Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed 7/27/2022 in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  
Applicant’s submission filed on 7/5/2022, for application 16/286,979 has been entered.
As per instant Amendment, Claims 1, 12, and 20 have been amended. Claims 1, 12, and 20 are independent claims.  Claims 1-20 have been examined and are pending. This Action is made Non-FINAL. 
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 7/27/2022 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement has been considered by the examiner.


Response to Arguments
Applicants’ arguments, see Applicant Arguments/Remarks Made in an Amendment, filed 7/5/2022, with respect to the rejections of claims 1-20 have been fully considered but are not persuasive.
 Response to Office Action of February 7, 2022Applicant argues as follows:  Applicant respectfully submits that the prior art as cited fails to disclose at least "searching a relationship database separate from the object database for one or more child relationships of the primary object, wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database" and "filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship," as recited in amended claim 1 and similarly recited in amended claims 12 and 20. (Emphasis on Amendment).   Gass teaches a system that augments SQL queries to a relational database with RLS policies that apply to the relational database. Specifically, SQL queries are received to view data within a relational database, and the RLS policy is used to augment the SQL queries such that the data returned to the queries complies with the RLS policy. Gass also describes that different users may be able to view different data under the RLS policy. Importantly, the RLS policy applies to the relational database and, as cited, is only applied to control access to data within the relational database. 
 Examiner respectfully notes that because of Applicant’s amendment of the claims, the independent claims are now rejected by Dolan in view of Gass and Appala.  Regarding claim 1, Dolan discloses, in paragraphs 0007 and 0030, an object database searching a relationship database separate from the object database for in paragraphs 0007 and 0030, one or more child relationships wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database; in paragraph 0031, 0025, and 0038, identifying, within the object database, a child object based on the one or more valid child relationships.  Gass discloses, in paragraph 0053, creating a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises; in paragraph 0038, (i) an access control list specifying row-level access permissions; in paragraphs 0061 and 0038, and (ii) a first plurality of SQL statements implementing the access control list; in paragraph 0060, searching a relationship database for one or more child relationships of the primary object; in paragraphs 0053, filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship; in paragraphs 0039 and 0038, identifying a child object of the primary object based on the one or more valid child relationships.  Appala discloses, in paragraph 0033, receiving a request to extend the RLS policy to the child object and, in paragraph 0033, extending the RLS policy to the child object.
Applicant argues as follows:  The Office Action asserts that Gass's above-described RLS policy teaches the claimed "row-level security (RLS) policy for a primary object stored in an object database." Office Action at 8. The Office Action also asserts that this behavior teaches "searching a relationship database separate from the object database for one or more child relationships" and "filtering the one or more child relationships to identify one or more valid child relationships." Id. at 9-10. Applicant initially asserts that operations on Gass's relational database cannot disclose actions performed on both the claimed object database and the relationship database, at least because the claims are clear that the "relationship database [is] separate from the object database." 
Examiner respectfully disagrees.  Dolan discloses, in paragraphs 0007 and 0030, an object database searching a relationship database separate from the object database for in paragraphs 0007 and 0030.
Applicant argues as follows:  Furthermore, Gass as cited does not describe filtering relationships. The Office Action argues that the different levels of access for different users corresponds to filtered child relationships. However, this disclosure of different levels of access is simply the result of applying the RLS policy and does not depend on filtering any child relationships. 
Examiner respectfully disagrees.  Gass discloses, in paragraph 0053, creating a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises; in paragraph 0038, (i) an access control list specifying row-level access permissions; in paragraphs 0061 and 0038, and (ii) a first plurality of SQL statements implementing the access control list; in paragraph 0060, searching a relationship database for one or more child relationships of the primary object; in paragraphs 0053 and 0233, filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship; in paragraphs 0039 and 0038, identifying a child object of the primary object based on the one or more valid child relationships.  
Applicant argues as follows:  Indeed, Gass does not describe a relationship database separate from the object database. As explained above, the cited operations in Gass are performed on a single relational database 
    PNG
    media_image1.png
    7
    11
    media_image1.png
    Greyscale
according to an RLS that applies to the relational database. To clarify Gass's lack of a relationship10 Appl. No. 16/286,979 Response to Office Action of February 7, 2022database, the claims have been amended to clarify that "the relationship database stores relationship data for relationships between objects within the object database," and that "the relationship data is separate from data stored within the object database." Gass does not describe a separate database storing relationship data for objects within the relational database and thus does not disclose "searching a relationship database separate from the object database for one or more child relationships of the primary object." 
Examiner respectfully disagrees.  Dolan discloses, in paragraphs 0007 and 0030, an object database searching a relationship database separate from the object database for in paragraphs 0007 and 0030, one or more child relationships wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database; in paragraph 0031, 0025, and 0038, identifying, within the object database, a child object based on the one or more valid child relationships.  
Applicant argues as follows:  Because Gass does not disclose a relationship database that can be searched for child relationships as claimed, it similarly cannot disclose "filtering the one or more child relationships to identify one or more valid child relationships." 
Examiner respectfully disagrees.  Dolan discloses, in paragraphs 0007 and 0030, an object database searching a relationship database separate from the object database for in paragraphs 0007 and 0030, one or more child relationships wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database; in paragraph 0031, 0025, and 0038, identifying, within the object database, a child object based on the one or more valid child relationships.  
Applicant argues as follows:  Therefore, for at least these reasons, Gass does not disclose at least "searching a relationship database separate from the object database for one or more child relationships of the primary object, wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database" and "filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship," as recited in amended claim 1 and similarly recited in amended claims 12 and 20. 
Examiner respectfully disagrees.   Regarding claim 1, Dolan discloses, in paragraphs 0007 and 0030, an object database searching a relationship database separate from the object database for in paragraphs 0007 and 0030, one or more child relationships wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database; in paragraph 0031, 0025, and 0038, identifying, within the object database, a child object based on the one or more valid child relationships.  Gass discloses, in paragraph 0053, creating a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises; in paragraph 0038, (i) an access control list specifying row-level access permissions; in paragraphs 0061 and 0038, and (ii) a first plurality of SQL statements implementing the access control list; in paragraph 0060, searching a relationship database for one or more child relationships of the primary object; in paragraphs 0053, filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship; in paragraphs 0039 and 0038, identifying a child object of the primary object based on the one or more valid child relationships.  Appala discloses, in paragraph 0033, receiving a request to extend the RLS policy to the child object and, in paragraph 0033, extending the RLS policy to the child object.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 272 5368 to schedule an interview. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically discloses as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1, 2, 12, 13, and 12 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, and Appala (US20190215303), filed January 10, 2018.
