DETAILED ACTION
In response to communication filed on 7 January 2021, this is the first Office Action of the merits. Claims 1-22 are pending.
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 1, 6, 8-10, 13, 18, 19 and 21 are objected to because of the following informalities:  
Claim 1 recites “registering a security driver to receive database requests generated by an application compatible with a database driver, the security driver obtaining a database request” should read as -- registering a security driver to receive a database request generated by an application compatible with a database driver, the security driver obtaining -the database request -- as it appears to be a typographical and may cause antecedent basis issue.
Claim 1 also recites “to read from the portion of data without excluding values to read from another portion of data” should read as -- to read from the portion of data without excluding values to read from the another portion of data-- and recites “to exclude values read from the portion of data without excluding values read from another portion of data” should read as -- to exclude values read from the portion of data without excluding values read from the another portion of data --  as it appears to be a typographical and may cause antecedent basis issue.
Claim 6 recites “the value to be written to field” should read as --the value to be written to the field-- as it appears to be a typographical and may cause antecedent basis issue. 
Claims 8-10 also recites “another portion of data” should read as -- the another portion of data --  as it appears to be a typographical and may cause antecedent basis issue.
Claim 13 recites “wherein another driver” should read as -- wherein the another driver -- as it appears to be a typographical and may cause antecedent basis issue
Claim 18 recites “some of the keys correspond to user or client device identifiers and corresponding permission values indicate respective access designations” should read as -- some of the keys correspond to user or client device identifiers and corresponding permission values indicate the respective access designations -- as it appears to be a typographical and may cause antecedent basis issue. 
Claim 19 recites “an identifier of restricted information” should read as -- an identifier of the portion of restricted information-- and “the restricted information” should read as – the portion of restricted information-- as it appears to be a typographical and may cause antecedent basis issue. 
Claim 21 recites “responsive to a database request” should read as -- responsive to the database request -- as it appears to be a typographical and may cause antecedent basis issue.
Appropriate corrections are required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-4, 6-7, 11-17 and 20-22  are rejected under 35 U.S.C. 103 as being unpatentable over Goldfarb et al. (US 2017/0364698 A1, hereinafter “Goldfarb”) in view of Kawai et al. (US 2018/0267905 A1, hereinafter “Kawai”). 

Regarding claim 1, Goldfarb teaches
A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors effectuate operations comprising: (see Goldfarb, [0272] “The functionality described herein may be provided by one or more processors of one or more computers executing code stored on a tangible, non-transitory, machine readable medium”).  
registering a security driver (see Goldfarb, [0195] “the process 200 includes registering a security driver that wraps a database driver, as indicated by block 202”) to receive database requests generated by an application compatible with a database driver, the security driver obtaining a database request generated by the application; (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted”).
detecting, by the security driver, a user agent string appended to the database request, the user agent string including at least one identifier indicative of a user of the application; (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information). 
obtaining, by the security driver, a policy (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) by which access to a portion of data within a database arrangement by the application is governed for different users to permit at least one user access to the portion of data and (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”) deny at least computing device access to the portion of data; (see Goldfarb, [page31 col2] “a first computing device to store a first subset of segments among the plurality of segments in memory; instructing, with one or more processors, via a network, a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0006] “a first subset of the fields, the first subset of fields being designated as higher-security fields than a second subset of fields among the plurality of fields… a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”). 
determining, by the security driver, based on the obtained policy and (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) the identifier included in the user agent string, (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information) whether the user of the application or the client executing the application is permitted access to the portion of data; (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0133] “may classify values as higher or lower security… the security driver 30 may include a table that maps table/field combinations to security designations, for example, binary values indicating whether the values are lower or higher security values… credit card information like a credit card number may be a higher-security value, while a ZIP Code in a mailing address may be a lower-security value”).
determining, by the security driver, based on the obtained policy and (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) the database request, whether the database request indicates (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted”) access of the portion of the data; (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information). 
the user of the application or the client executing the application is denied access to the portion of data (see Goldfarb, [page31 col2] “a first computing device to store a first subset of segments among the plurality of segments in memory; instructing, with one or more processors, via a network, a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0006] “a first subset of the fields, the first subset of fields being designated as higher-security fields than a second subset of fields among the plurality of fields… a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”) and the database request indicates (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted”) access of the portion of data, (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information) modifying, by the security driver, for the database request (see Goldfarb, [0053] “the security driver 30 may wrap an application program interface of the database driver 32, such that the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those requests, and in some cases modifies those requests, and then provides the request in some cases with modifications to the database driver 32”).
returning, by the security driver, to the application responsive to the database request, a database response being based on the modification and compatible with the application (see Goldfarb, [0150] “the query response may be received by the database driver 32, which may then send the query response to the application 28. This response may be intercepted by the security driver 30 and modified by the security driver 30 before it is provided to the application 28”). 
Goldfarb does not explicitly teach in response to determining that the user of the application or the client executing the application is denied access to the portion of data, modifying the database request to deny access to the portion of data, at least one of: a write to exclude values to write within the portion of data without excluding values to write within another portion of data within the database arrangement.
However, Kawai discloses access requests to a portion of memory and also teaches 
in response to determining that access is denied, prevented or blocked (see Kawai, [0067] “the hardware-based memory protection response operation may include a procedure to disallow (e.g., deny, prevent, block) read-access, write-access, or both read and write access to the first portion of the memory component”) to deny access to the portion of data, at least one of: (see Kawai, [0067] “the hardware-based memory protection response operation may include a procedure to disallow (e.g., deny, prevent, block) read-access, write-access, or both read and write access to the first portion of the memory component”).
a write to exclude values to write within the portion of data without excluding values to write within another portion of data within the database arrangement, (see Kawai, [0065] “managing may include using the processor hardware memory management engine to determine to grant access to one or more portions of the memory component by a user process… granting access may include allowing the user process or the kernel process to have read-access (e.g., permission to view the contents of portions of the memory component) or write-access (e.g., permission to edit or modify the contents of portions of the memory component) to one or more portions of the memory component… to determine to deny access to one or more portions of the memory component by a user process or a kernel process based on a mismatch between the first candidate access identifier and the first access identifier… processes that are denied from having access to the memory component may be prevented from having read-access or write-access to one or more portions of the memory component”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of determining if access is denied then exclude writing in a specific portion and writing in a specific portion, modifying the portion of restricted and unrestricted information as being taught and disclosed by Kawai, in the system taught by Goldfarb to yield the predictable results of providing performance or efficiency benefits for memory protection management along with saving resources (see Kawai, [0086] “may provide performance or efficiency benefits for hardware-based memory protection management. Altogether, leveraging usage of storage protection keys with respect to container-based virtualization environment may be associated with benefits including data security, memory accessibility, and operational performance. Aspects may save resources such as bandwidth, disk, processing, or memory”).

