RESPONSE TO AMENDMENTS
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims Status
Claims 2–21 are pending in this application.
Claim 1 is canceled.
Claims 2–21 are rejected.
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 4/20/2022 has been entered.
 Response to Arguments
Applicant’s arguments, see pages 7–11, filed 4/20/2022, with respect to the rejection(s) of claim(s) 2–21 under 35 U.S.C. § 103 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Jain et al. (2012/0042326), Busse et al. (2016/0049017), Boldyrev et al. (2014/0096261), Bluming et al. (2015/0127300)*, Johnson et al. (2016/0112262), and Schaible et al. (2016/0050128).
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2, 3, 5, 6, 8-10, 12, 13, 15-17, 19, 20 and 21 are rejected under 35 U.S.C. § 103 as being unpatentable over Jain et al. (2012/0042326) in view of Boldyrev et al. (2014/0096261), further in view of Busse et al. (2016/0049017), and further in view of Bluming et al. (2015/0127300).
Regarding claims 2, 9 and 16, Jain substantially teaches A computer-implemented method comprising:
accessing, based at least in part on the request, sensor data from a sensor of a device that is configured to execute an application (Fig. 1; ¶¶12, 14-17, 26, sensor sets 108 can include sensors 1 to N and metasensors 1 to 3; sensor set 104 can communicate with server 150 executed by one or more processors 124 via application 140; however, Jain does not explicitly teach "based at least in part on the request", Busse does);
accessing, a subset of device data stream configuration parameters corresponding to the data requestor based at least in part on the request (Fig. 1; ¶23, server 150, as a data requestor, can have tags of metadata set 136 be created, deleted, edited, selected assigned, proposed, and/or accepted by any suitable entity such as all or portion of sensor set 104 being associated with user 112 and/or server 150; ¶24, for example, a metasensor can supply a tag associated with a sensor data stream to indicate to the server 150 that sensor data coming out of sensors S1 to Sn is related to or associated with a particular tag by processing said sensor data; metasensor can also output received sensor data streams and a processed form of the received sensor data streams in a way that server 150 can access the sensor data streams and select a set of one or more tags, see ¶25; [tag can be added by metasensor into the sensor data stream, where said stream is accepted by the server]; however, Jain does not explicitly identify that the accessing is “from a plurality of device data stream configuration parameters corresponding to a plurality of data requestors, a subset of device data stream configuration parameters”, but rather Boldyrev teaches such possibilities),
transmitting the edited device data stream to the data requestor (Fig. 1; ¶¶25, 28, etc.).
However, the teachings do not explicitly teach receiving from a data requestor, a request for a device data stream; accessing, based at least in part on the request, user-specific application data from the application; accessing, from a plurality of device data stream configuration parameters corresponding to a plurality of data requestors, a subset of device data stream configuration parameters corresponding to the data requestor based at least in part on the request, wherein the subset of device data stream configuration parameters are further associated with a geographical location of the device, the subset of device data stream configuration parameters defining privacy setting modifications to control access of the data requestor to the sensor data and the user-specific application data based at least in part on the geographical location of the device; editing, by at least one processor, the device data stream based at least in part on the subset of device data stream configuration parameters, the device data stream comprising the sensor data and the user-specific application;
Boldyrev from the same field of endeavor teaches accessing, from a plurality of device data stream configuration parameters corresponding to a plurality of data requestors, a subset of device data stream configuration parameters corresponding to the data requestor based at least in part on the request (Fig. 1; ¶¶24-25, privacy policy for a data stream can be provided, where said policy can be generated based on stream configuration settings with users having the ability to “tune” said policies; ¶¶29-30, information stores 113 containing specific user streams [such as phone sensor streams] can be accessed from data requestors such as service providers 115 where privacy policy can be applied in between the two systems at platform 103; as can be seen, the claimed “data requestors” as mapped to service provider 115, based on privacy policy as applied by module 103 [¶33] including various types of parameters such as contact data, location data, time data can be made available or blocked by the platform 103 based on privacy settings [¶¶44-45]; any number of such data can be made available or be blocked as indicated by the ability to allow/prohibit access to at least one data stream as disclosed in ¶45),
editing, by at least one processor, the device data stream based at least in part on the subset of device data stream configuration parameters, the device data stream comprising the sensor data and the user-specific application data (Fig. 1; ¶45, for example, privacy policy determination platform 103 can determine allowance/prohibition of data stream based on user privacy settings for at least one element, or one data stream, or combination thereof, including policies that comprise rules, instructions, and restrictions for processing a user’s privacy sensitive data); and
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon Jain using Boldyrev to provide basic privacy features in data stream processing architectures. Having the ability to process user’s desired basic privacy desires with respect to data streaming processing architecture would have yielded greater adoption of the users willing to use systems relying on data stream architectures, as users would in general prefer systems that provide more privacy than ones that do not whilst retaining the advantages of the data stream processing architectures.
