DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is Non-Final Office Action in response to application filed on August 19, 2025 in which claims 1-19 are presented for examination.
Information Disclosure Statement
The references listed in the IDS filed on August 19, 2025, October 17, 2025 and March 13, 2026 have been considered and entered into record. Copies of the signed or initialed IDSs are hereby attached.
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The filing of a terminal disclaimer by itself is not a complete reply to a nonstatutory double patenting (NSDP) rejection. A complete reply requires that the terminal disclaimer be accompanied by a reply requesting reconsideration of the prior Office action. Even where the NSDP rejection is provisional the reply must be complete. See MPEP § 804, subsection I.B.1. For a reply to a non-final Office action, see 37 CFR 1.111(a). For a reply to final Office action, see 37 CFR 1.113(c). A request for reconsideration while not provided for in 37 CFR 1.113(c) may be filed after final for consideration. See MPEP §§ 706.07(e) and 714.13.
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The actual filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/apply/applying-online/eterminal-disclaimer.
Claims 1-19 are provisionally rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-19 of copending Application No. 18/651,037 (reference application). Although the claims at issue are not identical, they are not patentably distinct from each other because they are directed toward the same subject matter.
All limitations and elements in claim 1 of the instant application (‘164) are found in claim 1 of the reference application (‘037), except that the limitation “the query including a natural language query” have been omitted. However, claim 1 of the ‘164 application recites “generating a database query based on a natural language query” in the preamble. Therefore, claim 1 of the instant application is substantially similar to claim 1 of reference application. Although the claims at issue are not identical, they are not patentably distinct from each other because they are substantially similar in scope and they use the similar limitations, as showed in the Claims Comparison Table below. The claims of the cited reference application teach each limitation of the instant claim. Accordingly, the cited reference application anticipates the claims of the instant application.
Claims Comparison Table:
Instant application # 19/304,164
Copending application # 18/651,037
Claim 1. A method for generating a database query based on a natural language query, comprising:
receiving a query directed to a security database, wherein the security database includes a representation of a computing environment;
determining a data schema utilized to represent an entity of the computing environment in the security database;
generating a prompt for a language model based on the received query, and the determined data schema;
generating a database query by processing the generated prompt; and executing the database query on the security database.
5. The method of claim 1, further comprising: selecting a preselected database query from a plurality of preselected database queries; and generating the prompt further based on the preselected database query.
6. The method of claim 5, further comprising: determining a match score between the received query and the preselected database query; and selecting the preselected database query in response to the match score.
7. The method of claim 1, further comprising: initiating inspection in response to a result of executing the database query on the security database.
8. The method of claim 7, further comprising: initiating a mitigation action based on a result of the inspection.
9. The method of claim 8, further comprising: initiating the mitigation action in the computing environment.
10. A non-transitory computer-readable medium storing a set of instructions for generating a database query based on a natural language query, the set of instructions comprising: one or more instructions that, when executed by one or more processing circuitries of a device, cause the device to: receive a query directed to a security database, wherein the security database includes a representation of a computing environment; determine a data schema utilized to represent an entity of the computing environment in the security database; generate a prompt for a language model based on the received query, and the determined data schema; generate a database query by processing the generated prompt; and execute the database query on the security database.
11. A system for generating a database query based on a natural language query comprising: a processing circuitry; a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: receive a query directed to a security database, wherein the security database includes a representation of a computing environment; determine a data schema utilized to represent an entity of the computing environment in the security database; generate a prompt for a language model based on the received query, and the determined data schema; generate a database query by processing the generated prompt; and execute the database query on the security database.
12. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine that the received query cannot be executed on the security database; and generate the prompt in response to determining that the received query cannot be executed.
13. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: tokenize the received query.
14. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: detect a word in the received query; map the word to a term; and tokenize the term.
15. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: select a preselected database query from a plurality of preselected database queries; and generate the prompt further based on the preselected database query.
