DETAILED ACTION
This communication is responsive to the amendment filed on 01/06/2021. 
Claims 1, 3-5, 13, 17 and 18 have been amended.
Claims 2 and 19 are canceled.
Claims 1, 3-18 and 20-27 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 101
Applicant’s amendments to the claims have overcome the rejections of claims 1-16 and 17-27 under 35 U.S.C. 101 previously rejected as being directed to an abstract idea without significantly more.  Therefore, the rejections of claims 1-16 and 17-27 under 35 U.S.C. 101 has been withdrawn.


Response to Arguments
Applicant’s arguments with respect to claim(s) 1-3, 6, 17-20, 22 and 23 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.

Applicant Argument:
(A) On pages 9-11 of the Applicant’s arguments, see remarks, filed 01/06/2021, with respect to the rejection(s) of claim(s) 1-3, 6, 17-20, 22 and 23 under 35 U.S.C. 102(a)(1) have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn.  However, upon further consideration, a new ground(s) of rejection is made under 35 U.S.C. 103 as being unpatentable over Huang et al. (US Pat. 8,726,403 B2) in view of Sorotokin et al. (US Pat. 10002237 B2).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claims 1, 15 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Huang et al. (US Pat. 8,726,403 B2 filed 09/02/2020) in view of Sorotokin et al. (US Pat. 10002237 B2 filed 07/28/2015).

A data protection method, characterized by comprising: 
checking, by a server, whether a data receiving party has a digital license that is generated by a data transmitting party and is in a valid state, in response to a key usage request initiated by the data receiving party or an action of the data receiving party decrypting encrypted data from the data transmitting party, (Huang, fig. 7, col. 11 lines 31-40, col. 12 lines 30-34 and col. 14 lines 25-33; point of sale transaction for a user to rent and/or purchase downloadable video content includes determining if the user has obtained a license associated with the received video content, if so, allowing the video content to be decrypted and played on the user’s device; the license terms, i.e., rental period, number of times viewed, expired trial period, etc., is used to determine the validity of the license) ;
and if so, transmitting, by the server, to the data receiving party, a corresponding key of at least one key required in a data decryption process and/or related data required for using the corresponding key, according to license information in the digital license permitting the data receiving party to use at least one key required in a data decryption process (Huang, col. 4 lines 36-38 and 47-59; user device 210 may receive encrypted video content and/or a token (a key authorizing decryption and/or to play video content) from content distribution server 220, and a license (based on the received token and information associated with the user device) from the license server; the license contains a key (equivalent to the corresponding key) associated with the user device; the mobile DRM application of the user device, uses the token to decrypt and/or play the content).

 “wherein the data transmitting party is a data transmitting user terminal, and the data receiving party is a data receiving user terminal.”
However, Sorotokin discloses:
“wherein the data transmitting party is a data transmitting user terminal, and the data receiving party is a data receiving user terminal” (Sorotokin, fig. 1, col. 6 lines 9-19 and 45-57; the Parts-Based Digital Rights Management system may include components of a variety of devices or computer systems, i.e., host system(s) 150 and host system(s) 160, i.e., desktop or laptop; each of the elements of FIG. 1 may be components of separate host systems, or groups of such elements may be implemented on a single host system).
Sorotokin discloses that the functional characteristics of the various elements are not limited to elements of any single system or device (Sorotokin, col. 6 lines 40-44).  As such, a person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang with Sorotokin to configure one or more host devices, e.g., user desktop computers, to function as both a host (server) and a client that can either provide content to another computer system, or receive content from another computer system as would be the case in a file sharing system.  Such configuration of a file sharing system can be implemented as a matter of design choice in a manner consistent with the claimed limitation.



“…the digital license includes license information regarding the number of use, period of use, and/or region of use” (Huang, fig. 7, col. 11 lines 31-40, col. 12 lines 30-34 and col. 14 lines 25-33; point of sale transaction for a user to rent and/or purchase downloadable video content includes determining if the user has obtained a license associated with the received video content, if so, allowing the video content to be decrypted and played on the user’s device; the license terms, i.e., rental period, number of times viewed, expired trial period, etc., is used to determine the validity of the license).

As to claim 17, claim 17 represents a server for processing method steps that are identical in scope to the method of claim 1.  Claim 17 is therefore rejected same reason as claim 1 above.

