Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claims 1 and 20 are objected to because of the following informalities:  the instant claims recite acronyms “DID”, without having first established its respective ordinary meanings.  
Claims 2, 3, 4, 9 and 16 are objected to because of the following informalities:  
Claim 2, line 2, Claim 3, line 2, Claim 4, line 2, Claim 9 line 4 and claim 16, line 3, “the DID”, should read, “the first DID”.
Appropriate correction is required. 

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows: 
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claim(s) 1-14 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  
Claim 1 currently recites, A computer system comprising: one or more processor; one or more computer readable-media….”. Therefore, claim is identifying the system with two components namely the one or more processors and one or more computer readable-media. Processor in its plain meaning can be just software (see, The 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-6, and 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Hamel et al. (US 2019/0305964 A1), hereinafter, “Hamel” in view of Cousins et al. (US 2015/0356311 A1), hereinafter, “Cousins”.
Regarding Claims 1, 15 and 20, Hamel discloses a computing system, corresponding method and process, wherein the computing system comprises: 
one or more processors (See, Fig. 1B, Numeral 1B04); and 
one or more computer-readable media (See, Fig. 1B, Numeral 1B22) having thereon computer-executable instructions that are structured such that, when executed by the one or more processors, cause the computing system to perform a method for encrypting and sharing one or more data objects stored in a personal storage that is associated with a first DID (See, Paragraphs 0104 and 0106), the method comprising: 
generating an encryption/decryption key using a mobile encryption key that is securely stored on the authentication device (e.g., using dedicated hardware for securely storing mobile encryption key data). In some embodiments, the encryption key is stored in a secure enclave like a hardware security module (HSM) that the mobile encryption key data cannot leave. The IKP private key is encrypted using the mobile encryption key 
encrypting the data object stored or to be stored in the personal storage using the encryption/decryption key (See, Paragraph 0104, “encrypt a private identity key of the identity key pair using the mobile encryption key to create an encrypted private key”); and 
storing the encrypted data object in the personal storage (See, Paragraph 0104, “encrypt a private identity key of the identity key pair using the mobile encryption key to create an encrypted private key, store the encrypted private key”).
Hamel discloses generating a mobile encryption key but does not explicitly disclose using a passphrase and an identifier of personal storage to generate the encryption/decryption key.
However, using a passphrase and device identifier to generate encryption/decryption key is well-known in the art. Cousins discloses generating encryption/decryption key using a passphrase and an identifier of personal storage (See, abstract).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to generate, in the system of Hamel, encryption/decryption key using a passphrase and an identifier of personal storage as taught by Cousins in order to bind the encryption/decryption key to both the user and the device which ensure data security on devices.
Claim 2, the rejection of claim 1 is incorporated and the combination of Hamel and Cousins further discloses allowing a DID management module that is configured to manage the DID to access the data object (See, Hamel, Paragraphs 0108 and 0109).
Regarding Claims 3 and 16, the rejections of claims 2 and 15 are incorporated and the combination of Hamel and Cousins further discloses the allowing the DID management module that is configured to manage the DID to access the data object comprising: receiving a request for the encrypted data object from a DID management module that is configured to manage the DID; sending the encrypted data object to the DID management module (See, Hamel, Paragraph 0010).
Regarding Claims 4 and 17, the rejection of claims 3 and 16 is incorporated and the combination of Hamel and Cousins further discloses causing the DID management module to have access to the passphrase and the identifier of the personal storage (See, Cousins, Paragraphs 0022-0025 as combined with Hamel); causing the DID management module to regenerate the encryption/decryption key (See, Cousins, Paragraph 0023 as combined with Hamel); and causing the DID management module to decrypt the encrypted data object using the regenerated encryption/decryption key (See, Cousins, Paragraph 0025 as combined with Hamel, Paragraph 0137, Note : since the generation of encryption keys using passwords and device identifier feature has already been combined in the rejection of claim 1, a separate motivation to combine statement is not needed because generating decryption key would require same input to generate same encryption/decryption key in order to decrypt the encrypted data. See claim 1).
Claims 5 and 18, the rejections of claims 1 and 15 is incorporated and the combination of Hamel and Cousins further discloses wherein the passphrase is received from a user input (See, Cousins, Paragraph 0020, Note: since the generation of encryption keys using passwords and device identifier feature has already been combined in the rejection of claim 1, a separate motivation to combine statement is not needed. See claim 1).
Regarding Claims 6 and 19, the rejection of claims 1 and 15 is incorporated and the combination of Hamel and Cousins further discloses wherein the identifier of the personal storage is a constant that is associated with the first personal storage (See, Cousins, Paragraph 0022, Note: since the generation of encryption keys using passwords and device identifier feature has already been combined in the rejection of claim 1, a separate motivation to combine statement is not needed. See claim 1).


Claims 7 and 8 are rejected under 35 U.S.C. 103 as being unpatentable over Hamel in view of Cousins and further in view of Vennelakanti et al. (US 7,970143 B2), hereinafter, “Vennelakanti”.
Regarding Claim 7, the rejection of claim 1 is incorporated and the combination of Hamel and Cousins further does not explicitly discloses wherein the generating an encryption/decryption key is further based on a key identifier, the key identifier corresponds to the particular data object, such that a different encryption/decryption key is generated for encrypting a different data object.
Vennelakanti discloses generating an encryption/decryption key is further based on a key identifier, the key identifier corresponds to a particular data object, such that a 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to generate, in the system of Hamel and Cousins, encryption/decryption key is further based on a key identifier, the key identifier corresponds to a particular data object, such that a different encryption/decryption key is generated for encrypting a different data object as taught by Vennelakanti so that different keys could be used in the system of Hamel and Cousins to generate multiple mobile encryption keys which could be used to generate per access/ per file encryption keys.
Regarding Claim 8, the rejection of claim 7 is incorporated and the combination of Hamel and Cousins further discloses wherein the key identifier is generated by the computing system or by a user input (See, Vennelakanti, Column 2, lines 40-47, Note: since the generation of encryption keys using key identifier has already been combined in the rejection of claim 7, a separate motivation to combine statement is not needed. See claim 7).

Allowable Subject Matter
Claims 9-14 would be allowable if rewritten to overcome the rejection(s) under 35 U.S.C. 101, set forth in this Office action and to include all of the limitations of the base claim and any intervening claims.


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to YOGESH PALIWAL whose telephone number is (571)270-1807.  The examiner can normally be reached on M-F 9:00AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph P Hirl can be reached on 5712723685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/YOGESH PALIWAL/Primary Examiner, Art Unit 2435