Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 5/18/2022 has been considered by the examiner.  Please see attached PTO-1449.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Attorney Joseph D. Downing (Reg. No. 69,803) on May 19, 2022.
The application has been amended.  
Please replace most recently filed specification with the following:
CROSS-REFERENCE TO RELATED APPLICATIONS
This application is a continuation-in-part of and claims priority from U.S. Patent 

Please replace most recently filed claims with the following:
(Currently Amended) A method comprising:

determining, by a processor during a write operation to a storage system, a sensitive subset of a dataset to obfuscate in accordance with a security policy;

indicating in metadata for the dataset that the sensitive subset of the dataset is to be obfuscated;

generating, by the storage system and according to the security policy and a schedule, an obfuscated snapshot of  the dataset by obfuscating  the sensitive subset of the dataset based on the metadata for the dataset, wherein the sensitive subset remains obfuscated to an untrusted target computer system [[when]] at a time that the untrusted target computer system restores the dataset from the obfuscated snapshot, and wherein the obfuscated snapshot captures the state of the dataset at a specific point in time with the sensitive  subset obfuscated; and

providing, to one or more untrusted target computer systems, the obfuscated snapshot for restoration of the dataset corresponding to the specific point in time with the sensitive subset of the dataset obfuscated at the one or more untrusted target computer systems.

(Original) The method of claim 1, wherein generating the obfuscated snapshot is performed by a controller of a storage system.

(Previously Presented) The method of claim 2, wherein the storage system is within a trusted computing environment in accordance with the security policy, and wherein the untrusted target computer system is not within a trusted computing environment in accordance with the security policy.

(Original) The method of claim 1, wherein the dataset comprises a structured database that is structured in accordance with a schema.

(Original) The method of claim 4, wherein generating the obfuscated snapshot further comprises:

interpreting the dataset in accordance with the schema to determine one or more columns of data to obfuscate.

(Original) The method of claim 1, wherein the dataset is unstructured data, and wherein generating the obfuscated snapshot further comprises:

interpreting the dataset to determine one or more types of data to obfuscate, wherein the one or more types are specified by one or more of: a user or one or more rule sets.

(Previously Presented) The method of claim 1, wherein the security policy specifies permissions for users within different computing environment, wherein the security policy specifies one or more portions or types of data correspond to one or more of the permissions for users, wherein the security policy specifies access limitations to allow access only to datasets that have been correctly obfuscated, and wherein the obfuscated  snapshot is tagged with metadata specifying the security policy used to obfuscate the obfuscated  snapshot.

(Currently Amended) An apparatus comprising:

a computer processor configured to implement an obfuscation engine; and

a computer memory operatively coupled to the computer processor, the computer memory having disposed within it computer program instructions implementing the obfuscation engine that, when executed by the computer processor, cause the apparatus to perform:

determining, by the computer processor during a write operation to a storage system, a sensitive subset of a dataset to obfuscate in accordance with a security policy;

indicating in metadata for the dataset that the sensitive subset of the dataset is to be obfuscated;

generating, by the storage system and according to the security policy and a schedule, an obfuscated snapshot of  the dataset by obfuscating  the sensitive subset of the dataset based on the metadata for the dataset, wherein the sensitive subset remains obfuscated to an untrusted target computer system [[when]] at a time that the untrusted target computer system restores the dataset from the obfuscated snapshot, and wherein the obfuscated snapshot captures the state of the dataset at a specific point in time with the sensitive  subset obfuscated; and

providing, to one or more untrusted target computer systems, the obfuscated snapshot for restoration of the dataset corresponding to the specific point in time with the sensitive subset of the dataset obfuscated at the one or more untrusted target computer systems.

(Original) The apparatus of claim 8, wherein generating the obfuscated snapshot is performed by a controller of a storage system.

(Previously Presented) The apparatus of claim 9, wherein the storage system is within a trusted computing environment in accordance with the security policy, and wherein the untrusted target computer system is not within a trusted computing environment in accordance with the security policy.

(Original) The apparatus of claim 8, wherein the dataset comprises a structured database that is structured in accordance with a schema.

(Previously Presented) The apparatus of claim 11, wherein the computer program instructions implementing the obfuscation engine further cause the apparatus to perform:

interpreting the dataset in accordance with the schema to determine one or more columns of data to obfuscate.

