Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Priority
Examiner acknowledges applicants’ claim of priority to the following application:
PCT/US20/37354, filed on 06/12/2020 ,now abandoned.


Continued Examination under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 09/21/2021 has been entered.

Claims 1-10 and 12-20 have been examined.


Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-10 and 12-20 are rejected under 35 U.S.C. 103 as being unpatentable over by Cronin et al. [US 20160364420 A1, August 26, 2016], in view of Savelieva et al. [US 20160099915 A1, April 7, 2016].

With respect to claims 1, 9 and 16, the claims limitations of the system, method and computer-readable instructions a tenant computing system comprising: 

one or more processors; and one or more computer-readable media having thereon computer-executable instructions that are structured such that, when executed by the one or more processors, cause the tenant computing system ([0111] the exemplary computer system 400 includes a processor 402, a main memory 404 …and a secondary memory 418 (e.g., a persistent storage device including hard disk drives and a persistent database and/or a multi-tenant database implementation) to perform:
cause a network connection to be established between the tenant
computing system and a data service that contains tenant data ([0103-0104] each application server 300 may be communicably coupled to database systems, e.g., having access to system data 225 and tenant data 223, via a different network connection… system 216 is multi-tenant, in which system 216 handles storage of, and access to, different objects, data and applications across disparate users and organizations);
receive an analytics customization input via a customization interface of one of a plurality of tenant analytics components [e.g. Fig. 17 and Fig. 19] the customization interface permitting a metric of the tenant data [e.g. specifying a dataset of sales data] to be viewed across one or more query dimensions that are defined by the analytics customization input [e.g. generates indices from rows and columns of the dataset] ([0527] Fig.19E, At block 1991, processing logic receives input from a user device specifying a dataset of sales data for a customer organization, in which the sales data specifies a plurality of sales opportunities. 
[0528] Fig. 9E, At block 1992, processing logic generates indices from rows and columns of the dataset, the indices representing probabilistic relationships between the rows and the columns of the dataset);
based on the analytics customization input, generate one or more queries of the metric along the one or more query dimensions ([0528-0529] generates indices from rows and columns of the dataset , At block 1993, processing logic stores the indices in a queryable database within the host organization. 
transmit the one or more queries to the data service over the network connection, causing the data service to generate one or more query responses [e.g. processing logic displays the win or lose predictive result] ([0530] At block 1994, selects one or more of the plurality of sales opportunities specified within the sales data. 
[0531] At block 1995, processing logic queries the indices for a win or lose predictive result for each of the selected one or more sales opportunities. 
[0532] At block 1996, processing logic displays the win or lose predictive result for each of the selected one or more sales opportunities to the user device as output) 
receive the one or more query responses to the one or more queries from the data service [e.g. predictive results returned (e.g. transmitted) from the predictive interface], cause one of the plurality of tenant analytics components to use the one or more query responses to perform analysis to generate one or more analytics results [e.g. display the predicted results to the user]; and cause the one or more analytics results associated with the metric to be presented along the one or more query dimensions at the tenant computing system [e.g. scored sales opportunities, the quality of predictions, and what factors or characteristics are probabilistically relevant to the sales opportunities and other metrics displayed] ([0533] The User Interface (UI) or Graphical User Interface (GUI) consumes data and predictive results returned (e.g. transmitted) from the predictive interface to display the predicted results to the user in a highly intuitive fashion along with other data such as scored sales opportunities, the quality of predictions, and what factors or characteristics are probabilistically relevant to the sales opportunities and other metrics displayed).
Cronin does not teach:
cause a network connection to be established between the tenant computing system and a data service that contains tenant data via a trusted application, the tenant computing system, the data service, and the trusted application being separate computing systems that are configured to communicate with each other via a network, wherein causing the network connection to be established comprises: 
providing one or more access permissions to the trusted application; 
causing the trusted application to establish trust between the tenant computing system and the data service; and 
in response to establishing trust, causing the trusted application to intermediate queries and query responses between the tenant computing system and the data service.
Savelieva teaches:
a network connection to be established between the tenant computing system and a data service that contains tenant data via a trusted application [e.g. the shared application platform 108], the tenant computing system [e.g. the security context data from tenant A 102, tenant B 104 and tenant C 106], the data service [e.g. the trusted service 110], and the trusted application being separate computing systems that are configured to communicate with each other via a network ([0017] the shared application platform 108 may include a number of shared devices that manage access to sealed data. As an example, the shared application platform 108 may include a trusted service 110 for accessing secrets and launching tenant applications in a specific security context and a trusted secret storage 118 of the trusted service 110. However, one skilled in the art would recognize that the scale of the shared application platform 108, including the number of components utilized by the shared , wherein causing the network connection to be established comprises: 
providing one or more access permissions to the trusted application [e.g. managing access to tenant sensitive data or secret data]; causing the trusted application to establish trust between the tenant computing system and the data service ([0017] the trusted service 110 is used for managing access to tenant sensitive data or secret data from a trusted secret storage 118 (e.g., trusted source) of the shared application platform 108, running tenant applications in the multi-tenant computational environment within a specific security context that has lower privileges than a trusted machine account or other trusted components of the shared application platform 108, and provisioning necessary pieces of security context data at run time to run an application of a tenant. The trusted secret storage 118 is a trusted source of secrets that ensures that pieces of the security context data are sealed with a security layer which only trusted components of the trusted service 110 can unseal. In one example, the trusted secret storage 118 may be application based. As an example, the trusted secret storage 118 may be a trusted platform module (TPM) that protects sensitive information by binding the sensitive information to platform configuration information including, the software and hardware being used. As an example, the trusted secret storage 118 may be implemented on a TPM chip of a mobile device such as a laptop, mobile phone, tablet, etc.); and 
in response to establishing trust, causing the trusted application to intermediate queries and query responses between the tenant computing system and the data service ([0028] the trusted service 110 may include a components or processing of tenant application requests, and processing resources used to evaluate and process the tenant application requests. In one example, computational resources (e.g., internal resource 112) may be treated as untrusted as untrusted application code may be running on said resource. A tenant may deploy security context data to a component of the trusted service 110, for example, the trusted secret storage 118 that limits the providing of the security context data to trusted resources of the trusted service 110. In a case where a request is made for security context data by an untrusted resource (e.g., a resource outside of the trusted service 110), the resource will be evaluated to determine if it is trusted to run a tenant application. If a resource is determined to be untrusted, the trusted service 110 may prevent the untrusted resource from receiving the security context data that it is not authorized to receive).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention to modify the system of Cronin with the trusted tenant computing system of Savelieva. Such a modification would prevent un-trusted devices from accessing sensitive data as well as prevent an unauthorized application from running using an account of a tenant. (Savelieva [0015]).

