Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claims 23-41 are presented for examination.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 23-41 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-12 of U.S. Patent No. 10,761,811. Although the claims at issue are not identical, they are not patentably distinct from each other because the referenced patent and the instant application are claiming common subject matter. For illustration purpose, Claim 23 rejection is provided as follow:
Current Application 16924977
U.S. Patent No. 10,761,811
23. A cloud-based resource for servicing a request from a cloud-based application to access data from a remote database, comprising: a processor configured to: 






receive, from a cloud-based application, a request to access data from a remote database; 

determine, from the request, a user identification and one or more fields to be accessed for a read or write operation; apply a first set of rules to determine whether the cloud-based application is allowed to access the one or more fields based on whether a user role associated with the user identification is authorized to request the read or write operation; 






transmit, based on the request and the one or more fields, a database request to the remote database; access, at the cloud-based resource, one or more results from the remote database responsive to the database request; apply a second set of rules;

 identify a second document subset including a subset of documents of the first document subset;








 and transmit, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules of the subset including the one or more documents, the one or more results to the cloud-based application.
1. A cloud-based application client for requesting data from a remote database and/or a service, comprising: a processor configured to: 

initialize, from a cloud-based application, a communication link to a cloud-based resource in communication with a remote database and/or a service; 

transmit, to the cloud-based resource, a request for data from the remote database and/or the service, 

wherein: a declarative statement from the request is parsed to determine one or more parameters for one or more rules including a first rule and a second rule, wherein the declarative statement includes code for executing the request, the code including a read or write operation and a user identification, the first rule is applied to determine whether the cloud-based application is allowed to make the request based on whether a user role associated with the user identification is authorized to request execution of the read or write operation, 

and subsequent to receiving one or more results from the remote database and/or the service at the cloud-based resource, the second rule is applied at the cloud-based resource to determine whether the cloud-based application is allowed to receive the one or more results from the remote database and/or the service based on whether the one or more results are locked from being accessed by the cloud-based application; 





and receive the one or more results from the remote database and/or the service responsive to the request and the one or more rules applied to determine whether the cloud-based application is allowed to make the request and receive the one or more results from the remote database and/or the service.


Claim 1 of U.S. Patent No. 10,761,811 did not disclose the remote database including a plurality of documents. However, Kurian (US 20180337929 A1) discloses that the remote database including a plurality of documents (Para [0023], cloud server 106 may facilitate processing or storage of appropriate information, data, or files. For example, while cloud server 106 may operate as a central repository for data, access control and privacy management of those files may be handled by, or in collaboration with, cloud privacy management server 104). Therefore, it would have been obvious to a person having ordinary skill in the art to identify a subset including one or more documents as taught by Kurian, in order to provide accessing control in hybrid cloud infrastructure by assigning associated privacy subcategory to file and grants access to file based on assigned privacy subcategory in response to request for file (Kurian [Summary]).

Claim 1 of U.S. Patent No. 10,761,811 did not disclose identify a first document subset including a subset of documents of the plurality of documents; identify a second document subset including a subset of documents of the first document subset; the one or more results including the second document subset. However, Sedlar (US 20080215528) teaches identify a first document subset including a subset of documents of the plurality of documents (Para [0055], Hierarchical indexes consistent with the invention support the pathname-based access method of a hierarchical system, moving from parent items to their children, as specified by the pathname. According to one embodiment, a hierarchical index consistent with the principles of the invention employs index entries that include the following three fields: RowID, File ID, and Dir_entry_list (stored as an array)); identify a second document subset including a subset of documents of the first document subset (Para [0159], When any application requests a display of the contents of the Documents directory 1202, the database executes the query associated with the Documents directory 1202. The query selects the files that satisfy the query. The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202. Those two files are both entitled Example.doc. Thus, the two Examples.doc files 618 and 622 are shown as children of the Documents directory 1202); the one or more results including the second document subset (Para [0159], . The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202). Therefore, it would have been obvious to a person having ordinary skill in the art to identify a first document subset including a subset of documents of the plurality of documents; identify a second document subset including a subset of documents of the first document subset; the one or more results including the second document subset as taught by Sedlar, in order to provide database accessing method for electronic file system, by issuing database commands to database server, in response to calls made to routines by application (Sedlar [Summary]).

