DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 5/5/2021 to application 15/922,318.
As per instant Amendment, Claims 1, 8, and 15 have been amended. Claim 20 has been canceled.  Claims 1, 8, and 15 are independent claims.  Claims 1-6, 8-13, and 15-19 have been examined and are pending. This Action is made FINAL
Response to Arguments
Applicants’ arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 5/5/2021, with respect to the rejections of claims 1-6, 8-14, and 16-19 have been fully considered but are not persuasive.
Applicant remarked as follows:  The Undersigned had a teleconference with Examiner Malinowski on April 22 to review a proposed reply to OA after RCE, for which the Undersigned and Applicant both appreciate. During the teleconference the Examiner mentioned that the “directly” term is not explicitly mentioned in Applicant’s application, so that it was not clear to him whether there was proper support for this claim limitation. The Undersigned also requested that the examiner speak with his supervisor to review applicant’s proposed reply to OA after RCE and to advise as to what would be recommended to add to the claim limitations increase the chance for an allowance. Several days later the Examiner called the Undersigned to mention his recommendation for claim 
Examiner respectfully notes that the summary of the interview held 4/21/2021 is as follows: The Examiner pointed out an outstanding claim objection and an outstanding 35 USC 112d rejection. The examiner and the applicant further discussed possible amendments to clarify the claimed invention and to distinguish the claimed invention over the prior art. The examiner respectfully suggested that the independent claims be further amended by incorporating limitations recited in the dependent claims to clarify the claimed invention and to distinguish the claimed invention over the prior art. The applicant agreed to consider further amendment that will be submitted for further examination.
Applicant argues as follows: In this Reply to OA after RCE, Applicant has amended the respective independent claims (amended claim 1 shown below) to again as in Applicant’s Reply to OA recite the directly limitation, this time with some added language “exclusive of any other action by the third party user” that makes it clear the metes and bounds of the term directly.
Examiner has addressed the limitation of “exclusive of any other action by the third party user” under 35 U.S.C. 112(a) and 35 U.S.C. 112(b) in this office action.  
Applicant argues as follows: Support for this amended limitation “responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset” can be found as noted in Applicant’s Reply to OA in [0024] 
Examiner respectfully disagrees.  MPEP 2163.02 discloses The test for sufficiency of support in a parent application is whether the disclosure of the application relied upon "reasonably conveys to the artisan that the inventor had possession at that time of the later claimed subject matter." Ralston Purina Co. v. Far-Mar-Co., Inc., 772 F.2d 1570, 1575, 227 USPQ 177, 179 (Fed. Cir. 1985) (quoting In re Kaslow, 707 F.2d 1366, 1375, 217 USPQ 1089, 1096 (Fed. Cir. 1983)).  Whenever the issue arises, the fundamental factual inquiry is whether the specification conveys with reasonable clarity to those skilled in the art that, as of the filing date sought, applicant was in possession of the invention as now claimed. The subject matter of the claim need not be described literally (i.e., using the same terms or in haec verba) in order for the disclosure to satisfy the description requirement. If a claim is amended to include subject matter, limitations, or terminology not present in the application as filed, involving a departure from, addition to, or deletion from the disclosure of the application as filed, the examiner should conclude that the claimed subject matter is not described in that application.   Claim 1 recites “responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly  providing said first third party user access only to said first data subset.”  The amended claim language of “exclusive of any other action by the third party user directly” was not described so as to reasonable convey to a person having ordinary skill in the art that Applicant was in possession of the claimed the data access control program exclusive of any other action by the third party user directly  providing said first third party user access only to said first data subset.  Applicant asserted that paragraph 0024 of Applicant’s disclosure supports the amended claim language of directly providing said first third part user access to said first data subset.  The data access control program 132 disclosed in paragraph 0024 formats data but does not disclose exclusive of any other action by the third party user directly  providing a user with access to the data.  Applicant’s FIG. 1 corresponds to the text of paragraph 0024.  In FIG. 1, the data access control program 132, customer data 140 142 144, and the third party user computer systems 170 172 174 are illustrated as communicating with each other only through network 150.
Applicant argues as follows: Applicant respectfully notes the user in Cairns after their file request for file copy sent to the server, always must receive a pointer from the server, so that the requester never directly receives the file copy responsive to the initial request, including as disclosed in the abstract (and elsewhere in the specification) as the server providing to the requester upon the initial request “a pointer to the copy's storage location and associating the user with the pointer in a database”. Only after the server receives the pointer from the user does the server grant access to the file copy requested by the user. This indirect method of file access requiring a pointer disclosed throughout Cairns that provide file security clearly does not meet Applicant’s amended limitation recited in claim 1 as “responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset”. This deficiency in Cairns that is 
Examiner respectfully disagrees.  Cairns discloses, in FIG. 1 and paragraphs 0007 and 0029, a method for controlling access to cloud data, comprising: providing a cloud computing system having a customer database where second customer data encompasses edited version of the file can be created by the user who requested server 110 to store the edited version of the file, first customer data encompasses unedited version of the file; in paragraph 0025, stored in cloud storage, and a management computer including a processor connected to a memory device, wherein said processor is configured to execute a data access control program where data access control program encompasses functionality of accessing data; in paragraphs 0007 and 0033 and FIG.1, for implementing a data access control process, comprising; in paragraphs 0007, 0028, and 0029, transmitting to said cloud computing system for use in the data access control program selections received from said first customer where user request to server is a transmission; the access control list is stored via the server and via the cloud to a database so the selections must be transmitted to the cloud computing system especially in light of FIG. 1 which shows a user computer communicatively coupled to the database 120 via server and cloud; in paragraphs 0023, responsive to a data request from said first third party user, the data access control program directly providing said first third party user access only to said first data subset where responsive to a data request 
Applicant argues as follows: Fainor is entitled “Systems and methods of supplier quality management”. Fainor discloses (abstract) “Systems, methods, and computer-readable media are described for implementing quality management. An example method comprises receiving, over an electronic network, a first communication from a manufacturer associated with a process. The process is associated with the manufacturer and a supplier. The method further comprises advancing a standard workflow to a new step associated with that standard workflow, in response to receiving the first communication. The method further comprises determining whether the first party uses a custom workflow, and if so, determining an equivalent step on the custom workflow that corresponds to the new step on the standard workflow. The method further comprises sending a second communication to the first party, comprising information associated with the step of advancing and at least one of the new step on the standard workflow or the equivalent step on the custom workflow. Systems and computer-readable media are also provided for implementing similar methods. “  Fainor is asserted in the OA after RCE to disclose “a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second customer in paragraph 46; and in paragraph 67 “receiving at least one recommended process change or maintenance 
Examiner respectfully disagrees. Cairns discloses, in paragraph 0023, responsive to a data request from said first third party user, the data access control program directly providing said first third party user access only to said first data subset where responsive to a data request encompasses the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.  Fainor discloses, in paragraph 0046, providing a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second customer; in paragraph 0056, responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset; in paragraph 0067, receiving at least one recommended process change or maintenance procedure from said first third party user, said recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset.
Applicant argues as follows: Even assuming arguendo that Fainor discloses Applicant’s claimed "receiving at least one recommended process change or maintenance procedure from said first third party user, said recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset.”, there is respectfully no rational reason for Cairns “Cloud based file storage service” which deals exclusively with file security to be modified by Fainor to implement 
Examiner respectfully disagrees.  Both Cairns and Fainor disclose cloud systems and databases.  Cairns discloses, in paragraph 0023, responsive to a data request from said first third party user, the data access control program directly providing said first third party user access only to said first data subset where responsive to a data request encompasses the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.  Fainor, in paragraph 0046, discloses providing a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second customer; in paragraph 0056, responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset ; in paragraph 0067, 0068 and 0094,, receiving at least one recommended process change or maintenance procedure from said first third party user, said recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset   Fainor is paragraph 0001, discloses the rationale of a quality management system. In response to applicant's arguments against the references individually, one cannot show nonobviousness by attacking references individually where the rejections are based on combinations of references.  See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986).
