Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Drawings
The drawings are objected to as failing to comply with 37 CFR 1.84(p)(5) because they include the following reference character(s) not mentioned in the description: Fig. 3B ref. 322 and Fig. 4A ref.  Corrected drawing sheets in compliance with 37 CFR 1.121(d), or amendment to the specification to add the reference character(s) in the description in compliance with 37 CFR 1.121(b) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


Claims 2 and 12 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 2 and 12 recites the limitation "the one or more databases".  There is insufficient antecedent basis for this limitation in the claim. For the purpose of examination, this limitation is interpreted as “the one or more database systems”. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6, 8, 11-14, 16, and 18 are rejected under 35 U.S.C. 103 as being unpatentable over BENNISON (US-20140281578-A1) and in view of VAN OPDORP (US-7343377-B1), and further in view of ROBINSON (US-20140137237-A1), hereinafter BENNISON-VAN OPDORP-ROBINSON.
Regarding claim 1, BENNISON teaches “A computer-implemented method comprising: populating a metadata shell database with one or more hash values, ([BENNISON, Para. 0018] “Embodiments provide a system and method for confidentially and securely performing database operations that use novel combinations of a secure processor for performing computational operations, data obfuscation, data compression and data protection methods.”) ([BENNISON, Para. 0026] “As shown, a hashed database provisioning process flow of method 100 begins with inputting of clear text or plain text data elements, block 110. This may be performed using a secure database management processor 101. The clear text data elements may be stored in a database 103 of clear text values, block 120. Processor 101 retrieves the clear text data elements from the database, block 130, and cryptographically hashes the clear text data, block 140. Processor 101 stores the cryptographically hashed values generated from cryptographically hashing the clear text data in a database 104 of cryptographically hashed values, block 150.”) ……. and the metadata shell database is maintained within a locked-down environment on an enterprise network;” ([BENNISON, Para. 0021] “Advantages of embodiments described herein include the ability to distribute sensitive database information that would heretofore be contained and processed only within trusted secure environments by privileged users.”) ([BENNISON, Para. 0022] “An additional advantage of embodiments described herein is that the entire database of hashed values is encapsulated within the secure processor thereby protecting it from outside exposure. The only transaction that occurs between a user and the secure processor is a query input and a match/no-match output. By ensuring the secrecy of the database of hashed values within the secure processor cryptanalysis as suggested above is not feasible.”)
However, BENNISON does not teach “wherein: each hash value corresponds to a verified installation of a database system, …… and monitoring metadata information of one or more database systems on the enterprise network based on periodically accessing metadata information of one or more database systems; and determining whether a database system on the enterprise network has been compromised based on a hash value of the metadata information of the database system and the one or more hash values from the metadata shell database.”.
In analogous teaching VAN OPDORP teaches “wherein: each hash value corresponds to a verified installation of a database system, ([VAN OPDORP, Abstract] “A method for verifying the integrity of a database for use by an application. A process is applied to obtain (2) initial schema metadata (3) from the database (1). As a reference a reduced representation (5) is created (4) from the initial schema metadata (3) using an algorithm such as a hash function. The reduced representation is stored (6), preferably within the application.”) ([VAN OPDORP, Col. 5 lines 1-4] “This reduced form or hash is stored in step 6 as a reference for the correct configuration of the database. Preferably, the reduced form is stored by embedding into the application or within an application configuration file.”) ([VAN OPDORP, Col. 2 Lines 1-2] “In a preferred implementation of the method the secondary application is a database.”) and monitoring metadata information of one or more database systems on the enterprise network based on periodically accessing metadata information of one or more database systems; ([VAN OPDORP, Col. 5 lines 32-40] “The verification process may occur several times during the execution of the application, especially in the case where the application continues execution over a significant period of time, or it may only occur at the start of the application. To ensure that the database does not change after the verification process and before a query is made of the database, a schema stability lock, such as a “SQL Server 