DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

				General remarks:
1/ Claims 1-2, and 4-10 are pending
2/ claims 1 and 10 are independent
3/ Previous IDS filed 06/21/2019 has been considered
4/ Claim 3 is originally cancelled

Response to Arguments
Applicant’s arguments, filed 01/13/2022, with respect to the rejection(s) of claim(s) 1 and 10 under the combination of prior arts have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made in view of Hussain ( US pg. no. 20100241844).
Applicant's arguments regarding claims 1 and 10 filed 01/13/2022 have been fully considered but they are not persuasive. 
Applicant argued that the combination does not disclose:
selecting, based on the user, a predetermined user entitlement, wherein the predetermined user entitlement includes one or several allowed data operations that follow (i) a data reading at least in part, (ii) a data update at least in part, and (iii) a data sharing at least in part; 
Examiner respectfully disagrees:
Uramoto discloses access control rule used to control access to data. The access control information comprises the subject of access, the object of access and actions that the access control gives right for the subject to apply. Uramoto in [0030] discloses an access control rule in that the access right (user entitlement) of an access subject (user) to an object (data) is defined therein. Reading the access control rule to determine subject`s (user`s) right (entitlement) based on subject identifier corresponds to selecting ; [0031] discloses an access control rule comprising information such as subject (user) of access control;  object ID that is object of access control; and action: detail of permission (entitlement) granted by access control to act on object.[0032] discloses the access control of [0031] comprises an identifier, such as an object ID indicating object, may be registered for each of Subj and Obj. Moreover, operations such as read (data read operation), write (data update operation), and see (data share operation), as well as a method for modifying response information from the access object or access request information to the access object may be registered as Action. Identifying the right action permission (entitlement) to be done on  an object by the subject (user) from the access control information corresponds to selecting based on the user, predetermined entitlement. In light of the disclosure of the instant application indicated in page 6, the above limitation is obvious in light of the teaching of the combination of prior arts.
-The other previous prior arts are being relied up on for the other limitations where they are not related to arguments.

Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

Claims 1, 4-5, and 10 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Zalila (US pg. no. 20120259826), further in view of Hussain ( US pg. no. 20100241844), further in view of Uramoto (US pg. no. 20090144282).
	Regarding claim 1. Zalila discloses a system for adapting a response provided by a first device, wherein
the system comprises the first device (fig. 2, service providers 208); 
the first device comprises a processor (fig. 2, processor of service providers 208);
the processor is configured to:
receive, from at least one user device, as at least one second device (fig. 2 device of user 204), a data access request (fig. 2, 236 request), the data access request comprising at least one identifier relating to a user and a predetermined service provider interface (fig. 2 discloses user 204 communicates request 236 with communication device 202 that corresponds to service provider interfaces for service providers 208. The source and the destination information of the request 236 corresponds to identifier related to the user and the communication device 202 (service provider interface)), the service provider interface being associated with the first device (([0038] discloses interfacing agent 106 allows the user 104 to interface with any type of service provider 108 (first device)) ;
process the data access request and provide an original data response to the data access request (fig. 12 307 discloses receive response data from the one or more service providers (first device)); and
send the original data response (fig. 12 discloses 307 discloses receive response data from the one or more service providers (first device)) wherein the system is configured to:
intercept, by a secure element connected to the first device,  the original data response sent by the first device and modify  the original data response while being specific to the user (0037] discloses when the service providers 108 receive the request, the service providers 108 may send response data back to the interfacing agent 106 (intercepting by a secure element), which then filters the response data based on the user profile of the user 104  to form or generate user-customized response data (response while being specific to the user); fig. 12 307-309 discloses receive user request; send user request to service providers; receive response from service providers; and filter response to generate customized response according to user attributes of the user profile that corresponds to intercepting) by: 
send at least a part of the adapted response to the second device or at least one
third device ([0084] discloses the process filters the response data from the one or more service providers using the user profile to form user-customized response data (step 309). The process presents the user-customized response data to the user (step 311)).
