DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 3/2/22 has been entered.
 
Response to Arguments
Applicant’s arguments with respect to claim(s) 1-20 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Arnold U.S. PAP 2004/0199782 A1, in view of Vermeulen U.S. PAP 2016/0373456 A1, further in view of Jiang CN 108537042 A.

Regarding claim 1 Arnold teaches  A method operative in a security system wherein requests structured according to a machine language are directed to a monitored system and examined for validation against a security policy (A method and system for providing privacy 
identifying a set of one or more language statements of the machine language that (Referring to step 220 in FIG. 2, NFS daemon 215 determines whether data 210 contains a CPEX compliant privacy header, see par. [0024]), based on their syntax, include elements that are likely to contain or expose sensitive information (Meta-data describing privacy policy 230 is preferably implemented using XML-based CPEX but may be implemented using any language, syntax,  and semantics for describing personal data that will be associated with an authenticated entity, see par. [0025]);
and upon a determination that the syntactically-invalid language statement has the measure of similarity, taking a given security action (In response to data 210 being encapsulated with the CPEX compliant privacy header at step 225 or otherwise determined as containing the CPEX privacy header at step 220, data write process 200 proceeds to step 240. At step 240 a determination is made whether data 210 is to be encrypted, digitally signed, and/or filtered, see par. [0029]). 
However Arnold does not teach responsive to detecting that a request has a syntactically-invalid language statement, determining whether the syntactically-invalid language statement has a measure of similarity sufficiently close to any of the set of one or more language statements.
such information can include security model information, metadata describing sources of such information, and access control list data to be indexed in index repository, see par. [0048].In a non-limiting example, the query management system 108 can build a set of consistent queries using rich business intelligence semantic information, syntactic keyword rules, combination rules and security rules, and can do so with near real time performance, see par. [0058]. The system can receive a textual data from a user accessing interface and can use the query to access the grammar. The system 108 can use the grammar and the received data to generate a set of consistent queries. The text in the data can be analyzed and tokenized, and associated to keywords if a matching textual query portion can be found in the grammar. In some implementations, the matching can be performed using a Levenshtein distance algorithm, see par. [0059].
It would have been obvious to one of ordinary skill in the art to combine the Arnold reference with the teachings of Vermeulen for the benefit of quickly and accurately accessing 
However Arnold in view of Vermeulen does not teach Performing a syntactic analysis on the machine language and, Performing a syntactic analysis on the machine language and, in response, identifying a set of one or more language identifying a set of one or more language statements; and wherein the syntactically-invalid language statement is a language statement that is misconfigured or corrupted.
In the same field of endeavor Jiang teaches  a user-defined plug-in for: obtaining user input of the vulnerability information, and generating a vulnerability scanning plugin. The invention optimizes the existing upgrade vulnerability scanning plugin method, to generate custom vulnerability scanning plugin, see abstract. Embodiment B teaches a user-defined plug-in method, FIG. 2a is a flowchart of the second embodiment of the present invention. The method of the embodiment specifically includes: S210, obtaining vulnerability information input by user, wherein the vulnerability information includes the risk level of vulnerability, attributes of the vulnerability, the vulnerability information into the vulnerability information, loophole detection code injection type of. S220, the vulnerability information is input to the set of data model and generating a vulnerability scanning plugin. In S230, the vulnerability scanning plugin input and grammar testing (syntax analysis) for security testing in the system. Syntax testing can be used to detecting the generated vulnerability scanning plugin itself whether there is syntax error, logic error and so on. The vulnerability scanning plugin input and grammar testing for security testing in the test system may include a test system by first set of plug-in test the vulnerability scanning plugin is grammar error occurs; if detecting that the vulnerability scanning 
It would have been obvious to one of ordinary skill in the art to combine the Arnold in view of Vermeulen invention with the teachings of Jiang for the benefit of detecting vulnerabilities in the system.

Regarding claim 2 Arnold teaches the method as described in claim 1 wherein the given security action dynamically obfuscates a portion of the request (data 210 is to be encrypted, see par. [0029]). 