Regarding claim 1, Dolan discloses an object database searching a relationship database separate from the object database for (Dolan, paragraph 0007, querying object database to obtain at least one object from the set of objects, relationship database stores relationship for each object; paragraph 0030, object database 512 and relationship database 513 are separate from each other as shown in FIG. 5);
one or more child relationships wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database; (Dolan, paragraph 0007, querying object database to obtain at least one object from the set of objects, relationship database stores relationship for each object; paragraph 0030, object database 512 and relationship database 513 are separate from each other as shown in FIG. 5);
identifying, within the object database, a child object based on the one or more valid child relationships (Dolan, paragraph 0031, identify objects corresponding to particular child modules; paragraph 0025, child module of chassis parent; paragraph 0038, child modules identified in query of relationship database 513).
Dolan discloses an object database and a relationship database that are separate database, but does not explicitly disclose creating a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions and (ii) a first plurality of SQL statements implementing the access control list;  searching a relationship database for one or more child relationships of the primary object;  filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship;  identifying a child object of the primary object based on the one or more valid child relationships.
However, in an analogous art, Gass discloses creating a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises (Gass, paragraph 0053, “FIGS. 13 and 14 show identical reports for two sales managers--Dennis Lansberry and Reginald Steiber--where one manager (Dennis) reports to the other (Reginald).  Thus, the orders data for Dennis is a subset of that available to Reginald.  More specifically, FIG. 13 illustrates row-level security policies being applied automatically during end user report generation wherein a lower-level manager sees fewer rows in the underlying data; and FIG. 14 illustrates row-level security policies being applied automatically during end user report generation wherein a higher-level manager sees more rows in the underlying data [i.e., primary object] (i.e., the higher-level manager has a larger number of rows that are visible to him and thus his report reflects summaries based upon more data/rows).”);
(i) an access control list specifying row-level access permissions (Gass, paragraph 0038, “The system's row-level security policy definition can be integrated into conventional (ACL-based) [i.e., access control list] security systems as well as into query guidance definition tools and runtime query execution.”)
and (ii) a first plurality of SQL statements implementing the access control list (Gass, paragraph 0061, “the policy-based query generator may employ the following routine to generate the SQL statements used by the relational data server”; paragraph 0038, “The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”);
searching a relationship database for one or more child relationships of the primary object (Gass, paragraph 0060, “The policy-based query generator returns at step 7 to the end-user report generator an SQL query that is augmented with row level security-motivated JOIN and WHERE items.  The end-user report generator provides the SQL query [i.e., searching a relationship database] to the relational data server at step 8.  The relational data server then retrieves the requested information and provides the row level security-filtered data [i.e., child relationship encompasses security-filtered data] at step 9 to the end-user report generator for display as a report to the end-user at step 10.”);
filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship (Gass, paragraph 0053, “FIGS. 13 and 14 show identical reports for two sales managers--Dennis Lansberry and Reginald Steiber--where one manager (Dennis) reports to the other (Reginald).  Thus, the orders data for Dennis is a subset of that available to Reginald [i.e., Reginald has access to primary/ parent object].  More specifically, FIG. 13 illustrates row-level security policies being applied automatically during end user report generation wherein a lower-level manager sees fewer rows [i.e., filtering child relationships] in the underlying data [i.e., child relationship for a child object of the primary/ parent object]; and FIG. 14 illustrates row-level security policies being applied automatically during end user report generation wherein a higher-level manager sees more rows in the underlying data (i.e., the higher-level manager has a larger number of rows that are visible to him and thus his report reflects summaries based upon more data/rows).” --- removing each invalid child relationship encompasses those rows visible to a higher level manager that are not provided to a lower level manager are invalid child relationships that are removed/ filtered; paragraph 0233, row-level filtering, relationships);
identifying a child object of the primary object based on the one or more valid child relationships (Gass, paragraph 0039, “To facilitate access to the information stored in a relational database, the database query generation system 50 uses a multi-table model specification system 210.  FIG. 3 provides a multi-table model 310 (e.g., an information map) how tables interrelate with each other when data is to be queried from the database(s) 200.  In addition to the specification 330 of table relations, the information map can further specify filters 320 that establish criteria for filtering data that is to be retrieved via a query.  One or more filters 320 can be associated with the table relations in order to restrict what information is retrieved.”; paragraph 0038, “FIG. 2 provides at 200 an example of a type of data store that can be used within the environment 30.  In this example, the database query generation system 50 can access the information stored in one or more relational databases 200.  The row-level security system 60 can define access to the data contained in the tables of the relational database(s) 200 at a granular level [i.e., valid child relationships encompasses granular level], such as specifying who can access particular rows within a table.  The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gass with the method/ system/ non-transitory, computer-readable medium of Dolan to include creating a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions and (ii) a first plurality of SQL statements implementing the access control list;  searching a relationship database for one or more child relationships of the primary object;  filtering the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship;  identifying a child object of the primary object based on the one or more valid child relationships. 
One would have been motivated to provide users with the benefits of making individual row-by-row access control practical (Gass: paragraphs 0002 and 0003).
Dolan and Gass not explicitly disclose receiving a request to extend the RLS policy to the child object; and extending the RLS policy to the child object.
However, in an analogous art, Appala discloses receiving a request to extend the RLS policy to the child object (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies.  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited [i.e., receiving a request to extend the RLS policy].  This enables finer flexibility and control over policy inheritance.”);
extending the RLS policy to the child object (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies [i.e., extending the RLS policy to the child object].  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited.  This enables finer flexibility and control over policy inheritance.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Appala with the method/ system/ non-transitory, computer-readable medium of Dolan Gass to include receiving a request to extend the RLS policy to the child object; and extending the RLS policy to the child object. 
One would have been motivated to provide users with the benefits of finer flexibility and control over policy inheritance (Appala: paragraph 0033).
Regarding claim 2, Dolan, Gass, and Appala  disclose the method of claim 1.  Gass discloses wherein identifying the child object of the primary object based on the one or more valid child relationships, receiving the request to extend the RLS policy to the child object, and extending the RLS policy to the child object further comprise:  identifying a plurality of child objects of the primary object based on the one or more valid child relationships (Gass, paragraph 0039, “To facilitate access to the information stored in a relational database, the database query generation system 50 uses a multi-table model specification system 210.  FIG. 3 provides an example of a multi-table model specification system 210 which designates through a multi-table model 310 (e.g., an information map) how tables interrelate with each other when data is to be queried from the database(s) 200.  In addition to the specification 330 of table relations, the information map can further specify filters 320 that establish criteria for filtering data that is to be retrieved via a query.  As an example, the information map can list a number of tables as data sources along with rules for combining multiple tables in a relational JOIN operation.  One or more filters 320 can be associated with the table relations in order to restrict what information is retrieved.”; paragraph 0038, “FIG. 2 provides at 200 an example of a type of data store that can be used within the environment 30.  In this example, the database query generation system 50 can access the information stored in one or more relational databases 200.  The row-level security system 60 can define access to the data contained in the tables of the relational database(s) 200 at a granular level [i.e., valid child relationships encompasses granular level], such as specifying who can access particular rows within a table.  The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”).  Appala discloses receiving a request to extend the RLS policy to a subset of the plurality of child objects (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies.  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited [i.e., receiving a request to extend the RLS policy].  This enables finer flexibility and control over policy inheritance.”); extending the RLS policy to the subset of the plurality of child objects (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies.  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited.  This enables finer flexibility and control over policy inheritance.”).  The motivation is the same as that of the claim from which this claims depends.
