Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of claims
This office action is in response to claims filed on 12/09/2021; the provisional application priority date of 10/05/2018 is considered
Claims 1-20 are pending and rejected; claims 1, 10 and 19 are independent claims

Information Disclosure Statement
The information disclosure statements (IDS)s submitted on 08/23/2022, 02/17/2022 and 12/29/2021 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory double patenting over claims 1-24 of U.S. Patent No. 11,222,132 B2 since the claims, if allowed, would improperly extend the “right to exclude” already granted in the patent.
The subject matter claimed in the instant application is fully disclosed in the patent and is covered by the patent since the patent and the application are claiming common subject matter, as follows: see independent claims mapping in the table below.
Patent No.: 11,222,132 B2
Instant application
1. A method for controlling and tracking access to secured data, the method comprising: 
receiving, using processing circuitry and originating from a remote computing device, a dataset identifier; 
organizing, using the processing circuitry, a dataset represented by the dataset identifier into one or more volumes, each of the one or more volumes associated with a unique volume identifier; 
attaching, using the processing circuitry, one or more assets to the one or more volumes by associating one or more asset identifiers with the one or more volume identifiers, wherein each asset is configured to store at least one of the one or more volumes; 
receiving, using the processing circuitry and originating from a data steward device, dataset permissions of use information associated with the dataset identifier, wherein the dataset permissions of use information comprises one or more of allowed use, allowed use justifications, indication of offshore allowed, or protection consumption profile; registering, using the processing circuitry and in a repository, the dataset permissions of use information with the dataset by associating a dataset permissions of use information identifier associated with the dataset permissions of use information with the dataset identifier; 
registering, using the processing circuitry and in the repository, volume permissions of use information with the one or more volumes by associating a volume permissions of use information identifier associated with the volume permissions of use information with the one or more volume identifiers, wherein registering volume permissions of use information regarding the one or more volumes to the one or more volumes further comprises: 
receiving, using the processing circuitry, volume permissions of use information originating from the data steward device, wherein a data steward associated with the data steward device is designated by an owner of the dataset; 
generating, using the processing circuitry, volume permissions of use metadata based on the volume permissions of use information; and storing, using the processing circuitry and in the repository, the volume permissions of use metadata; 
receiving, using the processing circuitry and originating from the remote computing device, a set of restrictions associated with the dataset identifier; 
retrieving, using the processing circuitry and from the repository, dataset permissions of use information associated with the dataset identifier; 
determining, using the processing circuitry, by comparing the set of restrictions with the dataset permissions of use information, that the set of restrictions does not conflict with the dataset permissions of use information; and 
generating and storing an indication that the set of restrictions is validated.
19. A computer-implemented method, comprising: 
receiving, using processing circuitry and originating from a remote computing device, a dataset identifier; 
organizing, using the processing circuitry, a dataset represented by the dataset identifier into one or more volumes, each of the one or more volumes associated with a unique volume identifier of one or more volume identifiers; 
associating, using the processing circuitry, one or more asset identifiers with the one or more volume identifiers, wherein each asset identified by an asset identifier of the one or more asset identifiers is configured to store at least one volume of the one or more volumes; 
receiving, using the processing circuitry and originating from a data steward device, persona information associated with the dataset identifier, wherein the persona information comprises identifiers for controlled access information associated with a persona data object, wherein the controlled access information comprises one or more of access restrictions, permissions of use information, allowed account type identifiers, accessible volume identifiers, accessible dataset identifiers associated with one or more persona identifiers; associating, using the processing circuitry, the persona information with the dataset identifier; 
receiving, using the processing circuitry and originating from the remote computing device, a set of restrictions associated with the dataset identifier; 
determining, using the processing circuitry and by comparing the set of restrictions with the persona information, that the set of restrictions does not conflict with the persona information; and 
generating and storing, using the processing circuitry, an indication that the set of restrictions is validated.


Furthermore, there is no apparent reason why applicant was prevented from presenting claims corresponding to those of the instant application during prosecution of the application which matured into a patent. See In re Schneller, 397 F.2d 350, 158 USPQ 210 (CCPA 1968). See also MPEP § 804.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-27 are rejected under 35 U.S.C. 103 as being unpatentable over Kettler et al. US Pub. No.: 2003/0101341 A1 (hereinafter Kettler) in view of Williamson et al. US Pub. No.: 2018/0232528 A1 (hereinafter Williamson)

