Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This Office Action corresponds to application 16/105,757 which was filed on 8/20/2018 and is a CON of PCT/CN2017/072859 filed 2/3/2017 claiming priority of INDIA IN201641005870 filed 2/19/2016. 

Response to Amendment
In the response filed 12/17/2020, Applicant amends claims 1, 4, 7, 8, 12, 14, and 17.  Claims 2, 3, 9-11, 15 and 16 have been cancelled and claims 18-22 have been added.  Accordingly, claims 1, 4-8, 12-14, and 17-22 stand pending.

Response to Arguments
Applicant's arguments filed 12/17/2020 have been fully considered but are moot in view of new grounds of rejection.
The applicant argues that Ahmed does not teach “updating, when the user right allows access to the query plan and the user right has an access restriction to a column or a row in the query plan, the query plan, wherein the query plan is updated by removing a restricted column or a restricted row from the query plan or the query plan is updated by adding a filter to a restricted column or a restricted row from the query plan”. The applicant argues that Ahmed does not teach any conditions for updated the query 
The applicant further argues that Svoboda fails to teach updating the query plan generated by a federated query before executing the query.  The examiner respectfully disagrees. Svoboda teaches receiving a federated query and generating a federated query plan based on the received query before the query is executed ([0037]).  Therefore, the examiner is not persuaded.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 1, 4-6, 8, 12-14, 17, 18, and 20-21 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ahmed et al. (US2013/0325841), hereinafter Ahmed, in view of Svoboda et al. (US2015/0310067), hereinafter Svoboda.

Regarding Claim 1:
Ahmed teaches:
	A method for providing unified access control for data stored in federated databases by an access control system (Ahmed, abstract, [0011], note access control for a database server, when combined with the other cited reference this would be for a federated database system as taught by Svoboda), the method comprising: 
receiving a 
generating a query plan based on the received 
verifying the query plan by using a user right pre-stored in a central authorization metadata table (Ahmed, abstract, [0012, 0031], note receiving a query plan, checking 
updating, when the user right allows access to the query plan and the user right has an access restriction to a column or a row in the query plan, the query plan, wherein the query plan is updated by removing a restricted column or a restricted row from the query plan or the query plan is updated by adding a filter to a restricted column or a restricted row from the query plan (Ahmed, abstract, [0012-0015], note updating the query plan based on the access rights based on row-specific access controls); 
converting the updated query plan to a physical query (Ahmed, abstract, [0012-0015], note executing the updated query plan means it was converted into a physical query); and 
executing the physical query to obtain a result (Ahmed, abstract, [0012-0015], note execution of query stage).
Ahmed doesn’t specifically teach:
federated databases;
user right pre-stored in a central authorization metadata table;
Svoboda is in the same field of endeavor, information retrieval;
Svoboda teaches: 
A method for providing unified access control for data stored in federated databases by an access control system (Svoboda, abstract, [0006], note access control for federated databases), the method comprising: 

generating a query plan based on the received federated query (Svoboda, abstract, 0037-0039], note receiving a federated query and generated a federated query plan)
verifying the received query plan by using a user right pre-stored in a central authorization metadata table (Svoboda, abstract, [0042-0043, 0049, 0057], note verifying the query has permissions, note rules database is a central authorization database with rules tables, e.g. authorization metadata table.  When combined with the previously cited reference this would include the user rights as taught by Ahmed); 
converting the updated query plan to a physical query Svoboda, abstract, [0006-0008], note sending the queries to the source databases means the query was converted); and 
executing the physical query to obtain a result (Svoboda, [0039-0040], note execution of query).
It would have been obvious to one of ordinary skill in the art before the effective date of filing to modify the cited references to incorporate the teachings of Svoboda because this would improve the security of data access (Svoboda, [0005]).

Regarding Claim 4:
Ahmed and Svoboda shows the method as disclosed above;
Ahmed and Svoboda further teaches:

It would have been obvious to one of ordinary skill in the art before the effective date of filing to modify the cited references to incorporate the teachings of Svoboda because this would improve the security of data access (Svoboda, [0005]).

Regarding Claim 5:
Ahmed and Svoboda shows the method as disclosed above;
Ahmed and Svoboda further teaches:
wherein the central authorization metadata table stores a table level control, a column level control, a row level control, or a record level control associated with a table residing in a database (Ahmed, abstract, [0031, 0035] note removing data that the user doesn’t have access with row level control) (Svoboda, abstract, [0006-0008, 0042-0043, 0049, 0057], note federated query, note rules database is a central authorization database with rules tables, e.g. authorization metadata table.  When combined with the previously cited reference this would include the user rights as taught by Ahmed).