Claims 23-41 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-12 of U.S. Patent No. 10,754,625. Although the claims at issue are not identical, they are not patentably distinct from each other because the referenced patent and the instant application are claiming common subject matter. For illustration purpose, Claim 23 rejection is provided as follow:

Current Application 16924977
U.S. Patent No. 10,754,625
23. A cloud-based resource for servicing a request from a cloud-based application to access data from a remote database, comprising: a processor configured to: 


receive, from a cloud-based application, a request to access data from a remote database; 

determine, from the request, a user identification and one or more fields to be accessed for a read or write operation; apply a first set of rules to determine whether the cloud-based application is allowed to access the one or more fields based on whether a user role associated with the user identification is authorized to request the read or write operation; 









transmit, based on the request and the one or more fields, a database request to the remote database; access, at the cloud-based resource, one or more results from the remote database responsive to the database request; apply a second set of rules ;












and transmit, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules of the subset including the one or more documents, the one or more results to the cloud-based application.
  1. A cloud-based resource for servicing a request for data from a cloud-based application to a remote database and/or a service, comprising: a processor configured to: 

receive, from a cloud-based application, a request for data from a remote database and/or a service; 

parse, from the request, a declarative statement to determine one or more parameters for one or more rules including a first rule and a second rule, wherein the declarative statement includes code for executing the request, the code including a read or write operation and a user identification; apply, using the one or more parameters, the first rule to determine whether the cloud-based application is allowed to make the request based on whether a user role associated with the user identification is authorized to request execution of the read or write operation; 




and in response to determining that the cloud-based application is allowed to make the request: transmit, based on the request, a database request to the remote database and/or a service request to the service; receive, at the cloud-based resource, one or more results from the remote database and/or the service responsive to the database request and/or the service request; subsequent to receiving the one or more results, apply, at the cloud-based resource, using the one or more parameters, the second rule to determine whether the cloud-based application is allowed to receive the one or more results based on whether the one or more results are locked from being accessed by the cloud-based application; 

and in response to determining that the cloud-based application is allowed to receive the one or more results, transmit the one or more results to the cloud-based application.


Claim 1 of U.S. Patent No. 10,754,625 did not disclose the remote database including a plurality of documents. However, Kurian (US 20180337929 A1) discloses that the remote database including a plurality of documents (Para [0023], cloud server 106 may facilitate processing or storage of appropriate information, data, or files. For example, while cloud server 106 may operate as a central repository for data, access control and privacy management of those files may be handled by, or in collaboration with, cloud privacy management server 104). Therefore, it would have been obvious to a person having ordinary skill in the art to identify a subset including one or more documents as taught by Kurian, in order to provide accessing control in hybrid cloud infrastructure by assigning associated privacy subcategory to file and grants access to file based on assigned privacy subcategory in response to request for file (Kurian [Summary]).

Claim 1 of U.S. Patent No. 10,754,625 did not disclose identify a first document subset including a subset of documents of the plurality of documents; identify a second document subset including a subset of documents of the first document subset; the one or more results including the second document subset. However, Sedlar (US 20080215528) teaches identify a first document subset including a subset of documents of the plurality of documents (Para [0055], Hierarchical indexes consistent with the invention support the pathname-based access method of a hierarchical system, moving from parent items to their children, as specified by the pathname. According to one embodiment, a hierarchical index consistent with the principles of the invention employs index entries that include the following three fields: RowID, File ID, and Dir_entry_list (stored as an array)); identify a second document subset including a subset of documents of the first document subset (Para [0159], When any application requests a display of the contents of the Documents directory 1202, the database executes the query associated with the Documents directory 1202. The query selects the files that satisfy the query. The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202. Those two files are both entitled Example.doc. Thus, the two Examples.doc files 618 and 622 are shown as children of the Documents directory 1202); the one or more results including the second document subset (Para [0159], . The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202). Therefore, it would have been obvious to a person having ordinary skill in the art to identify a first document subset including a subset of documents of the plurality of documents; identify a second document subset including a subset of documents of the first document subset; the one or more results including the second document subset as taught by Sedlar, in order to provide database accessing method for electronic file system, by issuing database commands to database server, in response to calls made to routines by application (Sedlar [Summary]).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 23-25, 30-33 and 38-41 are rejected under 35 U.S.C. 103 as being unpatentable over Rodrigues (US 20160092173) in view of Schiavone (US 20040153908) further in view of Kurian (US 20180337929 A1) and Sedlar (US 20080215528).
Note: Rodrigues and Schiavone were cited in IDS.

