Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
The instant application having Application No. 16/683,888 has a total of 15 claims pending in the application; there are 2 independent claims and 13 dependent claims, all of which are ready for examination by the examiner.

INFORMATION CONCERNING DRAWINGS 
The applicant’s drawings submitted are acceptable for examination purposes.
STATUS OF CLAIM FOR PRIORITY IN THE APPLICATION
As required by M.P.E.P. 201.14(c), acknowledgement is made of applicant’s claim for priority based on applications filed on 11/14/2018 (GB1818585). All of the foreign priority documents have been received.
REJECTIONS BASED ON PRIOR ART
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

1-2, 4-10 and 12-15 is/are rejected under 35 U.S.C. 102(a)(1)/(1)(2) as being anticipated by Paul et al. (US 2014/0201541).
As per claim 1. A distributed data storage system [Paul teaches (fig. 1 and related text)] comprising a data router and a rules engine, the rules engine comprising a data repository encoding a plurality of data 5storage rules, each rule specifying an applicable attribute and a data storage outcome, the data storage outcome being selected from a set including a data processing action to be applied to data prior to storage and a designation of storage location; [Paul teaches the vaporizer includes a display for user selection of “customer type… type of data to be vaporized… the type of data compliance the data vaporizer 102 may use when vaporizing (or restoring) the data… the type (e.g., and/or level) of encryption to use… select or exclude certain geographic zones for storing data… key strength (e.g., key length) options.. fault tolerance options… anonymization strength  (pars. 0031-0032)]
the data router including an input interface, an output interface and a 10processor, [Paul teaches “the data Vaporizer provides a seamless interface for storing data across multiple storage providers (e.g., by encapsulating various backend services and APIs)” (par. 0024) “The data vaporizer receives the data 108 to be stored; and based on the constrains 106 and the data 108 to be stored, determines a storage scheme 110… and stores the data across multiple processing (computing) nodes)” (par. 0028) (fig. 1 and related text) where fig. 14 illustrates a computer system that may be used to implement the data vaporizer, including a processor (fig. 14 and related text)] 
the data router being configured to receive a data storage request, including data to be stored, via the input interface, determine from the rules engine applicable attributes corresponding to attributes of the data storage request and retrieve any associated data storage outcomes, [“The Data Vaporizer receives from the user (e.g., customer and/or administrator) a set of configurable parameters… may create… a storage plan… and technical parameters… plan… includes one or more storage and recovery strategies to apply across the cloud… responsive to security, cost and fault tolerance constrains” (par. 0053; fig. 6 and related text) where the vaporizer receives the data 108 for storage and stores according to the constrains 106 to the storage cloud 114 (fig. 1 and related text) (see par. 0068)] 
the processor of the data router being configured, in 15dependence on any retrieved data storage outcomes, to divide the data into a plurality of fragments [Paul teaches the vaporizer receives data and “vaporizes (e.g., fragments the data into small encoded data chunks and stores the data across multiple processing (computing) nodes) the data in the cloud in such a way that failure (e.g., corruption of data) of one or more storage nodes up to a configurable fault tolerance threshold do not impact the availability (e.g. retrieval) of the stored data” (par. 0028) (fig. 1 and related text; pars. 0006,0025, 0057) where “The Data Vaporizer may be configured to generate (create) different vaporization plans for different user cases (e.g., customer scenarios), depending on the customer anonymization and encryption requirements, compliance requirements, redundancy choices, and geographical choice.” (par. 0034)] 
and to cause, via the output interface, storage of the data fragments whereby at least selected ones of the fragments are stored in different data stores [Paul teaches “data distribution module… generates… ‘code distribution details’… and data shares… and communicates the data shares… (e.g., the encoded data fragments) to providers… (e.g., multiple cloud storage locations) (e.g., identified by the user as a distribution plan)” (par. 0057; figs 1 and 7 and related text) (pars. 0006, 0025, 0028)].  
As per claim  202. The distributed data storage system of claim 1, wherein the designation of storage location includes a designation of physical location of the data store [Paul teaches “The Data Vaporizer provides fault tolerance to ensure that data may be available even if a configurable number of storage services (e.g., service providers and storage locations of the service providers) are not available and/or functioning. The Data Vaporizer avoids vendor (e.g., one or more cloud service providers) lock-in by distributing data (e.g., fragments of configurable sizes) across multiple storage locations (e.g., one or more sites and/or one or more service providers) so that critical dependency on one or more vendors is minimal.1” (par. 0029). “The Data Vaporizer 702 may also include a data distribution module (e.g., "Distributor" 728) that generates `code distribution details` 730 and data shares (732, 734, 736), and communicates the data shares (732, 734, 736) (e.g., the encoded data fragments) to providers (706, 708) (e.g., multiple cloud storage locations) (e.g., identified by the user as a distribution plan).” (par. 0057)].  
