Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Status of claims
This office action is in response to claims filed on 05/04/2021; the provisional application priority date of 10/05/2018 is considered
Claims 1-27 are pending and rejected; claims 1, 10 and 19 are independent claims

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 03/24/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Response to Arguments
Applicant's arguments filed on 05/04/2021 have been fully considered but they are not persuasive. 
With respect to applicant’s argument: Kettler makes no mention of any of "dataset permissions of use information" "associated with [a] dataset identifier," where the "dataset permissions of use information" comprises "one or more of' "allowed account types," "allowed environments," "allowed use," allowed use justifications," "indication of offshore allowed," or "protection consumption profile," as is recited in claim 1.
	Examiner respectfully disagree with applicant’s argument for the following reasons: Kettler teaches (see Kettler ¶65, Data protection rules are compared to managed systems information in the particular data field(s) [i.e. dataset permissions of use information associated with [a] dataset identifier]. At decisional step 740, a determination is made whether managed system information in the data field(s) complies with the data protection rules; Fig. 3 ¶47, “rules database 210 may store such information as where the dataset permissions of use information comprises one or more of "allowed account types," "allowed environments," "allowed use," allowed use justifications," "indication of offshore allowed," or "protection consumption profile,"]). Disclosing the recited claim limitation.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-27 are rejected under 35 U.S.C. 103 as being unpatentable over Kettler et al. US Pub. No.: 2003/0101341 A1 (hereinafter Kettler) in view of Williamson et al. US Pub. No.: 2018/0232528 A1 (hereinafter Williamson)

Kettler teaches:
As to claim 1, a method for controlling and tracking access to secured data (see Kettler ¶42, tracking access to data), the method comprising:
receiving, using the processing circuitry and from a data steward device, dataset permissions of use information associated with the dataset identifier (Kettler ¶36, “to accept queries from data requesters related to information associated with enterprise architecture 100, access rules database 210 to validate that permissions exist for the data requesters”); 
registering, using the processing circuitry and in a repository, the dataset permissions of use information with the dataset by associating a dataset permissions of use information identifier associated with the dataset permissions of use information with the dataset identifier (see Kettler ¶36, “validate that the desired information may be accessed by the data requesters, and generate a response to the queries”); 
registering, using the processing circuitry and in the repository, volume permissions of use information with the one or more volumes by associating a volume permissions of use information identifier associated with the volume permissions of use information with the one or more volume identifiers (see Kettler Fig. 3, ¶47, “At step 306, the rules database 210 stores identifying information about the request”); 
receiving, using the processing circuitry and from the remote computing device, a set of restrictions associated with the dataset identifier, wherein the dataset permissions of use information comprises one or more of allowed account types, allowed environments, allowed use, allowed use justifications, indication of offshore allowed, or protection consumption profile (see Kettler ¶¶62 65, Data protection rules are compared to managed systems information in the particular data field(s)/identifiers [i.e. dataset permissions of use information associated with [a] dataset identifier]. At decisional step 740, a determination is made whether managed system information in the data field(s) complies with the data protection rules; Fig. 3, ¶47, “rules database 210 may store such information as who is requesting the data (i.e., the data requester), what type of information they are requesting, what time the request was made, and from which location the request was made”); 
retrieving, using the processing circuitry and from the repository, dataset permissions of use information associated with the dataset identifier (see Kettler Fig. 3 ¶47, a determination is made whether the data requester is permitted to access the requested information); 
determining, using the processing circuitry, by comparing the set of restrictions with the dataset permissions of use information, that the set of restrictions does not conflict with the dataset permissions of use information (see Kettler Fig. 3 and ¶47, If the information is not allowed to be released to the data requester, such as when that information is protected by certain data protection rules, then the method proceeds to step 310 as outlined below); and 
generating and storing an indication that the set of restrictions is validated (see Kettler Fig. 3 and ¶48, “access the database to validate that a permission exists for the data requester”).

Kettler does not explicitly teach but the related art Williamson teaches:
receiving, using processing circuitry and from a remote computing device, a dataset identifier (see Williamson ¶103, “coordinate identifier 802 may uniquely identify the subsection of the input data sources at which sensitive data was detected by the data classifier 108 as well as the type of sensitive data that was detected there”) ;
organizing, using the processing circuitry, a dataset represented by the dataset identifier into one or more volumes, each of the one or more volumes associated with a unique volume identifier (see Williams ¶26, “the data pre-processor 106 converts the data in the input data sources 102A-N to a common data structure that may be parsed by the data classifier 108” [i.e. attach assets to volumes]);
attaching, using the processing circuitry, one or more assets to the one or more volumes by associating one or more asset identifiers with the one or more volume identifiers, wherein each asset is configured to store at least one of the one or more volumes (see Williamson ¶48, data classifier 108 includes a metadata analyzer 202, a reference data matcher 204, a pattern matcher 206, a logical classifier 208, a contextual analyzer 210, a deep learning classifier 212, a data security level classifier 214, a significance factor calculator 216, and a confidence value calculator 218); 
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the invention, to modify the system for protecting data from unauthorized disclosure disclosed by Kettler to include the sensitive data classification, as thought by Williamson, in order to organize/classify the datasets to one or more volumes/classifications. It would have been obvious to one of ordinary skill in the art to include a system that can automatically parse through the data sources and intelligently determine access permission.
As to claim 2, the combination of Kettler and Williamson teaches the method of claim 1, wherein the set of restrictions comprises one or more of a set of contractual restrictions, a set of customer committed restrictions and a set of legal restrictions (see Kettler ¶51, “These security systems help the legal department or other suitable departments of an enterprise to keep track of employees' actions and preferences with respect to data protection rules”). 

