DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.	Claims 1-20 have been examined and rejected.

Claim Rejections - 35 USC § 103
3.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.



4.	Claims 1-5, 7 and 9-20 are rejected under AIA  35 U.S.C. 103 as being unpatentable over Hammell et al. (U.S. PGPub 2009/0103734) in view of BINDER (U.S. PGPub 2015/0012757).
As per claims 1, 18 and 19
Hammell teaches a method for conveying electronic data, the method comprising: receiving, by a processor of a first intermediate device, a first file (Hammell see figs. 3 and 4a, para 0021, 0022 sender device 12 is sending a communication to recipient device 18 that will pass through, in order, three different intermediate nodes 
Decrypting, by the processor, the first file to produce a second file (Hammell see figs. 3 and 4a, para 0021, 0022 step 208, Node A will use its private decryption key to decrypt the routing information to determine where the communication should next be sent, Node B (or one of Nodes B1, B2, etc. when NODE A decrypt the file as shown in fig. 4A the file a second file will be created as Second file which is an intermediate version between fig. 4A and 4B),
the second file including a third file and a first identification, the first identification being for a destination device, the third file including the electronic data, the third file being encrypted with respect to the first intermediate device (Hammell see figs. 3 and 4a, para 0021, 0022 communication can be separated into two different portions: the message portion of the communication, and the routing portion of the communication (third file that contains the message portion that is encrypted with respect to the NODE A), if the sender desires to keep the message portion confidential, then the processor 14 will encrypt the message portion using the public encryption key calculated for the recipient device 18, when NODE A decrypt the file as shown in fig. 4A the file a second file will be created as Second file which is an intermediate version between fig. 4A and 4B, will have the address of NODE B (next intermediate device with encrypted address of the RECIPIENT DEVICE (first identification of the destination device));

producing, by the processor, a fourth file, the fourth file including the third file and the first identification (Hammell see figs. 3 and 4a, para 0021, 0022 when NODE A decrypt the file as shown in fig. 4A the file a second file will be created as Second file which is an intermediate version between fig. 4A and 4B, will have the address of NODE B (next intermediate device with encrypted address of the RECIPIENT DEVICE (first identification of the destination device));
encrypting, by the processor, the fourth file to produce a fifth file (Hammell see figs. 3 and 4B, para 0023, step 210, to maintain the privacy of the previous routing path of the communication from subsequent nodes, Node A will encrypt the identity of the node, the IP address, from which it received the communication 50 using its own public encryption key, fig. 4B illustrates the communication 50 after the processing of step 
Hammell fails to exclusive teach encrypting, by the processor, the fourth file to produce a fifth file; and conveying, by the processor and to the second intermediate device, the fifth file.
In a similar field of endeavor Binder teaches encrypting, by the processor, the fourth file to produce a fifth file; and conveying, by the processor and to the second intermediate device, the fifth file (BINDER see para 0223, 0225 a message slice may be encrypted before encapsulation into a packet, as described in `Encrypt Slice` step 57. Such encryption allows the message slices to be unintelligible when carried over the Internet, still enabling the ultimate destination to decrypt the original message slice after receiving it as described in `Decrypt Slice` step 63 shown in FIG. 6).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the code provisioning system of Hammell with the teaching of BINDER, as doing so would provide an efficient method for improving the security of delivery of a digital data as a message over the Internet from a sender to a receiver using one or more hops (BINDER see para 0059).
As per claims 2,
Hammell in view of BINDER teaches the method of claim 1, wherein the electronic data comprise at least one of an electronic message having alphabetic and 
As per claims 3,
Hammell in view of BINDER teaches the method of claim 1, wherein the conveying comprises conveying the fifth file through at least one of a packet switched network, a peer-to-peer network, or a cellular network  (BINDER see para 0248 a cellular telephone set is serving as the source computer, the ultimate destination computer the cellular set is serving as endpoint in a cellular network, such as Global System for Mobile communication (GSM), 2G, 2.5G, 3G and 3.5G, Enhanced Data rates for GSM Evolution (EDGE) or similar cellular networks. The voice, data (e.g. SMS--Short Message Service) or any other data to be sent is partitioned and is sent to different units in the network serving as relay server, relaying the voice or data sent to the destination unit). 