16. The system of claim 15, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine a match score between the received query and the preselected database query; and select the preselected database query in response to the match score.
17. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: initiate inspection in response to a result of executing the database query on the security database.
18. The system of claim 17, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: initiate a mitigation action based on a result of the inspection.
Claim 1. A method for generating a database query based on a natural language query, comprising:
receiving a query including a natural language query directed to a security database, wherein the security database includes a representation of a computing environment;
determining a data schema utilized to represent an entity of the computing environment in the security database;
generating a prompt for a large language model (LLM) based on: the received query, and the determined data schema;
generating a database query by processing the generated prompt; and executing the database query on the security database.
2. The method of claim 1, further comprising: selecting a preselected database query from a plurality of preselected database queries; and; generating the prompt further based on the preselected database query.
3.The method of claim 2, further comprising: determining a match between the natural language query and the preselected database query; and determining a match between the natural language query and another preselected database query.
6. The method of claim 1, further comprising: initiating inspection of another entity of the computing environment in response to a result of executing the database query on the security database.
7. The method of claim 6, further comprising: initiating a mitigation action based on a result of the inspection of another entity.
8. The method of claim 6, further comprising: initiating, based on a result of the inspection, any one of: a remediation action, a forensic finding, a mitigation action, and a combination thereof.
10. A non-transitory computer-readable medium storing a set of instructions for generating a database query based on a natural language query, the set of instructions comprising: one or more instructions that, when executed by one or more processors of a device, cause the device to: receive a query including a natural language query directed to a security database, wherein the security database includes a representation of a computing environment; determine a data schema utilized to represent an entity of the computing environment in the security database; generate a prompt for a large language model (LLM) based on: the received query, and the determined data schema; generate a database query by processing the generated prompt; and execute the database query on the security database.
11. A system for generating a database query based on a natural language query comprising: a processing circuitry; a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: receive a query including a natural language query directed to a security database, wherein the security database includes a representation of a computing environment; determine a data schema utilized to represent an entity of the computing environment in the security database; generate a prompt for a large language model (LLM) based on: the received query, and the determined data schema; generate a database query by processing the generated prompt; and execute the database query on the security database.
12. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: select a preselected database query from a plurality of preselected database queries; and generate the prompt further based on the preselected database query.
13. The system of claim 12, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine a match between the natural language query and the preselected database query; and determine a match between the natural language query and another preselected database query.
14. The system of claim 13, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: select the preselected database query or another preselected database query based on the determined match.
15. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: determine the data schema based on the natural language query.
16. The system of claim 11, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: initiate inspection of another entity of the computing environment in response to a result of executing the database query on the security database.
17. The system of claim 16, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: initiate a mitigation action based on a result of the inspection of another entity.
18. The system of claim 16, wherein the memory contains further instructions which when executed by the processing circuitry further configure the system to: initiate, based on a result of the inspection, any one of: a remediation action, a forensic find, a mitigation action, and a combination thereof.
This is a provisional nonstatutory double patenting rejection because the patentably indistinct claims have not in fact been patented.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 1-19 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea of mental process without significantly more. The claims recite “receiving a query directed to a security database, wherein the security database includes a representation of a computing environment; determining a data schema utilized to represent an entity of the computing environment in the security database; generating a prompt for a language model based on the received query, and the determined data schema; generating a database query by processing the generated prompt; and 7executing the database query on the security database”. This judicial exception is not integrated into a practical application because the steps can be performed manually in human mind. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because the claim here merely uses the processor as a tool to perform the otherwise mental processes. See October Update at Section I(C)(ii). Thus, the limitations recite concepts that fall into the “mental process” grouping of abstract ideas.
ANALYSIS under Revised Guidance of 2019 PEG:
Statutory Category:
The claims 1-19 are directed to one of the four statutory category (claims 1-9 a method or a process, claim 10 a non-transitory computer readable storage medium, and claims 11-19 a system or machine).
