Notice of Pre-AIA  or AIA  Status
The present application, filed on or after May 22, 2017, is being examined under the first inventor to file provisions of the AIA .
The application claims priority of parent application of 12/02/2014.

Detailed action 
Claims 1, 3-4, 6, 8-11, 13-17 and 19-20 are pending and are being considered.
Claims 1, 4, 6, 14 and 19 have been amended.
Claims 5 and 7 have been cancelled.

Response to 103
	Applicants argument filled on 12/30/2020 have been fully considered.
In response to applicants argument that Li fails to teach generating a service key encrypting the service key including generating a key pair including public and private key. The examiner acknowledges applicants view point but respectfully disagrees because Li on [0007, 0016, 0031, 0040-0041and 0221] teaches generating encryption parameter key (i.e. service key) and encrypting the parameter key. The rest of Applicant’s argument regarding the amended limitation that LI fails to teach encrypting by the mobile terminal the service key are moot in view of new grounds of rejection. The arguments do not apply to the current art being used.  See the rejection below.

                                               Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that 

Claims 1, 3-4, 6, 13-15 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Li (US 20150363775) in view of De Atley et al (hereinafter De Atley) (US 8433901) and further in view of Owen et al (hereinafter Owen) (US 20040187018).
Regarding claim 1 Li teaches Li teaches A method for improving security of data on a mobile terminal  (Li on [0005] teaches a key protection method. See [abstract and 0179] teaches the present invention can increase the difficulty of an attack, and improve security);
generating a service key (Li on [0016, 0040-0041and 0221] teaches generating encryption parameter key and generate first message cryptograph using encryption parameter key);
and encrypting the service key, the encrypting the service key including (Li on [0007, 0031 and 0175] teaches encrypting by the mobile terminal encryption parameter key);
 generating a key pair including a first public key and a first private key (Li on [0005-0007 and 0103] teaches generating by a mobile terminal a user's public key and a user's private key);
 acquiring, by the mobile terminal, identification information of the mobile terminal (LI on [0008 and 0032] teaches encrypting by mobile terminal hardware information of the mobile terminal, wherein hardware information includes a device serial number and/or a MAC. The cited portion teaches the device will acquire its own Identification information to be encrypted. See also on [0109] teaches the mobile terminal extracts the hardware characteristic information of its own);
generating a character string according to the identification information, wherein generating the character string according to the identification information includes performing a hash algorithm processing on the identification information, to obtain the character string  (Li on [0008-0009 and 0032] teaches the hardware information is hardware characteristic information or a hash value of the hardware characteristic information and the hardware characteristic information includes a device serial number and/or a MAC address. See also on [0109] teaches calculates the hash value of the hardware characteristic information extracted by the mobile terminal. See also on [0142] teaches the mobile terminal extracts the hardware characteristic information of the mobile terminal and calculates the hash value of the hardware characteristic information);
and encrypting the key pair including the first public key and the first private key by using the character string to obtain the first encrypted public key and the first encrypted private (Li [0022 and 0046] teaches encrypting users private key document using protection key (i.e. root key interpreted in view of para 0051 of instant application) generated based on hardware information or hash value of hardware information (i.e. character string). See also on [0119] teaches the mobile terminal encrypts the second verification information input by the user and the user's public key to generate the third verification information using the first random encryption parameter (i.e. MAC algorithm) and the second random encryption parameter. See on [0094 and 0120] teaches the mobile terminal may perform a sectionalized encryption on the second verification information and the user's public key using the first random encryption parameter and the second random encryption parameter to generate the third verification information, for example a MAC encryption algorithm may be used);
decrypting the first encrypted private key by using the identification information of the mobile terminal to obtain the first private key (Li on [0021-0022 and 0026] teaches decrypting users private key document to obtain decrypted user’s private key, where users private document includes users private key and hardware information of mobile terminal).