As per claim 4. The distributed data storage system of claim 1, wherein the data processing actions include one or more actions on how to divide the data to be stored into the plurality of fragments [Paul teaches “based on the constraints 106 and the data 108 to be stored, determines a storage scheme 110 (e.g., the size of fragments of the data 108 and shuffles the data)” (par. 0028)].  
As per claim 5. The distributed data storage system of claim 4, wherein one of the actions comprises fragmenting a salt password or other secret in or associated with the data to be stored whereby it is stored separately to the remaining data [Paul teaches “DV generates (creates) message authentication codes (MAC) for each encoded data chunk (e.g. anonymization). The MAC codes prevent malicious attackers from decrypting the data because the key is stored separate from the data and can detect data corruption… The DV stores secret shares 112 of the encrypted combined metadata across multiple cloud storage locations” (par. 0028) and explains using secret share keys and MAC keys for the data as well as a final super-key (see pars. 0053, 0063 and 0067)].  
As per claim 6. The distributed data storage system of claim 1, further comprising a data sieve configured to process the fragmented data and to remove characters of a predetermined frequency, sequence or type prior to storage in the data store [Paul teaches “the data shuffler anonymizes the data to be stored by removing, shuffling and aggregating personally identifiable data fields from the records… The Data Vaporizer and/or the data shuffler module may delete (and/or further fragment and/or store the data in another location) “sensitive” fields of the data to be anonymized” (par. 0058)].  
As per claim 7. The distributed data storage system of claim 1, wherein the attributes include: party requesting storage of data, party owning data, party that is the subject of the data and a party requesting data [Paul teaches “different user cases (e.g., customer scenarios), depending on the customer anonymization and encryption requirements, compliance requirements, redundancy choices, and geographical choice… customer 1 may be in the healthcare industry… and require and/or desire the following constrains to use to store the data of customer 1…compliance with… HIPAA customer 2 may be in the financial industry… and require and/or desire the following constrains to use to store the data of customer 2, including: compliance with… (PCI) Data Security Standards… prevent vender attacks from… (e.g., cloud service providers)… and/or attackers of the service providers” (pars. 0034-0040; see tables 3 and 4 and related text) where the customers would correspond to the claimed party requesting storage of data and party owning the data and the patient or financial customer would correspond to the claimed party that is the subject of the data and parties attempting to access the data such as the users, customers, or attackers would correspond to the claimed party requesting data. Note Paul also refers to “the DV provides users (e.g., owners of the data) the ability to customize one or more security configurations for the data to be stored, including anonymization, encryption strength (e.g., key length), and erasure coding ratio for fault-tolerance. The DV also provides users (e.g., owner of the data) the ability to customize the distribution scheme for the data across cloud providers.” (par. 0028), Paul further explains “The metadata may be securely stored privately and/or with the client and/or shared with trusted third-parties (e.g., cloud service providers, the data owner, agents of the data owner) using a secret sharing mechanism (e.g. Shamir's secret sharing algorithm).” (par. 0063)].  
As per claim 208. The distributed data storage system of claim 7, wherein the system is configured to record data on the attributes and on the stored data in a data store [Paul teaches constrains 106 (fig. 1 and related text) and explains “The Data Vaporizer may determine the DV Parameters to use based on customer (e.g., user) provided customer parameters, including: a customer type identifier (e.g., gold, silver, bronze) that determines the minimum SLA (service level agreement), fault tolerance and security required and/or desired by a customer; a customer Domain (e.g., industry such as Finance and Health Care) that determines the regulatory standards to use; a Customer Budget which may determine the maximum possible fault tolerance and security provided, over and above the values determined based on the customer type and customer Domain (e.g., industry); and one or more Time Constraints. The Data Vaporizer may use the Customer Budget and Time Constraints to determine the amount of data to store in each storage location (e.g., cloud storage service).” (par. 0040) where parameter selections are illustrated in (tables 2 and 3 and related text)] .  