However, the teachings do not explicitly teach receiving from a data requestor, a request for a device data stream; accessing, based at least in part on the request, user-specific application data from the application; wherein the subset of device data stream configuration parameters are further associated with a geographical location of the device, the subset of device data stream configuration parameters defining privacy setting modifications to control access of the data requestor to the sensor data and the user-specific application data based at least in part on the geographical location of the device;
Busse from the same field of endeavor teaches receiving from a data requestor, a request for a device data stream (Fig. 2, vehicle controller 210 in communication with sensors 220 to 260 can communicate with mobile device 110; Fig. 3, devices such as access device 390 or storage and retrieval system 360 [as data requestor] can communicate with mobile device 110; ¶60, data streams generated by sensors can be sent to mobile device 110; ¶61, such data can also be transferred over to storage and retrieval system 360; requests of such retrieval can be sent from said system 360 itself to the mobile device 110; ¶64, also, mobile device 110 itself can generate sensor data information and can be considered as the "sensor of a device that is configured to execute an application" as claimed in claim 1);
accessing, based at least in part on the request, user-specific application data from the application (¶58, for example, application on the mobile device 110 has the ability to store user related information such as user preference with respect to privacy; ¶65, combination of streams from mobile device 110 and vehicle sensor network can be relayed to data requestors, such as storage and retrieval system 360);
the subset of device data stream configuration parameters defining privacy setting modifications to control access of the data requestor to the sensor data and the user-specific application data based at least in part on the geographical location of the device (¶58, based on user's privacy wishes and to comply with such wishes, particular data streams can be included or excluded as part of data stream being combined to be sent to a data requestor such as the storage and retrieval system 360; ¶62, request can specify which sensors to be utilized as well as respecting the wishes of user's privacy as disclosed in ¶58; however, Busse does not disclose that this subset of device data stream configuration parameters is based at least in part on the geographical location of the device);
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon Jain using Busse to ensure that data collection of sensitive data such as car sensor data or mobile sensor information data can be tightly controlled with respect to user privacy or compliance with local laws, for example, recording laws (Busse at ¶¶58-60). By refining Jain using the methods of Busse, the data collection system would have gained compliance with privacy and/or legal compliance thereby ensuring that the data collection practices comply with the law, such as data collection as identified in HIPAA settings.
However, the teachings do not explicitly teach wherein the subset of device data stream configuration parameters are further associated with a geographical location of the device, the subset of device data stream configuration parameters defining privacy setting modifications to control access of the data requestor to the sensor data and the user-specific application data based at least in part on the geographical location of the device.
Bluming from the same field of endeavor teaches wherein the subset of device data stream configuration parameters are further associated with a geographical location of the device (Fig. 1; ¶32, sensor systems 110 can be processed/combined with sensor data streams from different sensor systems which can be configured with multitude of different configurations and behaviors; ¶36, sensor data from the sensors can be received; ¶62, in particular, location policies 314 as shown in Fig. 3 can specify rules and parameters for sensor data for determining user and/or device locations; said policies can be employed in connection with sensor data collection in the interest of protecting "privacy" as part of the parameters/rules associated with the device location data of the underlying sensor devices),
the subset of device data stream configuration parameters defining privacy setting modifications to control access of the data requestor to the sensor data and the user-specific application data based at least in part on the geographical location of the device (Fig. 1; ¶32, sensor systems 110 can be processed/combined with sensor data streams from different sensor systems which can be configured with multitude of different configurations and behaviors; ¶36, sensor data from the sensors can be received; ¶62, in particular, location policies 314 as shown in Fig. 3 can specify rules and parameters for sensor data for determining user and/or device locations; said policies can be employed in connection with sensor data collection in the interest of protecting "privacy" as part of the parameters/rules associated with the device location data of the underlying sensor devices);
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon Jain using Bluming to specifically associate particular location policies/privacy policies to the collection of sensor data in order to provide in detail the actual controlling policies of sensor data stream collection. By having the ability to apply location/privacy/security policies with respect to sensor data collection employing such policies, the users using the systems as disclosed in Jain combined with Bluming would have found the privacy concerns alleviated and thus enjoy a greater adoption of the combined system.

