Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the Amendment filed on 5/23/2022 for 16/377,376.
As per instant Amendment, Claims 1, 11, and 20 have been amended. Claims 8 and 18 have been canceled.  Claims 1, 11, and 20 are independent claims.  Claims 1-7, 9-17, 19, and 20 have been examined and are pending. This Action is made FINAL. 

Response to Amendment
Applicants’ arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 5/23/2022, with respect to the rejections of claims 1-7, 9-17, 19, and 20 have been fully considered but are not persuasive.
Applicant argues as follows:  A. Legal Standards The Examiner bears the burden of establishing a prima facie case of obviousness based on prior art when rejecting claims under 35 U.S.C. § 103. In re Fritch, 972 F.2d 1260, 23 U.S.P.Q.2d 1780 (Fed. Cir. 1992). The prior art reference (or references when combined) must teach or suggest all the claim limitations. In re Royka, 490 F.2d 981, 180 USPQ 580 (CCPA 1974). "In determining obviousness, the scope and content of the prior art are ... determined; differences between the prior art and the claims at issue are ... ascertained; and the level of ordinary skill in the pertinent art resolved. Against this background the obviousness or non- obviousness of the subject matter is determined." Graham v. John Deere Co., 383 U.S. 1 (1966). "Often, it will be necessary for a court to look to interrelated teachings of multiple patents; the effects of demands known to the design community or present in the marketplace; and the background knowledge possessed by a person having ordinary skill in the art, all in order to determine whether there was an apparent reason to combine the known elements in the fashion claimed by the patent at issue." KSR Int'l. Co. v. Teleflex, Inc., No. 04-1350 (U.S. Apr. 30, 2007). "Rejections on obviousness grounds cannot be sustained by mere conclusory statements; instead, there must be some articulated reasoning with some rational underpinning to support the legal conclusion of obviousness." Id. (citing In re Kahn, 441 F.3d 977, 988 (Fed. Cir. 2006)). 
Examiner respectfully disagrees.  In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007).  In this case, Dickie describes that some database management systems maintain metadata about each storage region in the form of range values or range maps that define minimum and maximum ranges in a given storage region in order to filter storage regions before actually reading and searching the stored data. (See para. [0005]).  Also, one would have been motivated to provide users with the benefits of receiving updates to the log for the data volume made consistent across the log for the entire data volume without communicating the log record to other protection groups in the distributed storage system, reducing latency for committing updates to the log (Leshinsky, paragraph 0136).
Applicant argues as follows:  B. Argument Application No. 16/377,376 The Office Action, on pages 9-10, alleges that Cotner teaches the previously claimed feature of "modifying a way of filtering said storage region so said rows are partially omitted during reading based on a setting of said access of a user in comparison to said lower and said upper access security label of said control record of said specific storage region." In doing so, the Office Action cites paragraphs [0064], and [0075] of Cotner, arguing that "[t]he security label of the row has a value that is within a range of values that are accessible to the user. This is the case when the user's security dominates the row's security, both of the following conditions are true. i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. ii) ... If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102; paragraph 0032 and Fig. 2D: As shown in the SECURITY.TABLE 30 of FIG. 2C, SALLY's security label is 'blue', and accordingly, the resulting user view 32 includes only those rows of USER.TABLE 26 having a security label equal to the security label 'blue'. --- It is noted that if the security label has a value that is within a range of values that are accessible to the user, then the DBMS returns the result to the user; here the results include only a part of the table contents, which teaches said rows are partially omitted during reading." However, Applicant respectfully asserts that even if paragraphs [0064] and [0075] of Cotner taught the previously presented claim language of "modifying a way of filtering said storage region so said rows are partially omitted during reading based on a setting of said access of a user in comparison to said lower and said upper access security label of said control record of said specific storage region" - a conclusion to which Applicant does not concede - they certainly do not teach or suggest the amended claim language of "modifying one or more zone maps by adding a field for each extent representing a multi-level security dimension"; "adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field"; "modifying an administrative tasks responsible for calculating the one or more zone maps"; "modifying a way of reading one or more table content based on a new feature added the one or more zone maps"; and "modifying a user description inside a database dictionary." The remaining portions of Cotner do not fill this deficiency, nor do Dickie, Egawa, and/or Dickie404 (whether considered individually or in combination with Cotner). 
Examiner respectfully disagrees.  Regarding claim 1, Cotner teaches:, in paragraph 0019, a computer-implemented method for processing a query for accessing data in a database with row level security, wherein said data being organized in rows and columns, wherein rows are grouped in storage regions, said method comprising, said method comprising:, in paragraph 0036, maintaining, as part of a control record .. , in paragraphs 0075 and 0073, a lower access security label, representing a minimal user access right of any of said rows … , in paragraphs 0075 and 0066, an upper access security label representing a maximal user access right of any of said rows … , in paragraphs 0035 and 0069, wherein accessing said storage region comprising a plurality of rows comprises instantly determining the access to each row in said storage region , in paragraph 0075,  said storage region so said rows are partially omitted during reading based on a setting of said access of a user in comparison to said lower and said upper access security label of said control record, in paragraphs 0066 and 0069, adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, in paragraph 0064, modifying an administrative tasks responsible for, in paragraph 0086, modifying a way of reading one or more table content based on a new feature added the one or more zone maps; in paragraphs 0072, 0075, and 0078, upon determining, for a query, whether said access right of a user initiating said query is below said lower access security label of a storage region addressed by said query, skipping said storage … during a read execution of said query.  Dickie, in paragraph 0012, discloses … as part of a control record for each storage region … , in paragraph 0012, … rows in said storage region … , in paragraph 0012, … in comparison to … said control record of said specific storage region, in paragraphs 0013 and 0005, … skipping said storage region … .  Leshinsky discloses, in paragraph 0078, adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field, in paragraph 0078, modifying an administrative tasks responsible for calculating the one or more zone maps, and in paragraph 0127, modifying a user description inside a database dictionary.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 272 5368 to schedule an interview.

Claim Objections
Claims 1, 11, and 20 are objected to because of the following informalities:  “the new data field” lacks an antecedent basis in claim 1, line 17, claim 11, line 24, and claim 20, line 20.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-4, 10-14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Cotner et al. (US 2017/0053133; hereinafter, “Cotner”) in view of Dickie et al. (US 2015/0095299; hereinafter, “Dickie”), and Leshinsky (US20170132091), filed January 23, 2017.
