improving the accessibility of sync playback, operators can search in workflow videos in a more efficient manner. (Romey paragraph 2)
Claims 13 and 18 disclose similar limitations to the claims above, however, in a method form. Redlich teaches such a form, see, Redlich Abstract. Therefore, claims 13 and 18 are rejected under similar rationale as the claims above.
Claims 4 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Redlich in view of Tang in further view of McFall and in further view of Yeleshwarapu (US Pub. No. 2022/0300812) (Hereinafter, Yeleshwarapu)
As per claim 4,
Redlich teaches,
the system of claim 1, wherein the instructions further cause the computing device to:
analyze the sequence of workflow events to identify workflow patterns;
(Paragraph 220, noting “…The early-stage processing, enables early-stage inventorying of prioritized contents as well as early-stage pattern recognition. …”)
Redlich/Tang/McFall do not explicitly teach, however, Yeleshwarapu, does teach,
generate workflow efficiency metrics;
(paragraph 29 and 68, noting on 29, “… a model may map states of computation throughout of workflows execution to the obtained performance of the workflow with respect to the user-defined quality metrics…; noting on 68, “…monitoring data from the compute nodes (such as CPU utilization, memory utilization, CPU time, user time, system time, and process time) and other derived metrics to train itself (step 320)…”)
Therefore, it would have been obvious to one of ordinary skill in the art at the time of filing to incorporate the teachings of Yeleshwarapu within the invention of Redlich/Tang/McFall with the motivation of optimizing an allocation of resources of the set of resources to each task of the sets of tasks to ensure compliance with a user-defined metric. (Yeleshwarapu Abstract)
Redlich teaches,
and detect compliance violations
(paragraph 8, noting “…With the use of tools called distributed fingerprints (hashes), the stored data is distributed using the fingerprints and coding functions to determine errors…”).
Claim 14 discloses similar limitations to the claims above, however, in a method form. Redlich teaches such a form, see, Redlich Abstract. Therefore, claim 14 is rejected under similar rationale as the claims above.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZAHRA ELKASSABGI whose telephone number is (571)270-7943. The examiner can normally be reached Monday through Friday 11:30 to 8:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Rob Wu can be reached at 571.272.6045. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
ZAHRA . ELKASSABGI
Examiner
Art Unit 3623
/RUTAO WU/Supervisory Patent Examiner, Art Unit 3623