2000 schema stability lock”, may be requested of the database.”) ([VAN OPDORP, claim 34] “A system comprising a processor, a memory, and verification engine for providing an indication of integrity of a database”) and determining whether a database system on the enterprise network has been compromised based on a hash value of the metadata information of the database system and the one or more hash values from the metadata shell database. ([VAN OPDORP, Col. 5 lines 10-31] “During execution of the application, the database 1 is queried to extract in step 7 the same type of schema metadata 8 as during the Reference Creation Stage. This metadata is organised using the same method used during the Reference Creation Stage and then compressed in step 9 using the same algorithm used during the Reference Creation Stage to create a runtime reduced form 10. The runtime reduced form 10 is compared in step 11 with the reference reduced form 5 which was embedded in the application. The outcome 12 of this comparison controls the execution of the application. For instance, when the runtime reduced form differs from the embedded reduced form, this indicates that relevant metadata within the database has changed. If the runtime reduced form is identical to the embedded reduced form this indicates that it is very unlikely that relevant metadata within the database has changed. In the case of the former, the application may stop execution, generate an error message, or take actions against the database. In the case of the latter, the application can confidently query the database in the knowledge that the queries are likely to succeed.”)
Thus, given the teaching of VAN OPDORP, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of extracting metadata and converting it into a hash to determine the integrity of a database as taught by VAN OPDORP into the teaching of a method for populating a secured database with hashes taught by BENNISON. One of ordinary skill in the art would have been motivated to do so because VAN OPDORP recognizes the need to check the integrity of databases ([VAN OPDORP, Col. 1 lines 15-20] “Where a central database is servicing multiple applications, either over a network or on a single computer system, and an application has the capacity to change the structure of the database, there is often a need for the other applications to monitor such changes to ensure that any changes made do not affect the operation of those applications.”) ([VAN OPDORP, Col. 1 lines 27-29] “In order for the application to utilize a database effectively it is desired that the application is assured of the integrity of the structure of database before using it.”).
However, BENNISON-VAN OPDORP only teach of a database and do not explicitly teach a shell database.
In analogous teaching ROBINSON teaches of a shell database comprising of metadata ([ROBINSON, para. 0004] “A shell database includes metadata and statistics regarding externally stored data, such as data distributed across a plurality of nodes comprising a parallel data warehouse. Stated differently, the shell database can represent an entire data warehouse, except that it does not include any user data but rather metadata. Thus, the shell database facilitates provisioning of a single system image of the data of a parallel data warehouse. Furthermore, the shell database can reside within a database management system, which can be exploited to perform pre-execution tasks. Pre-execution tasks that can be delegated to the database management system can include, input parsing, validation, authentication, and authorization, among other things.”).
Thus, given the teaching of ROBINSON, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of a shell database as taught by ROBINSON into the teaching of a method for populating a secured database with hashes in order to determine integrity as taught by BENNISON- VAN OPDORP. One of ordinary skill in the art would have been motivated to do so because ROBINSON recognizes the need to provide scalable database solutions using a shell database. ([ROBINSON, para. 0001] “Massively parallel processing (MPP) systems have been widely adopted in recent years. MPP systems are distributed systems including multiple, network connected, independent nodes (e.g., compute nodes).”) ([ROBINSON, para. 0002] “MPP systems are typically used as data warehouses. That is, MPP systems are employed to manage and query vast amounts of data. For contrast, consider a single machine, or node, data warehouse. In this scenario, scaling problems can exist in view of massive quantities of data that can be available in certain circumstances. A parallel data warehouse, or in other words a data warehouse embodied as an MPP system, solves this problem by enabling scale out across many machines”) ([ROBINSON, para. 0004] “A shell database includes metadata and statistics regarding externally stored data, such as data distributed across a plurality of nodes comprising a parallel data warehouse. Stated differently, the shell database can represent an entire data warehouse”) 


