Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
2.    NO restrictions warranted at initial time of filing for patent.

Information Disclosure Statement
3.    The information disclosure statement (IDS) submitted on 03/26/2020 and 06/23/2020, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Oath/Declaration
4.    Applicant’s Oath was filed on 03/26/2019.

Drawings
5.    Applicant’s drawings filed on 03/26/2019 has been inspected and is in compliance with MPEP 608.01.
Specification
6.    Applicant’s specification filed on 03/26/2019 has been inspected and is in compliance with MPEP 608.02.
Claim Objections
7.    NO objections warranted at initial time of filing for patent.

Remarks
8.	Examiner request Applicant review relevant prior art under the conclusion of this office action.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
9.	Claims 1-6 and 9-20 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20140301545 hereinafter Glider in view of U.S. Publication No.  20180034787 hereinafter Kamarju.

As per claim 1, Glider discloses:
A computer program product for facilitating processing within a computing environment (para 0004 “This invention comprises a method, system, and computer program product for performing data functions effectively on encrypted data that normally only operate effectively on clear text.”), the computer program product comprising: 
a computer readable storage medium readable by a processing circuit and storing instructions (para 0045) 
for performing a method comprising: 
obtaining, by a select processor, a request to perform a requested operation (par a 0029 “FIG. 2 is a flow chart (200) illustrating a method for efficiently storing encrypted data using a decrypter. An encrypted data block or file, referred to herein as ciphertext, is received by a decrypter prior to storage of the ciphertext in a persistent storage device or passed to another data processing component (202). In one embodiment, the function of the decrypter is to process the received ciphertext in preparation for re-encryption and commitment of the re-encrypted data to a persistent storage device.” The decrypter (the processor i.e., a component the processes data) receiving the encrypted data block is a request to manipulate the data),
the request including encrypted data and a protected key, the protected key to be used by the select processor on behalf of an entity unauthorized to use the protected key (para 0029 “The decrypter may receive or need to gather auxiliary information with an encrypted data block. The provided auxiliary information is required for decryption of ciphertext encoded with certain types of encryption algorithms.”); 
decrypting the encrypted data using the key to obtain decrypted data (para 0030 “However, a positive response to the determination at step (208) is followed by determining if auxiliary information is needed to decrypt the data (212). In one embodiment, the auxiliary information is block oriented, such as a logical block address and volume number where the data is stored. Similarly, in one embodiment, the auxiliary information is file oriented, such as the inode number and offset within the file where the data is stored. A positive response to the determination at step (212) is following by gathering the auxiliary information (214). However, a negative response to the determination at step (212), or after the process of gather the auxiliary information is completed at step (214), is followed by decrypting the data block using the acquired encryption key (216) and the auxiliary information where applicable.” The auxiliary information received with the encrypted data is also a key (information used to decrypt data) to decrypt the data);
performing the requested operation on the decrypted data to obtain resulting data (para 0031 “Once ciphertext is decrypted by the decrypter, the non-encrypted data block or file is prepared for persistent storage or passed to another data processing component. Following a negative response to the determination at step (204), e.g. the received data block is not encrypted, or following step (216), a data function is applied to the non-encrypted data block (218). The application of the data function may include, but is not limited to, compression, de -duplication, an anti-virus scan, an indexing scan, or any other application to the data that can only be performed on data in a non-encrypted form.”)
encrypting the resulting data to obtain encrypted resulting data; and providing the encrypted resulting data to a requestor of the request (para 0031 “As shown a positive response to the determination at step (222) results in re-encryption of the decrypted ciphertext with the encryption key (224), e.g. the same acquired encryption key, and a return to step (210) for commitment of the data to storage of another data processing component.”).

Glider does not disclose: 
a request including a protected key

	Kamarju discloses:
a request including a protected key (para 0076 “In an action 706, each host encrypts data, using the key of that host, and sends the key encrypted data to a storage system. In an action 708, each host encrypts metadata, using the key of that host, and sends the key encrypted metadata to a storage system. This could be the same or a differing storage system in various embodiments. In an action 710, each storage system decrypts the data, using the first key, as shared by the host and/or by the data security management system. In an action 710, each storage system can also decrypt the metadata, using the first key, as shared by the host and/or by the data security management system.” The host sending data and/or metadata to the storage system acts as a request for the storage system to perform an action. Fig. 4 illustrates how each key is protected within a secure data security management system with separate local memory stores.)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the for performing data functions effectively on encrypted data of Glider to include a request including a protected key, as taught by Kamarju.
The motivation would have been to properly send a request with a relevant protected data in order to fulfill a specific requested operation.

	As per claim 2, Glider in view of Kamarju discloses:
The computer program product of claim 1, wherein the requested operation comprises a compression operation and the encrypted resulting data is encrypted compressed data (Glider para 0031) and (Kamarju para 0038).  
	
	As per claim 3, Glider in view of Kamarju discloses:
The computer program product of claim 2, wherein the encrypted compressed data is stored in storage as a back-up (Glider para 0017).  