Regarding claim 11, Goldfarb teaches
A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors effectuate operations comprising: (see Goldfarb, [0272] “may be provided by one or more processors of one or more computers executing code stored on a tangible, non-transitory, machine readable medium”). 
obtaining, by a driver of a client executing an application, a database request generated by the application executing on the client; (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted”; [0194] “by registering the process in the operating system of the client computing device to appear to be the database driver that the workload application is configured to access and then wrapping an application program interface of the original database driver with the operations”). 
detecting, by the driver, at least one value indicative of a user of the application that generated the database request; (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information). 
obtaining, by the driver, policy information (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) conveying permissions to access information in at least some records within a database arrangement for some users; (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”).
determining, by the driver, based on the permissions and the detected value, (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”) whether the user of the application is requesting access to a portion of restricted information from one or more records within the database arrangement among a set of records implicated by the database request; (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0133] “may classify values as higher or lower security… the security driver 30 may include a table that maps table/field combinations to security designations, for example, binary values indicating whether the values are lower or higher security values… credit card information like a credit card number may be a higher-security value, while a ZIP Code in a mailing address may be a lower-security value”; [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted”).
obtaining, by the driver, information in records in the set of records implicated by the database request by conveying one or more requests for the information to the database arrangement; (see Goldfarb, [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.”).
identifying, by the driver, (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) based on the permissions, the portion of restricted information within the obtained information; (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information).
and providing, by the driver, to the application responsive to the database request, a database response including (see Goldfarb, [0031] “to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”; [0078] “when data is written to the database or read from the database… or read from specific fields of the elements”; [0029] “workload application through which the data is accessed (e.g., read or written)”; [0078] “read from specific fields of the elements”) the at least some other portion of the obtained information (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”).
Goldfarb does not explicitly teach modifying, by the driver, the portion of restricted information without modifying at least some other portion of the obtained information;
However, Kawai discloses access requests to a portion of memory and also teaches 
modifying, by the driver, the portion of restricted information without modifying at least some other portion of the obtained information; and (see Kawai, [0070] “disallowance operation may include modifying a set of access permissions for the first portion of the memory component to prevent access by the user process or kernel process that provided the first candidate access identifier… the user process or kernel process may be prevented from performing read-operations or write-operations with respect to the first portion of the memory component” – it modifies portion of the restricted information and does not modify other portion of information).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of modifying the portion of restricted and unrestricted information as being taught and disclosed by Kawai, in the system taught by Goldfarb to yield the predictable results of providing performance or efficiency benefits for memory protection management along with saving resources (see Kawai, [0086] “may provide performance or efficiency benefits for hardware-based memory protection management. Altogether, leveraging usage of storage protection keys with respect to container-based virtualization environment may be associated with benefits including data security, memory accessibility, and operational performance. Aspects may save resources such as bandwidth, disk, processing, or memory”).

