Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

DETAILED ACTION
This Examiner’s Amendment and Examiner’s Reasons for Allowance action is in response to the filing of 10/22/2020. Claims 2-3, 10 and 17 have been cancelled and claims 1, 8, and 15 have been amended. Therefore claims 1,4-9, 11-16, 18-21 are presently pending in the application and have been considered as follows.

Response to Amendments
Examiner acknowledges that invocation of 35 U.S.C. 112, sixth paragraph, is intended for the terms found in claims 8-20 and the structure on the claim limitations is equivalent as described in the applicant's specification. 
In light of applicant’s amendments, all previously raised objection and rejections are hereby withdrawn.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Attorney Edward Marshall (Reg. No. 45395) on February 8, 2021.
The application has been amended as follows:

(currently amended) A method for use in a data encryption system including a data analysis module, a key generator, and an encryptor, the method comprising:
receiving, at the data analysis module, received data to be encrypted prior to transmission to a storage unit, the received data having a received size;
analyzing, by the data analysis module, the received data to determine a secure storage approach based on a risk level associated with the received data;
in response to the risk level satisfying a threshold risk level: 
masking, by the data analysis module, the received size of the received data by padding the received data to generate padded data having a padded size that does not exceed the received size by more than a predetermined percentage of the received size;
encrypting the padded data, by the encryptor, using a convergent encryption technique to encrypt the padded data;
in response to the risk level failing to satisfy the threshold risk level, encrypting the received data, by the encryptor, using a key, generated by a key generator, based on a random number; and
transmitting encrypted data to a storage unit.

(cancelled) 

(cancelled) 

(previously presented) The method of claim 1, wherein using the convergent encryption technique includes:
generating a key based on the padded data.

(previously presented) The method of claim 1, further comprising:
determining the risk level associated with the received data based, at least in part, on the received size of the received data.


compressing the received data to generate compressed data having a compressed size;
determining a predictability of the received data based on a comparison of the compressed size to a compression threshold value; and
determining the risk level associated with the received data, based at least in part, on the predictability of the received data.

(Original) The method of claim 1, wherein using the convergent encryption technique includes:
generating an encryption key by performing a deterministic function on the received data.

a computing core configured to implement a data analysis module, a key generator, and an encryptor;
the data analysis module configured to:
analyze received data to select a secure storage approach based on a risk level associated with the received data, the secure storage approach selected from among a plurality of storage approaches including:
a first storage approach that uses convergent encryption to encrypt the received data after a received size of the received data has been masked by applying an added amount of padding that varies based on the received size of the received data to generate padded data having a padded size, wherein the padded size is limited as to 
and a second storage approach that encrypts the received data using a key generated based on a random number, wherein selecting the secure storage approach includes:
in response to the risk level satisfying a threshold risk level, setting the secure storage approach to use a convergent encryption technique to encrypt the received data;
in response to the risk level failing to satisfy the threshold risk level, setting the secure storage approach to use an encryption technique employing a key generated based on a random number to encrypt the received data;
transmit information specifying the secure storage approach to [[a]] the key generator;
the key generator configured to:
generate an encryption key based on the secure storage approach;
transmit the encryption key to the encryptor;
the encryptor configured to:
receive data to be encrypted; 

an interface configured to transmit the encrypted data to a storage unit.

(previously presented) The computing device of claim 8, further comprising:
a data manipulation module;
the data analysis module is further configured to:
examine the received size of the received data;
transmit information specifying the secure storage approach to the data manipulation module; and
the data manipulation module configured to mask the received size of the received data by adding padding to the received data to generate the padded data.

(cancelled)

(previously presented) The computing device of claim 9, further comprising:
the data manipulation module further configured to provide the padded data to the key generator; and
in response to the information specifying the secure storage approach indicating use of a convergent encryption technique, the key generator is further configured to generate the encryption key based on the padded data.

(previously presented) The computing device of claim 8, wherein the data analysis module is further configured to:
determine the risk level based, at least in part, on the received size of the received data.

(Original) The computing device of claim 8, wherein the data analysis module is further configured to:
compress the received data to generate compressed data having a compressed size;
determine a predictability of the received data based on a comparison of the compressed size to a compression threshold value; and


(previously presented) The computing device of claim 8, wherein the key generator is further configured to:
in response to the information specifying the secure storage approach indicating use of a convergent encryption technique, generate an encryption key by performing a deterministic function on the received data.

