DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 12/08/2020 has been entered.
 
Response to Amendment
This is in response to the amendments filed on 12/08/2020. Claims 1, 2, 4 and 9-10 have been amended. Claims 1-10 are currently pending and have been considered below.

Response to Arguments
Applicant’s arguments, see page 7, filed 12/08/2020, with respect to the rejection(s) of claims 4, 5 and 10 under 35 U.S.C. 112(b) have been fully considered and are persuasive. Thus, the rejection has been withdrawn. However, Applicant's amendment necessitated the new ground(s) of rejection as will be discussed below.
Applicant’s arguments, see pages 7-10, filed 12/08/2020, with respect to the rejection(s) of claims 1-10 under 35 U.S.C. 103, have been fully considered but are moot because the arguments do not apply to the newly cited reference being used in the current rejection.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-10 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Claim 1 recites the limitations “each of at least of client” in line 3 and “the user” in line 8. It is unclear as to whether, or not, the client and the user are the same entity. If both are the same, clarification is required. 
Claim 1 recites the limitation “the client device” in line 7. There is insufficient antecedent basis for this limitation in the claim since claim 1 further recites the limitation “at least one client device” in line 4, which implies there may be more than one. The correct way to provide antecedent basis for this limitation would be “the at least one client device”. 
Claim 1 recites the limitation “the user” in line 8. There is insufficient antecedent basis for this limitation in the claim.
Claim 1 recites the limitation “the user credential” in line 8. There is insufficient antecedent basis for this limitation in the claim since the previous recitation is “a submitted user credential”. It is suggested that the limitation “the user credential” in line 8 be changed to “the submitted user credential”, or the limitation “a submitted user credential” in line 7 be changed to “a 

Claim 9 recites the limitation “the client device” in line 7. There is insufficient antecedent basis for this limitation in the claim since claim 9 further recites the limitation “at least one client device” in line 5, which implies there may be more than one. The correct way to provide antecedent basis for this limitation would be “the at least one client device”. 
Claim 9 recites the limitation “the user” in line 8. There is insufficient antecedent basis for this limitation in the claim.
Claim 10 recites the limitations “each of at least of client” in line 3 and “the user” in line 9. It is unclear as to whether, or not, the client and the user are the same entity. If both are the same, clarification is required. 
Claim 10 recites the limitation “the client device” in line 8. There is insufficient antecedent basis for this limitation in the claim since claim 10 further recites the limitation “at least one client device” in line 6, which implies there may be more than one. The correct way to provide antecedent basis for this limitation would be “the at least one client device”. 
Claim 10 recites the limitation “the user” in line 9. There is insufficient antecedent basis for this limitation in the claim.
Claims 2-8 are rejected under 112(b) as being dependent from the rejected claim 1.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1-10 are rejected under 35 U.S.C. 103 as being unpatentable over Osterwalder et al. (US 2014/0289539 A1; hereinafter, “Osterwalder”) in view of Judd (US 2016/0342588 A1; hereinafter, “Judd”), and further in view of Erlikhman (US 2015/0318998 A1; hereinafter, “Erlikhman”).