Regarding claim 1, Cotner teaches:
a computer-implemented method for processing a query for accessing data in a database with row level security, wherein said data being organized in rows and columns, wherein rows are grouped in storage regions (Cotner, paragraph 0019, flowcharts for querying a database management system), said method comprising, said method comprising:
maintaining, as part of a control record .. (Cotner, paragraph 0036: 2. Each row within a secure table is associated with a security label, which can be a column within that security table. For example, that column can have a predetermined name (e.g. SECURITY_LABEL) or it can be identified through an SQL clause when the table is defined (e.g. AS SECURITY LABEL clause on the CREATE TABLE column definition). It will be understood that other techniques can be used to associate a security label with a row. --- It is noted that a security label teaches a control record; column can have a predetermined name (e.g. SECURITY_LABEL) teaches maintaining a control record), 
a lower access security label, representing a minimal user access right of any of said rows … (Cotner, paragraph 0075: The security label of the row has a value that is within a range of values that are accessible to the user; [0066]: a. The security level of the data contained in the row. This allows implementation of multilevel, hierarchical security schemes (e.g., TOP SECRET, SECRET, UNCLASSIFIED); para. [0073]: If the table does not have a SECURITY_LABEL column, then the query is processed in a conventional manner in operation 86 and the results of the query are returned to the user in operation 88. --- It is noted that for example, UNCLASSIFIED teaches a lower access security label; UNCLASSIFIED implies a minimal user access right of any of said rows), and 
an upper access security label representing a maximal user access right of any of said rows … (Cotner, paragraph 0075: The security label of the row has a value that is within a range of values that are accessible to the user; [0066]: a. The security level of the data contained in the row. This allows implementation of multilevel, hierarchical security schemes (e.g., TOP SECRET, SECRET, UNCLASSIFIED). --- It is noted that for example, TOP SECRET teaches an upper access security label; TOP SECRET implies a maximal user access right of any of said rows); and
wherein accessing said storage region comprising a plurality of rows comprises instantly determining the access to each row in said storage region Cotner, paragraph 0069, when user’s identity is ascertained, the DBMS automatically determines the security label for that user; paragraph 0035, such as with a lookup of the relational DBMS); 
modifying a way of filtering (Cotner, paragraph 0064, modifying a way of filtering includes purging a cache to permit changes to a user’s security level and to the security levels of rows in the data)  said storage region so said rows are partially omitted during reading based on a setting of said access of a user in comparison to said lower and said upper access security label of said control record (Cotner, paragraph 0075: a. The security label of the row has a value that is within a range of values that are accessible to the user. This is the case when the user's security dominates the row's security, both of the following conditions are true. i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. ii) … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102; paragraph 0032 and Fig. 2D: As shown in the SECURITY.TABLE 30 of FIG. 2C, SALLY's security label is “blue”, and accordingly, the resulting user view 32 includes only those rows of USER.TABLE 26 having a security label equal to the security label “blue”. --- It is noted that if the security label has a value that is within a range of values that are accessible to the user, then the DBMS returns the result to the user; here the results include only a part of the table contents, which teaches said rows are partially omitted during reading. Further noted that it is unclear what is meant by the feature “modifying said storage region so said rows are partially omitted); and
adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort (Cotner, paragraph 0066, adding a security label column to allow hierarchical security schemes, security categories; row-level security; paragraph 0069, security level of data);
modifying an administrative tasks responsible for (Cotner, paragraph 0064, “A user's security level and a row's security level are assumed to stay unchanged during the period when a query is performed. However, by purging the cache after each query, changes to both the user's security level and to the security levels of rows in the data can occur without having to invalidate information held in the cache.”);
modifying a way of reading one or more table content based on a new feature added the one or more zone maps (Cotner, paragraph 0085, “Referring to FIG. 8A, when the user, in operation 104, requests an update to data in a row of a database table, either a change to the data in the row or inserting a row, the user is identified and the user's security level and security categories are determined in operation 106. A request is prepared in operation 108 that includes the row update as well as the user's security level and categories. That request is then sent to the DBMS in operation 110.”);
upon determining, for a query, whether said access right of a user initiating said query is below said lower access security label of a storage region addressed by said query, skipping said storage … during a read execution of said query (Cotner, paragraph 0072: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; paragraph 0075: … i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. If not, the user is denied access to the row in operation 96; paragraph 0078: The security label associated with the row is outside the range of values corresponding to the user's security label. In this case, the DBMS either ignores the row… --- it is noted that a query teaches a query; a user prepares a query for submission teaches a user initiating said query; the user’s access right teaches an access right of a user; the user’s access right are determined teaches upon determining; [when] the security label associated with the row is outside the range of values corresponding to the user's security label, the DBMS either ignores the row teaches [when] an access right of a user is below said lower access security label of a storage, skipping said storage during a read execution of said query).
Costner does not explicitly disclose … as part of a control record for each storage region …; … rows in said storage region …; … in comparison to … said control record of said specific storage region; and … skipping said storage region … 
However, Dickie, in an analogous art, discloses 
… as part of a control record for each storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. --- It is noted that each region teaches each storage region; metadata about each region corresponds to a control record for each storage region); 
… rows in said storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. --- It is noted that to filter table rows [of] each region of table storage teaches rows in said storage region);
… in comparison to … said control record of said specific storage region (para. [0012]: For example, if a storage region is known to contain records with column values between 100 and 200 (i.e., col 1 {100, 200}), … if a query has a value from 100 to 200, including the values of 100 and 200, then that storage region may be read and searched. In this regard, a range map may identify upper and lower range values or bounds for data within a given storage region. --- It is noted that if a query has a value from 100 to 200, then that storage region may be read and searched, which teaches in comparison to said control record of said specific storage); and
… skipping said storage region … (para. [0013]: In this regard, a range map may be used to define regions that do not have to be read and searched in response to a query. For example, the query may require a surname of “Smith”. Thus, when a surname is part of a query, the surname “Smith”, by virtue of a range map, can be used to eliminate those storage regions that do not contain “Smith” based on the “Smith” query value and the range maps; para. [0005]: For example, if a storage region is known to contain records with column values between 100 and 200 (e.g., as stored in the range map metadata), then when a query with range values outside of that known range (e.g., a query with a value of 500) is evaluated, the evaluation can eliminate that storage region. --- It is noted that eliminate that storage region teaches skipping said storage region).
In this regard, Dickie describes that some database management systems maintain metadata about each storage region in the form of range values or range maps that define minimum and maximum ranges in a given storage region in order to filter storage regions before actually reading and searching the stored data. (See para. [0005])
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cotner’s system by enhancing Cotner’s method/system/ computer program product to define and maintain minimum and maximum ranges of the security label of tables which include rows, as taught by Dickie, in order to filter tables before actually reading and searching the rows in the tables.
The motivation is to minimize processing requirements and elapsed time overhead associated with making row-level security checks (Cotner, para. [0009]) by eliminating storage regions from reading according to the user's security label.
Cotner and Dickie disclose adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort; modifying an administrative tasks responsible for; but do not explicitly disclose adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field; modifying an administrative tasks responsible for calculating the one or more zone maps; modifying a user description inside a database dictionary.