Step 2A – Prong One: Is there a Judicial Exception (e.g. abstract idea)? (See MPEP§§2106.04(II)(A)(1), 2106.04(a)(2)).
Claim 1 recites, at its core, the limitations directed to receiving a query, determining a data schema, generating a prompt based on the query and schema, generate a database query using a language model, and executing the database query. These limitations are data operations and information processing steps, which can be characterized as mental processes. The claim further recite “language model”; however, this recitation does not remove the claim from the mental process category. Rather, the claim merely uses the language model as a tool to perform information analysis and transformation. Moreover, the claim does not provide any technical detail regarding how these steps are performed beyond the use of generic computer components and a generic language model. Accordingly, claim 1 recites an abstract idea under step 2A, prong One.
Step 2A – Prong Two: Is the abstract idea integrated into a practical application? (See MPEP§§2106.04(II)(A)(2), 2106.04(d)). To pass Prong Two, the claim must apply the abstract idea in a meaningful way (e.g., by improving computer functionality or another technology).
Claim 1 recites additional elements such as “the security database,” which is merely constitutes a field of use, as the claim is directed to a security database. The claim does not recite aby specific improvement to database technology. Further, the claim does not recite a particular language model architecture, prompt generation technique, query planning mechanism, or database optimization technique. Additionally, the claim does not describe how the generated query improves computer performance, database efficiency, storage utilization, query execution, or cybersecurity operations. Rather, the claim appears to use a language model as generic AI tool, a database as a generic data repository, and a query as generic information. The result is merely obtaining information from a database using natural language input. Accordingly, the additional elements do not meaningfully limit the recited abstract idea or integrate the abstract idea into a practical application. Therefore, claim 1 fails to meet step 2A, prong Two.
Step 2B: significantly more or amounting to an incentive concept. (See MPEP§2106.05).
Claim 1 recites additional elements such as security database, data schema, language model, database query generation and query execution. However, these components are recited at a high level of generality and appear to perform their ordinary and conventional functions. For example, the security database performed the conventional function of storing security related data, the data schema performs the conventional function of defining a database structure, the language model performs the conventional function of processing natural language input, query generation performs the conventional function of producing database query; and query execution performs the conventional function of retrieving information. Further, the claim does not recite a new database architecture, a novel query generation algorithm, a specific prompt generation technique, a new machine learning model, an improvement to computer functionality, or a particular cybersecurity detection technique implemented within the security database. Therefore, the additional elements, individually and as an ordered combination, do not amount to significant more than the abstract idea itself. More implementation of the abstract idea using generic computer components and a generic language model does not provide an inventive concept. Accordingly, claim 1 fails under step 2B because the mere implementation on a computer machine model does not provide significantly more.
Dependent claim 2 recites “determining that the received query cannot be executed on the security database; and generating the prompt in response to determining that the received query cannot be executed” abstract idea under step 2A(i). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Dependent claim 3 recites “tokenizing the received query” abstract idea under step 2A(i). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Dependent claim 4 recites “detecting a word in the received query; mapping the word to a term; and tokenizing the term” abstract idea under step 2A(i). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Dependent claim 5 recites “selecting a preselected database query from a plurality of preselected database queries; and generating the prompt…” abstract idea under step 2A(i). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Dependent claim 6 recites “determining a match score between the received query and the preselected database query; and selecting the preselected database query in response to the match score” abstract idea under step 2A(i). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Dependent claim 7 recites “initiating inspection in response to a result of executing the database query on the security database” abstract idea under step 2A(ii). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Dependent claim 8 recites “initiating a mitigation action based on a result of the inspection” abstract idea under step 2A(i). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Dependent claim 9 recites “initiating the mitigation action in the computing environment” abstract idea under step 2A(ii). Therefore, the claimed elements fail to integrate the judicial exception into a practical application.