Regarding claim 16, Goldfarb teaches
A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors effectuate operations comprising: (see Goldfarb, [0272] “may be provided by one or more processors of one or more computers executing code stored on a tangible, non-transitory, machine readable medium”).
obtaining a database request generated by an application executing on a client computing device; (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted”; [0194] “by registering the process in the operating system of the client computing device to appear to be the database driver that the workload application is configured to access and then wrapping an application program interface of the original database driver with the operations”).
detecting at least one value indicative of a user of the application that generated the database request; (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information).
obtaining policy information (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) conveying permissions to access information in at least some records within a database arrangement for some users; (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”).
determining, based on the permissions and the value, (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”) whether the user of the application is requesting access to a portion of restricted information from one or more records within the database arrangement among a set of records implicated by the database request; (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0133] “may classify values as higher or lower security… the security driver 30 may include a table that maps table/field combinations to security designations, for example, binary values indicating whether the values are lower or higher security values… credit card information like a credit card number may be a higher-security value, while a ZIP Code in a mailing address may be a lower-security value”; [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted”).
conveying one or more requests for the information in records in the set of records implicated by the database request to the database arrangement; (see Goldfarb, [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.”).
and providing, to the application responsive to the database request, (see Goldfarb, [0031] “to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”; [0078] “when data is written to the database or read from the database… or read from specific fields of the elements”; [0029] “workload application through which the data is accessed (e.g., read or written)”; [0078] “read from specific fields of the elements”) a modified database response based on the one or more database responses and the modifying, the modified database response including the unrestricted information (see Goldfarb, [0150] “the query response may be received by the database driver 32, which may then send the query response to the application 28. This response may be intercepted by the security driver 30 and modified by the security driver 30 before it is provided to the application 28”).
Goldfarb does not explicitly teach modifying the portion of restricted information within one or more database responses without modifying at least some other portion of unrestricted information; and;
However, Kawai discloses access requests to a portion of memory and also teaches 
modifying the portion of restricted information within one or more database responses without modifying at least some other portion of unrestricted information; and (see Kawai, [0069] “allowance operation may include modifying a set of access permissions for the first portion of the memory component to grant access by the user process or kernel process that provided the first candidate access identifier. Accordingly, the user process or kernel process may be allowed to perform read-operations with respect to the first portion of the memory component” – it modifies portion of the unrestricted information). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of modifying the portion of restricted and unrestricted information as being taught and disclosed by Kawai, in the system taught by Goldfarb to yield the predictable results of providing performance or efficiency benefits for memory protection management along with saving resources (see Kawai, [0086] “may provide performance or efficiency benefits for hardware-based memory protection management. Altogether, leveraging usage of storage protection keys with respect to container-based virtualization environment may be associated with benefits including data security, memory accessibility, and operational performance. Aspects may save resources such as bandwidth, disk, processing, or memory”).

Regarding claim 2, the proposed combination of Goldfarb and Kawai teaches
wherein registering the security driver comprises: (see Goldfarb, [0195] “the process 200 includes registering a security driver that wraps a database driver, as indicated by block 202”).
registering a process of the security driver within an operating system of a client computing device to appear to be the database driver with which the application is compatible (see Goldfarb, [0194] “by registering the process in the operating system of the client computing device to appear to be the database driver that the workload application is configured to access and then wrapping an application program interface of the original database driver with the operations”; [0195] “includes registering a security driver that wraps a database driver… the security driver may be registered in an operating system in which a workload application (e.g., application 28 above) making database access request described in subsequent operations of process 200 is executed, and this operating system may also be an environment in which a database driver (e.g., driver 34 above) described below operates”).

Regarding claim 3, the proposed combination of Goldfarb and Kawai teaches
wherein: the security driver wraps the database driver and (see Goldfarb, [0195] “includes registering a security driver that wraps a database driver”) exposes an interface responsive to at least the same set of requests to which that the database driver is responsive (see Goldfarb, [0194] “may be responsive to the same set of application program interface requests that a database driver is responsive to, while providing additional functionality”).

