DETAIL ACTION
	Claims 1, 3, 5-7, 9, 11-13, 15 and 17-23 are allowed in this Office Action 
(Re-number 1-17).
EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Lawrence M. Lau (Reg. # 60,833) on August 9, 2022.
The application has been amended as follows:
Claims 1, 7 and 13 are amended.
Claims 2, 8 and 14 are cancelled.
AMENDMENTS TO THE CLAIM
1. (Currently Amended) A method comprising:
creating, by a data protection application, a plurality of backups for a plurality of assets, wherein each asset is mapped in a directory service to one or more asset owners, and the directory service is separate from the data protection application, wherein the directory service is a lightweight directory access protocol (LDAP) directory service of an organization, the mapping of an asset is stored within LDAP objects of the LDAP directory service, the LDAP objects correspond to users and user groups of the organization, and the mapping in an LDAP object comprises an identifier for the asset and a level of access granted to the LDAP object on backups of the asset;
receiving, at the data protection application, a search query from a user seeking to search the backups;
consulting, by the data protection application, the directory service to identify assets having the user as an asset owner;
generating a search filter comprising a list of the identified assets;
applying the search filter to the search query to exclude from a search result backups of assets not having the user as the asset owner; and
returning the search result to the user, the search result thereby comprising backups of assets having the user as an asset owner and excluding other backups of other assets not having the user as the asset owner, wherein consulting the directory service comprises:
retrieving from the directory service a first list comprising first identifications of assets that have been mapped to an LDAP user object representing the user;
querying the directory service to identify LDAP group objects representing groups having the user as a member;
retrieving from the directory service for each identified LDAP group second identifications of assets that have been mapped to an LDAP group object representing a group having the user as a member; and
combining the first and second identifications of assets to form the list of identified assets for the search filter.
2. (Canceled) The method of claim 1 wherein consulting the directory service comprises:
retrieving from the directory service a first list comprising first identifications of assets that have been mapped to an LDAP user object representing the user;
querying the directory service to identify LDAP group objects representing groups having the user as a member;
retrieving from the directory service for each identified LDAP group second identifications of assets that have been mapped to an LDAP group object representing a group having the user as a member; and
combining the first and second identifications of assets to form the list of identified assets for the search filter.
3. (Previously Presented) The method of claim 1 further comprising:
enforcing, by the data protection application, the level of access granted to the LDAP object in the LDAP directory service on backups of the asset.
4. (Canceled) The method of claim 1 wherein each asset is mapped to one or more objects managed by the directory service, the one or more objects comprise at least one of a user object or a group object,
wherein each of the one or more objects comprises an asset owner field comprising a first value, and a second value,
wherein the first value in the asset owner field of an object comprises an identification of an asset to be mapped to the object, and
wherein the second value in the asset owner field of the object comprises an identification of a level of access the object should have on backups of the asset.
5. (Original) The method of claim 1 wherein each asset comprises a plurality of items backed up and indexed by the data protection application.
6. (Original) The method of claim 1 wherein mappings of the assets to the one or more asset owners are stored by the directory service, and the backups of the assets are stored by the data protection application. 
7. (Currently Amended) A system comprising: a processor; and memory configured to store one or more sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of:
creating, by a data protection application, a plurality of backups for a plurality of assets, wherein each asset is mapped in a directory service to one or more asset owners, and the directory service is separate from the data protection application, wherein the directory service is a lightweight directory access protocol (LDAP) directory service of an organization, the mapping of an asset is stored within LDAP objects of the LDAP directory service, the LDAP objects correspond to users and user groups of the organization, and the mapping in an LDAP object comprises an identifier for the asset and a level of access granted to the LDAP object on backups of the asset;
receiving, at the data protection application, a search query from a user seeking to search the backups;
consulting, by the data protection application, the directory service to identify assets having the user as an asset owner;
generating a search filter comprising a list of the identified assets;
applying the search filter to the search query to exclude from a search result backups of assets not having the user as the asset owner; and
returning the search result to the user, the search result thereby comprising backups of assets having the user as an asset owner and excluding other backups of other assets not having the user as the asset owner, wherein the consulting the directory service comprises:
retrieving from the directory service a first list comprising first identifications of assets that have been mapped to an LDAP user object representing the user;
querying the directory service to identify LDAP group objects representing groups having the user as a member;
retrieving from the directory service for each identified LDAP group second identifications of assets that have been mapped to an LDAP group object representing a group having the user as a member; and
combining the first and second identifications of assets to form the list of identified assets for the search filter.