But, Zalila does not explicitly disclose:
separating, based on the user, the intercepted original data response into a plurality of data elements; 
generating, based on the user and the selected user entitlement, at least one value relating to each of the separated data elements; and 
replacing an original value included in the intercepted original data response with said generated at least one value, wherein response modifications include at least one of (iv) anonymizing one or several response data elements of the plurality of data elements; 	provide an adapted response including the at least one generated value relating to the plurality of data elements that have been separated from the intercepted response;
However, in the same field of endeavor, Hussain discloses:
separating, based on the user, the intercepted original data response into a plurality of data elements ([0015] discloses sensitive information is seamlessly replaced with masked information that does not violate the privacy policies, yet maintains the integrity of the message and the protocol carrying the message. The masking of such information can be performed in a uniform manner for all the recipients, but the preferred embodiment associates the client with the request and performs the masking based on the client's role (based on the user) within the organization. That corresponds to separating the intercepted response in to sensitive and non-sensitive); 
generating, based on the user and the selected user entitlement, at least one value relating to each of the separated data elements ([0020] and fig. 3 discloses the redaction  process starts when the redaction appliance detects a client request and the corresponding server response (301). The appliance identifies the client making the request using the authentication information embedded within the request. Once the client has been identified (based on the user), the client's role is retrieved from the role database (106) (selected user  entitlement). The redaction rules associated with this role are retrieved from the redaction rules database (105) and associated with this client's session. This process is carried out only once during a single client session. All subsequent server responses directed to this client are subjected to the redaction rules applicable to his or her roles (302). These responses are parsed by the protocol parser for the application protocol in use for that session (303). Parsing the message stream allows the redaction appliance to determine if any of the redaction rules need to be enforced. On making such a determination, the appliance makes a temporary copy of the sensitive information (304) (separated data element) and replaces it with a predetermined character, such as Xs or blanks (305) (generated value). The client does not get to see the redaction information, yet proceeds with his required duties); and 
	replacing an original value included in the intercepted original data response with said generated at least one value (Parsing the message stream allows the redaction appliance to determine if any of the redaction rules need to be enforced. On making such a determination, the appliance makes a temporary copy of the sensitive information (304) (separated data element) and replaces it with a predetermined character, such as Xs or blanks (305) (generated value). The client does not get to see the redaction information, yet proceeds with his required duties), 	wherein response modifications include at least one of (iv) anonymizing one or several response data elements of the plurality of data elements ([0020] the redaction process starts when the redaction (anonymization)appliance detects a client request and the corresponding server response (301). The appliance identifies the client making the request using the authentication information embedded within the request. Once the client has been identified (based on the user), the client's role is retrieved from the role database (106) (selected user  entitlement). The redaction rules associated with this role are retrieved from the redaction rules database (105) and associated with this client's session. This process is carried out only once during a single client session. All subsequent server responses directed to this client are subjected to the redaction rules applicable to his or her roles (302). These responses are parsed by the protocol parser for the application protocol in use for that session (303). Parsing the message stream allows the redaction appliance to determine if any of the redaction rules need to be enforced. On making such a determination, the appliance makes a temporary copy of the sensitive information (304) (separated data element) and replaces it with a predetermined character, such as Xs or blanks (305) (generated value). The client does not get to see the redaction information, yet proceeds with his required duties); 	
provide an adapted response including the at least one generated value relating to the plurality of data elements that have been separated from the intercepted responses ([0020]the redaction process starts when the redaction (anonymization)appliance detects a client request and the corresponding server response (301). The appliance identifies the client making the request using the authentication information embedded within the request. Once the client has been identified (based on the user), the client's role is retrieved from the role database (106) (selected user  entitlement). The redaction rules associated with this role are retrieved from the redaction rules database (105) and associated with this client's session. This process is carried out only once during a single client session. All subsequent server responses directed to this client are subjected to the redaction rules applicable to his or her roles (302). These responses are parsed by the protocol parser for the application protocol in use for that session (303). Parsing the message stream allows the redaction appliance to determine if any of the redaction rules need to be enforced. On making such a determination, the appliance makes a temporary copy of the sensitive information (304) (separated data element) and replaces it with a predetermined character, such as Xs or blanks (305) (generated value). The client does not get to see the redaction information, yet proceeds with his required duties);
