Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1 – 20 are pending.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1 – 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
The independent claims 1, 8 and 15 recite “receiving, by a processing device of a security analytics platform, first data associated with a computing resource; storing the first data in a first database table associated with the computing resource; generating a first set of indicators associated with the first database table, wherein each indicator of the first set of indicators identifies a corresponding horizontal partition associated with the first database table; receiving second data associated with the computing resource; storing the second data in a second database table associated with the first database table; generating a second set of indicators associated with the second database table, wherein each indicator of the second set of indicators specifies a corresponding horizontal partition associated with the second database table; and storing, based on the first set of indicators and the second set of indicators, a first partition of the first database table and a corresponding second partition of the second database table on a same database node.”
Step 1:
The claims are directed to a process, which falls under one of the four statutory categories.
Step 2A, Prong One:
The following limitations are abstract idea: "generating a first set of indicators associated with the first database table, wherein each indicator of the first set of indicators identifies a corresponding horizontal partition associated with the first database table" is a mental process and can be performed in the human mind. "Generating a second set of indicators associated with the second database table, wherein each indicator of the second set of indicators specifies a corresponding horizontal partition associated with the second database table" is a mental process and can be performed in the human mind.
Step 2A, Prong Two:
The following limitations are additional limitations. "Receiving, by a processing device of a security analytics platform, first data associated with a computing resource;” this limitation is an additional element and is insignificant extra-solution activity as retrieval/receiving of data (i.e. mere data gathering) such as 'obtaining information' as identified in MPEP 2106.05(g) and does not provide integration into a practical application. "Storing the first data in a first database table associated with the computing resource" and "storing the second data in a second database table associated with the first database table" and "storing, based on the first set of indicators and the second set of indicators, a first partition of the first database table and a corresponding second partition of the second database table on a same database node" recites at a high level of generality and instructions to apply an exception, or insignificant extra-solution activity, "storing and retrieving information in memory" as identified in MPEP 2106.05(g). Therefore, these recited additional limitations do not provide integration into a practical application.
Step 2B:
The conclusions for the additional elements representing mere implementation using a computer are carried over and do not provide significantly more. With respect to the "receiving” limitation is identified as insignificant extra-solution activity above when re-evaluated this element is well-understood, routine, and conventional as evidenced by the court cases in MPEP 2106.05(d)(II), "i. Receiving or transmitting data over a network, e.g., using the Internet to gather data, Symantec, 838 F.3d at 1321, 120 USPQ2d at 1362 (utilizing an intermediary computer to forward information); … OIP Techs., Inc., v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1093 (Fed. Cir. 2015) (sending messages over a network); buySAFE, Inc. v. Google, Inc., 765 F.3d 1350, 1355, 112 USPQ2d 1093, 1096 (Fed. Cir. 2014) (computer receives and sends information over a network);" and thus remains insignificant extra-solution activity that does not provide significantly more. Furthermore, the “storing” limitations are identified as insignificant extra-solution activity above when re-evaluated this element is well-understood, routine, and conventional as evidenced by the court cases in MPEP 2106.05(d)(II), “iv. Storing and retrieving information in memory, Versata Dev. Group, Inc. v. SAP Am., Inc., 793 F.3d 1306, 1334, 115 USPQ2d 1681, 1701 (Fed. Cir. 2015); OIP Techs., 788 F.3d at 1363, 115 USPQ2d at 1092-93” and thus remains insignificant extra-solution activity that does not provide significantly more. Furthermore, the “memory” and “processing device, coupled to the memory” of claim 8 as well as the “computer-readable medium” and “processing device” of claim 15 are identified as the mere use of a computer as a tool to perform an abstract idea, see MPEP 2106.05(f)(1) “ii. A general method of screening emails on a generic computer without any limitations that addressed the issues of shrinking the protection gap and mooting the volume problem, Intellectual Ventures I v. Symantec Corp., 838 F.3d 1307, 1319, 120 USPQ2d 1353, 1361 (Fed. Cir. 2016);” and MPEP 2106.05(f)(2) “ii. Generating a second menu from a first menu and sending the second menu to another location as performed by generic computer components, Apple, Inc. v. Ameranth, Inc., 842 F.3d 1229, 1243-44, 120 USPQ2d 1844, 1855-57 (Fed. Cir. 2016)” and “v. Requiring the use of software to tailor information and provide it to the user on a generic computer, Intellectual Ventures I LLC v. Capital One Bank (USA), 792 F.3d 1363, 1370-71, 115 USPQ2d 1636, 1642 (Fed. Cir. 2015)”.
