DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
This Office Action is in response to communication received on 11/04/2021.
Claims 1, 5-9, 11-15, and 17-20 were amended.
Claims 1-20 are pending.

Response to Arguments
With respect to the 35 USC § 101 rejection, applicant arguments are not persuasive. The argued “data management system” is using generic computing components with processor and memory as described in the claim to perform the claim functions such as the “generating”. With respect to the arguments against the 35 USC § 101 rejection concerning the newly added limitations, the examiner has updated the rejection below to address the new limitations.
With respect to the 35 USC § 112 rejection, in light of applicant’s amendments the argument is found persuasive and the previous rejection has been withdrawn, however a new 35 USC § 112 issue was found based on the amended claims.
With respect to the 35 USC § 103 rejection, the applicant argues against the newly added limitations; therefore the examiner has updated the claim mapping below to address the argued claim limitations such as Cherel cited paragraphs do not disclose “generating a first catalogue and second catalogue” in page six of the applicant arguments. The examiner would like to note that Applicant’s specifications document, such as paragraphs [0025 and 0031], does not show that there is a difference 

Claim Objections
Claims 8, 14 and 20 are objected to because of the following informalities:  the claims recite “the plurality of data elements is distributed” it should have been “the plurality of data elements are distributed”.  Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


With respect to claims 1-20 the claims are rejected under 35 U.S.C. §101 because the claimed invention is directed to an abstract idea without significantly more.
2019 Revised Patent Eligibility Guidance (PEG): Step 1:
As claims 1-20 are directed to a method, tangible non-transitory machine readable medium and a system therefore they are all within at least one of the four statutory categories.
2019 PEG: Step 2A - Prong One:
Regarding Prong One of Step 2A of the 2019 PEG (which collectively includes the guidance in the January 7, 2019 Federal Register notice and the October 2019 update issued by the USPTO), the claim limitations are to be analyzed to determine whether, under their broadest reasonable interpretation, they “recite” a judicial exception or in other words whether a judicial exception is “set forth” or “described” in the claims.  An “abstract idea” judicial exception is subject matter that falls within at least one of the following groupings: a) certain methods of organizing human activity, b) mental processes, and/or c) mathematical concepts.
Representative independent claims 1, 9 and 15 include limitations that recite at least one abstract idea.  For instance, independent claim 1 recites:
A method, comprising: accessing, by a data management system including at least one processor and a memory, a set of data on a network resource, the data formed from a plurality of data elements, the plurality of data elements arranged in at least one data table; identifying, by the data management system, one or more sensitive data elements within the set of data, the one or more sensitive data elements including sensitive information related to one or more individuals; determining, by the data management system, a sensitivity level of the one or more sensitive data elements; generating, by the data management system, a first catalogue and a second catalogue, the first catalogue including first new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements, the second catalogue including a second new data element representative of an instance of the at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements; and tagging, by the data management system, the at least one sensitive data elements within the first catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element and tagging the instance of the at least one sensitive data element within the second catalogue based on the sensitivity level of the one or more sensitive data elements.
The Examiner submits that the foregoing underlined limitations constitute organizing human activity by managing sensitive data using generic computing devices and components to implement the abstract idea. Wherein in this instance the disclosed system manages the process of identifying sensitive data and organizing it, (see MPEP § 2106.05(f) and § 2106.05(g)).

Accordingly, the claim recites at least one abstract idea. 
While independent claim 9 and 15 although might have slight variations but essentially recites the same scope of claim limitations as independent claim 1.

Furthermore, dependent claims 2-8, 10-14 and 16-20 further fail to make the abstract parent claims any less abstract by reciting insignificant extra-solution activities, for example: 
Claims 2-7, 10-13 and 16-19 disclose generating a table comprising sensitive data and performing certain operations on the data such as tagging the sensitive data.
Claims 8, 14 and 20 disclose based on identifying the tag for the requested data element, identifying the requested data element stored in one or more data tables of the plurality of data tables; and deleting the requested data element from the one or more data tables.

Therefore, dependent claims 2-8, 10-14 and 16-20 fail to make the abstract parent claims any less abstract because claims 2-8, 10-14 and 16-20 all recite limitations for organizing human activity while using generic computing devices or components.
2019 PEG: Step 2A - Prong Two:
Regarding Prong Two of Step 2A of the 2019 PEG, it must be determined whether the claim as a whole integrates the abstract idea into a practical application.  As noted in the 2019 PEG, it must be determined whether any additional elements in the claim beyond the abstract idea integrate the exception into a practical application in a manner that imposes a meaningful limit on the judicial exception. The courts have indicated that additional elements merely using a computer to implement an abstract idea, adding insignificant extra solution activity, or generally linking use of a judicial exception to a particular technological environment or field of use do not integrate a judicial exception into a “practical application.”  
In the present case, the additional limitations beyond the above-noted at least one abstract idea recited in the claim are as follows (where the bolded portions are the “additional limitations” while the underlined portions continue to represent the at least one “abstract idea”):
Claim 1 recites: A method, comprising: accessing, by a data management system including at least one processor and a memory, a set of data on a network resource, the data formed from a plurality of data elements, the plurality of data elements arranged in at least one data table; identifying, by the data management system, one or more sensitive data elements within the set of data, the one or more sensitive data elements including sensitive information related to one or more individuals; determining, by the data management system, a sensitivity level of the one or more sensitive data elements; generating, by the data management system, a first catalogue and a second catalogue, the first catalogue including first new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements, the second catalogue including a second new data element representative of an instance of the at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements; and tagging, by the data management system, the at least one sensitive data elements within the first catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element and tagging the instance of the at least one sensitive data element within the second catalogue based on the sensitivity level of the one or more sensitive data elements. (Mental process or Human activity combined with conventional computer implementation, see MPEP § 2106.05(g) and MPEP § 2106.05(f)).