Regarding claim 1:
Osterwalder teaches:
A method for managing access to data (see Title: Methods and systems for storage of large data objects), the data being associated with metadata, at least one predetermined access policy for accessing metadata including, for each of at least one client, at least one identifier relating to the client, the method comprising:
a) receiving, by an entity, from at least one client device, a data access request for accessing data, the data access request … (FIG. 4 & para. [0038]: … the system may follow in response to its receipt of a request to access the encrypted blob. The request 401 may arrive from a user in the form of an access request that includes a user authentication credential; FIG. 1 & para. [0023]: a client device 102 and a storage service 120. --- It is noted that a storage service (120), a client device, an access request, and encrypted blob teach an entity, at least one client device, a data access request, and data, respectively);
(FIG. 4 & para. [0038]: … the system may follow in response to its receipt of a request to access the encrypted blob. The request 401 may arrive from a user in the form of an access request that includes a user authentication credential; FIG. 1 & para. [0023]: a client device 102 and a storage service 120. --- It is noted that a storage service (120), a client device, and a user authentication credential teach an entity, at least one client device, and a submitted user credential, respectively); 
c) authentication the user, by the entity, based on the user credential (para. [0038]: The system may check the ACL 403 to confirm that the user's authentication credential matches one that is contained in the ACL 405. If there is no match, the system may deny the request 407 and/or ask the user to re-submit an authentication credential. If there is a match, the system may access the metadata to retrieve the unique encryption keys and the MACs for the blob 409. --- It is noted that check to confirm that the user's authentication credential matches teaches authentication the user based on the user credential; and the system corresponds to the entity);
d) determining, by the entity, based on an associated access policy, whether the metadata access is or is not authorized, as an access decision (FIG. 4 & para. [0038]: The system may check the ACL 403 to confirm that the user's authentication … matches one that is contained in the ACL 405 … If there is a match, the system may access the metadata; FIG. 1 & para. [0030]: The ACLs 118 may identify which clients (i.e., which users) are authorized to perform actions on data resources or groups of data resources, and/or what actions may be performed on each resource or group. --- It is noted that the ACL and the metadata teach the associated access policy and the metadata, respectively);
e) generating … by the entity, only if the metadata access is authorized, based on the associated access policy, an associated first key, as first data allowing to access the metadata … (FIG. 4 & para. [0038]: If there is a match, the system may access the metadata … to access the metadata the system may unwrap the wrapped key and use the unwrapped key to also decrypt the metadata. --- It is noted that the unwrapped key teaches an associated first key, as first data; and use the unwrapped key implies generating an associated first key);
f) accessing, by the entity, based on the generated first data, the associated metadata (FIG. 4 & para. [0038]: … to access the metadata the system may unwrap the wrapped key and use the unwrapped key to also decrypt the metadata. --- It is noted that access the metadata using the unwrapped key teaches accessing based on the generated first data the associated metadata); and
g) accessing, by the entity, based on the accessed metadata and the associated access policy, at least a part of associated data (FIG. 4 & para. [0038]: If there is a match, the system may access the metadata to retrieve the unique encryption keys and the MACs for the blob 409. The system also will retrieve the encrypted data chunks from the data store 411. The system may then use the MACs to verify the integrity of the encrypted data chunks 413, and use the encryption keys to decrypt the encrypted data chunks 413), as a late dynamic binding of the metadata with the at least a part of the associated data (para. [0007]: the service may store, in the metadata, a data store location. The data store location corresponds to a storage location of one or more of the data chunks in the first or second set).
Osterwalder is silent about: 
a) … the … request including at least one identifier relating to a requesting client, as a user identity. 
…
e) generating on-the-fly … an associated first key…, using a key derivation function being dependent on the user identity and the user credential; 
Judd, in the same field of endeavor, teaches: 
e) generating on-the-fly … an associated first key… (para. [0006]: The data is then stored on the matching node and metadata is created to maintain the location of the stored data. To retrieve the stored data, a hash key is generated from the request, the metadata is accessed using the hash key to identify the node on which the data is stored, and the data is read from the identified node. --- It is noted that a hash key corresponds to an associated first key; a hash key is generated from the request teaches generating on-the-fly. Also, noted that the term “on-the-fly” is interpreted as the key is not pre-generated. Thus, generating a hash key from the request teaches generating on-the-fly an associated first key).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Osterwalder’s system by enhancing Osterwalder’s system to generate the unwrapped key in the same manner as generating the hash key, as taught by Judd, instead of using stored wrapped key, in order to identify and access the metadata without need to store the key. 
The motivation is to provide increased level of security without storing or exchange of keys thereby preventing attackers from getting enough time to crack the key values.
Osterwalder in view of Judd is silent about: 
a) … the … request including at least one identifier relating to a requesting client, as a user identity. 
…
e) generating … an … key…, using a key derivation function being dependent on the user identity and the user credential; 
Erlikhman, in the same field of endeavor, teaches: 
a) … the … request including at least one identifier relating to a requesting client, as a user identity (para. [0152]: At 6450, client 680 generates and transmits a user authentication request to server 690. The user authentication request may include a user identifier, device identifier and, optionally, a user authentication version value. Each personal data credential selected by a user may be assigned a unique user authentication version value, allowing the server 690 to identify which personal data credential is being used. The user authentication version value may also serve as a transaction counter; para. [0155]: Client 680 receives the challenge message at 6510, and generates a prompt in a user interface of the client 680 at 6515 to supply a previously-provided personal data credential, as received during the provisioning process flow 550. The personal data credential is then supplied using an appropriate input interface of client 680 (e.g., keyboard, fingerprint reader, etc.). --- It is noted that the authentication request corresponds to the request; a user identifier teaches at least one identifier relating to a requesting client, as a user identity; and the authentication request includes the user identifier). 
…
e) generating … an … key…, using a key derivation function being dependent on the user identity and the user credential (para. [0119]: the Password-based Encryption Standard (PKCS5) may be used to process the personal data credential to generate the credential-derived key. For example, a 256-bit salt may be generated using a local random or pseudorandom number generator. A binary long object (BLOB) may also be used, along with a user identifier. A Password-Based Key Derivation Function (e.g., PBKDF2, used with SHA256) may be applied to the personal data credential, salt, BLOB and user identifier, and iterated a predetermined number of times to generate the credential-derived key; para. [0124]: At 5535, the credential-derived key is wiped or discarded from volatile memory. Discarding the credential-derived key ensures that it can only be recovered by the client device 580 if the personal data credential is supplied again by the user, and the same key derivation function is applied. --- It is noted that Key Derivation Function teaches a key derivation function; the personal data credential corresponds to the user credential; user identifier teaches the user identity; and Key Derivation Function be applied to the personal data credential and user identifier, also a binary long object (BLOB) may also be used along with a user identifier teaches a key derivation function being dependent on the user identity and the user credential); 