Hammell in view of BINDER teaches the method of claim 1, wherein the fifth file is identical to the first file  (BINDER see para 0226  part or all of the slice paths over the Internet are encrypted or otherwise secured, using standard or proprietary end-to-end encryption based protocols resulting in the all encrypted messages to be same ).  

As per claims 5,
Hammell in view of BINDER teaches the method of claim 1, wherein: the first file was encrypted using a first technique; the encrypting the fourth file comprises encrypting, using a second technique, the fourth file; and the fifth file is not identical to the first file (BINDER see para 0225  in the case of using multi-hops, the encryption may involve only the communication path between the relay servers. In a preferred embodiment, a different encryption is used for each segment of the slice delivery path using different algorithms, or different parameters (different public key, private key or both) of the same encryption algorithm, a first encryption mechanism is used between the message originator and the first (or the only) relay server, the relay server decrypts the packet including the slice and other information, as described in `Decrypt Packet` step 92 in figs. 9a and 9b, before transmitting the slice to the next hop, being another relay server or the ultimate destination, the decrypted slice is encrypted again using a 
As per claims 7, 
Hammell in view of BINDER teaches the method of claim 1, wherein the third file comprises a sixth file and a second identification, the sixth file including the electronic data (Hammell see figs. 3 and 4a, para 0021, 0022 communication can be separated into two different portions: the message portion of the communication, and the routing portion of the communication (third file that contains the message portion that is encrypted with respect to the NODE A), when NODE A decrypt the file as shown in fig. 4A the file a sixth file will be created as Second file which is will have the address of NODE B (as a second identification next intermediate device with the electronic data in the message section 54 as shown in fig. 4B));
 
As per claims 9, 
Hammell in view of BINDER teaches the method of claim 1, further comprising: decrypting, by the processor, the first file to produce a sixth file, the sixth file including a seventh file and a second identification, the seventh file including the third file and the first identification, the second identification being for the second intermediate device; wherein the determining the second intermediate device is further based on the second identification (Hammell see figs. 3 and 4a, para 0021, 0022 communication can be 

As per claims 10, 
Hammell in view of BINDER teaches the method of claim 1, wherein: the second file further includes a second identification, the second identification being for the second intermediate device; and the determining the second intermediate device is further based on the second identification (Hammell see figs. 3 and 4a, para 0021, 0022 communication can be separated into two different portions: the message portion of the communication, and the routing portion of the communication (third file that contains the message portion that is encrypted with respect to the NODE A), when NODE A decrypt the file as shown in fig. 4A the file a sixth file will be created as Second file which is will have the address of NODE B (as a second identification next intermediate device with the electronic data in the message section 54 as shown in fig. 4B)). 

As per claims 11,


As per claims 12,
Hammell in view of BINDER teaches the method of claim 1, further comprising: transmitting, by the processor and to an origination device, a key, the key enabling the origination device to encrypt the second file; wherein the origination device did not receive the first file (Hammell see para 0017, 0018 and 0021 processor 14 will encrypt the address for Node B (or addresses for alternative nodes B1, B2, B3 etc.) using the public encryption key calculated for Node A, encrypt the address for Node C using the public encryption key calculated for Node B, and encrypt the address for the recipient device 18 using the public encryption key calculated for Node C).


Hammell in view of BINDER teaches the method of claim 1, further comprising: receiving, by the processor and from the destination device, a key; wherein the decrypting the first file comprises decrypting, using the key, the first file (Hammell see para 0019, each of the intermediate nodes 30 along the routing path, as well as the recipient device 18, is identified by their specific IP address or other public identifiers within the network, the IP address (or other public identifiers) of the intermediate nodes 30, or portions thereof, will be utilized as an input for computing respective encryption keys (public keys), used to encrypt the routing information for the communication, the IP address of the recipient device 18 can be used as an input for computing an encryption key used to encrypt the message).

As per claims 14,
Hammell in view of BINDER teaches the method of claim 1, further comprising: receiving, by the processor and from a third intermediate device, a key; wherein the decrypting the first file comprises decrypting, using the key, the first file (Hammell see para 0017, 0018 and 0021 processor 14 will encrypt the address for Node B (or addresses for alternative nodes B1, B2, B3 etc.) using the public encryption key calculated for Node A, encrypt the address for Node C using the public encryption key 

As per claims 15,
Hammell in view of BINDER teaches the method of claim 14, wherein the third intermediate device is the second intermediate device (Hammell see para 0017, 0018 and 0021 processor 14 will encrypt the address for Node B (or addresses for alternative nodes B1, B2, B3 etc.) using the public encryption key calculated for Node A, encrypt the address for Node C using the public encryption key calculated for Node B, and encrypt the address for the recipient device 18 using the public encryption key calculated for Node C). 