For the following reasons, the Examiner submits that the above identified additional limitations do not integrate the above-noted at least one abstract idea into a practical application.
Regarding the additional limitation of claim 1 “A method, comprising: accessing, by a data management system including at least one processor and a memory, a set of data on a network resource,” the Examiner submits that this additional limitation merely uses generic computing devices or components (such as illustrated in applicant’s drawings Fig. 5 and recited in applicant specifications paragraphs [0039-0044]) to implement the abstract idea (see MPEP § 2106.5(f) and MPEP § 2106.05(g)).
Thus, taken alone, the additional elements do not integrate the at least one abstract idea into a practical application.
Looking at the additional limitations as an ordered combination adds nothing that is not already present when looking at the elements taken individually.  For instance, there is no indication that the additional elements, when considered as a whole, reflect an improvement in the functioning of a computer or an improvement to another technology or technical field, apply or use the above-noted judicial exception to effect a particular authentication apparatus that is integral to the claim, effect a transformation or reduction of a particular article to a different state or thing, or apply or use the judicial exception in some other meaningful way beyond generally linking the use of the judicial 
For these reasons, representative independent claims 1, 9 and 15 do not recite additional elements that integrate the judicial exception into a practical application.  Accordingly, representative independent claims 1, 9 and 15 are directed to at least one abstract idea.
The remaining dependent claim limitations not addressed above fail to integrate the abstract idea into a practical application as set forth below:
Claims 2-7, 10-13 and 16-19 disclose generating a table comprising sensitive data and performing certain operations on the data such as tagging the sensitive data performed using the general purpose computing device(s) recited in their respective independent claims (such as illustrated in applicant’s drawings Fig. 5 and recited in applicant paragraphs [0039-0044]) to implement the abstract idea, as in MPEP § 2106.5(f) and MPEP § 2106.05(g) (i.e., all uses of the recited judicial exception require such data gathering or data output). See Mayo, 566 U.S. at 79, 101 USPQ2d at 1968; OIP Techs., Inc. v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1092-93 (Fed. Cir. 2015).
Claims 8, 14 and 20 disclose based on identifying the tag for the requested data element, identifying the requested data element stored in one or more data tables of the plurality of data tables; and deleting the requested data element from the one or more data tables performed using the general purpose computing device(s) recited in their respective independent claims (such as illustrated in applicant’s drawings Fig. 5 and recited in applicant paragraphs [0039-0044]) to implement the abstract idea, as in MPEP § 2106.5(f) and MPEP § 2106.05(g) (i.e., all uses of the recited judicial exception require such data gathering or data output). See Mayo, 566 U.S. at 79, 101 USPQ2d at 1968; OIP Techs., Inc. v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1092-93 (Fed. Cir. 2015).

With respect to claims 2-8, 10-14 and 16-20: These claims disclose a organizing human activity combined with insignificant extra solution activities to implement the abstract idea and thus do no more than generally link use of the abstract idea to a particular technological environment or field of use without altering or affecting how the at least one abstract idea is performed (see MPEP § 2106.05(e)).
Thus, taken alone, any additional elements do not integrate the at least one abstract idea into a practical application.  Therefore, the claims are directed to at least one abstract idea.
2019 PEG: Step 2B:
Regarding Step 2B of the 2019 PEG, representative independent claim 1 does not include additional elements (considered both individually and as an ordered combination) that are sufficient to amount to significantly more than the judicial exception for reasons the same as those discussed above with respect to determining that the claim does not integrate the abstract idea into a practical application.
Regarding the additional limitation of “A method, comprising: accessing, by a data management system including at least one processor and a memory, a set of data on a network resource,”, which the Examiner submits merely disclose generic computing devices or components (such as illustrated in applicant’s drawings Fig. 5 and recited in applicant specifications paragraphs [0039-0044]) to implement the abstract idea. Furthermore, the Examiner further submits that such steps that are recited in the rest of the claim are not unconventional as they merely consist of collecting and analyzing data in a system and perform an action based on the analysis.  See MPEP 2106.05(d)(II).  
The dependent claims do not include additional elements (considered both individually and as an ordered combination) that are sufficient to amount to significantly more than the judicial exception 
Claims 2-7, 10-13 and 16-19 disclose generating a table comprising sensitive data and performing certain operations on the data such as tagging the sensitive data performed using (such as illustrated in applicant’s drawings Fig. 5 and recited in applicant paragraphs [0039-0044]) to implement the abstract idea, as in MPEP § 2106.5(f) and MPEP § 2106.05(g) (i.e., all uses of the recited judicial exception require such data gathering or data output). See Mayo, 566 U.S. at 79, 101 USPQ2d at 1968; OIP Techs., Inc. v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1092-93 (Fed. Cir. 2015).
Claims 8, 14 and 20 disclose based on identifying the tag for the requested data element, identifying the requested data element stored in one or more data tables of the plurality of data tables; and deleting the requested data element from the one or more data tables performed using the general purpose computing device(s) recited in their respective independent claims, upon which they depend (such as illustrated in applicant’s drawings Fig. 5 and recited in applicant paragraphs [0039-0044]) to implement the abstract idea, as in MPEP § 2106.5(f) and MPEP § 2106.05(g) (i.e., all uses of the recited judicial exception require such data gathering or data output). See Mayo, 566 U.S. at 79, 101 USPQ2d at 1968; OIP Techs., Inc. v. Amazon.com, Inc., 788 F.3d 1359, 1363, 115 USPQ2d 1090, 1092-93 (Fed. Cir. 2015).
Therefore, the dependent claims add additional elements that are considered to be generic computer devices and/or components (such as illustrated in applicant’s drawings Fig. 5 and recited in applicant specifications paragraphs [0039-0044])  and that are simply applying a generic computer to implement the abstract idea, the Examiner further submits that such steps are not unconventional as they merely consist of collecting and analyzing data in a system and perform an action based on the analysis.  The steps of receiving data, analyzing data, and transmitting data are considered well-understood routine and conventional (See MPEP 2106.05(d)(II)).  

