DETAILED ACTION

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 4/7/2020 has been entered.
 
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Remarks
Claims 1-8, 10-20 are pending.  Claim 9 is cancelled.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3-6, 8, 10-20 are rejected under 35 U.S.C. 103 as being unpatentable over Amarendran et al (PGPBU 2016/0078245), and further in view of Muhlestein et al (PGPUB 2017/0316222), Garrard (PGPUB 2013/0262875), and Greenan et al (PGPUB 2016/0191635).

Regarding Claim 1:
Amarendran teaches a system for data storage (abstract), comprising: 
an interface to receive a request to store data, and a data location context, wherein the data location context comprises a first location (paragraph 303-304, filter driver interacts with data, e.g. file system filter driver; filter driver monitors and intercepts application requests targeted at file system; filter driver intercepts, analyzes, and/or copies data traveling to or from application or file system; paragraph 306, filter driver includes modules such as interface agent, encryption module, encryption rules engine, and file monitor; paragraph 322, file monitor monitors file access operations to detect file write operations, i.e. request to store data; paragraph 324-325, file monitor accesses metadata associated with file; metadata includes location data; paragraph 330, encryption module of filter driver encrypts the file, i.e. the data); and 
a processor to:
determine whether the data comprises sensitive data configured to have an assigned access policy and an assigned storage policy (paragraph 46, 464, system analyzes file to determine whether files include sensitive data; paragraph 247-249, audit policy defines “sensitive object”, which may be files or objects containing particular keywords, metadata, or flags, and specifies rules for handling sensitive objects; storage policy included or associated with audit policy); and 
in response to a determination that the data comprises sensitive data configured to have the assigned access policy and the assigned storage policy: 
(paragraph 327, encryption rules determine whether file is to be encrypted; rules based on metadata, e.g. location metadata; paragraph 330-331, encryption module encrypts and stores the file at the location indicated by originally detected write command).
Amarendran does not explicitly teach wherein the assigned storage policy has a storage policy data location context, wherein the storage policy data location context comprises a second location that the assigned storage policy pertains to; and
in response to a determination that the data comprises sensitive data configured to have the assigned access policy and the assigned storage policy:
determine a requestor security group based on IP address of a requestor, requestor location information, requestor organization information, or any combination thereof;
determine whether the requestor security group allows the requestor to store the sensitive data; and
in response to a determination that the requestor security group allows the requestor to store the sensitive data:
determine whether the storage policy data location context matches the data location context, comprising to:
compare the first location with the second location; and
in response to a determination that the first location matches the second location, determine that the storage policy data location context matches the data location context; and
in response to a determination that the storage policy data location context matches the data location context:
store the data based at least in part on the assigned storage policy and the data location context.
(abstract, system for implementing storage access policies within a storage system; paragraph 50, client computing device issues storage access request to storage system; request is for performing operation on a resource, e.g. create, view, open, edit, or other operation on file or directory, in a file system hosted by storage system; to compare request against storage access policy, storage access policy module executes set of storage rules defining storage access policy; storage access request includes information such as path name of specific resource in request, which is compared against corresponding expressions in set of storage rules, i.e. assigned storage policy has storage policy data location context matching received data location context; e.g. the storage access policy module compares directory path specified in the storage access request with the PATHPAT storage rule in the storage access policy (e.g., determines if the directory path requested matches \org\human-resource\*; if the requested directory path matches the PATHPAT storage rule, the storage access policy module proceeds to the next storage rule; therefore, the request location can be seen as a first location context, and PATHPAT can be seen as a second location context); and
in response to a determination that data comprises sensitive data configured to have an assigned access policy and the assigned storage policy (paragraph 19, storage access policy module receives a sequence of storage rules from the partner computing device, the sequence of storage rules defining a storage access policy for a duration of time specified in a time to live instruction included in the sequence of storage rules; the storage access policy module can also verify the storage functionality rules received from the partner computing device adhere to a defined storage rule syntax and store the sequence of storage rules within a storage rule repository; further, upon receiving a storage access request from a client computing device, the storage access policy module executes the storage rules to allow or deny storage access by client computing devices):
determine a requestor security group based on IP address of a requestor, requestor location information, requestor organization information, or any combination thereof (paragraph 13, storage system implements storage access policies that allow file access if a user requesting a file is a member of a privileged group; paragraph 40, storage access policy can specify specific users or user groups (identified by a user ID or user group ID, respectively), or specific computing devices (e.g., via a client ID such as an IP address) that can perform one or more file access operations within a file system hosted by the storage system; paragraph 14, storage access request from a client computing system includes, for example, a user identifier identifying a user of the client computing system, a IP identifier identifying the internet protocol address of the client computing system, and other identifiers; upon receiving a storage access request from a client computing system, the storage system executes the storage access policy on behalf of the partner computing system and determines if the user identifier included in the storage access request is one of the user identifiers comprising the privileged user group);
