Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1,3,4,8,10,11,15 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160092486 A1 Mattsson; Ulf et al. (hereinafter Mattsson) in view of US 20160224804 A1; Carasso; David (hereinafter Carasso)
Regarding claim 1, Mattsonn teaches A secure data processing system comprising: a processing device; an identity data repository; a non-transitory computer-readable memory coupled to the processing device and storing instructions, wherein the processing device is configured for executing the instructions and thereby performing operations comprising: (Mattsson [FIG. 1 & 2] show corresponding hardware  [0023] The clients, the token server, and the token mapper can be computing devices capable of processing data as well as transmitting data to and receiving data from the other modules of FIG. 1 via the network 110. For example, the clients, token server, and token mapper can include a desktop computer, laptop computer, smart phone, tablet computing device, server, payment terminal, or receiving sensitive data about an entity; (Mattsson [0027] The tokenization module 125 is configured to receive sensitive data, to tokenize a portion of the received sensitive data using one or more single-use tokens, and to store or transmit the tokenized data. In the embodiments described herein, the tokenization module performs DLT tokenization, though it should be noted that other forms of single-use tokenization can also be performed according to the principles described herein. In response to receiving the sensitive data, the tokenization module generates one or more single-use tokens, and stores the generated tokens in the single-use token table 135. In some embodiments, the tokenization module requests, via the interface module 120, one or more single-use tokens from the token server 115. Tokens received from the token server can be stored in the single-use token table. It should be noted that the single-use tokens generated by the front-end client 100 or received from the token server 115 are used only once in tokenizing sensitive data.  [0028] The tokenization module 125 can perform chained tokenization with one or more single-use tokens, and can implement various types of data modifications before or after each tokenization iteration. The tokenization module, after tokenizing the sensitive data to generate tokenized data, can creating, in the identity data repository and from the sensitive data, a searchable secure entity data object for the entity, wherein creating the searchable secure entity data object comprises: generating variant data having a modified version of the sensitive data, tokenizing the sensitive data and the variant data (Mattsson [0020] The security of tokenization can be further increased through the use of initialization vectors ("IVs"). An initialization vector is a string of data used to modify sensitive data prior to tokenizing the sensitive data. Example sensitive data modification operations include performing linear or modulus addition on the IV and the sensitive data, performing logical operations on the sensitive data with the IV, encrypting the sensitive data using the IV as an encryption key, and the like. The IV can be a portion of the sensitive data. For example, for a 12-digit number, the last 4 digits can be used as an IV to modify the first 8 digits before tokenization. IVs can also be retrieved from an IV table, received from an external entity configured to provide IVs for use in tokenization, or can be generated based on, for instance, the identity of a user, the date/time of a requested tokenization operation, based on various tokenization parameters, and the like. Data modified by one or more IVs that is subsequently tokenized includes an extra layer of security--an unauthorized party that gains access to the token tables used to tokenized the modified data will be able to detokenize the tokenized data, but will be unable to de-modify the modified data without access to the IVs used to modify the data.  [0027] The tokenization module 125 is configured to receive sensitive data, to tokenize a portion of the received sensitive data using one or and storing the tokenized sensitive data, the tokenized variant data, and the common entity identifier in the searchable secure entity data object; (Mattsson [0006] The token mapper can store associations between single-use tokens and multi-use tokens in a token map...the token mapper can encrypt or further tokenize the single-use tokens, the multi-use tokens, or the associations between the two stored by the token mapper. [27-28 & 33-39] further elaborate)							receiving a query regarding the entity; (Mattsson [0006] In order to improve and servicing the query by matching the … query … to the tokenized variant data in the searchable secure entity data object and retrieving the tokenized sensitive data from the searchable secure entity data object. (Mattsson [0006] In order to improve security, the token mapper can delete the clear text value associated with single-use tokens or multi-use tokens mapped by the token mapper after a multi-use token table is queried, or after the association between a single-use token and a multi-use token is stored. [0021] the tokenized data is used to query the one or more token tables used to tokenize the data. For instance, if a 4-digit number is tokenized by querying a token table to identify a token mapped to the 4-digit number, and the identified token is used to replace the 4-digit number to form tokenized data, then the tokenized data can be detokenized by querying [30-33 & 41-48] further elaborate on the querying process)									Mattsson lacks explicitly teaching associating a common entity identifier with the tokenized sensitive data and the tokenized variant data; generating a transformed query parameter from a query parameter in the query;						associating a common entity identifier with the tokenized sensitive data and the tokenized variant data (Carasso [0047] In some embodiments, a common field name may be used to reference two or more fields containing equivalent data items, even though the fields may be associated with different types of events that possibly have different data formats and different extraction rules. By enabling a common field name to be used to identify equivalent fields from different types of events generated by different data sources, the system facilitates use of a "common information model" (CIM) across the different data sources.)													