Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 01/19/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 06/04/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 06/17/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 07/08/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 08/09/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 10/14/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 11/16/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 11/24/2021 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 02/01/2022 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 04/22/2022 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 06/22/2022 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
The information disclosure statement (IDS) submitted on 09/26/2022 is in compliance with the
provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the
examiner.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over HSIEH et al (US 20090282045) in view of Padmanabhan (US 20190236598) .
Regarding claim 1, HSIEH et al teach a data trustee environment comprising: one or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising: receiving a request from a data consumer to trigger a data privacy pipeline required to execute within a data trustee environment (see Paragraph [0009] and [0105-0115], where the business tenant A,B,C may use multi-tenant database as a repository for all their business data. See Paragraph [0059], where partnership trust allows a trustee to access a portion of the tenant’s data the portion specified by the tenant.);
 identifying all root entities of the data privacy pipeline requiring an entitlement from a grantor that is not a participant to the data privacy pipeline (see Paragraph [0038], where the data access rights for a given security trust are stored in security trust objects in terms of trust universe objects. That is, the data access rights for a given security trust are stored to specify the trust universe objects that the trustees of the security trust may access from the multi-tenant database);
 loading contracts that govern access to the root entities within the data trustee environment (see Paragraph [0038], where generating overloads of the trust universes that refers to the restriction on the trust universe objects based on the data access rights associated with a given security trust); 
for each root entity of the root entities, searching the contracts to identify a valid access path pursuant to an associated one of the contracts with which the data privacy pipeline can use the root entity while fulfilling constraints defined by the associated contract and applicable upon accessing the root entity (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see), and while fulfilling policies defined by the associated contract and applicable to computations of the data privacy pipeline that are downstream from the root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee); 
and based on each of the root entities having an identified valid access path pursuant to an identified associated one of the contracts, triggering execution of the data privacy pipeline within the data trustee environment using the identified valid access path and the associated identify contract to access each of the root entities (see Paragraph [0043], where trust hierarchy is established to enable tenants of a multi-tenant database to share their data with and access the data of other tenants and security trust specified for enabling different level of data access rights tenants).
HSIEH et al do not teach using data trustee environment without exposing the root entities
However, in analogous art, Padmanabhan teach same field of data trustee environment. Padmanabhan teach using data trustee environment without exposing the root entities (see Paragraph [0493], where a VPN may be utilized by a user of a multi-tenant database system, which is data trustee environment for accessing data, wherein a VPN restricts exposing information).
It would have been obvious to one of ordinary skills in arty before the effective filling data of the claimed invention to modify the system of HSIEH et al to incorporate the teaching of Padmanabhan using data trustee environment without exposing the root entities.
Motivation as recognized by one of ordinary skill in the art, to do so would enabling dataset analysis and management to occur between datasets having disparate format (see Paragraph [0005]).
Regarding 2, modified HSIEH et al in view of Padmanabhan teach the data trustee environment as claim 1, HSIEH et al teach wherein identifying all root entities of the data privacy pipeline requiring an entitlement comprises accessing a digitized representation of the data privacy pipeline having an associated list, property, or metadata identifying the root entities (see Paragraph [0064], where the security trust table may have, for example, three columns: one for a tenant identifier, one for a trustee identifier, and another for the type of security trust established by the tenant identified by the tenant identifier and between the tenant and the trustee identified by the trustee identifier).
Regarding claim 3, modified HSIEH et al in view of Padmanabhan teach the data trustee environment as claim 1, HSIEH et al teach the operations further comprising, prior to searching the contracts to identify a valid access path for each root entity (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see), filtering out a set of the contracts that do not grant access to the data consumer based on an identity of the data consumer (see Paragraph [0059-0061], where a trust hierarchy is established, each security trust specifies a set of data access rights between tenant and a trustee, wherein complete trust allows access to all tenant’s data, subsidiary trust allows a trustee to access all of tenant’s data, and a partnership trust allows a trustee to access a portion of the tenant’s data, where partnership trust may specify restriction on the data access right).
Regarding claim 4, modified HSIEH et al in view of Padmanabhan teach the data trustee environment as claim 1, wherein searching the contracts for each root entity comprises, for each contract of the contracts governing access to the root entity: identifying a potential access path having all computational steps that would be required to execute in the data trustee environment in order to trigger the data privacy pipeline in the data trustee environment using the contract to access the root entity (see Paragraph [0068] and FIG.6 where security trust (inputs) are used to specify data access rights that are subsequently convert in to queries);
 and determining whether the potential access path would fulfill constraints defined by the contract and applicable upon accessing the root entity, and would fulfill policies defined by the contract and applicable to a set of the computational steps that are downstream from the root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee).