As to claim 3, the combination of Kettler and Williamson teaches the method of claim 1, wherein organizing the dataset into the one or more volumes comprises: 
receiving, using the processing circuitry, a volume identifier data structure associated with one or more volumes (see Williamson ¶26, the data pre-processor 106 converts the data in the input data sources 102A-N to a common data structure that may be parsed by the data classifier 108); 
generating, using the processing circuitry, volume metadata comprising one or more dataset identifiers, indicating that datasets associated with the one or more dataset identifiers belong to the one or more volumes (see Williamson ¶26, the data pre-processor 106 converts the data in the input data sources 102A-N to a common data structure that may be parsed by the data classifier 108, along with metadata identifying its source in the input data sources 102A-N); and 
storing, using the processing circuitry and in the repository, the volume metadata (see Williamson ¶32, data pre-processor 106 and a set of pre-defined patterns stored by the data classifier 108). 

As to claim 4, the combination of Kettler and Williamson teaches the method of claim 1, wherein attaching the one or more assets to the one or more volumes comprises: 
receiving, using the processing circuitry, an asset registration data structure associated with one or more assets ((see Williamson ¶48, data classifier 108 includes a metadata analyzer 202, a reference data matcher 204, a pattern matcher 206, a logical classifier 208, a contextual analyzer 210, a deep learning classifier 212, a data security level classifier 214, a significance factor calculator 216, and a confidence value calculator 218); 
storing, using the processing circuitry and in the repository, one or more datasets associated with each of the one or more volumes in the one or more assets based on the asset registration data structure (see Williams ¶27, related columns in a database, data from a single source, spatial or temporal proximity of data to other data, and so on); 
generating, using the processing circuitry, asset metadata indicating that the one or more datasets of each of the one or more volumes is stored in the one or more assets (see Williams ¶33, logic rules may specify various characteristics of the data, such as its metadata label, size, length, contents, and so on) ; and 
storing, using the processing circuitry and in the repository, the asset metadata (see Williams ¶33, logic rules may specify various characteristics of the data, such as its metadata label, size, length, contents, and so on). 

As to claim 5, the combination of Kettler and Williamson teaches the method of claim 1, wherein registering the dataset permissions of use information regarding the dataset comprises: receiving, using the processing circuitry, dataset permissions of use information from a data steward device, wherein a data steward associated with the data steward device is designated by an owner of the dataset (see Kettler ¶41, data owners keep the data protection rules, corporate policies, and other data protection information); 
generating, using the processing circuitry, dataset permissions of use metadata based on the dataset permissions of use information; and storing, using the processing circuitry and in the repository, the dataset permissions of use metadata (see Kettler ¶41, data owners keep the data protection rules, corporate policies, and other data protection information; ¶62, metadata is utilized in step 708 to read one or more data fields of managed systems information contained in managed systems database). 

As to claim 6, the combination of Kettler and Williamson teaches the method of claim 1, wherein registering volume permissions of use information regarding the one or more volumes to the one or more volumes comprises: receiving, using the processing circuitry, volume permissions of use information from a data steward device, wherein a data steward associated with the data steward device is designated by an owner of the dataset (see Kettler ¶41, data protection rules are created and/or revised, one or more employees of an enterprise, such as a business process owner);
 generating, using the processing circuitry, volume permissions of use metadata based on the volume permissions of use information; and storing, using the processing circuitry and in the repository, the volume permissions of use metadata (see Kettler ¶61, Metadata is extracted from the managed system information stored in managed system database 212 and stored in rules database 210 at step 704. Metadata is information used to define the managed system information stored in managed systems database 212). 

As to claim 7, the combination of Kettler and Williamson teaches the method of claim 1, wherein the volume permissions of use information comprises one or more of: 
allowed account types, allowed environments, allowed use, allowed use justifications, indication of offshore allowed, or protection consumption profile (see Kettler ¶36, generally functions to accept queries from data requesters related to information associated with enterprise architecture 100, access rules database 210 to validate that permissions exist for the data requesters, validate that the desired information may be accessed by the data requesters, and generate a response to the queries). 

As to claim 8, the combination of Kettler and Williamson teaches the method of claim 1, wherein the data permissions defines one or more conditions under which one or more users are granted access to the dataset (see Kettler ¶36, generally functions to accept queries from data requesters related to information associated with enterprise architecture 100, access rules database 210 to validate that permissions exist for the data requesters). 

As to claim 9, the combination of Kettler and Williamson teaches the method of claim 1, further comprising: 
receiving, using the processing circuitry, one or more data attributes associated with the dataset from a metadata repository (see Kettler ¶39, compliance tool 224 generally functions to extract metadata from managed systems database 212 and store the metadata in rules database 210, receive a new and/or updated set of data protection rules); 
receiving, using the processing circuitry, one or more data attribute protection policies associated with the one or more data attributes (see Kettler ¶7, a computerized method for managing a plurality of data protection rules includes receiving and storing the data protection rules in a database) ; and 
enforcing, using the processing circuitry, the one or more data attribute protection policies associated with the one or more data attributes by transmitting the one or more data attribute protection policies to a data protection system, wherein the data protection system is configured to enforce the one or more data attribute protection policies on the one or more assets (see Kettler ¶42, protection repository 200 may also function to keep track of which employees are receiving which type of information and/or which employees are denied access to certain information). 
As to independent claim 10, this claim directed to an apparatus executing the method of claim 1; therefore it is rejected along similar rationale.
As to independent claim 19, this claim directed to a computer program product executing the method of claim 1; therefore it is rejected along similar rationale.
As to dependent claims 11-18 and 20-27, these claims contain substantially similar subject matter as claim 2-; therefore they are rejected along the same rationale.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478.  The examiner can normally be reached on Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 5712726798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/NEGA WOLDEMARIAM/Examiner, Art Unit 2433                                                                                                                                                                                                        

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433