	Although Li teaches encrypting pair of keys using hash value generated from hardware information of device but fails to explicitly teach encrypting, by the mobile terminal, the key pair (De Atley on [Col 14 line 63-67 and Col 15 line 1-20] teaches the system 100 creates a sync ticket containing encryption keys based on the pairing record (1920). The system 100 then sends the sync ticket to the second device (i.e. the cited portion teaches the sync tickets containing encryption keys are sent to second device). Further teaches the sync ticket 2010 encrypts a public key and a corresponding private key with the UID or device-specific code (i.e. the device will use its UID or device specific code to encrypt the keys). See also on [Col 15 line 24-26] teaches a first device creates sync ticket and send the created sync ticket to the second device (i.e. it only send the sync tick does not sends its UID)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of De Atley into the teaching of Li by encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal. One would be motivated to do so in order to protect sensitive information related to user (De Atley on [Col 1 line 10-25]).
The combination of Li and De Atley teaches improving security of device and encrypting service key by mobile bank server, but fails to explicitly teaches improving security of device in offline state by decrypting encrypted data without accessing server, encrypting by the mobile terminal the service key  improving security of device in offline state by decrypting encrypted data without accessing server (Owen on [0156-0158] teaches The user 1010 runs a client application on the wireless device 1022 in offline mode and enters the challenge code into the device 1022, the device encrypts the general device key with general server key. The WAS 1030 decrypts the message with the server local key for offline verification. Offline passcode verification is utilized when the wireless network 1012 is not accessible);
encrypting by the mobile terminal the service key by using the first private key, to obtain an encrypted service key (Owen Fig 8 block 817 and text on [0092] teaches encrypting (Step 817) the first key, of this secondary together with the registration code that is sent to the authorized user, i.e., encrypting the first key of the secondary pair (i.e. service key) with the first key of the asymmetric key pair of the authorized user that is received from the authorized user during registration. See on [0156] teaches the device encrypts the general device key with general server key (i.e. wherein the device is mobile phone [0011, Claim 26])).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Owen into the combined teaching of Li and De Atley by decrypting the encrypted data in offline state without accessing server. One would be motivated to do so in order to provide multi-factor authentication system used for authenticating a suspect user seeking access to a network resource from an access authority of a computer network (Owen on [0002]).
	