		But, the combination does not explicitly disclose:
selecting, based on the user, a predetermined user entitlement, wherein the predetermined user entitlement includes one or several allowed data operations that follow (i) a data reading at least in part, (ii) a data update at least in part, and (iii) a data sharing at least in part; 
However, in the same field of endeavor, Uramoto discloses selecting, based on the user, a predetermined user entitlement, wherein the predetermined user entitlement includes one or several allowed data operations ([0029] discloses an access control rule (also referred to as ACLRULE) may be a rule that defines the access right of an access subject to an access object …For example, if the access control rule is <S1, O1, readable>, it means that a subject S1 (a user, for example) is allowed to read (readable)that corresponds to entitlement that includes predetermined allowed data operation for user S1 to access object 1 an object (a directory, for example); table 2 discloses access rule comprising, entitlement to specific user to perform certain operation on requested data. Applying the access rule that comprise user entitlement corresponds to selecting) that follow (i) a data reading at least in part, (ii) a data update at least in part, and (iii) a data sharing at least in part([0030] discloses an access control rule of this embodiment according to the present invention may be the same as the above-mentioned access control rule in that the access right (user entitlement) of an access subject (user) to an object (data) is defined therein. Reading the access control rule to determine subject`s right (entitlement) based on subject identifier corresponds to selecting ; [0031] discloses an access control rule comprising information such as subject (user) of access control; object ID that is object of access control; and action: detail of permission (entitlement) granted by access control.[0032] discloses the access control of [0031] comprises an identifier, such as an object ID indicating object, may be registered for each of Subj and Obj. Moreover, operations such as read (data read operation), write (data update operation), and see (data share operation), as well as a method for modifying response information from the access object or access request information to the access object may be registered as Action. Identifying the right action permission (entitlement) to be done on  an object by the subject (user) from the access control information) corresponds to selecting based on the user, predetermined entitlement).
Therefore, it would have been obvious to a person having ordinary skill in the time of the invention was effectively filed to combine the teaching of the combination with Uramoto. The modification would allow managing records of different entitlements to different users to enable effective data access control.		
Regarding claim 4.   The combination discloses the system according to claim 1.
Uramoto further discloses, wherein, to generate the at least one value relating to the at each of the separated data elements (fig. 7 discloses generated value to each of components of requested object (building)), the system uses at least one predetermined data element modifying scheme ([088] discloses conversion to discrete information by using the access control value as a discrete factor. One such method is to increase or decrease the object amount of the access object to be displayed (data element modifying scheme). For example, this method may be used for a case in which a portion corresponding to 70% of the access object can be seen when the access control value is 0.7. Specifically, the information on the objects to be placed in the space may be rewritten, and then, the resultant information may be sent from the server to the client terminal).
Regarding claim 5, the combination discloses system according to claim 1.
Zalila further discloses wherein the system uses at least one predetermined data element modifying scheme ([0037] discloses because the user-customized response data has been processed to remove response data that is not pertinent to the user 104 (user), such as by removing data that does not match the user's preferences or attributes (predetermined data modifying scheme)  as defined in the user profile (user profile)f, the user 104 may be presented with customized data that effectively reduces the volume of data (generating value) the user 104 receives).
Regarding claim 10, the combination discloses a method for adapting a response provided by a first device, comprising:
All other limitations of claim 10 are similar with the limitation of claim 1 above. Claim 10 is rejected on the analysis of claim 1 above.

		Claims 2 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over the combination Zalila (US pg. no. 20120259826), Hussain ( US pg. no. 20100241844), and Uramoto (US pg. no. 20090144282), further in view of Yao (US pg. no. 20150348106).
Regarding claim 2, the combination discloses the system according to claim 1.
