Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 7/5/2022. Claims 1-20 are pending.

Response to Arguments
Regarding the 101 rejection, the amendments to claims 16-20 overcome the rejection, the rejection is withdrawn.
Regarding the prior art rejection, Applicant argues:
(1) Viswanathan does not teach or suggest but rather teaches away from “updating the access request to exclude any metric indicated in the metric access security policy as excluded according to the identifier”, as recited in independent claims 1, 12 and 16. Applicant alleges “that the rejection of the claims is improper as the rejection of Claims 1-10, 12-14, and 16-20 does not satisfy the requirements of a prima facie case of obviousness as claim embodiments are not taught or suggested by the asserted art”.  
The examiner respectfully disagrees: 
Viswanathan discloses controlling time series on a group basis;  Viswanathan also discloses access control rules specific to what services, applications, users or entities are allowed to read or write certain time series data within a group; for instance a first  user may be allowed to read two different types of time series while a second user is allowed to only access one type of time series ... ([0028][0038]), Viswanathan explicitly teaches type of data restricted for tenants, leading to a fine-grained access control system, the access using structured query language (SQL) ([0058]). 
Viswanathan does not provide details on the procedural code needed to access the database, particularly when some data is restricted.  Khanduja intervenes at a “lower level” to implement the query received to access data from the database i.e by reconstructing the query to effectively exclude restricted data according to policies. It is noted both Viswanathan and Khanduja are concerned by delivering access to requested data in conformity with policies. Modifying Viswanathan by Khanduja teaches how to implement efficiently the access control rules, and grant only what is allowed, at the procedural language level. Viswanathan is not adversely impacted by combining its teachings with those of Khanduja, and does not teach away from the “updating the request ...” limitation, and suggests implementing fine grained access control as taught by Khanduja.

(2) Applicant also affirms “Khanduja does not overcome the shortcomings of Viswanathan ... there is no ability to increase the granularity of data accessible by modifying an access policy, as asserted. Furthermore, Applicants submit that there is no teaching or suggestion as to how to modify the system of Viswanathan to perform such request modification”.

The examiner respectfully disagrees, Khanduja allows analyzing fine-grained access policies and modifying a query to exclude restricted data as specified in the policies. Therefore Khanduja teaches updating the access request to exclude any metric indicated in the metric access security policy as excluded”. PL/SQL is known to be a very secure functionality tool for manipulating, controlling, validating, and restricting unauthorized access data from the SQL database.
The examiner reminds that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). In the present case, accessing data partially restricted, controlled by fine-grained policies, using SQL to access the database as taught by Viswanathan, may be effectively implemented by reconstructing the query to exclude the restricted data, as taught by Khanduja, in order to streamline the data delivery.