Regarding claim 3 the combination of Li, De Atley and Owen teaches all the limitations of claim 1 above Li further teaches further comprising saving the first encrypted public key and the first encrypted private key (Li on [0005-0006 and 0021] teaches storing users public and private key).
4 the combination of Li, De Atley and Owen teaches all the limitations of claim 1 above De Atley further teaches further comprising: using the service key to encrypt data to obtain encrypted data (De Atley on [Col 1 line 55-60] teaches encrypts each file with a unique file encryption key; encrypts each file encryption key with a class encryption key; and encrypts each class encryption key with an additional encryption key. See also on [Col 3 line 15-20] teaches Current encryption schemes encrypt all data stored on a device with a single symmetric encryption key that is available when the system is running. See also [Col 6 line 47-55] teaches the system 100 encrypts each file in a file system with a unique file encryption key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of De Atley into the teaching of Li by encrypting file with service key. One would be motivated to do so in order to protect sensitive information related to user (De Atley on [Col 1 line 10-25]).
Regarding claim 6 the combination of Li, De Atley and Owen teaches all the limitations of claim 1 above LI further teaches wherein the decrypting the first encrypted private key by using the identification information of the mobile terminal to obtain the first private key includes (Li on [0021-0022 and 0026] teaches decrypting users private key document to obtain decrypted user’s private key, where users private document includes users private key and hardware information of mobile terminal).
generating a character string according to the identification information (Li on [0008] teaches encrypting hardware information of mobile terminal in which the hardware information is hardware characteristic information or a hash value of the hardware characteristic information and the hardware characteristic information includes a device serial number and/or a MAC address of network card);
(Li on [0021-0022] teaches decrypting users private key document to obtain decrypted user’s private key, where users private document includes users private key and hardware information of mobile terminal. See on [0008, 0015 and 0032] teaches hardware information is hardware charters tic information or hash and the hardware characteristic information includes device serial and or MAC address).
Regarding claim 13 the combination of Li, De Atley and Owen teaches all the limitations of claim 1 above Li further teaches wherein the identification information includes one or more of following types: an international mobile equipment identity; an international mobile subscriber identification number, a media access control address; and a universally unique identifier of the mobile terminal (Li on [0008, 0032, 0094 and 0108] teaches MAC address).
Regarding claim 14 Li teaches an apparatus for improving security of data on a mobile terminal (Li on [0005] teaches a key protection method and system. See [abstract and 0179] teaches the present invention can increase the difficulty of an attack, and improve security);
one or more processors; and one or more memories stored thereon computer-readable instructions that, when executed by the one or more processors, cause the one or more processors to perform acts comprising (Li on [0005-0009 and 0029] teaches system includes a mobile terminal and mobile bank server. See also on [0238] teaches a device (i.e. mobile/ mobile server are well known to have a processor and memory for storage see on [0005] teaches public and private keys are stored by mobile terminal));
generating a service key; and encrypting the service key, the encrypting the service key including (Li on [0016] teaches generating by the mobile terminal an encryption parameter key (i.e. service key));
(Li on [0005-0007 and 0103] teaches generating by a mobile terminal a user's public key and a user's private key);
acquiring, by the mobile terminal, identification information of the mobile terminal (LI on [0008 and 0032] teaches encrypting by mobile terminal hardware information of the mobile terminal, wherein hardware information includes a device serial number and/or a MAC. The cited portion teaches the device will acquire its own Identification information to be encrypted. See also on [0109] teaches the mobile terminal extracts the hardware characteristic information of its own);
generating a character string according to the identification information, wherein generating the character string according to the identification information includes performing a hash algorithm processing on the identification information, to obtain the character string  (Li on [0008-0009 and 0032] teaches the hardware information is hardware characteristic information or a hash value of the hardware characteristic information and the hardware characteristic information includes a device serial number and/or a MAC address. See also on [0109] teaches calculates the hash value of the hardware characteristic information extracted by the mobile terminal. See also on [0142] teaches the mobile terminal extracts the hardware characteristic information of the mobile terminal and calculates the hash value of the hardware characteristic information);
