DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is a response to an application filed 11/06/2019 wherein claims 1 – 29 are pending and ready for examination.  

Information Disclosure Statement
The information disclosure statements (IDS) submitted on July 17 2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Claim Objections
Claim7 objected to because of the following informalities: Claim 7 depends from itself.  Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-7, 11-17, and 21-26 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA   at least first, second, and third ORAM servers, each of the servers configured to communicate with a client ORAM device, and programmed to facilitate storage of a different subset of the shares of the tree structure using a distributed file system and to implement an access procedure of a tree-based ORAM using the tree structure, including a retrieval phase and an eviction phase.  It is unclear to the Examiner which object(s) these features are “included in” the system (e.g. the structure, the access procedure, and/or the ORAM servers).

Claim 7 is further rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.   Here, the claim recites "wherein the servers are further programmed to" which could place server Si where I could possible = 0 . Does this language apply to all the servers or to just S1 and S2? The Examiner questions how can there be an Si-1 if the current server is S0?

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having 



Claims 1-7, 11-17, and 21-26 are rejected under 35 U.S.C. 103 as being unpatentable over Yeo; Kevin  et al, US 20180314847 A1, January 12, 2018, hereafter referred to as Yeo in view of Abraham; Ittai et al., Non Patent Literature (NPL): Asymptotically Tight Bounds for Composing ORAM with PIR, 26 February, 2017, hereafter referred to as Abraham and in further view of Ikarashi; Dai et al, US 20180158377, June 7 2018, hereafter referred to as Ikarashi.