Regarding Claim 23, Rodrigues (US 20160092173) teaches
A cloud-based resource for servicing a request from a cloud-based application to access data from a remote database, comprising: a processor configured to: 
receive, from a cloud-based application, a request to access data from a remote database (Fig. 3; Paragraph 0052, the client-side API module 106 transmits a RESTful API message (e.g., an HTTP request message) to the AGC module 112 to create a resource (e.g., a business object, another type of object, etc.), which is received by the API module 114; Paragraph 0042, Such embodiments allows users, via an application 104, to provide details of business objects using declarative statements, and the application 104 may then use its client-side API module 106 to transmit RESTful API messages to generate, modify, and/or access resources (or business objects)); 
access, at the cloud-based resource, one or more results from the remote database responsive to the database request (Fig. 3; Paragraph 0054, the resource management module 116 now sends resource data (e.g., a result of the attempt to create the resource, one or more identifiers of the resource, etc.) back to the API module 114, which assembles this data and constructs a “create resource response message” (e.g., an HTTP response message) that is transmitted back to the client-side API module 106).

Rodrigues did not specifically teach
the remote database including a plurality of documents
determine, from the request, a user identification and one or more fields to be accessed for a read or write operation;
apply a first set of rules to determine whether the cloud-based application is allowed to access the one or more fields based on whether a user role associated with the user identification is authorized to request the read or write operation;
identify a first document subset including a subset of documents of the plurality of documents;
transmit, based on the request and the one or more fields, a database request to the remote database
apply a second set of rules;  
identify a second document subset including a subset of documents of the first document subset;
and transmit, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules, the one or more results to the cloud-based application, the one or more results including the second document subset.

However, Schiavone (US 20040153908) teaches
determine, from the request, a user identification and one or more fields to be accessed for a read or write operation (Paragraph 0057, the Negotiation Engine 78 parses and interprets the Information Request and determines what information and/or which data elements are requested, and for what purposes. More specifically, the Information Request is parsed to identify the Data Requestor, the information requested, and any declarative statements of use carried by the Information Request indicating the intended uses/terms of use for the information requested, as shown at step 134); 
apply a first set of rules to determine whether the cloud-based application is allowed to access the one or more fields based on whether a user role associated with the user identification is authorized to request the read or write operation (Paragraph 0058, the Negotiation Engine 78 compares the terms of the declarative statement(s) of the Information Request to rules of the Rules database 74 that govern access of the Data Controller's proprietary and/or personal information … Paragraph 0059, The Negotiation Engine 78 determines whether the terms of the declarative statements of the Information Request indicating the uses/terms of use desired by the Data Requestor are in accord with the rules of the Rules database governing the permitted disclosure of the Data Controller's information, as shown at step 138); 
and transmit, based on the request and the one or more fields, a database request to the remote database (Paragraph 0060, The Negotiation Engine 78 then accesses the requested information and issues an Information Response to the Information Request, as shown at step 142; Paragraph 0061, Any Information Response transmitted from the Data Controller Agent's Negotiation Engine 78 to the Data Requestor's Negotiation Engine 26 may provide the requested information in the form of data elements as retrieved from the Data Vault 70).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues’ teaching to Schiavone’s so that Interfaces may be provided to allow the Data Controller to access, modify and update any of its disclosed information or the associated terms of use by referencing a rule specifying parameters relating to permissible retrieval of a requested data unit in response to an information request (Schiavone [abstract]).

Rodrigues and Schiavone did not specifically teach
the remote database including a plurality of documents
identify a first document subset including a subset of documents of the plurality of documents;
apply a second set of rules;  
identify a second document subset including a subset of documents of the first document subset;
and transmit, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules, the one or more results to the cloud-based application, the one or more results including the second document subset.

However, Kurian (US 20180337929 A1) teaches
the remote database including a plurality of documents (Para [0023], cloud server 106 may facilitate processing or storage of appropriate information, data, or files. For example, while cloud server 106 may operate as a central repository for data, access control and privacy management of those files may be handled by, or in collaboration with, cloud privacy management server 104)
apply a second set of rules (Para [0028], In operation, elements of system 100 operate together to perform various access control functions including but not limited to maintaining a repository of access control information on the network including information related to privacy groups and privacy subcategories, file characteristics such as metadata, file contents, or file content analysis, registering privacy groups and privacy subcategories, timers or expiration rules for particular information or files, and rules for maintaining access control and privacy that permit dynamic segmentation of information stored on the cloud);
and transmit, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules, the one or more results to the cloud-based application (Para 0054, Once process flow 400 reaches the file access step 416, the system may receive a subsequent request from a network user for access to a file on a cloud server. The system then may grant access to the file based on the privacy group and/or privacy subcategories associated with the file and the members that have been populated in the privacy group and/or privacy subcategory. For example, immediate family members may be granted access to a photograph in which they appear. In another example, a document that has five collaborators who are immediate friends may all be granted access to the document for further editing).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, and Schiavone’s teaching to Kurian’s in order to provide accessing control in hybrid cloud infrastructure by assigning associated privacy subcategory to file and grants access to file based on assigned privacy subcategory in response to request for file (Kurian [Summary]).