and encrypting the first public key and the first private key separately by using the character string  (Li [0022 and 0046] teaches encrypting users private key document using protection key (i.e. root key interpreted in view of para 0051 of instant application) generated based on hardware information or hash value of hardware information (i.e. character string). See also on [0119] teaches the mobile terminal encrypts the second verification information input by the user and the user's public key to generate the third verification information using the first random encryption parameter (i.e. MAC algorithm) and the second random encryption parameter. See on [0094 and 0120] teaches the mobile terminal may perform a sectionalized encryption on the second verification information and the user's public key using the first random encryption parameter and the second random encryption parameter to generate the third verification information, for example a MAC encryption algorithm may be used);
decrypting the first encrypted private key by using the identification information of the mobile terminal to obtain the first private key (Li on [0021-0022] teaches decrypting users private key document to obtain decrypted user’s private key, where users private document includes users private key and hardware information of mobile terminal. See also on [0026] teaches decrypting private key includes performing the verification by the mobile terminal on the decrypted user's private key document using the hardware information).
Although Li teaches encrypting pair of keys using hash value generated from hardware information of device but fails to explicitly teach encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal to obtain a first encrypted public key and a first encrypted private key wherein encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal to obtain a first encrypted public key and a first encrypted private key includes, and acquiring the identification information of the mobile terminal during encryption of the service key, but De Atley teaches encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal to obtain a first encrypted public key and a first encrypted private key, wherein encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal to obtain a first encrypted public key and a first encrypted private key (De Atley on [Col 14 line 63-67 and Col 15 line 1-20] teaches the system 100 creates a sync ticket containing encryption keys based on the pairing record (1920). The system 100 then sends the sync ticket to the second device (i.e. the cited portion teaches the sync tickets containing encryption keys are sent to second device). Further teaches the sync ticket 2010 encrypts a public key and a corresponding private key with the UID or device-specific code (i.e. the device will use its UID or device specific code to encrypt the keys). See also on [Col 15 line 24-26] teaches a first device creates sync ticket and send the created sync ticket to the second device (i.e. it only send the sync tick does not sends its UID));
and encrypting the service key by using the first private key, to obtain an encrypted service key (De Atley on [Col 6 line 47-55] teaches encrypts each file encryption key with a class encryption key (420), and encrypts each class encryption key with an additional encryption key (430));
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of De Atley into the teaching of Li by acquiring identification of mobile during encryption of key and encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal. One would be motivated to do so in order to protect sensitive information related to user (De Atley on [Col 1 line 10-25]).
The combination of Li and De Atley teaches improving security of device and encrypting service key by mobile bank server, but fails to explicitly teaches improving security of device in offline state by decrypting encrypted data without accessing server, encrypting by the mobile terminal the service key by using the first private key, to obtain an encrypted service key, However Owen from analogous art teaches improving security of device in offline state by decrypting encrypted data without accessing server (Owen on [0156-0158] teaches The user 1010 runs a client application on the wireless device 1022 in offline mode and enters the challenge code into the device 1022, the device encrypts the general device key with general server key. The WAS 1030 decrypts the message with the server local key for offline verification. Offline passcode verification is utilized when the wireless network 1012 is not accessible);
(Owen Fig 8 block 817 and text on [0092] teaches encrypting (Step 817) the first key, of this secondary together with the registration code that is sent to the authorized user, i.e., encrypting the first key of the secondary pair with the first key of the asymmetric key pair of the authorized user that is received from the authorized user during registration. See on [0156] teaches the device encrypts the general device key with general server key (i.e. the device referrers to mobile phone [0011, Claim 26])).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Owen into the combined teaching of Li and De Atley by decrypting the encrypted data in offline state without accessing server. One would be motivated to do so in order to provide multi-factor authentication system used for authenticating a suspect user seeking access to a network resource from an access authority of a computer network (Owen on [0002]).