Regarding claim 4, the proposed combination of Goldfarb and Kawai teaches
wherein: the application includes a request modifier, the request modifier configured to: (see Goldfarb, [0092] “includes receiving a write command requesting that a document associated with the write command be stored in an immutable data structure… the write command may be a request received by a file manager of an operating system to store a file in a repository presented as a network drive within a user interface of the operating system”).
obtain user or client information corresponding a runtime environment of an operating system within which the application is executed; and (see Goldfarb, [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.”; [0052] “the client computing devices 12 may each execute an operating system in which one or more applications 28 execute”). 
append, to the database request generated by the application, the user agent string based on the obtained user or client information (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted”; [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.” – logging entries include database request information along with other information).

Regarding claim 6, the proposed combination of Goldfarb and Kawai teaches
wherein the modifying further comprises: (see Goldfarb, [0053] “the security driver 30 may wrap an application program interface of the database driver 32, such that the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those requests, and in some cases modifies those requests, and then provides the request in some cases with modifications to the database driver 32”). 
identifying a field to which a value is to be written for the database request; (see Goldfarb, [0031] “to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”; [0197] “the first write request may specify that a set of values are to be written to a set of fields in a set of records in a database, which may include adding new values to new fields to new records or modifying existing data”). 
determining, based on the policy, (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) that the user or the client is denied access to change values within the field; and (see Goldfarb, [page31 col2] “the write request having an indication that the first value is to be written to a given field of a given tuple… a first computing device to store a first subset of segments among the plurality of segments in memory; instructing, with one or more processors, via a network, a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0006] “a first subset of the fields, the first subset of fields being designated as higher-security fields than a second subset of fields among the plurality of fields… a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”).  
modifying the write to exclude the value to be written (see Kawai, [0065] “managing may include using the processor hardware memory management engine to determine to grant access to one or more portions of the memory component by a user process… granting access may include allowing the user process or the kernel process to have read-access (e.g., permission to view the contents of portions of the memory component) or write-access (e.g., permission to edit or modify the contents of portions of the memory component) to one or more portions of the memory component… to determine to deny access to one or more portions of the memory component by a user process or a kernel process based on a mismatch between the first candidate access identifier and the first access identifier… processes that are denied from having access to the memory component may be prevented from having read-access or write-access to one or more portions of the memory component”) to field (see Goldfarb, [page31 col2] “the write request having an indication that the first value is to be written to a given field of a given tuple… a first computing device to store a first subset of segments among the plurality of segments in memory; instructing, with one or more processors, via a network, a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0006] “a first subset of the fields, the first subset of fields being designated as higher-security fields than a second subset of fields among the plurality of fields… a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”). The motivation for the proposed combination is maintained. 

Regarding claim 7, the proposed combination of Goldfarb and Kawai teaches
wherein the modifying further comprises: (see Goldfarb, [0053] “the security driver 30 may wrap an application program interface of the database driver 32, such that the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those requests, and in some cases modifies those requests, and then provides the request in some cases with modifications to the database driver 32”). 
identifying a field from which a value is to be read for the database request; (see Goldfarb, [0031] “to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”; [0078] “when data is written to the database or read from the database… or read from specific fields of the elements”). 
determining, based on the policy, (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) that the user or the client is denied access to read values within the field; (see Goldfarb, [page31 col2] “a first computing device to store a first subset of segments among the plurality of segments in memory; instructing, with one or more processors, via a network, a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0006] “a first subset of the fields, the first subset of fields being designated as higher-security fields than a second subset of fields among the plurality of fields… a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0078] “read from specific fields of the elements”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”).
determining, based on the database request, (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted”) whether other values to be returned from other fields are dependent on the value within the field (see Goldfarb, [0152] “retrieve a segment and associated pointer if and associated pointer is stored in association with that segment, as indicated by block 162. Segments may be retrieved in reverse order or vice versa relative to the order in the value that is segmented, depending on how the content graph is structured, e.g., based on the order in which the segments are written”) and the user or client is not denied access to read at least some of the other values in the other fields to be read; and (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0029] “workload application through which the data is accessed (e.g., read or written)”; [0078] “read from specific fields of the elements”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”).  
obtaining the at least some other values in the other fields (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0029] “workload application through which the data is accessed (e.g., read or written)”; [0078] “read from specific fields of the elements”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”). The motivation for the proposed combination is maintained. 

Regarding claim 12, the proposed combination of Goldfarb and Kawai teaches
wherein: the application is configured to generate the database request with an appended field including the at least one value indicative of the user of the application (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information).