Regarding claim 11, this claim recites a processor configured to perform the steps of claim 1. Therefore, claim 11 is rejected in a similar manner is in the rejection of claim 1. 

Regarding claim 2 and 12, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 1 and 11. VAN OPDORP further teaches “computing a respective hash value of the metadata information of each of the one or more databases; ([VAN OPDORP, Col. 2 lines 1-2] “In a preferred implementation of the method the secondary application is a database.”) ([VAN OPDORP, Col. 2 lines 3-6] “The schema metadata may include tables, columns in tables, datatypes of columns, lengths of columns, custom database data types, foreign keys, constraints, stored procedures, views, triggers, indices, or scheduled jobs.”) ([VAN OPDORP, Col. 4 lines 58-63] “The organised extracted metadata is compressed in step 4 using a hash function into a reduced form 5. A good hash function will produce a difficult to forge representation which uniquely identifies the schema metadata. Examples of good contemporary hash functions include MD5 and CRC32.”) and comparing the respective hash value with a hash value from the metadata shell database that corresponds to the verified installation of the database system. ([VAN OPDORP, Col. 8 lines 66-67 , Col. 9  lines 1-10] “extract schema metadata in steps 103 and 104 from the database 92, compute in steps 105 and 106 the hash values 107 and 108 of the schema metadata, and compare in steps 109 and 110 the computed hash values 107 and 108 to the stored hash values 101 and 102. As the database is also version 1.2, the comparison reveals a match between the computed hash values 107 and 108 and the stored hash values 101 and 102. As a result of the match the applications continue normal execution, in steps 111 and 112, which involves use, in steps 113 and 114, of the database.”)
The same motivation to modify BENNISON with VAN OPDORP as in the rejection of claim 1, applies. 

Regarding claim 3 and 13, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 2 and 12. VAN OPDORP further teaches “determining whether the hash value of the database system on the enterprise network matches the hash value from the metadata shell database that corresponds to the verified installation of the database system.” ([VAN OPDORP, Col. 5 lines 10-30] “During execution of the application, the database 1 is queried to extract in step 7 the same type of schema metadata 8 as during the Reference Creation Stage. This metadata is organised using the same method used during the Reference Creation Stage and then compressed in step 9 using the same algorithm used during the Reference Creation Stage to create a runtime reduced form 10. The runtime reduced form 10 is compared in step 11 with the reference reduced form 5 which was embedded in the application. The outcome 12 of this comparison controls the execution of the application. For instance, when the runtime reduced form differs from the embedded reduced form, this indicates that relevant metadata within the database has changed. If the runtime reduced form is identical to the embedded reduced form this indicates that it is very unlikely that relevant metadata within the database has changed. In the case of the former, the application may stop execution, generate an error message, or take actions against the database. In the case of the latter, the application can confidently query the database in the knowledge that the queries are likely to succeed.”).
The same motivation to modify BENNISON with VAN OPDORP as in the rejection of claim 1, applies. 

Regarding claim 4 and 14, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 2 and 12. VAN OPDORP further teaches “in response to determining that the hash value of the database system on the enterprise network does not match the hash value from the metadata shell database that corresponds to the verified installation of the database system, determining that the database system on the enterprise network has been compromised.” ([VAN OPDORP, Col. 5 lines 22-28] “For instance, when the runtime reduced form differs from the embedded reduced form, this indicates that relevant metadata within the database has changed. If the runtime reduced form is identical to the embedded reduced form this indicates that it is very unlikely that relevant metadata within the database has changed. In the case of the former, the application may stop execution, generate an error message, or take actions against the database.”).
The same motivation to modify BENNISON with VAN OPDORP as in the rejection of claim 1, applies. 