Dependent claims 2, 9 and 16 receive the same analysis of the independent claims above with regards to Steps 1, 2A and 2B of the analysis, and furthering the Step 2B analysis, the claims further disclose additional element as “wherein the first data comprises telemetry data.” Designation of the data as telemetry data is the selecting of a particular data source or type of data to be manipulated as disclosed as insignificant extra-solution activity in 2106.05(g).
Dependent claims 3, 10 and 17 receive the same analysis of the dependent claims 2, 9 and 16 above with regards to Steps 1, 2A and 2B of the analysis. Furthering the Step 2B analysis, the claims further disclose additional element as “wherein the second data comprises change log data associated with the telemetry data.” Designation of data as change log data associated with the telemetry data is the selecting of a particular data source or type of data to be manipulated as disclosed as insignificant extra-solution activity in 2106.05(g).
Dependent claims 4, 11 and 18 receive the same analysis of the independent claims above with regards to Steps 1, 2A and 2B of the analysis. The claims further disclose additional element as “responsive to detecting a partition trigger, identifying a split location to perform a horizontal partition operation on the database node.”
Furthering the analysis,
Step 2A, prong one
The following limitations are abstract idea: " identifying a split location to perform a horizontal partition operation on the database node" is a mental process and can be performed in the human mind.
Step 2A, prong two
The following limitations are additional limitations “responsive to detecting a partition trigger” recites at a high level of generality and instructions to apply an exception, or insignificant extra-solution activity as identified in MPEP 2106.05(g).
Step 2B
The additional element of a “database node” is the selecting of a particular data source or type of data to be manipulated as disclosed as insignificant extra-solution activity in 2106.05(g).
Dependent claims 5, 12 and 19 receive the same analysis of the independent claims above with regards to Steps 1, 2A and 2B of the analysis. The claims further disclose additional element as “wherein at least one indicator of the set of indicators is stored in a column associated with the first database table.”
Furthering the analysis,
Step 2A, prong one
The abstract ideas identified in the independent claims above.
Step 2A, prong two
The following limitations are additional limitations “wherein at least one indicator of the set of indicators is stored in a column associated with the first database table.” recites insignificant extra-solution activity such as the selecting of a particular data source or type of data to be manipulated as identified in MPEP 2106.05(g).
Step 2B
The additional element of a “first database table” is the selecting of a particular data source or type of data to be manipulated as disclosed as insignificant extra-solution activity in 2106.05(g).
Dependent claims 6, 13 and 20 receive the same analysis of the independent claims above with regards to Steps 1, 2A and 2B of the analysis. The claims further disclose additional element as “wherein the first set of indicators is generated in response to determining a data type of the first data.”
Furthering the analysis,
Step 2A, prong one
The abstract ideas identified in the independent claims above.
Step 2A, prong two
The following limitations are additional limitations “wherein the first set of indicators is generated in response to determining a data type of the first data” recites insignificant extra-solution activity such as the selecting of a particular data source or type of data to be manipulated as identified in MPEP 2106.05(g).
Step 2B
The additional element of a “data type of the first data” is the selecting of a particular data source or type of data to be manipulated as disclosed as insignificant extra-solution activity in 2106.05(g).
Dependent claims 7 and 14 receive the same analysis of the independent claims above with regards to Steps 1, 2A and 2B of the analysis. The claims further disclose additional element as “wherein the first set of indicators is generated based on time data.”
Furthering the analysis,
Step 2A, prong one
The abstract ideas identified in the independent claims above.
Step 2A, prong two
The following limitations are additional limitations “wherein the first set of indicators is generated based on time data” recites insignificant extra-solution activity such as the selecting of a particular data source or type of data to be manipulated as identified in MPEP 2106.05(g).
Step 2B
The additional element of a “time data” is the selecting of a particular data source or type of data to be manipulated as disclosed as insignificant extra-solution activity in 2106.05(g).
Therefore, claims 1 – 20 as a whole are ineligible.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary. Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1 – 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Patent No. 11,928,099 issued to Sorenson, III et al (hereinafter Sorenson) in view of U.S. Patent Application Publication No. 2020/0125572 issued to Hanckel et al (hereinafter Hanckel).