Regarding claim 13, the proposed combination of Goldfarb and Kawai teaches
wherein conveying one or more requests for the information to the database arrangement comprises: (see Goldfarb, [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.”).
conveying the one or more requests with an appended field including the value (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information) to another driver configured to communicate with the database arrangement, and (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”). 
wherein another driver by which the one or more requests are conveyed to the database arrangement does not process the appended field within the one or more requests (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted” – the logging entries [appended fields from the current application] are not processed in this specific citation).

Regarding claim 14, the proposed combination of Goldfarb and Kawai teaches
wherein conveying one or more requests for the information to the database arrangement comprises: (see Goldfarb, [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.”).
conveying the one or more requests with an appended field including the value to the database arrangement, and (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information; [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”).
wherein the database arrangement does not process the appended field within the one or more requests (see Goldfarb, [0053] “include a security driver 30 that interfaces between the application 28 and the database driver 32… the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those request”; [0035] “access requests from a workload application to the lower-trust database 14 may be intercepted” – the logging entries [appended fields from the current application] are not processed in this specific citation).

Regarding claim 15, the proposed combination of Goldfarb and Kawai teaches
wherein: conveying one or more requests for the information to the database arrangement comprises (see Goldfarb, [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.”) conveying the one or more requests with an appended field including the value, (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information).
requests received by the database arrangement are stored to a log, and the log is operable to indicate a set of requests each having an appended field including a same value (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted” – logging entries include database request information along with other information).

Regarding claim 17, the proposed combination of Goldfarb and Kawai teaches
wherein the policy information comprises one or more rules by which permissions to access information in the at least some records within the database arrangement are specified for different groups of users or groups of client devices (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”).

Regarding claim 20, the proposed combination of Goldfarb and Kawai teaches
wherein modifying the portion of restricted information within one or more database responses without modifying at least some other portion of unrestricted information comprises: (see Kawai, [0069] “allowance operation may include modifying a set of access permissions for the first portion of the memory component to grant access by the user process or kernel process that provided the first candidate access identifier. Accordingly, the user process or kernel process may be allowed to perform read-operations with respect to the first portion of the memory component” – it modifies portion of the unrestricted information). 
identifying values corresponding to restricted information based on permissions associated with respective records on which information in a database response is based, and one or more of: (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”). 
replacing an identified value with a replacement value based on the respective identified value, wherein the replacement value does not reveal the respective identified value; (see Goldfarb, [0040] “The translator 20 that may then replace those values in the lower-trust database 14 with a pointer, like a segment identifier in the secure distributed storage, in the manner described below, and then cause those that data to be stored in the secure distributed storage 16” – Goldfarb also does not disclose that replacement value reveals the respective identified value). The motivation for the proposed combination is maintained. 

Regarding claim 21, the proposed combination of Goldfarb and Kawai teaches
wherein: the database arrangement includes a relational database configured to be accessed with structured query language (SQL) statements by which records satisfying criteria specified in a statement are selected and returned responsive to a database request including the statement, records are joined across two or more tables, or records or values in records are written (see Goldfarb, [0031] “the lower-trust database 14 may be a relational database configured to be accessed with structured query language (SQL) commands, such as commands to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”).

Regarding claim 22, the proposed combination of Goldfarb and Kawai teaches
wherein: the database arrangement includes a document-oriented database storing a plurality of serialized hierarchical data format document records and configured to be accessed via with xpath or JSON-path statements (see Goldfarb, [0109] “the data structure includes linking between data elements present in a graph… for example, in a key-value pair, or in a hierarchical data structure, such as in a hierarchical data serialization format, like JOSN or XML”).

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Goldfarb and Kawai in view of Yamaguchi et al. (US 2003/0181199 A1, hereinafter “Yamaguchi”).