Rodrigues, Schiavone and Kurian did not specifically teach
identify a first document subset including a subset of documents of the plurality of documents;
identify a second document subset including a subset of documents of the first document subset;
the one or more results including the second document subset.

However, Sedlar teaches
identify a first document subset including a subset of documents of the plurality of documents (Para [0055], Hierarchical indexes consistent with the invention support the pathname-based access method of a hierarchical system, moving from parent items to their children, as specified by the pathname. According to one embodiment, a hierarchical index consistent with the principles of the invention employs index entries that include the following three fields: RowID, File ID, and Dir_entry_list (stored as an array));
identify a second document subset including a subset of documents of the first document subset (Para [0159], When any application requests a display of the contents of the Documents directory 1202, the database executes the query associated with the Documents directory 1202. The query selects the files that satisfy the query. The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202. Those two files are both entitled Example.doc. Thus, the two Examples.doc files 618 and 622 are shown as children of the Documents directory 1202);
the one or more results including the second document subset (Para [0159], . The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone and Kurian’s teaching to Sedlar’s in order to provide database accessing method for electronic file system, by issuing database commands to database server, in response to calls made to routines by application (Sedlar [Summary]).

Regarding Claim 24, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 23.

Rodrigues did not teach
wherein the request includes a declarative statement to determine one or more parameters for the first set of rules and/or the second set of rules.

However, Schiavone teaches 
wherein the request includes a declarative statement to determine one or more parameters for the first set of rules and/or the second set of rules (Paragraph 0057, the Information Request is parsed to identify the Data Requestor, the information requested, and any declarative statements of use carried by the Information Request indicating the intended uses/terms of use for the information requested).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues’ teaching to Schiavone’s so that Interfaces may be provided to allow the Data Controller to access, modify and update any of its disclosed information or the associated terms of use by referencing a rule specifying parameters relating to permissible retrieval of a requested data unit in response to an information request (Schiavone [abstract]).

Regarding Claim 25, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 24.

Rodrigues did not teach
wherein the declarative statement includes code for executing the request, the code including the read or write operation, the one or more fields, and/or the user identification.

However, Schiavone teaches 
wherein the declarative statement includes code for executing the request, the code including the read or write operation, the one or more fields, and/or the user identification (Paragraph 0059, The Negotiation Engine 78 determines whether the terms of the declarative statements of the Information Request indicating the uses/terms of use desired by the Data Requestor are in accord with the rules of the Rules database governing the permitted disclosure of the Data Controller's information, as shown at step 138).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues’ teaching to Schiavone’s so that Interfaces may be provided to allow the Data Controller to access, modify and update any of its disclosed information or the associated terms of use by referencing a rule specifying parameters relating to permissible retrieval of a requested data unit in response to an information request (Schiavone [abstract]).

Regarding Claim 30, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 23, wherein transmitting, based on the request and the one or more fields, the database request to the remote database comprises transmitting the database request to the remote database, and, based on a response from the remote database, transmitting the service request to a service (Rodrigues [Claim 17, transmitting, by the API module of the computing device in response to the first request, a first response identifying the second API endpoint; receiving, at the computing device, a second request that is destined to the second API endpoint, wherein the second request identifying a command to retrieve, update, add, or delete one or more instances of the resource; performing, by the computing device, the command to retrieve, update, add, or delete the one or more instances of the resource; and transmitting, by the computing device in response to the second request, a second response indicating a result of the performing the command]).

Regarding Claim 31, Rodrigues teaches
A method for a cloud-based resource for servicing a request from a cloud-based application to access data from a remote database, comprising: 
receiving, from a cloud-based application, a request to access data from a remote database (Fig. 3; Paragraph 0052, the client-side API module 106 transmits a RESTful API message (e.g., an HTTP request message) to the AGC module 112 to create a resource (e.g., a business object, another type of object, etc.), which is received by the API module 114; Paragraph 0042, Such embodiments allows users, via an application 104, to provide details of business objects using declarative statements, and the application 104 may then use its client-side API module 106 to transmit RESTful API messages to generate, modify, and/or access resources (or business objects)); 
accessing, at the cloud-based resource, one or more results from the remote database responsive to the database request (Fig. 3; Paragraph 0054, the resource management module 116 now sends resource data (e.g., a result of the attempt to create the resource, one or more identifiers of the resource, etc.) back to the API module 114, which assembles this data and constructs a “create resource response message” (e.g., an HTTP response message) that is transmitted back to the client-side API module 106).