However, in an analogous art, Leshinsky discloses adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field (Leshinsky, paragraph 0078, control log records/ zone maps generated by storage system that involve control information expected to be invisible); 
modifying an administrative tasks responsible for calculating the one or more zone maps (Leshinsky, paragraph 0078, control log records/ zone maps generated by storage system); 
modifying a user description inside a database dictionary (Leshinsky, paragraph 0127, metadata describing the database, such as data dictionaries, user data space as logical arrangement of user data in a volume, the log maintained for the data volume includes changes or updates to the data).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Leshinsky with the method/ database system/ computer program product of Cotner and Dickie to include adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field; modifying an administrative tasks responsible for calculating the one or more zone maps; modifying a user description inside a database dictionary.
One would have been motivated to provide users with the benefits of receiving updates to the log for the data volume made consistent across the log for the entire data volume without communicating the log record to other protection groups in the distributed storage system, reducing latency for committing updates to the log (Leshinsky, paragraph 0136).
Regarding claim 2, Cotner in view of Dickie and Leshinsky teach: The computer-implemented method according to claim 1.  Dickie discloses ( Dickie, paragraph 0012,: … Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. The metadata may contain value ranges or range maps that indicate minimum (min) and maximum (max) values for a given column (col) variable. Accordingly, the metadata may be of the form: col 1 {min value, max value}. For example, if a storage region is known to contain records with column values between 100 and 200 (i.e., col 1 {100, 200}), then a query restricted to records with column values greater than 500 will not read that storage region. However, if a query has a value from 100 to 200, including the values of 100 and 200, then that storage region may be read and searched. In this regard, a range map may identify upper and lower range values or bounds for data within a given storage region. The upper and lower bound may be conservative or inclusive of that bound. In one example, for a given storage region, values that are less than or equal to the upper bound (e.g., a max) in storage region's metadata, and greater than or equal to the lower hound (e.g., a min), may be found in that storage region; paragraph 0044: The range map hierarchy may be based on any number of levels of granularity (e.g., extents, pages, sets of rows, etc.) and may employ any desired data sizes for the hierarchy (e.g., 8 MB, 3 MB, 128 KB, 64 KB, etc.) to obtain any desired level of data hierarchy. --- It is noted that table rows teaches a number of rows is stored; desired data sizes (e.g., 8 MB, 3 MB, 128 KB, 64 KB, etc.) teaches defined by a block size; the upper bound (e.g., a max) implies a length of said rows such that a maximum number of rows fits into said storage region).  The motivation for claim 1 is applicable for claim 2.
Regarding claim 3, Cotner in view of Dickie and Leshinsky teach the computer-implemented method according to claim 1, further comprising.  Cotner discloses upon determining for a query whether said access right of said user initiating said query is above or equal to said upper access security label … addressed by said query, executing said read query against all rows … and skipping a row security table examination (para. [0075]: The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. … If so, then the next condition is tested in operation 98. … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102).  Dickie discloses … a storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows).  The motivation for claim 1 is applicable for claim 3.
Regarding claim 4, Cotner in view of Dickie teaches: computer-implemented method according to claim 1.  Cotner further teaches wherein said access right of the user initiating said query is organized as level access right, category access right and/or cohort access right (para. [0037]: The SECURITY_LABEL column in the row identifies the security level of the data contained in the row, as well as security categories to which the row applies. --- It is noted that the security level of the data teaches level access right; security categories teaches category access right).
Regarding claim 10:  Cotner in view of Dickie and Leshinsky teach:
The computer-implemented method according to claim 1, also comprising:
Cotner further teaches:
omitting a storage range during reading as part of said query if at least one of said following conditions is met: a user's level is below a minimal level of said storage region (para. [0072]: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; para. [0075]: … i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. If not, the user is denied access to the row in operation 96; para. [0078]: The security label associated with the row is outside the range of values corresponding to the user's security label. In this case, the DBMS either ignores the row… --- it is noted that [when] the security label associated with the row is outside the range of values corresponding to the user's security label, the DBMS either ignores the row teaches if a user’s level is below a minimal level of said storage region, omitting said storage range during reading as part of said query), a user's category is not matched, or a user's cohort is not found in said storage region.
Regarding claim 11, Claim 11 recites a database system which corresponds to a computer-implemented method of claim 1, and additionally contains limitations “one or more computer processors; one or more computer readable storage devices; program instructions stored on the one or more computer readable storage devices for execution by at least one of the one or more computer processors”. However, Cotner further teaches: one or more computer processors (See Fig. 6 & para. [0060]: query processor 20); one or more computer readable storage devices (See Fig. 6 & para. [0061]: the data storage unit 24, the cache 66; also it is inherent that a processor includes or is connected with a program memory); program instructions stored on the one or more computer readable storage devices for execution by at least one of the one or more computer processors (See Fig. 6 & para. [0061]: The query processor 20 processes the received query in a conventional manner. --- It is noted that processes the received query teaches program instructions).
