DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Application No. 16/654,630 filed on 10/16/2019.
Status of Claims
Claims 1-20 are pending in this Office Action.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1, 3-11, 14 and 16-20 are rejected under 35 U.S.C. 102(a)(1) as being participated by King et al. (US 2009/0094193) “King”.
Regarding Claim 1; King discloses a computer-implemented method for automated data access management, the method comprising: 
(King: paragraphs [0025-0028] – security policies are based on user groups);
performing, by the computing device, project equalization for the project, wherein the project equalization determines a set of user attributes shared by the users; modifying, by the computing device, the user attributes of each user for the project, wherein the user attributes of each user are modified to conform to the set of user attributes determined by the project equalization (King: paragraphs [0027-0028] – At the entity level, an attribute-level security policy may be defined as follows: Only employees belonging to the Human Resources department are allowed to view the salary attribute of other employees. At the table level, the "salary" column in the employee table may be associated with a specific set of permissions that are granted to a database user group assigned only to employees in the Human Resources department. Thus, the above attribute-level security policy may be mapped to the following conditions associated with the "salary" column in the employee table); 
detecting, by the computing device, a query to retrieve data from the at least one data source;modifying the query to produce a modified query by applying the modified user attributes associated with the project to the query; and retrieving the data from the at least one data source based on the modified query (King: paragraph [0027] - when a user sends a query requesting the data in the employee table, according to the techniques described herein the database server may enforce the above column-level security policy in the following manner. First, from the security context associated with the client through which the user submitted the query, the database server determines the user ID of the user and any user groups that the user is assigned to. If the user has permissions to access at least some data in the employee table, the database server retrieves the set of data that is requested in the received query. Then, according to the techniques described herein, the database server or a component thereof evaluates the above security policy for each row in the retrieved set of rows. If the user is associated with the user group identified by group ID "100", then the set of rows is returned to the client for presenting to the user; otherwise, the database server or the component thereof replaces with security-NULL values the data values in the "salary" column of the returned set of rows, and the resulting set of rows is then sent back to the client).  
Regarding Claim 3; King discloses wherein the project equalization is performed, at least in part, by a policy manager having access to the one or more user attributes, the data access policies, and logic managing the data access policies (paragraph [0018] – access policies).  
Regarding Claim 4; King discloses further comprising dynamically enforcing, via the policy manager, at least one of the data access policies on the at least one data source when retrieving the data from the at least one data source based on the modified query (paragraph [0027]).  
Regarding Claim 5; King discloses wherein the additional data source is accessible by additional users that correspond to an additional project and have user attributes that have been modified to conform to the set of user attributes (paragraphs [0025-0028]).  
Regarding Claim 6; King discloses wherein the at least one data source corresponds to a set of database tables comprising at least one row and at least one column (King: Fig. 2 – table with rows and columns).  
Regarding Claim 7; King discloses wherein the modified query corresponds to a structured query language (SQL) query that is modified by applying the modified user attributes associated with the project (paragraph [0032]).  
Regarding Claim 8; King  discloses wherein the at least one data source corresponds to a set of resources managed by a cluster of devices (paragraph [0015] - a database server may be operable to perform various data management functions (including, controlling and facilitating access to particular databases, processing requests by clients to access particular databases, and processing requests by clients to add, delete, or modify data in particular databases), as well as database management functions (including, but not limited to, creating databases and tables, allocating disk space for databases and tables, and creating and maintaining user login information, role information, and security policy information)).  
Regarding Claim 9; King discloses wherein each of the users accesses data from the set of resources via the modified query; and wherein retrieving the data from the at least one data source comprises retrieving the data from the set of resources based on the modified query (paragraph [0027]).  
Regarding Claim 10; King discloses wherein the user is prevented from accessing raw data from the set of resources (paragraph [0027] – a set of permissions that are granted to a dabatase user group assigned only to employees in the Human Resources department to access certain data in the table, otherwise, employees that are not in the database user group above will be prevented from accessing that certain data).
Regarding Claim 11; Kingdiscloses wherein the at least one data source corresponds to data stored in a filesystem; and 25Attorney Docket No. 0308.0003-US wherein retrieving the data from the at least one data source comprises accessing the data stored in the filesystem based on the modified query (paragraph [0027] – user query based on user permission; paragraph [0036] - security policies may be stored in one or more database objects within a database. For example, the database objects storing security policies may be tables, views, materialized views, indexes, or any other data structures that a database server can create and maintain as part of a database schema. In other embodiments, security policies may be stored and maintained by a database server in data structures that are outside of a database, for example, in files stored in an Operating System (OS) file system).  
Regarding claims 14 and 16-20; note the rejection of claims 1 and 3-5. The instant claims recite substantially same limitations as the above-rejected claims and are therefore rejected under same prior-art teachings.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 2 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over King et al. (US 2009/0094193) “King”, in view of Panuganty et al (US 2021/0248136) “Panuganty”.