Regarding claim 12, Gass discloses a system comprising: a processor; and a memory containing instructions which, when executed by the processor, cause the processor to implement (Dolan, paragraph 0008, computer, paragraph 0009, computer readable  medium, instructions):
an object database searching a relationship database separate from the object database for (Dolan, paragraph 0007, querying object database to obtain at least one object from the set of objects, relationship database stores relationship for each object; paragraph 0030, object database 512 and relationship database 513 are separate from each other as shown in FIG. 5);
one or more child relationships wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database; (Dolan, paragraph 0007, querying object database to obtain at least one object from the set of objects, relationship database stores relationship for each object; paragraph 0030, object database 512 and relationship database 513 are separate from each other as shown in FIG. 5);
identify, within the object database, a child object based on the one or more valid child relationships (Dolan, paragraph 0031, identify objects corresponding to particular child modules; paragraph 0025, child module of chassis parent; paragraph 0038, child modules identified in query of relationship database 513).
Dolan discloses an object database and a relationship database that are separate database, but does not explicitly disclose a row-level security (RLS) policy creator configured to create an RLS policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions and (ii) a first plurality of SQL statements implementing the access control list; a related object identifier configured to: search a relationship database for one or more child relationships of the primary object; filter the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship; identify a child object of the primary object based on the one or more valid child relationships.
However, in an analogous art, Gass discloses a row-level security (RLS) policy creator configured to (Gass, paragraph 0040, “FIG. 4 illustrates that the same multi-table model 310 or information map that is used by the database query generation system 50 to handle query requests from users can also be used by the row-level security system 60 to define row-level security policies for constraining queries (e.g., ad-hoc queries) which end-users make against a collection of tables.  With respect to row-level security policies, FIG. 5 depicts a graphical user interface (GUI) 400 for a user to specify in a declarative manner both WHERE-based and JOIN-based filtering in defining row-level security policies.”);  
create an RLS policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions (Gass, paragraph 0053, “FIGS. 13 and 14 show identical reports for two sales managers--Dennis Lansberry and Reginald Steiber--where one manager (Dennis) reports to the other (Reginald).  Thus, the orders data for Dennis is a subset of that available to Reginald.  More specifically, FIG. 13 illustrates row-level security policies being applied automatically during end user report generation wherein a lower-level manager sees fewer rows in the underlying data; and FIG. 14 illustrates row-level security policies being applied automatically during end user report generation wherein a higher-level manager sees more rows in the underlying data [i.e., primary object] (i.e., the higher-level manager has a larger number of rows that are visible to him and thus his report reflects summaries based upon more data/rows).”)
and (ii) a first plurality of SQL statements implementing the access control list (Gass, paragraph 0061, “the policy-based query generator may employ the following routine to generate the SQL statements used by the relational data server”; paragraph 0038, “The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”);
a related object identifier configured to: search a relationship database for one or more child relationships of the primary object (Gass, paragraph 0060, “The policy-based query generator returns at step 7 to the end-user report generator an SQL query that is augmented with row level security-motivated JOIN and WHERE items.  The end-user report generator provides the SQL query [i.e., searching a relationship database] to the relational data server at step 8.  The relational data server then retrieves the requested information and provides the row level security-filtered data [i.e., child relationship encompasses security-filtered data] at step 9 to the end-user report generator for display as a report to the end-user at step 10.”);
filter the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship (Gass, paragraph 0053, “FIGS. 13 and 14 show identical reports for two sales managers--Dennis Lansberry and Reginald Steiber--where one manager (Dennis) reports to the other (Reginald).  Thus, the orders data for Dennis is a subset of that available to Reginald [i.e., Reginald has access to primary/ parent object].  More specifically, FIG. 13 illustrates row-level security policies being applied automatically during end user report generation wherein a lower-level manager sees fewer rows [i.e., filtering child relationships] in the underlying data [i.e., child relationship for a child object of the primary/ parent object]; and FIG. 14 illustrates row-level security policies being applied automatically during end user report generation wherein a higher-level manager sees more rows in the underlying data (i.e., the higher-level manager has a larger number of rows that are visible to him and thus his report reflects summaries based upon more data/rows).” --- removing each invalid child relationship encompasses those rows visible to a higher level manager that are not provided to a lower level manager are invalid child relationships that are removed/ filtered; paragraph 0233, row-level filtering, relationships);
identify a child object of the primary object based on the one or more valid child relationships (Gass, paragraph 0039, “To facilitate access to the information stored in a relational database, the database query generation system 50 uses a multi-table model specification system 210.  FIG. 3 provides an example of a multi-table model specification system 210 which designates through a multi-table model 310 (e.g., an information map) how tables interrelate with each other when data is to be queried from the database(s) 200.  In addition to the specification 330 of table relations, the information map can further specify filters 320 that establish criteria for filtering data that is to be retrieved via a query.  As an example, the information map can list a number of tables as data sources along with rules for combining multiple tables in a relational JOIN operation.  One or more filters 320 can be associated with the table relations in order to restrict what information is retrieved.”; paragraph 0038, “FIG. 2 provides at 200 an example of a type of data store that can be used within the environment 30.  In this example, the database query generation system 50 can access the information stored in one or more relational databases 200.  The row-level security system 60 can define access to the data contained in the tables of the relational database(s) 200 at a granular level [i.e., valid child relationships encompasses granular level], such as specifying who can access particular rows within a table.  The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gass with the method/ system/ non-transitory, computer-readable medium of Dolan to include a row-level security (RLS) policy creator configured to create an RLS policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions and (ii) a first plurality of SQL statements implementing the access control list; a related object identifier configured to: search a relationship database for one or more child relationships of the primary object; filter the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship; identify a child object of the primary object based on the one or more valid child relationships 
One would have been motivated to provide users with the benefits of making individual row-by-row access control practical (Gass: paragraphs 0002 and 0003).
Dolan and Gass do not explicitly disclose an RLS policy extender configured to: receive a request to extend the RLS policy to the child object; and extend the RLS policy to the child object.