Applicant argues as follows: Although not believed to be needed for an allowance based on the above two separate arguments for allowance over the cited art, the Undersigned believes that dependent claim 2 (copied below) provides extra limitations that further distance the claimed invention from the cited art.  2.    (Previously presented) The method of claim 1, wherein said management computer further executes: responsive to a data request from said second third party user, the data access control program providing said second third party user access only to said second data subset, and wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers.
Examiner has rejected dependent claim 2 as obvious over Cairns, Fainor, Sullivan, and Brodersen.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Claim 1 recites “responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly  providing said first third party user access only to said first data subset.”  The amended claim language of “exclusive of any other action by the third party user directly” was not described so as to reasonable convey to a the data access control program exclusive of any other action by the third party user directly  providing said first third party user access only to said first data subset.  Applicant asserted that paragraph 0024 of Applicant’s disclosure supports the amended claim language of directly providing said first third part user access to said first data subset.  The data access control program 132 disclosed in paragraph 0024 formats data but does not disclose exclusive of any other action by the third party user directly  providing a user with access to the data.  Applicant’s FIG. 1 corresponds to the text of paragraph 0024.  In FIG. 1, the data access control program 132, customer data 140 142 144, and the third party user computer systems 170 172 174 are illustrated as communicating with each other only through network 150.
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
directly" in claims 1-20 is a relative term which renders the claim indefinite.  The term "directly" is not defined by the claim, the specification does not provide a standard for ascertaining the requisite degree, and one of ordinary skill in the art would not be reasonably apprised of the scope of the invention.  Does “directly providing” meant the data access control program buffers or stores the first data subset set to allow direct retrieval by a first third party user?  For applying art, in light of specification, the Examiner interprets the aforementioned limitation of “directly providing” to mean “providing”.  
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the 

Claims 1, 6, 8, 13, 15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Cairns (US20110087690), filed August 18, 2010, in view of Fainor (US20150088588), filed September 25, 2013, and Sullivan (US20090057424), filed on October 10, 2012. 
Regarding claim 1, Cairns discloses a method for controlling access to cloud data, comprising:
providing a cloud computing system having a customer database (Cairns FIG. 1 shows database 120; paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”; paragraph 0029, “The server 110 can treat a request to save an edited version of a file 131 as a request to store a new file, and can process the request as explained above in reference to FIG. 3.  The access control list for the edited version of the file can be copied from the access control list 134 for the unedited version of the file 131.  In this way, users who had permission to access the unedited version of the file 131 are granted the same permissions to access the edited version of the file.  [i.e., controlling access] Alternatively, an entirely new access control list can be created for the unedited version of the file.  For example, access rights to the edited version of the file can be created by the user who requested server 110 to store the edited version of the file. --- second customer data encompasses edited version of the file can be created by the user who requested server 110 to store the edited version of the file, first customer data encompasses unedited version of the file);
stored in cloud storage, and a management computer including a processor connected to a memory device, wherein said processor is configured to execute a data access control program (Cairns, paragraph 0025, “To determine if the user had the right to access the file 131, the server 110 can consult the file's access control list 134.  The access control list 134 can store information such as the names of users who are permitted to access the file 131, and the access rights granted to such users (e.g., read, edit, delete).  The access control list 134 can also store information indicating whether a user is required to verify his or her right to access the file, and can store the verification information such as a password, a small snippet of data taken from the file, or the checksum for a small snippet of data taken from the file.  If access to the file is not restricted (365), the server 110 can grant the user the right to access the file without challenging the user's credentials to view it (360).” [i.e. data access control program encompasses functionality of accessing data]) for implementing a data access control process, comprising (Cairns, paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”;  paragraph 0033, “general and special purpose microprocessors, and any one or more processors of any kind of digital computer.  a processor will receive instructions and data from a read-only memory or a random access memory or both.  at least one processor for executing instructions and one or more memory devices for storing instructions and data.”; FIG. 1 shows management computer/ server 110);
transmitting to said cloud computing system for use in the data access control program selections received from said first customer (Cairns, paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”; paragraph 0029, “an entirely new access control list can be created for the unedited version of the file.  For example, access rights to the edited version of the file can be created by the user who requested server 110 to store the edited version of the file;  paragraph 0028, selections encompasses users only permitted to have read-access to the file 131 and  users with access to a read-write copy of the file 131. [user request to server is a transmission; the access control list is stored via the server and via the cloud to a database so the selections must be transmitted to the cloud computing system especially in light of FIG. 1 which shows a user computer communicatively coupled to the database 120 via server and cloud]); 
responsive to a data request from said first third party user, the data access control program directly providing said first third party user access only to said first data subset (Cairns, paragraph 0023, “If, however, the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.” --- responsive to a data request encompasses the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134).
Cairns discloses providing a cloud computing system having a customer database; responsive to a data request from said first third party user, the data access control program directly providing said first third party user access only to said first data subset, but does not explicitly disclose providing a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset; receiving at least one recommended process change or maintenance procedure from said first third party user, said recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset.
However, in an analogous art, Fainor discloses providing a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second customer (Fainor, paragraph 0046, “Database Management System (DBMS) 208 is configured as a database for storing information associated with customers 201A-201C, third parties 202A-202C, and cloud system 203.  For example, DBMS 208 may be configured to store information on past issue resolution requests and their results, to store audit-related information for each issue resolution request, to maintain maps between steps and activities in a standard workflow and steps and activities in one or more customer workflows, to store contact information for each of customers 201A-201C and third parties 202A-202C, to store user information for customer 201A-201C (such as usernames, credentials, roles, or permissions), or the like.”);
responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset (Fainor, paragraph 0056, “third party 202A may request further information from customer 201A, such as a lot number for the goods with the quality issue, pictures of the quality issue, test data confirming the existence of the quality issue, or the like” --- exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset encompasses further information from customer 201A, such as a lot number for the goods with the quality issue, pictures of the quality issue, test data confirming the existence of the quality issue, or the like);
receiving at least one recommended process change or maintenance procedure from said first third party user, said recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset (Fainor, paragraph 0067, “Standard workflow 300 includes a set of states and activities. A state represents the status of a particular issue resolution process, initiated by a communication sent by one of a customer (e.g., customer 201A in FIG. 2) or a third party (e.g., third party 202A in FIG. 2).”; paragraph 0068, “The customer may approve a solution (such as a CAPA plan) received from the third party and send a communication to cloud device 203.  For example, assume third party 202A determines that needles provided to customer 201A break too easily.  Investigation 520B comprises, for example, photos, test data, documentation, recordings, or the like, concerning the quality issue.  Third party 202A then sends issue notification 520A and/or investigation 520B to cloud system 203 for forwarding to customer 201A.”; paragraph 0094, “CAPA plan 522 indicates a proposed plan by third party 202A for fixing the quality issue spotted by third party 202A.  Third party 202A sends CAPA plan to cloud system 203 for forwarding to customer 201A.”). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Fainor with the method of Cairns to include providing a cloud computing system having a customer database including first customer data for a first customer and second customer data for a 
One would have been motivated to provide users with the benefits of a quality management system (Fainor: paragraph 0001).
Cairns and Fainor disclose transmitting to said cloud computing system selections received from said first customer, but do not explicitly disclose the data is parametric data, transmitting to said cloud computing system selections received from said first customer comprising a selected first third party user and a selected second third party user; a first data restriction for said first third party user, and a second data restriction for said second third party user,  said first data restriction only permitting said first third party user access to a first data subset of said first customer data and said second data restriction only permitting said second third party user access to a second data subset of said first customer data.