Therefore, claims 1-20 are ineligible under 35 USC §101.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as failing to set forth the subject matter which the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the applicant regards as the invention. 
Claims 1, 9 and 15 recite the limitation “a first data element” “a second data element” and "the new data element".  There is insufficient antecedent basis for “the new data element” in the claim.
Claims 2-8, 10-14 and 16-20 do not cure the deficiencies of the independent claims upon which they depend and are therefore rejected under 35 USC § 112(b).

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-3, 8-9, 14-15, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cherel et al. (US 20140136576 A1) hereinafter referred to as Cherel in view of Kundu et al. (US 20170123671 A1) hereinafter referred to as Kundu and in view of Garcia et al. (US 20170206599 A1) hereinafter referred to as Garcia.

With respect to claim 1, Cherel discloses: A method, comprising: accessing, by a data management system including at least one processor and a memory, a set of data on a network resource, the data formed from a plurality of data elements, the plurality of data elements arranged in at least one data table; (Cherel [0032-0033] disclose data management system comprising servers 110a-110n, wherein data elements are stored in the storage systems illustrated in Fig. 1).
identifying, by the data management system, one or more sensitive data elements within the set of data, (Cherel [0033] discloses “sensitive information detector 162” wherein Cherel [0046] discloses “the sensitive information detector identifying one or more objects in the database that are storing sensitive information”).
the one or more sensitive data elements including sensitive information related to one or more individuals; (Cherel [0005] discloses the sensitive data matter the prior art is trying to solve pertains to “database systems, sensitive information (e.g., PII) once it is no longer needed should be 
generating, by the data management system, a first catalogue and a second catalogue, the first catalogue including first new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements (Cherel [0031] and Fig. 1 disclose “database catalog 114a . . . 114n ” mapped to first and second catalogues. Furthermore, Cherel [0021-0022] disclose illustrated Figs. 3-4 wherein [0045-0046] explains in more details setting sensitive data identifiers and storing them in a catalog, illustrated in Figs. 3-4 illustrating the column of table associated with at least one sensitive data element. Moreover, Cherel [0073-0074] disclose creating security policies wherein “a security policy is equivalent to a level” for deletion; which is interpreted as generating a database catalog with the set identifiers and policies in each catalog as illustrated in Fig. 1).
the second catalogue including a second new data element representative of an instance of the at least one sensitive data element of the one or more sensitive data elements (Cherel [0031] and Fig. 1 disclose “database catalog 114a . . . 114n ” mapped to first and second catalogues. Furthermore, Cherel [0021-0022] disclose illustrated Figs. 3-4 wherein [0045-0046] explains in more details setting sensitive data identifiers and storing them in a catalog, illustrated in Figs. 3-4 illustrating the column of table associated with at least one sensitive data element. Moreover, Cherel [0073-0074] disclose creating security policies wherein “a security policy is equivalent to a level” for deletion; which is interpreted as generating a database catalog with the set identifiers and policies in each catalog as illustrated in Fig. 1).
and tagging, by the data management system, the at least one sensitive data elements within the first catalogue of the one or more sensitive data elements corresponding to the new data element (Cherel claim 8 disclose “database catalog stores the indicator and a pointer to the one or more security 
and tagging the instance of the at least one sensitive data element within the second catalogue of the one or more sensitive data elements. (Cherel [0031] and Fig. 1 illustrates multiple catalogues. Furthermore, Cherel claim 8 disclose “database catalog stores the indicator and a pointer to the one or more security policies for the at least one object” wherein the pointers are mapping to tagging the policies to the sensitive data within a catalogue. See also Cherel [0043]).
Cherel does not explicitly disclose a “sensitivity level” and generating a catalogue “based on the sensitivity level”.
However, Kundu in an analogous art discloses: determining, by the data management system, a sensitivity level of the one or more sensitive data elements; (Kundu [0069] discloses “identify a component sensitivity level of a component, as depicted in block 504” illustrated in Fig. 5).
generating, by the data management system, a catalogue, the catalogue including new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements; (Kundu illustrates in Fig. 2 generated catalogue representing sensitive data and their sensitivity level, the figure is explained in more details in Kundu paragraphs [0039 to 0044]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel generating, by the data management system, a catalogue, the catalogue including new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements as disclosed by Kundu in order to determine a delete mode commensurate with sensitivity level, see Kundu [0002].
tagging the at least one sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements.
However, Garcia in an analogous art discloses: and tagging the at least one sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element (Garcia claim 1 discloses “a plurality of different logical levels being defined to reflect both hierarchies of the received and retrieved sensitive information and hierarchies of the one or more logical containers”. Garcia [0118] discloses, “the color of the flag being based on the highest level of flag applied to all of the financial accounts included in the online account”. [0182] discloses “higher-order rule overriding a lower-order rule. A $7,500 deposit in a bank account is not flagged, but further in the analysis workflow, a $7,500 cash advance is identified in a consumer's credit card account they have made available to the system. Not only is the cash advance in the credit card account flagged for follow-up, but also the deposit in the bank account is flagged for follow-up.” Which is interpreted that a high level new data element, the cash advance, occurring would result in tagging/flagging a deposit data element in the account. The account is mapped to a catalogue).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel by tagging the one or more sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element as disclosed by Garcia to provide a solution wherein tagged items can be resolved through a machine learning analysis (see Garcia [0026 and 0198]).

