Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This is in response to the amendments filed on 7/30/2021. Claims 1, 2, 8, 9, 12, 13, 17, 19, and 20 have been amended. Claims 1-21 are currently pending and have been considered below. 

Terminal Disclaimer
The terminal disclaimer filed on 7/30/2021 disclaiming the terminal portion of any patent granted on this application which would extend beyond the expiration date of U.S. Patent No. 10,129,370 has been reviewed and is accepted.  The terminal disclaimer has been recorded.

Response to Arguments
Applicant's arguments filed 7/30/2021 have been fully considered but they are not persuasive. On page 9 of Remarks, Applicant asserts that Kothari does not teach “… a mapping that maps input fields to a byte range within a body of a payload generated by the client device in response to submitting information within the one or more input fields [within the graphical user interface]”. The examiner respectfully disagrees.
“For example, DATA FIELD 1 is a numeric field of length 10 characters. Characters 8 through 10 of DATA FIELD 1 needs to be retained in its original form”, which establishes that the specific byte range is used to anonymize data. 
By way of the present amendment, Applicant has further clarified the “byte range”, as claimed. Specifically, the byte range has been clarified as being “within a body of a payload generated by the client device in response to submitting information within the one or more input fields”, which is disclosed by Figures 8A-8C and 10 of Kothari. For example, Figure 10, step S1004 discloses data received at Kothari’s gateway device, where an anonymization of the data is performed based on a selected anonymization strategy (see Figure 5’s table). Figures 8A-8C go into further detail on how this process is carried out, with Figure 8A disclosing data being submitted via an input field (e.g., “Test Account 1”), Figure 8B showing the data within a body of a payload being submitted without anonymization, and Figure 8C further showing the data within the body of the payload being submitted after anonymization. In other words, Figures 8A-8C detail a process of receiving data submitted within an input field (Figure 8A) and applying a data anonymization process 
Thus, the examiner contends that Kothari discloses, “… a mapping that maps input fields to a byte range within a body of a payload generated by the client device in response to submitting information within the one or more input fields [within the graphical user interface]”, and thus the rejection is maintained.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-21 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. Claim 1 has been amended to recite “receive a payload associated with the page” and claim 12 has been similarly amended to recite “receiving … a payload associated with the page”, however the term “a payload” is unclear given the previous recitation of “a payload generated by the client device” in each claim. In order to expedite prosecution the examiner will consider each recitation of “a payload” as referring to distinct payloads, however correction is required by Applicant to overcome this rejection.
Further, claims 6 and 17 recites the limitation "the form or interface" in line.  There is insufficient antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-3, 6-14, and 17-21  is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by “Kothari” (US 9703967).