However, in an analogous art, Appala discloses an RLS policy extender configured to: receive a request to extend the RLS policy to the child object (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies.  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited [i.e., receiving a request to extend the RLS policy].  This enables finer flexibility and control over policy inheritance.”);
extend the RLS policy to the child object (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies [i.e., extending the RLS policy to the child object].  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited.  This enables finer flexibility and control over policy inheritance.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Appala with the method/ system/ non-transitory, computer-readable medium of Dolan Gass to include an RLS policy extender configured to: receive a request to extend the RLS policy to the child object; and extend the RLS policy to the child object. 
One would have been motivated to provide users with the benefits of finer flexibility and control over policy inheritance (Appala: paragraph 0033).
Regarding claim 13, Dolan, Gass, and Appala disclose the system of claim 12.  Gass discloses wherein the child object identifier is further configured to: identify a plurality of child objects of the primary object based on the one or more valid child relationships (Gass, paragraph 0039, “To facilitate access to the information stored in a relational database, the database query generation system 50 uses a multi-table model specification system 210.  FIG. 3 provides an example of a multi-table model specification system 210 which designates through a multi-table model 310 (e.g., an information map) how tables interrelate with each other when data is to be queried from the database(s) 200.  In addition to the specification 330 of table relations, the information map can further specify filters 320 that establish criteria for filtering data that is to be retrieved via a query.  As an example, the information map can list a number of tables as data sources along with rules for combining multiple tables in a relational JOIN operation.  One or more filters 320 can be associated with the table relations in order to restrict what information is retrieved.”; paragraph 0038, “FIG. 2 provides at 200 an example of a type of data store that can be used within the environment 30.  In this example, the database query generation system 50 can access the information stored in one or more relational databases 200.  The row-level security system 60 can define access to the data contained in the tables of the relational database(s) 200 at a granular level [i.e., valid child relationships encompasses granular level], such as specifying who can access particular rows within a table.  The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”) and wherein the RLS policy extender is further configured to receive a request to extend the RLS policy to a subset of the plurality of child objects (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies.  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited [i.e., receiving a request to extend the RLS policy].  This enables finer flexibility and control over policy inheritance.”);extend the RLS policy to the subset of the plurality of child objects (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies [i.e., extending the RLS policy to the child object].  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited.  This enables finer flexibility and control over policy inheritance.”).  The motivation is the same as that of the claim from which this claims depends.

Regarding claim 20, Dolan discloses a non-transitory, computer-readable medium storing instructions which, when executed by a processor, cause the processor to: (Dolan, paragraph 0008, computer, paragraph 0009, computer readable  medium, instructions);
an object database searching a relationship database separate from the object database for (Dolan, paragraph 0007, querying object database to obtain at least one object from the set of objects, relationship database stores relationship for each object; paragraph 0030, object database 512 and relationship database 513 are separate from each other as shown in FIG. 5);
one or more child relationships wherein the relationship database stores relationship data for relationships between objects within the object database, and wherein the relationship data is separate from data stored within the object database; (Dolan, paragraph 0007, querying object database to obtain at least one object from the set of objects, relationship database stores relationship for each object; paragraph 0030, object database 512 and relationship database 513 are separate from each other as shown in FIG. 5);
identify, within the object database, a child object based on the one or more valid child relationships (Dolan, paragraph 0031, identify objects corresponding to particular child modules; paragraph 0025, child module of chassis parent; paragraph 0038, child modules identified in query of relationship database 513).
Dolan discloses an object database and a relationship database that are separate database, but does not explicitly disclose create a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions; (ii) a first plurality of SQL statements implementing the access control list search a relationship database for one or more child relationships of the primary object; filter the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship; identify a child object of the primary object based on the one or more valid child relationships.
However, in an analogous art, Gass discloses create a row-level security (RLS) policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions (Gass, paragraph 0053, “FIGS. 13 and 14 show identical reports for two sales managers--Dennis Lansberry and Reginald Steiber--where one manager (Dennis) reports to the other (Reginald).  Thus, the orders data for Dennis is a subset of that available to Reginald.  More specifically, FIG. 13 illustrates row-level security policies being applied automatically during end user report generation wherein a lower-level manager sees fewer rows in the underlying data; and FIG. 14 illustrates row-level security policies being applied automatically during end user report generation wherein a higher-level manager sees more rows in the underlying data [i.e., primary object] (i.e., the higher-level manager has a larger number of rows that are visible to him and thus his report reflects summaries based upon more data/rows).”) and 
(ii) a first plurality of SQL statements implementing the access control list (Gass, paragraph 0061, “the policy-based query generator may employ the following routine to generate the SQL statements used by the relational data server”; paragraph 0038, “The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”);
search a relationship database for one or more child relationships of the primary object (Gass, paragraph 0060, “The policy-based query generator returns at step 7 to the end-user report generator an SQL query that is augmented with row level security-motivated JOIN and WHERE items.  The end-user report generator provides the SQL query [i.e., searching a relationship database] to the relational data server at step 8.  The relational data server then retrieves the requested information and provides the row level security-filtered data [i.e., child relationship encompasses security-filtered data] at step 9 to the end-user report generator for display as a report to the end-user at step 10.”);
filter the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship (Gass, paragraph 0053, “FIGS. 13 and 14 show identical reports for two sales managers--Dennis Lansberry and Reginald Steiber--where one manager (Dennis) reports to the other (Reginald).  Thus, the orders data for Dennis is a subset of that available to Reginald [i.e., Reginald has access to primary/ parent object].  More specifically, FIG. 13 illustrates row-level security policies being applied automatically during end user report generation wherein a lower-level manager sees fewer rows [i.e., filtering child relationships] in the underlying data [i.e., child relationship for a child object of the primary/ parent object]; and FIG. 14 illustrates row-level security policies being applied automatically during end user report generation wherein a higher-level manager sees more rows in the underlying data (i.e., the higher-level manager has a larger number of rows that are visible to him and thus his report reflects summaries based upon more data/rows).” --- removing each invalid child relationship encompasses those rows visible to a higher level manager that are not provided to a lower level manager are invalid child relationships that are removed/ filtered; paragraph 0233, row-level filtering, relationships);
identify a child object of the primary object based on the one or more valid child relationships (Gass, paragraph 0039, “To facilitate access to the information stored in a relational database, the database query generation system 50 uses a multi-table model specification system 210.  FIG. 3 provides an example of a multi-table model specification system 210 which designates through a multi-table model 310 (e.g., an information map) how tables interrelate with each other when data is to be queried from the database(s) 200.  In addition to the specification 330 of table relations, the information map can further specify filters 320 that establish criteria for filtering data that is to be retrieved via a query.  As an example, the information map can list a number of tables as data sources along with rules for combining multiple tables in a relational JOIN operation.  One or more filters 320 can be associated with the table relations in order to restrict what information is retrieved.”; paragraph 0038, “FIG. 2 provides at 200 an example of a type of data store that can be used within the environment 30.  In this example, the database query generation system 50 can access the information stored in one or more relational databases 200.  The row-level security system 60 can define access to the data contained in the tables of the relational database(s) 200 at a granular level [i.e., valid child relationships encompasses granular level], such as specifying who can access particular rows within a table.  The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Gass with the method/ system/ non-transitory, computer-readable medium of Dolan to include a row-level security (RLS) policy creator configured to create an RLS policy for a primary object, wherein the RLS policy comprises (i) an access control list specifying row-level access permissions and (ii) a first plurality of SQL statements implementing the access control list; a related object identifier configured to: search a relationship database for one or more child relationships of the primary object; filter the one or more child relationships to identify one or more valid child relationships by (i) determining whether each of the one or more child relationships is valid or invalid, and (ii) removing each invalid child relationship; identify a child object of the primary object based on the one or more valid child relationships 
One would have been motivated to provide users with the benefits of making individual row-by-row access control practical (Gass: paragraphs 0002 and 0003).
