Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action
This communication is in response to the application filed on 11/01/2018 in which Claims 1-16 are presented for examination.
Drawings
The applicant’s drawings submitted on 11/01/2018 are acceptable for examination purposes. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person 

Claims 1-3, 5-6, 9,  and 11-16 are rejected under 35 U.S.C. 103 as being unpatentable over SCHNJAKIN U.S. Publication No. 20170293766 A1 in view of Green (U.S. Patent Application Publication 20130179649 A1) in further view of Margolus US 20050131905 A1.
As to claim 1, SCHNJAKIN discloses a system for accessing data, comprising: determine whether read access, storage access, and deletion access are allowed based at least in part on the requestor information (SCHNJAKIN Pa. [0075]) [checking, by the file management server, whether a further user, to whom the further user computer system is assigned, has access rights for the type of requested access and for the file; the type of requested access can be a write access or a read access for example; some embodiments can also distinguish between write access, modification access, delete access, and read access, note: obviously modification access can be included storage access]; and in the event that read access, storage access, and deletion access are allowed: read the sensitive data at an original location using an original token (SCHNJAKIN Pa. [0077]) [following successful authentication and if the further user has access rights for the file, requesting a further authorisation token by the file management server form each of the memory services identified on the basis of the metadata, and forwarding the further authorisation tokens obtained in response to this request to the further user computer system by the file management server, wherein the further authorisation tokens allow the further user computer system to have the requested access to the file fragments stored in the memory services in direct form]
It is noted that SCHNJAKIN does not explicitly disclose an interface configured to receive a request to move stored data to a new location and requestor information, wherein the stored data comprises sensitive data: and a processor configured to: store the sensitive data to the new location and receive a new token associated with the new location: and delete the original token and the sensitive data at the original location.
However, Green discloses an interface configured to receive a request to move stored data to a new location and requestor information, wherein the stored data comprises sensitive data: and a processor configured to (Green Pa. [0092]) [the offload provider may write the data being written to the storage container range to a new physical location on the store]: store the sensitive data to the new location and receive a new token associated with the new location (Green Pa. [0065]) [offload read by reading the requested data from the data access components 315 and storing the data in storage (volatile or non-volatile) of device 330, creating a new token value, and associating the newly created token value with the read data. The OS may implement offload write by copying (e.g., writing) the data associated with the token to the destination (read new location) specified by requestor 210]
Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Green to the data accessing system of SCHNJAKIN would have yield predictable results and resulted in an improved system, namely, a system that provide a token that  (Green Pa. [0003])
Furthermore, it is noted that the combination of SCHNJAKIN and Green does not disclose delete the original token and the sensitive data at the original location.
However, Margolus discloses delete the original token and the sensitive data at the original location (Margolus Pa. [0011]) [A client program may initiate a process for deleting a data item in which the last remaining deletion permission token associated with the data item is deleted and the data item itself may be deleted from the repository]
Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Margolus to the data accessing system of SCHNJAKIN and Green would have yield predictable results and resulted in an improved system, namely, a system that arranging to share data in this manner without compromising the privacy of user data--this is accomplished by sharing encrypted data (Margolus Pa. [0027])
As to claim 2, SCHNJAKIN discloses wherein the requestor information comprises one or more of the following: an IP address, a location context, or a client organization information (SCHNJAKIN Pa. [0109]) [on whether the further user computer system is mobile or immobile or whether it belongs to a list of authorised workplace computers, which for example can be identified as such via their MAC or IP address
As to claim 3, SCHNJAKIN discloses wherein the data comprises a data class, an attribute, or a relationship definition (SCHNJAKIN Pa. [0023]) [features (read attribute) of the file to be stored are additionally taken into consideration for the automatic generation of the distribution schedule. These features for example can contain one or more of the following features: the file type (backup file or regularly used work file); the file format (.doc, .jpg, .avi, .pdf, .exe, etc.); the file size, and so on]

As to claim 5, SCHNJAKIN discloses wherein the assigned access policy comprises information on one or more security groups allowing or denying data access (SCHNJAKIN Pa. [0087]) [the authorisation of the other user computer system is checked by the file management server in order to determine whether the other user computer system is authorised for access to the file. [0088] If the other user computer system is authorised for access, transferring a public cryptographic key, which is assigned to the other user computer system, from the file management server to the user computer system via the network]

As to claim 6, SCHNJAKIN discloses wherein a security group of the one or more security groups is associated with one or more of the following: an IP address, a location context, or a client organization information (SCHNJAKIN Pa. [0109]) [on whether the further user computer system is mobile or immobile or whether it belongs to a list of authorised workplace computers, which for example can be identified as such via their MAC or IP address]

As to claim 9, the combination of SCHNJAKIN, Green and Margolus discloses wherein a requestor security group is determined based at least in part on the requestor information (Green Pa. [0034 & 0042]) [a data access component may comprise any component that is given an opportunity to examine I/O between the requestor 210 and the store 220 and that is capable of changing, completing, or failing the I/O or performing other or no actions based thereon, note: “data access component” can be viewed as “security group”]
See also, Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Green to the data accessing system of SCHNJAKIN would have yield predictable results and resulted in an improved system, namely, a system that provide a token that represents data and  ensure that the data the token represents will not change while the token is valid (Green Pa. [0003])