Kettler teaches:
1. An apparatus comprising at least one processor, at least one memory storing computer program code, the at least one memory and the computer program code configured to, with the at least one processor, configure the apparatus to: 
receive, originating from a remote computing device, a dataset identifier (Kettler ¶36, “to accept queries from data requesters related to information associated with enterprise architecture 100, access rules database 210 to validate that permissions exist for the data requesters”); 
associate the persona information with the dataset identifier; receive, originating from the remote computing device, a set of restrictions associated with the dataset identifier; 
determine, by comparing the set of restrictions with the persona information, that the set of restrictions does not conflict with the persona information (see Kettler Fig. 3 and ¶47, If the information is not allowed to be released to the data requester, such as when that information is protected by certain data protection rules, then the method proceeds to step 310 as outlined below); and 
generate and store an indication that the set of restrictions is validated (see Kettler Fig. 3 and ¶48, “access the database to validate that a permission exists for the data requester”).
Kettler does not explicitly teach but the related art Williamson teaches:
organize a dataset represented by the dataset identifier into one or more volumes, each of the one or more volumes associated with a unique volume identifier of one or more volume identifiers (see Williams ¶26, “the data pre-processor 106 converts the data in the input data sources 102A-N to a common data structure that may be parsed by the data classifier 108” [i.e. attach assets to volumes]); 
associate one or more asset identifiers with the one or more volume identifiers, wherein each asset identified by an asset identifier of the one or more asset identifiers is configured to store at least one volume of the one or more volumes (see Williams ¶26, “the data pre-processor 106 converts the data in the input data sources 102A-N to a common data structure that may be parsed by the data classifier 108” [i.e. attach assets to volumes]); 
receive, originating from a data steward device, persona information associated with the dataset identifier, wherein the persona information comprises identifiers for controlled access information associated with a persona data object, wherein the controlled access information comprises one or more of access restrictions, permissions of use information, allowed account type identifiers, accessible volume identifiers, accessible dataset identifiers associated with one or more persona identifiers (see Williamson ¶48, data classifier 108 includes a metadata analyzer 202, a reference data matcher 204, a pattern matcher 206, a logical classifier 208, a contextual analyzer 210, a deep learning classifier 212, a data security level classifier 214, a significance factor calculator 216, and a confidence value calculator 218); 
Therefore, it would have been obvious to one with ordinary skill in the art before the effective filing date of the invention, to modify the system for protecting data from unauthorized disclosure disclosed by Kettler to include the sensitive data classification, as thought by Williamson, in order to organize/classify the datasets to one or more volumes/classifications. It would have been obvious to one of ordinary skill in the art to include a system that can automatically parse through the data sources and intelligently determine access permission.
As to claim 2, the apparatus of claim 1, wherein a persona data object comprises electronically managed data associated with a user identity (see Kettler ¶9, with regard to opting in or opting out of a particular disclosure of his or her personal information).

As to claim 3, the apparatus of claim 2, wherein the electronically managed data embodies access control to particular datasets for one or more allowed uses (see Kettler Fig. 3,¶47, “a determination is made whether the data requester is permitted to access the requested information”).

As to claim 4, the apparatus of claim 3, wherein an allowed use of the one or more allowed uses comprises one of provision, acquisition, extraction, discovery, analytics (see Kettler ¶36, generally functions to accept queries from data requesters related to information associated with enterprise architecture 100, access rules database 210 to validate that permissions exist for the data requesters).

As to claim 5, the apparatus of claim 3, wherein an allowed use is associated with a dataset identifier and one or more proper use identifiers (see Fig. 3 and ¶47, the rules database 210 stores identifying information about the request. For example, rules database 210 may store such information as who is requesting the data (i.e., the data requester), what type of information they are requesting, what time the request was made, and from which location the request was made).

As to claim 6, the apparatus of claim 2, wherein data access rights to the dataset for a computing device associated with a user identity or user profile having data access rights are controlled based on an associated persona data object (see Kettler ¶43, personal data protection).

As to claim 7, the apparatus of claim 2, wherein the persona data object comprises a user identifier and one or more persona identifiers (see Kettler ¶48, information or other suitable identifying information as to the request result).

As to claim 8, the apparatus of claim 7, wherein the user identifier is associated with one or more role identifiers (see Kettler ¶46, determines permissions for one or more data requesters and stores these permissions in rules database 210 or another suitable database at step 302) .

As to claim 9, the apparatus of claim 8, wherein each role identifier of the one or more role identifiers is associated with one or more proper use identifiers (see Kettler ¶32, control the receiving, storing, and/or retrieving of data, such as data protection rules, from rules database 210 and/or managed systems database 212).

As to independent claim 10, this claim directed to a computer program product executed by the apparatus of claim 1; therefore it is rejected along similar rationale.
As to independent claim 19, this claim directed to a computer-implemented method executed by the apparatus of claim 1; therefore it is rejected along similar rationale.
As to dependent claims 11-18 and 20, these claims contain substantially similar subject matter as claim 2-; therefore they are rejected along the same rationale.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478. The examiner can normally be reached Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 5712726798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/NEGA WOLDEMARIAM/Examiner, Art Unit 2433                      

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433