But, the combination does not explicitly disclose:
wherein the data access request includes at least one context data element; and
the system configured to intercept and filter the data access request addressed to the first device, and extract the at least one context data element;
However, in the same field of endeavor, Yao discloses, wherein, the data access request includes at least one context data element ([0040] the content request 202 includes user device context data 204 that specify user device attributes for the user/user device 106 to which the content item will be presented); and the system configured to intercept and filter the data access request addressed to the first device, and extract the at least one context data element ([0043] The content item modifier 122 selects, based on the user device context data 204 and from the feed data 124, content that will be inserted into a customizable content item. The component selecting extracting the context data from the request corresponds to filtering means.  In some implementations, the content item modifier 122 selects the content based on a matching function (e.g., MF1, MF2, or MF3) that specifies, for one or more combinations of user device attributes, which proper subset of the feed data 124 is to be used to create the customized content item).
Therefore, it would have been obvious to a person having ordinary skill in the art at the time of the invention was effectively filed to combine the teaching of the combination with Yao. The modification would allow transmitting information with the request. The modification would allow building user profile at intermediate device using the information and implementing the user profile to provide customized service to the user for a better user experience.

Claims 6 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over the combination Zalila (US pg. no. 20120259826), Hussain ( US pg. no. 20100241844), and Uramoto (US pg. no. 20090144282), further in view of Philippov (US pg. no.  20170118267).
Regarding claim 6.    The combination discloses the system according to claim 4.
Uramoto discloses the at least one generated value relating to each of the separated data elements includes generated data representing a monetary value (fig. 7 discloses generated value to each of components of requested object (building)).
	But, the combination does not explicitly disclose, wherein, the at least one generated value relating to includes generated data representing a monetary value relating to the adapted response based on the at least one predetermined data element measuring scheme, the adapted response includes the generated data representing the monetary value relating to the adapted response.
		However, in the same field of endeavor, Philippov discloses, wherein, the at least one generated value relating to … includes generated data representing a monetary value ([0054] discloses produce reduced response data (monetary value)) relating to the adapted response ([0054] discloses the beam API server 603 then reduces the size of the response data by (1) removing unnecessary data 655, (2) minifying the response data 660. The reduced data produced using the above schemes corresponds to monetary value) based on the at least one predetermined data element measuring scheme ([0054] discloses reducing the size of the response data by (1) removing unnecessary data 655, (2) minifying the response data 660 (data element measuring scheme)), the adapted response includes the generated data representing the monetary value relating to the adapted response ([0054] discloses the beam API sever 603 then transmits the request data 645 to the external web service 607.  In response to the request data, the beam API server 603 receives response data 650 from the external web service 607.  The method then continues as shown in FIG. 6b.  The step of receiving the response data 650 from the external web service 607 is repeated in FIG. 6b to show continuity between FIGS. 6a and 6b but does not indicate that this step must be repeated.  The beam API server 603 then reduces the size of the response data by (1) removing unnecessary data 655, (2) minifying the response data 660, and/or (3) compressing the response data 665 to produce reduced response data.  The beam API server 603 then transmits the reduced response data 670 to the beam modem 601).
		Therefore, it would have been obvious to a person having ordinary skill in the art at the time of eth invention was effectively filed to combine the teaching of the combination with Philippov. The modification would allow determining unwanted data in response and modifying the response to exclude the unwanted data in order to make data processing at the receiving end easier or compressing response data to produce reduced response data.
Claims 7-8, and 11 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over the combination Zalila (US pg. no. 20120259826), Hussain ( US pg. no. 20100241844), and Uramoto (US pg. no. 20090144282), further in view of Krasnoiarov (US pg. no. 20080072306).
		Regarding claim 7, the combination discloses the system according to claim 4.
		But, the combination does not explicitly disclose:	
	wherein, the original data response comprises original data and each of the at least one predetermined data element modifying scheme comprises a predetermined algorithm for processing the data element;
		However, in the same field of endeavor, Krasnoiarov discloses wherein, the original data response comprises original data (fig.1 C discloses response data that corresponds to original data), and each of the at least one predetermined data element modifying scheme comprises a predetermined algorithm for processing the data element ([0009] The rule (algorithm) can be an IF-THEN type rule with trigger and an action.  The trigger can include elements of the response or information related to the user.  An example of a rule could be IF ((link A is in page) AND (user is in group C)) THEN (replace link A with link B) that corresponds to predetermined algorithm to modify the response data).