However, in an analogous art, Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”);
for use in the data access control program selections received from said first customer comprising a selected first third party user and a selected second third party user (Sullivan, paragraph 0109, “A special Contractor labeled SysAdmin may be a user that has Contractor privileges that cannot be deleted, thereby assuring that HVAC control system 10 (FIG. 1) retains at least one user/contractor[i.e., first customer].”; paragraph 0116, “Web page 868 permits a user  with sufficient rights  to view and/or change the thermostats assigned to a particular user”; paragraph 120, “Clicking on Assigned Thermostats tab 828 may cause web server 38 (FIG. 2) to serve up web page 890, which is shown in FIG. 8I.  Web page 890 permits a user with sufficient rights [i.e., first customer] to view and/or change the thermostats assigned to a particular user.  As illustrated, web page 890 provides information pertaining to the user named Building Tenant [i.e., selected first third party user].”; paragraph 0117, “Clicking on Privileges tab 830 may cause web server 38 (FIG. 2) to serve up web page 878, which is shown in FIG. 8G.  Web page 878 permits a user with sufficient rights to view and/or change the privileges assigned to a particular user.  As illustrated, web page 878 provides information [i.e., second customer data] pertaining to the user named Building Engineer [i.e., selected second third party user].”);
a first data restriction for said first third party user, and a second data restriction for said second third party user, said first data restriction only permitting said first third party user access to a first data subset of said first customer parametric data and said second data restriction only permitting said second third party user access to a second data subset of said first customer parametric data (Sullivan, paragraph 110, “a contractor is a user that has all privileges assigned and that can perform all tasks”; paragraph 120, “Clicking on Assigned Thermostats tab 828 may cause web server 38 (FIG. 2) to serve up web page 890, which is shown in FIG. 8I.  Web page 890 permits a user with sufficient rights [i.e., first customer] to view and/or change the thermostats assigned to a particular user [i.e., first data restriction].  As illustrated, web page 890 provides information [i.e., a first data subset of said first customer data] pertaining to the user named Building Tenant [i.e., selected first third party user].”; paragraph 0117, “Clicking on Privileges tab 830 may cause web server 38 (FIG. 2) to serve up web page 878, which is shown in FIG. 8G.  Web page 878 permits a user with sufficient rights to view and/or change the privileges assigned to a particular user [i.e. second data restriction].  As illustrated, web page 878 provides information [i.e., second data subset of said first customer data] pertaining to the user named Building Engineer [i.e., selected second third party user].”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sullivan with the method of Cairns and Fainor to include said first data restriction only permitting said first third party user access to a first data subset of said first customer data and said second data restriction only permitting said second third party user access to a second data subset of said first customer data.  
One would have been motivated to provide users with the benefits of providing a summary page for a user or user class (Sullivan: paragraph 0039) and facilitating control from a remote location (Sullivan: paragraph 0001).
Regarding claim 6, Cairns, Fainor, and Sullivan disclose the method of claim 1.  Cairns discloses wherein said management computer further executes: responsive to (Cairns, paragraph 0019, “Server 110 can search database 120 for a file having a hash value 132 that is identical to the hash value sent from computer 100.”); retrieving said first customer data restriction for said first customer data (Cairns, paragraph 0019, “If, however, the user is permitted to access the server's copy of the file 131, server 110 can use the access control list 134 to determine any particular access right restrictions [i.e., customer data restriction] 134 of the file 131, such as password protection.”); determining a first security configuration for said first third party user based on said first customer data restriction; querying said first customer data using said first security configuration; generating said first data subset based on said querying of said first customer data using said first security configuration (Cairns, paragraph 0019, “If, however, the user is permitted to access the server's copy of the file 131, server 110 can use the access control list 134 to determine any particular access right restrictions 134 of the file 131, such as password protection.  If the file 131 has access right restrictions 134, the server 110 can send computer 100 a challenge to access file 131 [i.e., query using first security configuration].  For example, server 110 can request computer 100 to send a password for file 131, or a small snippet of data from the computer 100's own copy of the file to prove that the user of computer 100 already has access to the file.” --- first security configuration encompasses a password requirement or a snippet of data required); and transmitting said first data subset to said first third party user (Cairns, paragraph 0028, “If the user is permitted to access the file 131, the server 110 can send [i.e., transmit]  the user a copy of the file (411).  If the access control list 134 indicates the user [i.e., first third party user] is only permitted to have read-access to the file 131, the server 110 can send [i.e., transmit] the user a read-only copy of the file 131 [i.e., first data subset] .If the user is permitted to access the file 131, the server 110 can send the user a copy of the file (411).”).  Sullivan discloses the data is parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
Regarding claim 8, Cairns discloses a system for controlling access to cloud data, comprising: (Cairns, paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”; paragraph 0017, “cloud based service providers will allow multiple users to share that single copy provided they are authorized to access [i.e., controlling access] the data or files”; paragraph 0033, “general and special purpose microprocessors, and any one or more processors of any kind of digital computer.  a processor will receive instructions and data from a read-only memory or a random access memory or both.  at least one processor for executing instructions and one or more memory devices for storing instructions and data.”);
a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second customer stored in cloud storage (Cairns FIG. 1 shows database 120; paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”; paragraph 0029, “The server 110 can treat a request to save an edited version of a file 131 as a request to store a new file, and can process the request as explained above in reference to FIG. 3.  The access control list for the edited version of the file can be copied from the access control list 134 for the unedited version of the file 131.  In this way, users who had permission to access the unedited version of the file 131 are granted the same permissions to access the edited version of the file.  Alternatively, an entirely new access control list can be created for the unedited version of the file.  For example, access rights to the edited version of the file can be created by the user who requested server 110 to store the edited version of the file. --- second customer data encompasses edited version of the file can be created by the user who requested server 110 to store the edited version of the file, first customer data encompasses unedited version of the file);
a management computer including a processor connected to a memory device, wherein said processor executes a data access control program (Cairns, paragraph 0025, “To determine if the user had the right to access the file 131, the server 110 can consult the file's access control list 134.  The access control list 134 can store information such as the names of users who are permitted to access the file 131, and the access rights granted to such users (e.g., read, edit, delete).  The access control list 134 can also store information indicating whether a user is required to verify his or her right to access the file, and can store the verification information such as a password, a small snippet of data taken from the file, or the checksum for a small snippet of data taken from the file.  If access to the file is not restricted (365), the server 110 can grant the user the right to access the file without challenging the user's credentials to view it (360).” [i.e. data access control program encompasses functionality of accessing data])  to implement a data access control process, comprising (Cairns, paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”;  paragraph 0033, “general and special purpose microprocessors, and any one or more processors of any kind of digital computer.  a processor will receive instructions and data from a read-only memory or a random access memory or both.  at least one processor for executing instructions and one or more memory devices for storing instructions and data.”; FIG. 1 shows management computer/ server 110);
transmit to said cloud computing system for use in the data access control program selections received from said first customer (Cairns, paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”; paragraph 0029, “an entirely new access control list can be created for the unedited  of the file.  For example, access rights to the edited version of the file can be created by the user who requested server 110 to store the edited version of the file [user request to server is a transmission; the access control list is stored via the server and via the cloud to a database so the selections must be transmitted to the cloud computing system especially in light of FIG. 1 which shows a user computer communicatively coupled to the database 120 via server and cloud];  paragraph 0028, selected first third party user encompasses users only permitted to have read-access to the file 131; selected second third party user encompasses users with access to a read-write copy of the file 131);
responsive to a data request from said first third party user, the data access control program directly providing said first third party user access only to said first data subset (Cairns, paragraph 0023, “If, however, the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.” --- responsive to a data request encompasses the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134).
