Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communications received 9/27/2019. Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/8/2020 is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claim 5 of the instant application is provisionally  rejected on the ground of nonstatutory double patenting as being unpatentable over claim 5 of of copending application 16586562 (hereinafter’562). Although the claims at issue are not identical, they are not patentably distinct from each other because claim 5 (and substantially claim 13) are anticipated by claim 5 of ‘562 as follows (limitations from ‘562 are in “Italic”):
‘562 discloses:
A computer-implemented method comprising: under control of a computing system comprising one or more computer processors configured to execute specific instructions (“A computer-implemented method comprising: under control of a computing system comprising one or more computer processors configured to execute specific instructions”), receiving a request to store input data as a data object within a data store (“receiving a request to obtain a data object”; “providing the response to a computing device”, the computing device receiving the data object is interpreted as the data store claimed in the instant application) ; determining, based at least partly on the request, to execute a function to obfuscate a portion of the input data prior to storing the input data as the data object (“determining, based at least partly on the request, to execute a function using the data object prior to providing a response to the request”); configuring a code execution system to execute the function, wherein the code execution system is configured to provide on-demand execution of functions in an input/output (I/0) path of the data store (“configuring a code execution system to execute the function, wherein the code execution system provides on-demand execution of functions in an input/output (I/0) pipeline of the data store”) ; executing the function using the code execution system prior to storing the input data as the data object, wherein executing the function comprises (“executing the function using the code execution system prior to providing the response, wherein executing the function comprises:”) : obtaining the input data (“obtaining the data object”); determining to obfuscate a first portion of the input data (“determining that a first portion of the data object is to be obfuscated”); generating a first obfuscated portion comprising the first portion in obfuscated form (“and generating a function output comprising the first obfuscated portion”); and generating a output data comprising the first obfuscated portion, wherein the output data does not include the first portion in un- obfuscated form (“wherein the function output does not include the first portion in un-obfuscated form”); and storing the output data as the data object in the data store (“and providing the response to a computing device based at least partly on the function output”).  

Claims 6-8, 10-12, 14-16 and 18-20 are provisionally  rejected on the ground of nonstatutory double patenting as being unpatentable over claim 5  of ‘562, in further view of US 20180176193 to Davis et al. and of US 20180285591 to Thayer et al..
Regarding claims 6-8, 10-12, 14-16, 18-20, claim 5 of ‘562 discloses the base claim but does not teach the other limitations recited in the claims. However, Davis and Thayer disclose those limitations (see below). It would have been obvious to a skilled artisan before the instant application was filed to combine ‘562 with Davis and Thayer as disclosed below in order to ensure data privacy and facilitate management (storing and retrieving) of sensitive data.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-8, 10-16 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20180176193 to Davis et al., hereinafter Davis, and further in view of US 20180285591 to Thayer et al., hereinafter Thayer.
Regarding claim 1, Davis discloses 
A system comprising: an object storage service comprising one or more computing devices, wherein the object storage service is configured to store a plurality of data objects within an object data store (Fig. 4 [0038] protection module 312 or [0047]  detection module 412 receives request from client, directed to backend servers ) ; and a code execution service comprising one or more computing devices for on-demand execution of functions in an input/output (I/O) path of the object storage service (Fig. 4 encryption module 414); wherein the object storage service is configured to at least: receive input data and a request to store the input data as a data object within the object data store ([0047]: detection module receives requests from a client,  [0048] the data directed to backend services hosted by the service provider); determine that a function to obfuscate a portion of the input data, associated with the request to store the input data, is to be executed prior to storing the input data as the data object ([0038][0046][0047] detects sensitive data ; and transmit a call to the code execution service to execute the function against the input data ([0042][0047] transmit data to encryption module to be encrypted); and wherein the code execution service is configured to at least: receive, from the object storage service, the call to execute the function, the call including the input data [0047]: encryption module receives data to be encrypted); and execute the function, wherein executing the function causes the service to: identify, within the input data, one or more instances of private information that is to be obfuscated prior to storing the input data as the data object within the object data store ([0046]: encryption module’s configuration data includes information suitable for identifying sensitive data, [0047] encrypt the sensitive data); generate output data comprising the one or more instances of the private information of the input data in obfuscated form  ; and return the output data to the object storage service; wherein the object storage service is further configured to store the output data in the object data store as the data object ([0048]: return encrypted sensitive data to detection module, which formats and forwards to the backend server for storage).  