generating a transformed query parameter from a query parameter in the query; (Carasso [0044] the analyst can continue to refine the late-binding schema by adding new fields, deleting fields, or changing the field extraction rules until the next time the schema is used by a query [0122] The fieldname specified in 1021 and the match value specified in 1023 may be used together as one search criterion for a search query in the event processing system. As the user interacts to introduce or change the displayed contents of fieldname selector 1021 and field value selector 1023, a search query may be performed to supply compliant event data that can be displayed in data portion 1040, providing feedback to the user regarding their choices. In response to this feedback, the user may change the contents of 1021 or 1023 to achieve a better result. For example, the user may introduce a wildcard character into field value selector 1023 to expand the scope of the search criteria in the hope of seeing more satisfying results in data portion 1040 when the search query is rerun using the updated search criterion [76,82,83] further elaborate )								
Corresponding method claim 8 is rejected similarly as claim 1 above.
Regarding claim 3, the combination of Mattsson and Carasso teach The secure data processing system of claim 1, wherein performing the operation of generating the transformed query parameter from the query parameter in the query comprises: extracting the query parameter from the query; (Carasso [0064] and tokenizing the query parameter to generate a transformed query parameter that can be matched to encrypted data in the searchable secure entity data object. (Mattsson [0014] As used herein, the tokenization of data refers to the generation of tokenized data by querying one or more token tables mapping input values to tokens with the one or more portions of the data, and replacing the queried portions of the data with the resulting tokens from the token tables. Tokenization can be combined with encryption for increased security, for example by encrypting sensitive data using a mathematically reversible cryptographic function [0020] The security of tokenization can be further increased through the use of initialization vectors ("IVs"). An initialization vector is a string of data used to modify sensitive data prior to tokenizing the sensitive data. Example sensitive data modification operations include performing linear or modulus addition on the IV and the sensitive data, performing logical operations on the sensitive data with the IV, encrypting the sensitive data using the IV as an encryption key, and the like. The IV can be a portion of the sensitive data. For example, for a 12-digit number, the last 4 digits can be used as an IV to modify the first 8 digits before tokenization. IVs can also be retrieved from an IV table, received from an 
Corresponding method claim 10 is rejected similarly as claim 3 above
Regarding claim 4, the combination of Mattsson and Carasso teach The secure data processing system of claim 1, wherein the common entity identifier is included in all tokenized data associated with a particular entity, and identifies tokenized data that is based on sensitive data from different sources as associated with the particular entity. (Carasso [0047] In some embodiments, a common field name may be used to reference two or more fields containing equivalent data items, even though the fields may be associated with different types of events that possibly have different data formats and different extraction rules. By enabling a common field name to be used to identify equivalent fields from different types of events generated by different data sources, the system facilitates use of a "common information model" (CIM) across the different data sources. )
Corresponding method claim 11 is rejected similarly as claim 4 above
Regarding claim 15, Mattsson teaches A system comprising: a processing device; a non-transitory computer-readable memory coupled to the processing device and storing a secure identity data structure comprising: (Mattsson [FIG. 1 & 2] show corresponding hardware  [0023] The clients, the token server, and the token a tokenized sensitive data object having encrypted versions of account or transaction data regarding an entity a tokenized variant data object comprising a modified version of account or transaction data (Mattsson [0020] The security of tokenization can be further increased through the use of initialization vectors ("IVs"). An initialization vector is a string of data used to modify sensitive data prior to tokenizing the sensitive data. Example sensitive data modification operations include performing linear or modulus addition on the IV and the sensitive data, performing logical operations on the sensitive data with the IV, encrypting the sensitive data using the IV as an encryption key, and the like. The IV can be a portion of the sensitive data. For example, for a 12-digit number, the last 4 digits can be used as an IV to modify the first 8 digits before tokenization. IVs can also be retrieved from an IV table, received from an external entity configured to provide IVs for use in tokenization, or can be generated and a server communicatively coupled to the non-transitory computer-readable memory and configured for servicing a query regarding the entity by (i) matching (Mattsson [0006] In order to improve security, the token mapper can delete the clear text value associated with single-use tokens or multi-use tokens mapped by the token mapper after a multi-use token table