The motivation is to provide increased level of security by adding the user identifier additionally to the use credential in generating the key. 

Regarding claim 2:
Osterwalder in view of Judd and Erlikhman teaches: 
The method according to claim 1, wherein, to carry out step d), the method further comprises:
Osterwalder in view of Judd is silent about: 
receiving, by the entity, at least one captured context signal, the access decision being further dependent on the at least one captured context signal.
Erlikhman teaches: 
receiving, by the entity, at least one captured context signal, the access decision being further dependent on the at least one captured context signal (para. [0010]: In some cases, the user authentication request comprises a device identifier and a user identifier; para. [0116]: In other cases, the personal data credential may computed from biometric data, such as a fingerprint, in which case the prompt may be displayed or otherwise communicated to the user, and a biometric input device may be used to capture the biometric data; para. [101]: Authentication server 594 receives the device authentication request and verifies that the device identifier is valid, and that the transaction counter value is within an acceptable range; Para. [0156]: At 6520, client 680 processes the personal data credential in similar fashion to 5525 of process flow 550, for example using PKCS5 to generate the credential-derived key from the personal data credential, salt and BLOB, for example. --- It is noted that the authentication server corresponds to the entity; a device identifier and the biometric data teaches at least one captured context signal; Authentication server verifies that the device identifier is valid teaches the access decision being further dependent on the at least one captured context signal. Further noted that the claim does not specifically define as to what the captured context signal is. So, for the sake of examination, it is interpreted in light of the specification).
Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Osterwalder in view of Judd’s system by enhancing Osterwalder in view of Judd’s system to verify the device identifier and/or users biometric data, as taught by Erlikhman, in order to mitigate complex threats like cloning and key extraction.
The motivation is to provide increased level of security by verifying the device identifier and/or users biometric data. 