As to claim 18, Huang and Solotokin disclosed the invention of claim 17.  Huang further discloses:
“…that, the server a digital license management unit configured to generate, store, or forward the digital license based on the request of the data transmitting party” (Huang, fig. 2, col. 4 lines 36-38 and 47-59; user device 210 may receive encrypted video content and/or a token (a key authorizing decryption and/or to play video content) from content distribution server 220, and a license (based on the received token and information associated with the user device) from the license server)
Claims 3 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Huang in view of Sorotokin in further view of Kim et al. (US Pat. 8,687,801 B2 filed 01/03/2007).
As to claim 3, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“…transmitting, by the server, to a key management module of the data receiving party, the at least one key and/or related data required for using the at least one key.”
However, Kim discloses:
“…transmitting, by the server, to a key management module of the data receiving party, the at least one key and/or related data required for using the at least one key” (Kim, fig. 4, DRM client module storage unit 1220, and fig. 5, steps 20-70, col. 4 lines 30-48 and col. 4 line 64 – col. 5 line 3; DRM client module 1200 stores domain key and other information regarding domain rules of a DRM system needed to use the domain content from Domain Information Providing Apparatus 2000 (corresponds to server).
A person of ordinary skill in the prior to the effective filing date of the invention to combine the technical features of Huang and Sorotokin with Kim to provide domain key management functionality that allows a DRM client module to determine whether a domain key and associated domain content usage rules, needed to process encrypted content is currently stored in a data storage unit of the DRM client module, if not, allowing the DRM client to request an updated domain key needed to process the encrypted domain data content (Kim, col. 5 lines 19-24).

.

Claims 4, 6, 9-12, 16, 21-23 and 26 are rejected under 35 U.S.C. 103 as being unpatentable over Huang and Sorotokin in view of Mitter (US Pub. 2012/0210134 A1 filed 02/09/2012).
As to claim 4, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“…transmitting, by the server, to the data receiving party a ciphertext of a first predetermined key used for encrypting the data before checking whether the data receiving party has the digital license in the valid state.”
However, Mitter discloses:
“…transmitting, by the server, to the data receiving party a ciphertext of a first predetermined key used for encrypting the data before checking whether the data receiving party has the digital license in the valid state” (Mitter, fig. 1B, pars. 0024-0026; a first user determines digital rights management limitations 112 on how/when a photo 104, e.g., secured (encrypted), digital payload 134, may be viewed or handled by other recipients; a hash of a recipient’s phone number is used to determine if a recipient of the secured digital payload is allowed to view the secured digital payload, if not, the secured digital content is not allowed to be displayed by the recipient).
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Mitter in order to allow a first user to set conditions on the manner in which data, 

As to claim 6, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“…that, the data transmitting party comprises two or more data transmitting ends, and the encrypted data and the digital license are generated by the same data transmitting end or by different data transmitting ends.”
According to the instant specification, the Applicant discloses that a data transmitting party comprising multiple data transmitting ends includes the original data transmitting party and another data transmitting party that has been authorized to forward the received encrypted data in accordance with the license to use the encrypted process issued by the original data transmitting end (Instant Specification par. 0052)
Mitter discloses:
“…that, the data transmitting party comprises two or more data transmitting ends, and the encrypted data and the digital license are generated by the same data transmitting end or by different data transmitting ends”  (Mitter, par. 0095; if it was determined in the previous step that the "sender" is allowed to send the "receiver" an encrypted message and an encryption key was retrieved for the "receiver", then the "sender" selects between options which define the manner in which the sent data may be viewed, stored, exported, or shared with others by the "receiver"; the "sender" selects whether the "receiver" may forward the data to a "2nd receiver". Doing this would re-encrypt the data for consumption by the "2nd receiver" using a similar process as described below for encrypting the data by the "sender" for consumption by the "receiver".  
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Mitter in order to establish the rights for controlling the manner in which a receiving party may use the encrypted content, e.g., the ability to forward the encrypted content, in the specific manner disclosed by the instant specification (Mitter, par. 0095).