	As per claim 4, Glider in view of Kamarju discloses:


	As per claim 5, Glider in view of Kamarju discloses:
The computer program product of claim 1, wherein the obtaining, decrypting, performing the requested operation, encrypting and providing are performed by the select processor, the select processor comprising a system assist processor (Glider Fig. 2, para 0029-0031) and (Kamarju Fig 1, element 112, and Fig. 7).  

	As per claim 6, Glider in view of Kamarju discloses:
6. The computer program product of claim 1, wherein the decrypting, performing the requested operation and encrypting are performed atomically (Kamarju Fig. 1) and (Glider Fig. 1).  

	As per claim 9, Glider in view of Kamarju discloses:
The computer program product of claim 1, wherein the requestor is a component of a host system coupled to the select processor, the requestor and the host system being unauthorized to use the protected key to decrypt the encrypted data (Kamarju Fig. 1) and (Glider Figs. 1 and 2, para 0029-0031).    

	As per claim 10, Glider in view of Kamarju discloses:


	As per claim 11, Glider in view of Kamarju discloses:
The computer program product of claim 1, wherein the encrypting the resulting data comprises using the protected key to obtain the encrypted resulting data (Glider para 0031)

As per claim 12, the implementation of the computer program product of claim 1 will execute the computer system of claim 12. The claim is analyzed with respect to claim 1. 
	  
As per claim 13, the claim is analyzed with respect to claim 2.

As per claim 14, the claim is analyzed with respect to claim 3.
	  
As per claim 15, the claim is analyzed with respect to claim 4.

As per claim 16, the claim is analyzed with respect to claim 10.
As per claim 17, the implementation of the computer program product of claim 1 will execute the computer implemented method of claim 17. The claim is analyzed with respect to claim 1. 

As per claim 18, the claim is analyzed with respect to claim 2.

As per claim 19, the claim is analyzed with respect to claim 3.
	  
As per claim 20, the claim is analyzed with respect to claim 4.

10.	Claims 7 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Glider in view of Kamarju, and further in view of U.S. Publication No. 20120293354 hereinafter Suzuki.

	As per claim 7, Glider in view of Kamarju discloses:
The computer program product of claim 1, wherein the protected key (Kamarju Fig. 4, para 0076) 

	Glider in view of Kamarju does not disclose
protected key is created using a system mask

	Suzuki discloses:
para 0063 “In order to improve the error rate of results of the shape determination processing, utilizing the feature that the same processing can be repeatedly performed, shape determination is repeatedly performed for glitches generated by a state change of the same input register, and then, the final output is determined by majority processing. Particularly, at "the time of initial key generation," only the inputs whose outputs all become the same in response to M-times repeated processing are used for key generation. "The time of initial key generation" is a time when key information (bit sequence) is initially generated by the bit sequence generation apparatus 200 installed in the system LSI 1000. For example, it is the time when key information is initially generated in the LSI at factory shipment. In this case, the determination processing is performed M-times for each of N state changes to generate an N-bit response, and simultaneously generate an N-bit mask value.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the for performing data functions effectively on encrypted data of Glider in view of Kamarju to include a request including a protected key, as taught by Suzuki. 
The motivation would have been to properly generate a key that is protected.

	As per claim 8, Glider in view of Kamarju and Suzuki discloses:
.  

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.

A. U.S. Publication No. 20160065540 discloses on paragraph 0026 “The decrypter (184) includes modules to facilitate functionality with respect to de-duplication of encrypted data to support efficient data storage. As shown, the decrypter (184) includes a key retrieval module (152), an encryption module (154), and a storage efficiency module (156). The key retrieval module (152) functions to retrieve a master encryption key from an owning entity of a data chunk. The encryption module (154) functions to decrypt and encrypt data. The storage efficiency module (156) functions to apply advanced data functions, such as data reduction functions (or the reverse functions) on the data in its plaintext form. In one embodiment, the advanced data functions may include, but are not limited to, deduplication techniques, compression, etc. More specifically, the encryption module (154) functions to create private keys, encrypt plaintext of the associated data chunk with the created private key, and to form an encryption unit suitable for storage. Similarly, the encryption module (154) may use the master encryption key to create a wrapped key, e.g. encryption of the private key with the master key, and to store the wrapped key as metadata for the underlying and encrypted data chunk.”
U.S. Publication No. 20180196947 discloses on paragraph 0010 “In an illustrative example, a storage controller coupled to a storage array comprising one or more storage devices can receive a request to write encrypted data to a volume resident on a storage array, where the encrypted data comprises data encrypted by a first encryption key that is associated with at least one property of the data. In some implementations, a property of the data may include a volume on the storage array where the data is stored, a volume range resident on the storage array, a group of blocks associated with the volume resident on the storage array, a unique identifier associated with the client (or owner of the data), a client application identifier, or any other similar information associated with the data. The storage controller determines a decryption key to decrypt the encrypted data, decrypts the encrypted data using the decryption key, and performs at least one data reduction operation (e.g., data compression, deduplication, etc.) on the decrypted data. The storage controller then encrypts the reduced data using a second encryption key to generate a second encrypted data and stores the second encrypted data on the storage array.”

Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192.  The examiner can normally be reached on Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/GARY S GRACIA/Primary Examiner, Art Unit 2491