is queried, or after the association between a single-use token and a multi-use token is stored. [0021] the tokenized data is used to query the one or more token tables used to tokenize the data. For instance, if a 4-digit number is tokenized by querying a token table to identify a token mapped to the 4-digit number, and the identified token is used to replace the 4-digit number to form tokenized data, then the tokenized data can be detokenized by querying [30-33 & 41-48] further elaborate on the querying process)								and (ii) retrieving the tokenized variant data object from the secure identity data structure (Mattsson [0006] In order to improve security, the token mapper can delete the clear text value associated with single-use tokens or multi-use tokens mapped by the token mapper after a multi-use token table is queried, or after the association between a single-use token and a multi-use token is stored. [0021] the tokenized data is used to query the one or more token tables used to tokenize the data. For instance, if a 4-digit number is tokenized by querying a token table to identify a token mapped to the 4-digit number, and the identified token is used to replace the 4-digit number to form tokenized data, then the tokenized data can be detokenized by querying [30-33 & 41-48] further elaborate on the querying process)					Mattsson lacks explicitly teaching a common entity identifier linking the tokenized a common entity identifier linking the tokenized sensitive data object and the tokenized variant data object; … using the common entity identifier. (Carasso [0047] In some embodiments, a common field name may be used to reference two or more fields containing equivalent data items, even though the fields may be associated with different types of events that possibly have different data formats and different extraction rules. By enabling a common field name to be used to identify equivalent fields from different types of events generated by different data sources, the system facilitates use of a "common information model" (CIM) across the different data sources.)									a transformed version of a query parameter to the tokenized sensitive data object (Carasso [0044] the analyst can continue to refine the late-binding schema by adding new fields, deleting fields, or changing the field extraction rules until the next time the schema is used by a query [0122] The fieldname specified in 1021 and the match value specified in 1023 may be used together as one search criterion for a search query in the event processing system. As the user interacts to introduce or change the displayed contents of fieldname selector 1021 and field value selector 1023, a search query may be performed to supply compliant event data that can be displayed in data portion 1040, providing feedback to the user regarding their choices. In response to this feedback, the user may change the contents of 1021 or 1023 to achieve a better result. For example, the user may introduce a wildcard character into field value selector 
Regarding claim 18, the combination of Mattsson and Carasso teach The system of claim 15, the secure identity data structure further comprising a searchable secure entity data object for the entity comprising the tokenized sensitive data object, the tokenized variant data object, (Mattsson [0020] The security of tokenization can be further increased through the use of initialization vectors ("IVs"). An initialization vector is a string of data used to modify sensitive data prior to tokenizing the sensitive data. Example sensitive data modification operations include performing linear or modulus addition on the IV and the sensitive data, performing logical operations on the sensitive data with the IV, encrypting the sensitive data using the IV as an encryption key, and the like. The IV can be a portion of the sensitive data. For example, for a 12-digit number, the last 4 digits can be used as an IV to modify the first 8 digits before tokenization. IVs can also be retrieved from an IV table, received from an external entity configured to provide IVs for use in tokenization, or can be generated based on, for instance, the identity of a user, the date/time of a requested tokenization operation, based on various tokenization parameters, and the like. Data modified by one or more IVs that is subsequently tokenized includes an extra layer of security--an unauthorized party that gains access to the token tables used to tokenized the modified data will be able to detokenize the tokenized data, but will be unable to de-modify the modified data without access to the IVs used to modify the data.  [0027] The tokenization module 125 is configured to receive sensitive data, to tokenize a portion of the received sensitive data using one or more single-use tokens, and to store or transmit the tokenized data. In the embodiments described herein, the tokenization module performs DLT tokenization, though it should be noted that other forms of single-use tokenization can also be performed according to the principles described herein. In response to receiving the sensitive data, the tokenization module generates one or and the common entity identifier (Carasso [0047] In some embodiments, a common field name may be used to reference two or more fields containing equivalent data items, even though the fields may be associated with different types of events that possibly have different data formats and different extraction rules. By enabling a common field name to be used to identify equivalent fields from different types of events generated by different data sources, the system facilitates use of a "common information model" (CIM) across the different data sources. )
Regarding claim 19, the combination of Mattsson and Carasso teach The system of claim 18, wherein the searchable secure entity data object is generated in response to receiving sensitive data for the entity. (Mattsson [0020] The security of tokenization can be further increased through the use of initialization vectors ("IVs"). 