Dolan and Gass does not explicitly disclose receive a request to extend the RLS policy to the child object; and extend the RLS policy to the child object.
However, in an analogous art, Appala discloses receive a request to extend the RLS policy to the child object (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies.  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited [i.e., receiving a request to extend the RLS policy].  This enables finer flexibility and control over policy inheritance.”);
extend the RLS policy to the child object (Appala, paragraph 0033, “In one example, for a parent SGT with three distinct security policies, a first child SGT may inherit one security policy, a second child SGT may inherit two security policies, and a third child SGT may inherit all three security policies [i.e., extending the RLS policy to the child object].  Thus, by providing such granular control, the network administrator may choose a subset of attributes/policies to be inherited.  This enables finer flexibility and control over policy inheritance.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Appala with the method/ system/ non-transitory, computer-readable medium of Gass to include receive a request to extend the RLS policy to the child object; and extend the RLS policy to the child object. 
One would have been motivated to provide users with the benefits of finer flexibility and control over policy inheritance (Appala: paragraph 0033).

Claims 3 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, and Appala (US20190215303), filed January 10, 2018, and further in view of Ruth (US10627157), filed February 1, 2019.
Regarding claim 3, Dolan, Gass, and Appala disclose the method of claim 1.
Dolan, Gass, and Appala do not explicitly disclose wherein the primary object is a SmartBox Object configured to store its data in a related SQL table.
However, in an analogous art, Ruth discloses wherein the primary object is a SmartBox Object configured to store its data in a related SQL table (Ruth, col. 12, line 58, through col. 13, line 3, “In embodiments, the one or more constituent networks of network 405 provide two-way connectivity between smartboxes 410a-410c and control server 415.  Additionally, the one or more constituent networks of network 405 provide two-way connectivity between delivery vehicles 420a-420c.  Further, depending on the scale of the implementation, network context 400 may, according to embodiments, include a networked order database 425.  In embodiments, networked order database may be implemented as a SQL database on a SQL server connected to network 405.  In other embodiments, networked order database 425 may be implemented using a cloud architecture, or as a columnar database.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ruth with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein the primary object is a SmartBox Object configured to store its data in a related SQL table. 
One would have been motivated to provide users with the benefits of a secure container for transporting contents (Ruth: col. 5, lines 57-61).
Regarding claim 14, Dolan, Gass, and Appala disclose the system of claim 12.
Dolan, Gass, and Appala do not explicitly disclose wherein the primary object is a SmartBox Object configured to store its data in a related SQL table.
However, in an analogous art, Ruth discloses wherein the primary object is a SmartBox Object configured to store its data in a related SQL table (Ruth, col. 12, line 58, through col. 13, line 3, “In embodiments, the one or more constituent networks of network 405 provide two-way connectivity between smartboxes 410a-410c and control server 415.  Additionally, the one or more constituent networks of network 405 provide two-way connectivity between delivery vehicles 420a-420c.  Further, depending on the scale of the implementation, network context 400 may, according to embodiments, include a networked order database 425.  In embodiments, networked order database may be implemented as a SQL database on a SQL server connected to network 405.  In other embodiments, networked order database 425 may be implemented using a cloud architecture, or as a columnar database.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Ruth with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein the primary object is a SmartBox Object configured to store its data in a related SQL table. 
One would have been motivated to provide users with the benefits of a secure container for transporting contents (Ruth: col. 5, lines 57-61).
Claims 4 and 5 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, Appala (US20190215303), filed January 10, 2018,  and Ruth (US10627157), filed February 1, 2019, and further in view of Yalamanchi (US20090199273), filed February 1, 2008.
Regarding claim 4, Dolan, Gass, Appala, and Ruth disclose the method of claim 3 and a SmartBox object, RLS policy and SQL.
Dolan, Gass, Appala, and Ruth do not explicitly disclose wherein the RLS policy is generated for the related SQL table in response to receiving a request to apply a data access policy to the SmartBox Object.
However, in an analogous art, Yalamanchi discloses wherein the RLS policy is generated for the related SQL table in response to receiving a request to apply a data access policy to the SmartBox Object (Yalamanchi, paragraph 0005, “The dynamically generated clause may have been, for example, a "where" (e.g., SQL WHERE) clause.”; paragraph 0066, “For example, method 300 may include, at 306, creating an access control policy for the database table for which row level security is active.  The access control policy may define row level security for rows in the database table. In one example, a first row in the database table may have a first row level security defined by a first access control expression in the access control policy and a second, different row in the database table may have a second, different row level security defined by a second, different access control expression in the access control policy.  In one example, each row may have its own access control expression.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Yalamanchi with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, Appala, and Ruth to include wherein the RLS policy is generated for the related SQL table in response to receiving a request to apply a data access policy to the SmartBox Object. 
One would have been motivated to provide users with the benefits of row-level access control policies using an expression data type (Yalamanchi: paragraph 0014).
Regarding claim 5, Dolan, Gass, Appala, Ruth, and Yalamanchi disclose the method of claim 4.  Yalamanchi discloses wherein the data access policy includes a policy selected from the group consisting of: (i) a full access policy, (ii) a limited access polity, and (iii) a combination of a full access policy and a limited access policy for data stored within the related SQL table (Yalamanchi, paragraph 0075, “As described above, access control policy 560 may include a set of access control statements.  Therefore, a first row in the database table 530 may have a first row level security defined by a first access control expression (e.g., 562) in the access control policy 560 while a second, different row in the database table 530 may have a second, different row level security defined by a second, different access control expression (e.g., 564) in the access control policy 560.  Therefore, database table 530 may be associated with different access control policies under different conditions.  For example, a first access control policy may be associated with database table 530 when access statements are generated by a low level manager while a second access control policy may be associated with database table 530 when access statements are generated by an executive.  Different access control expressions in access control policy 560 may be placed in expression column 532 in database table 530.”).  The motivation is the same as that of the claim from which this claim depends.