As per claim 9. The distributed data storage system of claim 8, wherein the data router 25is configured to receive a data retrieval request for stored data at the input interface, the processor being configured, responsive to the data retrieval request to determine from the rules engine, applicable attributes corresponding to attributes of the data retrieval request and to applicable attributes on the stored data and retrieve any associated data storage Atty. Dkt. No. 10610-08470 US25 outcomes, upon the requester satisfying requirements of the data storage outcomes, the processor being configured to retrieve the data fragments from the data stores and reconstruct the data [Paul teaches “FIG. 5 illustrates an exemplary a restore basic display 500 generated by the data vaporizer 102. The restore basic display 500 may present information for the files previously vaporized and selectable for restoration (e.g., re-generation), including: the filenames (502, 504); size of the file 506; date the file was vaporized 508; the time elapsed to vaporize 510 the file; the providers and/or local system codes (512, 514, 516) used to store the vaporized data; and a restore indicator (518, 520) selectable to indicate whether to restore the file. One or more files may be selected (518, 520) for restoration simultaneously using the restore basic display 500, when the restore 522 button is selected.” (par. 0052; fig. 5 and related text) where “FIG. 9 illustrates one embodiment of a DV schematic flow diagram 900 the DV may use to ensure data integrity and retrievability of stored data... In the event, the corrupt or modified block MAC check fails, the protector 902 alerts the retriever 924 module and determines which one or more data shares to retrieve. The data Protector module protects the stored data against local disk faults and/or corruption (also called bit-rot), as well as against malicious attack on the data blocks. The protector may use a "Mark-Sweep" model to "sniff" random shares (e.g., check MAC tags with private keys for authentication) to mark corrupted shares (cloud shares), and record the corrupt blocks and apply one or more suitable strategies to retrieve and regenerate (e.g., repair) the corrupted shares. The Data Vaporizer uses m blocks (out of n) to regenerate data. The Data Vaporizer may also use regenerative codes [n, k, d] to determine a strategy to apply to recover the data from k of n nodes and a failed node may be reconstructed by retrieving information from (e.g., communicating with) d nodes.” (par. 0066) “The retriever 924 receives (and/or retrieves) the secret share details, decrypts the "super-key" and retrieves the shares. The Retriever performs the reverse operation of the Distributer...” (par. 0067) (fig. 9 and related text)].  
As per claim 510. A method for distributed storage of data comprising: storing, in a data repository a plurality of data storage rules, each rule specifying an applicable attribute and a data storage outcome, the data storage outcome being selected from a set including a data processing action to be applied to data prior to storage and a designation of storage 10location; receiving a data storage request, including data to be stored; determining from data storage rules applicable attributes corresponding to attributes of the data storage request; retrieving any data storage outcomes associated with applicable data 15storage rules; and, in dependence on the data storage outcomes, dividing the data into a plurality of fragments and causing storage of the data fragments whereby at least selected ones of the fragments are stored in different data stores [The rationale in the rejection of claim 1 is herein incorporated].  
As per claim 12. The method of claim 10, wherein the data processing actions include one or more actions to fragment a salt password, or other secret in or Atty. Dkt. No. 10610-08470 US26 associated with the data to be stored, whereby it is stored separately to the remaining data [The rationale in the rejection of claim 5 is herein incorporated].  
As per claim 13. The method of claim 10, further comprising sieving the fragmented 5data to remove characters of a predetermined frequency, sequence or type prior to storage in the data store [The rationale in the rejection of claim 6 is herein incorporated].  
As per claim 14. The method of claim 10, further comprising recording data on the attributes and on the stored data in a data store [The rationale in the rejection of claim 8 is herein incorporated].  
As per claim 15. The method of claim 10 further comprising: receiving a data retrieval request for stored data; determining from the data repository applicable attributes corresponding to attributes of the data retrieval request and to applicable attributes on 15the stored data; retrieving any associated data storage outcomes; determining if the requester satisfies requirements of the data storage outcomes; if the requester satisfies the requirements, retrieving the data fragments 20from the data stores and reconstructing the data [The rationale in the rejection of claim 9 is herein incorporated].

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 3 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Paul et al. (US 2014/0201541) in view of Goldfarb et al. (US 2017/0364698).
As per claim 3. Paul teaches  The distributed data storage system of claim 1, further comprising a 25data repository storing… a physical location of each data store, the processor being configured to select a data store for a fragment in dependence on the storage outcome and on the data in the data repository and cause storage of the data fragment using… data store [Paul teaches “a data distribution module (e.g., "Distributor") communicates the encoded data fragments to multiple cloud storage locations identified by the user as a distribution plan. The Data Vaporizer may further employ a stage (C) where the Data Vaporizer provides a pull-based alert mechanism (e.g., a "protector") that guards the stored data against storage media corruption and/or malicious attacks and finally, data can be retrieved through a "retriever" module.” (par. 0025)] but does not expressly disclose network address for each data store… and storing the fragments using the network address for the respective data stores; however, regarding these limitations,  [“In some embodiments, a client computing device 12, a storage compute node 16, the database 14, or translator 20 may encounter a uniform resource identifier, such as a uniform resource locator, and that computing entity may be configured to access the DNS 18 at an IP address and port number pair of the DNS 18. The entity may send a request to the DNS 18 with the uniform resource identifier, and the DNS 18 may respond with a network and process address, such as Internet Protocol address and port number pair corresponding to the uniform resource identifier.” (par. 0038)].