Cairns discloses providing a cloud computing system having a customer database, responsive to a data request from said first third party user, the data access control program directly providing exclusive of any other action by the third party user directly providing 
However, in an analogous art, Fainor discloses providing a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second customer (Fainor, paragraph 0046, “Database Management System (DBMS) 208 is configured as a database for storing information associated with customers 201A-201C, third parties 202A-202C, and cloud system 203.  For example, DBMS 208 may be configured to store information on past issue resolution requests and their results, to store audit-related information for each issue resolution request, to maintain maps between steps and activities in a standard workflow and steps and activities in one or more customer workflows, to store contact information for each of customers 201A-201C and third parties 202A-202C, to store user information for customer 201A-201C (such as usernames, credentials, roles, or permissions), or the like.”);
responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly providing (Fainor, paragraph 0056, “third party 202A may request further information from customer 201A, such as a lot number for the goods with the quality issue, pictures of the quality issue, test data confirming the existence of the quality issue, or the like” --- exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset encompasses further information from customer 201A, such as a lot number for the goods with the quality issue, pictures of the quality issue, test data confirming the existence of the quality issue, or the like);
receive at least one recommended process change or maintenance procedure from said first third party user, said recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset (Fainor, paragraph 0067, “Standard workflow 300 includes a set of states and activities. A state represents the status of a particular issue resolution process, initiated by a communication sent by one of a customer (e.g., customer 201A in FIG. 2) or a third party (e.g., third party 202A in FIG. 2).”;  paragraph 0068, “The customer may approve a solution (such as a CAPA plan) received from the third party and send a communication to cloud device 203.  For example, assume third party 202A determines that needles provided to customer 201A break too easily.  Investigation 520B comprises, for example, photos, test data, documentation, recordings, or the like, concerning the quality issue.  Third party 202A then sends issue notification 520A and/or investigation 520B to cloud system 203 for forwarding to customer 201A.”; paragraph 0094, “CAPA plan 522 indicates a proposed plan by third party 202A for fixing the quality issue spotted by third party 202A.  Third party 202A sends CAPA plan to cloud system 203 for forwarding to customer 201A.”). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Fainor with the system of Cairns to include a cloud computing system having a customer database including first customer data for a first customer and second customer data for a second customer; responsive to a data request from said first third party user, the data access control program exclusive of any other action by the third party user directly providing 
One would have been motivated to provide users with the benefits of a quality management system (Fainor: paragraph 0001).
Cairns and Fainor disclose transmit to said cloud computing system selections received from said first customer comprising selections, but does not explicitly disclose  the data is parametric data, transmit to said cloud computing system selections received from said first customer comprising a selected first third party user and a selected second third party user; a first data restriction for said first third party user, and a second data restriction for said second third party user, said first data restriction only permitting said first third party user access to a first data subset of said first customer data and said second 
However, in an analogous art, Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”);
transmit to said cloud computing system selections received from said first customer comprising a selected first third party user and a selected second third party user (Sullivan, paragraph 0109, “A special Contractor labeled SysAdmin may be a user that has Contractor privileges that cannot be deleted, thereby assuring that HVAC control system 10 (FIG. 1) retains at least one user/contractor. [i.e., a first customer]”; paragraph 0116, “Web page 868 permits a user with sufficient rights to view and/or change the thermostats assigned to a particular user”; paragraph 0109, “A special Contractor labeled SysAdmin may be a user that has Contractor privileges that cannot be deleted, thereby assuring that HVAC control system 10 (FIG. 1) retains at least one user/contractor. [i.e., first customer]”; paragraph 0116, “Web page 868 permits a user with sufficient rights  to view and/or change the thermostats assigned to a particular user”; paragraph 121, “Clicking on Assigned Thermostats tab 828 may cause web server 38 (FIG. 2) to serve up web page 890, which is shown in FIG. 8I.  Web page 890 permits a user with sufficient rights [i.e., first customer] to view and/or change the thermostats assigned to a particular user.  As illustrated, web page 890 provides information [i.e., first customer data] pertaining to the user named Building Tenant [i.e., selected first third party user].”; paragraph 0117, “Clicking on Privileges tab 830 may cause web server 38 (FIG. 2) to serve up web page 878, which is shown in FIG. 8G.  Web page 878 permits a user with sufficient rights to view and/or change the privileges assigned to a particular user.  As illustrated, web page 878 provides information [i.e., second customer data] pertaining to the user named Building Engineer [i.e., selected second third party user].”);
a first data restriction for said first third party user, and a second data restriction for said second third party user, said first data restriction only permitting said first third party user access to a first data subset of said first customer data and said second data restriction only permitting said second third party user access to a second data subset of said first customer data  (Sullivan, paragraph 0039; paragraph 0046,; paragraph 120, “Clicking on Assigned Thermostats tab 828 may cause web server 38 (FIG. 2) to serve up web page 890, which is shown in FIG. 8I.  Web page 890 permits a user with sufficient rights [i.e., first customer] to view and/or change the thermostats assigned to a particular user [i.e., first data restriction].  As illustrated, web page 890 provides information [i.e., first data subset of said first customer data] pertaining to the user named Building Tenant [i.e., selected first third party user].”; paragraph 0117, “Clicking on Privileges tab 830 may cause web server 38 (FIG. 2) to serve up web page 878, which is shown in FIG. 8G.  Web page 878 permits a user with sufficient rights to view and/or change the privileges assigned to a particular user [i.e. second data restriction].  As illustrated, web page 878 provides information [i.e., second data subset of said first customer data] pertaining to the user named Building Engineer [i.e., selected second third party user].”).

One would have been motivated to provide users with the benefits of providing a summary page for a user or user class (Sullivan: paragraph 0039) and facilitating control from a remote location (Sullivan: paragraph 0001).
Regarding claim 13, Cairns, Fainor, and Sullivan disclose the system of claim 8.  Cairns disclose wherein said data access control process further causes said management computer to: responsive to receiving said data request from said first third party user to access said first customer data (Cairns, paragraph 0019, “Server 110 can search database 120 for a file having a hash value 132 that is identical to the hash value sent from computer 100.”); retrieve said first customer data restriction for said first customer data (Cairns, paragraph 0019, “If, however, the user is permitted to access the server's copy of the file 131, server 110 can use the access control list 134 to determine any particular access right restrictions [i.e., customer data restriction] 134 of the file 131, such as password protection.”), determine a first security configuration for said first third party user based on said first customer data restriction; query said first customer data using said first security configuration; generate said first data subset based on said querying of said first customer data using said first security configuration (Cairns, paragraph 0019, “If, however, the user is permitted to access the server's copy of the file 131, server 110 can use the access control list 134 to determine any particular access right restrictions 134 of the file 131, such as password protection.  If the file 131 has access right restrictions 134, the server 110 can send computer 100 a challenge to access file 131 [i.e., query using first security configuration].  For example, server 110 can request computer 100 to send a password for file 131, or a small snippet of data from the computer 100's own copy of the file to prove that the user of computer 100 already has access to the file.” --- first security configuration encompasses a password requirement or a snippet of data required); and transmit said first data subset to said first third party user (Cairns, paragraph 0028, “If the user is permitted to access the file 131, the server 110 can send [i.e., transmit] the user a copy of the file (411).  If the access control list 134 indicates the user [i.e., first third party user] is only permitted to have read-access to the file 131, the server 110 can send [i.e., transmit] the user a read-only copy of the file 131 [i.e., first data subset] .If the user is permitted to access the file 131, the server 110 can send [i.e., transmit] the user a copy of the file (411).”).  Sullivan discloses the data is parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
Regarding claim 15, Cairns discloses a computer program product, comprising: a non-transitory data storage medium that includes program instructions executable by a processor to enable at least said processor to execute a data access control program (Cairns, paragraph 0025, “To determine if the user had the right to access the file 131, the server 110 can consult the file's access control list 134.  The access control list 134 can store information such as the names of users who are permitted to access the file 131, and the access rights granted to such users (e.g., read, edit, delete).  The access control list 134 can also store information indicating whether a user is required to verify his or her right to access the file, and can store the verification information such as a password, a small snippet of data taken from the file, or the checksum for a small snippet of data taken from the file.  If access to the file is not restricted (365), the server 110 can grant the user the right to access the file without challenging the user's credentials to view it (360).” [i.e. data access control program encompasses functionality of accessing data])  for implementing a method of controlling access to cloud data, said computer program product comprising: (Cairns, paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”;  paragraph 0017, “cloud based service providers will allow multiple users to share that single copy provided they are authorized to access the data or files[i.e., controlling access]”; paragraph 0033, “general and special purpose microprocessors, and any one or more processors of any kind of digital computer.  a processor will receive instructions and data from a read-only memory or a random access memory or both.  at least one processor for executing instructions and one or more memory devices for storing instructions and data.”);
code for transmitting to a cloud computing system selections received from a first customer comprising selections for use in the data access control program (Cairns, paragraph 0007, “The cloud-based server receives a request from a user to store a file on the server.”; paragraph 0029, “an entirely new access control list can be created for the unedited version of the file.  For example, access rights to the edited version of the file can be created by the user who requested server 110 to store the edited version of the file” [user request to server is a transmission; the access control list is stored via the server and via the cloud to a database so the selections must be transmitted to the cloud computing system especially in light of FIG. 1 which shows a user computer communicatively coupled to the database 120 via server and cloud]);
responsive to a data request from said first third party user, the data access control program directly providing said first third party user access only to said first data subset (Cairns, paragraph 0007, “The cloud-based server receives a request from a user [i.e., first customer] to store a file on the server.  The cloud-based server also receives from the user a hash value for the file.  The server then determines whether a file with a hash value that is identical to the received hash value is already stored on the server.  If a file with a hash value that is identical to the received has value is already stored on the server, the server grants the user [i.e. first third party user] access to the server's copy  [i.e., first data subset] of the file.”; paragraph 0023, “If, however, the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.” --- responsive to a data request encompasses the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134).
