DETAILED ACTION
Notice of Pre-AIA or AIA Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2. The Action is responsive to Applicant’s amendment, filed on February 27, 2026.
3. It is acknowledged that as a result of the amendment, Claims 5, 8, and 11, have been amended.
4. Claims 1-20 are pending.
Claim Rejections - 35 USC § 112
5. The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior office action.
In view of the amendments to the claims, the Examiner withdraws all pending rejections under 35 U.S.C. 112.
Response to Arguments
6. Applicant’s arguments with respect to claims 1-20 have been considered but are not persuasive at least for the following reason: The mentioned typographical errors in the 102 rejections have been corrected.
Applicant argues in substance that “… Mertes expressly frames its treatment of "sensitive data" in the context of data migration, i.e., the movement of data from an on-premises system to a cloud services provider, and acknowledges that security concerns exist when sensitive data is transferred over data communications networks during that migration. Applicant respectfully submit that Mertes does not disclose "selecting the local computing system from the plurality of computing systems" "based on the stored data containing sensitive or private information associated with an individual." Instead, Mertes' disclosure merely acknowledges the general existence of security concerns in the context of cloud migration tooling.” Mertes discloses the (Par [0132], “The embodiments may maintain audit logs. An audit log is a document that records an event in a computing system. In addition to documenting what resources were accessed, audit log entries typically include destination and source addresses, a timestamp, and user login information for compliance with various regulations.” Par [0138], “Such a cloud storage gateway may operate as a bridge between local applications that are executing on the storage system 306 and remote, cloud-based storage that is utilized by the storage system 306.” And see Figures 3A-3C and par [0139]), Mertes clearly discloses the compliance and regulations on the “storage system” and the “remote” as the Claim recites; also reviewing and addressing “sensitive data” to the services; as mentioned the services are between remote and local storage, as claimed. Authentication and access control, offered by AMAZONTM S3, provides mechanism associated with communication and permissions that would allocate according to users or system processes granted.
And the associated sensitive data is associated with certain user login, rules and regulations.
The “selecting” as claimed and discussed is related to a local computer access, which could be associated with a login credential. The access to stored data and perform operations can be done in local and remote services, “one or more” se also figures 1-3C).
The Examiner suggests incorporating the specifics of the mentioned components in order to make the claim definite with respect to the "sensitive or private” information. The Examiner also invites the applicant to request an interview in order to discuss the mentioned issue, potential distinguishable subject matter, and any other potential uses in order to advance prosecution prior to issuing any additional action. In order to enhance compact prosecution and clarity of record.
In view of the above, the Examiner contends that all limitations as recited in the claims have been addressed in this Action. For the above reasons, the Examiner believes that the rejections of the last Office action were proper.
Claim Rejections - 35 USC § 102
7. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
8. Claim(s) 1-5, 9, 11-15, 17-18, and 20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by MERTES et al (US 2022/0334725), hereinafter “MERTES”.
As per Claim 1, MERTES discloses:
A method of data processing arbitration within a communications system, comprising: receiving a request to perform, on stored data, one or more data processing operations using at least one computing system of a plurality of computing systems, the plurality of computing systems comprising a local computing system and a remote computing system; (Par [0132], “…The embodiments may maintain audit logs. An audit log is a document that records an event in a computing system. In addition to documenting what resources were accessed, audit log entries typically include destination and source addresses, a timestamp, and user login information for compliance with various regulations…” Par [0138], “Such a cloud storage gateway may operate as a bridge between local applications that are executing on the storage system 306 and remote, cloud-based storage that is utilized by the storage system 306.” And see Figures 3A-3C) based on the stored data containing sensitive or private information associated with an individual, selecting the local computing system from the plurality of computing systems; (Par [0139], “Such cloud migration tools may also be configured to address potentially high network costs and long transfer times associated with migrating large volumes of data to the cloud services provider 302, as well as addressing security concerns associated with sensitive data to the cloud services provider 302 over data communications networks.”) and causing the selected computing system to access the stored data and perform the one or more data processing operations on the accessed data using the selected local computing system. (Par [0140], “For example, the cloud services provider 302 may be configured to provide access to data analytics applications to the storage system 306 and users of the storage system 306. Such data analytics applications may be configured, for example, to receive vast amounts of telemetry data” and par [0194-195], “computational tasks may be performed using the compute resources provided by such storage systems, data may be storage using the storage resources of the storage system, and cloud-based services may be accessed through the use of various resources of the storage system (including networking resources).” And “As such, many tasks that really on data processing, storage, or communications may be better suited by platforms that include edge solutions such as the storage systems described above.” See figures 1-3C).