With respect to claim 2, Cherel in view of Kundu and Garcia disclose: The method of claim 1, wherein a sensitive data element of the one or more sensitive data elements has a first sensitivity level and represents a specified column of the at least one data table. (Kundu as illustrated in Fig. 2 

With respect to claim 3, Cherel in view of Kundu and Garcia disclose: The method of claim 1, wherein a sensitive data element of the one or more sensitive data elements has a second sensitivity level and represents a specified cell within a column of the at least one data table. (interpreted in view of applicant specifications paragraph [0025]; Kundu Fig. 2 illustrates rows of second sensitivity levels in each cell/row within the column 210).

With respect to claim 8, Cherel in view of Kundu and Garcia disclose: The method of claim 1, wherein the plurality of data elements is distributed across a plurality of data tables, (Cherel [0004] discloses in a database “PII is just one example of sensitive information, and there are other types of sensitive information (such as salary information, performance reviews, confidential product plans, etc.)”. In addition, Cherel [0008] discloses, “table T10 and table T11 are created in tablespace TS4. Assume table T10 contains sensitive information (e.g., PII)” which is interpreted that different data is stored on different databases. See also Cherel [0031-0032] and Fig. 2 showing T10 in database 210a and 210n).
the method further comprising: based on a deletion request, identifying a tag for a requested data element within the first catalogue, the tag indicating the requested data element is included in the one or more sensitive data elements of the plurality of data elements; (Cherel [0046] Fig. 4 step 402 disclose “for each of the one or more objects, the sensitive information detector sets the secure delete indicator to indicate that the object contains sensitive information and identifies one or more security policies for that object in database catalog” wherein setting the indicator is mapped to tagging of sensitive data with security policies. Wherein when a delete request is done the tagged policies are 
based on identifying the tag for the requested data element, identifying the requested data element stored in one or more data tables of the plurality of data tables; and deleting the requested data element from the one or more data tables. (Cherel [0060] discloses “the database performs secure deletion of sensitive information. In block 502, the database processes the statement. For example, if the statement is to drop a table, the table is dropped. In block 504, the database identifies objects accessed by the statement. In block 506, the database determines which, if any, of the identified objects contain sensitive information using the secure delete indicator associated with each object in the database catalog” which is interpreted based on identifying the deletion policy tagged to the sensitive data policy and identifying which object is to be deleted from a table, then the sensitive data is deleted).

With respect to claim 9, Cherel discloses: A system, comprising: one or more processors; and a computer-readable storage medium, coupled to the one or more processors, storing program instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising: accessing, by a data management system including a processor and a memory coupled to the one or more processors and the computer-readable storage medium, a set of data on a network resource, the data formed from a plurality of data elements, Cherel [0031] discloses “multiple servers in accordance with certain embodiments. Servers 100a . . . 100n (where a and n represent positive integers) are coupled to an Enterprise Service Bus (ESB) 150. Each server 100a . . . 100n contains a database 110a . . . 110n. Each database 110a . . . 110n includes one or more tablespaces, with each tablespace storing one or more tables 112a . . . 112n. Each database 110a . . . 110n also includes a database catalog 114a . . . 114n and a database I/O layer 116a . . . 116n”. comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components”
the plurality of data elements arranged in at least one data table; (Cherel [0032-0033] disclose data management system comprising servers 110a-110n, wherein data elements are stored in the storage systems illustrated in Fig. 1).
identifying, by the data management system, one or more sensitive data elements within the set of data, (Cherel [0033] discloses “sensitive information detector 162” wherein Cherel [0046] discloses “the sensitive information detector identifying one or more objects in the database that are storing sensitive information”).
the one or more sensitive data elements including sensitive information related to one or more individuals; (Cherel [0005] discloses the sensitive data matter the prior art is trying to solve pertains to “database systems, sensitive information (e.g., PII) once it is no longer needed should be destroyed” wherein the Personally Identifiable Information (PII) is mapped to the information related to one or more individuals).
generating, by the data management system, a first catalogue and a second catalogue, the first catalogue including first new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements of the one or more sensitive data elements, (Cherel [0031] and Fig. 1 disclose “database catalog 114a . . . 114n ” mapped to first and second catalogues. Furthermore, Cherel [0021-0022] disclose illustrated Figs. 3-4 wherein [0045-0046] explains in more details setting sensitive data identifiers and storing them in a catalog, illustrated in Figs. 3-4 illustrating the column of table associated with at least one sensitive data element. Moreover, Cherel [0073-0074] disclose creating security policies wherein “a security policy is equivalent to a level” for deletion; which is interpreted as generating a database catalog with the set identifiers and policies in each catalog as illustrated in Fig. 1).
the second catalogue including a second new data element representative of an instance of the at least one sensitive data element of the one or more sensitive data elements of the one or more sensitive data elements; (Cherel [0031] and Fig. 1 disclose “database catalog 114a . . . 114n ” mapped to first and second catalogues. Furthermore, Cherel [0021-0022] disclose illustrated Figs. 3-4 wherein [0045-0046] explains in more details setting sensitive data identifiers and storing them in a catalog, illustrated in Figs. 3-4 illustrating the column of table associated with at least one sensitive data element. Moreover, Cherel [0073-0074] disclose creating security policies wherein “a security policy is equivalent to a level” for deletion; which is interpreted as generating a database catalog with the set identifiers and policies in each catalog as illustrated in Fig. 1).
and tagging, by the data management system, the at least one sensitive data elements within the first catalogue of the one or more sensitive data elements corresponding to the new data element (Cherel claim 8 disclose “database catalog stores the indicator and a pointer to the one or more security policies for the at least one object” wherein the pointers are mapping to tagging the policies to the sensitive data within a catalogue. See also Cherel [0043]).
and tagging the instance of the at least one sensitive data element within the second catalogue of the one or more sensitive data elements. (Cherel [0031] and Fig. 1 illustrates multiple 
Cherel does not explicitly disclose a “sensitivity level” and generating a catalogue “based on the sensitivity level”.
However, Kundu in an analogous art discloses: determining, by the data management system, a sensitivity level of the one or more sensitive data elements; (Kundu [0069] discloses “identify a component sensitivity level of a component, as depicted in block 504” illustrated in Fig. 5).
generating, by the data management system, a catalogue, the catalogue including new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements; (Kundu illustrates in Fig. 2 generated catalogue representing sensitive data and their sensitivity level, the figure is explained in more details in Kundu paragraphs [0039 to 0044]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel generating, by the data management system, a catalogue, the catalogue including new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements as disclosed by Kundu in order to determine a delete mode commensurate with sensitivity level, see Kundu [0002].
Cherel does not explicitly disclose tagging the at least one sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements.
However, Garcia in an analogous art discloses: and tagging the at least one sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element (Garcia claim 1 discloses “a plurality of different logical levels being defined to reflect both hierarchies of the received and retrieved sensitive information and hierarchies of the one or more logical containers”. Garcia [0118] discloses, “the color of the flag being based on the highest level of flag applied to all of the financial accounts included in the online account”. [0182] discloses “higher-order rule overriding a lower-order rule. A $7,500 deposit in a bank account is not flagged, but further in the analysis workflow, a $7,500 cash advance is identified in a consumer's credit card account they have made available to the system. Not only is the cash advance in the credit card account flagged for follow-up, but also the deposit in the bank account is flagged for follow-up.” Which is interpreted that a high level new data element, the cash advance, occurring would result in tagging/flagging a deposit data element in the account. The account is mapped to a catalogue).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel by tagging the one or more sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element as disclosed by Garcia to provide a solution wherein tagged items can be resolved through a machine learning analysis (see Garcia [0026 and 0198]).