Cairns discloses first party user of a first data subset; responsive to a data request from said first third party user, code for directly providing said first third party user access only to said first data subset, but does not explicitly disclose responsive to a data request exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset; receiving at least one recommended process change or maintenance procedure from said first third party user, said at least one recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset.
However, in an analogous art, Fainor discloses responsive to a data request from said first third party user, code for exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset (Fainor, paragraph 0056, “third party 202A may request further information from customer 201A, such as a lot number for the goods with the quality issue, pictures of the quality issue, test data confirming the existence of the quality issue, or the like” --- exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset encompasses further information from customer 201A, such as a lot number for the goods with the quality issue, pictures of the quality issue, test data confirming the existence of the quality issue, or the like);
receiving at least one recommended process change or maintenance procedure from said first third party user, said at least one recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset (Fainor, paragraph 0067, “Standard workflow 300 includes a set of states and activities. A state represents the status of a particular issue resolution process, initiated by a communication sent by one of a customer (e.g., customer 201A in FIG. 2) or a third party (e.g., third party 202A in FIG. 2).”;  paragraph 0068, “The customer may approve a solution (such as a CAPA plan) received from the third party and send a communication to cloud device 203.  For example, assume third party 202A determines that needles provided to customer 201A break too easily.  Investigation 520B comprises, for example, photos, test data, documentation, recordings, or the like, concerning the quality issue.  Third party 202A then sends issue notification 520A and/or investigation 520B to cloud system 203 for forwarding to customer 201A.”; paragraph 0094, “CAPA plan 522 indicates a proposed plan by third party 202A for fixing the quality issue spotted by third party 202A.  Third party 202A sends CAPA plan to cloud system 203 for forwarding to customer 201A.”).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Fainor with the system/method/ computer program product of Cairns to include responsive to a data request from said first third party user, code for exclusive of any other action by the third party user directly providing said first third party user access only to said first data subset; receive at least one recommended process change or maintenance procedure from said first third party user, said at least one recommended process change or maintenance procedure based on analysis by said first third party user of said first data subset.
One would have been motivated to provide users with the benefits of a quality management system (Fainor: paragraph 0001).
Cairns and Fainor disclose code for transmitting to a cloud computing system selections received from a first customer comprising selections, but do not explicitly the data is parametric data, disclose code for transmitting to a cloud computing system selections received from a first customer for use in the data access control program comprising a selected first third party user and a selected second third party user; a first data restriction for said first third party user, and a second data restriction for said second parametric data stored in cloud storage and said second data restriction only permitting said second third party user access to a second data subset of said first customer parametric data.
However, in an analogous art, Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”);
code for transmitting to a cloud computing system selections received from a first customer for use in the data access control program comprising a selected first third party user and a selected second third party user (Sullivan, paragraph 0109, “A special Contractor labeled SysAdmin may be a user that has Contractor privileges that cannot be deleted, thereby assuring that HVAC control system 10 (FIG. 1) retains at least one user/contractor [i.e., first customer].”; paragraph 0116, “Web page 868 permits a user with sufficient rights  to view and/or change the thermostats assigned to a particular user”; paragraph 121, “Clicking on Assigned Thermostats tab 828 may cause web server 38 (FIG. 2) to serve up web page 890, which is shown in FIG. 8I.  Web page 890 permits a user with sufficient rights [i.e., first customer] to view and/or change the thermostats assigned to a particular user.  As illustrated, web page 890 provides information [i.e., first customer data] pertaining to the user named Building Tenant [i.e., selected first third party user].”; paragraph 0117, “Clicking on Privileges tab 830 may cause web server 38 (FIG. 2) to serve up web page 878, which is shown in FIG. 8G.  Web page 878 permits a user with sufficient rights to view and/or change the [i.e., second customer data] privileges assigned to a particular user.  As illustrated, web page 878 provides information pertaining to the user named Building Engineer [i.e., selected second third party user].”);
 a first data restriction for said first third party user, and a second data restriction for said second third party user, said first data restriction only permitting said first third party user access to a first data subset of first customer parametric data stored in cloud storage and said second data restriction only permitting said second third party user access to a second data subset of said first customer parametric data (Sullivan, paragraph 0039; paragraph 0046,; paragraph 120, “Clicking on Assigned Thermostats tab 828 may cause web server 38 (FIG. 2) to serve up web page 890, which is shown in FIG. 8I.  Web page 890 permits a user with sufficient rights to view and/or change the thermostats assigned to a particular user [i.e., first data restriction].  As illustrated, web page 890 provides information [i.e., first data subset of a first customer data] pertaining to the user named Building Tenant [i.e., selected first third party user].”; paragraph 0117, “Clicking on Privileges tab 830 may cause web server 38 (FIG. 2) to serve up web page 878, which is shown in FIG. 8G.  Web page 878 permits a user with sufficient rights to view and/or change the privileges [i.e. second data restriction] assigned to a particular user [i.e. second customer].  As illustrated, web page 878 provides information [i.e. second data subset of said first customer data] pertaining to the user named Building Engineer [i.e., selected second third party user].”).
for use in the data access control program comprising a selected first third party user and a selected second third party user; a first data restriction for said first third party user, and a second data restriction for said second third party user, said first data restriction only permitting said first third party user access to a first data subset of first customer parametric data stored in cloud storage and said second data restriction only permitting said second third party user access to a second data subset of said first customer parametric data.
One would have been motivated to provide users with the benefits of providing a summary page for a user or user class (Sullivan: paragraph 0039) and facilitating control from a remote location (Sullivan: paragraph 0001).
Claims 2, 9, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Cairns (US20110087690), filed August 18, 2010, in view of Fainor (US20150088588), filed September 25, 2013, and Sullivan (US20090057424), filed on October 10, 2012, and further in view of Brodersen (US20180225629), filed February 9, 2017. 
Regarding claim 2, Cairns, Fainor, and Sullivan disclose the method for claim 1.  Sullivan discloses responsive to a data request from said second third party user, the data access control program providing said second third party user access only to said second data subset (Sullivan, paragraph 0110, “In the illustrative embodiment, a Contractor is a user that has all privileges assigned and that can perform all tasks.  Moreover, a Contractor [i.e., first customer]  may delete a user having any role or class.  A Facilities Manager is, for example, a building engineer [i.e., second third party user] that maintains HVAC equipment and that monitors the HVAC equipment [i.e., access only to second subset of data] with the help of building control appliance 12 (FIG. 2).  In the illustrative embodiment, a Facilities Manager may only delete Tenants and other Facilities Managers.  A Tenant [i.e., first third party user] only has access to the thermostats that are Assigned [i.e., first access only to first subset of data] to the particular Tenant.” --- in order for the building engineer [i.e., second third party user] to monitor the HVAC equipment, the building engineer makes a data request).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers.
However, in an analogous art, Brodersen discloses wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers (Brodersen, paragraph 0022, “Each of the illustrated entities 105, 110, 115, and 120 may correspond to a computer system through which the corresponding correspond party communicates with component tracking systems 125.  In this regard, the computer systems may execute client-side instruction code that facilitates communications with the component tracking systems 125.  These and other operations of the computer systems are described below.”; paragraph 0052, “For example, a computer system such as a computer system associated with an equipment manufacturer 105 and/or an equipment maintainer 115 may execute client side instruction code for both communicating with the component tracking system 125 and for generating BOM transactions.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sullivan with the system of Cairns, Fainor, and Sullivan to include wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers.