As per Claim 2, the rejection of Claim 1 is incorporated and MERTES further discloses: wherein the local computing system is selected from the plurality of computing systems based further on a monetary cost associated with performing the one or more data processing operations by the remote computing system, availability of computational resources of the remote computing system, availability of memory resources of the remote computing system, a type of storage, a characteristic of the stored data, or a combination thereof. ; (Par [0139], “Such cloud migration tools may also be configured to address potentially high network costs and long transfer times associated with migrating large volumes of data to the cloud services provider 302, as well as addressing security concerns associated with sensitive data to the cloud services provider 302 over data communications networks.” And par [0282], “system membership and high availability and recovery characteristics and events” and see Figures 5-7).
As per Claim 3, the rejection of Claim 1 is incorporated and MERTES further discloses: wherein the local computing system is selected from the plurality of computing systems based further on the remote computing system not complying with one or more regulatory requirements. (Par [0238], “the data compliance services to ensure that the user's datasets are managed in a way to adhere to various regulatory requirements. For example, one or more data compliance services may be offered to a user to ensure that the user's datasets are managed in a way so as to adhere to the General Data Protection Regulation (‘GDPR’), one or data compliance service…” and see Figures 5-7)
As per Claim 4, the rejection of Claim 1 is incorporated and MERTES further discloses: wherein the one or more data processing operations comprise a modification to the stored data, a modification to metadata associated with the stored data, or both. (Par[0168], “Readers will appreciate that in such an example, metadata that is associated with the data itself may be included in each object (e.g., the first 1 MB of the object is data and the remaining portion is metadata associated with the data).” And par [0256], “Idle content is the content after any in-progress modifications have completed with no processing of new modifications. Sometimes this is referred to as “crash recoverable” consistency. Recovery of a pod carries out the process of reconciling differences in applying concurrent updates to in-sync storage systems in the pod. Recovery can resolve any inconsistencies between storage systems in the completion of concurrent modifications” and par [0346], “… descriptions of relationships between operations and common metadata updates may be described as a set of interdependencies between separate, modifying operations—where these interdependencies may be described as a set of precursors that one operation depends…”).
As per Claim 5, the rejection of Claim 4 is incorporated and MERTES further discloses: further comprising: initiating a session for the modification to the stored data; (Par [0456], “In these examples, the namespace identifier utilized 1402 by the host to establish the session (i.e., the virtual namespace identifier 1402)” ) and in response to determining that no further modifications are being made to the stored data, terminating the session, and storing the stored modified data. (Par [0052], Par [0424], “systems replicating the dataset to confirm that the modification has been applied. For example, checkpoints may be used to synchronize transactions on the storage systems at defined intervals, or snapshot-based replication may be used to asynchronously replicate one storage system (e.g., storage system 1002) onto another storage system (e.g., storage system 1010) during a failover or disaster recovery scenario.” And par [0429], “…stored data…”).
As per Claim 9, the rejection of Claim 1 is incorporated and MERTES further discloses: wherein the sensitive or private information comprises an identifier, a quasi-identifier, personally identifiable information, or a combination thereof. (Par [0234], “Consider an example in which the storage service includes a service that, when selected and applied, causes personally identifiable information (PIP)”).
As per Claim 11, the rejection of Claim 1 is incorporated and MERTES further discloses: wherein the sensitive or private information comprises medical information or health information of the individual, including information indicative of a presence or an absence of a biological condition within the individual obtained based on one or more diagnostic tests. (Par [0177], “AI applications may be deployed in a variety of fields, including: predictive maintenance in manufacturing and related fields, healthcare applications such as patient data & risk analytics, retail and marketing deployments (e.g., search advertising, social media advertising)…”).
As per Claim 20, the rejection of Claim 17 is incorporated and MERTES further discloses: wherein the plurality of instructions are further configured to, based on a higher priority of a task being performed by the local computing system, select the remote computing system from the plurality of computing systems.
(Par [0065], “Thus, for the traditional storage system, a higher level process (e.g., initiated by the storage system) and a lower level process (e.g., initiated by a storage controller of the storage system) may both be performed.” And par [0160], “controller application 324, 326 may be embodied as a module of computer program instructions that, when executed, carries out the same tasks as the controllers 110A, 110B in FIG. 1A described above such as writing data to the cloud-based storage system 318, erasing data from the cloud-based storage system 318, retrieving data from the cloud-based storage system 318, monitoring and reporting of disk utilization and performance, performing redundancy operations, such as RAID or RAID-like data redundancy operations, compressing data, encrypting data, deduplicating data, and so forth.” See also Figures 3C and 5).
As per Claims 12-15 and 17-18, being the system and non-transitory medium claims corresponding to the method claims 1-4 respectively and rejected under the same reason set forth in connection of the rejections of Claims 1-4 and further MERTES discloses: (par [0247]).
Claim Rejections - 35 USC § 103
9. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
10. Claim(s) 6, 10, 16, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over MERTES et al (US 2022/0334725), in view of Reid et al (US 9,973,484), hereinafter MERTES and Reid respectively.