Regarding Claim 2; King does not explicitly disclose creating an additional data source that is derived from the at least one data source, the additional data source being associated with the project in response to a request by one of the users.  However, Panuganty discloses creating an additional data source that is derived from the at least one data source, the additional data source being associated with the project in response to a request by one of the users (Panuganty: paragraph [0200] – curation engine module 1102 applies and/or utilizes user-defined rules, such as rules that prioritize database access, rules that prioritize what data to update more frequently relative to other data, etc. For instance, a user can create a workspace associated with the personalized analytics system such that the user assigns each workspace to a particular database and/or data source. This directs the curation engine module 1102 to curate data from the identified data source. Alternately or additionally, the user can assign a collection of particular databases and/or data sources to the workspace. As yet another example, a user can assign a login name and password to the workspace to secure and/or restrict access to curated data so that only authorized users with valid user credentials can access to the curated data). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing data of the claimed invention to combine the teachings of Panuganty into the teachings of King to include techniques provide intelligent grouping and output of search results by considering contextual factors that relate different search results as taught by Panuganty. 
Regarding claim 15; note the rejection of claim 2. The instant claims recite substantially same limitations as the above-rejected claims and are therefore rejected under same prior-art teachings.
Claims 12-13 are rejected under 35 U.S.C. 103 as being unpatentable over King et al. (US 2009/0094193) “King”, in view of Shah et al (US 2017/0091279) “Shah”.
Regarding Claim 12; King does not explicitly disclose wherein accessing the data stored in the filesystem based on the modified query comprises retrieving the data from a cache device when: the user attributes of a user executing the query indicate that the user is subscribed to the at least one data source, the user attributes of the user executing the query indicate that the user is associated with the modified user attributes for the project, and the query is executed within a predetermined latency threshold. However, Shah discloses wherein accessing the data stored in the filesystem based on the modified query comprises retrieving the data from a cache device when: the user attributes of a user executing the query indicate that the user is subscribed to the at least one data source, the user attributes of the user executing the query indicate that the user is associated with the modified user attributes for the project, and the query is executed within a predetermined latency threshold (Shah: paragraph [0054] - The DUA allows for and may include the ability for the file system to detect what system user or process is accessing the contents of the file system and approve or reject access to blobs based on the user performing the access, the process performing the access, or an ancestor process of the process performing the access. In some implementations, the blobs are transferred to the computer instantiating the file system in partial chunks so as to be able to provide access to blobs that exceed the local memory size and/or local file system size of the computer instantiating the file system. The DUA allows for and may include a mechanism to allow computers instantiating the file system to transfer blobs or portions of blobs between themselves in a peer to peer manner without the data passing through a server such that the latency of data fetches can be lower and the overall bandwidth transmitted to a node can be higher than would otherwise be possible). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing data of the claimed invention to combine the teachings of Shah into the teachings of King to include a novel technology and method for data owners to expose data and users to gain access to data within their enterprise while maintaining data governance policies required by the data owner. An example of the technology and methods are described herein which provides a technology agnostic framework that enables sharing and management of data across repositories, data formats, applications, and systems in the enterprise as taught by Shah. 
Regarding Claim 13; King does not explicitly disclose wherein accessing the data stored in the filesystem based on the modified query comprises retrieving the data from a remote storage device when: the user attributes of a user executing the query indicate that the user is subscribed to the at least one data source, the user attributes of storage device (Shah: paragraphs [0015, 0026-0030] – a request from a user to access a data object may be received. The data object may be stored in a remote data system, external to a file system of the user. Authorizations associated with the requesting user may be retrieved. Metadata associated with the data object may be retrieved. The metadata may comprises data visibility information comprising a reference to a policy, such that the data object does not need to be updated when the policy changes. Based on the user's authorizations, the data visibility, and a service call to a remote system that instantiates a static or dynamic policy, whether the user has access to the data object may be determined. If the user is determined to have access to the data object, access to the data object access to the data object may be granted to the user. The data object may not be fetched from the remote data system until the user requests to open the data object. The data object may be presented to the requesting user via a standard file system interface regardless of remote storage technology and including when the remote storage technology is a SQL database and the file object accessed by the user must be built from SQL query results. "blob" refers to some data which is stored on system where the technology that stores can be but not limited to SQL Databases, NoSQL databases, filesystem or computer RAM; the term "visibility" refers to attributes which may come from the data or blob that determine whether or not the user can see a blob. the term "policy" refers to a set of guidelines which determine whether or not a user is allowed to see a particular blob or not). Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing data of the claimed invention to combine the teachings of Shah into the teachings of King to include a novel technology and method for data owners to expose data and users to gain access to data within their enterprise while maintaining data governance policies required by the data owner. An example of the technology and methods are described herein which provides a technology agnostic framework that enables sharing and management of data across repositories, data formats, applications, and systems in the enterprise as taught by Shah. 

Prior Art
The prior arts made of record and not relied upon is considered pertinent to applicant's disclosure. See form PTO-892.






Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Thuy (Tiffany) Bui whose telephone number is (571)270-3423.  The examiner can normally be reached on Mon - Fri 7:00-3:30 EST.
            If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alford Kindred can be reached on (571)272-4037.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Thuy (Tiffany) Bui/ 
Examiner, Art Unit 2153/
/ALFORD W KINDRED/Supervisory Patent Examiner, Art Unit 2153