One would have been motivated to provide users with the benefits of tracking components in real time (Brodersen: paragraph 0001).
Regarding claim 9, Cairns, Fainor, and Sullivan disclose the system of claim 8.  Sullivan discloses wherein said data access control process further causes said management computer to: responsive to a data request from said second third party user, the data access control program provide said second third party user access only to said second data subset (Sullivan, paragraph 0109, “A special Contractor labeled SysAdmin may be a user that has Contractor privileges that cannot be deleted, thereby assuring that HVAC control system 10 (FIG. 1) retains at least one user/contractor.”; paragraph 0116, “Web page 868 permits a user [e.g., contractor or SysAdmin, a first customer] with sufficient rights  to view and/or change the thermostats assigned to a particular user”;   paragraph 0110, “In the illustrative embodiment, a Contractor is a user that has all privileges assigned and that can perform all tasks.  Moreover, a Contractor [i.e., first customer] may delete a user having any role or class.  A Facilities Manager is, for example, a building engineer [i.e., second third party user] that maintains HVAC equipment and that monitors the HVAC equipment [i.e., access only to second subset of data] with the help of building control appliance 12 (FIG. 2).  In the illustrative embodiment, a Facilities Manager may only delete Tenants and other Facilities Managers.  A Tenant [i.e., first third party user] only has access to the thermostats that are Assigned [i.e., first access only to first subset of data] to the particular Tenant.” --- in order for the building engineer [i.e., second third party user] to monitor the HVAC equipment, the building engineer makes a data request).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers.
However, in an analogous art, Brodersen discloses wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers (Brodersen, paragraph 0022, “Each of the illustrated entities 105, 110, 115, and 120 may correspond to a computer system through which the corresponding correspond party communicates with component tracking systems 125.  In this regard, the computer systems may execute client-side instruction code that facilitates communications with the component tracking systems 125.  These and other operations of the computer systems are described below.”; paragraph 0052, “For example, a computer system such as a computer system associated with an equipment manufacturer 105 and/or an equipment maintainer 115 may execute client side instruction code for both communicating with the component tracking system 125 and for generating BOM transactions.”).
.Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sullivan with wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers.
One would have been motivated to provide users with the benefits of tracking components in real time (Brodersen: paragraph 0001).
Regarding claim 16, Cairns, Fainor, and Sullivan disclose the computer program product of claim 15.  Sullivan discloses wherein said computer program product further comprises: responsive to a data request from said second third party user, code for providing said second third party user access only to said second data subset (Sullivan, paragraph 0109, “A special Contractor labeled SysAdmin may be a user that has Contractor privileges that cannot be deleted, thereby assuring that HVAC control system 10 (FIG. 1) retains at least one user/contractor.”; paragraph 0116, “Web page 868 permits a user with sufficient rights  to view and/or change the thermostats assigned to a particular user”; paragraph 0110, “In the illustrative embodiment, a Contractor is a user that has all privileges assigned and that can perform all tasks.  Moreover, a Contractor [i.e., first customer]  may delete a user having any role or class.  A Facilities Manager is, for example, a building engineer [i.e., second third party user] that maintains HVAC equipment and that monitors the HVAC equipment [i.e., access only to second subset of data] with the help of building control appliance 12 (FIG. 2).  In the illustrative embodiment, a Facilities Manager may only delete Tenants and other Facilities Managers.  A Tenant [i.e., first third party user] only has access to the thermostats that are Assigned [i.e., first access only to first subset of data] to the particular Tenant.” --- in order for the building engineer [i.e., second third party user] to monitor the HVAC equipment, the building engineer makes a data request).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers.
However, in an analogous art, Brodersen discloses wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers (Brodersen, paragraph 0022, “Each of the illustrated entities 105, 110, 115, and 120 may correspond to a computer system through which the corresponding correspond party communicates with component tracking systems 125.  In this regard, the computer systems may execute client-side instruction code that facilitates communications with the component tracking systems 125.  These and other operations of the computer systems are described below.”; paragraph 0052, “For example, a computer system such as a computer system associated with an equipment manufacturer 105 and/or an equipment maintainer 115 may execute client side instruction code for both communicating with the component tracking system 125 and for generating BOM transactions.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sullivan with the system of Cairns, Fainor, and Sullivan to include wherein said selected first third party user and said selected second third party user both comprise equipment manufacturers.
One would have been motivated to provide users with the benefits of tracking components in real time (Brodersen: paragraph 0001).
Claims 3, 10, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Cairns (US20110087690), filed August 18, 2010, in view of Fainor (US20150088588), filed September 25, 2013, and Sullivan (US20090057424), filed on October 10, 2012, and further in view of Wall (US 20150135327), filed November 8, 2013. 
Regarding claim 3, Cairns, Fainor, and Sullivan disclose the method of claim 1.
Cairns discloses wherein said management computer further executes: responsive to said data request from said first third party user (Cairns, paragraph 0023, “If, however, the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.  Moreover, if the access control list 134 indicates that users must verify their right to access the file 131, the server 110 can issue the user challenge outlined above to ensure that only authorized users gain access to the file 131.” --- responsive to a data request encompasses users must verify their right to access the file 131; access only to said first data subset encompasses gain access to file 131).
Cairns, Fainor, and Sullivan do not explicitly disclose determining if a third data restriction permits access by said first third party user to said first data subset and said second data subset; and responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset, providing said first third party user access to said first data subset and said second data subset.
However, in an analogous art, Wall discloses code for determining if a third data restriction permits access by said first third party user to said first data subset and said (Wall, paragraph 0082, “Specifically, retrieval module 38e queries database 20 for entries of table 70 with the determined ENC_ID [i.e., determining if a third data restriction permits access by said third party user].  In block S380, the corresponding row is then returned and loaded into memory.”); and
responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset (Wall, paragraph 0082, “With the unique identifying data and one-way function 72 and salt 74 loaded, in block S360, retrieval module 38e applies one-way function 72 to the unique identifying data and salt 74, to determine the ENC_ID to the loaded LINK_KEY value.” [i.e. determining that the third data restriction permits access], providing said first third party user access to said first data subset and said second data subset (Wall, paragraph 0082, “In block S380, the corresponding row is then returned and loaded into memory.  In block S380, the returned row is combined with the selected row of table 68 and the filtered image combined with the image snippet to re-construct the requested statement image 42.  The reconstructed statement image [i.e. third party user access to said first data subset and said second data subset] is then sent to the client computer at block S390.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wall with the method of Cairns, Fainor, and Sullivan to include determining if a third data restriction permits access by said first third party user to said first data subset and said second data subset; and responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset, providing said first third party user access to said first data subset and said second data subset.
(Wall: paragraph 0002).
Regarding claim 10, Cairns, Fainor, and Sullivan disclose the system of claim 8.
Cairns discloses wherein said data access control process further causes said management computer to: responsive to said third said first third party user (Cairns, paragraph 0023, “If, however, the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.  Moreover, if the access control list 134 indicates that users must verify their right to access the file 131, the server 110 can issue the user challenge outlined above to ensure that only authorized users gain access to the file 131.” --- responsive to a data request encompasses users must verify their right to access the file 131; access only to said first data subset encompasses gain access to file 131).
Cairns, Fainor, and Sullivan do not explicitly disclose determine if a third data restriction permits access by said first third party user to said first data subset and said second data subset; and responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset, provide said first third party user access to said first data subset and said second data subset.