Claims 6 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan, Gass, and Appala, and further in view of Niu (US20200301917), filed June 10, 2020, claiming priority to PCT/CN2019/080780, file April 1, 2019, claiming priority to CN201810411644, filed May 2, 2018.
Regarding claim 6, Dolan, Gass, and Appala disclose the method of claim 1.
Dolan, Gass, and Appala do not explicitly disclose wherein extending the RLS policy includes generating a second plurality of SQL statements to extend the RLS policy to the child object.
However, in an analogous art, Niu discloses wherein extending the RLS policy includes generating a second plurality of SQL statements to extend the RLS policy to the child object (Niu, paragraph 0225, “the policy proxy interface is called to acquire the table filtering rule and a child query node is added if are filtering rule of this table exists.  The original parent node of the leaf node becomes the parent node of the child query node, and the leaf node is the child node of the child query node.  The acquired filtering rule is applied to the child query node so that re-synthesization of the AST tree is completed.  In this manner, when the rewritten SQL statement is subsequently generated [i.e., second plurality of SQL statements encompasses rewritten SQL statement]”; CN110443059, paragraph 0251, “In the process of traversing and parsing the AST of the from clause, if the current AST node is a leaf node and a physical table, call the policy agent interface to obtain the table filtering rules. If there are filtering rules for the table, reconstruct the AST tree. New Add a child query node, the original parent node of the leaf node becomes the parent node of the child query node, and the leaf node is the child node of the child query node. Apply the obtained filter rules to the child query node to complete the AST tree Refactoring. In this way, when the rewritten SQL statement is generated according to the AST, the SQL statement assembled by the filtering rules will be used as the subquery of the table, and the original physical table will be used as the alias of the subquery.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Niu with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein extending the RLS policy includes generating a second plurality of SQL statements to extend the RLS policy to the child object.
One would have been motivated to provide users with the benefits of a data protection method and device and storage medium (Niu: paragraph 0001).
Regarding claim 15, Dolan, Gass, and Appala disclose the system of claim 12.
Dolan, Gass, and Appala do not explicitly disclose wherein the RLS policy extender is further configured to generate a second plurality of SQL statements to extend the RLS policy to the child object.
However, in an analogous art, Niu discloses wherein the RLS policy extender is further configured to generate a second plurality of SQL statements to extend the RLS policy to the child object (Niu, paragraph 0225, “the policy proxy interface is called to acquire the table filtering rule and a child query node is added if are filtering rule of this table exists.  The original parent node of the leaf node becomes the parent node of the child query node, and the leaf node is the child node of the child query node.  The acquired filtering rule is applied to the child query node so that re-synthesization of the AST tree is completed.  In this manner, when the rewritten SQL statement is subsequently generated [i.e., second plurality of SQL statements encompasses rewritten SQL statement]”; CN110443059, paragraph 0251, “In the process of traversing and parsing the AST of the from clause, if the current AST node is a leaf node and a physical table, call the policy agent interface to obtain the table filtering rules. If there are filtering rules for the table, reconstruct the AST tree. New Add a child query node, the original parent node of the leaf node becomes the parent node of the child query node, and the leaf node is the child node of the child query node. Apply the obtained filter rules to the child query node to complete the AST tree Refactoring. In this way, when the rewritten SQL statement is generated according to the AST, the SQL statement assembled by the filtering rules will be used as the subquery of the table, and the original physical table will be used as the alias of the subquery.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Niu with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein the RLS policy extender is further configured to generate a second plurality of SQL statements to extend the RLS policy to the child object.
One would have been motivated to provide users with the benefits of a data protection method and device and storage medium (Niu: paragraph 0001).

Claims 7 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, and Appala (US20190215303), filed January 10, 2018, and further in view of Smith (US9747363), filed March 1, 2012.
Regarding claim 7, Dolan, Gass, and Appala disclose the method of claim 1.
Dolan, Gass, and Appala do not explicitly disclose wherein searching a relationship database for the one or more child relationships of the primary object further comprises identifying one or more foreign-key relationships of the primary object within the relationship database.
However, in an analogous art, Smith discloses wherein searching a relationship database for the one or more child relationships of the primary object further comprises identifying one or more foreign-key relationships of the primary object within the relationship database (Smith, col. 2, line 66, through col. 3, line 19, “The search engine 1205, which executes in main memory, receives queries and instructions from join engine 1210, retrieves record-based data from tables in a relational database management system (RDBMS) 1215, and creates search-engine indices as described above.  For each table associated with a join query, the search engine 1205 creates both a search-engine index having a document identifier and a foreign key, and a document that includes the corresponding document identifier from the search-engine index and the rest of the non-key data from the corresponding record.  The join engine 1210 receives requests from users (which, in many cases, will require data from multiple tables), queries the search engine 1205 to return primary and secondary result sets for primary and secondary queries parsed from the join query.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smith with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein searching a relationship database for the one or more child relationships of the primary object further comprises identifying one or more foreign-key relationships of the primary object within the relationship database.
One would have been motivated to provide users with the benefits of reducing the amount of memory used for storage yet providing fast and constant access time (Smith: col. 1, lines 60-63).
Regarding claim 16, Dolan, Gass, and Appala disclose the system of claim 12.
Dolan, Gass, and Appala do not explicitly disclose wherein the child object identifier is further configured to identify one or more foreign-key relationships of the primary object within the relationship database.
However, in an analogous art, Smith discloses wherein the child object identifier is further configured to identify one or more foreign-key relationships of the primary object within the relationship database (Smith, col. 2, line 66, through col. 3, line 19, “The search engine 1205, which executes in main memory, receives queries and instructions from join engine 1210, retrieves record-based data from tables in a relational database management system (RDBMS) 1215, and creates search-engine indices as described above.  For each table associated with a join query, the search engine 1205 creates both a search-engine index having a document identifier and a foreign key, and a document that includes the corresponding document identifier from the search-engine index and the rest of the non-key data from the corresponding record.  The join engine 1210 receives requests from users (which, in many cases, will require data from multiple tables), queries the search engine 1205 to return primary and secondary result sets for primary and secondary queries parsed from the join query.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Smith with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein the child object identifier is further configured to identify one or more foreign-key relationships of the primary object within the relationship database.
One would have been motivated to provide users with the benefits of reducing the amount of memory used for storage yet providing fast and constant access time (Smith: col. 1, lines 60-63).
Claims 8 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, and Appala (US20190215303), filed January 10, 2018, and further in view of Chandrasekaran (US20060004689), filed December 29, 2004.