maintaining, as part of a control record .. (Cotner, paragraph 0036: 2. Each row within a secure table is associated with a security label, which can be a column within that security table. For example, that column can have a predetermined name (e.g. SECURITY_LABEL) or it can be identified through an SQL clause when the table is defined (e.g. AS SECURITY LABEL clause on the CREATE TABLE column definition). It will be understood that other techniques can be used to associate a security label with a row. --- It is noted that a security label teaches a control record; column can have a predetermined name (e.g. SECURITY_LABEL) teaches maintaining a control record), 
a lower access security label, representing a minimal user access right of any of said rows … (Cotner, paragraph 0075: The security label of the row has a value that is within a range of values that are accessible to the user; [0066]: a. The security level of the data contained in the row. This allows implementation of multilevel, hierarchical security schemes (e.g., TOP SECRET, SECRET, UNCLASSIFIED); para. [0073]: If the table does not have a SECURITY_LABEL column, then the query is processed in a conventional manner in operation 86 and the results of the query are returned to the user in operation 88. --- It is noted that for example, UNCLASSIFIED teaches a lower access security label; UNCLASSIFIED implies a minimal user access right of any of said rows), and 
an upper access security label representing a maximal user access right of any of said rows … (Cotner, paragraph 0075: The security label of the row has a value that is within a range of values that are accessible to the user; [0066]: a. The security level of the data contained in the row. This allows implementation of multilevel, hierarchical security schemes (e.g., TOP SECRET, SECRET, UNCLASSIFIED). --- It is noted that for example, TOP SECRET teaches an upper access security label; TOP SECRET implies a maximal user access right of any of said rows); and
wherein accessing said storage region comprising a plurality of rows comprises instantly determining the access to each row in said storage region  (Cotner, paragraph 0069, when user’s identity is ascertained, the DBMS automatically determines the security label for that user; paragraph 0035, such as with a lookup of the relational DBMS); 
modifying a way of filtering (Cotner, paragraph 0064, modifying a way of filtering includes purging a cache to permit changes to a user’s security level and to the security levels of rows in the data)  said storage region so said rows are partially omitted during reading based on a setting of said access of a user in comparison to said lower and said upper access security label of said control record (Cotner, paragraph 0075: a. The security label of the row has a value that is within a range of values that are accessible to the user. This is the case when the user's security dominates the row's security, both of the following conditions are true. i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. ii) … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102; paragraph 0032 and Fig. 2D: As shown in the SECURITY.TABLE 30 of FIG. 2C, SALLY's security label is “blue”, and accordingly, the resulting user view 32 includes only those rows of USER.TABLE 26 having a security label equal to the security label “blue”. --- It is noted that if the security label has a value that is within a range of values that are accessible to the user, then the DBMS returns the result to the user; here the results include only a part of the table contents, which teaches said rows are partially omitted during reading. Further noted that it is unclear what is meant by the feature “modifying said storage region so said rows are partially omitted); and
adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort (Cotner, paragraph 0066, adding a security label column to allow hierarchical security schemes, security categories; row-level security; paragraph 0069, security level of data);
modifying an administrative tasks responsible for (Cotner, paragraph 0064, “A user's security level and a row's security level are assumed to stay unchanged during the period when a query is performed. However, by purging the cache after each query, changes to both the user's security level and to the security levels of rows in the data can occur without having to invalidate information held in the cache.”);
modifying a way of reading one or more table content based on a new feature added the one or more zone maps (Cotner, paragraph 0085, “Referring to FIG. 8A, when the user, in operation 104, requests an update to data in a row of a database table, either a change to the data in the row or inserting a row, the user is identified and the user's security level and security categories are determined in operation 106. A request is prepared in operation 108 that includes the row update as well as the user's security level and categories. That request is then sent to the DBMS in operation 110.”);
upon determining, for a query, whether said access right of a user initiating said query is below said lower access security label of a storage region addressed by said query, skip said storage … during a read execution of said query (Cotner, paragraph 0072: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; paragraph 0075: … i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. If not, the user is denied access to the row in operation 96; paragraph 0078: The security label associated with the row is outside the range of values corresponding to the user's security label. In this case, the DBMS either ignores the row… --- it is noted that a query teaches a query; a user prepares a query for submission teaches a user initiating said query; the user’s access right teaches an access right of a user; the user’s access right are determined teaches upon determining; [when] the security label associated with the row is outside the range of values corresponding to the user's security label, the DBMS either ignores the row teaches [when] an access right of a user is below said lower access security label of a storage, skipping said storage during a read execution of said query).
However, Dickie, in an analogous art, discloses 
… as part of a control record for each storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. --- It is noted that each region teaches each storage region; metadata about each region corresponds to a control record for each storage region); 
… rows in said storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. --- It is noted that to filter table rows [of] each region of table storage teaches rows in said storage region);
… in comparison to … said control record of said specific storage region (para. [0012]: For example, if a storage region is known to contain records with column values between 100 and 200 (i.e., col 1 {100, 200}), … if a query has a value from 100 to 200, including the values of 100 and 200, then that storage region may be read and searched. In this regard, a range map may identify upper and lower range values or bounds for data within a given storage region. --- It is noted that if a query has a value from 100 to 200, then that storage region may be read and searched, which teaches in comparison to said control record of said specific storage); and
… skipping said storage region … (para. [0013]: In this regard, a range map may be used to define regions that do not have to be read and searched in response to a query. For example, the query may require a surname of “Smith”. Thus, when a surname is part of a query, the surname “Smith”, by virtue of a range map, can be used to eliminate those storage regions that do not contain “Smith” based on the “Smith” query value and the range maps; para. [0005]: For example, if a storage region is known to contain records with column values between 100 and 200 (e.g., as stored in the range map metadata), then when a query with range values outside of that known range (e.g., a query with a value of 500) is evaluated, the evaluation can eliminate that storage region. --- It is noted that eliminate that storage region teaches skipping said storage region).
In this regard, Dickie describes that some database management systems maintain metadata about each storage region in the form of range values or range maps that define minimum and maximum ranges in a given storage region in order to filter storage regions before actually reading and searching the stored data. (See para. [0005])
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cotner’s system by enhancing Cotner’s method/system/ computer program product to define and maintain minimum and maximum ranges of the security label of tables which include rows, as taught by Dickie, in order to filter tables before actually reading and searching the rows in the tables.
The motivation is to minimize processing requirements and elapsed time overhead associated with making row-level security checks (Cotner, para. [0009]) by eliminating storage regions from reading according to the user's security label.
Cotner and Dickie disclose adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort; modifying an administrative tasks responsible for; but do not explicitly disclose adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field; modifying an administrative tasks responsible for calculating the one or more zone maps; modifying a user description inside a database dictionary.
However, in an analogous art, Leshinsky discloses adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field (Leshinsky, paragraph 0078, control log records/ zone maps generated by storage system that involve control information expected to be invisible); 
modifying an administrative tasks responsible for calculating the one or more zone maps (Leshinsky, paragraph 0078, control log records/ zone maps generated by storage system); 
modifying a user description inside a database dictionary (Leshinsky, paragraph 0127, metadata describing the database, such as data dictionaries, user data space as logical arrangement of user data in a volume, the log maintained for the data volume includes changes or updates to the data).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Leshinsky with the method/ database system/ computer program product of Cotner and Dickie to include adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field; modifying an administrative tasks responsible for calculating the one or more zone maps; modifying a user description inside a database dictionary.
One would have been motivated to provide users with the benefits of receiving updates to the log for the data volume made consistent across the log for the entire data volume without communicating the log record to other protection groups in the distributed storage system, reducing latency for committing updates to the log (Leshinsky, paragraph 0136).
Regarding claim 12, Cotner in view of Dickie and Leshinsky teach: The database system according to claim 11.  Dickie discloses ( Dickie, paragraph 0012,: … Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. The metadata may contain value ranges or range maps that indicate minimum (min) and maximum (max) values for a given column (col) variable. Accordingly, the metadata may be of the form: col 1 {min value, max value}. For example, if a storage region is known to contain records with column values between 100 and 200 (i.e., col 1 {100, 200}), then a query restricted to records with column values greater than 500 will not read that storage region. However, if a query has a value from 100 to 200, including the values of 100 and 200, then that storage region may be read and searched. In this regard, a range map may identify upper and lower range values or bounds for data within a given storage region. The upper and lower bound may be conservative or inclusive of that bound. In one example, for a given storage region, values that are less than or equal to the upper bound (e.g., a max) in storage region's metadata, and greater than or equal to the lower hound (e.g., a min), may be found in that storage region; paragraph 0044: The range map hierarchy may be based on any number of levels of granularity (e.g., extents, pages, sets of rows, etc.) and may employ any desired data sizes for the hierarchy (e.g., 8 MB, 3 MB, 128 KB, 64 KB, etc.) to obtain any desired level of data hierarchy. --- It is noted that table rows teaches a number of rows is stored; desired data sizes (e.g., 8 MB, 3 MB, 128 KB, 64 KB, etc.) teaches defined by a block size; the upper bound (e.g., a max) implies a length of said rows such that a maximum number of rows fits into said storage region).  The motivation for claim 11 is applicable for claim 22.