Claims 10 and 11 are rejected due to the similar analysis of claim 1. Claims 12-19 are similar analysis of claims 2-9 and do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element in claims 12-19 represent a further mental process step. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer component, then it falls within the “mental processes” group of abstract ideas. Each additional step is considered an abstract idea (mental process step) and does not integrate the judicial exception into a practical application. An additional abstract idea (mental process step) is not sufficient to amount to significantly more than the judicial exception. Therefore, claims 1-19 are not patent eligible.
The claim would improve eligibility under step 2A, prong 1 prong 2 and step 2B if it recited, for example, a specific improvement to query generation technology, a particular schema discovery technique that improves database operation, a specific prompt construction mechanism that reduces query errors, a new language model architecture, improved security database retrieval efficiency, reduced computational resources or latency through a particular technical mechanism, automatic generation of executable queries of security relationships that previously could not be generated using conventional systems.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-19 are rejected under 35 U.S.C. 103 as being unpatentable over Penzo et al. (US 20220035802 A1) in view of O’Kelly et al. (US 11861321 B1).
Regarding claim 1, Penzo discloses a method for generating a database query based on a natural language query (Fig.5, Penzo), comprising:
receiving a query directed to a security database (step 270 of Fig.5 and ¶[0036], Penso, i.e., receive a neural language query “NLQ”), wherein the security database includes a representation of a computing environment (¶[0018]-[0019] and [0036], Penso, i.e., a cloud-based platform may host a CMDB or another system that accumulates data regarding operational and/or business metrics stored as key performance indicators “KPIs” and based on representation of KPI which allow authorization to access role in CMDM);
determining a data schema utilized to represent an entity of the computing environment in the security database (¶[0018] and [0036]-[0038], Penso, i.e., use representation of KPI for role authorization “entity” with CMDM);
generating a prompt for a large language model based on the received query, and the determined data schema (¶[0018] and [0036]-[0038], Penso, i.e., generate a database query based on the received NL query and KPI-based role authorization “schema”)
generating a database query by processing the generated prompt (step 276 of Fig.5 and ¶[0036]-[0041], Penso, i.e., generate a database query based on the query details extracted from the NLQ and KPI-based role authorization); and
executing the database query on the security database (steps 278-280 of Fig.5 and ¶[0036]-[0038], Penso, i.e., executes the database query).
To clarify the language of “generating a prompt for a large language model based on: the received query, and the determined data schema”, although as stated above Penzo discloses generate a database query based on the received NL query and KPI-based role (¶[0018] and [0036]-[0038]).
However O’Kelly, in an analogous art, discloses generating a prompt for a large language model based on: the received query, and the determined data schema (col.25, line 45 to col.27, line 29, O’Kelly). It would have been obvious to a person having ordinary skill in the art before the effective filing date, having both Penzo and O’Kelly before them to utilize the natural language input to an output in a database language of O’Kelly into Penso, as taught by O’Kelly. One of ordinary skill in the art would be motivated to integrate the transformed query prompt into Penso, with a reasonable expectation of success, in order to enhance the development of executable language applications.
Regarding claim 2, Penso/O’Kelly combination discloses determining that the received query cannot be executed on the security database (col.6, lines 33-55, O’Kelly); and generating the prompt in response to determining that the received query cannot be executed (col.6, lines 33-55, O’Kelly).
Regarding claim 3, Penso/O’Kelly combination discloses tokenizing the received query (col.4, line 49 to col.5, line 9, O’Kelly).
Regarding claim 4, Penso/O’Kelly combination discloses detecting a word in the received query (col.4, line 49 to col.5, line 9, O’Kelly); mapping the word to a term (col.4, line 49 to col.5, line 9 and col.23, lines 55-62, O’Kelly); and tokenizing the term (col.4, line 49 to col.5, line 9, O’Kelly).
Regarding claim 5, Penso/O’Kelly combination discloses selecting a preselected database query from a plurality of preselected database queries (col.13, line 66 to col.14, line 56, O’Kelly); and generating the prompt further based on the preselected database query (col.13, line 66 to col.14, line 56, O’Kelly).