Regarding claim 8, Dolan, Gass, and Appala disclose the method of claim 1.  Gass discloses further comprising: searching the relationship database; filtering; and identifying a parent object of the primary object based on the one or more valid parent relationships (Gass, paragraph 0039, “To facilitate access to the information stored in a relational database, the database query generation system 50 uses a multi-table model specification system 210.  FIG. 3 provides an example of a multi-table model specification system 210 which designates through a multi-table model 310 (e.g., an information map) how tables interrelate with each other when data is to be queried from the database(s) 200.  In addition to the specification 330 of table relations, the information map can further specify filters 320 that establish criteria for filtering data that is to be retrieved via a query.  As an example, the information map can list a number of tables as data sources along with rules for combining multiple tables in a relational JOIN operation.  One or more filters 320 can be associated with the table relations in order to restrict what information is retrieved.”; paragraph 0038, “FIG. 2 provides at 200 an example of a type of data store that can be used within the environment 30.  In this example, the database query generation system 50 can access the information stored in one or more relational databases 200.  The row-level security system 60 can define access to the data contained in the tables of the relational database(s) 200 at a granular level [i.e., valid parent relationships encompasses granular level], such as specifying who can access particular rows within a table.  The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”).  The motivation is the same as that of the claim from which this claim depends.
Dolan, Gass, and Appala disclose further comprising: searching the relationship database; filtering; and identifying a parent object of the primary object based on the one or more valid parent relationships, but do not explicitly disclose searching the relationship database for one or more parent relationships of the primary object; filtering the one or more parent relationships to identify one or more valid parent relationships by (i) determining whether each of the one or more parent relationships is valid or invalid, and (ii) removing each invalid parent relationship; and identifying a parent object of the primary object based on the one or more valid parent relationships. 
However, in an analogous art, Chandrasekaran discloses searching the relationship database for one or more parent relationships of the primary object; filtering the one or more parent relationships to identify one or more valid parent relationships by (i) determining whether each of the one or more parent relationships is valid or invalid, and (ii) removing each invalid parent relationship; and identifying a parent object of the primary object based on the one or more valid parent relationships (Chandrasekaran, paragraph 0034, “Deleting content has the effect of not only destroying the content on the storage system, but also all associated content objects and metadata, including content addresses, stored in the relational database.  Using FIG. 2 as an example, if a user wishes to delete a large piece of content, for example a document 200, the content server unlinks all associated content objects 202, 204 from the document object 200.  The result is that the content objects 202, 204 are no longer pointing to the deleted parent document object 200 [i.e., filtering parent relationships encompasses deleting parent object].  If the content objects 204 are no longer pointing to any parent document objects 200, or there are not any parent objects 200 pointing to the content objects 202, they are marked for deletion and are subsequently destroyed.  The content is subsequently destroyed on the storage system when the content server calls a delete function contained in the plugin that may instruct the storage system to physically clean the sectors where the content is stored, ensuring that the content is unrecoverable. “). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chandrasekaran with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include searching the relationship database for one or more parent relationships of the primary object; filtering the one or more parent relationships to identify one or more valid parent relationships by (i) determining whether each of the one or more parent relationships is valid or invalid, and (ii) removing each invalid parent relationship; and identifying a parent object of the primary object based on the one or more valid parent relationships.
One would have been motivated to provide users with the benefits of facilitating the storage of content within enterprise content management systems (Chandrasekaran: paragraph 0002).

Regarding claim 17, Dolan, Gass, and Appala disclose the system of claim 12.
Gass discloses further comprising: search the relationship database; filter; and identify a parent object of the primary object based on the one or more valid parent relationships (Gass, paragraph 0039, “To facilitate access to the information stored in a relational database, the database query generation system 50 uses a multi-table model specification system 210.  FIG. 3 provides an example of a multi-table model specification system 210 which designates through a multi-table model 310 (e.g., an information map) how tables interrelate with each other when data is to be queried from the database(s) 200.  In addition to the specification 330 of table relations, the information map can further specify filters 320 that establish criteria for filtering data that is to be retrieved via a query.  As an example, the information map can list a number of tables as data sources along with rules for combining multiple tables in a relational JOIN operation.  One or more filters 320 can be associated with the table relations in order to restrict what information is retrieved.”; paragraph 0038, “FIG. 2 provides at 200 an example of a type of data store that can be used within the environment 30.  In this example, the database query generation system 50 can access the information stored in one or more relational databases 200.  The row-level security system 60 can define access to the data contained in the tables of the relational database(s) 200 at a granular level [i.e., valid parent relationships encompasses granular level], such as specifying who can access particular rows within a table.  The system's row-level security policy definition can be integrated into conventional (ACL-based) security systems as well as into query guidance definition tools and runtime query execution.”).  The motivation is the same as that of the claim from which this claim depends.
Dolan, Gass, and Appala disclose further comprising: search the relationship database; filter; and identify a parent object of the primary object based on the one or more valid parent relationships, but do not explicitly disclose search the relationship database for one or more parent relationships of the primary object; filter the one or more parent relationships to identify one or more valid parent relationships by (i) determining whether each of the one or more parent relationships is valid or invalid, and (ii) removing each invalid parent relationship; and identify a parent object of the primary object based on the one or more valid parent relationships. 
However, in an analogous art, Chandrasekaran discloses search the relationship database for one or more parent relationships of the primary object; filter the one or more parent relationships to identify one or more valid parent relationships by (i) determining whether each of the one or more parent relationships is valid or invalid, and (ii) removing each invalid parent relationship; and identify a parent object of the primary object based on the one or more valid parent relationships (Chandrasekaran, paragraph 0034, “Deleting content has the effect of not only destroying the content on the storage system, but also all associated content objects and metadata, including content addresses, stored in the relational database.  Using FIG. 2 as an example, if a user wishes to delete a large piece of content, for example a document 200, the content server unlinks all associated content objects 202, 204 from the document object 200.  The result is that the content objects 202, 204 are no longer pointing to the deleted parent document object 200 [i.e., filtering parent relationships encompasses deleting parent object].  If the content objects 204 are no longer pointing to any parent document objects 200, or there are not any parent objects 200 pointing to the content objects 202, they are marked for deletion and are subsequently destroyed.  The content is subsequently destroyed on the storage system when the content server calls a delete function contained in the plugin that may instruct the storage system to physically clean the sectors where the content is stored, ensuring that the content is unrecoverable. “). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Chandrasekaran with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include search the relationship database for one or more parent relationships of the primary object; filter the one or more parent relationships to identify one or more valid parent relationships by (i) determining whether each of the one or more parent relationships is valid or invalid, and (ii) removing each invalid parent relationship; and identify a parent object of the primary object based on the one or more valid parent relationships.
One would have been motivated to provide users with the benefits of facilitating the storage of content within enterprise content management systems (Chandrasekaran: paragraph 0002).

Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, and Appala (US20190215303), filed January 10, 2018, and further in view of Subramanian (US20020194211), filed May 31, 2001.