Before the effective filing date of the claimed inventions, it would have been obvious to a person of ordinary skill in the art to modify Paul to include a network address for each data store… and storing the fragments using the network address for the respective data stores as taught by Goldfarb, since doing so would provide the benefits of [flexibility of design and facilitate access to networked storage devices].
Therefore, it would have been obvious to combine Paul and Goldfarb for the benefit of creating a storage system/method to obtain the invention as specified in claim 3.
As per claim  2011. The method of claim 10, wherein the designation of storage location includes a designation of physical location of the data store, the method further comprising storing a network address and a physical location of each data store, selecting a data store for a fragment in dependence on the storage outcome and on the stored physical locations and causing 25storage of the data fragment using the network address for the respective data store [The rationale in the rejection of claim 3 is herein incorporated].

RELEVANT ART CITED BY THE EXAMINER
The following prior art made of record and not relied upon is cited to establish the level of skill in the applicant’s art and those arts considered reasonably pertinent to applicant’s disclosure. See MPEP 707.05(c).
Verzun et al. (US 2018/0359811) teaches “The file is therefore secured not only by fragmented distributed storage, but by some combination of scrambling, junk data, and encryption known only to the client's security zone.” (par. 1019).
Naraidoo et al. (US 2020/0250327) teaches “(a) splitting the original data, hereinafter referred to as the Source Data, into a random number of fragments (segments or shards or chunks) where each such fragment is of a random (essentially unpredictable) byte size; [0017] (b) naming (or tagging) each fragment in a manner (e.g. using a random naming convention) which prevents association of fragments with one another or the Source Data; [0018] (c) mapping the named fragments to one another in such a fashion that allows for recombination; [0019] (d) generating separate encryption keys for each fragment (regardless of the particular encryption format); [0020] (e) naming (or tagging) each key in a manner which prevents association of the key with any other key or any fragment; [0021] (f) encrypting each fragment with a particular key; [0022] (g) cataloguing (or otherwise storing in a separate data base) the 
Baldwin et al. (US 2019/0171369) teaches erasure coded for cloud data storage (par. 0009).
Huang et al. (US 2018/0365106) teaches a distributed data object management system where fragments are stored across cloud (par. 0093).
Lewis (US 2017/0372078) teaches “a source data file is created; the source data file is split into fragments; an encryption key is created by user #1; each fragment is encrypted using the encryption key; the fragments are distributed in multiple cloud storage providers, whereby no single cloud storage provider is in possession of all fragments; a pointer file is created that stores the location of each fragment; the pointer file is stored locally, and the original file is deleted.” (par. 0023).
Lorini (US 2017/0193233) teaches “a plurality of modules 124 for automatically separating, securing, and distributing data over a plurality of remote storage locations 116. Specifically, the present invention comprises a segmentation module 202 for fragmenting user data, an encryption module 204 for securing the user data, a distribution module 206 for allocating the user data over the remote storage locations 116, a rendering module 208 for reconstituting the distributed data, and a sharing module 210 for sharing data amongst clients 106, 108 of the present invention. These modules work in conjunction to distribute user data over several cloud storage services 114 while also providing security features and increased speed.” (par. 0021).
Sokolov et al. (US 10,469,457) teaches “identifying (302) a set of networked devices by the central computing device. The user credential is encrypted (304) for a cloud service by the central computing device. The decryption key is divided (306) for decrypting the user credential into a set of fragments such that minimum number of fragments is required to decrypt the user credential. The minimum number of fragments is defined by a security policy that includes a distribution policy for distributing the set of fragments to the set of networked devices. The user credential is secured (308) by distributing the set of fragments of the decryption key from the central computing device to the set of networked devices in compliance with the security policy such that collecting the minimum number of fragments required to decrypt the user credential from physically present networked devices is required to access the cloud service.” (Abstract).
CLOSING COMMENTS
    a.   STATUS OF CLAIMS IN THE APPLICATION
	a(1) CLAIMS REJECTED IN THE APPLICATION
Per the instant office action, claims 1-15 have received a first action on the merits and are subject of a first action non-final.
    b.  DIRECTION OF FUTURE CORRESPONDENCES
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YAIMA RIGOL whose telephone number is (571)272-1232, and email address is yaima.rigol@uspto.gov .  The examiner can normally be reached on Monday-Friday 9:00AM-5:00PM.
If attempts to reach the above noted Examiner by telephone are unsuccessful, the Examiner’s supervisor, Mr. Sanjiv Shah, can be reached at the following telephone number: Area Code (571) 272-4098. 
The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).



March 1, 2021
/YAIMA RIGOL/
Primary Examiner, Art Unit 2135