Regarding claim 3 Vermeulen teaches the method as described in claim 1 wherein the measure of similarity is a syntactic edit distance (the matching can be performed using a Levenshtein distance algorithm, see par. [0059]). 
Regarding claim 4 Vermeulen teaches the method as described in claim 3 wherein the measure of similarity is a Levenshtein distance measure (the matching can be performed using a Levenshtein distance algorithm, see par. [0059]). 
Regarding claim 5 Vermeulen teaches the method as described in claim 1 wherein the monitored system is a database server and the request is a Structured Query Language (SQL) query (In some implementations, the end results of adding elements in the query context is a query generation into an SQL Statement (or similar language) that could be executed by a query execution engine in order to get the result from a repository, see par. [0082]). 
claim 6 Vermeulen teaches the method as described in claim 1 wherein each language statement is represented by a data string that encodes elements of the language statement as a sequence of unique token values, and wherein the one or more language statements are represented as a ranked list of token sequences (generating the plurality of search query suggestions and providing the search query suggestions for display in the user interface in a ranked order, see par. [0005]). 
Regarding claim 7 Arnold teaches the apparatus configured as a security system wherein requests structured according to a machine language are directed to a monitored system and examined for validation against a security policy ((A method and system for providing privacy enhanced handling of data, the method including indexing an identity of an entity storing a data file to a privacy policy, associating the data file with the privacy policy, storing the data file and the associated privacy policy, evaluating the privacy policy associated with a data file and indexed to an entity, see abstract), the machine language comprising a set of language statements, comprising: 
a processor (a processor for indexing an identity of an entity storing a data file to the privacy policy, see par. [0009); 
computer memory holding computer program instructions executed by the processor (a removable storage medium, a memory card or a hard disk), the computer program instructions comprising program code configured to: 
identify a set of one or more language statements of the machine language that (Referring to step 220 in FIG. 2, NFS daemon 215 determines whether data 210 contains a CPEX compliant syntax,  and semantics for describing personal data that will be associated with an authenticated entity, see par. [0025]);
and upon a determination that the syntactically-invalid language statement has the measure of similarity, taking a given security action (In response to data 210 being encapsulated with the CPEX compliant privacy header at step 225 or otherwise determined as containing the CPEX privacy header at step 220, data write process 200 proceeds to step 240. At step 240 a determination is made whether data 210 is to be encrypted, digitally signed, and/or filtered, see par. [0029]). 
However Arnold does not teach responsive to detecting that a request has a syntactically-invalid language statement, determining whether the syntactically-invalid language statement has a measure of similarity sufficiently close to any of the set of one or more language statements.
IN a similar field of endeavor Vermeulen teaches a plurality of business processes associated with a plurality of business objects, and displaying, in the user interface, a query box and a plurality of visualizations depicting data corresponding to at least a portion of the plurality of business objects. The method includes receiving and parsing a free text input, generating and executing a search using a plurality of keyword search queries based on one or more keyword tokens, see abstract. Sophisticated data solutions are in demand in order to quickly and accurately access data desired by users from massive amounts of data managed by the business enterprise, see par. [0003]. In some implementations, the security engine 136 can access such information can include security model information, metadata describing sources of such information, and access control list data to be indexed in index repository, see par. [0048].In a non-limiting example, the query management system 108 can build a set of consistent queries using rich business intelligence semantic information, syntactic keyword rules, combination rules and security rules, and can do so with near real time performance, see par. [0058]. The system can receive a textual data from a user accessing interface and can use the query to access the grammar. The system 108 can use the grammar and the received data to generate a set of consistent queries. The text in the data can be analyzed and tokenized, and associated to keywords if a matching textual query portion can be found in the grammar. In some implementations, the matching can be performed using a Levenshtein distance algorithm, see par. [0059].
It would have been obvious to one of ordinary skill in the art to combine the Arnold reference with the teachings of Vermeulen for the benefit of quickly and accurately accessing data desired by users from massive amounts of data managed by the business enterprise, see par. [0003].