Regarding claim 9, Dolan, Gass, and Appala disclose the method of claim 1.
Dolan, Gass, and Appala do not explicitly disclose further comprising: receiving a request to update the RLS policy; updating the RLS policy for the primary object to create an updated RLS policy; and extending the updated RLS policy to the child object.
However, in an analogous art, Subramanian discloses further comprising: receiving a request to update the RLS policy; updating the RLS policy for the primary object to create an updated RLS policy; and extending the updated RLS policy to the child object (Subramanian, paragraph 0105, “As a security measure, policy information is preferably maintained or modified only by appropriately authorized administrators.  When an administrator changes a policy, it is preferably immediately updated and propagated, e.g., to the relevant database tables at which the policies are stored.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Subramanian with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include further comprising: receiving a request to update the RLS policy; updating the RLS policy for the primary object to create an updated RLS policy; and extending the updated RLS policy to the child object.
One would have been motivated to provide users with the benefits of prefabricating information in a computer system (Subramanian: paragraph 0001).
Regarding claim 18, Dolan, Gass, and Appala disclose the system of claim 12.
Dolan, Gass, and Appala do not explicitly disclose wherein the RLS policy creator is further configured to: receive a request to update the RLS policy; and update the RLS policy for the primary object to create an updated RLS policy, and wherein the RLS policy extender is further configured to: extend the updated RLS policy to the child object.
However, in an analogous art, Subramanian discloses wherein the RLS policy creator is further configured to: receive a request to update the RLS policy; and update the RLS policy for the primary object to create an updated RLS policy, and wherein the RLS policy extender is further configured to: extend the updated RLS policy to the child object  (Subramanian, paragraph 0105, “As a security measure, policy information is preferably maintained or modified only by appropriately authorized administrators.  When an administrator changes a policy, it is preferably immediately updated and propagated, e.g., to the relevant database tables at which the policies are stored.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Subramanian with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein the RLS policy creator is further configured to: receive a request to update the RLS policy; and update the RLS policy for the primary object to create an updated RLS policy, and wherein the RLS policy extender is further configured to: extend the updated RLS policy to the child object  .
One would have been motivated to provide users with the benefits of prefabricating information in a computer system  (Subramanian: paragraph 0001).

Claims 10 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, Appala (US20190215303), filed January 10, 2018, and Chandrasekaran (US20060004689), filed December 29, 2004, and further in view of Subramanian (US20020194211), filed May 31, 2001.
Regarding claim 10, Dolan, Gass, Appala, and Chandrasekaran disclose the method of claim 8.
Dolan, Gass, Appala, and Chandrasekaran do not explicitly disclose further comprising: receiving a request to update the RLS policy; updating the RLS policy for the primary object to create an updated RLS policy; and extending the updated RLS policy to the parent object.
However, in an analogous art, Subramanian discloses further comprising: receiving a request to update the RLS policy; updating the RLS policy for the primary object to create an updated RLS policy; and extending the updated RLS policy to the parent object (Subramanian, paragraph 0105, “As a security measure, policy information is preferably maintained or modified only by appropriately authorized administrators.  When an administrator changes a policy, it is preferably immediately updated and propagated, e.g., to the relevant database tables at which the policies are stored.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Subramanian with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, Appala, and Chandrasekaran to include further comprising: receiving a request to update the RLS policy; updating the RLS policy for the primary object to create an updated RLS policy; and extending the updated RLS policy to the parent object.
One would have been motivated to provide users with the benefits of prefabricating information in a computer system  (Subramanian: paragraph 0001).

Regarding claim 19, Dolan, Gass, Appala, and Chandrasekaran disclose the system of claim 17.
Dolan, Gass, Appala, and Chandrasekaran do not explicitly disclose wherein the RLS policy creator is further configured to: receive a request to update the RLS policy; and update the RLS policy for the primary object to create an updated RLS policy, and wherein the RLS policy extender is further configured to: extend the updated RLS policy to the parent object.
However, in an analogous art, Subramanian discloses wherein the RLS policy creator is further configured to: receive a request to update the RLS policy; and update the RLS policy for the primary object to create an updated RLS policy, and wherein the RLS policy extender is further configured to: extend the updated RLS policy to the parent object (Subramanian, paragraph 0105, “As a security measure, policy information is preferably maintained or modified only by appropriately authorized administrators.  When an administrator changes a policy, it is preferably immediately updated and propagated, e.g., to the relevant database tables at which the policies are stored.”).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Subramanian with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, Appala, and Chandrasekaran to include wherein the RLS policy creator is further configured to: receive a request to update the RLS policy; and update the RLS policy for the primary object to create an updated RLS policy, and wherein the RLS policy extender is further configured to: extend the updated RLS policy to the parent object.
One would have been motivated to provide users with the benefits of prefabricating information in a computer system  (Subramanian: paragraph 0001).






Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Dolan (US20090103916), filed October 18, 2007, in view of Gass (US20080235231), filed March 24, 2008, and Appala (US20190215303), filed January 10, 2018, and further in view of Pourheidari (US20040243613), filed May 30, 2003.
Regarding claim 11, Dolan, Gass, and Appala disclose the method of claim 1.
Dolan, Gass, and Appala do not explicitly disclose wherein invalid child relationships include child relationships that are forbidden, circular, or duplicative.
However in an analogous art, Pourheidari discloses wherein invalid child relationships include child relationships that are forbidden, circular, or duplicative (Pourheidari, paragraph 0078, “If one of the extra relationships between a pair of resources (i.e., the source of one relationship matches the target of the other relationship and vice versa) is a containment relationship, then remove the other relationship in step 1418.  As a final default relationship removal rule, if none of the above rules in steps 1410-1418 apply for circumstances where a pair of resources has more than one relationship, then remove the second relationship encountered in the Object/Relationship Data Store 116 as being an extra relationship between the pair of resources.  In each of the relationship removal steps of 1410-1420, if more than two relationships qualifying under the rules for a particular removal step exist between two resources, the removal step can be performed iteratively to remove all extraneous, duplicate, or conflicting relationships between each pair of resources.  This iterative process can be performed at each step 1410-1420, or, alternately, the entire sequence of steps 1410-1420 can be processed iteratively until all extraneous, duplicate, or conflicting relationships have been removed for each resource.”)

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Pourheidari with the method/ system/ non-transitory, computer-readable medium of Dolan, Gass, and Appala to include wherein invalid child relationships include child relationships that are forbidden, circular, or duplicative.
One would have been motivated to provide users with the benefits of creating a custom view of select information from a managed data store (Pourheidari: paragraph 0004).


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to WALTER J MALINOWSKI whose telephone number is (571)272-5368. The examiner can normally be reached 8-6:30 MTWH.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, LUU PHAM can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/W.J.M/Examiner, Art Unit 2439         



/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439