           As to claim 1, Yeo teaches a system for providing an oblivious distributed file system - Yeo [0004] FIG. 1B is a system for allowing one or more clients to obliviously execute queries for data blocks stored on non-transitory data storage of a distributed storage system) using an oblivious random access machine (ORAM) - Yeo [0006] FIGS. 3A-3D are schematic views of an example DP oblivious random access memory (O-RAM), comprising:
            an ORAM balanced tree structure, where each node in the tree is configured to store data blocks - Yeo [0009] FIG. 6 provides an example algorithm initializing the binary tree by inputting data blocks in encrypted form into corresponding buckets and executing a query for a data block,  Here, the claimed ‘balanced tree structure’ is taught by Yeo as ‘binary tree’), the structure including at least two shares – Yeo [0037] the distributed storage system 140 is "single-sided," eliminating the need for any server jobs for responding to real and/or fake queries 302,402/304, 404 from client devices 120 to retrieve data blocks 102 and/or dummy data blocks 103 from the storage abstraction 150 when the client device 120 executes instructions 300, 400 to execute queries (q) for data blocks 102.  Here, the claimed ‘two shares’ is taught by Yeo as ‘data blocks 102’); and
           at least first, second, and third ORAM servers, each of the servers configured to communicate with a client ORAM device - Yeo [0036 and 0029] since at ’36 Referring to FIG. 1B, … the distributed storage system 140 includes loosely coupled memory hosts 110, 110a-z (e.g., computers or servers)…The storage abstraction 150 overlain on the storage resources 114 allows scalable use of the storage resources 114 by one or more client devices 120, 120a-n since at ’29 The memory hardware 114, 122 may be physical devices used to store programs … on a temporary or permanent basis for use by a computing device 112 and/or a client device 120 (i.e., the data processing hardware 124 of the client device 120). The memory hardware 114, 122 may be …oblivious random access memory (ORAM).  Here, the claimed ‘first, second, and third ORAM servers’ is taught by Yeo as ‘memory hosts 110 a-c’ where as the claimed ‘a client ORAM’ is taught by Yeo as ‘client devices 120 a-c’ since each server is configured to communicate with a client ORAM), and programmed to facilitate storage of a different subset of the shares of the tree structure - Yep [0298] FIG. 4.6 provides an example algorithm 4600 initializing the binary tree by inputting the data blocks 4102 in encrypted form into corresponding L buckets) using a distributed file system and to implement an access procedure of a tree-based ORAM using the tree structure – Yeo [0031] ... A notation N denotes a total number of the data blocks 102 associated with the client 104 (or associated with the storage resource(s) 114 in private information retrieval) and stored on the storage abstraction 150 using Oblivious Random Access Memory (O-RAM) or Oblivious Storage (OS)), including a retrieval phase and an eviction phase – Yeo [0035] … The query (q) consists of two phases: (1) a download phase; and (2) an overwrite phase so that the distributed system 140 is unaware whether the corresponding operation is a read or write. Here, the claimed ‘retrieval phase’ is taught by Yeo as ‘a download phase’ because the data is downloaded from storage blocks whereas the claimed ‘eviction phase’ is taught by Yea as wherein in the retrieval phase, the servers utilize an XOR-based Private Information Retrieval (PIR) protocol to retrieve data blocks as requested from the client ORAM device HOWEVER IN AN ANALAGOUS ART DIRECTED TO THE FIELD OF ENDEAVOR OF PROTECTING USER ACCESS PATTERNS ABARAHAM TEACHES wherein in the retrieval phase, the servers utilize an XOR-based Private Information Retrieval (PIR) protocol to retrieve data blocks – Abraham [page 92 4th paragraph] … Using four non-colluding servers, CHf-ORAM claims to achieve O(1) bandwidth blowup using simple XOR-based PIR protocols) as requested from the client ORAM device – Abraham [page 97 5th paragraph] The sequence of interaction ORAM(y) may include simple physical read/ write requests, PIR requests, or any other complex protocols between the client and the server.  THE COMBINATION OF YE AND ABARAHAM DO NOT TEACH and in the eviction phase, the servers utilize a linear secret sharing scheme, HOWEVER IN AN ANALAGOUS ART DIRECTED TO THE SAME FIELD OF ENDEAVOR, WHEREBY USER ACCESS PATTERNS ARE PROTECTED, IKARASHI TEACHES and in the eviction phase – Ikarashi [0037] …in the case of T=1, the null value checking part 126.sub.m obtains and outputs a secret sharing value [r].sub.m.  Here, the claimed ‘eviction phase’ is taught by Ikarashi as ‘outputs a secret’.  Ikarashi terms the eviction as a output operation and the retrieval as an input operation see Ikarashi ‘28), the servers utilize a linear secret sharing scheme – Ikarashi [0030 and 0034] since at ‘30 The sharing apparatus 11 generates a secret sharing value [W].sub.m of an input value W and transmits the secret sharing value [W].sub.m to the secure computation apparatus 12.sub.m (m=0, . . . , M-1). Here, the claimed servers is taught by Ikarashi as ‘sharing apparatus 11’ whereas the claimed ‘linear secret sharing scheme’ is suggested by Ikarashi as ‘sharing value’ but Ikarashi teaches the an example linear secret sharing scheme since at ‘34 … The secret sharing scheme is not limited, and a linear secret sharing scheme such as Shamir's Secret Sharing Scheme.  Thus, it would have been recognized by one of ordinary skill in the art before the effective filing date of  Servers 4114 of Yeo would have yielded predicable results and resulted in an improved data block retrieval, namely, a XOR-based Private Information Retrieval (PIR) protocol that would positively and securely read data from the distributed storage of Servers 4114 of Yeo thereby providing masked patterns as provided for by the PIR protocol of Abraham. The substitution of one known element Ikarashi Shamir's Secret Sharing Scheme for another encryption/hashing scheme found in Yeo would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention since the substitution of the linear sharing scheme shown in Yeo would have yielded predictable results, namely, conveying a shared secret by deriving its shares from a plurality of secured storage in Servers 4114 of Yeo to ensure that the pattern of retrieval of the shares is hidden using the Shamir Secret Sharing scheme provided by Ikarashi).

             As to claim 2, the combination of Yeo, Abraham, and Ikarashi teaches the system of claim 1, wherein the linear secret sharing scheme supports addition – Yeo [0016] … the distributed storage system may process the add operation by adding the computed cryptographic word set token and the encrypted word metadata to a word set stored by the distributed storage system and multiplication operations on the at least two shares – Yeo [0119] the SSE manager 1160 determines the cryptographic read access value 1224 for the sharee 1010b by multiplying the first cryptographic share value S.sub.1 252 and the second cryptographic share value S.sub.2 262) Here, the claimed ‘multiplication operations’ is taught by Yeo as ‘multiplying’ whereas the claimed ‘at least two shares’ is taught by Yeo as ‘S.sub.1 and S.sub.2’). 

            As to claim 3, the combination of Yeo, Abraham, and Ikarashi teaches the system of claim 1, wherein the linear secret sharing scheme is a replicated linear secret sharing scheme – Ikarashi [0034] The secret sharing scheme is not limited, and a linear secret sharing scheme such as Shamir's Secret Sharing Scheme, a replicated secrete sharing scheme and any other schemes (see, for example, "Reference Literature 2") are possible).  Here, the same rationale for Ikarashi sharing scheme for use in claim 1 applies here for claim 3. 