Regarding claim 5, modified HSIEH et al in view of Padmanabhan teach the data trustee environment as claim 1, HSIEH et al teach wherein searching the contracts for each root entity comprises, for each contract of the contracts governing access to the root entity: identifying a potential access path having all computational steps that would be required to execute in the data trustee environment in order to trigger the data privacy pipeline in the data trustee environment using the contract to access the root entity (see Paragraph [0068] and FIG.6 where security trust (inputs) are used to specify data access rights that are subsequently convert in to queries);
and verifying the computational steps of the potential access path would satisfy applicable constraints and policies (see Paragraph [0043], where trust hierarchy is established to enable tenants of a multi-tenant database to share their data with and access the data of other tenants and security trust specified for enabling different level of data access rights tenants).
HSIEH et al do not teach using data trustee environment without exposing the root entities
However, in analogous art, Padmanabhan teach same field of data trustee environment. Padmanabhan teach using data trustee environment without exposing the root entities (see Paragraph [0493], where a VPN may be utilized by a user of a multi-tenant database system, which is data trustee environment for accessing data, wherein a VPN restricts exposing information).
It would have been obvious to one of ordinary skills in arty before the effective filling data of the claimed invention to modify the system of HSIEH et al to incorporate the teaching of Padmanabhan using data trustee environment without exposing the root entities.
Motivation as recognized by one of ordinary skill in the art, to do so would enabling dataset analysis and management to occur between datasets having disparate format (see Paragraph [0005]).
Regarding claim 6, modified HSIEH et al in view of Padmanabhan teach the data trustee environment as claim 1, HSIEH et al teach wherein searching the contracts to identify a valid access path for each root entity comprises, evaluating computational steps of potential access paths without executing a first set of the computational steps (see Paragraph [0015], where A plurality of data access rights are created for each tenant of the multi-tenant database. A set of data access rights for a trustee associated with a first tenant is associated to a portion of the multi-tenant database associated with a second tenant), and conditionally executing a second set of the computational steps to evaluate a particular constraint or policy that is only capable of verification during runtime (see Paragraph [0015], where a query from the trustee on the multi-tenant database is processed for the portion the multi-tenant database associated with the second tenant subject to the set of data access rights for the trustee).
Regarding claim 7, modified HSIEH et al in view of Padmanabhan teach the data trustee environment as claim 1, HSIEH et al teach wherein searching the contracts to identify a valid access path for each root entity identifies a plurality of candidate contracts or a plurality of valid access paths for at least a first root entity of the root entities (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see), the operations further comprising applying conflict rules to select one of the plurality of valid access paths as the identified valid access or select one of the plurality of candidate contracts as the identified associated contract for the first root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee).
Regarding claim 8, HSIEH et al teach one or more computer storage media storing computer-useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising: receiving a request from a data consumer to trigger a data privacy pipeline required to execute within a data trustee environment (see Paragraph [0009] and [0105-0115], where the business tenant A,B,C may use multi-tenant database as a repository for all their business data. See Paragraph [0059], where partnership trust allows a trustee to access a portion of the tenant’s data the portion specified by the tenant.);
identifying all root entities of the data privacy pipeline requiring an entitlement from a grantor that is not a participant to the data privacy pipeline (see Paragraph [0038], where the data access rights for a given security trust are stored in security trust objects in terms of trust universe objects. That is, the data access rights for a given security trust are stored to specify the trust universe objects that the trustees of the security trust may access from the multi-tenant database);
identifying a set of contracts governing access to the root entities within the data trustee environment (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see) and defining a valid access path for each of the root entities such that the data privacy pipeline can use the root entities while fulfilling constraints and policies defined by the set of contracts, the constraints applicable upon accessing the root entities, the policies applicable to computations of the data privacy pipeline that are downstream from the root entities (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee);
and triggering execution of the data privacy pipeline within the data trustee environment using the identified set of the contracts to access the root entities (see Paragraph [0043], where trust hierarchy is established to enable tenants of a multi-tenant database to share their data with and access the data of other tenants and security trust specified for enabling different level of data access rights tenants).
 HSIEH et al do not teach using data trustee environment without exposing the root entities
However, in analogous art, Padmanabhan teach same field of data trustee environment. Padmanabhan teach using data trustee environment without exposing the root entities (see Paragraph [0493], where a VPN may be utilized by a user of a multi-tenant database system, which is data trustee environment for accessing data, wherein a VPN restricts exposing information).