8. (Canceled) The system of claim 7 wherein the consulting the directory service comprises:
retrieving from the directory service a first list comprising first identifications of assets that have been mapped to an LDAP user object representing the user;
querying the directory service to identify LDAP group objects representing groups having the user as a member;
retrieving from the directory service for each identified LDAP group second identifications of assets that have been mapped to an LDAP group object representing a group having the user as a member; and
combining the first and second identifications of assets to form the list of identified assets for the search filter.
9. (Previously Presented) The system of claim 7 wherein the processor further carries out the steps of:
enforcing, by the data protection application, the level of access granted to the LDAP object in the LDAP directory service on backups of the asset.
10. (Canceled) The system of claim 7 wherein each asset is mapped to one or more objects managed by the directory service, the one or more objects comprise at least one of a user object or a group object,
wherein each of the one or more objects comprises an asset owner field comprising a first value, and a second value,
wherein the first value in the asset owner field of an object comprises an identification of an asset to be mapped to the object, and
wherein the second value in the asset owner field of the object comprises an identification of a level of access the object should have on backups of the asset.
11. (Original) The system of claim 7 wherein each asset comprises a plurality of items backed up and indexed by the data protection application.
12. (Original) The system of claim 7 wherein mappings of the assets to the one or more asset owners are stored by the directory service, and the backups of the assets are stored by the data protection application.
13. (Currently Amended) A computer program product, comprising a non-transitory computer-readable medium having a computer-readable program code embodied therein, the computer-readable program code adapted to be executed by one or more processors to implement a method comprising:
creating, by a data protection application, a plurality of backups for a plurality of assets, wherein each asset is mapped in a directory service to one or more asset owners, and the directory service is separate from the data protection application, wherein the directory service is a lightweight directory access protocol (LDAP) directory service of an organization, the mapping of an asset is stored within LDAP objects of the LDAP directory service, the LDAP objects correspond to users and user groups of the organization, and the mapping in an LDAP object comprises an identifier for the asset and a level of access granted to the LDAP object on backups of the asset;
receiving, at the data protection application, a search query from a user seeking to search the backups;
consulting, by the data protection application, the directory service to identify assets having the user as an asset owner;
generating a search filter comprising a list of the identified assets;
applying the search filter to the search query to exclude from a search result backups of assets not having the user as the asset owner; and
returning the search result to the user, the search result thereby comprising backups of assets having the user as an asset owner and excluding other backups of other assets not having the user as the asset owner, wherein the consulting the directory service comprises:
retrieving from the directory service a first list comprising first identifications of assets that have been mapped to an LDAP user object representing the user;
querying the directory service to identify LDAP group objects representing groups having the user as a member;
retrieving from the directory service for each identified LDAP group second identifications of assets that have been mapped to an LDAP group object representing a group having the user as a member; and
combining the first and second identifications of assets to form the list of identified assets for the search filter.
14. (Canceled) The computer program product of claim 13 wherein the consulting the directory service comprises:
retrieving from the directory service a first list comprising first identifications of assets that have been mapped to an LDAP user object representing the user;
querying the directory service to identify LDAP group objects representing groups having the user as a member;
retrieving from the directory service for each identified LDAP group second identifications of assets that have been mapped to an LDAP group object representing a group having the user as a member; and
combining the first and second identifications of assets to form the list of identified assets for the search filter.
15. (Previously Presented) The computer program product of claim 13 wherein the method further comprises:
enforcing, by the data protection application, the level of access granted to the LDAP object in the LDAP directory service on backups of the asset.
16. (Canceled) The computer program product of claim 13 wherein each asset is mapped to one or more objects managed by the directory service, the one or more objects comprise at least one of a user object or a group object,
wherein each of the one or more objects comprises an asset owner field comprising a first value, and a second value,
wherein the first value in the asset owner field of an object comprises an identification of an asset to be mapped to the object, and
wherein the second value in the asset owner field of the object comprises an identification of a level of access the object should have on backups of the asset.
17. (Original) The computer program product of claim 13 wherein each asset comprises a plurality of items backed up and indexed by the data protection application.
18. (Original) The computer program product of claim 13 wherein mappings of the assets to the one or more asset owners are stored by the directory service, and the backups of the assets are stored by the data protection application.
19. (Previously Presented) The method of claim 1 wherein the level of access in the LDAP object indicates whether the LDAP object is permitted to restore a backup of the asset.
20. (Previously Presented) The method of claim 1 wherein the identifier for the asset comprises an Internet Protocol (IP) address, the level of access granted to the LDAP object on backups of the asset thereby applying to all items backed up from the IP address. 