With respect to dependent claim 2, Cronin as modified by Savelieva further teaches the data model of the tenant data permitting the metric to be queried along a number of metric-specific dimensions, the one or more query dimensions permitted by the data model in that the one or more query dimensions are included amongst the number of metric-specific dimensions (Cronin [0539] 

With respect to dependent claim 3, Cronin as modified by Savelieva further teaches causing one or more analytics results associated with the metric to be presented comprises changing presentation as the one or more query responses are updated (Cronin [0105] as an example of storage, one tenant might be a company that employs a sales force where each salesperson uses system 216 to manage their sales process. Thus, a user might maintain contact data, leads data, customer follow-up data, performance data, goals and progress data, etc., all applicable to that user's personal sales process (e.g., in tenant data storage 222). In an example of a MTS arrangement, since all of the data and the applications to access, view, modify, report, transmit, calculate, etc., can be maintained and accessed by a user system having nothing more than network access, the user can manage his or her sales efforts and cycles from any of many different user systems. For example, if a salesperson is visiting a customer and the customer has Internet access in their lobby, the salesperson can 

With respect to dependent claim 4, Cronin as modified by Savelieva further teaches establishing the network connection being performed using a trusted application that is trusted by the data service and the tenant computing system, and as part of establishing the network connection, the tenant analytics component provides one or more access permissions to the trusted application (Cronin [0092] the users of user systems 212 may differ in their respective capacities, and the capacity of a particular user system 212 might be entirely determined by permissions (permission levels) for the current user….Thus, different users will have different capabilities with regard to accessing and modifying application and database information, depending on a user's security or permission level).

With respect to dependent claim 5, Cronin as modified by Savelieva further teaches the customization interface permitting the one or more query dimensions of the tenant data to be changed as permitted by the data model of the tenant data (Cronin [0092] in systems with a hierarchical role model, users at one permission level may have access to applications, data, and database information accessible by a lower permission level user, but may not have access to certain applications, database information, and data accessible by a user at a higher permission level. Thus, different users will have different capabilities with regard to accessing and modifying application and database information, depending on a user's security or permission level).

With respect to dependent claim 6, Cronin as modified by Savelieva further teaches the customization interface permitting a calculation of the metric to be altered (Cronin [0499] FIG. 19A depicts a specialized GUI 1901 to query using historical dates. The specialized GUI 1901 implementation depicted here enables users to filter on a historical value by comparing a historical value versus a current value in a multi-tenant database system. Filtering for historical data is enabled via the GUI's "Close date (Historical)" drop down box or similar means (e.g., a calendar selector, etc.) in which the GUI 1901 displays current fields related to historical fields).

With respect to dependent claim 7, Cronin as modified by Savelieva further teaches the customization interface permitting at least one additional metric of the tenant data to be defined (Cronin [0501] the GUI 1901 executes the necessary queries or API calls and then consumes the data which is then presented back to the end users via a display interface for the GUI 1901, such as a client device 106A-C as illustrated in FIG. 1. Consider for example, a salesperson looking at the sales information in a particular data set. The GUI 1901 interface can take the distributions provided by the analysis engine and produce a visual indication for ranking the information according to a variety of customized solutions and use cases).

With respect to dependent claim 8, Cronin as modified by Savelieva further teaches causing one or more analytics results associated with the metric to be presented along the one or more query dimensions being performed using a visualization, the customization interface permitting the visualization used to present the metric to be changed (Cronin [0501] the GUI 1901 interface can take the distributions provided by the analysis engine and produce a visual indication for ranking the information according to a variety of customized solutions and use cases).

Regarding claims 10, 12-15 and 17-20; the instant claims recite substantially same limitations as the above-rejected claims 2-8 and are therefore rejected under the same prior-art teachings.

Response to Amendment
In response to the 06/25/2021 office action claims 1, 9 and 16 have been amended, no new claim has been added, and no claim has been cancelled. Claims 1-10 and 9-20 are currently pending and stand rejected.

Response to Arguments
Applicant’s arguments filed on 11/03/2021 have been considered. 
The arguments are drawn to the newly recited limitations. The new ground of rejection as necessitated by the new limitation is presented herein.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SOHEILA G DAVANLOU whose telephone number is (571)270-5155. The examiner can normally be reached Monday - Friday, 9:00am - 6:00 Eastern Time..

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alford Kindred can be reached on (571)272-4037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

SOHEILA G DAVANLOU
Examiner
Art Unit 2153



/ALFORD W KINDRED/Supervisory Patent Examiner, Art Unit 2153