		Therefore, it would have been obvious to a person having ordinary skill in the art at the time of the invention was effectively filed to combine the teaching of the combination with Krasnoiarov. The modification would allow modifying responses to generate customized content using different modifying scheme for an effective content personalization curated towards to a specific user.
Regarding claim 8, the combination discloses the system according to claim 4. 
Uramoto discloses generated value relating to each of the separated data elements (fig. 7 discloses generated value to each of components of requested object (building)).
But, the combination does not explicitly disclose:
wherein the at least one generated value relating to data elements depends on at least one element of a group comprising: the user
However, in the same field of endeavor, Krasnoiarov discloses wherein the at least one generated value relating to data elements depends on at least one element of a group comprising: the user ([0007]-[0009] discloses receiving response. The rule used to modify is IF ((link A is in page) AND (user is in group C) based on user) THEN (replace link A with link B). Link A corresponds data element. Generating modified response by replacing link B corresponds to generating value based on the user is group C).
Therefore, it would have been obvious to a person having ordinary skill in the art at the time of the invention was effectively filed to combine the teaching of the combination with Krasnoiarov. The modification would allow using user profile to create directed personalized content according to the user for an effective content personalization that ensures better user experience. 
Regarding claim 11. The combination discloses the system according to claim 1.
But, the combination does not explicitly disclose:
wherein the adapted response further includes at least one of the at least one data element.
	However, in the same field of endeavor, Krasnoiarov further discloses wherein the adapted response further includes at least one of data element from the plurality of data elements ([0007]-[0009] the rule used to modify response is IF ((link A is in page) AND (user is in group C) THEN (replace link A with link B). Link A corresponds data element replaced by the other data element link B. Generating modified response by replacing link B corresponds to the adapted response includes the at least one data element).
	Therefore, it would have been obvious to a person having ordinary skill in the art at the time of the invention was effectively filed to combine the teaching of the combination with Krasnoiarov. The modification would allow effectively selecting elements that needs to be revealed for a specific user and hiding contents that are protected for the specific user as a result ensuring a more secured system.

Claims 9 is/are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over the combination Zalila (US pg. no. 20120259826), Hussain ( US pg. no. 20100241844), and Uramoto (US pg. no. 20090144282), further in view of Sutton (US pg. no. 20100218253).
Regarding claim 9.    The combination discloses the system according to claim 1.
Uramoto discloses generated value relating to each of the separated data elements (fig. 7 discloses generated value to each of components of requested object (building)).
But, the combination does not explicitly disclose:
wherein the adapted response includes the intercepted original data response and the generated value relating to…, the system using a predetermined response measuring scheme.
		However, in the same field of endeavor, Sutton further discloses, wherein the adapted response includes the intercepted original data response and the generated value relating to …, the system using a predetermined response measuring scheme ([007] discloses the content injection service is configured to receive a web request from a client within the system.  The content injection service intercepts a response (intercepted response) to the web request and identifies a potential security threat associated with the response (using predetermined response measuring scheme) to the request.  The content injection service is further configured to determine an appropriate counter for the identified potential threat (generated value related to the intercepted response) and inject content into the response at a particular location within the response, based upon the counter determined. The adapted response comprises the intercepted response and the injected content (generated value relating to the intercepted original data response)).
		Therefore, it would have been obvious to a person having ordinary skill in the art at the time of the invention was effectively filed to combine the teaching of the combination with Sutton. The modification would allow adapting responses by injecting content in to the responses when threat is detected to take countermeasure action to the detected security threats in order to enable a more secured client server communication.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US pg. no. 20160179838; US pat. No. 7748027; US pat.no. 10701079.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MESSERET F GEBRE whose telephone number is (571)272-8272.  The examiner can normally be reached on M-F 9:00 AM-5:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached on 571-1701684.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MESSERET F GEBRE/Examiner, Art Unit 2445          
     
/OSCAR A LOUIE/Supervisory Patent Examiner, Art Unit 2445