determine whether the requestor security group allows the requestor to store the sensitive data (paragraph 13, storage system to implement storage access policies that allow file access if a user requesting a file is a member of a privileged group; paragraph 14, upon receiving a storage access request from a client computing system, the storage system executes the storage access policy on behalf of the partner computing system and determines if the user identifier included in the storage access request is one of the user identifiers comprising the privileged user group; if the client storage access request satisfies all of the storage rules, the storage system allows the storage access request; paragraph 12, storage access requests include requests to create or copy files into the storage); and
(paragraph 14, as above):
determine whether the storage policy data location context matches the data location context (paragraph 14, if client storage access request satisfies all of the storage rules, the storage system allows the access request; paragraph 50, storage access request is for performing operation on resource, e.g. create, view, or edit a file or directory; request includes path name of specific resource, e.g. directory and file path of a particular file or directory being requested, i.e. data location context; if requested path matches path storage rule in storage access policy, storage access policy module proceeds to next storage rule), comprising to:
compare the first location with the second location (the storage access policy module compares directory path specified in the storage access request with the PATHPAT storage rule in the storage access policy (e.g., determines if the directory path requested matches \org\human-resource\*; if the requested directory path matches the PATHPAT storage rule, the storage access policy module proceeds to the next storage rule); and
in response to a determination that the first location matches the second location, determine that the storage policy data location context matches the data location context (paragraph 14, 50-51, storage access request is for performing operation on resource, e.g. create, view, or edit a file or directory; request includes path name of specific resource, e.g. directory and file path of a particular file or directory being requested, i.e. data location context; if requested path matches path storage rule in storage access policy, storage access policy module proceeds to next storage rule; if client storage access request satisfies all of the storage rules, the storage system allows the access request); and
in response to a determination that the storage policy data location context matches the data location context (paragraph 14, 50, as above):
(paragraph 14, if client storage access request satisfies all of the storage rules, the storage system allows the access request; paragraph 50, storage access request is for performing operation on resource, e.g. create, view, or edit a file or directory; request includes path name of specific resource, e.g. directory and file path of a particular file or directory being requested, i.e. data location context; if requested path matches path storage rule in storage access policy, storage access policy module proceeds to next storage rule; paragraph 50, set of storage rules specifies that storage system should allow the storage access request if the storage access request satisfies all of the storage access rules).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location and organization based access policy teachings of Muhlestein with the policy based data storage teachings of Amarendran, in order to provide an additional vector for access control information, enabling or disabling storage access based on file or user location as compared to the policy based on said location, as well as verifying that storage access was limited to known privileged groups, thereby improving the security environment.
Amarendran does not explicitly teach receiving a token, wherein the token comprises storage location information of the data; and
storing the token, wherein the token is used to retrieve the data.
However, Garrard teaches the concept of receiving a token, wherein the token comprises storage location information of data (paragraph 73, storage interface for collaboration system; storage interface configured to receive store request from collaboration system and binary large object (BLOB) data that is to be stored; paragraph 78, storage interface creates access token for stored data, comprising path to location where data can be retrieved later on; access token is sent to requesting collaboration system and is used as reference to stored data (BLOB)); and
(paragraph 111, collaboration system writes access token to a store; paragraph 100, storage interface receives retrieval request and token from collaboration system to read or retrieve data).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the location token teachings of Garrard with the policy based data storage teachings of Amarendran in view of Muhlestein, with the benefit of improving the efficiency of distributed data retrieval by including information relating to the target data location in the retrieval request, thereby limiting the need to search for the data or perform some other means of locating said data within the distributed system.
Neither Amarendran nor Muhlestein nor Garrard explicitly teaches wherein the data location context comprises a location where the data was entered.
However, Greenan teaches the concept wherein a data location context comprises a first location where data was entered (abstract, systems for cloud-based storage systems; server receives storage commands pertaining to source objects associated with source attributes; policy manager applies one or more source-aware storage policies based on source attributes; paragraph 41, specific policies applied to uploaded items of a certain type; paragraph 42, content storage commands issued by user from user device, i.e. data is entered from user device; paragraph 52, source information related to client profile information; source information included in source attributes which are received by source-aware policy mapping engine and applied to policy rules to determine one or more policies; paragraph 54, source information can comprise client ID, ipAddress, and might contain other information and/or be derived from other locations; the client ID in the source information can be used to look up associated information in the client profile metadata; for example, the client profile schema shows such associated metadata might be a table having columns for the role, geo location, and groupID associated with the clientID; for example, source attribute comprises key-value pairs in the form of geo=US, i.e. source location in US; attributes such as ipAddress and geo location of source user device can be seen as location where data was entered; paragraph 69, source attribute, e.g. “geo=US” (first location) matched against policy rules such as “IF {geo==”US-1”} (second location)).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the data origin location policy teachings of Greenan with the policy based data storage teachings of Amarendran in view of Muhlestein and Garrard, in order to improve efficiency by utilizing data source location information to locate the nearest available storage facility, or to ensure compliance with regulations which apply to certain localities, or to improve security by preventing storage access from regions of known insecurity or malicious activity.

