Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is in response to the claims filed 7/17/2019.  Claims 1-20 are pending.  Claims 1 (a software system) and 12 (a method) are independent.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1, 2, 4-8, and 11 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because claim 1 is directed to a software machine.  Software is not one of a process, manufacture, machine, nor composition of matter for the purposes of § 101 and is not statutory.
To further explain, claim 1 is directed to “a cloud based processing system” which comprises a plurality of software elements.  A cloud is a software system that is resident on physical computing hardware.  However, the cloud itself is merely software.  As such, claim 1, and its dependents 2, 4-8, and 11 are not statutory.
Note that claims 3, 9 and 10 are excluded as they require a device(s) which are interpreted to be physical computing devices. 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-9 and 12-15 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Adkinson-Orellana et al., “Privacy for Google Docs: Implementing a Transparent Encryption Layer” (published 2010).
As to claim 1, Adkinson-Orellana discloses a system comprising:
a user interface, configured to allow a user to enter and edit data, (Adkinson-Orellana Figure 2, “Client with Internet browser Google Docs”)
a proxy server, and (Adkinson-Orellana Figure 2, “Browser add-on”)
a cloud based processing server, (Adkinson-Orellana Figure 2, “Google docs Cloud”)
wherein the user interface is configured to send data entered by a user to the proxy server, and the proxy server is configured to receive and encrypt the data, and send the encrypted data to the cloud based processing server, (“the plaintext is replaced with the ciphered text, and the message is released, so it continues its way to the server.” Adkinson-Orellana § 3.1. See Figure 2 showing plaintext received by the browser add-on and subsequently stored in Google Docs.  See also Adkinson-Orellana § 3.2 discussing the UI)
the proxy server further configured to receive editing commands from the user interface (“When for example, a document is saved” Adkinson-Orellana § 3.1), and send 
the cloud based processing server being configured to receive the encrypted data and editing commands from the proxy server, (Adkinson-Orellana Figure 2) and apply the editing commands to the encrypted data, (“the user’s information received by the server is indecipherable, but the server will not notice any difference because only the document’s content is modified.” Adkinson-Orellana § 3.1.  The document (including encrypted data) is saved (command) on the server.) and send the edited encrypted data back to the proxy server. (“Then the ciphered data of the incoming message is accessed, decrypted with the information recovered from the index (algorithm, key size, mode…) and finally replaced with the plaintext. When the document is finally shown to the user, it is completely readable, and he can work with it as it was a normal one.” Adkinson-Orellana § 3.1.)

As to claim 2, Adkinson-Orellana discloses the system of claim 1 and further discloses: wherein the proxy server is configured to decrypt the edited encrypted data received from the cloud based processing server. (“Then the ciphered data of the incoming message is accessed, decrypted with the information recovered from the index (algorithm, key size, mode…) and finally replaced with the plaintext. When the 

As to claim 3, Adkinson-Orellana discloses the system of claim 1 and further discloses:
wherein the user interface comprises a display screen and a user input device, (Adkinson-Orellana Figures 2 and 3 showing a monitor with Google Docs displayed, and a keyboard) the display screen of the user interface configured to show a browser window, presenting an application interface to a user. (“Fig. 3. Google Docs interface showing the index table of available documents”  Adkinson-Orellana § 3.2)

As to claim 4, Adkinson-Orellana discloses the system of claim 3 and further discloses:
wherein the application interface corresponds to an application hosted on the cloud based processing server. (Google Docs)

As to claim 5, Adkinson-Orellana discloses the system of claim 4 and further discloses:
wherein the application provided by the cloud based processing server is word processor application. (Google Docs)

As to claim 6, Adkinson-Orellana discloses the system of claim 1 and further discloses:


As to claim 7, Adkinson-Orellana discloses the system of claim 1 and further discloses:
wherein the cloud based processing server is configured to receive the encrypted data, apply the editing command to the encrypted data, (“the user’s information received by the server is indecipherable, but the server will not notice any difference because only the document’s content is modified.” Adkinson-Orellana § 3.1.  The document (including encrypted data) is saved (command) on the server.) and send the edited encrypted data back to the proxy server. (“When an encrypted document is requested, the same process is executed, but in the opposite way.” Adkinson-Orellana § 3.1.)

As to claim 8, Adkinson-Orellana discloses the system of claim 1 and further discloses:
wherein the proxy server is configured to decrypt the edited encrypted data, and send the edited decrypted data to the user interface. (“Then the ciphered data of the incoming message is accessed, decrypted with the information recovered from the 

As to claim 9, Adkinson-Orellana discloses the system of claim 1 and further discloses:
wherein the proxy server and user interface are part of the same computing device. (“The security layer we have implemented to add privacy to Google Docs documents relies on a Firefox add-on based on JavaScript [7] and XUL [8], a language similar to XML used to create Firefox extensions.” Adkinson-Orellana § 3.1 browser is the UI and add-on is the proxy server.)