Regarding claim 20, the combination of Mattsson and Carasso teach The system of claim 15, wherein the non-transitory computer-readable memory further comprises a plurality of service operations having permissions to execute within the secure identity data structure (Mattssonn [0016] SLT can also include one or several additional columns with additional tokens mapped to the input string values of the first column, for example for use in subsequent tokenization operations. [0020] sensitive data modification operations include performing linear or modulus addition on the IV and the sensitive data, performing logical operations on the sensitive data with the IV ... [21,29-31, 50-54] further elaborate on the operations used)
Claims 2 and 9 are rejected under 35 U.S.C. 103 as being unpatentable over Mattsson in view of Carasso and US 20170024657 A1; Sahu; Sudheer et al. (hereinafter Sahu). 
 Regarding claim 2, the combination of Mattsson and Carasso teach The secure data processing system of claim 1, wherein performing the operation of generating the variant data having the modified version of the sensitive data comprises: determining, based on a configuration setting of the identity data repository 													The combination lack explicitly teaching a form of fuzzy search logic supported by a query function of the identity data repository; and generating the variant data based on the fuzzy search logic and the sensitive data.							However Sahu helps teach a form of fuzzy search logic supported by a query function of the identity data repository; and generating the variant data based on the fuzzy search logic and the sensitive data. (Sahu [0040] Certain embodiments according to the present disclosure provide for geo -refined fuzzy autosuggestion search engine services. Geo -refined fuzzy autosuggestion search engine services according to certain embodiments of the present disclosure provide for extensive coverage and optimize user experiences by providing suggestions that are relevant to the input query and that correspond to providers having geolocations proximate to the geolocation of interest to the end-user. Accordingly, certain embodiments provide for technical improvements in autosuggestion search engine services that redound in certain advantages in efficiency, accuracy, and speed that can be passed on to the user in facilitating optimized user experiences. ... [FIG. 22 & FIG.23] show a visual flow of the system and some of the implementations of the fuzzy search logic)					Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all prior methods and make the addition of Sahu in order to improve the system ability to search and ultmitly improve the user experience (Sahu [0040] Certain embodiments according to the present 
Corresponding method claim 9 is rejected similarly as claim 2 above.