Regarding claim 6, Penso/O’Kelly combination discloses determining a match score between the received query and the preselected database query (col.6, lines 33-52, O’Kelly); and selecting the preselected database query in response to the match score (col.6, lines 33-52 and col.36, line 50 to col.37, line 8, O’Kelly).
Regarding claim 7, Penso/O’Kelly combination discloses initiating inspection in response to a result of executing the database query on the security database (col.25, line 45 to col.27, line 29, O’Kelly).
Regarding claim 8, Penso/O’Kelly combination discloses initiating a mitigation action based on a result of the inspection (col.36, line 50 to col.37, line 8, O’Kelly).
Regarding claim 9, Penso/O’Kelly combination discloses initiating the mitigation action in the computing environment (col.36, line 50 to col.37, line 8, O’Kelly).
Regarding claim 10, Penso discloses a non-transitory computer-readable medium storing a set of instructions for generating a database query based on a natural language query (Fig.4, Penso), the set of instructions comprising:
one or more instructions that, when executed by one or more processors of a device (Fig.4, Penso), cause the device to:
receiving a query directed to a security database (step 270 of Fig.5 and ¶[0036], Penso, i.e., receive a neural language query “NLQ”), wherein the security database includes a representation of a computing environment (¶[0018]-[0019] and [0036], Penso, i.e., a cloud-based platform may host a CMDB or another system that accumulates data regarding operational and/or business metrics stored as key performance indicators “KPIs” and based on representation of KPI which allow authorization to access role in CMDM);
determining a data schema utilized to represent an entity of the computing environment in the security database (¶[0018] and [0036]-[0038], Penso, i.e., use representation of KPI for role authorization “entity” with CMDM);
generating a prompt for a large language model based on the received query, and the determined data schema (¶[0018] and [0036]-[0038], Penso, i.e., generate a database query based on the received NL query and KPI-based role authorization “schema”)
generating a database query by processing the generated prompt (step 276 of Fig.5 and ¶[0036]-[0041], Penso, i.e., generate a database query based on the query details extracted from the NLQ and KPI-based role authorization); and
executing the database query on the security database (steps 278-280 of Fig.5 and ¶[0036]-[0038], Penso, i.e., executes the database query).
To clarify the language of “generating a prompt for a large language model based on: the received query, and the determined data schema”, although as stated above Penzo discloses generate a database query based on the received NL query and KPI-based role (¶[0018] and [0036]-[0038]).
However O’Kelly, in an analogous art, discloses generating a prompt for a large language model based on: the received query, and the determined data schema (col.25, lines 14-55, O’Kelly). It would have been obvious to a person having ordinary skill in the art before the effective filing date, having both Penzo and O’Kelly before them to utilize the natural language input to an output in a database language of O’Kelly into Penso, as taught by O’Kelly. One of ordinary skill in the art would be motivated to integrate the transformed query prompt into Penso, with a reasonable expectation of success, in order to enhance the development of executable language applications.
Regarding claim 11, Penso discloses a system for generating a database query based on a natural language query(Fig.4, Penso) comprising:
a processing circuitry (processing 240 of Fig.4, Penso); and
a memory (memory 230 of Fig.4, Penso), the memory containing instructions that, when executed by the processing circuitry, configure the system to:
receiving a query directed to a security database (step 270 of Fig.5 and ¶[0036], Penso, i.e., receive a neural language query “NLQ”), wherein the security database includes a representation of a computing environment (¶[0018]-[0019] and [0036], Penso, i.e., a cloud-based platform may host a CMDB or another system that accumulates data regarding operational and/or business metrics stored as key performance indicators “KPIs” and based on representation of KPI which allow authorization to access role in CMDM);
determining a data schema utilized to represent an entity of the computing environment in the security database (¶[0018] and [0036]-[0038], Penso, i.e., use representation of KPI for role authorization “entity” with CMDM);
generating a prompt for a large language model based on the received query, and the determined data schema (¶[0018] and [0036]-[0038], Penso, i.e., generate a database query based on the received NL query and KPI-based role authorization “schema”)
generating a database query by processing the generated prompt (step 276 of Fig.5 and ¶[0036]-[0041], Penso, i.e., generate a database query based on the query details extracted from the NLQ and KPI-based role authorization); and
executing the database query on the security database (steps 278-280 of Fig.5 and ¶[0036]-[0038], Penso, i.e., executes the database query).