As to claim 1, Sorenson discloses a method, comprising:
receiving, by a processing device of a security analytics platform, first data associated with a computing resource (receiving data sets for items and storing in the database service, including security services, see Sorenson: Col. 2 lines 16 – 53 and Col. 3 lines 40 – Col. 4 line 3);
storing the first data in a first database table associated with the computing resource (storing the data sets for items in tables within the primary storage of a database service, see Sorenson: Col. 3 line 40 – Col. 4 line 39, Col. 10 lines 23 – 48);
generating a first set of indicators associated with the first database table, wherein each indicator of the first set of indicators identifies a corresponding horizontal partition associated with the first database table (partitioning database by rows and generating snapshots for the data partitions, and further partitioning partitions as needed, including partition IDs, see Sorenson: Col. 6 line 12 – Col. 7 line 28, and partitioning including sharding, see Sorenson: Col. 10 lines 13 – 22, sharding is horizontal partitioning, and partition snapshots and partition changelogs together makeup partition backups, see Sorenson: Col. 7 line 54 – Col. 8 line 11);
receiving second data associated with the computing resource (change log data for the data sets/items including various updates to the items, see Sorenson: Col. 2 lines 27 – 53);
storing the second data in a second database table associated with the first database table (storing the change log data in an in-memory table related to the database, see Sorenson: Col. 2 lines 27 – 53, Col. 10 lines 23 – 48);
generating a second set of indicators associated with the second database table, wherein each indicator of the second set of indicators specifies a corresponding horizontal partition associated with the second database table (partition snapshots and partition changelogs together makeup partition backups, see Sorenson: Col. 7 line 54 – Col. 8 line 11, and change logs utilize key-value pairs and time values for mapping updates to the items of the data sets, see Sorenson: Col. 12 lines 6 – 25, and partitions have unique partition IDs (first data tables) and version numbers (based on updates/changes to the data when the partitions go through a reconfiguration), see Sorenson: Col. 7 lines 16 – 35); and
storing, based on the first set of indicators and the second set of indicators, a first partition of the first database table and a corresponding second partition of the second database table on a same database node (partitions are split and moved, additional partition backups including both snapshot of data and change logs, are sharded and stored across multiple locations (nodes, backup nodes, etc.), see Sorenson: Col. 7 lines 16 – 35 and Col. 10 lines 13 – 60).
While Sorenson discloses the use of security services, Sorenson does not explicitly disclose a security analytics platform.
Hanckel teaches a security analytics platform (IoT devices including smart security systems and data streams of telemetry data from the IoT devices with analytical functionality, and analyzing the data streams from the IoT devices, see Hanckel: Para. 0005 – 0006, 0009, 0022, 0046, 0056 – 0062).
Hanckel and Sorenson are analogous due to their disclosure of partitioning of data (including horizontal/sharding) and managing of data storage across multiple nodes.
Therefore, it would have been obvious to modify Sorenson’s use of sharding of table partitions and change logs across multiple locations with Hanckel’s use of horizontal partition of telemetry data for analysis in order to provide applications with an efficient processing model without loss of horizontal scalability relating to large transactional tables in a database system with non-transactional data streams (see Hanckel: Para. 0010).
As to claim 2, Sorenson in view of Hanckel discloses the method of claim 1, wherein the first data comprises telemetry data (telemetry data from IoT devices and other data sources for analysis, see Hanckel: Para. 0005 – 0006 and 0009).
As to claim 3, Sorenson in view of Hanckel discloses the method of claim 2, wherein the second data comprises change log data associated with the telemetry data (change log for the data items, see Sorenson: Col. 2 lines 16 – 41).
As to claim 4, Sorenson in view of Hanckel discloses the method of claim 1, further comprising:
responsive to detecting a partition trigger, identifying a split location to perform a horizontal partition operation on the database node (trigger for a partition split, see Sorenson: Col. 7 lines 29 – 53 and Col. 11 line 20 – 41).
As to claim 5, Sorenson in view of Hanckel discloses the method of claim 1, wherein at least one indicator of the set of indicators is stored in a column associated with the first database table (items comprise columns and identifiers stored as keys in key-value pairs, see Sorenson: Col. 2 line 27 – 41).
As to claim 6, Sorenson in view of Hanckel discloses the method of claim 1, wherein the first set of indicators is generated in response to determining a data type of the first data (values are according to the type of data, items identified by key-value pairs, see Sorenson: Col. 2 lines 27 – 41).
As to claim 7, Sorenson in view of Hanckel discloses the method of claim 1, wherein the first set of indicators is generated based on time data (items key-value pairs are assigned time values (e.g. timestamps), see Sorenson: Col. 2 lines 27 – 41).
Claims 8 – 14 are rejected using similar rationale to the rejection of claims 1 – 7 above. In addition, Sorenson discloses a memory and a processing device (see Sorenson: Col. 14 line 44 – Col. 15 line 53).
Claims 15 – 20 are rejected using similar rationale to the rejection of claims 1 – 6 above. In addition, Sorenson discloses memory comprising instructions (see Sorenson: Col. 15 lines 27 – 53).
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MARK E HERSHLEY whose telephone number is (571)270-7774. The examiner can normally be reached M-F: 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amy Ng can be reached at (571) 270-1698. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MARK E HERSHLEY/Primary Examiner, Art Unit 2164