However Arnold in view of Vermeulen does not teach Performing a syntactic analysis on the machine language and, Performing a syntactic analysis on the machine language and, in response, identifying a set of one or more language identifying a set of one or more language statements; and wherein the syntactically-invalid language statement is a language statement that is misconfigured or corrupted.
grammar testing (syntax analysis) for security testing in the system. Syntax testing can be used to detecting the generated vulnerability scanning plugin itself whether there is syntax error, logic error and so on. The vulnerability scanning plugin input and grammar testing for security testing in the test system may include a test system by first set of plug-in test the vulnerability scanning plugin is grammar error occurs; if detecting that the vulnerability scanning plugin there is no syntax error, determining the vulnerability scanning plugin through a grammar test, See second embodiment. 
It would have been obvious to one of ordinary skill in the art to combine the Arnold in view of Vermeulen invention with the teachings of Jiang for the benefit of detecting vulnerabilities in the system.


claim 8 Arnold teaches the apparatus as described in claim 7 wherein the computer program code is further configured to dynamically obfuscate a portion of the request as the given security action (data 210 is to be encrypted, see par. [0029]). 
Regarding claim 9 Vermeulen teaches the apparatus as described in claim 7 wherein the measure of similarity is a syntactic edit distance (the matching can be performed using a Levenshtein distance algorithm, see par. [0059]). 
Regarding claim 10 Vermeulen teaches the apparatus as described in claim 9 wherein the measure of similarity is computed by the program code as a Levenshtein distance measure (the matching can be performed using a Levenshtein distance algorithm, see par. [0059]).  
Regarding claim 11 Vermeulen teaches the apparatus as described in claim 7 wherein the monitored system is a database server and the request is a Structured Query Language (SQL) query (In some implementations, the end results of adding elements in the query context is a query generation into an SQL Statement (or similar language) that could be executed by a query execution engine in order to get the result from a repository, see par. [0082]). 
Regarding claim 12 Vermeulen teaches the apparatus as described in claim 7 wherein each language statement is represented by a data string that encodes elements of the language statement as a sequence of unique token values, and wherein the one or more language statements are represented as a ranked list of token sequences (generating the plurality of search query suggestions and providing the search query suggestions for display in the user interface in a ranked order, see par. [0005]). 
claim 13 Vermeulen teaches a computer program product in a non-transitory computer readable medium, the computer program product holding computer program instructions executed by a processor as a security system wherein requests structured according to a machine language are directed to a monitored system and examined for validation against a security policy (a computer readable storage medium having program instructions, see par. [0045]), 
the machine language comprising a set of language statements (A method and system for providing privacy enhanced handling of data, the method including indexing an identity of an entity storing a data file to a privacy policy, associating the data file with the privacy policy, storing the data file and the associated privacy policy, evaluating the privacy policy associated with a data file and indexed to an entity, see abstract), the computer program instructions comprising program code configured to: 
identify a set of one or more language statements of the machine language that (Referring to step 220 in FIG. 2, NFS daemon 215 determines whether data 210 contains a CPEX compliant privacy header, see par. [0024]), based on their syntax, include elements that are likely to contain or expose sensitive information (Meta-data describing privacy policy 230 is preferably implemented using XML-based CPEX but may be implemented using any language, syntax,  and semantics for describing personal data that will be associated with an authenticated entity, see par. [0025]);
and upon a determination that the syntactically-invalid language statement has the measure of similarity, taking a given security action (In response to data 210 being encapsulated with the CPEX compliant privacy header at step 225 or otherwise determined as containing the 
However Arnold does not teach responsive to detecting that a request has a syntactically-invalid language statement, determining whether the syntactically-invalid language statement has a measure of similarity sufficiently close to any of the set of one or more language statements.