Regarding claim 13, Cotner in view of Dickie and Leshinsky teach the database system according to claim 11, further comprising.  Cotner discloses upon determining for a query whether said access right of said user initiating said query is above or equal to said upper access security label … addressed by said query, executing said read query against all rows … and skipping a row security table examination (para. [0075]: The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. … If so, then the next condition is tested in operation 98. … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102).  Dickie discloses … a storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows).  The motivation for claim 11 is applicable for claim 13.
Regarding claim 14, Cotner in view of Dickie and Leshinsky teach the database system according to claim 11.  Cotner further teaches wherein said access right of the user initiating said query is organized as level access right, category access right and/or cohort access right (Cotner, para. [0037]: The SECURITY_LABEL column in the row identifies the security level of the data contained in the row, as well as security categories to which the row applies. --- It is noted that the security level of the data teaches level access right; security categories teaches category access right).
Regarding claim 20, Claim 20 recites a computer program product which corresponds to a computer-implemented method of claim 1, and additionally contains program instructions and one or more computing systems or controllers. However, Cotner teaches program instructions and one or more computing systems or controllers (FIG. 1 & para. [0026]: the web server includes a single DBMS 18 that services each of the web sites. --- It is noted that the web server teaches one or more computing systems; it is inherent that the web server contains program instructions).
maintaining, as part of a control record .. (Cotner, paragraph 0036: 2. Each row within a secure table is associated with a security label, which can be a column within that security table. For example, that column can have a predetermined name (e.g. SECURITY_LABEL) or it can be identified through an SQL clause when the table is defined (e.g. AS SECURITY LABEL clause on the CREATE TABLE column definition). It will be understood that other techniques can be used to associate a security label with a row. --- It is noted that a security label teaches a control record; column can have a predetermined name (e.g. SECURITY_LABEL) teaches maintaining a control record), 
a lower access security label, representing a minimal user access right of any of said rows … (Cotner, paragraph 0075: The security label of the row has a value that is within a range of values that are accessible to the user; [0066]: a. The security level of the data contained in the row. This allows implementation of multilevel, hierarchical security schemes (e.g., TOP SECRET, SECRET, UNCLASSIFIED); para. [0073]: If the table does not have a SECURITY_LABEL column, then the query is processed in a conventional manner in operation 86 and the results of the query are returned to the user in operation 88. --- It is noted that for example, UNCLASSIFIED teaches a lower access security label; UNCLASSIFIED implies a minimal user access right of any of said rows), and 
an upper access security label representing a maximal user access right of any of said rows … (Cotner, paragraph 0075: The security label of the row has a value that is within a range of values that are accessible to the user; [0066]: a. The security level of the data contained in the row. This allows implementation of multilevel, hierarchical security schemes (e.g., TOP SECRET, SECRET, UNCLASSIFIED). --- It is noted that for example, TOP SECRET teaches an upper access security label; TOP SECRET implies a maximal user access right of any of said rows); and
wherein accessing said storage region comprising a plurality of rows comprises instantly determining the access to each row in said storage region  (Cotner, paragraph 0069, when user’s identity is ascertained, the DBMS automatically determines the security label for that user; paragraph 0035, such as with a lookup of the relational DBMS); 
modifying a way of filtering (Cotner, paragraph 0064, modifying a way of filtering includes purging a cache to permit changes to a user’s security level and to the security levels of rows in the data)  said storage region so said rows are partially omitted during reading based on a setting of said access of a user in comparison to said lower and said upper access security label of said control record (Cotner, paragraph 0075: a. The security label of the row has a value that is within a range of values that are accessible to the user. This is the case when the user's security dominates the row's security, both of the following conditions are true. i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. ii) … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102; paragraph 0032 and Fig. 2D: As shown in the SECURITY.TABLE 30 of FIG. 2C, SALLY's security label is “blue”, and accordingly, the resulting user view 32 includes only those rows of USER.TABLE 26 having a security label equal to the security label “blue”. --- It is noted that if the security label has a value that is within a range of values that are accessible to the user, then the DBMS returns the result to the user; here the results include only a part of the table contents, which teaches said rows are partially omitted during reading. Further noted that it is unclear what is meant by the feature “modifying said storage region so said rows are partially omitted); and
adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort (Cotner, paragraph 0066, adding a security label column to allow hierarchical security schemes, security categories; row-level security; paragraph 0069, security level of data);
modifying an administrative tasks responsible for (Cotner, paragraph 0064, “A user's security level and a row's security level are assumed to stay unchanged during the period when a query is performed. However, by purging the cache after each query, changes to both the user's security level and to the security levels of rows in the data can occur without having to invalidate information held in the cache.”);
modifying a way of reading one or more table content based on a new feature added the one or more zone maps (Cotner, paragraph 0085, “Referring to FIG. 8A, when the user, in operation 104, requests an update to data in a row of a database table, either a change to the data in the row or inserting a row, the user is identified and the user's security level and security categories are determined in operation 106. A request is prepared in operation 108 that includes the row update as well as the user's security level and categories. That request is then sent to the DBMS in operation 110.”);
upon determining, for a query, whether said access right of a user represented by a user identification with a user security profile[[,]] (Cotner, paragraph 0069, user’s security label contains the security level of the data the user is authorized to access and the security categories the user is associated with and authorized to access) initiating said query is below said lower access security label of a storage region addressed by said query, skipping said storage … during a read execution of said query (Cotner, paragraph 0072: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; paragraph 0075: … i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. If not, the user is denied access to the row in operation 96; paragraph 0078: The security label associated with the row is outside the range of values corresponding to the user's security label. In this case, the DBMS either ignores the row… --- it is noted that a query teaches a query; a user prepares a query for submission teaches a user initiating said query; the user’s access right teaches an access right of a user; the user’s access right are determined teaches upon determining; [when] the security label associated with the row is outside the range of values corresponding to the user's security label, the DBMS either ignores the row teaches [when] an access right of a user is below said lower access security label of a storage, skipping said storage during a read execution of said query).