As to claim 9, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“at least a part of the digital license is directly or indirectly encrypted with a public key of the data receiving party.”
However, Mitter discloses:
“at least a part of the digital license is directly or indirectly encrypted with a public key of the data receiving party” (Mitter, par. 0056; when the Secure Messaging Application finds a public key corresponding to the selected recipient(s) 432, the Secure Messaging Application encrypts the data and DRM features using the selected recipient(s) public key and then sends the encrypted data and the DRM features to the selected recipients 434).
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin 

As to claim 10, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“…the encrypted data is generated by encrypting the data with the at least one key.” 
However, Mitter discloses:
“…the encrypted data is generated by encrypting the data with the at least one key” (Mitter, par. 0056; When the Secure Messaging Application finds a public key corresponding to the selected recipient(s) 432, the Secure Messaging Application encrypts the data and DRM features using the selected recipient(s) public key and then sends the encrypted data and the DRM features to the selected recipients 434.
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Mitter in order to provide assurance that only intended recipients of the secure message data has the appropriate public key to decrypt the secured message and digital rights, according to the digital rights limitations set by the by the sender of the secured data (Mitter, pars. 0004 and 0056).


“… the encrypted data is generated by encrypting data with the at least one key and a public key of the data receiving party.”
However, Mitter discloses:
“… the encrypted data is generated by encrypting data with the at least one key and a public key of the data receiving party” (Mitter, par. 0024 and 0056; the selected digital rights management limitations 112 and the photo 104 are encrypted using the phone number of each of the recipients 130 respectively and combined as a digital payload 124).
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Mitter in order to provide assurance that only intended recipients of the secure message data has the appropriate public key to decrypt the secured message and digital rights, according to the digital rights limitations set by the by the sender of the secured data (Mitter, pars. 0004 and 0056).

As to claim 12, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“…the encrypted data is generated by encrypting the data with a first predetermined key, the at least one key participating in an encryption process for the first predetermined key.”
However, Mitter discloses:
(Mitter, par. 0056; when the Secure Messaging Application finds a public key corresponding to the selected recipient(s) 432, the Secure Messaging Application encrypts the data and DRM features using the selected recipient(s) public key and then sends the encrypted data and the DRM features to the selected recipients 434).
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Mitter in order to provide assurance that only intended recipients of the secure message data has the appropriate public key to decrypt the secured message and digital rights, according to the digital rights limitations set by the by the sender of the secured data (Mitter, pars. 0004 and 0056).

As to claim 16, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“the encrypted data is generated by encrypting the data by an AES algorithm, a Camellia algorithm or a DES algorithm.”
However, Mitter discloses that a secure messaging application may use a private key-private key encryption method (i.e., symmetric approach), wherein the application uses a single key to encrypt and decrypt data. Alternatively, the application may also use a public key-private key encryption method (i.e., asymmetric approach), wherein the application uses at least two keys to encrypt and decrypt data (Mitter, par. 0096). 

A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Mitter in order to provide assurance that only intended recipients of the secure message data has the appropriate key to decrypt the secured message and digital rights, according to the digital rights limitations set by the by the sender of the secured data (Mitter, pars. 0004 and 0056).

As to claim 21, claim 21 is substantively similar in scope to the invention of claim 4.  Claim 21 is therefore rejected for the same reasons outlined in the rejection of claim 4 above.

As to claim 22, claim 22 is identical in scope to the invention of claim 6.  Claim 22 is therefore rejected for the same reasons outlined in the rejection of claim 6 above.

As to claim 23, claim 23 is identical in scope to the invention of claim 6.  Claim 23 is therefore rejected for the same reasons outlined in the rejection of claim 6 above.

.

Claims 5, 7-8 and 24-25 are rejected under 35 U.S.C. 103 as being unpatentable over Huang and Sorotokin in view of Knight et al. (US Pat. 8,510,847 B2 filed 05/08/2001).
As to claim 5, Huang and Sorotokin disclosed the invention of claim 1.  Huang does not explicitly disclose:
“transmitting, by the server, to the data receiving party a ciphertext of a second predetermined key used for encrypting the data before checking whether the data receiving party has the digital license in the valid state, the second predetermined key being used for encrypting the first predetermined key used for encrypting the data.”
However, Knight discloses:
“transmitting, by the server, to the data receiving party a ciphertext of a second predetermined key used for encrypting the data before checking whether the data receiving party has the digital license in the valid state, the second predetermined key being used for encrypting the first predetermined key used for encrypting the data” (Knight, col. 57 lines 51-56 and col. 58 lines 16-23; Rights Objects associated with DRM (digital rights management) Content have to be enforced at the point of consumption, i.e., by enforcing permissions, constraints and controlling access to DRM content; the Rights Object is protected using a Rights Encryption Key (REK) which is used to encrypt sensitive parts of the Rights Object, such as the Content Encryption Key). 


