DETAILED ACTION

This communication is in response to Application No. 16/970,529 filed on 8/17/2020.  The amendment presented on 12/16/2021, which amends claims 1, 3, 4, 8, and 12, is hereby acknowledged.  Claims 1-15 have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/16/2021 has been entered.
 
Response to Arguments
Applicant’s arguments with respect to claims 1-15 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 6-8, 12, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (hereinafter Wu)(US 2017/0116343) in view of Bagarolo et al. (hereinafter Bagarolo)(US 2018/0349121).
Regarding claim 1, Wu teaches as follows:
a method for a content management system (PRS server 235 may provide data privacy, residency, and security by managing access to data stored in private database 240, see, paragraph [0105] and figure 2), the method comprising: 
receiving a call via a platform layer regarding a transfer of data (in block 602, one or more of the client devices 205, 210, and 215 request a UI page or client component from the cloud infrastructure system 220, see, paragraph [0142] and figure 6);
verifying metadata corresponding with an identifier of the data, the identifier determined from the call (in block 608, the cloud infrastructure system 220 determines an identifier for each protected attribute, see, paragraph [0142] and figure 6); and 
determining with the platform layer whether the transfer can be completed based on the metadata applied to a privacy policy (with regard to communications between the one or more client devices 205, 210, and 215 and cloud-based application 245, the PRS 
Therefore, Wu teaches of intercepting transmissions to enforce the privacy policy as presented above but does not teach the transmission between the plurality of micro services.
Bagarolo teaches as follows:
the software components 127A-C may be deployed on the system 100 as micro services being processes that communicate with each other over network 105 and/or 103, which may enable software components 127A-C to communicate and cooperate over the network 105 and/or 103, without requiring any human interaction or changes in the underlying program (see, paragraph [0033]);
the communication between micro services MSA-MSC may for example be done via an API, such as a HTTP and REST API (equivalent to applicant’s platform layer to enable communications between multiple micro services)(see, paragraph [0035]); and
a metric describing an amount of communication traffic between at least two micro services (e.g. MSA and MSB) of the multiple micro services may be determined or evaluated (see, paragraph [0039])(equivalent to applicant data transmission between plurality of microservices).
	It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to modify Wu with Bagarolo to include data transmission between plurality of micro services via an API as taught by Bagarolo in 
Regarding claims 2 and 15, Wu teaches as follows:
wherein the metadata is stored in a metadata repository (interpreted as a private database 240 or a cloud database 250)(see, paragraph [0099] and figure 2).
Regarding claims 6 and 7, Wu teaches as follows:
enforcing an action regarding the transfer of data based on the privacy policy (with regard to communications between the one or more client devices 205, 210, and 215 and cloud-based application 245, the PRS server 235 can intercept transmissions originating from the one or more client devices 205, 210, and 215 to enforce the privacy, residency, and security policies, see, paragraph [0108]), wherein enforcing the action includes completing the transfer of data (PRS server 235 may provide data residency by preventing data that meets certain conditions, e.g., sensitive data, from leaving enterprise infrastructure system 225. PRS server 235 can identify specific pieces of data from the data transmission that meet the conditions, save the specific pieces of data to the private database 240, generate replacement values (e.g., encryption values or tokens) for the real values of the identified specific pieces of data, and send the generated replacement values to the cloud-based application 245, see, paragraph [0104]).
Regarding claims 8 and 12, Wu in view of Bagarolo teaches similar limitations as presented in the rejection regarding claim 1. Wu further teaches as follows:
determine another dataset for transfer, the another dataset corresponding with the service dataset, if the transfer of the service dataset cannot be completed based on 
Therefore, they are rejected for similar reason as presented above.

Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (hereinafter Wu)(US 2017/0116343) in view of Bagarolo et al. (hereinafter Bagarolo)(US 2018/0349121), and further in view of Narayanaswamy et al. (hereinafter Narayanaswamy)(US 2017/0264640).
Regarding claim 3, Wu in view of Bagarolo teaches all limitations as presented above except for the well-known key value in a repository.
Narayanaswamy teaches as follows:
wherein the metadata repository includes a key value (as content metadata are aggregated, they are stored in a NoSQL key-value column store distributed storage system 196 such as Cassandra 198, see, paragraph [0164]) store that includes metadata about data records used by the services (metadata includes structured data and functionality targets specific data constructs provided by the cloud services 140. Non-structured data, such as free text, can also be provided by, and targeted back to, the cloud services 140, see, paragraph [0163]).
	It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to modify Wu in view of Bagarolo with Narayanaswamy to include using the well-known key value database in the cloud service as taught by Narayanaswamy in order to efficiently store metadata.