Regarding claim 15 the combination of Li, De Atley and Owen  teaches all the limitations of claim 14 above, the combination of Li and cited section of De Atley  fails to explicitly teach acquiring data that needs to be encrypted on the mobile terminal and encrypting the data by using the service key, however De Atley on different section teaches wherein the acts further comprise: acquiring data that needs to be encrypted on the mobile terminal and encrypting the data by using the service key (De Atley on [Col 1 line 55-60] teaches encrypts each file with a unique file encryption key; encrypts each file encryption key with a class encryption key; and encrypts each class encryption key with an additional encryption key. See also on [Col 3 line 33-44] teaches encrypting all files using unique encryption key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of De Atley cited in differenr section into the teaching of Li by acquiring data that needs to be encrypted on the mobile terminal and encrypting the data by using the service key. (De Atley on [Col 1 line 10-25]).
	Regarding claim 19 Li teaches one or more memories stored thereon computer-readable instructions that, when executed by one or more processors, cause the one or more processors to perform acts comprising (Li on [0005-0009 and 0029] teaches system includes a mobile terminal and mobile bank server. See also on [0238] teaches a device (i.e. mobile/ mobile server are well known to have a processor and memory for storage see on [0005] teaches public and private keys are stored by mobile terminal));
 generating a service key (Li on [0016] teaches generating by the mobile terminal an encryption parameter key (i.e. service key)); 
and encrypting the service key, the encrypting the service key including (Li on [0007, 0031 and 0175] teaches encrypting by the mobile terminal encryption parameter key);
and generating a key pair including a first public key and a first private key (Li on [0005-0007 and 0103] teaches generating by a mobile terminal a user's public key and a user's private key); 
acquiring, by a mobile terminal, identification information of the mobile terminal (LI on [0008 and 0032] teaches encrypting by mobile terminal hardware information of the mobile terminal, wherein hardware information includes a device serial number and/or a MAC. The cited portion teaches the device will acquire its own Identification information to be encrypted. See also on [0109] teaches the mobile terminal extracts the hardware characteristic information of its own);
generating a character string according to the identification information, wherein generating the character string according to the identification information includes performing a hash algorithm processing on the identification information, to obtain the character string  (Li on [0008-0009 and 0032] teaches the hardware information is hardware characteristic information or a hash value of the hardware characteristic information and the hardware characteristic information includes a device serial number and/or a MAC address. See also on [0109] teaches calculates the hash value of the hardware characteristic information extracted by the mobile terminal. See also on [0142] teaches the mobile terminal extracts the hardware characteristic information of the mobile terminal and calculates the hash value of the hardware characteristic information);
and encrypting the key pair including the first public key and the first private key by using the character string to obtain the first encrypted public key and the first encrypted private (Li [0022 and 0046] teaches encrypting users private key document using protection key (i.e. root key interpreted in view of para 0051 of instant application) generated based on hardware information or hash value of hardware information (i.e. character string). See also on [0119] teaches the mobile terminal encrypts the second verification information input by the user and the user's public key to generate the third verification information using the first random encryption parameter (i.e. MAC algorithm) and the second random encryption parameter. See on [0094 and 0120] teaches the mobile terminal may perform a sectionalized encryption on the second verification information and the user's public key using the first random encryption parameter and the second random encryption parameter to generate the third verification information, for example a MAC encryption algorithm may be used).
decrypting the first encrypted private key by using the identification information of the mobile terminal, to obtain the first private key (Li on [0021-0022] teaches decrypting users private key document to obtain decrypted user’s private key, where users private document includes users private key and hardware information of mobile terminal);
Although Li teaches encrypting public key and private key, but fails to explicitly teach encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal to obtain the first encrypted public key and the first encrypted private key, wherein encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal to obtain a De Atley on [Col 14 line 63-67 and Col 15 line 1-20] teaches (De Atley on [Col 14 line 63-67 and Col 15 line 1-20] teaches the system 100 creates a sync ticket containing encryption keys based on the pairing record (1920). The system 100 then sends the sync ticket to the second device (i.e. the cited portion teaches the sync tickets containing encryption keys are sent to second device). Further teaches the sync ticket 2010 encrypts a public key and a corresponding private key with the UID or device-specific code (i.e. the device will use its UID or device specific code to encrypt the keys). See also on [Col 15 line 24-26] teaches a first device creates sync ticket and send the created sync ticket to the second device (i.e. it only send the sync tick does not sends its UID). See also on [Col 12 line 1-5] teaches The first device creates the backup ticket by encrypting an asymmetric encryption key pair containing a public key and a private key);
and encrypting the service key by using the first private key, to obtain an encrypted service key (De Atley on [Col 6 line 47-55] teaches encrypts each file encryption key with a class encryption key (420), and encrypts each class encryption key with an additional encryption key (430));
acquiring data that needs to be encrypted on the mobile terminal and encrypting the data by using the service key  (De Atley on [Col 1 line 55-60] teaches encrypts each file with a unique file encryption key; encrypts each file encryption key with a class encryption key; and encrypts each class encryption key with an additional encryption key. See also on [Col 1 line 27-35] teaches file system for storing files is to encrypt the file system with an encryption key stored on the computing device. See also on [Col 3 line 33-44] teaches encrypting all files using unique encryption key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of De Atley into the teaching of Li by acquiring identification of mobile during encryption of key and encrypting by the mobile terminal the key pair including the first public key and the first private key by using the identification information of the mobile terminal. One would be motivated to do so in order to protect sensitive information related to user (De Atley on [Col 1 line 10-25]).
The combination of Li and De Atley teaches improving security of device and encrypting service key by mobile bank server, but fails to explicitly teaches improving security of device in offline state by decrypting encrypted data without accessing server, encrypting by the mobile terminal the service key by using the first private key, to obtain an encrypted service key, However Owen from analogous art teaches improving security of device in offline state by decrypting encrypted data without accessing server (Owen on [0156-0158] teaches The user 1010 runs a client application on the wireless device 1022 in offline mode and enters the challenge code into the device 1022, the device encrypts the general device key with general server key. The WAS 1030 decrypts the message with the server local key for offline verification. Offline passcode verification is utilized when the wireless network 1012 is not accessible);
encrypting by the mobile terminal the service key by using the first private key, to obtain an encrypted service key (Owen Fig 8 block 817 and text on [0092] teaches encrypting (Step 817) the first key, of this secondary together with the registration code that is sent to the authorized user, i.e., encrypting the first key of the secondary pair with the first key of the asymmetric key pair of the authorized user that is received from the authorized user during registration. See on [0156] teaches the device encrypts the general device key with general server key (i.e. the device referrers to mobile phone [0011, Claim 26])).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Owen into the combined teaching of Li and De Atley by decrypting the encrypted data in offline state without accessing server. One would be motivated to do so in order to provide multi-factor authentication system used for authenticating a suspect user seeking access to a network resource from an access authority of a computer network (Owen on [0002]).