It would have been obvious to one of ordinary skills in arty before the effective filling data of the claimed invention to modify the system of HSIEH et al to incorporate the teaching of Padmanabhan using data trustee environment without exposing the root entities.
Motivation as recognized by one of ordinary skill in the art, to do so would enabling dataset analysis and management to occur between datasets having disparate format (see Paragraph [0005]).
Regarding claim 9, modified HSIEH et al in view of Padmanabhan teach one or more computer storage media as claim 8, HSIEH et al teach wherein identifying all root entities of the data privacy pipeline requiring an entitlement comprises accessing a digitized representation of the data privacy pipeline having an associated list, property, or metadata identifying the root entities (see Paragraph [0064], where the security trust table may have, for example, three columns: one for a tenant identifier, one for a trustee identifier, and another for the type of security trust established by the tenant identified by the tenant identifier and between the tenant and the trustee identified by the trustee identifier).
Regarding claim 10, modified HSIEH et al in view of Padmanabhan teach one or more computer storage media as claim 8, the operations further comprising: loading a plurality of contracts that govern access to the root entities within the data trustee environment (see Paragraph [0038], where generating overloads of the trust universes that refers to the restriction on the trust universe objects based on the data access rights associated with a given security trust);
filtering out a subset of the contracts that do not grant access to the data consumer based on an identity of the data consumer, leaving a remaining set of the contracts (see Paragraph [0059-0061], where a trust hierarchy is established, each security trust specifies a set of data access rights between tenant and a trustee, wherein complete trust allows access to all tenant’s data, subsidiary trust allows a trustee to access all of tenant’s data, and a partnership trust allows a trustee to access a portion of the tenant’s data, where partnership trust may specify restriction on the data access right); 
searching the remaining set of contracts to identify the set of contracts governing access to the root entities (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see).
Regarding claim 11, modified HSIEH et al in view of Padmanabhan teach one or more computer storage media as claim 8, HSIEH et al teach wherein identifying the set of contracts defining a valid access path for each of the root entities comprises, for each root entity and each contract governing access to the root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee): identifying a potential access path having all computational steps that would be required to execute in the data trustee environment in order to trigger the data privacy pipeline in the data trustee environment using the contract to access the root entity (see Paragraph [0068] and FIG.6 where security trust (inputs) are used to specify data access rights that are subsequently convert in to queries);
	Regarding claim 12, modified HSIEH et al in view of Padmanabhan teach one or more computer storage media as claim 8, HSIEH et al teach wherein identifying the set of contracts defining a valid access path for each of the root entities comprises, for each root entity and each contract governing access to the root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee): identifying a potential access path having all computational steps that would be required to execute in the data trustee environment in order to trigger the data privacy pipeline in the data trustee environment using the contract to access the root entity (see Paragraph [0068] and FIG.6 where security trust (inputs) are used to specify data access rights that are subsequently convert in to queries);
and verifying the computational steps of the potential access path would satisfy applicable constraints and policies (see Paragraph [0043], where trust hierarchy is established to enable tenants of a multi-tenant database to share their data with and access the data of other tenants and security trust specified for enabling different level of data access rights tenants).
HSIEH et al do not teach using data trustee environment without exposing the root entities
However, in analogous art, Padmanabhan teach same field of data trustee environment. Padmanabhan teach using data trustee environment without exposing the root entities (see Paragraph [0493], where a VPN may be utilized by a user of a multi-tenant database system, which is data trustee environment for accessing data, wherein a VPN restricts exposing information).
It would have been obvious to one of ordinary skills in arty before the effective filling data of the claimed invention to modify the system of HSIEH et al to incorporate the teaching of Padmanabhan using data trustee environment without exposing the root entities.
Regarding claim 13, modified HSIEH et al in view of Padmanabhan teach one or more computer storage media as claim 8, HSIEH et al teach wherein identifying the set of contracts defining a valid access path for each of the root entities comprises evaluating computational steps of potential access paths without executing a first set of the computational steps (see Paragraph [0015], where A plurality of data access rights are created for each tenant of the multi-tenant database. A set of data access rights for a trustee associated with a first tenant is associated to a portion of the multi-tenant database associated with a second tenant), and conditionally executing a second set of the computational steps to evaluate a particular constraint or policy that is only capable of verification during runtime (see Paragraph [0015], where a query from the trustee on the multi-tenant database is processed for the portion the multi-tenant database associated with the second tenant subject to the set of data access rights for the trustee).
