DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

	Allowable Subject Matter
Claims 1-20 are allowed. The following is a statement of reasons for the allowance:
The prior art on record:
Prior art Schukovets et al. (Pub. No.: US 2018/0373757) teaches a method and system for receiving a query specifying a result set of data from at least one database table; determine whether at least one column of the at least one database table is subject to a column-based authorization restriction; modify the query, in an instance it is determined that at least one column of the at least one database table is subject to a column-based authorization restriction, to restrict the result set of data in accordance with the column-based authorization restriction.
Prior art King et al. (Pub. No.: US 2009/0094193) teaches a database server operable to enforce a column-level security policy that is defined for a particular column of some, but not necessarily all, rows of a table stored in a database. After retrieving a set of rows from the table and before returning a result set of rows to the client, the database server modifies the retrieved set of rows into the result set of rows by applying the security policy to each row of the retrieved set of rows. 
Prior art Li et al. (Pub. No.: US 2017/0060949) teaches a computer-implemented method including identifying a query, including one or more predicates and one or more branches, wherein one or more branches includes one or more legs. The computer-implemented method further includes, for each branch, in parallel: determining a risk, determining a return row threshold, estimating a number of return rows; terminating access if the return rows exceed the threshold. 
Prior art Kronrod et al. (Patent No.: US 10,721,236) teaches receiving information relating to users and performing an affinity propagation clustering operation in connection with the information to identify a cluster of similar users. Further, the technique determines a risk in connection with a user in the 
However, none of cited prior art teaches or suggests, alone or in combination, the particular combination of steps or elements as recited in the independent claims. Specifically, the cited prior art on record does not specifically disclose, teach or suggest as a whole the limitation “decompose a plurality of queries issued against the database by a plurality of users to determine a first set of queries issued by a first user of the plurality of users and a second set of queries issued by a second user of the plurality of users; determine, from the first set of queries, a first set of columns in the database accessed by the first user as a result of issuing the first set of queries; determine, from the second set of queries, a second set of columns in the database accessed by the second user as a result of issuing the second set of queries; assign, based at least in part on the first set of columns, the first user to a cluster of the plurality of clusters; assign, based at least in part on the second set of columns, the second user to the cluster of the plurality of clusters; determine, based at least in part on the assignment of the first and second users to the cluster, that a first security risk corresponding to the first user accessing the first set of columns is below a threshold; determine, based at least in part on the assignment of the first and second users to the cluster, that a second security risk corresponding to the second user accessing the second set of columns is below the threshold; determine, based at least in part on the assignment of the first and second users to the cluster, that a third security risk corresponding to the first user accessing the first set of columns and the second user accessing the second set of columns exceeds the threshold; and in response to determining that the third risk exceeds the threshold, prevent the first user from accessing the first set of columns and the second user from accessing the second set of columns” including all the other limitation recited in the independent claims. 
The limitations of the independent claims were searched, but did not result in any applicable prior art.  After further considering the amendments, each of the independent claims as a whole are clearly distinguished from the prior art, and thus allowed.  
Dependent claims 2-7, 9-14 and 16-20 are also allowed for incorporating the allowable feature recited in the independent claims. 


Conclusion
	The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. See PTOL-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729.  The examiner can normally be reached on M-F 8:30-5:30.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Ali Abyaneh can be reached on (571) 270-3618.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8729.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG LI/
Primary Examiner, Art Unit 2437