a data analysis module, a key generator, and an encryptor;
[[a]]the data analysis module configured to;
analyze received data to determine a secure storage approach based on a risk level associated with the received data, the secure storage approach selected from among a plurality of storage approaches including:
a first storage approach that uses convergent encryption to encrypt the received data after a received size of the received data has been masked by applying an added amount of padding that varies based on the received size of the received data to generate padded data having a padded size, wherein the padded size is limited as to 
and a second storage approach that encrypts data using a key generated based on a random number, wherein selecting the secure storage approach includes:
in response to the risk level satisfying a threshold risk level, setting the secure storage approach to use a convergent encryption technique to encrypt the received data;
in response to the risk level failing to satisfy the threshold risk level, setting the secure storage approach to use an encryption technique employing a key generated based on a random number to encrypt the received data;
transmit information specifying the secure storage approach to [[a]]the key generator;
[[a]]the  key generator configured to;
generate an encryption key based on the secure storage approach;
transmit the encryption key to [[an]]the  encryptor;
the encryptor configured to:
receive data to be encrypted; 
encrypt the data to generate encrypted data using the encryption key; and


(previously presented) The data encryption system of claim 15, further comprising:
a data manipulation module;
the data analysis module is further configured to:
examine the received size of the received data;
transmit information specifying the secure storage approach to the data manipulation module; and
the data manipulation module configured to mask the received size of the received data by adding padding to the received data to generate the padded data.

(cancelled)

(previously presented) The data encryption system of claim 16, further comprising:
the data manipulation module further configured to provide the padded data to the key generator; and
in response to the information specifying the secure storage approach indicating use of a convergent encryption technique, the key generator is further configured to generate the encryption key based on the padded data.

(previously presented) The data encryption system of claim 15, wherein the data analysis module is further configured to:
determine the risk level based, at least in part, on the received size of the received data.

(Original) The data encryption system of claim 15, wherein the data analysis module is further configured to:
compress the received data to generate compressed data having a compressed size;
determine a predictability of the received data based on a comparison of the compressed size to a compression threshold value; and
determine the risk level associated with the received data, based at least in part, on the predictability of the received data.

(previously presented) The method of claim 1, wherein padding the received data includes:
adding padding to a beginning of the received data.

Allowable Subject Matter
Claims 1-8, 10-18, and 20-22 are allowed over the prior art of record.  The following is an examiner's statement of reasons for allowance:

Prior art of record teaches the following:
Grube et al. (US 9208331 B2) teaches a method begins with a processing module receiving a request to store a data object from a first requesting device. The method continues with the processing module determining that a substantially similar version of the data object is currently stored in a DSN. The method continues with the processing module determining that a number of unique combinations of retrieving the plurality of sets of encoded data slices has exceeded a threshold and, when so, encoding, with a same decode threshold number and an increased pillar width number, the data object to create and store a plurality of sub-set of redundancy encoded data slices. The method continues with the processing module creating a unique combination of retrieving the data object for the first requesting device based on the plurality of sets of encoded data slices and the plurality of sub-set of redundancy encoded data slices. 
Farrugia et al. (US 2012/0159186 A1) teaches in the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by protecting the cipher key by means of a key expansion process which obscures the cipher and/or the round keys by increasing their lengths to provide an expanded version of the keys for carrying out encryption or decryption using 
Redlich et al. (US 2003/0070077 A1) teaches a data security having parsing and dispersion aspects enables the user to parse, disperse and reconstruct the original, plain text data or data object, thereby enabling secure storage of the data. The original data may be maintained in its original state, encrypted or it may be destroyed. For example, financial data maintained by an institute, stored as is customary, be parsed with an algorithm, the parsed segments dispersed off-site (that is, separated and stored in extract and remainder stores or computer memories) and away from the financial institute, and, upon appropriate security clearance, the dispersed data can be reconstructed to duplicate the data. Large distribution of parsed data is contemplated by the system. The original data remains stable, operable and immediately useful in its customary storage location (or alternatively destroyed). The secured dispersed data is a back-up of the original data.
However, prior art is silent on "analyze received data to determine a secure storage approach based on a risk level associated with the received data, the secure storage approach selected from among a plurality of storage approaches including: a first storage approach that uses convergent encryption to encrypt the received data after a received size of the received data has been masked by applying an added amount of padding that varies based on the received size of the received data to generate padded data having a padded size, wherein the padded size is limited as to not exceed the received size of the received data by more than a predetermined percentage of the received size of the received data; and a second storage approach that encrypts data using a key generated based on a random number, wherein selecting the secure storage approach includes: in response to the risk level satisfying a threshold risk level, setting the secure storage approach to use a convergent encryption technique to encrypt the received data; in response to the risk level failing to satisfy the threshold risk level, setting the secure storage approach to use an encryption technique employing a key generated based on a random number to encrypt the received data; transmit information specifying the secure storage approach to the key generator", in combination with all other claim limitations as it has been recited in independent claims 1, 8, and 15.  
All other dependent claims are allowable as they depend on an allowable independent claim.
	Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance”.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LIZBETH TORRES-DIAZ whose telephone number is (571)272-1787.  The examiner can normally be reached on 9:00a-4:30p.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Lizbeth  Torres Diaz/
Examiner, Art Unit 2495
/FARID HOMAYOUNMEHR/Supervisory Patent Examiner, Art Unit 2495                                                                                                                                                                                                        


/February 11, 2021/
/ltd/