However, in an analogous art, Wall discloses determine if a third data restriction permits access by said first third party user to said first data subset and said second data subset (Wall, paragraph 0082, “Specifically, retrieval module 38e queries database 20 for entries of table 70 with the determined ENC_ID [i.e., determining if a third data restriction permits access by said third party user].  In block S380, the corresponding row is then returned and loaded into memory.”); and responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset (Wall, paragraph 0082, “With the unique identifying data and one-way function 72 and salt 74 loaded, in block S360, retrieval module 38e applies one-way function 72 to the unique identifying data and salt 74, to determine the ENC_ID to the loaded LINK_KEY value.” [i.e. determining that the third data restriction permits access]), provide said first third party user access to said first data subset and said second data subset (Wall, paragraph 0082, “In block S380, the corresponding row is then returned and loaded into memory.  In block S380, the returned row is combined with the selected row of table 68 and the filtered image combined with the image snippet to re-construct the requested statement image 42[i.e. third party user access to said first data subset and said second data subset].  The reconstructed statement image is then sent to the client computer at block S390.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wall with the system of Cairns, Fainor, and Sullivan to include determine if a third data restriction permits access by said first third party user to said first data subset and said second data subset; and responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset, provide said first third party user access to said first data subset and said second data subset.
(Wall: paragraph 0002).
Regarding claim 17, Cairns, Fainor, and Sullivan disclose the computer program product of claim 15.
Cairns discloses wherein said computer program product further comprises: responsive to said data request from said first third party user (Cairns, paragraph 0023, “If, however, the access control list 134 indicates that only specified users are permitted to access the file 131, the server 110 may limit access to only those users who are listed in the file's 131 access control list 134.  Moreover, if the access control list 134 indicates that users must verify their right to access the file 131, the server 110 can issue the user challenge outlined above to ensure that only authorized users gain access to the file 131.” --- responsive to a data request encompasses users must verify their right to access the file 131; access only to said first data subset encompasses gain access to file 131). 
Cairns, Fainor and Sullivan do not explicitly disclose code for determining if a third data restriction permits access by said first third party user to said first data subset and said second data subset; and responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset, said code for providing said first third party user access to said first data subset and said second data subset.
However, in an analogous art, Wall discloses code for determining if a third data restriction permits access by said first third party user to said first data subset and said second data subset (Wall, paragraph 0082, “Specifically, retrieval module 38e queries database 20 for entries of table 70 with the determined ENC_ID .  In block S380, the corresponding row is then returned and loaded into memory.”); and
responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset (Wall, paragraph 0082, “With the unique identifying data and one-way function 72 and salt 74 loaded, in block S360, retrieval module 38e applies one-way function 72 to the unique identifying data and salt 74, to determine the ENC_ID to the loaded LINK_KEY value.” [i.e. determining that the third data restriction permits access]), said code for providing said first third party user access to said first data subset and said second data subset (Wall, paragraph 0082, “In block S380, the corresponding row is then returned and loaded into memory.  In block S380, the returned row is combined with the selected row of table 68 and the filtered image combined with the image snippet to re-construct the requested statement image 42[i.e. third party user access to said first data subset and said second data subset].  The reconstructed statement image is then sent to the client computer at block S390.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wall with the computer program product of Cairns, Fainor, and Sullivan to include code for determining if a third data restriction permits access by said first third party user to said first data subset and said second data subset; and responsive to determining that said third data restriction permits access by said first third party user to said first data subset and said second data subset, said code for providing said first third party user access to said first data subset and said second data subset.
(Wall: paragraph 0002).

Claims 4, 11, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Cairns (US20110087690), filed August 18, 2010, in view of Fainor (US20150088588), filed September 25, 2013, and Sullivan (US20090057424), filed on October 10, 2012, and further in view of Wilson (US 20070244571) , filed October 28, 2005. 
Regarding claim 4, Cairns, Fainor, and Sullivan disclose the method of claim 1.
Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose wherein said first customer data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility.
However, in an analogous art, Wilson discloses wherein said first customer data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility (Wilson, paragraph 0008, “Such environment generally includes control modules that receive process status information, including event data, from input/output modules coupled to field devices.”; paragraph 0020, “an exemplary simple industrial control system arrangement/environment is depicted wherein an exemplary sequence of events recorder facility is incorporated.  A workstation 102, comprising a variety of field device configuration and monitoring applications, including a sequence of events facility, provides an operator/engineering interface through which an engineer/technician monitors the components of a control system.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wilson with the method of Cairns, Fainor, and Sullivan to include, wherein said first customer data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility.
One would have been motivated to provide users with the benefits of providing facilitated logs of event data in industrial process (Wilson: paragraphs 0008-0010). 


Regarding claim 11, Cairns, Fainor, and Sullivan disclose the system of claim 8.
Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
parametric data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility.
However, in an analogous art, Wilson discloses wherein said first customer data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility (Wilson, paragraph 0008, “Such environment generally includes control modules that receive process status information, including event data, from input/output modules coupled to field devices.”; paragraph 0020, “an exemplary simple industrial control system arrangement/environment is depicted wherein an exemplary sequence of events recorder facility is incorporated.  A workstation 102, comprising a variety of field device configuration and monitoring applications, including a sequence of events facility, provides an operator/engineering interface through which an engineer/technician monitors the components of a control system.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wilson with the system of Cairns, Fainor, and Sullivan to include, wherein said first customer data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility.
One would have been motivated to provide users with the benefits of providing facilitated logs of event data in industrial process (Wilson: paragraphs 0008-0010).
Regarding claim 18, Cairns, Fainor, and Sullivan disclose the computer program product of claim 15.
Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose wherein said first customer parametric data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility.
However, in an analogous art, Wilson discloses wherein said first customer parametric data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility (Wilson, paragraph 0008, “Such environment generally includes control modules that receive process status information, including event data, from input/output modules coupled to field devices.”; paragraph 0020, “an exemplary simple industrial control system arrangement/environment is depicted wherein an exemplary sequence of events recorder facility is incorporated.  A workstation 102, comprising a variety of field device configuration and monitoring applications, including a sequence of events facility, provides an operator/engineering interface through which an engineer/technician monitors the components of a control system.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wilson with the computer program product of Cairns, Fainor, and Sullivan to include wherein said first customer parametric data includes industrial process facility data about at least one industrial process facility that is received from a plurality of field devices in said at least one industrial process facility. 
One would have been motivated to provide users with the benefits of providing facilitated logs of event data in industrial process (Wilson: paragraphs 0008-0010). 

Claims 5, 12, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Cairns (US20110087690), filed August 18, 2010, in view of Fainor (US20150088588), filed September 25, 2013, and Sullivan (US20090057424), filed on October 10, 2012, and further in view of Rastogi (US20160034654), filed August 4, 2015, and Wookey (US 20040230442) , filed October 22, 2003. 
Regarding claim 5, Cairns, Fainor, and Sullivan disclose the method of claim 1.  Cairns discloses wherein said management computer further executes: receiving a selection of at least one of said third party users to access said first customer data from said first customer computer system (Cairns, paragraph 0029, “The access control list for the edited version of the file can be copied from the access control list 134 for the unedited version of the file 131.  In this way, users who had permission to access the unedited version of the file 131 are granted the same permissions to access the edited version of the file.  Alternatively, an entirely new access control list can be created for the unedited version of the file.  For example, access rights to the edited version of the file can be created by the user [i.e., receiving a selection of at least one of said third party users to access said first customer data] who requested server 110 to store the edited version of the file.”).
Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose transmitting a plurality of third party users to said first customer via a first customer computer system.
However, in an analogous art, Rastogi discloses transmitting a plurality of third party users to said first customer via a first customer computer system (Rastogi, paragraph 0020, “According further to the method of the third aspect of the invention, the linked third party users include a plurality of physicians or health professionals, and the medical information received by the user comprises a list of the linked third party users [i.e., transmitting a plurality of third party users to said first customer].  The method may further comprise sending and/or receiving communications within the application executed on the mobile device, to or from the patient, and sending and/or receiving communications within the application executed on the mobile device, to or from one or more of the linked third party users [i.e., via a first customer computer system].  The method may further comprise scheduling an event or notification relating to the patient, and transmitting a reminder message relating to the event or notification to the second mobile device at the scheduled time.”)..
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Rastogi with the method of Cairns, Fainor, and Sullivan to include, transmitting a plurality of data restriction types and properties to said first customer via said first customer computer system.
One would have been motivated to provide users with the benefits optimizing the health care provided by using a patent-centered approach which coordinates the activities of healthcare providers (Rastogi, paragraph 0008).