Regarding claim 14, modified HSIEH et al in view of Padmanabhan teach one or more computer storage media as claim 8, HSIEH et al teach wherein identifying the set of contracts defining a valid access path comprises, for at least a first root entity of the root entities see Paragraph [0015], where A plurality of data access rights are created for each tenant of the multi-tenant database. A set of data access rights for a trustee associated with a first tenant is associated to a portion of the multi-tenant database associated with a second tenant): identifying a plurality of candidate contracts or a plurality of valid access paths governing access to the first root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee).
Regarding claim 15, HSIEH et al teach A method comprising: receiving a request from a data consumer, to trigger a data privacy pipeline required to execute within a constrained environment that is inaccessible to the data consumer, and to export from the constrained environment data generated by the data privacy pipeline (see Paragraph [0009] and [0105-0115], where the business tenant A,B,C may use multi-tenant database as a repository for all their business data. See Paragraph [0059], where partnership trust allows a trustee to access a portion of the tenant’s data the portion specified by the tenant);
determining that executing the data privacy pipeline within the constrained environment would satisfy an associated entitlement to use a root entity of the data privacy pipeline within the constrained environment (see Paragraph [0038], where the data access rights for a given security trust are stored in security trust objects in terms of trust universe objects. That is, the data access rights for a given security trust are stored to specify the trust universe objects that the trustees of the security trust may access from the multi-tenant database), the associated entitlement specifying a constraint on accessing the root entity within the constrained environment and a policy on downstream computations within the constrained environment deriving from the root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee);
determining that the data consumer has permission to export the data from the constrained environment (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see);
and triggering execution of the data privacy pipeline within the constrained environment using the root entity pursuant to the associated entitlement (see Paragraph [0043], where trust hierarchy is established to enable tenants of a multi-tenant database to share their data with and access the data of other tenants and security trust specified for enabling different level of data access rights tenants).
HSIEH et al do not teach using data trustee environment without exposing the root entities
However, in analogous art, Padmanabhan teach same field of data trustee environment. Padmanabhan teach using data trustee environment without exposing the root entities (see Paragraph [0493], where a VPN may be utilized by a user of a multi-tenant database system, which is data trustee environment for accessing data, wherein a VPN restricts exposing information).
It would have been obvious to one of ordinary skills in arty before the effective filling data of the claimed invention to modify the system of HSIEH et al to incorporate the teaching of Padmanabhan using data trustee environment without exposing the root entities.
Regarding claim 16, modified HSIEH et al in view of Padmanabhan teach the method data privacy pipeline as claim 15, HSIEH et al teach further comprising: identifying all root entities of the data privacy pipeline requiring a corresponding entitlement from a grantor that is not a participant to the data privacy pipeline (see Paragraph [0059-0061], where a trust hierarchy is established, each security trust specifies a set of data access rights between tenant and a trustee, wherein complete trust allows access to all tenant’s data, subsidiary trust allows a trustee to access all of tenant’s data, and a partnership trust allows a trustee to access a portion of the tenant’s data, where partnership trust may specify restriction on the data access right);
wherein determining that executing the data privacy pipeline within the constrained environment would satisfy the associated entitlement to use the root entity comprises searching contracts that govern access to the root entities (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see) within the constrained environment to identify a valid access path for each of the root entities (see Paragraph [0037] and [0074], where a security trust may be configured to specify data access rights, wherein the security trust is associated with a trust universe having a plurality of trust universe objects that may be updated).
Regarding claim 17, modified HSIEH et al in view of Padmanabhan teach the method data privacy pipeline as claim 15, HSIEH et al teach further comprising identifying all root entities of the data privacy pipeline requiring a corresponding entitlement from a grantor that is not a participant to the data privacy pipeline by accessing a digitized representation of the data privacy pipeline having an associated list, property, or metadata identifying the root entities (see Paragraph [0064], where the security trust table may have, for example, three columns: one for a tenant identifier, one for a trustee identifier, and another for the type of security trust established by the tenant identified by the tenant identifier and between the tenant and the trustee identified by the trustee identifier).