21. (Previously Presented) The method of claim 1 wherein the level of access comprises a first level of access that allows the LDAP object to view metadata of items in the backups of the asset, a second level of access that allows the LDAP object to view text content of the items in the backups of the asset, or a third level of access that allows the LDAP object to restore the backups of the asset.
22. (Previously Presented) The system of claim 7 wherein the LDAP directory service is an active directory managed by a network administrator of the organization.
23. (Previously Presented) The computer program product of claim 13 wherein the level of access in the LDAP object indicates whether the LDAP object is permitted to restore a backup of the asset.



Reasons for Allowance
The following is an examiner’s statement of reasons for allowance:  The Examiner has considered applicant’s remarks/arguments June 29, 2022 (pages 8-12), regarding the features of claims 1, 7 and 13, the claimed features “the directory service is a lightweight directory access protocol (LDAP) directory service of an organization, the mapping of an asset is stored within LDAP objects of the LDAP directory service, the LDAP objects correspond to users and user groups of the organization, and the mapping in an LDAP object comprises an identifier for the asset and a level of access granted to the LDAP object on backups of the asset”, “retrieving from the directory service a first list comprising first identifications of assets that have been mapped to an LDAP user object representing the user; 2Applicant: James, Morton, et al. U.S.S.N.:16/909,263 Filing Date: June 23, 2020 Docket No.: 118880.01 (DL1.290U) querying the directory service to identify LDAP group objects representing groups having the user as a member; retrieving from the directory service for each identified LDAP group second identifications of assets that have been mapped to an LDAP group object representing a group having the user as a member; and combining the first and second identifications of assets to form the list of identified assets for the search filter”,  and in conjunction with other elements of the independent claims would not found anticipated or obvious over the prior art made of record. 
The prior art, Dawson et al. (US 2009/0313626) directed to protecting enterprise data assets; Ensuring that recovery operations for enterprise data assets meet a required recovery time objective (RTO) or recovery point objective (RPO) and provided for estimating a recovery time for a data asset. The illustrative embodiments receive a request to project a recovery time for a data asset that uses a repository. The illustrative embodiments determine if there are one or more existing recovery times for other data assets and other repositories that have characteristics similar to the data asset and the repository of the request. Responsive to an existence of the one or more existing recovery times, the illustrative embodiments project the recovery time for the data asset using the one or more existing recovery times.
The prior art, Kumar (US 2005/0028008) directed to a system for accessing digital assets. The system includes an access control mechanism that permits specification of one of a number of kinds of access by a particular user to a particular asset. The access control mechanism permits determination of what assets a given user may access quickly enough so that the determination may be made every time a user performs an operation on an asset. The user interface for the system is thus able to show a given user only those assets to which the user currently has access. The assets have owners and the assets belonging to an owner are organized into a hierarchy belonging to the owner. The owner of an asset may give other users access to individual assets. Such assets are termed shared assets. Once a user has logged onto the system, the user can access his own assets and those that have been shared with him without further credentials. When a user has access to a shared asset, the user interface for the system shows only that portion of the owner's hierarchy which is necessary for the user to reach the shared asset. The user interface further indicates whether a user has seen an asset since the user was given access to it.
The prior art, Camarasa et al. (US 2018/0011461) directed to a system provides multiple user accounts per premises for customers of the service. Users can organize or group the assets in a logical fashion that suits the job function or task goals of the users of each account type. For this purpose, the users assign ownership of each asset to a specific user account and then share access to the asset across other user accounts.
The prior art, Tandon (US 8,429,708) directed to a method and system is provided for assessing the cumulative set of access entitlements to which an entity, of an information system, may be implicitly or explicitly authorized, by virtue of the universe of authorization intent specifications that exist across that information system, or a specified subset thereof, that specify access for that entity or for any entity collectives with which that entity may be directly or transitively affiliated. The effective system-level access granted to the user based upon operating system rules or according to access check methodologies is determined and mapped to administrative tasks to arrive at the cumulative set of access entitlements authorized for the user. 
The resulting of combining references would still fail to disclose the above limitations. After a further search and a thorough examination of the present application and in light of the prior arts made of record, claims are allowed.
	Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance.”
CONTACT INFORMATION
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Thuy (Tiffany) Bui whose telephone number is (571)270-3423. The examiner can normally be reached on Mon - Fri 7:00-3:30 EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alford Kindred can be reached on (571)272-4037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Tiffany Thuy Bui/
Examiner, Art Unit 2153



/ALFORD W KINDRED/Supervisory Patent Examiner, Art Unit 2153