With respect to claim 14, Cherel in view of Kundu and Garcia disclose: The system of claim 9, wherein the plurality of data elements is distributed across a plurality of data tables, (Cherel [0004] discloses in a database “PII is just one example of sensitive information, and there are other types of sensitive information (such as salary information, performance reviews, confidential product plans, etc.)”. In addition, Cherel [0008] discloses, “table T10 and table T11 are created in tablespace TS4. Assume table T10 contains sensitive information (e.g., PII)” which is interpreted that different data is stored on different databases. See also Cherel [0031-0032] and Fig. 2 showing T10 in database 210a and 210n).
the operations further comprising: based on a deletion request, identifying a tag for a requested data element within the first catalogue, the tag indicating the requested data element is included in the one or more sensitive data elements of the plurality of data elements; (Cherel [0046] Fig. 4 step 402 disclose “for each of the one or more objects, the sensitive information detector sets the secure delete indicator to indicate that the object contains sensitive information and identifies one or more security policies for that object in database catalog” wherein setting the indicator is mapped to tagging of sensitive data with security policies. Wherein when a delete request is done the tagged policies are identified in order to select which deletion policy is used, as understood by the examiner from Cherel paragraph [0060]).
based on identifying the tag for the requested data element, identifying the requested data element stored in one or more data tables of the plurality of data tables; and deleting the requested data element from the one or more data tables. (Cherel [0060] discloses “the database performs secure deletion of sensitive information. In block 502, the database processes the statement. For example, if the statement is to drop a table, the table is dropped. In block 504, the database identifies objects accessed by the statement. In block 506, the database determines which, if any, of the identified objects contain sensitive information using the secure delete indicator associated with each object in the database catalog” which is interpreted based on identifying the deletion policy tagged to the sensitive data policy and identifying which object is to be deleted from a table, then the sensitive data is deleted).