Rodrigues did not specifically teach
the remote database including a plurality of documents
determining, from the request, a user identification and one or more fields to be accessed for a read or write operation;
applying a first set of rules to determine whether the cloud-based application is allowed to access the one or more fields based on whether a user role associated with the user identification is authorized to request the read or write operation;
identifying a first document subset including a subset of documents of the plurality of documents;
transmitting, based on the request and the one or more fields, a database request to the remote database
applying a second set of rules;  
identifying a second document subset including a subset of documents of the first document subset;
and transmitting, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules, the one or more results to the cloud-based application, the one or more results including the second document subset.

However, Schiavone (US 20040153908) teaches
determining, from the request, a user identification and one or more fields to be accessed for a read or write operation (Paragraph 0057, the Negotiation Engine 78 parses and interprets the Information Request and determines what information and/or which data elements are requested, and for what purposes. More specifically, the Information Request is parsed to identify the Data Requestor, the information requested, and any declarative statements of use carried by the Information Request indicating the intended uses/terms of use for the information requested, as shown at step 134); 
applying a first set of rules to determine whether the cloud-based application is allowed to access the one or more fields based on whether a user role associated with the user identification is authorized to request the read or write operation (Paragraph 0058, the Negotiation Engine 78 compares the terms of the declarative statement(s) of the Information Request to rules of the Rules database 74 that govern access of the Data Controller's proprietary and/or personal information … Paragraph 0059, The Negotiation Engine 78 determines whether the terms of the declarative statements of the Information Request indicating the uses/terms of use desired by the Data Requestor are in accord with the rules of the Rules database governing the permitted disclosure of the Data Controller's information, as shown at step 138); 
and transmitting, based on the request and the one or more fields, a database request to the remote database (Paragraph 0060, The Negotiation Engine 78 then accesses the requested information and issues an Information Response to the Information Request, as shown at step 142; Paragraph 0061, Any Information Response transmitted from the Data Controller Agent's Negotiation Engine 78 to the Data Requestor's Negotiation Engine 26 may provide the requested information in the form of data elements as retrieved from the Data Vault 70).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues’ teaching to Schiavone’s so that Interfaces may be provided to allow the Data Controller to access, modify and update any of its disclosed information or the associated terms of use by referencing a rule specifying parameters relating to permissible retrieval of a requested data unit in response to an information request (Schiavone [abstract]).

Rodrigues and Schiavone did not specifically teach
the remote database including a plurality of documents
identifying a first document subset including a subset of documents of the plurality of documents;
applying a second set of rules;  
identifying a second document subset including a subset of documents of the first document subset;
and transmitting, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules, the one or more results to the cloud-based application, the one or more results including the second document subset.


However, Kurian (US 20180337929 A1) teaches
the remote database including a plurality of documents (Para [0023], cloud server 106 may facilitate processing or storage of appropriate information, data, or files. For example, while cloud server 106 may operate as a central repository for data, access control and privacy management of those files may be handled by, or in collaboration with, cloud privacy management server 104)
applying a second set of rules (Para [0028], In operation, elements of system 100 operate together to perform various access control functions including but not limited to maintaining a repository of access control information on the network including information related to privacy groups and privacy subcategories, file characteristics such as metadata, file contents, or file content analysis, registering privacy groups and privacy subcategories, timers or expiration rules for particular information or files, and rules for maintaining access control and privacy that permit dynamic segmentation of information stored on the cloud);
and transmitting, based on a determination according to the first set of rules that cloud-based application is allowed to access the one or more fields based on the user role and based on an identification according to the second set of rules, the one or more results to the cloud-based application (Para 0054, Once process flow 400 reaches the file access step 416, the system may receive a subsequent request from a network user for access to a file on a cloud server. The system then may grant access to the file based on the privacy group and/or privacy subcategories associated with the file and the members that have been populated in the privacy group and/or privacy subcategory. For example, immediate family members may be granted access to a photograph in which they appear. In another example, a document that has five collaborators who are immediate friends may all be granted access to the document for further editing).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, and Schiavone’s teaching to Kurian’s in order to provide accessing control in hybrid cloud infrastructure by assigning associated privacy subcategory to file and grants access to file based on assigned privacy subcategory in response to request for file (Kurian [Summary]).

Rodrigues, Schiavone and Kurian did not specifically teach
identifying a first document subset including a subset of documents of the plurality of documents;
identifying a second document subset including a subset of documents of the first document subset;
the one or more results including the second document subset.

