DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are pending.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1-20 is/are rejected under 35 U.S.C. 102(a)(1) as being unpatentable over Ho et al. (US Pub. No. 2013/0144901 A1).
In respect to Claim 1, Ho teaches:
a method comprising: receiving a data query referencing unredacted data of a database, wherein the data query that is received comprises a value identifying a type of sensitive data to be redacted from the unredacted data; (Ho teaches [0020] redaction of data in a database in response to a query for data. The redaction occurs just before results are returned; thus, the redaction necessarily must be of unredacted data within a database.)
Ho teaches [0040] policy scope based on redaction. Ho further teaches that the policy may specify different categories of sensitive data such as age or department number which the redaction operator will identify.
responsive to the data query, executing, by a processing device, a redaction operation to identify candidate sensitive data that matches the type of sensitive data to be redacted within the unredacted data of the database; (Ho teaches [0020] redaction of data which has been determined sensitive.)
Given the broadest reasonable interpretations “candidate sensitive data” is merely data which has been identified as sensitive, private, or confidential.
Ho teaches [0020] redaction of sensitive data stored in a database in response to a query. Thus, Ho must teach a specified portion of the database which is redacted in response to the query. Ho further teaches [0020] data redacted based upon columns which have been identified as sensitive data. Thus, Ho must teach identifying sensitive data within the unredacted data of the portion of the database.
Ho teaches [0039-0040] redaction policy for determination of redacted data. Ho teaches [0040] that the policy may specify redaction based upon specified value or specified criteria such as age, department number, etc. The specified values or specified criteria is representative of categories of sensitive data that the redaction operation may identify based upon the policy.
and returning a redacted data set in which the candidate sensitive data that is provided is based on an authentication level utilized for execution of the redaction operation (Ho teaches [0020] returning redacted data, wherein the redacted data is replaced.)
Ho teaches [0037, 0043] returning of redacted data based on redaction policy analysis, wherein this analysis is based upon a probability determination that data should be identified as sensitive.
Ho teaches [0043] the application of a redaction policy. For example, a credit card number is determined as sensitive data and as a result redaction is performed on the credit card number. Ho teaches [0037, 0043] that this redaction is based on a determined probability that the card number is sensitive data. For example, Ho teaches [0039-0040] determination of data to redact is based on policy thresholds as established by the definitions associated with each policy.
Ho teaches [0035] that the query includes operators around policy-specified columns in the query, wherein these specification of the query [0040] defines thresholds which are defined by specified criteria.
As per Claim 2, Ho teaches:
wherein the redacted data set includes some or all of the candidate sensitive data for a first authentication level (Ho teaches [0020] redaction of data which has been determined sensitive.)
As per Claim 3, Ho teaches:
wherein the redacted data set includes a return value that omits at least a portion of the candidate sensitive data for a second authentication level (Ho teaches [0023] redaction at different columnar levels.)
As per Claim 4, Ho teaches:
wherein the redaction operation identifies one or more types of sensitive data within the unredacted data based on the authentication level (Ho teaches [0023] redaction at different columnar levels.)
As per Claim 5, Ho teaches:
wherein the data query comprises a structured query language (SQL) query (Ho [0025])
As per Claim 6, Ho teaches:
wherein the data query comprises a user-defined function (UDF), and the value identifying the type of sensitive data to be redacted from the unredacted data is an input value of the UDF (Ho [0025])
As per Claim 7, Ho teaches:
wherein the redacted data set that is returned comprises an offset value indicating an offset within a data value of the unredacted data set at which the sensitive data is located (Ho teaches [0020] columns which have been specifically allocated for sensitive data, wherein these columns are indicative of a location within the data set or database. Thus, Ho must teach that the redacted data set which is returned comprises a value indicating a location within the unredacted data set at which the sensitive data is located.)
Claims 8-14 are the system claims corresponding to method claims 1-7 respectively, therefore are rejected for the same reasons noted previously.
Claims 15-20 are the media claims corresponding to method claims 1-6 respectively, therefore are rejected for the same reasons noted previously.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA BULLOCK whose telephone number is (571)270-1395. The examiner can normally be reached 8:00 am - 4:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kavita Stanley can be reached at 571-272-8352. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JOSHUA BULLOCK/Primary Examiner, Art Unit 2153 January 22, 2026