             As to claim 4, the combination of Yeo, Abraham, and Ikarashi teaches the system of claim 1, wherein the linear secret sharing scheme offers security in an environment including a malicious adversary –Ikarashi [0034] The secret sharing value [W].sub.m is received by the communication part 121.sub.m of the secure computation apparatus 12.sub.m (FIG. 2) and sent to the input operation part 124.sub.m (step S11.sub.m). Here, the claimed ‘secret sharing scheme’ is represented by Ikarashi as ‘secret sharing value’ whereas the claimed ‘environment’ is taught by Ikarashi as ‘apparatus 12’ as it is a secure environment.  Figure 3.  Secure environments defend against malicious activity. Here, the same rationale for Ikarashi sharing scheme for use in claim 1 applies here for claim 4. 

              As to claim 5, the combination of Yeo, Abraham, and Ikarashi teaches the system of claim 1, wherein the number of shares is exactly three shares [[lT[]0 [[TB]]1, IT]2) – Yeo [0181] the client device 2120 sprays/evicts one (1) data block 2102 (Block 1) from the second cache slot C.sub.2 2370b into the second buffer bucket 2360b since the second cache slot C.sub.2 2370b is presently storing three data blocks 2102.  Here, the claimed ‘three shares’ is taught by Yeo as ‘three data blocks’), the number of ORAM servers is three, and the first, second, and third ORAM servers (So, Si, and S2) are configured to facilitate storage of shares [[T]j and [T]i+1(-mod 3) - Yeo [0036] Referring to FIG. 1B, … the distributed storage system 140 includes loosely coupled memory hosts 110, 110a-z (e.g., computers or servers)…The storage abstraction 150 overlain on the storage resources 114 allows scalable use of the storage resources 114 by one or more client devices 120, 120a-n.  Here, the claimed ‘first, second, and third ORAM servers’ is taught by Yeo as ‘memory hosts 110 a-c’ where as the , where i is the number of the respective ORAM server - Yeo [0221] The client device 3120 stores a memory-level map 3300 locally in the memory hardware 3122 that maps memory levels (l.sub.i) of memory 3118, 3122, 3200. The sizes and number of memory levels (l.sub.i) may be selected based on query and shuffling costs, in addition to the amount of storage capacity required at each of the client device 3120 and the storage abstraction 3200).

               As to claim 6, the combination of Yeo, Abraham, and Ikarashi teaches the system of claim 5, wherein the servers are further programmed to store an element of data A into a data block Z as two portions [[A]]1  [[A]]2 -Yeo [0034] At the trusted side, the client device 120 may iteratively download two data buckets 350 at a time from the distributed system 140 using a pair of pseudorandom functions F.sub.1, F.sub.2 and corresponding identifiers id and allocates a block stash 370.  Here, the claimed ‘two portions’ is taught by Yeo as ‘data buckets 350’ whereas the claimed ‘data block’ is taught by Yeo as ‘block stash 370’, each portion being stored to a different one of the three shares [[IT]]o, [[T]]i, [[T]2, – Yeo [0181] the client device 2120 sprays/evicts one (1) data block 2102 (Block 1) from the second cache slot C.sub.2 2370b into the second buffer bucket 2360b since the second cache slot C.sub.2 2370b is presently storing three data blocks 2102.  Here, the claimed ‘three shares’ is taught by Yeo as ‘three data blocks’) wherein the portions [[A]]1  [[A]]2 are summed to retrieve the shared secret A - Ikarashi [0053] The magnitude comparison bit string acquiring part 227.sub.m obtains a secret sharing value [(Y(0)-Y(1)+2.sup.K-1) mod P].sub.m of a comparison result value (Y(0)-Y(1)+2.sup.K-1) mod P (a value obtained by adding 2.sup.K-1 to a value obtained by subtracting a value represented by the target bit string A(1) from a value represented by the target bit string A(0)) by secure computation). The substitution of one known element Ikarashi summing operation to derive a shared secret would have been obvious to one of ordinary skill in 

            As to claim 7, the combination of Yeo, Abraham, and Ikarashi teaches the system of claim 7, wherein the servers are further programmed to, responsive to completion of evictions, the server Si performing the eviction sends the share [[T]j to server Si- i to maintain consistency between replicas of the shares [[IT]]o, [[T]]i, [[T]2 – Yeo [0017] During an overwrite phase, the method further includes executing, by the data processing hardware, a read or write operation on the data block removed from the block stash or obtained from a corresponding data bucket retrieved from memory of the distributed system. The method also includes determining, by the data processing hardware, whether to store a current version of the data block in the block stash or on the memory of the distributed system based on a probability).
          
