DETAILED ACTION

1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
          2.	A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office Action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on February 2, 2021 has been entered.
 
 3.        An examiner's amendment to the record appears below. Should the changes and/or additions be unacceptable to Applicant, an amendment may be filed as provided by 37 CFR 1.312.  To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

  	Authorization for this examiner's amendment was given in a telephone interview with Ms. Carol E. Thorstad-Forsyth, of registration number 56,455, on April 5, 2021. During the telephone interview, Ms. Thorstad-Forsyth has agreed and authorized the examiner to amend claims 1, 11, and 22.

CLAIMS

4.	Replace following Claims:
 Claim 1.  (Currently Amended)  A method for secure shared access to encrypted data in a data store, comprising:
maintaining a data storage reference table (DSRT) at a data control server (DCS) for a plurality of blocks of data of a shared data pool, the shared data pool being one or 
specifying, for at least one block of data of the shared data pool, location information and a hash value, the location information being configured to enable access to the at least one block of data stored in one of the data storage devices of the shared data pool, and the hash value being computed for the at least one block of data and configured to decrypt that block of data when stored in encrypted form; and
performing by the DCS post-write request operations that comprise:
receiving (i) a hash value for unencrypted content from a first computing entity of the plurality of computing entities, and (ii) file location data specifying a location in the shared data pool where a given block of data associated with the unencrypted content was written;
determining whether the first computing entity was permitted to perform a write transaction for the given block of data;
comparing the received hash value with a list of hash values in the DSRT to determine that the unencrypted content is duplicative of content previously written to the shared data pool based on the received hash value being present in the list of hash values, responsive to a determination that the first computing entity was permitted to perform the write transaction for the given block of data; and 
changing a pointer value for the given block of data to be the same as that of another block of the shared data pool based on the comparing, so that the given location indicated by the location information remains usable for storage of other data.
 
          Claim 11. (Currently Amended)  A system for facilitating secure shared access to encrypted data in a data store, comprising:
a data control server (DCS) comprising at least one electronic processor and a server data store accessible to the at least one electronic processor;
the DCS configured to maintain a data storage reference table (DSRT) for a plurality of blocks of data of a shared data pool, the shared data pool being one or more 
the DSRT specifying for at least one block of data of the shared data pool, location information and a hash value, the location information being configured to enable access to the at least one block of data stored in one of the data storage devices of the shared data pool, and the hash value being computed for the at least one block of data and configured to decrypt that block of data when stored in encrypted form;
wherein the DCS performs post-write request operations that comprise:
receiving (i) a hash value for unencrypted content from a first computing entity of the plurality of computing entities, and (ii) file location data specifying a location in the shared data pool where a given block of data associated with the unencrypted content was written;
determining whether the first computing entity was permitted to perform a write transaction for the given block of data;
comparing the received hash value with a list of hash values in the DSRT to determine that the unencrypted content is duplicative of content previously written to the shared data pool based on the received has value being present in the list of has values, responsive to a determination that the first computing entity was permitted to perform the write transaction for the given block of data; and
changing a pointer value for the given block of data to be the same as that of another block of the shared data pool based on the comparing, so that the given location indicated by the location information remains usable for storage of other data.
 
Claim 22. (Currently Amended)  The method according to claim 21, wherein: 
the DCS post-write request operations further comprise determining whether the first computing entity was permitted to perform a write transaction for the given shared data unit; and 
.    
 
Allowable Subject Matter

5.	Claims 1-5, 9-15, and 19-22 are allowed.

Examiner’s statement of reason of allowance

 6.	The following is an examiner’s statement of reasons for allowance: 
           The present invention is directed to a method for secure shared access to encrypted data in a data store. The prior art of record fails to teach or fairly suggest neither singly nor in combination a method, and a system for secure shared access to encrypted data in a data store, in the manner and combinations recited in independent claims 1, 11, and 21, and having the uniquely distinct features of:
            “performing by the DCS post-write request operations that comprise:
             receiving (i) a hash value for unencrypted content from a first computing entity of the plurality of computing entities, and (ii) file location data specifying a location in the shared data pool where a given block of data associated with the unencrypted content was written;
             determining whether the first computing entity was permitted to perform a write transaction for the given block of data;
             comparing the received hash value with a list of hash values in the DSRT to determine that the unencrypted content is duplicative of content previously written to the shared data pool based on the received hash value being present in the list of hash values, responsive to a determination that the first computing entity was permitted to perform the write transaction for the given block of data; and 
                       changing a pointer value for the given block of data to be the same as that of another block of the shared data pool based on the comparing, so that the given location indicated by the location information remains usable for storage of other data.” 


                        Claims 2-5, 9-10, 12-15, 19-20, and 22 incorporate the allowable features recited above, through dependency, and are also allowed.
            The closest prior arts, Yasa et al. (U.S. 2012/0323860 A1) discloses a object-level identification of duplicate data in a storage system; Bashyam et al. (U.S. 2016/0352511 A1) disclose content-based encryption keys; Ramarao (U.S. 8,751,763 B1) disclose low-overhead de-duplication within a block-based data storage; and Patti et al. (U.S. 8,856,530 B2) disclose data storage incorporating cryptographically  enhanced data protection.  The cited prior art does not teach or suggest, alone or in combination,
            “performing by the DCS post-write request operations that comprise:
             receiving (i) a hash value for unencrypted content from a first computing entity of the plurality of computing entities, and (ii) file location data specifying a location in the shared data pool where a given block of data associated with the unencrypted content was written;
             determining whether the first computing entity was permitted to perform a write transaction for the given block of data;
             comparing the received hash value with a list of hash values in the DSRT to determine that the unencrypted content is duplicative of content previously written to the shared data pool based on the received hash value being present in the list of hash values, responsive to a determination that the first computing entity was permitted to perform the write transaction for the given block of data; and 
                       changing a pointer value for the given block of data to be the same as that of another block of the shared data pool based on the comparing, so that the given location indicated by the location information remains usable for storage of other data.”, in combination with the other claimed limitations.

Conclusion

	Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. 

           8.     Any inquiry concerning this communication or earlier communications from the examiner should be directed to Peiliang Pan whose telephone number is (571) 272-5987.  The examiner can normally be reached on Monday-Friday 8:00 am - 5:00 pm EST.
         If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
         Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Peiliang Pan/
Examiner, Art Unit 2492



 /TAE K KIM/ Primary Examiner, Art Unit 2492