IN a similar field of endeavor Vermeulen teaches a plurality of business processes associated with a plurality of business objects, and displaying, in the user interface, a query box and a plurality of visualizations depicting data corresponding to at least a portion of the plurality of business objects. The method includes receiving and parsing a free text input, generating and executing a search using a plurality of keyword search queries based on one or more keyword tokens, see abstract. Sophisticated data solutions are in demand in order to quickly and accurately access data desired by users from massive amounts of data managed by the business enterprise, see par. [0003]. In some implementations, the security engine 136 can access information provided by entities wishing to access query management system 108. For example, such information can include security model information, metadata describing sources of such information, and access control list data to be indexed in index repository, see par. [0048].In a non-limiting example, the query management system 108 can build a set of consistent queries using rich business intelligence semantic information, syntactic keyword rules, combination rules and security rules, and can do so with near real time performance, see par. [0058]. The system can receive a textual data from a user accessing interface and can use the query to access the grammar. The system 108 can use the grammar and the received data to generate a set of consistent queries. The text in the data can be analyzed and tokenized, and associated to keywords if a matching textual query portion can be found in the grammar. In some implementations, the matching can be performed using a Levenshtein distance algorithm, see par. [0059].
It would have been obvious to one of ordinary skill in the art to combine the Arnold reference with the teachings of Vermeulen for the benefit of quickly and accurately accessing data desired by users from massive amounts of data managed by the business enterprise, see par. [0003].
However Arnold in view of Vermeulen does not teach Performing a syntactic analysis on the machine language and, Performing a syntactic analysis on the machine language and, in response, identifying a set of one or more language identifying a set of one or more language statements; and wherein the syntactically-invalid language statement is a language statement that is misconfigured or corrupted.
In the same field of endeavor Jiang teaches  a user-defined plug-in for: obtaining user input of the vulnerability information, and generating a vulnerability scanning plugin. The invention optimizes the existing upgrade vulnerability scanning plugin method, to generate custom vulnerability scanning plugin, see abstract. Embodiment B teaches a user-defined plug-in method, FIG. 2a is a flowchart of the second embodiment of the present invention. The method of the embodiment specifically includes: S210, obtaining vulnerability information input by user, wherein the vulnerability information includes the risk level of vulnerability, attributes of the vulnerability, the vulnerability information into the vulnerability information, loophole detection code injection type of. S220, the vulnerability information is input to the set of data model and grammar testing (syntax analysis) for security testing in the system. Syntax testing can be used to detecting the generated vulnerability scanning plugin itself whether there is syntax error, logic error and so on. The vulnerability scanning plugin input and grammar testing for security testing in the test system may include a test system by first set of plug-in test the vulnerability scanning plugin is grammar error occurs; if detecting that the vulnerability scanning plugin there is no syntax error, determining the vulnerability scanning plugin through a grammar test, See second embodiment. 
It would have been obvious to one of ordinary skill in the art to combine the Arnold in view of Vermeulen invention with the teachings of Jiang for the benefit of detecting vulnerabilities in the system.
Regarding claim 14 Vermeulen teaches the computer program product as described in claim 13 wherein the computer program code is further configured to dynamically obfuscate a portion of the request as the given security action (data 210 is to be encrypted, see par. [0029]). 
Regarding claim 15 Vermeulen teaches the computer program product as described in claim 13 wherein the measure of similarity is a syntactic edit distance (the matching can be performed using a Levenshtein distance algorithm, see par. [0059]). 
Regarding claim 16 Vermeulen teaches the computer program product as described in claim 15 wherein the measure of similarity is computed by the program code as a Levenshtein distance measure (the matching can be performed using a Levenshtein distance algorithm, see par. [0059]). 
claim 17 Vermeulen teaches the computer program product as described in claim 13 wherein the monitored system is a database server and the request is a Structured Query Language (SQL) query (In some implementations, the end results of adding elements in the query context is a query generation into an SQL Statement (or similar language) that could be executed by a query execution engine in order to get the result from a repository, see par. [0082]). 
Regarding claim 18 Vermeulen teaches the computer program product as described in claim 13 wherein each language statement is represented by a data string that encodes elements of the language statement as a sequence of unique token values, and wherein the one or more language statements are represented as a ranked list of token sequences (generating the plurality of search query suggestions and providing the search query suggestions for display in the user interface in a ranked order, see par. [0005]). 