            As to claim 11, claim 11 is a method that is directed to the system of claim 1.  Therefore claim 11 is rejected for the reasons as set forth in claim 1.  
 
            As to claim 12, claim 12 is a method directed to the system of claim 2.  Therefore, claim 12 is rejected for reasons as set forth in claim 2.

            As to claim 13, claim 13 is a method directed to the system of claim 3.  Therefore, claim 13 is rejected for reasons as set forth in claim 3.

              As to claim 14, claim 14 is a method directed to the system of claim 4.  Therefore, claim 14 is rejected for reasons as set forth in claim 4.

              As to claim 15, claim 15 is a method directed to the system of claim 5.  Therefore, claim 15 is rejected for reasons as set forth in claim 5.

             As to claim 16, claim 16 is a method directed to the system of claim 6.  Therefore, claim 16 is rejected for reasons as set forth in claim 6.

             As to claim 17, claim 17 is a method directed to the system of claim 7.  Therefore, claim 17 is rejected for reasons as set forth in claim 7.

             As to claim 21, claim 21 is a non-transitory computer-readable medium that is directed to the method of claim 1.  Therefore, claim 21 is rejected for reasons as set forth in claim 1.

           As to claim 22, claim 22 is a non-transitory computer-readable medium that is directed to the method of claim 2.  Therefore, claim 22 is rejected for reasons as set forth in claim 2.

           As to claim 23, claim 23 is a non-transitory computer-readable medium that is directed to the method of claim 3.  Therefore, claim 23 is rejected for reasons as set forth in claim 3.

           As to claim 24, claim 24 is a non-transitory computer-readable medium that is directed to the method of claim 4.  Therefore, claim 24 is rejected for reasons as set forth in claim 4.

            As to claim 25, claim 25 is a non-transitory computer-readable medium that is directed to the method of claim 6.  Therefore, claim 25 is rejected for reasons as set forth in claim 6.

            As to claim 26, claim 26 is a non-transitory computer-readable medium that is directed to the method of claim 7.  Therefore, claim 26 is rejected for reasons as set forth in claim 7.


Claims 10, 20, and 29 are rejected under 35 U.S.C. 103 as being unpatentable over Yeo and Abraham, in view of Ikarashi, and in further view of Wentz, US 20200201679 A1, June 25, 2020, hereafter referred to as Wentz.

             As to claim 10, the combination of Yeo, Abraham, and Ikarashi teaches the system of claim 1.  THE COMBINATION OF YEO, ABRAHAM, AND IKARASHI DO NOT TEACH wherein the distributed file system is the Hadoop Distributed File System (HDFS), HOWEVER IN AN ANALAGOUS ART DIRECTED TO THE SAME FIELD OF EDEAVOR WENTZ TEACHES wherein the distributed file system is the Hadoop Distributed File System (HDFS) – Wentz [0105] Distributed framework may be use any suitable protocol for such task distribution, including without limitation any protocol and/or protocols as described herein, the Message Passing Interface (MPI) protocol, the HADOOP protocol. The substitution of one known element HADOOP protocol for another distributed storage system would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention since the substitution of the HADOOP shown in Yeo would have yielded predictable results, namely, selecting one or more remote devices having confidence levels recorded in secure listing provided by Wentz Switch 4114 of Yeo to afford selective but secure access provided HADOOP protocol).             As to claim 20, claim 20 is a method directed to the system of claim 10.  Therefore, claim 20 is rejected for reasons as set forth in claim 10.

           As to claim 29, claim 29 is a non-transitory computer-readable medium that is directed to the method of claim 10.  Therefore, claim 29 is rejected for reasons as set forth in claim 10.

Allowable Subject Matter
Claims 8—9, 18-19, and 27-28 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM B. JONES whose telephone number is (571) 272-9637.  The examiner can normally be reached on Mon - Fri., 5:30 a.m. to 2:00 p.m.  If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-272-3900.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
 /WILLIAM B JONES/Examiner, Art Unit 24914/27/2021


/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491