However, Sedlar teaches
identifying a first document subset including a subset of documents of the plurality of documents (Para [0055], Hierarchical indexes consistent with the invention support the pathname-based access method of a hierarchical system, moving from parent items to their children, as specified by the pathname. According to one embodiment, a hierarchical index consistent with the principles of the invention employs index entries that include the following three fields: RowID, File ID, and Dir_entry_list (stored as an array));
identifying a second document subset including a subset of documents of the first document subset (Para [0159], When any application requests a display of the contents of the Documents directory 1202, the database executes the query associated with the Documents directory 1202. The query selects the files that satisfy the query. The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202. Those two files are both entitled Example.doc. Thus, the two Examples.doc files 618 and 622 are shown as children of the Documents directory 1202);
the one or more results including the second document subset (Para [0159], . The results of the query are then presented to the application as the contents of the Documents directory 1202. At the time illustrated in FIG. 12, the file system only includes two files that satisfy the query associated with the Documents directory 1202).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone and Kurian’s teaching to Sedlar’s in order to provide database accessing method for electronic file system, by issuing database commands to database server, in response to calls made to routines by application (Sedlar [Summary]).

Regarding Claim 32, Rodrigues, Schiavone, Kurian and Sedlar teach
The method of claim 31.

Rodrigues did not teach
wherein the request includes a declarative statement to determine one or more parameters for the first set of rules and/or the second set of rules.

However, Schiavone teaches 
wherein the request includes a declarative statement to determine one or more parameters for the first set of rules and/or the second set of rules (Paragraph 0057, the Information Request is parsed to identify the Data Requestor, the information requested, and any declarative statements of use carried by the Information Request indicating the intended uses/terms of use for the information requested).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues’ teaching to Schiavone’s so that Interfaces may be provided to allow the Data Controller to access, modify and update any of its disclosed information or the associated terms of use by referencing a rule specifying parameters relating to permissible retrieval of a requested data unit in response to an information request (Schiavone [abstract]).

Regarding Claim 33, Rodrigues, Schiavone, Kurian and Sedlar teach
The method of claim 32.

Rodrigues did not teach
wherein the declarative statement includes code for executing the request, the code including the read or write operation, the one or more fields, and/or the user identification.

However, Schiavone teaches 
wherein the declarative statement includes code for executing the request, the code including the read or write operation, the one or more fields, and/or the user identification (Paragraph 0059, The Negotiation Engine 78 determines whether the terms of the declarative statements of the Information Request indicating the uses/terms of use desired by the Data Requestor are in accord with the rules of the Rules database governing the permitted disclosure of the Data Controller's information, as shown at step 138).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues’ teaching to Schiavone’s so that Interfaces may be provided to allow the Data Controller to access, modify and update any of its disclosed information or the associated terms of use by referencing a rule specifying parameters relating to permissible retrieval of a requested data unit in response to an information request (Schiavone [abstract]).

Regarding Claim 38, Rodrigues, Schiavone, Kurian and Sedlar teach
The method of claim 31, wherein transmitting, based on the request and the one or more fields, the database request to the remote database comprises transmitting the database request to the remote database, and, based on a response from the remote database, transmitting the service request to a service  (Rodrigues [Claim 17, transmitting, by the API module of the computing device in response to the first request, a first response identifying the second API endpoint; receiving, at the computing device, a second request that is destined to the second API endpoint, wherein the second request identifying a command to retrieve, update, add, or delete one or more instances of the resource; performing, by the computing device, the command to retrieve, update, add, or delete the one or more instances of the resource; and transmitting, by the computing device in response to the second request, a second response indicating a result of the performing the command]).

Regarding Claim 39, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 23.

Rodrigues, Schiavone, and Kurian did not specifically teach 
further comprising limiting transmission of documents to the cloud-based application to the results including the second document subset.

However, Sedlar teaches
further comprising limiting transmission of documents to the cloud-based application to the results including the second document subset (Para [0082], Prior to issuing database commands that access a file stored in the files table managed by database server 204, translation engine 308 issues database commands to verify that the user that is requesting the access has permission to perform the type of access requested for the specified file).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone and Kurian’s teaching to Sedlar’s in order to provide database accessing method for electronic file system, by issuing database commands to database server, in response to calls made to routines by application (Sedlar [Summary]).

Regarding Claim 40, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 39, wherein the cloud-based application is configured to be displayed on a mobile device (Rodrigues [Para 0033, In these three system configurations 200A-200C, the application 104 utilized by an end user 102 (not depicted herein) executes at a client device 202. The client device 202, and other computing devices used in this system (e.g., server devices 204, 206, 208), may be of various different types including, but not limited to, personal computers (PCs), desktops, mobile or handheld devices such as laptops, mobile phones, tablets, etc., and other types of devices]).

Regarding Claim 41, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 23.

Rodrigues, Schiavone, and Kurian did not specifically teach 
wherein transmitting the one or more results including the second document subset comprises providing, responsive to a request associated with an unprivileged user role, a response based on underlying data, wherein the response does not expose the underlying data.