Claims 8-11, 16-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Li (US 20150363775) in view of De Atley et al (hereinafter De Atley) (US 8433901) in view of Owen et al (hereinafter Owen) (US 20040187018) and further in view of Oshida et al (hereinafter Oshida) (US 20150086016).
Regarding claim 8 the combination of Li, De Atley and Owen teaches all the limitations of claim 1 above. The combination fails to explicitly teach further teaches further comprising decrypting the first encrypted public key by using the identification information of the mobile terminal to obtain the first public key, but Oshida teaches decrypting the first encrypted public key by using the identification information of the mobile terminal to obtain the first public key (Oshida on [0031, 0057, 0083, 0125 and 0152] teaches decrypting the encryption key based on device unique ID and hash function).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Oshida into the combined teaching of Li, De Atley and Owen by decrypting the first encrypted public key by using the identification information. One would be motivated to do so in order to prevent unjust acquisition of the encryption key (Oshida on [0015]).
Regarding claim 9 the combination of Li, De Atley, Owen and Oshida teaches all the limitations of claim 8 above Li further teaches generating a character string according to the identification (Li on [0008-0009 and 0032] teaches the hardware information is hardware characteristic information or a hash value of the hardware characteristic information and the hardware characteristic information includes a device serial number and/or a MAC address. See also on [0109] teaches calculates the hash value of the hardware characteristic information extracted by the mobile terminal. See also on [0142] teaches the mobile terminal extracts the hardware characteristic information of the mobile terminal and calculates the hash value of the hardware characteristic information);
Oshida teaches wherein the decrypting the first encrypted public key by using the identification information of the mobile terminal includes (Oshida on [0031, 0057, 0083, 0125 and 0152] teaches decrypting the encryption key based on device unique ID and hash function. See also on [0009-0030] teaches generating hash function based on unique ID).
and decrypting the first encrypted public key by using the character string (Oshida on [0031, 0057, 0083, 0125 and 0152] teaches decrypting the encryption key based on device unique ID and hash function. See also on [0009-0030] teaches generating hash function based on unique ID).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Oshida into the combined teaching of Li, De Atley and Owen by decrypting the first encrypted public key by using the identification information. One would be motivated to do so in order to prevent unjust acquisition of the encryption key (Oshida on [0015]).
Regarding claim 10 the combination of Li, De Atley. Owen and Oshida teaches all the limitations of claim 9 above, De Atley further teaches decrypting an encrypted service key by using the first public key to obtain a service key (De Atley on [Col 4 line 15-20] teaches derive a key which is used to decrypt the class keys. See also on [Col 12 line 40-48] teaches the system 100 decrypts the file encryption keys corresponding to the selected set of encrypted files. The system decrypts the file encryption keys with the corresponding decrypted protection class keys (1260) from the escrow key bag).
11 the combination of Li, De Atley. Owen and Oshida teaches all the limitations of claim 10 above, De Atley further teaches using the service key to decrypt encrypted data to obtain data (De Atley on [Col 4 line 15-24] teaches the system uses the entered password to derive a key which is used to decrypt the class keys, the system tries to decrypt all keys to maximize the time spent decrypting. See also on [col 14 line 30-35] teaches the system unwraps the wrapped key and decrypts the file key using the appropriate backup class key).