With respect to claim 15, Cherel discloses: A computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions being executable by one or more processors to cause the one or more processors to perform operations comprising: accessing, by a data management system including a processor and a memory coupled to the one or more processors and the computer-readable storage medium a set of data on a network resource, the data formed from a plurality of data elements, Cherel [0031] discloses “multiple servers in accordance with certain embodiments. Servers 100a . . . 100n (where a and n represent positive integers) are coupled to an Enterprise Service Bus (ESB) 150. Each server 100a . . . 100n contains a database 110a . . . 110n. Each database 110a . . . 110n includes one or more tablespaces, with each tablespace storing one or more tables 112a . . . 112n. Each database 110a . . . 110n also includes a database catalog 114a . . . 114n and a database I/O layer 116a . . . 116n”. Additionally, Cherel [0033] discloses, “a security policy system 160, a sensitive information detector 162, and a Lightweight Directory Access Protocol (LDAP) system 164 are coupled to the ESB 150. Via the ESB 150, the servers 100a . . . 100n interact with the security policy system 160, the sensitive information detector 162, and the LDAP system 164. The LDAP system 164 is used to identify users of the databases and servers, and to specify what groups they are in (where the group membership is used for authorization rules used when accessing the databases and servers)”. The examiner understands from the cited paragraphs that users can access data on servers wherein the databases comprise of tablespaces and catalogues which is interpreted as data formed from a plurality of data elements. Which is additionally supported by Cherel [0140] “"comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components”
the plurality of data elements arranged in at least one data table; (Cherel [0032-0033] disclose data management system comprising servers 110a-110n, wherein data elements are stored in the storage systems illustrated in Fig. 1).
identifying, by the data management system, one or more sensitive data elements within the set of data, (Cherel [0033] discloses “sensitive information detector 162” wherein Cherel [0046] discloses “the sensitive information detector identifying one or more objects in the database that are storing sensitive information”).
the one or more sensitive data elements including sensitive information related to one or more individuals; (Cherel [0005] discloses the sensitive data matter the prior art is trying to solve pertains to “database systems, sensitive information (e.g., PII) once it is no longer needed should be destroyed” wherein the Personally Identifiable Information (PII) is mapped to the information related to one or more individuals).
generating, by the data management system, a first catalogue and a second catalogue, the first catalogue including first new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated of the one or more sensitive data elements, (Cherel [0031] and Fig. 1 disclose “database catalog 114a . . . 114n ” mapped to first and second catalogues. Furthermore, Cherel [0021-0022] disclose illustrated Figs. 3-4 wherein [0045-0046] explains in more details setting sensitive data identifiers and storing them in a catalog, illustrated in Figs. 3-4 illustrating the column of table associated with at least one sensitive data element. Moreover, Cherel [0073-0074] disclose creating security policies wherein “a security policy is equivalent to a level” for deletion; which is interpreted as generating a database catalog with the set identifiers and policies in each catalog as illustrated in Fig. 1).
the second catalogue including a second new data element representative of an instance of the at least one sensitive data element of the one or more sensitive data elements and generated of the one or more sensitive data elements; (Cherel [0031] and Fig. 1 disclose “database catalog 114a . . . 114n ” mapped to first and second catalogues. Furthermore, Cherel [0021-0022] disclose illustrated Figs. 3-4 wherein [0045-0046] explains in more details setting sensitive data identifiers and storing them in a catalog, illustrated in Figs. 3-4 illustrating the column of table associated with at least one sensitive data element. Moreover, Cherel [0073-0074] disclose creating security policies wherein “a security policy is equivalent to a level” for deletion; which is interpreted as generating a database catalog with the set identifiers and policies in each catalog as illustrated in Fig. 1).
and tagging, by the data management system, the at least one sensitive data elements within the first catalogue of the one or more sensitive data elements corresponding to the new data element (Cherel claim 8 disclose “database catalog stores the indicator and a pointer to the one or more security policies for the at least one object” wherein the pointers are mapping to tagging the policies to the sensitive data within a catalogue. See also Cherel [0043]).
and tagging the instance of the at least one sensitive data element within the second catalogue of the one or more sensitive data elements. (Cherel [0031] and Fig. 1 illustrates multiple catalogues. Furthermore, Cherel claim 8 disclose “database catalog stores the indicator and a pointer to the one or more security policies for the at least one object” wherein the pointers are mapping to tagging the policies to the sensitive data within a catalogue. See also Cherel [0043]).
Cherel does not explicitly disclose a “sensitivity level” and generating a catalogue “based on the sensitivity level”.
However, Kundu in an analogous art discloses: determining, by the data management system, a sensitivity level of the one or more sensitive data elements; (Kundu [0069] discloses “identify a component sensitivity level of a component, as depicted in block 504” illustrated in Fig. 5).
generating, by the data management system, a catalogue, the catalogue including new data element representative of a column of a data table associated with at least one sensitive data element of the one or more sensitive data elements and generated based on the sensitivity level of the one or more sensitive data elements; (Kundu illustrates in Fig. 2 generated catalogue representing sensitive data and their sensitivity level, the figure is explained in more details in Kundu paragraphs [0039 to 0044]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel generating, by the data management system, a catalogue, the catalogue including new data element representative of a column of a data table 
Cherel does not explicitly disclose tagging the at least one sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements.
However, Garcia in an analogous art discloses: and tagging the at least one sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element (Garcia claim 1 discloses “a plurality of different logical levels being defined to reflect both hierarchies of the received and retrieved sensitive information and hierarchies of the one or more logical containers”. Garcia [0118] discloses, “the color of the flag being based on the highest level of flag applied to all of the financial accounts included in the online account”. [0182] discloses “higher-order rule overriding a lower-order rule. A $7,500 deposit in a bank account is not flagged, but further in the analysis workflow, a $7,500 cash advance is identified in a consumer's credit card account they have made available to the system. Not only is the cash advance in the credit card account flagged for follow-up, but also the deposit in the bank account is flagged for follow-up.” Which is interpreted that a high level new data element, the cash advance, occurring would result in tagging/flagging a deposit data element in the account. The account is mapped to a catalogue).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel by tagging the one or more sensitive data elements within the catalogue based on the sensitivity level of the one or more sensitive data elements corresponding to the new data element as disclosed by Garcia to provide a solution wherein tagged items can be resolved through a machine learning analysis (see Garcia [0026 and 0198]).

With respect to claim 20, Cherel in view of Kundu and Garcia disclose: The computer program product of claim 15, wherein the plurality of data elements is distributed across a plurality of data tables, (Cherel [0004] discloses in a database “PII is just one example of sensitive information, and there are other types of sensitive information (such as salary information, performance reviews, confidential product plans, etc.)”. In addition, Cherel [0008] discloses, “table T10 and table T11 are created in tablespace TS4. Assume table T10 contains sensitive information (e.g., PII)” which is interpreted that different data is stored on different databases. See also Cherel [0031-0032] and Fig. 2 showing T10 in database 210a and 210n).
the operations further comprising: based on a deletion request, identifying a tag for a requested data element within the first catalogue, the tag indicating the requested data element is included in the one or more sensitive data elements of the plurality of data elements; (Cherel [0046] Fig. 4 step 402 disclose “for each of the one or more objects, the sensitive information detector sets the secure delete indicator to indicate that the object contains sensitive information and identifies one or more security policies for that object in database catalog” wherein setting the indicator is mapped to tagging of sensitive data with security policies. Wherein when a delete request is done the tagged policies are identified in order to select which deletion policy is used, as understood by the examiner from Cherel paragraph [0060]).
based on identifying the tag for the requested data element, identifying the requested data element stored in one or more data tables of the plurality of data tables; and deleting the requested data element from the one or more data tables. (Cherel [0060] discloses “the database performs secure deletion of sensitive information. In block 502, the database processes the statement. For example, if the statement is to drop a table, the table is dropped. In block 504, the database identifies objects accessed by the statement. In block 506, the database determines which, if any, of the identified objects contain sensitive information using the secure delete indicator associated with each object in .

