Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
Applicant’s amendment filed on 3/12/2021 has been entered. Applicant has amended claims 1 and 7; and added claims 14-19. Currently claims 14-19 are pending in this application.

 Response to Arguments
Applicant's arguments with respect to claims 1, 7 and 14 have been considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1-5 and 14-18 are rejected under 35 U.S.C. 103 as being unpatentable over Perlman (US 9,779,269 B1), hereinafter, “Perlman” in view of Simmons et al. (US 2017/0083709 A1), hereinafter, “Simmons”.
Regarding Claims 1 and 14, Perlman discloses a content management system and corresponding method, wherein the content management system comprises: 
at least one device processor (See, Fig. 1, Numeral 130); 
an object store (See, Fig. 1, Numeral 110); 
a data store associated with an interface (See, Fig. 1, Numeral 102); 
a non-transitory computer readable medium (See, Column 12, lines 17-25), comprising instructions for:
providing the interface that: 
obtains a request to store content in the content management system, the content management system at a first location (See, Column 9, lines 54-58, “In step 300, a plaintext data item is received from one of multiple tenants for storage in the storage system. For example, the plaintext data item may be received in the storage system 100 over a network from a remote terminal or other user device of a given one of the tenants of the system”); 
in response to the request to store the content, initiates encryption of the content, the encryption performed by generating a data key that is specific for the content (See, Column 10, lines 64-67, “Also, the received data item is encrypted using a corresponding data encryption key. The resulting encrypted data item is stored in a storage array of the storage system”), and encrypting the content using the generated data key, the encryption including generating an encrypted 
stores the encrypted content in the object store (See, Column 10, lines 64-67, “Also, the received data item is encrypted using a corresponding data encryption key. The resulting encrypted data item is stored in a storage array of the storage system”); and 
stores an entry for the encrypted content in the data store, the entry including a storage record that includes the encrypted data key (See, Column 2, lines 24-27, “The given data item as stored for a given one of the tenants has associated metadata that includes the particular data encryption key encrypted by the cryptographic module using the tenant key of the given tenant”).
Perlman does not explicitly disclose generating an event to initiate replication of the encrypted content and the storage record to another instance of a content management system at a second location without transmission of a decrypted version of the content and without transmission of a decrypted version of the data key.

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to generate, in the system of Perlman, an event to initiate replication of encrypted content and a storage record to another instance of a content management system at a second location without transmission of a decrypted version of the content and without transmission of a decrypted version of a data key as taught by Simmons because sending the symmetric key in plaintext would jeopardize the security of the encrypted data element and allow attackers to decrypt the encrypted data elements (See, Simmons, Paragraph 0017) and also because the “encrypted data stored at the storage device may be sent to the backup server and other entities that are not authorized to access data without jeopardizing the security of the data. Unauthorized entities do not have the private key needed to decrypt the encrypted symmetric keys. The storage device may therefore send the encrypted data to a backup server for storage without jeopardizing the security of the data. If the backup server is not an authorized entity, then the backup server will be unable to decrypt the encrypted data” (See, Simmons, Paragraph 0019).

Claims 2 and 15, the rejection of claims 1 and 14 is incorporated and Perlman further discloses wherein obtaining the request to store content includes obtaining the request to store content from a user associated with the tenant, wherein the tenant includes one of a plurality of tenants in a multi-tenant environment of the content management system (See, Abstract).
Regarding Claims 3 and 16, the rejection of claims 1 and 14 is incorporated and Perlman further discloses wherein the interface obtains a request for generation of the tenant key, and initiates generation of the tenant key, wherein a security module generates the tenant key (See, Column 4, line 43-47 and Column 7, lines 37-53).
Regarding Claims 4 and 17, the rejection of claims 1 and 14 is incorporated and Perlman further discloses wherein a security module generates the encrypted data key by encrypting the data key with a tenant key that is associated with a tenant (See, Column 11, lines 16-26).
Regarding Claims 5 and 18, the rejection of claims 4 and 17 is incorporated and Perlman further discloses wherein the security module includes one or more hardware security modules (HSMs) (See, Fig. 1, Numeral 104).

Claims 7-13 are rejected under 35 U.S.C. 103 as being unpatentable over Perlman in view of Tsaur et al. (US 8,199,911 B1), hereinafter, “Tsaur” and further in view of Gupta (US 2018/0034792 A1), hereinafter, “Gupta” and Simmons.
	Regarding Claim 7, Perlman discloses a content management system, comprising: 
a processor (See, Fig. 1, Numeral 130); and 

an object management module for: 
obtaining an object (See, Column 9, lines 54-58, “In step 300, a plaintext data item is received from one of multiple tenants for storage in the storage system. For example, the plaintext data item may be received in the storage system 100 over a network from a remote terminal or other user device of a given one of the tenants of the system”); 
generating a data key 
encrypting the obtained object using the data key (See, Column 10, lines 64-67, “Also, the received data item is encrypted using a corresponding data encryption key. The resulting encrypted data item is stored in a storage array of the storage system”); 
sending the data key and a tenant key 
receiving an encrypted data key from the security module (See, Column 7, lines 48-53, “The encryption and decryption modules 122 and 124 are utilized to 
initiating storage of the encrypted object in an object store (See, Column 10, lines 64-67, “Also, the received data item is encrypted using a corresponding data encryption key. The resulting encrypted data item is stored in a storage array of the storage system”); and 
initiating storage, in a database, of a storage record, the encrypted data key, and the tenant key 

Perlman does not explicitly disclose a data key that is based on the obtained object and using and storing of tenant key identifier during the encryption process. 
	Using the obtained object to derive encryption key are well known in the art of computer security. Tsaur discloses data key that is based on an obtained object (See, Column 2, lines 37-60).