Therefore, the rejection is proposer contrary to Applicant’s arguments and is being maintained.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 6/15/2022 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-10,12-14 and 16-20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20190197246 to Viswanathan et al., hereinafter Wisawnathan, in view of US 20210097194 to Khanduja et al., hereinafter Khanduja.
Regarding claim 1, Viswanathan discloses 
A method for secure access to metrics of time series data, the method comprising: receiving an access request for accessing at least one metric of time series data, the access request comprising an identifier ([0035] receive request from a tenant to access timeseries of a metric, [0029], Fig. 3: policies for group of time series mapped to containers (tenants accounts) identifiers, requested data can be restricted per type ([0028])); validating the access request against a metric access security policy according to the identifier ; and returning results of the access request ([0036][0036]: look up policies to allow/deny the request, the policies for group of time series mapped to containers (tenants accounts) identifiers ([0029], Fig. 3, meaning implicitly the requestor or tenant is identified in the request).  
Viswanathan discloses restricting data for a tenant based on the data type, time ... ([0028][0038]), leading to a fine-grained access control, and using SQL to implement queries ([0058]), but does not detail the processing of the queries. Viswanathan does not explicitly teach updating the access request to exclude any metric indicated in the metric access security policy as excluded according to the identifier. In an analogous art, Khanduja discloses receiving a data request from a user in a procedural language code block (query) e.g PL/SQL ([0025]), retrieving from a policy engine, access control policies for the user based on the user identification ([0026]), validating the access request against a metric access security policy according to the identifier ([0027] evaluate the request against the policies for the user), updating the access request to exclude any metric indicated in the metric access security policy as excluded according to the identifier and returning results of the access request ([0028][0031] modify the query to generate a reconstructed query that requests only data elements that are permitted by the access control policy settings for the user i.e exclude restricted elements from the query, provide the permitted data to the user).
It would have been obvious to a skilled artisan before the instant application was effectively filed to update the access request as taught by Khanduja because it would ensure “fine-grained security rules and policies “([0009]) and allow the user to be provided “an at least partially responsive answer to the query, without accessing the restricted database elements” ([0022]). 
Regarding claim 2, Viswanathan in view of Khanduja discloses the method of Claim 1, wherein the access request comprises a request for displaying a plurality of metrics (Viswanathan [0002] graph view of metrics such as processor utilization, service runtime, network latency ...)
Regarding claim 3, Viswanathan in view of Khanduja discloses the method of Claim 1, wherein the access request comprises a query request for accessing the at least one metric of time series data (Viswanathan [0035: request to obtain network latency).
Regarding claim 4, Viswanathan in view of Khanduja discloses the method of Claim 3, further comprising: generating a query plan for accessing the at least one metric of time series data from at least one time series database based on the query request (Khanduja [0031][0034]: analyze the query code blocks to generate tokens, tag tables and columns using predefined metatada or procedures).
Regarding claim 5, Viswanathan in view of Khanduja discloses the method of Claim 4, wherein the validating the access request against the metric access security policy according to the identifier comprises: validating the query plan against the metric access security policy according to the identifier (Khanduja [0041]-[0043]: determine whether the user can receive at least a portion of the requested elements based on the reconstructed query, user identification being identified in the request [0040])).  
Regarding claim 6, Viswanathan in view of Khanduja discloses the method of Claim 5, wherein the updating the access request to exclude any metric indicated in the metric access security policy as excluded according to the identifier comprises: updating the query plan to exclude any metric indicated in the metric access security policy as excluded according to the identifier (Khanduja [0031]: remove non-permitted elements from the query,   Viswanathan [0035] the query being a query to access a metric).
Regarding claim 7, Viswanathan in view of Khanduja discloses the method of Claim 6, further comprising: executing the query plan against the at least one time series database (Khanduja [0042] execute the reconstructed query against the database, where the database is a time series database of a metric (Viswanathan, [0017]).
Regarding claim 8, Viswanathan in view of Khanduja discloses the method of Claim 7, wherein the returning results of the access request comprises: returning the results of the query plan (Khanduja [0042]).
Regarding claim 9, Viswanathan in view of Khanduja discloses the method of Claim 1, wherein the results comprise key value pairs from at least one time series database (Viswanathan [0020][0024]: time stamps and associated values constitute key value pairs for different metrics; request to obtain a particular value at a particular timestamp for a metric).
Regarding claim 10, Viswanathan in view of Khanduja discloses the method of Claim 1, wherein the identifier comprises at least one of: an account, a role, and a group (Viswanathan [0029] container identifiers, the container corresponding to a tenant account ([0018]).

Claims 12 and 16 recite substantially the same content as claim 1 and are rejected by the same rationales as claim 1.
Claim 13 recites substantially the same content as claim 9 and is rejected by the same rationales as claim 9.
Claim 14 recites substantially the same content as claim 10 and is rejected by the same rationales as claim 10.
Claim 17 recites substantially the same content as claim 2 and is rejected by the same rationales as claim 2.
Claim 18 recites substantially the same content as claim 3 and is rejected by the same rationales as claim 3.
Claim 19 recites substantially the same content as claims 4-6, and is rejected by the same rationales as claim 4-6.
Claim 20 recites substantially the same content as claims 7-8, and is rejected by the same rationales as claim 7-8.

Claims 11 and 15 are rejected under 35 USC 103 as being unpatentable over Viswanathan in view of Khanduja and further view of US 10740287 to Haviv et al., hereinafter Haviv.
Regarding claim 11, Viswanathan in view of Khanduja discloses the method of Claim 1, but does not explicitly teach the rest of the limitations.
In an analogous art, Haviv discloses storing data objects (events streams, files, time series data ...) related to network source, attributes ... in a database, associated with policies (col.6:49-65). Haviv discloses wherein the metric access security policy comprises a prioritized list of rules for accessing metrics from at least one time series database, wherein the security policies are enforced according to an order of the prioritized list.  (col. 6:13-31: policy consists of a set of match/action rules, ordered according to the priority of each rule, when 2 rules conflict the one with higher priority is used). It would have been obvious to a skilled artisan before the instant application was effectively filed to prioritize rules for accessing metrics as taught by Haviv because it would allow flexibility and granular control compared to the common practice, “Having a flexible and software defined policy may provide for managing of shared data especially when addressing distributed, dynamic and large scale environments, with a variety of workloads each requiring different services” (Haviv 27-31).
Claim 11 recites substantially the same content as claim 11 and is rejected by the same rationales as claim 11.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Guisado 20190220533 discloses storing data in a database comprising a plurality of tables, receiving a query including an identifier associated with a first table, , reconstructing by at least replacing a first identifier with a second identifier associated with the second database table, executing by at least sending, to the database, the reconstructed database query.
Libow et al 20180218019 disclose receiving a request for data over a time period, triggering the execution of a SQL query that combines information in the time stamp table and the fact table to reconstruct the field values of all messages received during the time period.
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        8/22/2022