Regarding Claim 1:
A gateway device (Fig. 1A, element 104; Figure 4A) coupled between a client device (Fig. 1A, element 102) and a server (Fig. 1A, element 110), comprising:
a mapping generator (Figure 4A, element 404; Col. 8, lines 43-52) configured to generate a mapping that maps each of one or more input fields within a graphical user interface to associated with a page displayed by the client device (Col. 6, lines 24-29, “… server applications may be … a website…”) to a byte range (Figure 5 details a mapping data table that maps input data fields to various corresponding characteristics, including a length 506 and anon strategy 510; Col. 9, lines 47-62, “Now referring to row 512, various attributes of DATA FIELD 1 is stored in table 500. For example, DATA FIELD 1 is a numeric field of length 10 characters. Characters 8 through 10 of DATA FIELD 1 needs to be retained in its original form. The selected anonymization strategy for DATA FIELD 1 is TPF1. For example, DATA FIELD 1 may be a telephone number and characters 10:08 may represent the area code of the telephone number and may have to be maintained in its original form at the hosted cloud. However, characters 07:01 will be anonymized using anonymization strategy TPF1”; i.e., each data field is associated with a length of characters (a length of bytes), where an anonymization strategy is mapped to the data field such that a character (byte) range defined by the anonymization strategy is utilized in protecting specified characters of the data field. In the example above, bytes 8-10 are not to be anonymized while bytes 1-7 are to be anonymized) within a body of a payload generated by the client device (Figures 8B and 8C detail a body of a payload that is generated responsive to information being submitted within an input field shown in Figure 8A) in response to submitting information within the one or more input fields (Figure 8A details information being submitted within an input field as “Test Account 1”) and provided by the client device to the server  and to store the generated mapping within a non-transitory computer-readable storage medium (Col. 8, lines 50-55, “The selected anonymization strategy is stored by the management console module 404 in the anonymization strategy module 406 … may be stored as a table…”); 
“… a system 100 with anonymization system of this disclosure that is used to send data from a user system … Gateway 104 … includes anonymization system 112…”): 
receive a payload associated with the page and provided by the client device (Col. 8, lines 59-65, “The anonymization module 408 is configured to intercept any data to be transmitted from a user computer to the hosted cloud”); 
access the stored mapping from the non-transitory computer-readable storage medium (Figure 5; Col. 8, lines 59-65, “The anonymization module 408 is also configured to communicate with the anonymizing strategy module 406 and evaluate various fields of data to be transmitted against anonymization strategy stored in the anonymization strategy module”); and 
identify portions of the received payload corresponding to the one or more input fields using the accessed mapping (Col. 9, lines 32-46; Col. 10, lines 18-35 disclose applying various anonymization techniques corresponding to various data fields based on the stored mapping table); 
an encoding engine (Figure 4A, element 408) configured to encode one or more of the identified portions of the received data to produce encoded data (Col. 8, lines 65-67 & Col. 9, lines 1-3, “Based upon this evaluation, the anonymization module 408 is configured to perform anonymization of one or more data fields using one or more of the tokenization module 412 and crypto modules … and generate corresponding anonymized data field”); and 
“The anonymization module 408 is also configured to reassemble the data to be transmitted to the hosted cloud, using the anonymized data fields … The reassembled data is forwarded to the hosted cloud over the network using the gateway 400”).

Regarding Claim 2:
The gateway device of claim 1, wherein the received payload associated with the page comprises a data value entered into an input field of the graphical user interface (Col. 9, lines 43-62, “Column 508 shows whether any portion of the data field needs to be retained as originally provided by the user computer … For example, DATA FIELD 1 may be a telephone number and characters 10:08 may represent the area code of the telephone number and may have to be maintained in its original form at the hosted cloud. However, characters 07:01 will be anonymized using anonymization strategy TPF1”).

Regarding Claim 3:
The gateway device of claim 2, wherein the data value comprises one or more of: a string, a numerical value, an alphanumerical value, an alphabetical value, a structured data value, a name, a location, a credit card number, a social security number, a bank account number, an age, a date, - 29 -28898/41806/FW/10365899.1a time, a price, a monetary balance, an identifier, an address, a city, a state, a country, geographic coordinates, a school, an organization, or an employer (Figure 5, Column 504 details numerical, alphabetical, and alpha-numeric types of data values).

Regarding Claim 6:
The gateway device of claim 1, wherein the one or more input fields comprise graphical user interface input field elements (Col. 8, lines 59-65, “… evaluate various fields of data to be transmitted against anonymization strategy stored in the anonymization strategy module 406”) of the form or interface displayed at the client device (Col. 6, lines 24-29, “… server applications may be … a website…”).

Regarding Claim 7:
The gateway device of claim 6, wherein the form or interface is displayed with a web page or a native application at the client device (Col. 6, lines 24-29, “… server applications may be … a website…”).

Regarding Claim 8:
The gateway device of claim 1, wherein an identified portion of the received payload comprises one or more of: a location within the received payload, a word of the received payload, a location within a header or wrapper of the received payload, a location within the body of the received payload, and a graphical user interface input field element within the received payload (Figure 5, element 502 details various data fields to be identified corresponding to graphical user interface input fields).

Regarding Claim 9:


Regarding Claim 10:
The gateway device of claim 1, wherein the encoding engine is configured to access a security policy corresponding to the one or more input fields (Figure 5, element 510 - “Anon Strategy”), the security policy identifying one -30 -28898/41806/FW/10365899.1or more data protection techniques associated with each of one or more input fields (Figure 5, element 510 outlines different Anon Strategies to be applied to different types of data fields, where the techniques associated with the Anon Strategies being further disclosed by Col. 9, lines 47-67 & Col. 10, lines 1-14), wherein encoding the identified portions of the received data comprises implementing the one or more data protection techniques identified by the security policy (Col. 9, lines 47-62, “Now referring to row 512, various attributes of DATA FIELD 1 is stored in table 500. For example, DATA FIELD 1 is a numeric field of length 10 characters. Characters 8 through 10 of DATA FIELD 1 needs to be retained in its original form. The selected anonymization strategy for DATA FIELD 1 is TPF1. For example, DATA FIELD 1 may be a telephone number and characters 10:08 may represent the area code of the telephone number and may have to be maintained in its original form at the hosted cloud. However, characters 07:01 will be anonymized using anonymization strategy TPF1”).

