Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION

Claims 1-20 are pending in this office action.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on December 15, 2021, and January 18, 2022, are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claim 15 is missing in the original numbering of claims.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over O’Connor et al. (U.S. Patent Pub. No. 2010/0257351) in view of Gupta (U.S. Patent Pub. No. 2003/0167269).

Regarding claim 1, O’Connor et al. teaches a system for providing a networked database service, the system comprising: a controller configured to: receive one or more data request (paragraph 0043); and authenticate the one or more data request (paragraph 0089); and a gateway (GW) in communication with the controller, the GW configured to: receive a response corresponding to at least one of the one or more data request from the controller (paragraph 0092); receive data from a data provider (paragraph 0093); and generate a cryptographic key for accessing a database, the cryptographic key based on the classification result, a hardware-protected key in the GW, and a key from the data provider (paragraph 0064-0067); wherein the controller and the database are operated by different parties (paragraph 0030).
O’Connor et al. does not teach perform data classification on the data according to the response to obtain a classification result.
Gupta teaches perform data classification on the data according to the response to obtain a classification result (fig. 2).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine performing data classification, as taught by Gupta, with the method of O’Connor et al.  It would have been obvious for such modifications because different classifications of data represent secure and unsecure data.  Secure data needs protected, whereas unsecure data does not.

claim 2, O’Connor et al. teaches wherein the GW is an ingress GW, the one or more data request includes a data upload request, and the ingress GW is further configured to send the data upload request to the controller, encrypt the data based on the cryptographic key, and send the encrypted data to the database for storage (paragraph 0053 and 0055).

Regarding claim 3, O’Connor et al. teaches wherein the one or more request includes a data access request from a data requester, and the controller is further configured to perform authentication and authorization on the data access request, and send a data indication to an egress GW, wherein the system further comprises the egress GW configured to: perform data classification on the received data indication to obtain a second classification result; receive data from the database; and generate a decryption key based on the second classification result, a hardware-protected key of the egress GW, and the key from the data provider; and decrypt the data based on the decryption key, and provide the decrypted data to the data requester (paragraph 0064-0067).

Regarding claim 4, O’Connor et al. teaches wherein the data received by the ingress GW is encrypted data from the data provider (paragraph 0051).

Regarding claim 5, O’Connor et al. teaches wherein the ingress GW is further configured to decrypt the encrypted data from the data provider based on the key from the data provider to obtain decrypted data, wherein the data encrypted by the ingress GW is the decrypted data (paragraph 0059).
claim 6, O’Connor et al. teaches wherein the egress GW is configured to decrypt the data by perform a decryption of the data based on the decryption key and the key from the data provider (paragraph 0059).

Regarding claim 7, O’Connor et al. teaches wherein the system further comprises a data distribution center configured to: receive the encrypted data from the ingress GW, and select the database to store the encrypted data, and store an address of the database into a log server, and the ingress GW is configured to send the encrypted data to the database for storage by sending the encrypted data via the data distribution center to the database for storage (paragraph 0053).

Regarding claim 8, O’Connor et al. teaches wherein the controller is further configured to authenticate the data provider via an authentication center (paragraph 0089).

Regarding claim 9, O’Connor et al. teaches wherein the controller is configured to perform the authorization on the data access request by confirming with the data provider that the data access request is authorized (paragraph 0089).

Regarding claim 10, O’Connor et al. teaches an ingress gateway (GW) apparatus comprising: a processor (fig. 1A, ref. num 17); at least one network interface (fig. 1A, ref. num 20); non-transitory machine readable memory storing machine readable instructions which when executed by the processor (fig. 1A, ref. num 22), configures the ingress GW to: receive 
O’Connor et al. does not teach perform data classification on the data according to the response to obtain a classification result.
Gupta teaches perform data classification on the data according to the response to obtain a classification result (fig. 2).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine performing data classification, as taught by Gupta, with the method of O’Connor et al.  It would have been obvious for such modifications because different classifications of data represent secure and unsecure data.  Secure data needs protected, whereas unsecure data does not.

Regarding claim 11, O’Connor et al. teaches wherein the data received by the ingress GW is encrypted data from the data provider (paragraph 0051).

claim 12, O’Connor et al. teaches wherein the ingress GW is further configured to decrypt the encrypted data from the data provider based on the key from the data provider to obtain decrypted data, wherein the data encrypted by the ingress GW is the decrypted data (paragraph 0059).

Regarding claim 13, O’Connor et al. teaches wherein the ingress GW is configured to send the encrypted data to the database for storage by sending the encrypted data via a data distribution center to the database for storage (paragraph 0053).

Regarding claim 14, O’Connor et al. teaches wherein the response is an authentication of the data provider (paragraph 0089).

Regarding claim 16, O’Connor et al. teaches wherein the ingress GW and the controller are operated by the same party, which differs from the party operating the database (fig. 1A).

Regarding claim 17, O’Connor et al. teaches an egress gateway (GW) apparatus comprising: a processor (fig. 1A, ref. num 17); at least one network interface (fig. 1A, ref. num 20); non-transitory machine readable memory storing machine readable instructions which when executed by the processor (fig. 1A, ref. num 22), configures the egress GW to: receive a data access request from a data requester (paragraph 0043); send the data access request to a controller for authentication and authorization (paragraph 0089); receive a data indication from the controller (paragraph 0058); receive data from the database associated with the data 
O’Connor et al. does not teach perform data classification on the data according to the response to obtain a classification result.
Gupta teaches perform data classification on the data according to the response to obtain a classification result (fig. 2).
It would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to combine performing data classification, as taught by Gupta, with the method of O’Connor et al.  It would have been obvious for such modifications because different classifications of data represent secure and unsecure data.  Secure data needs protected, whereas unsecure data does not.

Regarding claim 18, O’Connor et al. teaches wherein the egress GW is configured to decrypt the data by perform a decryption of the data based on the decryption key and the key from the data provider (paragraph 0073).

Regarding claim 19, O’Connor et al. teaches wherein the egress GW and the controller are operated by the same party, which differs from the party operating the database (fig. 1A).

claim 20, O’Connor et al. teaches wherein the ingress GW, the egress GW and the controller are operated by the same party, which differs from the party operating the database (fig. 1A).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRANDON HOFFMAN whose telephone number is (571)272-3863.  The examiner can normally be reached on Monday-Friday 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/BRANDON HOFFMAN/Primary Examiner, Art Unit 2433