DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 01/21/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 13-14 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (Pub. No.: US 2018/0248848, hereinafter Wu) in view of Elteto et al. (Pub. No.: US 2010/0131518, hereinafter Elteto).
Regarding claim 1: Wu discloses An apparatus comprising:
at least one processing device comprising a processor coupled to a memory, the at least one processing device, when executing program code (Wu - Fig. 1), is configured to:
receive a request to create a data structure with a given data structure name and one or more given parameter names (Wu - [0048]: Turning now to FIG. 5A, example SQL statement flow 500 for creating a new encrypted database table in accordance with the concepts and technologies disclosed herein will be described. The example SQL statement flow 500 includes a normal SQL table 502 named “Persons” and includes data fields corresponding to identification (“PersonID”), last name (“LastName”), first name (“FirstName”), address (“Address”), and city (“City”) data); and
wherein each of the pair of data structures is assigned a different randomly-generated data structure name derived from the given data structure name in the request, and further wherein the one or more given parameter names are assigned different one or more randomly-generated parameter names in each of the pair of data structures (Wu - [0048]: The database encryption proxy system 108 generates random strings for the table name “Persons”, and for all field names—“PersonID”, “LastName”, “FirstName”, “Address”, and “City” (shown at 506). The database encryption proxy system 108 stores the mappings between the random strings and the real table name or field name as the case may be).
However Wu doesn’t explicitly teach, but Elteto discloses: generate a pair of data structures in response to the request (Elteto - [0042]: obfuscating the database schema involves deriving an “obfuscated name” for one or more tables, and one or more column names of columns in tables, using the R or C value and the table's or column's original name or identifying number. There are many ways to derive the obfuscated names), 
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu with Elteto so that obfuscated names can be derived from original name. The modification would have allowed the system to improve security. 
Regarding claim 13: Wu as modified discloses wherein the data structure is a table, and wherein the one or more parameters are one or more columns of the table (Wu - [0048]: The example SQL statement flow 500 includes a normal SQL table 502 named “Persons” and includes data fields corresponding to identification (“PersonID”), last name (“LastName”), first name (“FirstName”), address (“Address”), and city (“City”) data).
Regarding claim 14: this claim defines a method claim that corresponds to apparatus claim 1 and does not define beyond limitations of claim 1. Therefore, claim 14 is rejected with the same rational as in the rejection of claim 1.
Regarding claims 19-20: this claim defines a computer readable medium claim that corresponds to apparatus claim 1 and does not define beyond limitations of claims 1 and 13. Therefore, claims 19-20 are rejected with the same rational as in the rejection of claims 1 and 13.

Claims 2 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (Pub. No.: US 2018/0248848, hereinafter Wu) in view of Elteto et al. (Pub. No.: US 2010/0131518, hereinafter Elteto) and Sinha (Pub. No.: US 2011/0119288).
Regarding claims 2 and 15: Wu as modified doesn’t explicitly teach but Sinha discloses wherein the processing device, when executing program code, is further configured to change the randomly-generated data structure names and the randomly-generated parameter names in given intervals (Sinha - [0043]: Either at periodic intervals, or on demand, another set of tables (e.g., one called “CurrNames_Tbl”, and another called “CurrNames_Col”) is created to store the state of the database schema. The second set is compared to the first set to obtain changes in the database schema between the two points in time. Such changes may include modifications of table names, column names, additions or deletions of tables and columns, and also modifications of data types for columns).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto with Sinha so that the table name and parameters name are changed at periodic intervals. The modification would have allowed the system to implement semantic layers security at a granularity corresponding to the underlying data sources' structure (Sinha - [0072]).

Claims 3 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (Pub. No.: US 2018/0248848, hereinafter Wu) in view of Elteto et al. (Pub. No.: US 2010/0131518, hereinafter Elteto) and Helms et al. (Pub. No.: US 2022/0075877, hereinafter Helms).
Regarding claims 3 and 16: Wu as modified doesn’t explicitly teach but Helms discloses wherein the processing device, when executing program code, is further configured to, when the one or more given parameter names comprises two given parameter names, encrypt data associated with each of the two given parameter names with a different encryption algorithm (Helms - [0068]: some embodiments may perform a column-level encryption operation, where columns of a database may be separately encrypted with different encryption keys).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto with Helms so that a column-level encryption is performed on each column. The modification would have allowed the system to operate a column-level encryption.