Regarding claim 18, modified HSIEH et al in view of Padmanabhan teach the method data privacy pipeline as claim 15, HSIEH et al teach further comprising: identifying all root entities of the data privacy pipeline requiring a corresponding entitlement from a grantor that is not a participant to the data privacy pipeline (see Paragraph [0059-0061], where a trust hierarchy is established, each security trust specifies a set of data access rights between tenant and a trustee, wherein complete trust allows access to all tenant’s data, subsidiary trust allows a trustee to access all of tenant’s data, and a partnership trust allows a trustee to access a portion of the tenant’s data, where partnership trust may specify restriction on the data access right);
loading a plurality of contracts that govern access to the root entities within the constrained environment (see Paragraph [0038], where generating overloads of the trust universes that refers to the restriction on the trust universe objects based on the data access rights associated with a given security trust);
and filtering out a subset of the plurality of contracts that do not grant access to the data consumer based on an identity of the data consumer, leaving a remaining set of the contracts (see Paragraph [0059-0061], where a trust hierarchy is established, each security trust specifies a set of data access rights between tenant and a trustee, wherein complete trust allows access to all tenant’s data, subsidiary trust allows a trustee to access all of tenant’s data, and a partnership trust allows a trustee to access a portion of the tenant’s data, where partnership trust may specify restriction on the data access right); 
wherein determining that executing the data privacy pipeline within the constrained environment would satisfy the associated entitlement to use the root entity comprises searching (see Paragraph [0088], where trustee may browse all the security trust that it is entitle to see) the remaining set of contracts to identify a valid access path for the root entity (see Paragraph [0043], where trust hierarchy is established to enable tenants of a multi-tenant database to share their data with and access the data of other tenants and security trust specified for enabling different level of data access rights tenants).
Regarding claim 19, modified HSIEH et al in view of Padmanabhan teach the method data privacy pipeline as claim 15, HSIEH et al teach wherein determining that executing the data privacy pipeline within the constrained environment would satisfy the associated entitlement to use the root entity comprises, for each of a plurality of contracts governing access to the root entity within the constrained environment (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee): identifying a potential access path having all computational steps that would be required to execute in the constrained environment in order to trigger the data privacy pipeline in the constrained environment using the contract to access the root entity (see Paragraph [0068] and FIG.6 where security trust (inputs) are used to specify data access rights that are subsequently convert in to queries);
and determining whether the potential access path would fulfill constraints defined by the contract and applicable upon accessing the root entity, and would fulfill policies defined by the contract and applicable to a set of the computational steps that are downstream from the root entity (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee).
Regarding claim 20, modified HSIEH et al in view of Padmanabhan teach the method data privacy pipeline as claim 15, HSIEH et al teach wherein determining that executing the data privacy pipeline within the constrained environment would satisfy the associated entitlement to use the root entity comprises, for each of a plurality of contracts governing access to the root entity within the constrained environment (see Paragraph [0035], where trust hierarchy specifies various level of trust for tenants of a multi-tenant database which referred to security trust security trust specific a set of data access rights between a tenant and one or more trustee): identifying a potential access path having all computational steps that would be required to execute in the constrained environment in order to trigger the data privacy pipeline in the constrained environment using the contract to access the root entity (see Paragraph [0068] and FIG.6 where security trust (inputs) are used to specify data access rights that are subsequently convert in to queries);
and verifying the computational steps of the potential access path would satisfy applicable constraints and policies. (see Paragraph [0043], where trust hierarchy is established to enable tenants of a multi-tenant database to share their data with and access the data of other tenants and security trust specified for enabling different level of data access rights tenants).
HSIEH et al do not teach using data trustee environment without exposing the root entities
However, in analogous art, Padmanabhan teach same field of data trustee environment. Padmanabhan teach using data trustee environment without exposing the root entities (see Paragraph [0493], where a VPN may be utilized by a user of a multi-tenant database system, which is data trustee environment for accessing data, wherein a VPN restricts exposing information).
It would have been obvious to one of ordinary skills in arty before the effective filling data of the claimed invention to modify the system of HSIEH et al to incorporate the teaching of Padmanabhan using data trustee environment without exposing the root entities.
Motivation as recognized by one of ordinary skill in the art, to do so would enabling dataset analysis and management to occur between datasets having disparate format (see Paragraph [0005]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Jacob et al (US 20170364553) disclosed provided an interface between repositories of disparate datasets and computing machine-based entities that seek access to the datasets, and, more specifically, to a computing and data storage platform that facilitates consolidation of one or more datasets, whereby a collaborative data layer and associated logic facilitate.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVID HYUNGYU KIM whose telephone number is (571)272-0460. The examiner can normally be reached Monday - Friday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Philip Chea can be reached on (571)-273-8300. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/DAVID HYUNGYU KIM/Examiner, Art Unit 2499                                                                                                                                                                                                        /PHILIP J CHEA/Supervisory Patent Examiner, Art Unit 2499