Regarding Claim 3:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Amarendran teaches wherein the data comprises a data class, an attribute, or a relationship definition (paragraph 309, metadata associated with file, i.e. attributes).

Regarding Claim 4:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Amarendran teaches wherein the assigned storage policy comprises an identifying information on a data storage center (paragraph 240-242, storage policy includes destination to which data will be stored; a storage policy can define where data is stored by specifying a target or destination storage device (or group of storage devices); where the secondary storage device includes a group of disk libraries, the storage policy may specify a particular disk library for storing the sub-clients associated with the policy; where the secondary storage devices include one or more tape libraries, the storage policy may specify a particular tape library for storing the sub-clients associated with the storage policy, and may also specify a drive pool and a tape pool defining a group of tape drives and a group of tapes, respectively, for use in storing the sub-client data; information in the storage policy can be statically assigned in some cases).

Regarding Claim 5:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Garrard teaches wherein the token comprises an identifying information on a data storage center or a data location within a data storage center (paragraph 78, storage interface creates access token for stored data, comprising path to location where data can be retrieved later on).
The rationale to combine Amarendran and Garrard is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 5.

Regarding Claim 6:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Garrard teaches wherein the data is stored mapped to the token (paragraph 78, token includes path to location of data).
The rationale to combine Amarendran and Garrard is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 6.

Regarding Claim 8:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Amarendran teaches wherein the processor is further to determine whether the data has an assigned access policy or an assigned storage policy (paragraph 46, 464, system analyzes file to determine whether files include sensitive data; paragraph 247-249, audit policy defines “sensitive object”, which may be files or objects containing particular keywords, metadata, or flags, and specifies rules for handling sensitive objects; storage policy included or associated with audit policy).

Regarding Claim 10:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Muhlestein teaches wherein the processor is further to determine that the assigned access policy has an access policy data location context that matches the data location context (paragraph 14, if client storage access request satisfies all of the storage rules, the storage system allows the access request; paragraph 50, storage access request is for performing operation on resource, e.g. create, view, or edit a file or directory; request includes path name of specific resource, e.g. directory and file path of a particular file or directory being requested, i.e. data location context; if requested path matches path storage rule in storage access policy, storage access policy module proceeds to next storage rule; paragraph 50, set of storage rules specifies that storage system should allow the storage access request if the storage access request satisfies all of the storage access rules; paragraph 21, sets of storage rules, i.e. “policies” stored on storage systems; paragraph 34, rule sets define access policies as well as storage rules; paragraph 50, rules use path information in determining whether to allow access/storage).
The rationale to combine Amarendran and Muhlestein is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 10.

Regarding Claim 11:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Muhlestein teaches wherein the assigned access policy has a stored access policy data location context that matches the data location context (paragraph 14, if client storage access request satisfies all of the storage rules, the storage system allows the access request; paragraph 50, storage access request is for performing operation on resource, e.g. create, view, or edit a file or directory; request includes path name of specific resource, e.g. directory and file path of a particular file or directory being requested, i.e. data location context; if requested path matches path storage rule in storage access policy, storage access policy module proceeds to next storage rule; paragraph 50, set of storage rules specifies that storage system should allow the storage access request if the storage access request satisfies all of the storage access rules; paragraph 21, sets of storage rules, i.e. “policies” stored on storage systems; paragraph 34, rule sets define access policies as well as storage rules; paragraph 50, rules use path information in determining whether to allow access/storage).
The rationale to combine Amarendran and Muhlestein is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 11.

Regarding Claim 12:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Muhlestein teaches wherein the assigned storage policy has a storage policy data location context that matches the data location context (paragraph 14, if client storage access request satisfies all of the storage rules, the storage system allows the access request; paragraph 50, storage access request is for performing operation on resource, e.g. create, view, or edit a file or directory; request includes path name of specific resource, e.g. directory and file path of a particular file or directory being requested, i.e. data location context; if requested path matches path storage rule in storage access policy, storage access policy module proceeds to next storage rule; paragraph 50, set of storage rules specifies that storage system should allow the storage access request if the storage access request satisfies all of the storage access rules).