Cairns, Fainor, Sullivan, and Rastogi discloses transmitting to said first customer via said first customer computer, but do not explicitly disclose transmitting a plurality of data restriction types and properties to said first customer via said first customer computer system.
However, in an analogous art, Wookey discloses transmitting a plurality of data restriction types and properties to said first customer via said first customer computer system  (Wookey, abstract, “A subscriber subscribes to a datatype, the datatype having a predetermined runtime property that restricts use of the datatype.”; “The data processing system comprises: a memory having a program that subscribes a subscriber to a datatype, the datatype having a predetermined runtime property that restricts use of the datatype, the datatype being associated with a data referenced in the datatype and maintained separate from the datatype, receiving the datatype responsive to the subscription, determines whether the runtime properties are valid, determines whether a user of the subscriber has permission to access the data referenced in the datatype if the runtime properties are valid, and provides the user access to the data if the user has permission to access the data; and a processing unit that runs the program.”; paragraph 0102, “Retrieve a Client Data Interface (CDI) for the client module.  Retrieves for the client a CDI object that comprises the client itself, the data types to which the client subscribes, the data types that the client can publish, and the data types that the client can query.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wookey with the method of Cairns, Fainor, Sullivan and Rastogi to include, transmitting a plurality of data restriction types and properties to said first customer via said first customer computer system, to provide users with access (Wookey: abstract).
Regarding claim 12, Cairns, Fainor, and Sullivan disclose the system of claim 8.  Sullivan discloses wherein said data access control process further causes said management computer to: transmit a plurality of third party users to said first customer via a first customer computer system; receive a selection of at least one of said third party users to access said first customer data from said first customer computer system (Cairns, paragraph 0029, “The access control list for the edited version of the file can be copied from the access control list 134 for the unedited version of the file 131.  In this way, users who had permission to access the unedited version of the file 131 are granted the same permissions to access the edited version of the file.  Alternatively, an entirely new access control list can be created for the unedited version of the file.  For example, access rights to the edited version of the file can be created by the user [i.e., receiving a selection of at least one of said third party users to access said first customer data] who requested server 110 to store the edited version of the file.”).
Sullivan discloses parametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose transmit a plurality of third party users to said first customer via a first customer computer system.
However, in an analogous art, Rastogi discloses transmit a plurality of third party users to said first customer via a first customer computer system (Rastogi, paragraph 0020, “According further to the method of the third aspect of the invention, the linked third party users include a plurality of physicians or health professionals, and the medical information received by the user comprises a list of the linked third party users [i.e., transmitting a plurality of third party users to said first customer].  The method may further comprise sending and/or receiving communications within the application executed on the mobile device, to or from the patient, and sending and/or receiving communications within the application executed on the mobile device, to or from one or more of the linked third party users [i.e., via a first customer computer system].  The method may further comprise scheduling an event or notification relating to the patient, and transmitting a reminder message relating to the event or notification to the second mobile device at the scheduled time.”)..
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Rastogi with the method of Cairns, Fainor, and Sullivan to include, transmitting a plurality of data restriction types and properties to said first customer via said first customer computer system.
One would have been motivated to provide users with the benefits optimizing the health care provided by using a patent-centered approach which coordinates the activities of healthcare providers (Rastogi, paragraph 0008).
Cairns, Fainor, Sullivan, and Rastogi disclose transmit to said first customer via said first customer computer system, but do not explicitly disclose transmit a plurality of data restriction types and properties to said first customer via said first customer computer system.
However, in an analogous art, Wookey discloses transmit a plurality of data restriction types and properties to said first customer via said first customer computer system  (Wookey, abstract, “A subscriber subscribes to a datatype, the datatype having a predetermined runtime property that restricts use of the datatype.”; “The data processing system comprises: a memory having a program that subscribes a subscriber to a datatype, the datatype having a predetermined runtime property that restricts use of the datatype, the datatype being associated with a data referenced in the datatype and maintained separate from the datatype, receiving the datatype responsive to the subscription, determines whether the runtime properties are valid, determines whether a user of the subscriber has permission to access the data referenced in the datatype if the runtime properties are valid, and provides the user access to the data if the user has permission to access the data; and a processing unit that runs the program.”; paragraph 0102, “Retrieve a Client Data Interface (CDI) for the client module.  Retrieves for the client a CDI object that comprises the client itself, the data types to which the client subscribes, the data types that the client can publish, and the data types that the client can query.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wookey with the system of Cairns, Fainor, Sullivan, and Rastogi to include, transmit a plurality of data restriction types and properties to said first customer via said first customer computer system, to provide users with access (Wookey: abstract).
Regarding claim 19, Cairns, Fainor, and Sullivan disclose the computer program product of claim 15.  Cairns discloses wherein said computer program product further comprises: code for receiving a selection of at least one of said third party users to access said first customer data from said first customer computer system (Cairns, paragraph 0029, “The access control list for the edited version of the file can be copied from the access control list 134 for the unedited version of the file 131.  In this way, users who had permission to access the unedited version of the file 131 are granted the same permissions to access the edited version of the file.  Alternatively, an entirely new access control list can be created for the unedited version of the file.  For example, access rights to the edited version of the file can be created by the user [i.e., receiving a selection of at least one of said third party users to access said first customer data] who requested server 110 to store the edited version of the file.”).
arametric data (Sullivan, paragraph 0157, “At block 1208, the user may be permitted to click on a particular building control device image displayed on the graphical floor plan in order to display control parameters of the building control device represented by the particular building control device image, as referenced at block 1210.  Control parameters that may be displayed in this fashion include one or more of temperature data, humidity data and/or schedule data.”).  The motivation is the same as that of the claim from which this claim depends.
Cairns, Fainor, and Sullivan do not explicitly disclose code for transmitting a plurality of third party users to said first customer via a first customer computer system.
However, in an analogous art, Rastogi discloses code for transmitting a plurality of third party users to said first customer via a first customer computer system (Rastogi, paragraph 0020, “According further to the method of the third aspect of the invention, the linked third party users include a plurality of physicians or health professionals, and the medical information received by the user comprises a list of the linked third party users [i.e., transmitting a plurality of third party users to said first customer].  The method may further comprise sending and/or receiving communications within the application executed on the mobile device, to or from the patient, and sending and/or receiving communications within the application executed on the mobile device, to or from one or more of the linked third party users [i.e., via a first customer computer system].  The method may further comprise scheduling an event or notification relating to the patient, and transmitting a reminder message relating to the event or notification to the second mobile device at the scheduled time.”)..

One would have been motivated to provide users with the benefits optimizing the health care provided by using a patent-centered approach which coordinates the activities of healthcare providers (Rastogi, paragraph 0008).
Cairns, Fainor, Rastogi, and Sullivan disclose code for transmitting to said first customer via a first customer computer system, but do not explicitly disclose code for transmitting a plurality of data restriction types and properties to said first customer via said first customer computer system.
However, in an analogous art, Wookey discloses code for transmitting a plurality of data restriction types and properties to said first customer via said first customer computer system (Wookey, abstract, “A subscriber subscribes to a datatype, the datatype having a predetermined runtime property that restricts use of the datatype.”; “The data processing system comprises: a memory having a program that subscribes a subscriber to a datatype, the datatype having a predetermined runtime property that restricts use of the datatype, the datatype being associated with a data referenced in the datatype and maintained separate from the datatype, receiving the datatype responsive to the subscription, determines whether the runtime properties are valid, determines whether a user of the subscriber has permission to access the data referenced in the datatype if the runtime properties are valid, and provides the user access to the data if the user has permission to access the data; and a processing unit that runs the program.”; paragraph 0102, “Retrieve a Client Data Interface (CDI) for the client module.  Retrieves for the client a CDI object that comprises the client itself, the data types to which the client subscribes, the data types that the client can publish, and the data types that the client can query.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Wookey with the computer program product of Cairns, Fainor, Sullivan, and Rastogi to include, transmit a plurality of data restriction types and properties to said first customer via said first customer computer system.
One would have been motivated to provide users with the benefits of managing intellectual capital (Wookey; paragraph 0024). 





Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 5712705002.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/W.J.M/Examiner, Art Unit 2439           



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439