However, Dickie, in an analogous art, discloses 
… as part of a control record for each storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. --- It is noted that each region teaches each storage region; metadata about each region corresponds to a control record for each storage region); 
… rows in said storage region … (para. [0012]: Some database management systems (DBMSs) maintain metadata about each region of table storage in order to filter table rows before actually reading the data stored in those rows. --- It is noted that to filter table rows [of] each region of table storage teaches rows in said storage region);
… in comparison to … said control record of said specific storage region (para. [0012]: For example, if a storage region is known to contain records with column values between 100 and 200 (i.e., col 1 {100, 200}), … if a query has a value from 100 to 200, including the values of 100 and 200, then that storage region may be read and searched. In this regard, a range map may identify upper and lower range values or bounds for data within a given storage region. --- It is noted that if a query has a value from 100 to 200, then that storage region may be read and searched, which teaches in comparison to said control record of said specific storage); and
… skipping said storage region … (para. [0013]: In this regard, a range map may be used to define regions that do not have to be read and searched in response to a query. For example, the query may require a surname of “Smith”. Thus, when a surname is part of a query, the surname “Smith”, by virtue of a range map, can be used to eliminate those storage regions that do not contain “Smith” based on the “Smith” query value and the range maps; para. [0005]: For example, if a storage region is known to contain records with column values between 100 and 200 (e.g., as stored in the range map metadata), then when a query with range values outside of that known range (e.g., a query with a value of 500) is evaluated, the evaluation can eliminate that storage region. --- It is noted that eliminate that storage region teaches skipping said storage region).
In this regard, Dickie describes that some database management systems maintain metadata about each storage region in the form of range values or range maps that define minimum and maximum ranges in a given storage region in order to filter storage regions before actually reading and searching the stored data. (See para. [0005])
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cotner’s system by enhancing Cotner’s method/system/ computer program product to define and maintain minimum and maximum ranges of the security label of tables which include rows, as taught by Dickie, in order to filter tables before actually reading and searching the rows in the tables.
The motivation is to minimize processing requirements and elapsed time overhead associated with making row-level security checks (Cotner, para. [0009]) by eliminating storage regions from reading according to the user's security label.
Cotner and Dickie disclose adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort; modifying an administrative tasks responsible for; but do not explicitly disclose adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field; modifying an administrative tasks responsible for calculating the one or more zone maps; modifying a user description inside a database dictionary.
However, in an analogous art, Leshinsky discloses adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field (Leshinsky, paragraph 0078, control log records/ zone maps generated by storage system that involve control information expected to be invisible); 
modifying an administrative tasks responsible for calculating the one or more zone maps (Leshinsky, paragraph 0078, control log records/ zone maps generated by storage system); 
modifying a user description inside a database dictionary (Leshinsky, paragraph 0127, metadata describing the database, such as data dictionaries, user data space as logical arrangement of user data in a volume, the log maintained for the data volume includes changes or updates to the data).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Leshinsky with the method/ database system/ computer program product of Cotner and Dickie to include adding a new feature to the one or more zone maps of a storage region for each multi-level security dimension levels, category, and cohort, wherein the new data field is an invisible field; modifying an administrative tasks responsible for calculating the one or more zone maps; modifying a user description inside a database dictionary.
One would have been motivated to provide users with the benefits of receiving updates to the log for the data volume made consistent across the log for the entire data volume without communicating the log record to other protection groups in the distributed storage system, reducing latency for committing updates to the log (Leshinsky, paragraph 0136).

Claims 5-7, 9, 15-17 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Cotner et al. (US 2017/0053133 A1; hereinafter, “Cotner”) in view of Dickie et al. (US 2015/0095299 A1; hereinafter, “Dickie”), and Leshinsky (US20170132091), filed January 23, 2017, and further in view of Egawa et al. (JP 2006/163586 A; hereinafter, “Egawa”).
Regarding claim 5, Cotner in view of Dickie and Leshinsky teach: the computer-implemented method according to claim 4.
Cotner, Dickie, and Leshinsky do not explicitly disclose wherein said level access right is maintained as an integer value.
However, in an analogous art, Egawa teaches: wherein said level access right is maintained as an integer value (FIG. 3 & page 3 of English translation: Further, the storage unit 12 stores a type access right database that holds information on whether access is permitted for each access mode determined in advance for each type of user. Specifically, as shown in FIG. 3, information (access level value) indicating whether access is possible for each access mode of the user of the type is recorded in association with the type identifier as information for specifying the type. --- It is noted that access level value (i.e., 1, 2, and 3) in FIG. 3 teaches level access right is maintained as an integer value).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cotner in view of Dickie’s system by enhancing Cotner in view of Dickie’s method/system/ computer program product to indicate the user's security label as an integer value, as taught by Egawa, in order to represent the access right of users as a relative magnitude.
The motivation is to minimize processing time in determining whether or not a user has an access right to a storage region by using simple integer values for the user's security label.
Regarding claim 6, Cotner, Dickie, Leshinsky, and Egawa disclose the computer-implemented method according to claim 5.
Cotner further teaches … wherein said access rights of a user initiating said query must match … in order to access said related row (Cotner, paragraph 0072: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; para. [0075]: The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. … If so, then the next condition is tested in operation 98. … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102. --- it is noted that a query teaches a query; a user prepares a query for submission teaches a user initiating said query; the user’s access right teaches an access right of a user; [when] the security label associated with the row is equal to the security level indicated by the row's security label, the DBMS processes the row and retrieves the requested data values teaches said user access rights must match in order to access said related row).  Egawa teaches: wherein said category access right is a set of all-of-tag implemented as a bitmap, … match all bits of said bitmap … (page 3: When a plurality of group identifiers are acquired in process S1, the maximum value (or the logical sum of the values when the access right is expressed by a bit value) is acquired from the access level values corresponding to each group identifier; page 4: The control unit 11 compares the GAL and the MAL, and acquires the one with the smaller access level value (in the case of bit representation, the logical product is used) (S5). The control unit 11 determines whether or not access in the access mode related to the access request is possible based on the access level value acquired in step S5. --- It is noted that the access right is expressed by a bit value teaches category access right is a set of all-of-tag implemented as a bitmap; the logical product and logical sum of the values is used to determine whether or not access teaches user access rights match all bits of said bitmap in order to access). The motivation is to minimize processing time in determining whether or not a user has an access right to a storage region by using simple bitmap representation for the user's security label.