Regarding claim 5, the proposed combination of Goldfarb and Kawai teaches
wherein: the user agent string is appended in a specific logging entry related to… (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted”; [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.” – logging entries include database request information along with other information) the database request; and (see Goldfarb, [0224] “includes logging entries that describe a variety of different aspects of the access request... the entry is documented with a record that includes an identifier of a user account making the access request, an identifier of an application, such as a workload application through which the access request was submitted”; [0188] “to produce an additional audit log which shows all attempts to access the data… these access logs can be notated with request-specific information such as: username, geolocation, client machine IP address, etc.” – logging entries include database request information along with other information).
information detected by the security driver (see Goldfarb, [0150] “the security driver 30 may detect pointers to segments stored”). 
The proposed combination of Goldfarb and Kawai does not explicitly teach the user agent string is appended within a comment field of the database request; and the comment field is detected. 
However, Yamaguchi discloses managing data requests and also teaches
appending information within a comment field of requested data (see Yamaguchi, [0009] “The appended data includes at least one of a file name of the requested data, a comment to the data”; [page13 col2] “appended data includes at least one of a file name of the requested data, a comment to the data”; [0235] “it is possible to display image data and the appended data within a page… information associated with image data such as a comment to image data”).
the comment field is determined (see Yamaguchi, [0009] “The appended data includes at least one of a file name of the requested data, a comment to the data”; [page13 col2] “appended data includes at least one of a file name of the requested data, a comment to the data”; [0235] “it is possible to display image data and the appended data within a page… information associated with image data such as a comment to image data”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of comment information as being taught and disclosed by Yamaguchi, in the system taught by the proposed combination of Goldfarb and Kawai to yield the predictable results of effectively analyzing appended information to perform further functionalities based on the analysis (see Yamaguchi, [0223] “the server 204 analyzes session ID appended to a URL parameter part. The server 204 searches the MB session information table 3400 and MB album information table 3500 using the acquired session ID as a key to acquire corresponding records. The URL parameter part contains the AlbumID and user ID”).

Claim 8-10 are rejected under 35 U.S.C. 103 as being unpatentable over Goldfarb and  Kawai in view of Reeb (US 2008/0147647 A1, hereinafter “Reeb”).

Regarding claim 8, the proposed combination of Goldfarb and Kawai teaches
wherein obtaining the at least some other values in the other fields comprises: (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0029] “workload application through which the data is accessed (e.g., read or written)”; [0078] “read from specific fields of the elements”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”).
obtaining the at least some other values in the other fields and (see Goldfarb, [0033] “access to data in the lower-trust database 14, and corresponding access to corresponding records in the secure distributed storage 16, may be designated in part with roles and permissions stored in association with various user accounts of an application used to access that data”; [0029] “workload application through which the data is accessed (e.g., read or written)”; [0078] “read from specific fields of the elements”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”) the value within the field (see Goldfarb, [0152] “retrieve a segment and associated pointer if and associated pointer is stored in association with that segment, as indicated by block 162. Segments may be retrieved in reverse order or vice versa relative to the order in the value that is segmented, depending on how the content graph is structured, e.g., based on the order in which the segments are written”) to which the user or client is denied, (see Kawai, [0067] “the hardware-based memory protection response operation may include a procedure to disallow (e.g., deny, prevent, block) read-access, write-access, or both read and write access to the first portion of the memory component”).
wherein modifying data returned by the database arrangement to translate values (see Goldfarb, [0150] “the query response may be received by the database driver 32, which may then send the query response to the application 28. This response may be intercepted by the security driver 30 and modified by the security driver 30 before it is provided to the application 28”) comprises modifying the value within the field (see Goldfarb, [0031] “to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”; [0197] “the first write request may specify that a set of values are to be written to a set of fields in a set of records in a database, which may include adding new values to new fields to new records or modifying existing data”) to which the user or client is denied (see Kawai, [0067] “the hardware-based memory protection response operation may include a procedure to disallow (e.g., deny, prevent, block) read-access, write-access, or both read and write access to the first portion of the memory component”). 
The proposed combination of Goldfarb and Kawai does not explicitly teach exclude values read from the portion of data without excluding values read from another portion of data within the database arrangement.
However, Reeb discloses application interface for searching and also teaches
exclude values read from the portion of data without excluding values read from another portion of data within the database arrangement (see Reeb, [0020] “The custom search application 504 will check the fields that are included in the retrieved custom search definitions 506 and exclude any fields that the user does not have the permission to view”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of excluding values in data retrieval as being taught and disclosed by Reeb, in the system taught by the proposed combination of Goldfarb and Kawai to yield the predictable results of efficiently performing custom searches (see Reeb, [0016] “a user is currently performing a custom search of "Employees" database 110 using web browser 120 being displayed on computer 104… The web browser 120 executed the HTML to create the custom search user interface that is being displayed in the web browser 120”).