As to claim 11, the combination of SCHNJAKIN, Green and Margolus discloses wherein the requestor information is evaluated to determine whether a requestor belongs to a security group that has allowed data access (Green Pa. [0039]) [the server may present an interface that allows a data access component to access data of a store that is implemented using one or more of the physical storage devices or portions thereof of the server] See also, Thus, before the  (Green Pa. [0003])

As to claim 12, the combination of SCHNJAKIN, Green and Margolus discloses wherein the original token comprises identifying information on a data storage center (Green Pa. [0044]) [a requestor to obtain a token that represents data of a store]
See also, Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Green to the data accessing system of SCHNJAKIN would have yield predictable results and resulted in an improved system, namely, a system that provide a token that represents data and  ensure that the data the token represents will not change while the token is valid (Green Pa. [0003])

As to claim 13, the combination of SCHNJAKIN, Green and Margolus discloses wherein the original token comprises identifying information on a data location within a data storage center (Green Pa. [0044]) [An offload read allows a requestor to obtain a token that represents data of a store. Using this token, the requestor or another requestor may request an offload write. An offload write allows a requestor to cause an offload provider to write some or all of the data represented by the token] See also, Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Green to the data accessing system of SCHNJAKIN would have yield predictable results and resulted in an improved system, namely, a system that provide a token that represents data and  ensure that the data the token represents will not change while the token is valid (Green Pa. [0003])

As to claim 14, the combination of SCHNJAKIN, Green and Margolus discloses wherein reading the sensitive data comprises decrypting a stored data (Margolus Pa. [0063]) [retrieve and decrypt a repository data-item] See also, Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Margolus to the data accessing system of SCHNJAKIN and Green would have yield predictable results and resulted in an improved system, namely, a system that arranging to share data in this manner without compromising the privacy of user data--this is accomplished by sharing encrypted data (Margolus Pa. [0027])

As to claims 15-16, claims 15-16 recite the claimed that contain respectively .

Claims 4, 7-8 and 10are rejected under 35 U.S.C. 103 as being unpatentable over SCHNJAKIN U.S. Publication No. 20170293766 A1 in view of Green (U.S. Patent Application Publication 20130179649 A1), Margolus US 20050131905 A1 in further view of Li US 20170161599 A1.
As to claim 4, the combination of SCHNJAKIN, Green and Margolus does not explicitly disclose wherein the sensitive data is associated with an assigned access policy that includes a data location context.
However, Li discloses wherein the sensitive data is associated with an assigned access policy (Li Pa. [0087]) [include any access or use information, including expiration policy information, authorization information, decryption information and/or other policy information] that includes a data location context (Li Pa. [0043]) [One or more link(s) for any such the storage location(s) are also included in the additional data context information that will be serialized/encoded into the scannable code along with the identified/selection portion(s) of the content and context information]
Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Li to the data accessing system of SCHNJAKIN, Green and Margolus would have yield predictable results and resulted in an improved system, namely, a system that provide data that is encoded along with context information corresponding to the format and application context of the data that is being copied (Li Pa. [0009])

As to claim 7, the combination of SCHNJAKIN, Green, Margolus and Li wherein the assigned access policy has a data location context matching a data location context of the requested data [this limitation can be assimilated to verification/authentication for authorization purpose which Li discloses in paragraph [0035] (Device properties of the source device and/or user credentials and authorization information is also be included within the data context information in some instances)]. See also, Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Li to the data accessing system of SCHNJAKIN, Green and Margolus would have yield predictable results and resulted in an improved system, namely, a system that provide data that is encoded along with context information corresponding to the format and application context of the data that is being copied (Li Pa. [0009])

As to claim 8, the combination of SCHNJAKIN, Green, Margolus and Li discloses wherein the processor is further to determine that the data comprising sensitive data is configured to have the assigned access policy in the event that a stored access policy has a stored (Li Pa. [0087]) [include any access or use information, including expiration policy information, authorization information, decryption information and/or other policy information] that includes a data location context (Li Pa. [0043]) [One or more link(s) for any such the storage location(s) are also included in the additional data context information that will be serialized/encoded into the scannable code along with the identified/selection portion(s) of the content and context information] access policy data location context that matches a requested data location context [this limitation can be assimilated to verification/authentication for authorization purpose which Li discloses in paragraph [0035] (Device properties of the source device and/or user credentials and authorization information is also be included within the data context information in some instances)]. See also, Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Li to the data accessing system of SCHNJAKIN, Green and Margolus would have yield predictable results and resulted in an improved system, namely, a system that provide data that is encoded along with context information corresponding to the format and application context of the data that is being copied (Li Pa. [0009])

As to claim 10, the combination of SCHNJAKIN, Green, Margolus and Li discloses wherein a data location context of the data is retrieved (Li Pa. [0043]) [One or more link(s) for any such the storage location(s) are also included in the additional data context information that will be serialized/encoded into the scannable code along with the identified/selection portion(s) of the content and context information] See also, Thus, before the effective filing date of the claimed invention it would have been recognized by one of ordinary skill in the art that applying the known technique taught by Li to the data accessing system of SCHNJAKIN, Green and Margolus would have yield predictable results and resulted in an improved system, (Li Pa. [0009])

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to EVANS DESROSIERS whose telephone number is (571)270-5438.  The examiner can normally be reached on Monday -Thursday 7:00 am - 5:30 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok B. Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private 




/EVANS DESROSIERS/Primary Examiner, Art Unit 2491