Regarding Claim 13:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Amarendran teaches wherein the data is stored in a data storage center based at least in part on the assigned storage policy (paragraph 242, storage policy defines where data is stored by specifying target or destination storage device or group of devices).

Regarding Claim 14:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Amarendran teaches wherein the data location context is stored (paragraph 332, metadata is stored with the encrypted file; paragraph 324-325, metadata includes location data).

Regarding Claim 15:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Amarendran teaches wherein a data group is determined for the data (paragraph 98, metadata including group identification; paragraph 324, file monitor access file metadata).

Regarding Claim 16:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Garrard teaches wherein the token is provided by a data storage center (graph 73, storage interface for collaboration system; storage interface configured to receive store request from collaboration system and binary large object (BLOB) data that is to be stored; paragraph 78, storage interface creates access token for stored data, comprising path to location where data can be retrieved later on; access token is sent to requesting collaboration system and is used as reference to stored data (BLOB)).
The rationale to combine Amarendran and Garrard is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 16.

Regarding Claim 17:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Garrard teaches wherein the token is stored in a token memory location that is different from a data storage memory location (paragraph 78, storage interface creates access token for stored data, comprising path to location where data can be retrieved later on; access token is sent to requesting collaboration system and is used as reference to stored data (BLOB); paragraph 111, collaboration system writes access token to a store).
The rationale to combine Amarendran and Garrard is the same as provided for claim 1 due to the overlapping subject matter between claims 1 and 17.

Regarding Claim 18:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  In addition, Amarendran teaches wherein the data is encrypted prior to storage (paragraph 327, encryption rules determine whether file is to be encrypted; rules based on metadata, e.g. location metadata; paragraph 330-331, encryption module encrypts and stores the file at the location indicated by originally detected write command).

Regarding Claim 19:


Regarding Claim 20:
This is the computer program product corresponding to the system of claim 1, and is therefore rejected in a corresponding way. 

Claims 2, 7 are rejected under 35 U.S.C. 103 as being unpatentable over Amarendran in view of Muhlestein, Garrard, and Greenan, and further in view of Palgon et al (US 8,458,487).

Regarding Claim 2:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 1.  
Neither Amarandran nor Muhlestein nor Garrard nor Greenan explicitly teaches wherein the processor determines whether to fulfill the request to store the data based at least in part on requestor information.
However, Palgon teaches the concept wherein a processor determines whether to fulfill a request to store data based at least in part on requestor information (col 11 line 19-39, user must provide authentication data prior to implementing tokenization and storage of sensitive data).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the requestor information teachings of Palgon with the policy based data storage teachings of Amarendran in view of Muhlestein, Garrard, and Greenan, in order to improve system security by allowing only authorized users to interact with and store data in a distributed file system.

Claim 7:
Amarendran in view of Muhlestein, Garrard, and Greenan teaches the system of claim 6.  
Neither Amarandran nor Muhlestein nor Garrard nor Greenan explicitly teaches wherein the token to data mapping is immutable.
However, Palgon teaches wherein a token to data mapping is immutable (col 10 line 52-62, method used to generate tokenized values provides referential integrity; system ensures that each input string corresponds to a unique tokenized string, linking one tokenized string with one input string and vice versa).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the immutable token mapping teachings of Palgon with the policy based data storage teachings of Amarendran in view of Muhlestein, Garrard, and Greenan, in order to provide a means of data retrieval which would not be affected by changes in location or reorganization that might otherwise cause data loss when the target data did not match the token information.

Response to Arguments
Applicant's arguments filed 4/7/2020 have been fully considered but they are not persuasive.

Regarding the rejection of claims under 35 USC 103:
Applicant’s arguments consist of the mere assertion that the applied references fail to teach the amended limitations of the subject claims.  However, the argued limitations, “the data location context comprises a first location where the data was entered,” “the storage policy data location context comprises a second location that the assigned storage policy pertains to,” and “determine whether the storage policy data location context matches the data location context, comprising to: compare the first location with the second location; and in response to a determination that the first location matches the 
Applicant further references the Examiner interview conducted on March 31, 2020, and seems to imply that agreement was reached that the applied references fail to teach the amended subject matter.  However, this is not the case.  No proposed amendments were presented at that time, and therefore no agreement as to overcoming the prior art of record was reached.
	Applicant’s arguments with regard to independent claims 19 and 20 are similar to those regarding claim 1 and are therefore responded to in a similar way.
Applicant’s remaining arguments relate to the dependent claims being allowable due to depending on an allowable independent claim.  However, as shown above, the independent claims are not allowable.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814.  The examiner can normally be reached on 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                                        

/ALEXANDER LAGOR/Primary Examiner, Art Unit 2491