Claims 4-8 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (Pub. No.: US 2018/0248848, hereinafter Wu) in view of Elteto et al. (Pub. No.: US 2010/0131518, hereinafter Elteto) and Shuai (Patent No.: US 8,266,101).
Regarding claims 4 and 17: Wu as modified doesn’t explicitly teach but Shuai discloses wherein the processing device, when executing program code, is further configured to designate one of the pair of data structures as active and the other of the pair of data structures as passive (Shuai - [Col. 10, Line 7-9]: Column SITE_MODE stores the operating mode of the corresponding database within the synchronization group, it can be either active or passive).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto with Helms so that database operating mode can be active or passive. The modification would have allowed the system to include different database operating mode.
Regarding claim 5 and 18: Wu as modified discloses wherein the processing device, when executing program code, is further configured to apply a query, received for the data structure requested in the receiving step, to the data structure of the pair of data structures designated as active (Wu - [0031]: In response to a query from the database user 114, the database encryption proxy system 108 can execute the encryption/decryption module 122 to decrypt all data responsive to the query from the cloud database 118 and send to the database user 114 the decrypted data as a query result).
Regarding claim 6: Wu as modified discloses wherein the processing device, when executing program code, is further configured to data synchronize the data structure of the pair of data structures designated as passive with the data structure of the pair of data structures designated as active (Shuai - [Col. 10, Line 12-17]: A database in passive mode can change to active mode only if it is synchronized with other databases in the synchronization group. Active databases post DML transactions into the TRANSACTION_QUEUE table (as defined in 902) and the DML's corresponding synchronization log table defined in 908 for the passive databases and active databases that are down in the cluster).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto with Helms so that database in passive mode can be synchronized with data base in active mode. The modification would have allowed the system to synchronize passive database with active datagbase.
Regarding claim 7: Wu as modified discloses wherein the processing device, when executing program code, is further configured to redesignate the data structure of the pair of data structures designated as passive to active and the data structure of the pair of data structures designated as active to passive (Shuai - [Col. 10, Line 9-14]: A database in active mode can change to passive mode if there is no user update to the database or its synchronization layer is disabled. A database in passive mode can change to active mode only if it is synchronized with other databases in the synchronization group).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto with Helms so that database passive/active mode can be changed. The modification would have allowed the system to be more flexible.
Regarding claim 8: Wu as modified discloses wherein the processing device, when executing program code, is further configured to apply a subsequent query, received for the data structure requested in the receiving step, to the data structure of the pair of data structures redesignated as active (Wu - [0031]: In response to a query from the database user 114, the database encryption proxy system 108 can execute the encryption/decryption module 122 to decrypt all data responsive to the query from the cloud database 118 and send to the database user 114 the decrypted data as a query result).

Claims 9-10 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et a;. (Pub. No.: US 2018/0248848, hereinafter Wu) in view of Elteto et al. (Pub. No.: US 2010/0131518, hereinafter Elteto) and Liberman et al. (Pub. No.: US 2013/003.6458, hereinafter Liberman).
Regarding claim 9: Wu as modified doesn’t explicitly teach but Liberman discloses wherein the processing device, when executing program code, is further configured to provide a client seeking to connect to the apparatus with an identifier (Liberman - [0126]: the IVO/member enters in new member account information in the designated fields including name 4310, 4320, address 4330-4360, and birth date 4370).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto with Liberman so that user who want to access the information would provide it’s credential information. The modification would have allowed the system to obtain user credentials for accessing verification.
Regarding claim 10: Wu as modified discloses wherein the processing device, when executing program code, is further configured to:
obtain a request from the client, wherein the request comprises the identifier (Liberman - [0126]: the IVO/member enters in new member account information in the designated fields including name 4310, 4320, address 4330-4360, and birth date 4370);
generate a temporary password for the request corresponding to the identifier (Liberman - [0127]: the IDM web server 620 also generates a temporary user name and password); and
send the temporary password to the client (Liberman - [0128]: the IDM web server 620 or IDM registration server 640 displays the new account user's name 5310, the temporary user name 5320, and the temporary password 5330).
The reason for modification is for the same rational as claim 9.
Claims 11-12 are rejected under 35 U.S.C. 103 as being unpatentable over Wu et al. (Pub. No.: US 2018/0248848, hereinafter Wu) in view of Elteto et al. (Pub. No.: US 2010/0131518, hereinafter Elteto) and Liberman et al. (Pub. No.: US 2013/003.6458, hereinafter Liberman) and Smalley et al. (Patent No.: US 9,703,855, hereinafter Smalley).
Regarding claim 11: Wu as modified doesn’t explicitly teach but Smalley discloses wherein the processing device, when executing program code, is further configured to receive a query from the client for the data structure requested in the receiving step, wherein the query comprises the data structure name appended with the temporary password (Smalley - [Col. 7, Line 63-67]: request process 22 includes the database connection information required to access documents stored in data repository 40 database server. The supplied information includes username, password, server name, database name, table name and query).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto, Liberman with Smalley so that a query with database name and password etc. is provided. The modification would have allowed the system to perform a query with defined fields.
Regarding claim 12: Wu as modified discloses wherein the processing device, when executing program code, is further configured to:
verify the temporary password (Smalley - [Col. 8, Line 4]: At step 220, the request is authenticated and authorized); and
apply the query to an active-designated one of the pair of data structures, in response to the temporary password being verified (Smalley - [Col. 8, Line 1-3]: the user of request process 22's IWA credentials are used on server 26 to gain access to a SQL Server database).
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of Wu and Elteto, Liberman with Smalley so that query is executed when the password is verified. The modification would have allowed the system to securely access the database.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Rjaibi  (Pub. No.: US 2008/0147595) - Self-protecting database tables
Mori et al. (Pub. No.: US 2013/0246813) - Database encryption system, method, and program
Abstract

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MENG LI whose telephone number is (571)272-8729.  The examiner can normally be reached on M-F 8:30-5:30.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8729.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MENG LI/
Primary Examiner, Art Unit 2437