(Previously Presented) The apparatus of claim 8, wherein the computer program instructions implementing the obfuscation engine further cause the apparatus to perform:

interpreting the dataset to determine one or more types of data to obfuscate, wherein the one or more types are specified by one or more of: a user or one or more rule sets.

(Previously Presented) The apparatus of claim 8, wherein the security policy specifies permissions for users within different computing environment, wherein the security policy specifies one or more portions or types of data correspond to one or more of the permissions for users, wherein the security policy specifies access limitations to allow access only to datasets that have been correctly obfuscated, and wherein the obfuscated  snapshot is tagged with metadata specifying the security policy used to obfuscate the obfuscated  snapshot.

(Currently Amended) A computer program product disposed upon a non-transitory computer readable medium, the computer program product comprising computer program instructions that, when executed, cause a computer to perform:

determining, by a processor during a write operation to a storage system, a sensitive subset of a dataset to obfuscate in accordance with a security policy;

indicating in metadata for the dataset that the sensitive subset of the dataset is to be obfuscated;

generating, by the storage system and according to the security policy and a schedule, an obfuscated snapshot of  the dataset by obfuscating  the sensitive subset of the dataset based on the metadata for the dataset, wherein the sensitive subset remains obfuscated to an untrusted target computer system [[when]] at a time that the untrusted target computer system restores the dataset from the obfuscated snapshot, and wherein the obfuscated snapshot captures the state of the dataset at a specific point in time with the sensitive  subset obfuscated; and

providing, to one or more untrusted target computer systems, the obfuscated snapshot for restoration of the dataset corresponding to the specific point in time with the sensitive subset of the dataset obfuscated at the one or more untrusted target computer systems.

(Original) The computer program product of claim 15, wherein generating the obfuscated snapshot is performed by a controller of a storage system.

(Previously Presented) The computer program product of claim 16, wherein the storage system is within a trusted computing environment in accordance with the security policy, and wherein the untrusted target computer system is not within a trusted computing environment in accordance with the security policy.

(Original) The computer program product of claim 15, wherein the dataset comprises a structured database that is structured in accordance with a schema.

(Previously Presented) The computer program product of claim 18, the program instructions, when executed, further cause the computer to perform:

interpreting the dataset in accordance with the schema to determine one or more columns of data to obfuscate.

(Previously Presented) The computer program product of claim 15, the program instructions, when executed, further cause the computer to perform:

interpreting the dataset to determine one or more types of data to obfuscate, wherein the one or more types are specified by one or more of: a user or one or more rule sets.

Reasons for Allowance
Claims 1-20 are allowed over the prior art made of record.
The following is an examiner’s statement of reasons for allowance: 
The combination of prior art reference Ahrens et al. and Tan does not teach “generating, by the storage system and according to the security policy and a schedule, an obfuscated snapshot of  the dataset by obfuscating  the sensitive subset of the dataset based on the metadata for the dataset, wherein the sensitive subset remains obfuscated to an untrusted target computer system at a time that the untrusted target computer system restores the dataset from the obfuscated snapshot, and wherein the obfuscated snapshot captures the state of the dataset at a specific point in time with the sensitive  subset obfuscated; and providing, to one or more untrusted target computer systems, the obfuscated snapshot for restoration of the dataset corresponding to the specific point in time with the sensitive subset of the dataset obfuscated at the one or more untrusted target computer systems” as shown in the independent claims 1, 8 and 15. Thereby, the combination of limitations in claims 1, 8 and 15 is not taught by the prior art.  
After further review of result of the searches conducted over the past, that claims most currently amended, and further consideration of the remarks, the Examiner is persuaded that the prior art made of record does not teach the above described and high-lighted major features in the independent claims 1, 8 and 15. The dependent claims, being definite, further limiting, and fully enabled by the specification and are also allowed.
An updated search for the prior art in PE2E database and on domains (IEEE, ACM, Google Patents, Google Scholar, IP.com) have been conducted.  The prior art searched and examined in the database and domains do not fairly teach or suggest the limitations of the claimed subject matter.
The prior art of record neither anticipate nor render obvious the above-recited combination.
Any comments considered necessary by Applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JAU SHYA MENG whose telephone number is (571)270-1634. The examiner can normally be reached 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Fred Ehichioya can be reached on 571-272-4034. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/JAU SHYA MENG/Primary Examiner, Art Unit 2168