DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Objections
Claims 9-12, 15 are objected to because of the following informalities:  Claims 9-12 depend from claim 7, which is a system claim. However, claims 9-12 include language that specifies “wherein the method further…”, which is inconsistent with independent claim 7.  Appropriate correction is required.
Claim 15 includes language that has been duplicated. Specifically, line 3 recites the duplicated phrase “to the data set”. Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for 
Claim 1 recites the limitation "the received one or more processing instructions" in line 5.  There is insufficient antecedent basis for this limitation in the claim.
Claim 7 recites the limitation "the received one or more processing instructions" in line 10.  There is insufficient antecedent basis for this limitation in the claim.
Claim 14 recites the limitation "the received one or more processing instructions" in line 8.  There is insufficient antecedent basis for this limitation in the claim.
Claims 2-6, 8-13, and 15-20 are rejected in view of the dependence upon claims 1, 7, and 14.
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 3-7, 9-14, 16-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Madhok, U.S. Publication No. 2014/0189888. Referring to claims 1, 7, 14, Madhok discloses a secure data container system wherein a collection of information is received ([0074]), which meets the limitation of receiving a data set. The system includes a processor (Figure 13, 702), memory (Figure 13, 704 & 706), and a cloud storage (Figure 1, 105: cloud storage reads on the claimed first computing resource), which meets the limitation of one or more processors, a memory, and a first computing resource, wherein the one or more processors are configured to execute instructions stored on the memory. The create secure container service is utilized to create secure containers by identifying subsets of the information that are to be shared such that the identified information subsets will be included in the created containers ([0078]) such that the secure containers are stored in cloud storage ([0080]), which meets the limitation of generating one or more containers within a first computing resource based on the received one or more processing instructions, storing the data sets in the one or more containers within the first computing resource. A data access request is received from a cloud endpoint ([0092]), which meets the limitation of receiving one or more requests from a second computer resource that are provisioned on one or more cloud-based computing platforms for access to the data set stored in the one or more containers within the first computing resource. If the data storage system can validate the requesting endpoint, a secure access token is generated such that the secure access token identifies the containers that are accessible along with the corresponding access control information ([0082]), which meets the limitation of generating one or more tokens for access to the data set stored in the one or more containers within the first computing resource, wherein the generated tokens are based on one or more parameters associated with the second computing resource that is provisioned on one or more cloud-based computing platforms. Once generated, the secure access token is transmitted to the requesting endpoint via the network ([0082]), which meets the limitation of transmitting the one or more tokens for access to the data set stored in the one or more containers within first computing resource to the second computing resource.
Referring to claims 3, 9, 16, Madhok discloses that the system allows for registration of endpoints to specific secure data containers and access to services such that the secure data containers are under the explicit control of the registered user ([0058]: although the term “account” is not explicitly used, the registration of an endpoint to specific data containers such that the endpoint user explicitly controls the registered data container would be equivalent to a storage account as claimed), which meets the limitation of generating a storage account within the first computing resource based on a source of the received data set.
Referring to claims 4, 10, 17, Madhok discloses that the collected data can be encrypted ([0077]), which meets the limitation of encrypting the data set.
Referring to claims 5, 11, 18, Madhok discloses that the users can specify the manner in which secure container data is shared with requesting endpoints such that a template is selected that is used to present the subset of data the user has selected for sharing ([0079]: template would reads on the claimed processing instructions/tasks), which meets the limitation of receiving one or more processing instructions, wherein the one or more processing instructions corresponds to the received data set and includes one or more processing tasks to be performed on the received data set.
Referring to claims 6, 12, 19, Madhok discloses that the system enables the user to create and modify templates that are used to present the data ([0079]: template can read on the claimed second computing resource because the template is based upon user instructions to create and modify), which meets the limitation of generating a second computing resource on one or more cloud-based computing platforms based on the received one or more processing instructions.
Referring to claims 13, 20, Madhok discloses that the system enables the user to create and modify templates that are used to present the data the user has selected for sharing ([0079]: create and modify instructions would read on the claimed processing instructions). Data access requests are received from cloud endpoints ([0092]) such that if the data storage system can validate the requesting endpoint, a secure access token is generated such that the secure access token identifies the containers that are accessible along with the corresponding access control information ([0082]: requests can be said to be “based on” the processing instructions since the requests are for access to data that is the focus of the created/modified templates), which meets the limitation of receiving one or more requests from the second computing resource for access to the data set stored in the one or more containers within the first computing resource includes receiving requests from the second computing resource, wherein the requests are based on the received one or more processing instructions. 
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 2, 8, 15 are rejected under 35 U.S.C. 103 as being unpatentable over Madhok, U.S. Publication No. 2014/0189888, in view of Zimberoff, U.S. Publication No. 2013/0061337. Referring to claims 2, 8, 15, Madhok does not specify that the secure access token includes the IP address of the requesting endpoint. Zimberoff discloses an access control system wherein access tokens are generated such that the access tokens include the IP address of a requesting client ([0038]), which meets the limitation of wherein the one or more parameters include an IP address of the second computing resource that transmitted the request, and wherein generating one or more tokens for access to the data set stored in the one or more containers within the first computing resource includes generating the one or more tokens for access to the data set based on the IP address of the request. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention for the secure access token of Madhok to have included the IP address of the requesting endpoint in order to ensure subsequent requests originate from the same IP address as suggested by Zimberoff ([0038]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Shablygin, U.S. Publication No. 2013/0212704, discloses a token based access control system that controls access to data in specific data containers based upon generated tokens.
Achyuth, U.S. Publication No. 2020/0314167, discloses a file containerization system wherein access control to files stored in various containers is based upon generated tokens.
Qadri, U.S. Publication No. 2019/0213104, discloses issuing of access tokens in order to request access to specific storage partitions.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BENJAMIN E LANIER whose telephone number is (571)272-3805.  The examiner can normally be reached on M-Th: 6:20-4:50.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on 5712724063.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BENJAMIN E LANIER/Primary Examiner, Art Unit 2437