Regarding claim 16 the combination of Li, De Atley and Owen teaches all the limitations of claim 15 above, De Atley further teaches wherein the acts further comprising decrypting the service key, the decrypting the service key including decrypting the encrypted service key by using the first public key to obtain the service key (De Atley on [Col 4 line 15-20] teaches derive a key which is used to decrypt the class keys. See also on [Col 12 line 40-48] teaches the system 100 decrypts the file encryption keys corresponding to the selected set of encrypted files. The system decrypts the file encryption keys with the corresponding decrypted protection class keys (1260) from the escrow key bag. See also on [col 14 line 30-35] teaches the system unwraps the wrapped key and decrypts the file key using the appropriate backup class key).
The combination of Li, De Atley and Owen fails to explicitly teach decrypting the first encrypted public key by using the identification information of the mobile terminal to obtain the first public key, but Oshida teaches decrypting the first encrypted public key by using the identification information of the mobile terminal to obtain the first public key (Oshida on [0031, 0057, 0083, 0125 and 0152] teaches decrypting the encryption key based on device unique ID and hash function. See also on [0009-0030] teaches generating hash function based on unique ID).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Oshida into the combined teaching of Li, De Atley and Owen by decrypting (Oshida on [0015]).

Regarding claim 17 the combination of Li, De Atley, Owen and Oshida teaches all the limitations of claim 16 above De Atley further teaches wherein the acts further comprise decrypting the encrypted data by using the service key (De Atley on [Col 4 line 15-24] teaches the system uses the entered password to derive a key which is used to decrypt the class keys, the system tries to decrypt all keys to maximize the time spent decrypting. See also on [col 14 line 30-35] teaches the system unwraps the wrapped key and decrypts the file key using the appropriate backup class key).

	Regarding claim 20 the combination of Li, De Atley and Owen teaches all the limitations of claim 19 above De Atley further teaches decrypting the encrypted service key by using the first public key, to obtain the service key (De Atley on [Col 4 line 15-20] teaches derive a key which is used to decrypt the class keys. See also on [Col 12 line 40-48] teaches the system 100 decrypts the file encryption keys corresponding to the selected set of encrypted files. The system decrypts the file encryption keys with the corresponding decrypted protection class keys (1260) from the escrow key bag);
decrypting the encrypted data by using the service key (De Atley on [Col 4 line 15-24] teaches the system uses the entered password to derive a key which is used to decrypt the class keys, the system tries to decrypt all keys to maximize the time spent decrypting. See also on [col 14 line 30-35] teaches the system unwraps the wrapped key and decrypts the file key using the appropriate backup class key).
The combination of Li, De Atley and Owen fails to explicitly teach wherein the acts further comprise: decrypting the first encrypted public key by using the identification information of the mobile terminal, to obtain the first public key, but Oshida teaches decrypting the first encrypted public key by (Oshida on [0031, 0057, 0083, 0125 and 0152] teaches decrypting the encryption key based on device unique ID and hash function).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Oshida into the combined teaching of Li, De Atley and Owen by decrypting the first encrypted public key by using the identification information. One would be motivated to do so in order to prevent unjust acquisition of the encryption key (Oshida on [0015]). 

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522.  The examiner can normally be reached on 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/MOEEN KHAN/               Examiner, Art Unit 2436                                  



/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436