DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Applicant's amendments filed on 01/19/2021 has been received and entered.  Currently Claims 1-20 are pending.

Response to Arguments
Applicant’s arguments have been considered but are moot in view of the new ground(s) of rejection.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 6, 8, 13-14 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Bruce et al. US2015/0082032 hereinafter referred to as Bruce, in view of Kamath et al. US2014/0140508 hereinafter referred to as Kamath, and Hatakeyama et al. US2007/0180271 hereinafter referred to as Hatakeyama.
As per claim 1, Bruce teaches a computer-implemented method for preventing single point of failure in accessing encrypted data, comprising:  storing encrypted master key and password of first 
storing the encrypted master key and password of second system administrator in a database with the user identifier for the second system administrator (Bruce Fig. 7A, paragraph [0089]-[0090], admin db stored admin usernames, passwords and encrypted master key);  
allowing decryption of the master key using the user identifier and password of the first system administrator based on the encrypted master key and the password of the first system administrator (Bruce paragraph [0125]-[0126], [0129], decrypt master key based on the admin id, password and encrypted master key); and  
allowing decryption of the master key using the user identifier and password of the second system administrator based on the encrypted master key and password of the second system administrator (Bruce paragraph [0125]-[0126], [0129], decrypt master key based on the admin id, password and encrypted master key). 
Bruce does not explicitly disclose accessing a master key; 
encrypting the master key with a password of a first system administrator;  
generating a one-way hashed password for the first system administrator using the password of the first system administrator;  
storing the one-way hashed password of the first system administrator;
executing a registration operation to provide master key level administration privileges to a second system user, wherein the registration operation includes entering, by the second system user, a password of the second system user, making the master key available for use in registering the second system user during the registration operation,
encrypting the master key with the password of a second system user;  
generating a one-way hashed password for the second system user using the password of the second system user;  
storing the one-way hashed password of the second system user;
allowing decryption of the master key based on the encrypted master key and the one-way hashed password of the first system administrator;

Kamath teaches accessing a master key (Kamath paragraph [0190], [0192], master key); 
encrypting the master key with a password of a first system administrator (Kamath paragraph [0192], [0395], encrypt master key with password);  
generating a one-way hashed password for the first system administrator using the password of the first system administrator (Kamath paragraph [0183], [0186]-[0187], [0395], hash password);  
storing the one-way hashed password of the first system administrator (Kamath paragraph [0188], [0395], store hashed password);
executing a registration operation to provide master key level administration privileges to a second system user, wherein the registration operation includes entering, by the second system user, a password of the second system user, making the master key available for use in registering the second system user during the registration operation (Kamath paragraph [0402]-[0404], [0260], [0262], decrypt master key.  User enters password),
encrypting the master key with the password of a second system user (Kamath paragraph [0174], [0404], [0264], encrypt master key with password);  
generating a one-way hashed password for the second system user using the password of the second system user (Kamath paragraph [0187], [0268]-[0270], hash password);  
storing the one-way hashed password of the second system user (Kamath paragraph [0187], [0268]-[0270], store hashed password);
allowing decryption of the master key based on the encrypted master key and the one-way hashed password of the first system administrator (Kamath paragraph [0213], [0215]-[0216], [0219]-[0222], [0395], compare hash of password with stored hash and decrypt encrypted master key with password);
allowing decryption of the master key based on the encrypted master key and the one-way hashed password of the second system user (Kamath paragraph [0213], [0215]-[0216], [0219]-[0222], [0403]-[0404], compare hash of password with stored hash and decrypt encrypted master key with password). 

Bruce in view of Kamath does not explicitly disclose making key temporarily available;
removing the temporary availability to the key upon completion of operation.
Hatakeyama teaches making key temporarily available (Hatakeyama paragraph [0014]-[0015], [0041], [0046], decrypt key);
removing the temporary availability to the key upon completion of operation (Hatakeyama paragraph [0015], [0046], determine operation is complete and delete key).
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Bruce in view of Kamath with the teachings of Hatakeyama to include deleting the key after an operation has been completed in order to reduce the risk of exposure and usage of the master key by malicious users.

As per claim 6, Bruce in view of Kamath and Hatakeyama teaches the computer-implemented method of claim 1, wherein the decrypted master keys of the first and second system administrators are used to decrypt data encrypted with the master key (Bruce paragraph [0089], [0126], decrypt data with master key; Kamath paragraph [0222]).  

As per claims 8, 13-14 and 19, claims 8, 13-14 and 19 claim a system and a non-transitory computer-readable medium essentially corresponding to the method claims 1 and 6 above, and they are rejected, at least for the same reasons.