However, Sedlar teaches
wherein transmitting the one or more results including the second document subset comprises providing, responsive to a request associated with an unprivileged user role, a response based on underlying data, wherein the response does not expose the underlying data (Para [0082], If the data thus retrieved indicates that the user does not have the required permission, then translation engine 308 does not issue the commands that perform the requested operation. Instead, translation engine 308 provides an error message back to the operating system from which the request originated.).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone and Kurian’s teaching to Sedlar’s in order to provide database accessing method for electronic file system, by issuing database commands to database server, in response to calls made to routines by application (Sedlar [Summary]).


Claims 26-29, and 34-37 are rejected under 35 U.S.C. 103 as being unpatentable over Rodrigues (US 20160092173) in view of Schiavone (US 20040153908), Kurian (US 20180337929 A1) and Sedlar (US 20080215528 A1), further in view of Zhu (US 20180129746).
Note: Rodrigues, Schiavone and Zhu were cited in IDS

Regarding Claim 26, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 24.

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein the request from the cloud-based application is parsed to determine the one or more parameters by translating a raw expression for the declarative statement from the request into a general match expression.

However, Zhu (US 20180129746) teaches 
wherein the request from the cloud-based application is parsed to determine the one or more parameters by translating a raw expression for the declarative statement from the request into a general match expression (Paragraph 0022, The caller 104 provides, at 120, queries (e.g., raw Language-Integrated Query (LINQ) query statements, etc.) to an entity queryable 106, which in turn provides, at 122, the queries (e.g., raw query expression, etc.) to a parser 108. Paragraph 0024, The parser 108 in the queryable interface is also configured to produce, at 124, an entity query criteria, which represents the key information in the parsed query. Paragraph 0025, The executor 110 invokes, at 128, corresponding methods under the entity query source 112, which is configured to adapt the entity query criteria into conditions for the particular format of databases; Paragraph 0026, The entity query source 112 returns, at 130, the query result to the executor 110. Exemplary query results include, but are not limited to, a collection of entities (e.g., an (Entity array), a collection of fields (e.g., an IField array), and a count) Examiner Comments:  It is known to someone ordinary skilled in the art that raw expressions may include one or more parameters. In the broadest reasonable interpretation, and based on the disclosure in paragraph [0058] of the published specification, the query results can be interpreted to the claimed general match expression.

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Regarding Claim 27, Rodrigues, Schiavone, Kurian and Sedlar teach
The cloud-based resource of claim 25. 

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein translating the raw expression for the declarative statement from the request into the general match expression comprises interpolating the raw expression from the request to replace one or more placeholders in the raw expression with corresponding values.

However, Zhu (US 20180129746) teaches 
wherein translating the raw expression for the declarative statement from the request into the general match expression comprises interpolating the raw expression from the request to replace one or more placeholders in the raw expression with corresponding values (Zhu [Paragraph 0025, entity query source 112 implements a function that retrieves (e.g., via a get statement) all entities that satisfy a given entity query criteria. For example, in an embodiment entity query source 112 implements GetEntities(IQueryableCriteria) where IQueryableCriteria is an embodiment of the entity query criteria. In another aspect, entity query source 112 implements a function that gets field values of all entities that satisfy a given entity query criteria]).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Regarding Claim 28, Rodrigues, Schiavone, Kurian, Sedlar and Zhu teach
The cloud-based resource of claim 26.

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises converting the interpolated expression into the general match expression.

However, Zhu teaches 
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises converting the interpolated expression into the general match expression (Zhu [Paragraph 0026, The entity query source 112 returns, at 130, the query result to the executor 110. Exemplary query results include, but are not limited to, a collection of entities (e.g., an (Entity array), a collection of fields (e.g., an IField array), and a count])  Examiner Comments:  In the broadest reasonable interpretation, and based on the disclosure in paragraph [0058] of the published specification, the query results can be interpreted to the claimed general match expression .

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Regarding Claim 29, Rodrigues, Schiavone, Kurian, Sedlar and Zhu teach
The cloud-based resource of claim 27.

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises evaluating the general match expression against a value.

However, Zhu teaches 
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises evaluating the general match expression against a value (Zhu [Paragraph 0025, entity query source 112 implements a function that retrieves (e.g., via a get statement) all entities that satisfy a given entity query criteria. For example, in an embodiment entity query source 112 implements GetEntities(IQueryableCriteria) where IQueryableCriteria is an embodiment of the entity query criteria. In another aspect, entity query source 112 implements a function that gets field values of all entities that satisfy a given entity query criteria]).