Regarding claim 9, the proposed combination of Goldfarb and Kawai teaches
wherein the modifying further comprises: (see Goldfarb, [0053] “the security driver 30 may wrap an application program interface of the database driver 32, such that the security driver 30 receives application program interface requests from the application 28 to the driver 32, acts on those requests, and in some cases modifies those requests, and then provides the request in some cases with modifications to the database driver 32”).
identifying a field from which a value was read for the database request within the data returned by the database arrangement; and (see Goldfarb, [0031] “to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”; [0078] “when data is written to the database or read from the database… or read from specific fields of the elements”; [0055] “When returning data to the application 28, for example in response to receiving a read request, these operations may be reversed in some cases… in a database gateway, in a database management system implemented at the lower-trust database 14, or on another standalone application executed in a computing device disposed between the lower-trust database 14 and the network and the client computing device 12 in a path to the lower-trust database 14”).  
determining, based on the policy, (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”) that the user or the client is denied access to read values within the field, (see Goldfarb, [page31 col2] “a first computing device to store a first subset of segments among the plurality of segments in memory; instructing, with one or more processors, via a network, a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0006] “a first subset of the fields, the first subset of fields being designated as higher-security fields than a second subset of fields among the plurality of fields… a second computing device to store a second subset of segments among the plurality of segments in memory, wherein: the first computing device does not have access to the second subset of segments; and the second computing device does not have access to the first subset of segments”; [0078] “read from specific fields of the elements”; [0145] “will only be able to access a set of segments of values and will not have access to other segments”).
wherein modifying data returned by the database arrangement to translate values (see Goldfarb, [0150] “the query response may be received by the database driver 32, which may then send the query response to the application 28. This response may be intercepted by the security driver 30 and modified by the security driver 30 before it is provided to the application 28”) comprises modifying the value within the field (see Goldfarb, [0031] “to select records satisfying criteria specified in the command, commands to join records from multiple tables, or commands to write values to records in these tables”; [0197] “the first write request may specify that a set of values are to be written to a set of fields in a set of records in a database, which may include adding new values to new fields to new records or modifying existing data”) to which the user or client is denied (see Kawai, [0067] “the hardware-based memory protection response operation may include a procedure to disallow (e.g., deny, prevent, block) read-access, write-access, or both read and write access to the first portion of the memory component”).
The proposed combination of Goldfarb and Kawai does not explicitly teach exclude values read from the portion of data without excluding values read from another portion of data within the database arrangement.
However, Reeb discloses application interface for searching and also teaches
exclude values read from the portion of data without excluding values read from another portion of data within the database arrangement (see Reeb, [0020] “The custom search application 504 will check the fields that are included in the retrieved custom search definitions 506 and exclude any fields that the user does not have the permission to view”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of excluding values in data retrieval as being taught and disclosed by Reeb, in the system taught by the proposed combination of Goldfarb and Kawai to yield the predictable results of efficiently performing custom searches (see Reeb, [0016] “a user is currently performing a custom search of "Employees" database 110 using web browser 120 being displayed on computer 104… The web browser 120 executed the HTML to create the custom search user interface that is being displayed in the web browser 120”).

Regarding claim 10, the proposed combination of Goldfarb and Kawai teaches
wherein modifying data returned by the database arrangement to translate values (see Goldfarb, [0150] “the query response may be received by the database driver 32, which may then send the query response to the application 28. This response may be intercepted by the security driver 30 and modified by the security driver 30 before it is provided to the application 28”).
based on the policy; and one or more of:  (see Goldfarb, [0198] “the security driver 30 may maintain in memory a set of one or more policies that each include a set of rules, such as a policy for each application or each lower-trust database 14… may include classifying values to be written as higher-security values or lower-security values… include selecting one or more rules from one or more data policies, for example, based on an application writing data, a lower-trust database receiving the data or intended to receive the data, or other criteria”).
replacing an identified value with a replacement value based on the respective identified value, wherein the replacement value does not reveal the respective identified value; (see Goldfarb, [0040] “The translator 20 that may then replace those values in the lower-trust database 14 with a pointer, like a segment identifier in the secure distributed storage, in the manner described below, and then cause those that data to be stored in the secure distributed storage 16” – Goldfarb also does not disclose that replacement value reveals the respective identified value). 
The proposed combination of Goldfarb and Kawai does not explicitly teach exclude values read from the portion of data without excluding values read from another portion of data within the database arrangement comprises: identifying the values to exclude.
However, Reeb discloses application interface for searching and also teaches
exclude values read from the portion of data without excluding values read from another portion of data within the database arrangement comprises: identifying the values to exclude (see Reeb, [0020] “The custom search application 504 will check the fields that are included in the retrieved custom search definitions 506 and exclude any fields that the user does not have the permission to view”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of excluding values in data retrieval as being taught and disclosed by Reeb, in the system taught by the proposed combination of Goldfarb and Kawai to yield the predictable results of efficiently performing custom searches (see Reeb, [0016] “a user is currently performing a custom search of "Employees" database 110 using web browser 120 being displayed on computer 104… The web browser 120 executed the HTML to create the custom search user interface that is being displayed in the web browser 120”).