Regarding claim 7, Cotner, Dickie, Leshinsky, and Egawa disclose the computer-implemented method according to claim 6.  Cotner further teaches:  wherein said cohort access right is … (Cotner, paragraph 0053: A hierarchical security scheme is illustrated, conceptually, in FIG. 4. … These security levels, namely the color names, are similar to the security label shown in FIG. 2A used in a conventional database. However, the scheme shown in FIG. 4 is a hierarchical security scheme in which security levels are grouped together to create different levels of security in a multilevel security system. For example, the security level 56 bearing the label “sunset” includes all the access privileges for the lower level security labels within its branch, namely, red, orange and yellow. Accordingly, the security label sunset is located at a higher level in the security scheme than the security labels red, orange and yellow. --- It is noted that for example, the label “sunset” teaches cohort access right; further noted that the claim does not specify what cohort access right, thus for the sake of examination, it is interpreted as an access right for hierarchical data), wherein said access rights of the user initiating said query must match … in order to access said related row (para. [0072]: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; para. [0075]: The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. … If so, then the next condition is tested in operation 98. … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102. --- it is noted that a query teaches a query; a user prepares a query for submission teaches a user initiating said query; the user’s access right teaches an access right of a user; [when] the security label associated with the row is equal to the security level indicated by the row's security label, the DBMS processes the row and retrieves the requested data values teaches said user access rights must match in order to access said related row).  Egawa teaches: wherein said … access right is a set … as said bitmap …, match at least one bits of said bitmap … (Egawa, page 3: When a plurality of group identifiers are acquired in process S1, the maximum value (or the logical sum of the values when the access right is expressed by a bit value) is acquired from the access level values corresponding to each group identifier; page 4: The control unit 11 compares the GAL and the MAL, and acquires the one with the smaller access level value (in the case of bit representation, the logical product is used) (S5). The control unit 11 determines whether or not access in the access mode related to the access request is possible based on the access level value acquired in step S5. --- It is noted that the access right is expressed by a bit value teaches category access right is a set of all-of-tag implemented as a bitmap; the logical product and logical sum of the values is used to determine whether or not access teaches user access rights match at least one bits of said bitmap in order to access).  The motivation for claim 6 is applicable for claim 7.
Regarding claim 9, Cotner, Dickie, and Leshinsky disclose the computer-implemented method according to claim 1, further comprising.  Cotner further teaches maintaining said access right of the user initiating said query of the user by maintaining a level value (Cotner, paragraph 0030: A security table (SECURITY.TABLE) 30 relates a user ID (USERID) with a security label (SECLABEL) such as security labels “red”, “blue”, or “green.” --- It is noted that security table (SECURITY.TABLE) 30 teaches access rights of the user; security labels “red”, “blue”, or “green” teaches a level value), a category mask, comprising a … summary of all categories assigned to the user (Cotner, paragraph 0034: The security label also identifies security categories within that security level that the user is allowed to access … For example, a given user might be allowed to view data designated by certain security levels, such as the security levels: TOP SECRET, SECRET, and UNCLASSIFIED. --- It is noted that security label identifying security categories teaches a category mask; the security levels: TOP SECRET, SECRET, and UNCLASSIFIED teaches summary of all categories assigned to the user), and a cohort mask, comprising a … summary of all cohorts assigned to the user (Cotner, paragraph 0053]: A hierarchical security scheme is illustrated, conceptually, in FIG. 4. … These security levels, namely the color names, are similar to the security label shown in FIG. 2A used in a conventional database. However, the scheme shown in FIG. 4 is a hierarchical security scheme in which security levels are grouped together to create different levels of security in a multilevel security system. For example, the security level 56 bearing the label “sunset” includes all the access privileges for the lower level security labels within its branch, namely, red, orange and yellow. Accordingly, the security label sunset is located at a higher level in the security scheme than the security labels red, orange and yellow; para. [0057]: For example the user “BOSS 1” has access privileges defined in table 64 by the label “rainbow” in row 64 b, thereby giving that user a higher degree of access. --- It is noted that access privileges defined in table 64 teaches a cohort mask comprising a summary of all cohorts assigned to the user).
Cotner, Dickie, and Leshinsky do not explicitly disclose … a bitmap summary of all categories …, and … a bitmap summary of all cohorts …
However, in an analogous art, Egawa teaches:
… a bitmap summary of all categories …, and … a bitmap summary of all cohorts … (Egawa, page 3: When a plurality of group identifiers are acquired in process S1, the maximum value (or the logical sum of the values when the access right is expressed by a bit value) is acquired from the access level values corresponding to each group identifier; page 4: The control unit 11 compares the GAL and the MAL, and acquires the one with the smaller access level value (in the case of bit representation, the logical product is used) (S5). The control unit 11 determines whether or not access in the access mode related to the access request is possible based on the access level value acquired in step S5. --- It is noted that the access right is expressed by a bit value teaches a bitmap summary of all categories and cohorts).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cotner in view of Dickie and Leshinsky’s system by enhancing Cotner in view of Dickie and Leshinsky’s method/system/ computer program product to indicate the user's security label as a bit representation, as taught by Egawa, in order to allow the access right of users to be determined by a logical calculation.
The motivation is to minimize processing time in determining whether or not a user has an access right to a storage region by using simple bitmap representation for the user's security label.

Regarding claim 15, Cotner in view of Dickie and Leshinsky teaches the database system according to claim 14.
Cotner, Dickie, and Leshinsky do not explicitly disclose wherein said level access right is maintained as an integer value.
However, in an analogous art, Egawa teaches: wherein said level access right is maintained as an integer value (FIG. 3 & page 3 of English translation: Further, the storage unit 12 stores a type access right database that holds information on whether access is permitted for each access mode determined in advance for each type of user. Specifically, as shown in FIG. 3, information (access level value) indicating whether access is possible for each access mode of the user of the type is recorded in association with the type identifier as information for specifying the type. --- It is noted that access level value (i.e., 1, 2, and 3) in FIG. 3 teaches level access right is maintained as an integer value).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cotner in view of Dickie’s system by enhancing Cotner in view of Dickie’s method/system/ computer program product to indicate the user's security label as an integer value, as taught by Egawa, in order to represent the access right of users as a relative magnitude.
The motivation is to minimize processing time in determining whether or not a user has an access right to a storage region by using simple integer values for the user's security label.
Regarding claim 16, Cotner, Dickie, Leshinsky, and Egawa disclose the database system according to claim 15.
Cotner further teaches … wherein said access rights of a user initiating said query must match … in order to access said related row (Cotner, paragraph 0072: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; para. [0075]: The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. … If so, then the next condition is tested in operation 98. … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102. --- it is noted that a query teaches a query; a user prepares a query for submission teaches a user initiating said query; the user’s access right teaches an access right of a user; [when] the security label associated with the row is equal to the security level indicated by the row's security label, the DBMS processes the row and retrieves the requested data values teaches said user access rights must match in order to access said related row).  Egawa teaches: wherein said category access right is a set of all-of-tag implemented as a bitmap, … match all bits of said bitmap … (page 3: When a plurality of group identifiers are acquired in process S1, the maximum value (or the logical sum of the values when the access right is expressed by a bit value) is acquired from the access level values corresponding to each group identifier; page 4: The control unit 11 compares the GAL and the MAL, and acquires the one with the smaller access level value (in the case of bit representation, the logical product is used) (S5). The control unit 11 determines whether or not access in the access mode related to the access request is possible based on the access level value acquired in step S5. --- It is noted that the access right is expressed by a bit value teaches category access right is a set of all-of-tag implemented as a bitmap; the logical product and logical sum of the values is used to determine whether or not access teaches user access rights match all bits of said bitmap in order to access). The motivation is to minimize processing time in determining whether or not a user has an access right to a storage region by using simple bitmap representation for the user's security label.