To clarify the language of “generating a prompt for a large language model based on: the received query, and the determined data schema”, although as stated above Penzo discloses generate a database query based on the received NL query and KPI-based role (¶[0018] and [0036]-[0038]).
However O’Kelly, in an analogous art, discloses generating a prompt for a large language model based on: the received query, and the determined data schema (col.25, lines 14-55, O’Kelly). It would have been obvious to a person having ordinary skill in the art before the effective filing date, having both Penzo and O’Kelly before them to utilize the natural language input to an output in a database language of O’Kelly into Penso, as taught by O’Kelly. One of ordinary skill in the art would be motivated to integrate the transformed query prompt into Penso, with a reasonable expectation of success, in order to enhance the development of executable language applications.
Regarding claim 12, Penso/O’Kelly combination discloses determining that the received query cannot be executed on the security database (col.6, lines 33-55, O’Kelly); and generating the prompt in response to determining that the received query cannot be executed (col.13, line 66 to col.14, line 56, O’Kelly).
Regarding claim 13, Penso/O’Kelly combination discloses tokenizing the received query (col.6, lines 33-52 and col.36, line 50 to col.37, line 8, O’Kelly).
Regarding claim 14, Penso/O’Kelly combination discloses detecting a word in the received query (col.4, line 49 to col.5, line 9 and col.23, lines 55-62, O’Kelly); mapping the word to a term; and tokenizing the term (col.6, lines 33-52 and col.23, lines 55-62, O’Kelly).
Regarding claim 15, Penso/O’Kelly combination discloses selecting a preselected database query from a plurality of preselected database queries (col.13, line 66 to col.14, line 56, O’Kelly); and generating the prompt further based on the preselected database query (col.13, line 66 to col.14, line 56, O’Kelly).
Regarding claim 16, Penso/O’Kelly combination discloses determining a match score between the received query and the preselected database query (col.6, lines 33-52, O’Kelly); and selecting the preselected database query in response to the match score (col.6, lines 33-52 and col.36, line 50 to col.37, line 8, O’Kelly).
Regarding claim 17, Penso/O’Kelly combination discloses initiating inspection in response to a result of executing the database query on the security database (col.25, line 45 to col.27, line 29, O’Kelly).
Regarding claim 18, Penso/O’Kelly combination discloses initiating a mitigation action based on a result of the inspection (col.36, line 50 to col.37, line 8, O’Kelly).
Regarding claim 19, Penso/O’Kelly combination discloses initiating the mitigation action in the computing environment (col.36, line 50 to col.37, line 8, O’Kelly).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Gandhi et al. (US 20240378399 A1) disclose semantic interpreter for natural language commanding in applications via program synthesis.
Tunstall-pedoe et al. (US 20230259705 A1) disclose computer implemented methods for the automated analysis or use of data including use of a large language model.
Reza et al. (US 20230237277 A1) disclose aspect prompting framework for language modeling.
Douthit (US 11928569 B1) discloses automated user experience orchestration using natural language based machine learning techniques.
Luzhnica et al. (US 11516158 B1) disclose neural network facilitated linguistically complex message generation systems and methods.
Li et al. (US 20220229832 A1) disclose automated intelligent content generation.
Dijamco et al. (US 11301502 B1) disclose parsing natural language queries without retaining.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HANH B THAI whose telephone number is (571)272-4029. The examiner can normally be reached Mon-Friday 7-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi can be reached at 571-272-4078. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/HANH B THAI/Primary Examiner, Art Unit 2163
June 9, 2026