Claims 4-7, 10-13, and 16-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Cherel, Kundu, and Garcia as applied to claims 1-3, 8-9, 14-15, and 20 above, and further in view of Nagarajan et al. (US 20090172644 A1) hereinafter referred to as Nagarajan.

With respect to claim 4, Cherel in view of Kundu and Garcia disclose: The method of claim 1, wherein the at least one data table is an input data table, the method further comprising: generating an output data table from the input data table, (Kundu illustrated in Fig. 2 shows output data table 210 from input of table of all the subset combinations (1,1’) (1,2) … etc. See Kundu [0039-0044]).
the output data table including a subset of data elements of the plurality of data elements, the subset of data elements including at least one sensitive data element; (Kundu Fig. 2 illustrates the subsets mapped to subset combinations (1,1’) (1,2) … etc. Wherein the data is sensitive data as disclosed by Kundu [0044]).
They do not explicitly disclose: and based on generating the output data table, propagating a tag for the at least one sensitive data element.
However, Nagarajan in an analogous art discloses: based on generating the output data table, propagating a tag for the at least one sensitive data element. (Nagarajan [0002] discloses “data may be tagged with a sensitivity level, which may be located in the dedicated hardware support. During program execution, the system dynamically propagates the sensitivity level for the tagged data”. In addition [0022] discloses “The compiler 130 may generate code that associates a taint value to each register and memory byte. The taint value may be implemented as a Boolean value” wherein the 
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel and Kundu as modified above wherein based on generating the output data table, propagating a tag for the at least one sensitive data element as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 5, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The method of claim 4, wherein propagating the tag for the at least one sensitive data element further comprises: tagging the at least one sensitive data element within the first catalogue based on a sensitivity level of the at least one sensitive data element and inclusion of the at least one sensitive data element within the output table. (Nagarajan [0035] discloses Fig.4 illustrating a table wherein data is tainted/tagged and tracking it in the “Tracking Thread Code” which is mapped to output table. Wherein the data could be tagged based on sensitivity level according to Nagarajan [0002]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel and Kundu as modified above wherein propagating the tag for the at least one sensitive data element further comprises: tagging the at least one sensitive data element within the first catalogue based on a sensitivity level of the at least one sensitive data element and inclusion of the at least one sensitive data element within the output table as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 6, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The method of claim 5, wherein tagging the at least one sensitive data element further comprises: tagging one or more cells of a column within the second catalogue based on the sensitivity level of the at least one sensitive data element, the second catalogue associated with the output data table and the tagged one or more cells representing at least one cell within the output data table. (Nagarajan [0023] discloses “Referring now to FIG. 2, original code is shown in the left column and illustrative code the compiler 130 may generate to track operation of the original code is shown in the right column. In particular, the original code begins at line 200 with a read operations that results in data received from a spurious input channel being stored at a memory location Mem. The compiler 130 may generate flow tracking code shown at line 200 that updates a taint value associated with the memory location Mem to reflect that the data stored at the memory location Mem is tainted. As mentioned above, the compiler 130 may consider data received via input channels as spurious and therefore tainted” wherein the right column in Fig. 2 is mapped to the catalogue and the rows shown in the column are mapped to the cells; wherein as shown in the rows they are associated with the tagged data which could be tagged based on sensitivity level as recited in Nagarajan [0002]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the first and second catalogues disclosed by Cherel wherein tagging the at least one sensitive data element further comprises: tagging one or more cells of a column within the second catalogue based on the sensitivity level of the at least one sensitive data element, the second catalogue associated with the output data table and the tagged one or more cells representing at least one cell within the output data table as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 7, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The method of claim 5, wherein tagging the at least one sensitive data element within the first catalogue further comprises: tagging a column of the first catalogue based on the sensitivity level of the at least one sensitive data element, the first catalogue associated with the output data table and the tagged column representing a column within the output data table. (Kundu [0039-0044] and Fig. 2 illustrating the output column tagged with value “0.1” for sensitivity level wherein the illustrated catalogue is associated with the output as explicitly cited on the Figure 2 unit 210 title).