Claims 5,7,12,14, and 16 rejected under 35 U.S.C. 103 as being unpatentable over Mattsson in view of Carasso and US 20170116428 A1; Wu; Jing et al. (hereinafter Wu)
Regarding claim 5, the combination of Mattsson and Carasso teach The secure data processing system of claim 1, wherein the instructions for performing the operation of servicing the query by matching the transformed query parameter to the tokenized variant data in the searchable secure entity data object and retrieving the tokenized sensitive data from the searchable secure entity data object comprises: (Mattsson [0006] In order to improve security, the token mapper can delete the clear text value associated with single-use tokens or multi-use tokens mapped by the token mapper after a multi-use token table is queried, or after the association between a single-use token and a multi-use token is stored. [0021] the tokenized data is used to query the one or more token tables used to tokenize the data. For instance, if a 4-digit number is tokenized by querying a token table to identify a token mapped to the 4-digit number, and the identified token is used to replace the 4-digit number to form tokenized data, then the tokenized data can be detokenized by querying [30-33 & 41-48] further elaborate on the querying process)					the combination lack explicitly teaching decrypting the tokenized sensitive data; and performing a service operation on the decrypted sensitive data within the identity data repository 												However Wu helps teach decrypting the tokenized sensitive data; and performing a service operation on the decrypted sensitive data within the identity data repository (Wu [103] storing and managing, the sensitive data locally, the sensitive data is encrypted or tokenized before it is sent to cloud-based application 245, and decrypted or substitute with the sensitive data on the return. The sensitive data received by the cloud-based application 245 and optionally stored in cloud database 
Corresponding method claim 12 is rejected similarly as claim 5 above. 
Regarding claim 7, the combination of Mattsson, Wu and Carasso teach The secure data processing system of claim 5, wherein the query is received from a client computing device external to the identity data repository (Mattsson [0043] In one embodiment, the token mapper 118 can utilize an external service (not shown in FIG. 2) 
Corresponding method claim 14 is rejected similarly as claim 7 above
Regarding claim 16, the combination of Mattsson and Carasso teach The system of claim 15, wherein the server is further configured for servicing the query regarding the entity by										The combination lack explicitly teaching decrypting the tokenized sensitive data and performing a service operation on the decrypted sensitive data within the secure identity data structure											However Wu helps teach decrypting the tokenized sensitive data and performing a service operation on the decrypted sensitive data within the secure identity data structure
Claims 6,13 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Mattsson in view of Carasso, Wu and US 20180103020 A1; Moiyallah, JR.; Samuel Massa et al. (hereinafter Moiyallah)
Regarding claim 6, the combination of Mattsson, Wu and Carasso teach The secure data processing system of claim 5, wherein performing the operation of servicing the query by matching the transformed query parameter to the tokenized variant data in the searchable secure entity data object and retrieving the tokenized sensitive data from the searchable secure entity data object further comprises:												The combination lack explicitly teaching deleting the decrypted sensitive data from the identity data repository after completion of the service operation				However Moiyallah helps teach deleting the decrypted sensitive data from the identity data repository after completion of the service operation (Moiyallah [0061] In some embodiments, the system deletes the questionnaire comprising the plurality of options and the valid option stored in the database of the entity server immediately after the completion of the validation process. In some embodiments, the system stores the questionnaire comprising the plurality of options and the valid option in a decrypted format to prevent exposure of sensitive information and erases the decrypted version of questionnaire comprising the plurality options immediately after completion of validation process. Therefore, the system may quickly retrieve previously used questions from an earlier questionnaire in future user authentication processes. )					Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to take all prior methods and make the 
Corresponding method claim 13 is rejected similarly as claim 6 above
Regarding claim 17, the combination of Mattsson and Carasso teach The system of claim 16, wherein the server is further configured for servicing a query regarding the entity by										the combination lack explicitly teaching deleting the decrypted sensitive data from the secure identity data structure after completion of the service operation.			However Moiyalleh helps teach deleting the decrypted sensitive data from the secure identity data structure after completion of the service operation. (Moiyallah [0061] In some embodiments, the system deletes the questionnaire comprising the plurality of options and the valid option stored in the database of the entity server immediately after the completion of the validation process. In some embodiments, the system stores the questionnaire comprising the plurality of options and the valid option in a decrypted format to prevent exposure of sensitive information and erases the decrypted version of questionnaire comprising the plurality options immediately after 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARYAN D TOUGHIRY whose telephone number is (571)272-5212. The examiner can normally be reached Monday - Friday, 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Aleksandr Kerzhner can be reached on (571) 270-1760. The fax phone 
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ARYAN D TOUGHIRY/Examiner, Art Unit 2165                                                                                                                                                                                                        
/William B Partridge/Primary Examiner, Art Unit 2183