Regarding claim 3:
Osterwalder in view of Judd and Erlikhman teaches: 
The method according to claim 1.
Osterwalder further teaches: 
wherein the first data includes at least one key for decrypting encrypted metadata or at least one location relating to at least one key for decrypting encrypted metadata or at least one location of the metadata (FIG. 4 & para. [0038]: If there is a match, the system may access the metadata … to access the metadata the system may unwrap the wrapped key and use the unwrapped key to also decrypt the metadata. --- It is noted that the unwrapped key teaches the first data; and use the unwrapped key to decrypt the metadata teaches first data includes at least one key for decrypting encrypted metadata).

Regarding claim 4:
Osterwalder in view of Judd and Erlikhman teaches:
The method according to claim 1.
Osterwalder further teaches: 
wherein, the metadata including second data allowing to access the at least a part of associated data, the step g) comprises the following steps:
determining, by the entity, based on the accessed metadata, an associated second data (FIG. 4 & para. [0038]: If there is a match, the system may access the metadata to retrieve the unique encryption keys and the MACs for the blob 409. --- It is noted that the unique encryption keys teaches an associated second data.); and
accessing, by the entity, based on the associated second data, the at least a part of the associated data (FIG. 4 & para. [0038]: The system also will retrieve the encrypted data chunks from the data store 411. The system may then use the MACs to verify the integrity of the encrypted data chunks 413, and use the encryption keys to decrypt the encrypted data chunks 413). 

Regarding claim 5:
Osterwalder in view of Judd and Erlikhman teaches: 
The method according to claim 4.
Osterwalder further teaches: 
wherein the second data includes at least one location relating to the at least a part of the associated data, the at least one location relating to the at least a part of the associated data identifying the at least one location within at least one data repository storing the at least a part of the associated data (para. [0007]: In some embodiments, the service may store, in the metadata, a data store location. The data store location corresponds to a storage location of one or more of the data chunks in the first or second set; para. [0035]: The metadata also may include other information about the blob, such as an address or information indicating where in the data store the blob's chunks are located).

Regarding claim 6:
Osterwalder in view of Judd and Erlikhman teaches: 
The method according to claim 1.
Osterwalder further teaches: 
wherein the metadata includes at least one location relating to the associated access policy (FIG. 1 & para. [0029]: The metadata also may include information such as … access control lists (ACLs) 118 …; para. [0036]: The ACL may be stored with the metadata).

Regarding claim 7:
Osterwalder in view of Judd and Erlikhman teaches: 
The method according to claim 1.
Osterwalder further teaches: 
wherein, the at least a part of the associated data being stored within at least one data repository, the metadata being stored within at least one metadata repository, the at least one metadata repository is separate from the at least one data repository (para. [0005]: The service may store the encrypted data chunks in one or more data stores, and store the encryption keys and the MACs as metadata in a metadata memory. The metadata memory may be separate from the data stores).

Regarding claim 8:
Osterwalder in view of Judd and Erlikhman teaches:
The method according to claim 7.
Osterwalder further teaches: 
(FIG. 1 & para. [0029]: The metadata also may include information such as … access control lists (ACLs) 118 …; para. [0036]: The ACL may be stored with the metadata, or it may be stored in a memory that is separate from the memory that holds the other blob metadata described above).

Regarding claim 9:
Claim 9 recites an entity for managing access to data which corresponds to the method for managing access to data of claim 1, and additionally contains “at least one processor.”  
However, Osterwalder further teaches:
at least one processor (claim 16: a storage service comprising one or more processors). 
Therefore claim 9 is rejected by applying the same rationale used to reject claim 1 above and the teachings discussed above.

Regarding claim 10:
Claim 10 recites a system for managing access to data which corresponds to the method for managing access to data of claim 1, and additionally contains “at least one processor.”  
However, Osterwalder further teaches:
at least one processor (claim 16: a storage service comprising one or more processors). 
Therefore claim 10 is rejected by applying the same rationale used to reject claim 1 above and the teachings discussed above.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Ramasubramanian Iyer et al. (US 2017/0078095 A1) discloses a method that . 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WANSIK YOU whose telephone number is (571)270-3360.  The examiner can normally be reached on 7:30-5:30 M-Th.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR PATEL can be reached on (571)-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/W.Y./Examiner, Art Unit 2491                                                                                                                                                                                                        





/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491