As per claims 16,
Hammell in view of BINDER teaches the method of claim 1, further comprising transmitting, by the processor and to a third intermediate device, a key, and the key enabling the third intermediate device to encrypt the second file (Binder see para 0224, a packet carrying a slice further includes information about the encryption method (or parameter) of another slice when splitting a message into 3 slices, the first slice includes information about the encryption of the second slice, the second slice includes 

As per claims 17,
Hammell in view of BINDER teaches the method of claim 16, wherein the third intermediate device is the second intermediate device (Hammell see para 0017, 0018 and 0021 processor 14 will encrypt the address for Node B (or addresses for alternative nodes B1, B2, B3 etc.) using the public encryption key calculated for Node A, encrypt the address for Node C using the public encryption key calculated for Node B, and encrypt the address for the recipient device 18 using the public encryption key calculated for Node C).

As per claims 20,
Hammell in view of BINDER teaches the method of claim 19, wherein the first intermediate device comprises a router (Hammell see para 0014, system 10 further includes a plurality of intermediate nodes 30 also referred to as routers, through which a communication will pass when being sent by the sender device 12 to a recipient device 18).


As per claims 6,
Hammell in view of BINDER teaches the method of claim 1, yet fails to teach wherein the destination device comprises a tenant device associated with a multitenant system.
In a similar field of endeavor Rutkowski teaches wherein the destination device comprises a tenant device associated with a multitenant system (Rutkowski see para 0081 and 082, typical customer or tenant establishes a single VKMD, however, may create a separate VKMD for different lines of business, to address legal considerations, or to accommodate separate security policies for different groups within organization, at step 800 when the Subscriber A decides to advantage of the shared IT resource of a public "cloud" Provider A step 802, Subscriber A opens an account with Provider A , which permits Subscriber A to deploy its applications and unstructured data to the Provider's shared infrastructure, the SLA permits sharing or co-tenanting of applications and data).
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the code provisioning system of Hammell in view of BINDER with the teaching of Rutkowski, as doing so would provide 

As per claims 8,
Hammell in view of BINDER teaches the method of claim 7, yet fails to teach wherein the destination device comprises a multitenant system, the second identification is for a tenant device associated with the multitenant system, the sixth file is encrypted with respect to the multitenant system, and the multitenant system is configured to communicate with the tenant device.
In a similar field of endeavor Rutkowski teaches wherein the destination device comprises a multitenant system, the second identification is for a tenant device associated with the multitenant system, the sixth file is encrypted with respect to the multitenant system, and the multitenant system is configured to communicate with the tenant device (Rutkowski see para 0080 as shown fig. 7 a representative VKMS DD, the cryptographic parameters typically comprises: an ID.sub.vdomain, which is a subscriber-requested Domain ID that the VKMS may use directly or indirectly in creating the unique VKMD-ID (which, in turn, is used to identity data bound by VKMS to this 
It would have been obvious to one of ordinary skill in the art to before the effective filling date of the claimed invention to combine the code provisioning system of Hammell in view of BINDER with the teaching of Rutkowski, as doing so would provide an efficient method for deploying tenants in a multi-tenant shared deployment with their own distinct key spaces over which they control a key management system using virtual key management domains on a per-tenant basis providing secured key management materials specific to that tenant for storing, transmitting data belonging to the specific tenant (Rutkowski see para 0010).

Conclusion
6.	The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure. This includes:
U.S. PGPub 2015/0172168 which describes a method for path selection in an anonymity network;
U.S. PGPub 2015/0281344 which describes a method for peer-to-peer rendezvous system for minimizing third party visibility;
U.S. patent no. 7590245 which describes a method for anonymous routing over interconnected network;

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Nicholas Taylor can be reached on 571-272-3889.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SANJOY ROY/
Examiner, Art Unit 2457


/NICHOLAS R TAYLOR/Supervisory Patent Examiner, Art Unit 2457