As to claim 7, Huang and Sorotokin disclosed the invention of claim 1.  Huang and Sorotokin does not explicitly disclose:
“the at least one key and/or the related data are invisible to a user of the data transmitting party and/or a user of the data receiving party.”
However, Knight discloses:
“the at least one key and/or the related data are invisible to a user of the data transmitting party and/or a user of the data receiving party.” (Knight, col. 58 lines 16-23:
    A Rights Object is protected using a Rights Encryption Key (REK) used to encrypt sensitive parts of the Rights Object, such as the Content Encryption Key (CEK), wherein the REK is cryptographically bound to the target DRM Agent. In this way only the target DRM Agent can access the Rights Object, and thus the CEK. Rights Objects are therefore inherently safe.
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Knight to allow a device registered with a MusicStation (digital content) service to obtain a Rights Object for encrypted content wherein the Rights Object and the 

As to claim 8, Huang and Sorotokin disclosed the invention of claim 1.  Huang and Sorotokin does not explicitly disclose: 
“checking, by the server, whether the data receiving party has the digital license in the valid state based on a user account logged in by the data receiving party.”
However, Knight discloses:
“checking, by the server, whether the data receiving party has the digital license in the valid state based on a user account logged in by the data receiving party.” (Knight, col. 61 lines 54-67 and col. 64 lines 58-67; once per Device session the RI (rights issuer) checks with the CA (PKI Certificate Authority) that the Device's Client Certificate is still valid, i.e., the certificate has not been revoked, the private key has not been compromised, the CA’s usage policy has not been violated, etc.)
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Knight to determine if a user that is logged into a content distribution service maintains a valid certificate and is currently authorized to access desired content (Knight, col. 64 lines 58-67).

As to claim 24, claim 24 is substantively similar in scope to the invention of claim 7.  Claim 24 is therefore rejected for the same reasons outlined in the rejection of claim 7 above.
.

Claims 13, 14 and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Huang and Sorotokin in view of Mitter in further view of Grimes et al. (US Pat. 7,036,011 B2 filed 06/29/2001).
As to claim 13, Huang, Sorotokin and Mitter disclosed the invention of claim 12.  Huang does not explicitly disclose:
“encrypting, by the data transmitting party, the first predetermined key using the at least one key; or
encrypting, by the data transmitting party, the first predetermined key is encrypted using the at least one key and a public key of the data receiving party.”
However, Grimes discloses:
“encrypting, by the data transmitting party, the first predetermined key using the at least one key (Grimes, figs. 3A and 3B, col. 6 lines 35-52; method 80 comprises the steps of ordering content, receiving encrypted content 92, receiving the encrypted encryption key 98 and decrypting the encrypted content with the decrypted encryption key).
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Knight to utilize a 2-pass RO, i.e., to acquire the Rights Objects, provide mutual 

As to claim 14, Huang and Sorotokin disclosed the invention of claim 1.  Huang and Sorotokin does not explicitly disclose:
“…the encrypted data is generated by encrypting the data with a first predetermined key, the first predetermined key is encrypted using a second predetermined key, and the second predetermined key is encrypted using the at least one key and a public key of the data receiving party.”
However, Grimes discloses:
“…the encrypted data is generated by encrypting the data with a first predetermined key, the first predetermined key is encrypted using a second predetermined key, and the second predetermined key is encrypted using the at least one key and a public key of the data receiving party” (Grimes, col. 11 line 52 – col. 12 line 9; (Grimes, fig. 5D, col. 11 line 52 – col. 12 line 9; client 18 receiving and decrypting the symmetric encryption key, DRM module 45 (q) decrypting the encrypted digitally enveloped message 160 with the static application key 136, the DRM module 45 (r) retrieves the corresponding digital certificate 128 for the received content and (s) decrypts the encrypted session key 164 with the public key 130).
A person of ordinary skill in the art prior to the effective filing date of the invention would have been motivated to combine the technical features of Huang and Sorotokin with Knight to utilize a 2-pass RO, i.e., to acquire the Rights Objects, provide mutual 
    
As to claim 27, claim 27 is substantively similar in scope to the invention of claim 14.  Claim 27 is therefore rejected for the same reasons outlined in the rejection of claim 14 above.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
Any inquiry concerning this communication or earlier communications from the examiner should be directed to /FELICIANO S MEJIA/ whose telephone number is (571)270-5994.  The examiner can normally be reached on 8:30am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/FELICIANO S. MEJIA/
Examiner
Art Unit 2492




/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492