Regarding claim 6 and 16, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 1 and 11. BENNISON further teaches “populating a metadata shell database with one or more hash values …… and populating the metadata shell database with the respective hash value for each database system on the enterprise network” ([BENNISON, para. 0026] “As shown, a hashed database provisioning process flow of method 100 begins with inputting of clear text or plain text data elements, block 110. This may be performed using a secure database management processor 101. The clear text data elements may be stored in a database 103 of clear text values, block 120. Processor 101 retrieves the clear text data elements from the database, block 130, and cryptographically hashes the clear text data, block 140. Processor 101 stores the cryptographically hashed values generated from cryptographically hashing the clear text data in a database 104 of cryptographically hashed values, block 150.”).
However, BENNISON does not teach “accessing the metadata information of one or more database systems on the enterprise network; computing a respective hash value of the metadata information for each database system on the enterprise network;”.
In analogous teaching VAN OPDORP teaches “accessing the metadata information of one or more database systems on the enterprise network;” ([VAN OPDORP, ] “During the build (creation) of an application, a database 1, which the application will during its execution, is queried to extract in step 2 schema metadata 3. Schema metadata is information that describes the structure and other features of a database and is agnostic to the actual data stored in the database. Schema metadata includes tables, columns in tables, datatypes of columns, lengths of columns, custom database data types, foreign keys, constraints, stored procedures, views, triggers, indices, and scheduled jobs.”) computing a respective hash value of the metadata information for each database system on the enterprise network; ([VAN OPDORP, Col. 4 lines 58-63] “The organised extracted metadata is compressed in step 4 using a hash function into a reduced form 5. A good hash function will produce a difficult to forge representation which uniquely identifies the schema metadata. Examples of good contemporary hash functions include MD5 and CRC32.”) ([VAN OPDORP, Col. 6 lines 16-21] “Metadata 31 referring to aspects of database 14 used by application 17 is extracted in step 32 from database 14, a hash algorithm is applied in step 33 to form a reduced representation 34 of the metadata and this is compared in step 35 with the stored reduced representation 36 to confirm the integrity of database”).
The same motivation to modify BENNISON with VAN OPDORP as in the rejection of claim 1, applies. 

Regarding claim 8 and 18, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 1 and 11. BENNISON further teaches “populating a metadata shell database with one or more hash values …… and populating the metadata shell database with the respective hash value for each database system on the enterprise network” ([BENNISON, para. 0026] “As shown, a hashed database provisioning process flow of method 100 begins with inputting of clear text or plain text data elements, block 110. This may be performed using a secure database management processor 101. The clear text data elements may be stored in a database 103 of clear text values, block 120. Processor 101 retrieves the clear text data elements from the database, block 130, and cryptographically hashes the clear text data, block 140. Processor 101 stores the cryptographically hashed values generated from cryptographically hashing the clear text data in a database 104 of cryptographically hashed values, block 150.”). …… wherein a group of shell database systems are maintained within the locked-down environment on the enterprise network; ([BENNISON, para. 0021] “Advantages of embodiments described herein include the ability to distribute sensitive database information that would heretofore be contained and processed only within trusted secure environments by privileged users.”) ([BENNISON, para. 0022] “An additional advantage of embodiments described herein is that the entire database of hashed values is encapsulated within the secure processor thereby protecting it from outside exposure. The only transaction that occurs between a user and the secure processor is a query input and a match/no-match output. By ensuring the secrecy of the database of hashed values within the secure processor cryptanalysis as suggested above is not feasible.”)
However, BENNISON does not teach “accessing metadata of a group of shell database systems that correspond to the one or more database systems, …… computing a respective hash value of the metadata information for each database system from the group of shell database systems;” 
In analogous teaching VAN OPDORP teaches “accessing metadata of a group of shell database systems that correspond to the one or more database systems, ([VAN OPDORP, Col. 5 lines 10-17] “the database 1 is queried to extract in step 7 the same type of schema metadata 8 as during the Reference Creation Stage. This metadata is organised using the same method used during the Reference Creation Stage and then compressed in step 9 using the same algorithm used during the Reference Creation Stage to create a runtime reduced form 10.”) …… computing a respective hash value of the metadata information for each database system from the group of shell database systems ([VAN OPDORP, Col. 4 lines 58-63] “The organised extracted metadata is compressed in step 4 using a hash function into a reduced form 5. A good hash function will produce a difficult to forge representation which uniquely identifies the schema metadata. Examples of good contemporary hash functions include MD5 and CRC32.”).
The same motivation to modify BENNISON with VAN OPDORP as in the rejection of claim 1, applies. 