Claims 2-4, 9-11 and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over Bruce in view of Kamath and Hatakeyama, and further in view of Schechter et al. US2013/0212385 hereinafter referred to as Schechter.
As per claim 2, Bruce in view of Kamath and Hatakeyama teaches the computer-implemented method of claim 1, wherein the one-way hashed password for the first system administrator is generated by one-way hashing the password of the first system administrator (Bruce Fig. 7A; Kamath paragraph [0186]-[0188], stored hashed password); and  
the one-way hashed password for the second system administrator is generated by one-way hashing the password of the second system administrator (Bruce Fig. 7A; Kamath paragraph [0186]-[0188], [0400], stored hashed password).  
Bruce in view of Kamath and Hatakeyama does not explicitly disclose wherein one-way hashed password for first system user is generated by one-way hashing password of the first system user and a salt associated with the first system user, wherein the salt associated with the password of the first system user is stored with the one- way hashed password of the first system user;
one-way hashed password for second system user is generated by one-way hashing password of the second system user and a salt associated with the second system user, wherein the salt associated with the second system user is stored with the one-way hashed password for the second system user.  
Schechter teaches wherein one-way hashed password for first system user is generated by one-way hashing password of the first system user and a salt associated with the first system user, wherein the salt associated with the password of the first system user is stored with the one- way hashed password of the first system user (Schechter Fig. 1, paragraph [0028]-[0029], generate a salt for a user, hash a concatenation of the password and salt, and store the salt with the hashed password);
one-way hashed password for second system user is generated by one-way hashing password of the second system user and a salt associated with the second system user, wherein the salt associated with the second system user is stored with the one-way hashed password for the second system user (Schechter Fig. 1, paragraph [0028]-[0029], generate a salt for a user, hash a concatenation of the password and salt, and store the salt with the hashed password).  
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Bruce in view of Kamath and Hatakeyama with the teachings of Schechter to include salting a password before hashing it in order to enhance the security of the stored hashed password.

As per claim 3, Bruce in view of Kamath, Hatakeyama and Schechter teaches the computer-implemented method of claim 2, wherein the salt associated with second administrator is a salt generated at a time at which the password of the second system administrator is generated (Bruce Fig. 7A; Kamath paragraph [0186]-[0188], [0400]; Schechter paragraph [0027]-[0028], user registers username/password and a salt is generated for the user).  

As per claim 4, Bruce in view of Kamath, Hatakeyama and Schechter teaches the computer-implemented method of claim 2, further comprising:  receiving login authentication information including a user identifier and password (Bruce paragraph [0125]; Kamath paragraph [0209]-[0210]; Schechter paragraph [0031]);
determining whether the user identifier and password in the received login authentication information are associated with a user in the database (Bruce paragraph [0125]; determine if user exists; Kamath paragraph [0211]; Schechter paragraph [0031]);  
if the login authentication information is associated with a user in the database, accessing the one-way hashed password and encrypted master key associated with the user identifier (Bruce paragraph [0126], retrieve encrypted master key; Kamath paragraph [0216], [0220]; Schechter paragraph [0031], retrieve stored user data); 
using the salt stored with the one-way hashed password associated with the user identifier to execute a one-way hash operation on the password received in the login authentication information (Schechter paragraph [0031]-[0032], hash the received password with the salt);  
comparing the one-way hash of the received password with the one-way hashed password associated with the user identifier (Kamath paragraph [0215]; Schechter paragraph [0032], compare hash with stored hash); and  
allowing decryption of the master key using the user identifier and password received in the login authentication information only if the one-way hashed value of the received password is the same as the one-way hashed password associated with the user identifier (Kamath paragraph [0215], [0217]-[0218], [0222], if the two hash matches, decrypt the master key; Schechter paragraph [0032]).  

As per claims 9-11 and 15-17, claims 9-11 and 15-17 claim a system and a non-transitory computer-readable medium essentially corresponding to the method claims 2-4 above, and they are rejected, at least for the same reasons.

Claims 7 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Bruce in view of Kamath and Hatakeyama, and further in view of Gosselin et al. US2008/0235521 hereinafter referred to as Gosselin.
As per claim 7, Bruce in view of Kamath and Hatakeyama teaches the computer-implemented method of claim 1.
Bruce in view of Kamath and Hatakeyama does not explicitly disclose wherein key is generated from password of first system administrator.  
Gosselin teaches wherein key is generated from password of first system administrator (Gosselin paragraph [0033], generate key from admin password).  
Thus it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Bruce in view of Kamath and Hatakeyama with the teachings of Gosselin to include generating a master key from an admin password because the results would have been predictable and resulted in the generation of the master key.

As per claim 20, claim 20 claims a non-transitory computer-readable medium essentially corresponding to the method claim 7 above, and is rejected, at least for the same reasons.

Allowable Subject Matter
Claims 5, 12 and 18 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HENRY TSANG whose telephone number is (571)270-7959.  The examiner can normally be reached on M-F 8am - 5pm EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on (571) 272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.