Regarding claims 3, 10 and 17, Jain, Boldyrev, Busse and Bluming teach the limitations of claims 2, 9 and 16 respectively. Jain further teaches wherein the sensor data comprise at least one of geo-location data associated with the geographical location of the device, biometric data of a user, time data, environmental data, image data, or audio data (¶14, i.e. GPS).

Regarding claims 5, 12 and 19, Jain, Boldyrev, Busse and Bluming teach the limitations of claims 2, 9 and 16 respectively. Jain further teaches wherein the user-specific application data comprise at least one of user login credentials, user communication data, or user account data for one or more services accessed via the device (¶23, for example, user can supply a tag that is associated with a sensor data stream; ¶25, metasensor can process sensor data streams, including tags that were supplied by the user 112).

Regarding claims 6, 13 and 20, Jain, Boldyrev, Busse and Bluming teach the limitations of claims 2, 9 and 16 respectively. Jain further teaches wherein the subset of device data stream configuration parameters indicate at least a portion of the sensor data, the user-specific application data, or both, to remove from the device data stream (¶23, tag set 136 can be "deleted" by any suitable entity which would affect the processing of data by the metasensor as shown in Fig. 1 or described in ¶¶24-25; Boldyrev also discloses the ability to apply configuration parameters with respect to privacy settings for any set of data streams requested, as identified in ¶¶44-45 of Boldyrev).

Regarding claims 8 and 15, Jain, Boldyrev, Busse and Bluming teach the limitations of claims 2 and 9 respectively. Jain further teaches identifying the subset of device data stream configuration parameters corresponding to the data requestor from the plurality of device data stream configuration parameters based at least in part on receiving the request (Fig. 1; the metasensors can have particular tags chosen to associate an underlying sensor data with, see ¶25; selection can be made from a plurality of available tags from tag collection 170 using various methods, see ¶¶33-42; however, Jain does not teach the subset of device stream configuration parameter aspect of the claim nor does it teach the based at least in part on receiving the request aspect. However, Busse’s teachings regarding ¶¶61-62 identifies that act of configuration parameter identification can be based on receiving such request; furthermore, Boldyrev also discloses the ability to apply configuration parameters with respect to privacy settings for any set of data streams requested, as identified in ¶¶44-45 of Boldyrev).

Regarding claim 21, Jain, Boldyrev, Busse and Bluming teach the limitations of claim 2. Bluming further teaches wherein the subset of device data stream configuration parameters are further associated with a defined time period (¶64, for example, user role policies that can be attached for selecting sensor recipes on different roles for users can be associated with the particular user being located at a given time in order to fulfill the different roles that the user performs at specific times that may be applied to sensors for purposes of sensor data collection that may occur eventually to the system as shown in Fig. 1; see also ¶78).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon Jain using Bluming to apply specific policies for sensor data stream collection depending on the user's particular role at certain times of the day. By having the ability to assign variety of user roles that depend upon the user's role at a specific time of day, such as the "enterprise" role or "consumer role", the underlying sensor data collection can be further categorized for more pertinent data analysis of the underlying sensor data streams as disclosed in Jain at paragraph 25.

Claims 4, 11 and 18 are rejected under 35 U.S.C. § 103 as being unpatentable over Jain et al. (2012/0042326) in view of Boldyrev et al. (2014/0096261), further in view of Busse et al. (2016/0049017), further in view of Bluming et al. (2015/0127300) and further in view of Johnson et al. (2016/0112262).
Regarding claims 4, 11 and 18, Jain, Boldyrev, Busse and Bluming teach the limitations of claims 2, 9 and 16 respectively. Jain further teaches wherein the sensor data comprises data used by the application of the device (Fig. 1, sensor data including processed metasensor data can be transmitted to server 150), and
However, the teachings do not explicitly teach wherein the application is executed in an isolated sandbox execution environment of the device.
Johnson from the same field of endeavor teaches wherein the application is executed in an isolated sandbox execution environment of the device (Fig. 1; ¶¶73 and 136, plurality of connected devices, including IoT devices, can operate in a sandboxed application techniques).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon the teachings using Johnson to increase security of an application running with an OS by implementing the isolation policies such as sandboxing techniques (¶73).

Claims 7 and 14 are rejected under 35 U.S.C. § 103 as being unpatentable over Jain et al. (2012/0042326) in view of Boldyrev et al. (2014/0096261), further in view of Busse et al. (2016/0049017), further in view of Bluming et al. (2015/0127300), and further in view of Schaible et al. (2016/0050128).
Regarding claims 7 and 14, Jain, Boldyrev, Busse and Bluming teach the limitations of claims 2 and 9 respectively. However, the teachings do not explicitly teach wherein the subset of device data stream configuration parameters indicate at least a portion of the sensor data, the user-specific application data, or both, to remove from the edited device data stream to remove during one or more time periods.
Schaible from the same field of endeavor teaches wherein the subset of device data stream configuration parameters indicate at least a portion of the sensor data, the user-specific application data, or both, to remove from the edited device data stream to remove during one or more time periods (¶¶5 and 48, for example, session constraints established during communication with respect to communications between Internet of Things (IoT) devices can be removed at an end of a session; Boldyrev also discloses the ability to apply configuration parameters with respect to privacy settings for any set of data streams requested, as identified in ¶¶44-45 of Boldyrev).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon the teachings using Schaible to ensure proper routing of unique identifier of device 104 to and from said device. Such ensuring of proper routing would enhance confidence that the transportation of data is sufficiently reliable and is transporting all the data that the device underneath is outputting to an upstream device or another device.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAE KIM whose telephone number is (571)270-0621. The examiner can normally be reached Monday-Friday 8AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kevin Bates can be reached on (571) 272-3980. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/DAE KIM/
Examiner, Art Unit 2458                                                                                                   
/KEVIN T BATES/Supervisory Patent Examiner, Art Unit 2458