Claims 5, 10, 15, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over BENNISON-VAN OPDORP-ROBINSON, in view of LAIDLAW (US-20150163242-A1).
Regarding claim 5 and 15, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 1 and 11. However, BENNISON-VAN OPDORP-ROBINSON does not teach “in response to determining that the database system on the enterprise network has been compromised, alerting a system administrator of the enterprise network.”.
In analogous teaching LAIDLAW teaches “in response to determining that the database system on the enterprise network has been compromised, alerting a system administrator of the enterprise network.” ([LAIDLAW, para. 0360] “In this example, the capability and sophistication of the alert clearly confirms that the site is under attack and that the systems administrator/security team should raise their vigilance stakes, but it does not need to initiate a forensic investigation into determining if the web site and back end database has been compromised. The lack of sophistication would enable the systems administrator/security team to easily identify through the various PCAP files if any sensitive data has egressed the database server.”)
Thus, given the teaching of LAIDLAW, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of alerting an administrator as taught by LAIDLAW into the teaching of a method for populating a secured database with hashes taught by BENNISON-VAN OPDORP-ROBINSON. One of ordinary skill in the art would have been motivated to do so because LAIDLAW recognizes the need to protect secure computing environments ([LAIDLAW, Para. 0007 ] “a significant challenge facing developers and administrators of secure computer environments is to continually evolve defenses to cyber threats in order to detect and avert successful attacks.”) ([LAIDLAW, para. 0008] “In order to police access to computer resources, and to help avert cyber-attacks, monitoring of network traffic in order to detect cyber threats is of crucial importance.”).

Regarding claim 10 and 20, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 1 and 11. However, BENNISON-VAN OPDORP-ROBINSON does not teach “wherein the locked-down environment on the enterprise network is enforced by a firewall or a whitelist.”
In analogous teaching LAIDLAW teaches “wherein the locked-down environment on the enterprise network is enforced by a firewall or a whitelist.” ([LAIDLAW, para. 0105] “The control environment 402 comprises a physical server 461 and database resource 462 coupled to and accessible via the Internet 420 by one or more Internet enabled user terminals 451, 453. The physical server 461 and database resource 462 may together implement hypervisor software to support a virtualized platform 402′ including one or more security components such as a firewall and Network Security Monitor 471 and one or more computer resources”) ([LAIDLAW, para. 0359] “As a result of this particular attack and associated attacks being detected and alerted on, the CTP could create an automated block (deny rule) using a standard firewall to block the originating source of the attack.”)
The same motivation to modify BENNISON-VAN OPDORP-ROBINSON with LAIDLAW as in the rejection of claim 5, applies. 

Claims 7 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over BENNISON-VAN OPDORP-ROBINSON, in view of BERLIN (US-20140215196-A1).
Regarding claim 7 and 17, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 1 and 11. VAN OPDORP does teach hash values corresponding to a database as cited in the rejection of claim 1 and BENNISON does teach “and populating the metadata shell database with the list of hash values for each database systems.” ([BENNISON, para. 0026] “As shown, a hashed database provisioning process flow of method 100 begins with inputting of clear text or plain text data elements, block 110. This may be performed using a secure database management processor 101. The clear text data elements may be stored in a database 103 of clear text values, block 120. Processor 101 retrieves the clear text data elements from the database, block 130, and cryptographically hashes the clear text data, block 140. Processor 101 stores the cryptographically hashed values generated from cryptographically hashing the clear text data in a database 104 of cryptographically hashed values, block 150.”). Similar to a feature of claims 6 and 8. However, BENNISON-VAN OPDORP-ROBINSON does not teach “wherein populating a metadata shell database with one or more hash values comprises: accessing a vendor repository for a list of hash values for the one or more database systems;”.
In analogous teaching BERLIN teaches “wherein populating a metadata shell database with one or more hash values comprises: accessing a vendor repository for a list of hash values for the one or more database systems;” ([BERLIN, para. 0011] “The list of known good hashes, or a "whitelist," may contain the proper secure hash results for a majority of pre-boot drivers associated with peripheral cards used by PCs. The whitelist may be maintained and digitally signed by a trusted third party (e.g., a BIOS or computer manufacturer).”) ([BERLIN, para. 0015] “The whitelist 108 may be a copy of the whitelist 130 stored on one of the servers 122 and may be stored on the BIOS storage device 128. The whitelist 108 may also be stored on the mass storage device 112, but may be encrypted to prevent tampering in this implementation. The whitelist 108, 130 may be a list of known good secure hashes”).
Thus, given the teaching of BERLIN, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of accessing a vendor list of good hashes as taught by BERLIN into the teaching of a method for populating a secured database with hashes taught by BENNISON-VAN OPDORP-ROBINSON. One of ordinary skill in the art would have been motivated to do so because BERLIN recognizes the need to check the integrity of systems ([BERLIN, para. 0009] “A disclosed method is provided to rectify the lack of the additional security for systems that do not verify the integrity of pre-boot drivers and early OS code, such as OS loaders and OS kernels, before executing the same.”) ([BERLIN, para. 0010] “The disclosed method may add a new security feature, a boot driver verification process, to a computer system …… The security check may involve a secure hash to be calculated for the pre-boot driver, and then the secure hash may be compared to a list of known good secure hashes for that pre-boot driver and others.”).