Although Davis disclose the proxy fleet may transmit encrypted data and  the remaining non-sensitive data to the backend service ([0040]), Davis does not explicitly teach the encryption module (interpreted as the code execution service) generates the output data including un-obfuscated data. However, Thayer discloses obfuscating sensitive data including in a document, and substituting the sensitive data by the obfuscated value, redacting the document , meaning non-sensitive data remain untouched ([0013][0024]), teaching generate output data comprising the one or more instances of the private information of the input data in obfuscated form  and a remaining portion of the input data in un-obfuscated form. It would have been obvious to a skilled artisan before the instant application was effectively filed, to have the encryption module generates the output data by redacting the input as taught by Thayer because it would provide privacy for the sensitive data while limiting the obfuscation process to the needed sensitive fields, enhancing the process.
Regarding claim 2, Davis in view of Thayer discloses the system of claim 1, wherein the input data does not remain stored in the object storage service in un-obfuscated form after the object storage service stores the output data (Davis, [0048]: replace sensitive data by encrypted data).
  Regarding claim 3, Davis in view of Thayer discloses the system of claim 1, wherein the code execution service is configured to generate the output data by: determining a unique token for each instance of the private information, wherein each unique token is different from every other unique token (Thayer [0020][0021] obfuscate each sensitive value  by generating unique values for each sensitive value); storing the instances of the private information and a mapping of the unique tokens to the instances of the private information (Thayer [0023]: for each sensitive value, map key, obfuscated value and sensitive value, store map in database 112); and replacing each instance of the private information with the corresponding unique token (Thayer [0024][0025]:  substitute sensitive values by obfuscated values, store in database). (motivation to combine with Davis with Thayer is for enforcing data privacy).
 Regarding claim 4, Davis in view of Thayer discloses the system of claim 1, wherein the code execution service is configured to generate the obfuscated form of the private information by encrypting the private information (Davis [0026]).
Regarding claims 5 and 13, the claims recite substantially the same content as claim 1 and are rejected as in claim 1.
Regarding claims 6, Davis in view of Thayer discloses the computer-implemented method of claim 5, wherein determining to obfuscate a first portion of the input data comprises determining that the first portion includes private information (Davis, [0046]).  
Regarding claims 7, Davis in view of Thayer discloses the computer-implemented method of claim 6, wherein the private information represents one or more of: personally identifiable information, a name, an address, an age, a government-issued identification number, a date of birth, a place of birth, a mother's maiden name, an account number, or a biometric record (Davis [0025]).  
Regarding claim 8, the claim recites substantially the same content as claim 3 and is rejected as in claim 3.
Regarding claims 10, Davis in view of Thayer discloses the computer-implemented method of claim 5, wherein generating the first obfuscated portion comprises encrypting the first portion of the input data using an encryption key (Davis [0026]).  
Regarding claims 11, Davis in view of Thayer discloses the computer-implemented method of claim 10, further comprising storing the encryption key and a 
Regarding claims 12, Davis in view of Thayer discloses the computer-implemented method of claim 5, wherein determining to obfuscate the first portion of the input data is based at least in part upon a portion of the input data (Davis [0046]: determining based on data type, field, format ... associated with sensitive data).  
Regarding claims 14-16, the claims recite substantially the same content as claims 6-8 and are rejected as in claims 6-8).
Regarding claims 18-20, the claims recite substantially the same content as claims 10-12 and are rejected as in claims 10-12).

Allowable Subject Matter
Claim9 and 17 are allowable over the prior art.
Claim 9 and substantially claim 17 Davis in view of Thayer discloses:  the computer-implemented method of claim 8 (or system of claim 13),  but fails to teach: wherein storing the mapping of the token to the first portion comprises storing the mapping of the token to the first portion in a storage location having different access permissions than a location in the data store in which the data object is stored. 
None of the other prior art of the record teach the limitations in claims 9 and 17. Therefore claims 9 and 17 are found allowable.
Claims 9 and 17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
.
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Davis et al 20180176192  and 20180176187 disclose identifying sensitive data and sending to an encryption module to obfuscate the sensitive data.
Kruse et al 9946895 disclose determining data to obfuscate, use a key, create an encrypted token.
Johansson et al 9129118 disclose identifying and hashing personally identifiable information.
Laurence et al 9641434 disclose retrieving sensitive dara from packets,  and hashing to obfuscate.
Keselman et al 20190149320  receiving write request including values associated with sensitive data fields, get encryption key for each value, encrypt values associated with sensitive fields using key, execute write query- 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138.  The examiner can normally be reached on Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        9/9/2021