Using and storing key identifiers during the encryption process is well known in the art of computer security. Gupta discloses a system for appending key IDs for key identification during data encryption and further discloses storing key identifiers (See, abstract and Paragraph 0005).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to use, for the tenant keys in the system of Perlman, key identifiers as taught by Gupta so that “it is possible to quickly and easily detect and extract the key ID during decryption operations. Then, the key ID may be used to identify the actual encryption key used for the encrypted data in question, so that decryption may proceed. In this way, for example, a tenant may quickly obtain desired data, while a provider of the multi-tenant architecture uses available computing resources in an efficient manner” (See, Paragraph 0005).
Perlman does not explicitly disclose initiating replication of the encrypted object and the storage record to another instance of a content management system without transmission of a decrypted version of the object and without transmission of a decrypted version of the data key.
Simmons discloses system of replication of data encrypted using symmetric keys (See, title) wherein the system is configured to initiate replication of encrypted object and a storage record to another instance of a content management system without 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to initiate, in the system of Perlman, replication of encrypted content and a storage record to another instance of a content management system at a second location without transmission of a decrypted version of the content and without transmission of a decrypted version of a data key as taught by Simmons because sending the symmetric key in plaintext would jeopardize the security of the encrypted data element and allow attackers to decrypt the encrypted data elements (See, Simmons, Paragraph 0017) and also because the “encrypted data stored at the storage device may be sent to the backup server and other entities that are not authorized to access data without jeopardizing the security of the data. Unauthorized entities do not have the private key needed to decrypt the encrypted symmetric keys. The storage device may therefore send the encrypted data to a backup server for storage without jeopardizing the security of the data. If the backup server is not an authorized entity, then the backup server will be unable to decrypt the encrypted data” (See, Simmons, Paragraph 0019).
Regarding Claim 8, the rejection of claim 7 is incorporated and the combination of Perlman, Tsaur, Gupta and Simmons further discloses wherein the security module includes a hardware security module (HSM) (See, Perlman, Fig. 1, Numeral 104).
Claim 9, the rejection of claim 7 is incorporated and the combination of Perlman, Tsaur, Gupta and Simmons as applied in the rejection of claim 7 does not explicitly disclose wherein generating the data key includes obtaining an initialization vector (IV).
However, Tsaur in the same reference disclose generating a data key includes obtaining an initialization vector (IV) (See, Column 2, lines 37-60).
 Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include, in the system of Perlman, Tsaur, Gupta and Simmons, obtaining an initialization vector (IV) in generating a data key as taught by Tsaur for “providing an even higher level of security”. (See, Tsaur, Column 2, line 60).
Regarding Claim 10, the rejection of claim 7 is incorporated and the combination of Perlman, Tsaur, Gupta and Simmons as applied in the claim 7 does not explicitly disclose wherein generating the data key includes obtaining information indicating an encryption algorithm for encrypting the obtained object.
However, Gupta in the same reference disclose wherein generating a data key includes obtaining information indicating an encryption algorithm for encrypting obtained object (See, Paragraphs 0042, 0047 and 0065).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to obtain, in the system of Perlman, Tsaur, Gupta and Simmons, information indicating an encryption algorithm for encrypting the obtained object as taught by Gupta to implement cloud storage system that support 
Regarding Claim 11, the rejection of claim 7 is incorporated and the combination of Perlman, Tsaur, Gupta and Simmons further discloses wherein the instructions are further for: receiving a request for the object (See, Perlman, Column 6, lines 7-9).
Regarding Claim 12, the rejection of claim 11 is incorporated and the combination of Perlman, Tsaur, Gupta and Simmons further discloses wherein the instructions are further for: requesting the storage record from the database; receiving the storage record, the encrypted data key, and the tenant key identifier from the database; and receiving the encrypted object from the object store (See, Perlman, Column 5 line 58- Column 6, line 9 as combined with the tenant key identifier teaching of Gupta).
Regarding Claim 13, the rejection of claim 12 is incorporated and the combination of Perlman, Tsaur, Gupta and Simmons further discloses wherein the instructions are further for: providing the encrypted data key, the tenant key identifier, and 
The combination of Perlman, Tsaur, Gupta and Simmons does not explicitly disclose providing an identification of an encryption algorithm to the security module.

Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to providing, in the system of Perlman, Tsaur, Gupta and Simmons, an identification of an encryption algorithm to the security module as taught by Gupta to implement cloud storage system that support multiple encryption algorithm based on the difference level of security needs or requirements of the tenants. 

Claims 6 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Perlman in view of Simmons and further in view of Tsaur.
Regarding Claims 6 and 19, the rejection of claims 1 and 14 is incorporated and the combination of Perlman and Simmons does not explicitly disclose wherein generating the data key includes obtaining an initialization vector (IV) that is specific to the content.
However, Tsaur in the same reference disclose generating a data key includes obtaining an initialization vector (IV) that is specific to the content (See, Column 2, lines 37-60).
 Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include, in the system of Perlman and Simmons, Tsaur and Gupta, obtaining an initialization vector (IV) specific to the content .

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 



Any inquiry concerning this communication or earlier communications from the examiner should be directed to YOGESH PALIWAL whose telephone number is (571)270-1807.  The examiner can normally be reached on M-F 9:00AM-5:00PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph P Hirl can be reached on 5712723685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/YOGESH PALIWAL/Primary Examiner, Art Unit 2435