With respect to claim 10, Cherel in view of Kundu and Garcia disclose: The system of claim 9, wherein the at least one data table is an input data table, the operations further comprising: generating an output data table from the input data table, (Kundu illustrated in Fig. 2 shows output data table 210 from input of table of all the subset combinations (1,1’) (1,2) … etc. See Kundu [0039-0044]).
the output data table including a subset of data elements of the plurality of data elements, the subset of data elements including at least one sensitive data element; (Kundu Fig. 2 illustrates the subsets mapped to subset combinations (1,1’) (1,2) … etc. Wherein the data is sensitive data as disclosed by Kundu [0044]).
They do not explicitly disclose: and based on generating the output data table, propagating a tag for the at least one sensitive data element.
However, Nagarajan in an analogous art discloses: based on generating the output data table, propagating a tag for the at least one sensitive data element. (Nagarajan [0002] discloses “data may be tagged with a sensitivity level, which may be located in the dedicated hardware support. During program execution, the system dynamically propagates the sensitivity level for the tagged data”. In addition [0022] discloses “The compiler 130 may generate code that associates a taint value to each register and memory byte. The taint value may be implemented as a Boolean value” wherein the generated code is in a table as shown in Figs. 2 and 4. The examiner interprets that the tagging is 
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel and Kundu as modified above wherein based on generating the output data table, propagating a tag for the at least one sensitive data element as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 11, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The system of claim 10, wherein propagating the tag for the at least one sensitive data element further comprises: tagging the at least one sensitive data element within the first catalogue based on a sensitivity level of the at least one sensitive data element and inclusion of the at least one sensitive data element within the output table. (Nagarajan [0035] discloses Fig.4 illustrating a table wherein data is tainted/tagged and tracking it in the “Tracking Thread Code” which is mapped to output table. Wherein the data could be tagged based on sensitivity level according to Nagarajan [0002]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel and Kundu as modified above wherein propagating the tag for the at least one sensitive data element further comprises: tagging the at least one sensitive data element within the first catalogue based on a sensitivity level of the at least one sensitive data element and inclusion of the at least one sensitive data element within the output table as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 12, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The system of claim 11, wherein tagging the at least one sensitive data element further comprises: tagging one or more cells of a column within the second catalogue based on the sensitivity level of the at least one sensitive data element, the second catalogue associated with the output data table and the tagged one or more cells representing at least one cell within the output data table. (Nagarajan [0023] discloses “Referring now to FIG. 2, original code is shown in the left column and illustrative code the compiler 130 may generate to track operation of the original code is shown in the right column. In particular, the original code begins at line 200 with a read operations that results in data received from a spurious input channel being stored at a memory location Mem. The compiler 130 may generate flow tracking code shown at line 200 that updates a taint value associated with the memory location Mem to reflect that the data stored at the memory location Mem is tainted. As mentioned above, the compiler 130 may consider data received via input channels as spurious and therefore tainted” wherein the right column in Fig. 2 is mapped to the catalogue and the rows shown in the column are mapped to the cells; wherein as shown in the rows they are associated with the tagged data which could be tagged based on sensitivity level as recited in Nagarajan [0002]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the first and second catalogues disclosed by Cherel wherein tagging the at least one sensitive data element further comprises: tagging one or more cells of a column within the second catalogue based on the sensitivity level of the at least one sensitive data element, the second catalogue associated with the output data table and the tagged one or more cells representing at least one cell within the output data table as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 13, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The system of claim 11, wherein tagging the at least one sensitive data element within the first catalogue further comprises: tagging a column of the first catalogue based on the sensitivity level of the at least one sensitive data element, the first catalogue associated with the output data table and the tagged column representing a column within the output data table. (Kundu [0039-0044] and Fig. 2 illustrating the output column tagged with value “0.1” for sensitivity level wherein the illustrated catalogue is associated with the output as explicitly cited on the Figure 2 unit 210 title).

With respect to claim 16, Cherel in view of Kundu and Garcia disclose: The computer program product of claim 15, wherein the at least one data table is an input data table, the operations further comprising: generating an output data table from the input data table, (Kundu illustrated in Fig. 2 shows output data table 210 from input of table of all the subset combinations (1,1’) (1,2) … etc. See Kundu [0039-0044]).
the output data table including a subset of data elements of the plurality of data elements, the subset of data elements including at least one sensitive data element; (Kundu Fig. 2 illustrates the subsets mapped to subset combinations (1,1’) (1,2) … etc. Wherein the data is sensitive data as disclosed by Kundu [0044]).
They do not explicitly disclose: and based on generating the output data table, propagating a tag for the at least one sensitive data element.
However, Nagarajan in an analogous art discloses: based on generating the output data table, propagating a tag for the at least one sensitive data element. (Nagarajan [0002] discloses “data may be tagged with a sensitivity level, which may be located in the dedicated hardware support. During program execution, the system dynamically propagates the sensitivity level for the tagged data”. In addition [0022] discloses “The compiler 130 may generate code that associates a taint value to each register and memory byte. The taint value may be implemented as a Boolean value” wherein the generated code is in a table as shown in Figs. 2 and 4. The examiner interprets that the tagging is mapped to tainting and based on generating the code table that comprises the tag, the tag is propagated to every register and memory byte).


With respect to claim 17, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The computer program product of claim 16, wherein propagating the tag for the at least one sensitive data element further comprises: tagging the at least one sensitive data element within the first catalogue based on a sensitivity level of the at least one sensitive data element and inclusion of the at least one sensitive data element within the output table. (Nagarajan [0035] discloses Fig.4 illustrating a table wherein data is tainted/tagged and tracking it in the “Tracking Thread Code” which is mapped to output table. Wherein the data could be tagged based on sensitivity level according to Nagarajan [0002]).
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cherel and Kundu as modified above wherein propagating the tag for the at least one sensitive data element further comprises: tagging the at least one sensitive data element within the first catalogue based on a sensitivity level of the at least one sensitive data element and inclusion of the at least one sensitive data element within the output table as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 18, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The computer program product of claim 17, wherein tagging the at least one sensitive data element further comprises: tagging one or more cells of a column within the second catalogue based on the sensitivity level of the at least one sensitive data element, the second catalogue associated with the output data table and the tagged one or more cells representing at least one cell within the output data table. 
Therefore it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the first and second catalogues disclosed by Cherel wherein tagging the at least one sensitive data element further comprises: tagging one or more cells of a column within the second catalogue based on the sensitivity level of the at least one sensitive data element, the second catalogue associated with the output data table and the tagged one or more cells representing at least one cell within the output data table as disclosed by Nagarajan, to perform dynamic information flow tracking efficiently (see Nagarajan [0002]).

With respect to claim 19, Cherel in view of Kundu, Garcia, and Nagarajan disclose: The computer program product of claim 17, wherein tagging the at least one sensitive data element within the first catalogue further comprises: tagging a column of the first catalogue based on the sensitivity level of the at least one sensitive data element, the first catalogue associated with the output data table and the tagged column representing a column within the output data table. (Kundu [0039-0044] and Fig. 2 .

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Arasan et al. (US-20170139674-A1) paragraph [0030] discloses flagging sensitive data in a catalog.
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HANY S GADALLA whose telephone number is (571)272-2322. The examiner can normally be reached Mon to Fri 8:30AM - 5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/H.S.G./Examiner, Art Unit 2493                                                                                                                                                                                                        

/CARL G COLIN/Supervisory Patent Examiner, Art Unit 2493