Regarding Claim 11:
The gateway device of claim 10, wherein the data protection techniques comprise one or more of: encryption, tokenization, data masking, hashing, and anonymization (Col. 9, lines 47-62, “However, characters 07:01 will be anonymized using anonymization strategy TPF1”).

Regarding Claims 12-14 and 17-21:
Method claims 12-14 and 17-21 correspond to respective gateway device claims 1-3 and 6-10 and contain no additional limitations. Therefore claims 12-14 and 17-21 are rejected by applying the same rationale used to reject claims 1-3 and 6-10 above, respectively.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 4, 5, 15, and 16 is/are rejected under 35 U.S.C. 103 as being unpatentable over  “Kothari” (US 9703967) in view of “Hughes” (US 2014/0115710).

Regarding Claim 4:
Kothari teaches:
The gateway device of claim 1, …
Kothari does not disclose:
… wherein the gateway device comprises a unique value generator configured to generate one or more unique values and to enter the generated unique values into the one or more input fields, and wherein the mapping generator generates the mapping based on training data associated with the page produced in response to the entered generated unique values.
Hughes teaches:
… wherein the gateway device comprises a unique value generator configured to generate one or more unique values and to enter the generated unique values into the one or more input fields (Fig. 2 details a unique value, “12345” being generated, via a Privacy Server, and entered into one or more input fields to be transmitted to an Application Server; ¶0030, “One example of a PII identifier is a GUID or globally unique identifier”; ¶0033, “Similarly, fi the teacher enters student PII into a registration form, then the privacy server replaces the student’s full name with a token before sending the registration form to the application form”), and wherein the mapping generator generates the mapping based on training data associated with the page produced in response to the entered generated unique values (¶0036, “As illustrated in FIG. 4, the privacy server creates a PII identifier “12345”, for a student and stores the PII identifier and the e-mail domain in the local database”; ¶0038, “When the privacy server receives a communication from the application server that includes a token, the privacy server uses the token to locate the PII that corresponds to the token stored in the PII database and substitutes the appropriate PII”; i.e., during a registration process for a student, create a unique PII identifier and map the student’s PII information to the identifier via a database) .
	Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to modify Kothari’s system for data anonymization by enhancing Kothari’s gateway to generate unique values to represent input values in data fields and generate a mapping table based on a registration process and an associated unique value, as taught by Hughes, in order for the gateway to operate in manner that is transparent to a user.
	The motivation is to generate a unique token at a gateway to represent a user’s personal identification information based on a registration process of the user’s information, and further store the unique token within a database that is provided for automatic translation between the unique token and the personal identification information when the user is in communication with a server. This allows the gateway to intercept communications between the user and the server in a manner where the existence and operation of the gateway is transparent to the user (Hughes, ¶0024).

Regarding Claim 5:
The gateway device of claim 4, wherein Kothari in view of Hughes further teaches the mapping generator is configured to identify the one or more unique values within the training data, and to identify portions of the training data corresponding to the identified unique values (Hughes, ¶0038, “When the privacy server receives a communication from the application server that includes a token, the privacy server uses the token to locate the PII that corresponds to the token stored in the PII database and substitutes the appropriate PII”).
The motivation to reject claim 5 under Hughes is the same motivation used to apply Hughes to Kothari in rejecting claim 4 above.

Regarding Claims 15 and 16:
Method claims 15 and 16 correspond to respective gateway device claims 4 and 5 and do not contain any further limitations. Therefore claims 15 and 16 are rejected by applying the same rationale used to reject claims 4 and 5 above, respectively.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not 

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DANIEL B POTRATZ whose telephone number is (571)270-5329.  The examiner can normally be reached on M-F 10 A.M. - 6 P.M. CST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.





/DANIEL B POTRATZ/Primary Examiner, Art Unit 2491