Regarding Claim 6:
Ahmed and Svoboda shows the method as disclosed above;
Ahmed and Svoboda further teaches:
associating the central authorization metadata table with a federated metadata in a database (Svoboda, abstract, [0006-0008, 0042-0043, 0049, 0051, 0057], note federated query, note rules database is a central authorization database with rules tables, e.g. authorization metadata table, note association with federated metadata).
It would have been obvious to one of ordinary skill in the art before the effective date of filing to modify the cited references to incorporate the teachings of Svoboda because this would improve the security of data access (Svoboda, [0005]).

Claim 8 discloses substantially the same limitations as claim 1 respectively, except claim 8 is directed to a device comprising a processor, coupled to memory (Ahmed, figure 2 note processor and memory), while claim 1 is directed to a method. Therefore claim 8 is rejected under the same rationale set forth for claim 1.

Claim 12 discloses substantially the same limitations as claim 4 respectively, except claim 12 is directed to a device comprising a processor, coupled to memory 

Claim 13 discloses substantially the same limitations as claim 5 respectively, except claim 13 is directed to a device comprising a processor, coupled to memory (Ahmed, figure 2 note processor and memory), while claim 5 is directed to a method. Therefore claim 13 is rejected under the same rationale set forth for claim 5.

Claim 14 discloses substantially the same limitations as claim 1 respectively, except claim 14 is directed to a non-transitory computer-readable media comprising a processor (Ahmed, figure 2 note processor), while claim 1 is directed to a method. Therefore claim 14 is rejected under the same rationale set forth for claim 1.

Claim 17 discloses substantially the same limitations as claim 5 respectively, except claim 17 is directed to a non-transitory computer-readable media comprising a processor (Ahmed, figure 2 note processor), while claim 5 is directed to a method. Therefore claim 17 is rejected under the same rationale set forth for claim 5.

Claim 18 discloses substantially the same limitations as claim 6 respectively, except claim 18 is directed to a device comprising a processor, coupled to memory (Ahmed, figure 2 note processor and memory), while claim 6 is directed to a method. Therefore claim 18 is rejected under the same rationale set forth for claim 6.


Claim 20 discloses substantially the same limitations as claim 4 respectively, except claim 20 is directed to a non-transitory computer-readable media comprising a processor (Ahmed, figure 2 note processor), while claim 4 is directed to a method. Therefore claim 20 is rejected under the same rationale set forth for claim 4.

Claim 21 discloses substantially the same limitations as claim 6 respectively, except claim 21 is directed to a non-transitory computer-readable media comprising a processor (Ahmed, figure 2 note processor), while claim 6 is directed to a method. Therefore claim 21 is rejected under the same rationale set forth for claim 6.

 
Claim Rejections - 35 USC § 103

Claims 7, 19, and 22 is/are rejected under 35 U.S.C. 103 as being unpatentable over Ahmed in view of Svoboda and Muller et al. (US2015/0317486), hereinafter Muller.

Regarding Claim 7:
Ahmed and Svoboda shows the method as disclosed above;
Ahmed and Svoboda further teaches:
verifying whether an access to a row in the column is restricted to the user, when the column is restricted to the user (Ahmed, abstract, [0012, 0031, 0035] note verifying access to a row, when combined with the other cited references this would be for the restricted column as taught by Muller); and 

Ahmed doesn’t specifically teach:
verifying whether a table extracted from the generated query plan comprises an access restricted to a user by using the central authorization metadata table; 
extracting, an column from the generated query plan when the table is unrestricted;
Muller is in the same field of endeavor, information retrieval;
Muller teaches:
verifying whether a table extracted from the generated query plan comprises an access restricted to a user by using the central authorization metadata table (Muller, [0012], note determining if the user has access to a database table); 
extracting, an column from the generated query plan when the table is unrestricted (Muller, [0012, 0054-0058], note after determining access to a database table determining what columns a user can access inside the table, which would be extracted during execution);
It would have been obvious to one of ordinary skill in the art before the effective date of filing to modify the cited references to incorporate the teachings of Muller because this would improve the security of the database system (Muller, [0004, 0012]).

Claim 19 discloses substantially the same limitations as claim 7 respectively, except claim 19 is directed to a device comprising a processor, coupled to memory 

Claim 22 discloses substantially the same limitations as claim 7 respectively, except claim 22 is directed to a non-transitory computer-readable media comprising a processor (Ahmed, figure 2 note processor), while claim 7 is directed to a method. Therefore claim 22 is rejected under the same rationale set forth for claim 7.
	
	Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Cao et al. (US2009/0276840) teaches access control systems for a distributed environment; Kabra et al. (US2008/0071785) teaches generating query plans using access control checks.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN J MORRIS whose telephone number is (571)272-3314.  The examiner can normally be reached on M-F 6:30-2:30 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Neveen Abel-Jalil can be reached on 571-270-0474.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/JOHN J MORRIS/Examiner, Art Unit 2152                                                                                                                                                                                                        3/24/2021

/NEVEEN ABEL JALIL/Supervisory Patent Examiner, Art Unit 2152