As per Claim 6, the rejection of Claim 4 is incorporated and Reid further discloses: wherein the modification to the stored data comprises a change to at least genetics data associated with the individual. (Col. 11, lines 7-12, “high resolution imaging data, genomics, wide variety of unstructured data, longitudinal care needs and regulatory retention requirements” and Col. 14, lines 7-24, “creating and updating patient-to-HCP and patient-to-cloud lockbox associations, and modifying permissions tables…” and see Figures 2 and 5).
Therefore, it would have been obvious to a person of ordinary skill in the art at the effective filing date to incorporate the teachings of Reid specifically updating data and its modifications into the method of MERTES to take advantage on applying changes and obtain the most updated information. The modification would have been obvious because one of the ordinary skills in the art would implement complying with the modifications to provide real-time protection for intelligent embedded systems.
As per Claim 10, the rejection of Claim 1 is incorporated and MERTES further discloses: wherein the sensitive or private information comprises patient data, (Par [0177], “AI applications may be deployed in a variety of fields, including: predictive maintenance in manufacturing and related fields, healthcare applications such as patient data & risk analytics, retail and marketing deployments (e.g., search advertising, social media advertising)…”) .
However, MERTES do not specifically disclose “the patient data comprising genomic information, genetic information, metabolomic information, transcriptomic information, fragmentomic information, immune receptor information, methylation information, epigenomic information, proteomic information, immunohistochemistry (IHC) information, immunofluorescence (IF) information, or a combination thereof.”
Reid discloses the above mentioned information as follows: (Col. 11, lines 7-12, “high resolution imaging data, genomics, wide variety of unstructured data, longitudinal care needs and regulatory retention requirements” and see Figures 2 and 5).
Therefore, it would have been obvious to a person of ordinary skill in the art at the effective filing date to incorporate the teachings of Reid specifically updating data specifically related to certain medical information and testing into the method of MERTES to take advantage on applying changes and obtain the most updated information. The modification would have been obvious because one of the ordinary skills in the art would implement complying with the modifications to provide real-time protection for intelligent embedded systems.
As per Claims 16 and 19, being the system and non-transitory medium claims corresponding to the method claim 10 respectively and rejected under the same reason set forth in connection of the rejections of Claim 10 and further MERTES discloses: (par [0247]).
Allowable Subject Matter
11. Claims 7-8 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
MERTES discloses, Modifying operations to the volume will then make logical extent copies as needed, resulting in the volume storing the results of those modifying operations and the snapshots retaining the original content. Volume copies are similar, except that both the original volume and the copied volume can modify content resulting in their own copied logical extent graphs and subgraphs, however not specifically discloses: responsive to the one or more data processing operations: creating a modified version of the stored data; updating the metadata associated with the stored data to generate updated metadata associated with the modified version of the stored data; and storing the modified version of the stored data and the updated metadata in a temporary data store; wherein the access of the stored data by the selected computing system comprises an access of one or more versions of the stored data, the one or more versions of the stored data comprising at least the modified version of the stored data.” And the “ and storing the modified version of the stored data and the updated metadata in a primary data store accessible to one or more computing systems other than the plurality of computing systems.”
Conclusion
12. The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.
WEAVER; Daniel B. (US-20130252280-A1), relates to Examples may also be practiced in distributed computing environments where tasks are performed by local and remote processing devices that are linked (either by hardwired links, wireless links, or by a combination thereof) through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.
Briody; Joss (US-20220188519-A1), relates to local device it will be appreciated that the computing device may be located remotely and accessed via a network or other communication link (for example using a communication interface).
Stabrawa; Timothy A. (US-20210240616-A1), relates to For example, it may be beneficial to provide primary memory to a local machine from an aggregated “pool” of memory, which may be referred to as a ‘memory pool’. The memory pool may be external to the local machine. The memory pool may involve multiple memory appliances, and the memory pool may scale to an infinite or arbitrarily large number of memory appliances without performance irregularities due to the scaling.
Singh; Gurjeet (US-20160246871-A1), relates to It will be appreciated that any private, public, or combination of private and public data sets may be integrated to construct the topological map visualizations. A map visualization may be based on biological data such as, but not limited to, gene expression, sequencing, and copy number variation.
DARJI; PRAKASH (US-20220317912), relates to cloud services provider 302 may provide services to multiple organizations. In still alternative embodiments, the cloud services provider 302 may be embodied as a mix of a private and public cloud services with a hybrid cloud deployment.
13. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
14. Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANGELICA RUIZ whose telephone number is (571)270-3158. The examiner can normally be reached M-F 10:00 am to 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Boris Gorney can be reached at (571) 270-5626. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ANGELICA RUIZ/Primary Examiner, Art Unit 2154 March 16, 2026