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Regarding Claim 34, Rodrigues, Schiavone, Kurian and Sedlar teach
The method of claim 33.

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein the request from the cloud-based application is parsed to determine the one or more parameters by translating a raw expression for the declarative statement from the request into a general match expression.

However, Zhu (US 20180129746) teaches 
wherein the request from the cloud-based application is parsed to determine the one or more parameters by translating a raw expression for the declarative statement from the request into a general match expression (Paragraph 0022, The caller 104 provides, at 120, queries (e.g., raw Language-Integrated Query (LINQ) query statements, etc.) to an entity queryable 106, which in turn provides, at 122, the queries (e.g., raw query expression, etc.) to a parser 108. Paragraph 0024, The parser 108 in the queryable interface is also configured to produce, at 124, an entity query criteria, which represents the key information in the parsed query. Paragraph 0025, The executor 110 invokes, at 128, corresponding methods under the entity query source 112, which is configured to adapt the entity query criteria into conditions for the particular format of databases; Paragraph 0026, The entity query source 112 returns, at 130, the query result to the executor 110. Exemplary query results include, but are not limited to, a collection of entities (e.g., an (Entity array), a collection of fields (e.g., an IField array), and a count) Examiner Comments:  It is known to someone ordinary skilled in the art that raw expressions may include one or more parameters. In the broadest reasonable interpretation, and based on the disclosure in paragraph [0058] of the published specification, the query results can be interpreted to the claimed general match expression.

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Regarding Claim 35, Rodrigues, Schiavone, Kurian, Sedlar and Zhu teach
The method of claim 34. 

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein translating the raw expression for the declarative statement from the request into the general match expression comprises interpolating the raw expression from the request to replace one or more placeholders in the raw expression with corresponding values.

However, Zhu (US 20180129746) teaches 
wherein translating the raw expression for the declarative statement from the request into the general match expression comprises interpolating the raw expression from the request to replace one or more placeholders in the raw expression with corresponding values (Zhu [Paragraph 0025, entity query source 112 implements a function that retrieves (e.g., via a get statement) all entities that satisfy a given entity query criteria. For example, in an embodiment entity query source 112 implements GetEntities(IQueryableCriteria) where IQueryableCriteria is an embodiment of the entity query criteria. In another aspect, entity query source 112 implements a function that gets field values of all entities that satisfy a given entity query criteria]).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Regarding Claim 36, Rodrigues, Schiavone, Kurian, Sedlar and Zhu teach
The method of claim 35.

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises converting the interpolated expression into the general match expression.

However, Zhu teaches 
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises converting the interpolated expression into the general match expression (Zhu [Paragraph 0026, The entity query source 112 returns, at 130, the query result to the executor 110. Exemplary query results include, but are not limited to, a collection of entities (e.g., an (Entity array), a collection of fields (e.g., an IField array), and a count])  Examiner Comments:  In the broadest reasonable interpretation, and based on the disclosure in paragraph [0058] of the published specification, the query results can be interpreted to the claimed general match expression .

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Regarding Claim 37, Rodrigues, Schiavone, Kurian, Sedlar and Zhu teach
The method of claim 36.

Rodrigues, Schiavone, Kurian and Sedlar did not teach
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises evaluating the general match expression against a value.

However, Zhu teaches 
wherein translating the raw expression for the declarative statement from the request into the general match expression further comprises evaluating the general match expression against a value (Zhu [Paragraph 0025, entity query source 112 implements a function that retrieves (e.g., via a get statement) all entities that satisfy a given entity query criteria. For example, in an embodiment entity query source 112 implements GetEntities(IQueryableCriteria) where IQueryableCriteria is an embodiment of the entity query criteria. In another aspect, entity query source 112 implements a function that gets field values of all entities that satisfy a given entity query criteria]).

	It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have combined Rodrigues, Schiavone, Kurian and Sedlar’s teaching to Zhu’s in order to allow an application to retrieve and manipulate data without requiring technical details about the data by providing entity query source to adapt entity query criteria into data sources such that data sources filter and sort data stored to determine query results satisfying database queries (Zhu [Summary]).

Response to Arguments
Applicant’s arguments with respect to claims 23-41 have been considered but are moot because the arguments do not apply to the previous cited sections of the references used in the previous office action. The current office action is now citing additional references to address the newly added claimed limitations.

	

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AMIR SOLTANZADEH whose telephone number is (571)272-3451.  The examiner can normally be reached on M-F, 9am - 5pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wei Zhen can be reached on (571) 272-3708.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AMIR SOLTANZADEH/Examiner, Art Unit 2191                                                                                                                                                                                               /WEI Y ZHEN/Supervisory Patent Examiner, Art Unit 2191