Regarding claim 19 Vermeulen teaches a security system associated with a monitored system, wherein requests directed to the monitored system are structured according to a machine language comprising a set of language statements, comprising: 
a data store storing a set of one or more first data strings (the privacy requirements regarding data 210 data are preferably described in a standardized manner so as to be compatible across heterogeneous operating systems, network configurations, and applications, see par. [0023]), each of the first data strings being associated with a language statement of the machine language that, based on its syntax, has been determined to include elements that are likely to contain or expose sensitive information ((Meta-data describing privacy policy 230 is preferably implemented using XML-based CPEX but may be implemented using any language, syntax, and 
computer program code executed by a hardware processor and configured to: 
parse requests directed to the monitored system (CPEX privacy header 340 is parsed to obtain the identity of the entity that stored the privacy enhanced data 330, the privacy policy, and rules governing access rights to data 330, see par. [0037]), and based on the measure of similarity being indicative that the syntactically-invalid language statement presents a security exposure, taking a given security action ((In response to data 210 being encapsulated with the CPEX compliant privacy header at step 225 or otherwise determined as containing the CPEX privacy header at step 220, data write process 200 proceeds to step 240. At step 240 a determination is made whether data 210 is to be encrypted, digitally signed, and/or filtered, see par. [0029])..
However Arnold does not teach responds to detection of a request having a syntactically-invalid language statement to: 
process elements of the syntactically-invalid language statement into a second data string; 
determine a measure of similarity between the second data string and the first data string of each of the one or more language statements.
In the same field of endeavor Vermeulen teaches 
process elements of the syntactically-invalid language statement into a second data string (The method additionally includes generating a query tree that connects a first node representing 
determine a measure of similarity between the second data string and the first data string of each of the one or more language statements (the system 108 can receive a textual data from a user accessing interface 102 and can use the query to access the grammar 122. The system 108 can use the grammar 122 and the received data to generate a set of consistent queries. The text in the data can be analyzed and tokenized (i.e., portioned into tokens 132), and associated to keywords if a matching textual query portion can be found in the grammar. In some implementations, the matching can be performed using a Levenshtein distance algorithm, see par. [0058]).
It would have been obvious to one of ordinary skill in the art to combine the Arnold reference with the teachings of Vermeulen for the benefit of quickly and accurately accessing data desired by users from massive amounts of data managed by the business enterprise, see par. [0003].
However Arnold in view of Vermeulen does not teach Performing a syntactic analysis on the machine language and, Performing a syntactic analysis on the machine language and, in response, identifying a set of one or more language identifying a set of one or more language statements; and wherein the syntactically-invalid language statement is a language statement that is misconfigured or corrupted.
grammar testing (syntax analysis) for security testing in the system. Syntax testing can be used to detecting the generated vulnerability scanning plugin itself whether there is syntax error, logic error and so on. The vulnerability scanning plugin input and grammar testing for security testing in the test system may include a test system by first set of plug-in test the vulnerability scanning plugin is grammar error occurs; if detecting that the vulnerability scanning plugin there is no syntax error, determining the vulnerability scanning plugin through a grammar test, See second embodiment. 
It would have been obvious to one of ordinary skill in the art to combine the Arnold in view of Vermeulen invention with the teachings of Jiang for the benefit of detecting vulnerabilities in the system.

claim 20 Vermeulen teaches the security system as described in claim 19 wherein each data string for a particular language statement is formed by: converting elements of the particular language statement into a token sequence, wherein each element has a unique integer value (The method also includes receiving and parsing a free text input in the query box into tokens, see par. [0004]); 
and concatenating the unique integer values into the data string for the particular language statement (The search engine 206 can access data index 208 in graph storage 210 to associate tokens to a list of items, such as measures, dimension, and/or values, see par. [0064]). 
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Pertinent prior art available on form 892.
Shimoni ‘ 201 teaches a system and method for protecting web applications which finds syntax errors in search matches, see par. [0065].
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Michael Ortiz-Sanchez whose telephone number is (571)270-3711.  The examiner can normally be reached on Monday- Friday 9AM-6PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/MICHAEL ORTIZ-SANCHEZ/Primary Examiner, Art Unit 2656