Claims 4, 9, and 10 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (hereinafter Wu)(US 2017/0116343) in view of Bagarolo et al. (hereinafter Bagarolo)(US 2018/0349121), and further in view of Panchal et al. (hereinafter Panchal)(US 10,355,989).
Regarding claims 4 and 9, Wu in view of Bagarolo teaches all limitations as presented above except for the service mesh.
Panchal teaches as follows:
cloud exchange 100 includes a programmable network platform 120 for dynamically programming cloud exchange 100 to responsively and assuredly fulfill service requests that encapsulate business requirements for services provided by cloud exchange 100 and/or cloud service providers 110 coupled to the cloud exchange 100 (see, col. 7, lines 6-17 and figure 1); and
a customer 108 may request an L3 instance to link multiple cloud service providers by the L3 instance, for example (e.g., for transferring the customer's data between two cloud service providers, or for obtaining a mesh of services from multiple cloud service providers)(see, col. 7, lines 35-43 and figure 1).
	It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to modify Wu in view of Bagarolo with Panchal to include the cloud exchange as taught by Panchal in order to efficiently obtain a mesh of services from multiple cloud service providers.
Regarding claim 10, Wu teaches as follows:
cloud-based application 245, the PRS server 235 can intercept transmissions originating from the one or more client devices 205, 210, and 215 to enforce the privacy, residency, and security policies, see, paragraph [0108] and figure 2).

Claims 5, 13, and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (hereinafter Wu)(US 2017/0116343) in view of Bagarolo et al. (hereinafter Bagarolo)(US 2018/0349121) and Panchal et al. (hereinafter Panchal)(US 10,355,989), and further in view of Teng et al. (hereinafter Teng)(US 2016/0308762).
Regarding claim 5, Wu in view of Bagarolo and Panchal teaches all limitations except for the well-known control and data planes.
Teng teaches as follows:
a cloud-based services exchange for interconnecting multiple cloud service providers (equivalent to applicant’s plurality of services) with multiple cloud service customers (see, paragraph [0005]);
the cloud exchange point 303 provider may configure a full mesh arrangement whereby a set of PEs 302, 304 each couple to a different customer site network for the customer (see, paragraph [0056] and figure 3A); and 
control unit 602 of PE router 600 is divided into two logical or physical "planes" (equivalent to applicant’s platform layer) to include a first control or routing plane 604A and a second data or forwarding plane 604B (see, paragraph [0072] and figure 7).

	It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to modify Wu in view of Bagarolo and Panchal with Teng to include the control unit with two logical planes as taught by Teng in order to efficiently interconnect multiple cloud service providers.
	Regarding claims 13 and 14, Wu in view of Bagarolo, Panchal, and Teng teaches similar limitations as presented above in the rejections regarding claims 4 and 5.

Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (hereinafter Wu)(US 2017/0116343) in view of Bagarolo et al. (hereinafter Bagarolo)(US 2018/0349121), and further in view of Ritchie (US 2017/0270318).
Regarding claim 11, Wu in view of Bagarolo teaches all limitations as presented above except for the legal zone.
Ritchie teaches as follows:
the system may receive a data flow identifier associated with the privacy metadata test, and may use that data flow identifier to retrieve an associated privacy metadata test from the privacy architecture, if the system detects a match between a relevant jurisdiction (equivalent to applicant’s legal zone) from the privacy metadata test and the jurisdiction of interest of the legal metadata test, the system may retrieve the legal metadata test associated with the jurisdiction of interest from the legal architecture.  The system may use the privacy metadata test and the legal metadata test to determine an outstanding risk to privacy information used by a data flow 
	It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to modify Wu in view of Bagarolo with Ritchie to include jurisdiction information as taught by Ritchie in order to efficiently determine legal zone (jurisdiction) applied privacy law or jurisdiction-specific regulations.  

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Jeong S Park whose telephone number is (571)270-1597.  The examiner can normally be reached on Monday through Friday 8:00-4:30 ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Glenton B Burgess can be reached on 571-272-3949.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  






/JEONG S PARK/Primary Examiner, Art Unit 2454                                                                                                                                                                                                        
January 28, 2022