Claims 9 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over BENNISON-VAN OPDORP-ROBINSON, in view of JAIN (US-20170116321-A1).
Regarding claim 9 and 19, BENNISON-VAN OPDORP-ROBINSON teaches all limitations of claim 8 and 18. However, BENNISON-VAN OPDORP-ROBINSON does not teach “wherein the group of shell database systems are provisioned as container images, and wherein the container images are patched periodically to synchronize with verified installations.”.
In analogous teaching, JAIN teaches “wherein the group of shell database systems are provisioned as container images, and wherein the container images are patched periodically to synchronize with verified installations.” ([JAIN, para. 0004] “A database management system (DBMS) manages a database. A DBMS may comprise one or more database servers. A database comprises database data and a database dictionary that are stored on a persistent memory mechanism, such as a set of hard disks. Database data may be stored in one or more data containers. Each container contains records. The data within each record is organized into one or more fields.”) ([JAIN, para. 0010] “A container is a collection of schemas, objects, and related structures in a multitenant container database (CDB) that appears logically to an application as a separate database. Within a CDB, each container has a unique ID and name. The root database and every pluggable database (PDB) is considered a container. PDBs isolate data and operations so that from the perspective of a user or application, each PDB appears as if it were a traditional non-CDB. Each PDB is defined by its own separate database dictionary.”) ([JAIN, para. 0047] “the cluster synchronization server continues to maintain the mappings and ensures that the CDBs within the cluster have a consistent and up-to-date view of which PDBs are held by which CDBs. There are many synchronization techniques that may be used for this purpose, such as sending periodic heartbeat messages to ensure all information on the CDBs is up to date or having the database servers send an update message to the cluster synchronization server whenever the membership of PDBs within the associated CDB changes. For example, the database server may receive a command to add or remove a PDB from its associated CDB. In response, the database server sends an update message to the cluster synchronization server which then updates its own mappings and sends the updated mappings to the other database servers within the cluster for storage within their respective CDBs. However, the exact manner in which synchronization is performed between the nodes of the multi-node DBMS is not critical and can be performed in numerous different manners without departing from the scope of this disclosure.”).
Thus, given the teaching of JAIN, it would have been obvious to one of ordinary skill in the art before the effective filling date of the claimed invention to combine the teaching of database system provisioned as containers as taught by JAIN into the teaching of a method for populating a secured database with hashes taught by BENNISON-VAN OPDORP-ROBINSON. One of ordinary skill in the art would have been motivated to do so because JAIN recognizes the benefits of using containers to increase scalability of access to storage. ([JAIN, para. 0012] “Multi-node database management systems increase the scalability of access to storage since each node can receive and process requests for operations to perform on the underlying container database in parallel. As a result, the system can withstand larger numbers of requests and additional nodes can be added to reduce strain if the system begins to become overloaded.”)


The prior art made of record and not relied upon is considered pertinent to applicant’s
disclosure.
XU (US-20070294205-A1) teaches an invention providing a system that facilitates detecting data tampering within a table in a database. The system operates by hashing a row in the table to create a row-hash. The system then hashes a block of consecutive row-hashes to create a block-hash. Finally, the system signs the block-hash with an encryption key, so that tampering with data in the row will result in an invalid row-hash and an invalid block-hash.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AFAQ ALI whose telephone number is (571)272-1571. The examiner can normally be reached Mon - Fri 7:30am - 5:30pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/AFAQ ALI/Examiner, Art Unit 2434                                                                                                                                                                                                        
/NOURA ZOUBAIR/Primary Examiner, Art Unit 2434