Claims 18-19 are rejected under 35 U.S.C. 103 as being unpatentable over Goldfarb and Kawai in view of Feng (US 2016/0077902 A1, hereinafter “Feng”).

Regarding claim 18, the proposed combination of Goldfarb and Kawai teaches
wherein: the policy information comprises keys and corresponding permission values, (see Goldfarb, [0032] “the lower-trust database 14 is a key-value data store having a collection of key-value pairs in which data is stored”).
The proposed combination of Goldfarb and Kawai does not explicitly teach some of the keys correspond to identifiers of restricted information in records and corresponding permission values indicate respective access designations, and some of the keys correspond to user or client device identifiers and corresponding permission values indicate respective access designations.
However, Feng discloses access control criteria and also teaches
some of the keys correspond to identifiers of restricted information in records and corresponding permission values indicate respective access designations, and some of the keys correspond to user or client device identifiers and corresponding permission values indicate respective access designations (see Feng, [page30 col1] “by different key-value pairs include two or more of the following: the type of access, the type of permissions granted, the type of user, the required type of identifier for the user, and the object attribute to which the access control applies”; [0071] “The table below provides a list of keys by which an ACL key can be defined in some embodiments… access Type… permission… principal ld… principal Type… property… Type Description… READ… WRITE… EXECUTE… further constrains where the ACL applies”; [0076] “Within the scopes object, the keys are the names, and each value defines a filter object”). 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include the functionality of key value pairs as being taught and disclosed by Feng, in the system taught by the proposed combination of Goldfarb and Kawai to yield the predictable results of accurately defining relationships between object’s key values to provide appropriate access controls (see Feng, [0171] “To process the validation, ACL and/or relationship attributes during a particular object's instantiation, the runtime processor of some embodiments instantiates a validator, ACL-rule processor, and/or an object linker for the particular object. The object linker 630 then defines the relationships between the particular object and other objects based on the particular object's relations key values”).

Regarding claim 19, the proposed combination of Goldfarb, Kawai and Feng teaches
wherein modifying the portion of restricted information within one or more database responses without modifying at least some other portion of unrestricted information comprises: (see Kawai, [0069] “allowance operation may include modifying a set of access permissions for the first portion of the memory component to grant access by the user process or kernel process that provided the first candidate access identifier. Accordingly, the user process or kernel process may be allowed to perform read-operations with respect to the first portion of the memory component” – it modifies portion of the unrestricted information). 
identifying a first access designation corresponding to key matching the at least one value indicative of the user or the client device; (see Feng, [0063] “the validation key specifies constraints on data with validations properties… Regular expression pattern that a string should match… setting a validation constraint with such keys is provided below… states that the username has to be string, its documentation has to contain "User account name"). 
identifying a second access designation corresponding to a key matching an identifier of restricted information in a record associated with a database response; and (see Feng, [0070] “The value of an ACL key is an array of objects that describes the access controls for the model… "acls": [{"permission": "ALLOW", "principalType": "ROLE", "principal ld": "$everyone", "property": "myMethod"},”).
modifying the restricted information in response to determining that (see Kawai, [0070] “disallowance operation may include modifying a set of access permissions for the first portion of the memory component to prevent access by the user process or kernel process that provided the first candidate access identifier… the user process or kernel process may be prevented from performing read-operations or write-operations with respect to the first portion of the memory component” – it modifies portion of the restricted information and does not modify other portion of information) the first access designation (see Feng, [0063] “the validation key specifies constraints on data with validations properties… Regular expression pattern that a string should match… setting a validation constraint with such keys is provided below… states that the username has to be string, its documentation has to contain "User account name") does not permit access to the restricted information (see Feng, [0071] “principal ID String… Principal identifier. Required.The value must be one of: A user ID (String / number / any) One of the following predefined dynamic roles: $everyone – Everyone $owner - Owner of the object $related - Any user with a relationship to the object $authenticated - Authenticated user $unauthenticated - Unauthenticated user”) having the second access designation (see Feng, [0070] “The value of an ACL key is an array of objects that describes the access controls for the model… "acls": [{"permission": "ALLOW", "principalType": "ROLE", "principal ld": "$everyone", "property": "myMethod"},”). The motivation for the proposed combination is maintained. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VAISHALI SHAH whose telephone number is (571)272-8532. The examiner can normally be reached Monday - Friday (7:30 AM to 4:00 PM).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, TAMARA KYLE can be reached on (571)272-4241. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/VAISHALI SHAH/Primary Examiner, Art Unit 2156