Regarding claim 17, Cotner, Dickie, Leshinsky, and Egawa disclose the database system according to claim 16.  Cotner further teaches:  wherein said cohort access right is … (Cotner, paragraph 0053: A hierarchical security scheme is illustrated, conceptually, in FIG. 4. … These security levels, namely the color names, are similar to the security label shown in FIG. 2A used in a conventional database. However, the scheme shown in FIG. 4 is a hierarchical security scheme in which security levels are grouped together to create different levels of security in a multilevel security system. For example, the security level 56 bearing the label “sunset” includes all the access privileges for the lower level security labels within its branch, namely, red, orange and yellow. Accordingly, the security label sunset is located at a higher level in the security scheme than the security labels red, orange and yellow. --- It is noted that for example, the label “sunset” teaches cohort access right; further noted that the claim does not specify what cohort access right, thus for the sake of examination, it is interpreted as an access right for hierarchical data), wherein said access rights of the user initiating said query must match … in order to access said related row (Cotner, paragraph 0072: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; paragraph 0075: The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. … If so, then the next condition is tested in operation 98. … If that is the case, the DBMS processes the row and retrieves the requested data values and returns the result to the user in operation 102. --- it is noted that a query teaches a query; a user prepares a query for submission teaches a user initiating said query; the user’s access right teaches an access right of a user; [when] the security label associated with the row is equal to the security level indicated by the row's security label, the DBMS processes the row and retrieves the requested data values teaches said user access rights must match in order to access said related row).  Egawa teaches: wherein said … access right is a set … as said bitmap …, match at least one bits of said bitmap … (Egawa, page 3: When a plurality of group identifiers are acquired in process S1, the maximum value (or the logical sum of the values when the access right is expressed by a bit value) is acquired from the access level values corresponding to each group identifier; page 4: The control unit 11 compares the GAL and the MAL, and acquires the one with the smaller access level value (in the case of bit representation, the logical product is used) (S5). The control unit 11 determines whether or not access in the access mode related to the access request is possible based on the access level value acquired in step S5. --- It is noted that the access right is expressed by a bit value teaches category access right is a set of all-of-tag implemented as a bitmap; the logical product and logical sum of the values is used to determine whether or not access teaches user access rights match at least one bits of said bitmap in order to access).  The motivation for claim 6 is applicable for claim 7.
Regarding claim 19, Cotner, Dickie, and Leshinsky disclose further comprising: program instructions to the database system according to claim 11. Cotner further teaches to maintain said access right of the user initiating said query of the user by maintaining a level value (Cotner, paragraph 0030: A security table (SECURITY.TABLE) 30 relates a user ID (USERID) with a security label (SECLABEL) such as security labels “red”, “blue”, or “green.” --- It is noted that security table (SECURITY.TABLE) 30 teaches access rights of the user; security labels “red”, “blue”, or “green” teaches a level value), a category mask, comprising a … summary of all categories assigned to the user (Cotner, paragraph 0034: The security label also identifies security categories within that security level that the user is allowed to access … For example, a given user might be allowed to view data designated by certain security levels, such as the security levels: TOP SECRET, SECRET, and UNCLASSIFIED. --- It is noted that security label identifying security categories teaches a category mask; the security levels: TOP SECRET, SECRET, and UNCLASSIFIED teaches summary of all categories assigned to the user), and a cohort mask, comprising a … summary of all cohorts assigned to the user (Cotner, paragraph 0053: A hierarchical security scheme is illustrated, conceptually, in FIG. 4. … These security levels, namely the color names, are similar to the security label shown in FIG. 2A used in a conventional database. However, the scheme shown in FIG. 4 is a hierarchical security scheme in which security levels are grouped together to create different levels of security in a multilevel security system. For example, the security level 56 bearing the label “sunset” includes all the access privileges for the lower level security labels within its branch, namely, red, orange and yellow. Accordingly, the security label sunset is located at a higher level in the security scheme than the security labels red, orange and yellow; paragraph 0057: For example the user “BOSS 1” has access privileges defined in table 64 by the label “rainbow” in row 64 b, thereby giving that user a higher degree of access. --- It is noted that access privileges defined in table 64 teaches a cohort mask comprising a summary of all cohorts assigned to the user); omitting a storage range during reading as part of said query if at least one of said following conditions is met: a user's level is below a minimal level of said storage region (Cotner, paragraph 0072: … A user, in operation 72, prepares a query for submission to a DBMS that has a table that includes a SECURITY_LABEL column. …  The user's security level and security categories are determined in operation 74 using the techniques described earlier; paragraph 0075: … i) The security level indicated by the user's security label is greater than or equal to the security level indicated by the row's security label, as determined in operation 94. If not, the user is denied access to the row in operation 96; paragraph 0078: The security label associated with the row is outside the range of values corresponding to the user's security label. In this case, the DBMS either ignores the row… --- it is noted that [when] the security label associated with the row is outside the range of values corresponding to the user's security label, the DBMS either ignores the row teaches if a user’s level is below a minimal level of said storage region, omitting said storage range during reading as part of said query), a user's category is not matched, or a user's cohort is not found in said storage region.
Cotner, Dickie,  and Leshinsky do not explicitly disclose … a bitmap summary of all categories …, and … a bitmap summary of all cohorts …
However, in an analogous art, Egawa discloses … a bitmap summary of all categories …, and … a bitmap summary of all cohorts … (Egawa, page 3: When a plurality of group identifiers are acquired in process S1, the maximum value (or the logical sum of the values when the access right is expressed by a bit value) is acquired from the access level values corresponding to each group identifier; page 4: The control unit 11 compares the GAL and the MAL, and acquires the one with the smaller access level value (in the case of bit representation, the logical product is used) (S5). The control unit 11 determines whether or not access in the access mode related to the access request is possible based on the access level value acquired in step S5. --- It is noted that the access right is expressed by a bit value teaches a bitmap summary of all categories and cohorts).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Cotner in view of Dickie and Leshinsky’s system by enhancing Cotner in view of Dickie and Leshinsky’s method/system/ computer program product to indicate the user's security label as a bit representation, as taught by Egawa, in order to allow the access right of users to be determined by a logical calculation.
The motivation is to minimize processing time in determining whether or not a user has an access right to a storage region by using simple bitmap representation for the user's security label.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WALTER J MALINOWSKI whose telephone number is (571)272-5368. The examiner can normally be reached 8-6:30 MTWH.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/W.J.M/Examiner, Art Unit 2439  



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439