As to claim 12, Adkinson-Orellana discloses a method comprising:
providing plain text data (“Once it has been enabled, the main difference the user can find with respect to the normal use of Google Docs is that the index table with his/her documents contains more information;” Adkinson-Orellana § 3.2) to a proxy server; (“Firefox add-on to protect Google Docs documents” Adkinson-Orellana § 3.1, the “add-on” being the proxy.  See Adkinson-Orellana Figure 2 showing all messages being processed by the browser add-on.)
providing an editing command to the proxy server; (“When for example, a document is saved,” Adkinson-Orellana § 3.1)

the proxy server sending the package of encrypted data and editing command to a cloud based processor, (“When for example, a document is saved, the message with the data is intercepted, encrypting only the user’s content and leaving the rest unmodified…. the plaintext is replaced with the ciphered text, and the message is released,” Adkinson-Orellana § 3.1.  The released package message comprising encrypted data and the “saved” command.)
the cloud based processor applying the editing command to the package of encrypted data to create an edited package of encrypted data, (“the user’s information received by the server is indecipherable, but the server will not notice any difference because only the document’s content is modified.” Adkinson-Orellana § 3.1.  The document (including encrypted data) is saved (command) on the server.)
the cloud based processor sending the edited package of encrypted data back to the proxy server, (“When an encrypted document is requested, the same process is executed, but in the opposite way.” Adkinson-Orellana § 3.1.)
the proxy server decrypting the edited package of encrypted data, thereby providing edited plain text data. (“Then the ciphered data of the incoming message is accessed, decrypted with the information recovered from the index (algorithm, key size, mode…) and finally replaced with the plaintext. When the document is finally shown to 

As to claim 13, Adkinson-Orellana discloses the method of claim 12 and further discloses:
further comprising the step of the plain text data being provided to the proxy server via a user interface. (Adkinson-Orellana Figure 2, Client with Internet browser providing “Plaintext” to the add-on/proxy.)

As to claim 14, Adkinson-Orellana discloses the method of claim 13 and further discloses:
wherein the cloud based processor comprises a word processing application. (Google Docs)

As to claim 15, Adkinson-Orellana discloses the method of claim 14 and further discloses:
further comprising the step of the user interface displaying a browser window which shows a word processor interface. (Adkinson-Orellana Figure 2, “Client with Internet browser Google docs”.)



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 10 and 11 are is/are rejected under 35 U.S.C. 103 as being unpatentable over Adkinson-Orellana et al., “Privacy for Google Docs: Implementing a Transparent Encryption Layer” (published 2010), in view of Strassmann et al., US 2013/0179985 (filed 2013-01).
As to claim 10, Adkinson-Orellana discloses the system of claim 1 but does not disclose:
the proxy server and user interface are part of a network of devices, the network of devices being protected by a firewall. 

Strassmann discloses a similar system where: the proxy server and user interface are part of a network of devices, the network of devices being protected by a firewall. (Strassmann Figure 1A).

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Adkinson-Orellana with Strassmann by providing a proxy server protected by a firewall in communication with a browser.  It would have been obvious to a person of ordinary skill in the art to combine Adkinson-Orellana with 

As to claim 11, Adkinson-Orellana discloses the system of claim 1 but does not disclose:
wherein the encrypted data comprises one or more tags which identify the type of encrypted data to the cloud based processing server.

Strassmann discloses: wherein the encrypted data comprises one or more tags which identify the type of encrypted data to the cloud based processing server.
 (“These annotation tags may appear as parts of the user data to SaaS hosted application 102. However, when the annotated user data is displayed in browser 106, the browser plug-in may hide the annotation tags.” Strassmann ¶ 16. “Embodiments of virtual browser 114 may be further configured to analyze displayed web pages and automatically tag text forms and fields (e.g., INPUT, TEXTAREA, SELECT and other similar HTML forms and fields, etc.) to obfuscate any user data that is entered into such forms and fields.” Strassmann ¶ 29.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Adkinson-Orellana with Strassmann by tagging .


Claims 16 and 17 are is/are rejected under 35 U.S.C. 103 as being unpatentable over Adkinson-Orellana et al., “Privacy for Google Docs: Implementing a Transparent Encryption Layer” (published 2010), in view of Han et al., “A general transformation from KP-ABE to searchable encryption” (published 2013).
As to claim 16, Adkinson-Orellana discloses the method of claim 12 but does not disclose:
further comprising the step of the proxy server encrypt some of the plain text data in such a way that the cloud based processor may decrypt a limited amount of the plain text data.

Han discoses:
further comprising the step of the proxy server encrypt some of the plain text data in such a way that the cloud based processor may decrypt a limited amount of the plain text data.
We utilize the encrypted data file as a ABEKS plaintext. The encryptor encrypts the plaintext with the keyword set of the data file, the searchers construct an access policy to get a secret key as a trapdoor, and servers decrypt the ciphertext with the trapdoor to determine whether the data file is desired.” Han § 3.2. “we can adopt CP-ABE as the data file encryption algorithm, and use KP-ABE to construct our ABEKS scheme.” Han § 5, See Han § 5 generally.  Thus, the server can perform a decryption using the trapdoor to search the keywords, but the encrypted data is not itself decrypted.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Adkinson-Orellana with Han by utilizing the encrypted search trapdoor functionality of Han in the system of Adkinson-Orellana .  It would have been obvious to a person of ordinary skill in the art to combine Adkinson-Orellana with Han in order to allow encrypted keyword search on a set of documents by permitted entities while maintaining permissions and security of the documents and the keywords, Han §§ 1 and 5.

As to claim 17, Adkinson-Orellana discloses the method of claim 12 but does not disclose:
wherein the step of encryption of the plain text data into a package of encrypted data may comprises the use of Cypher-text Policy Attribute Based Encryption.
CP-ABE as the data file encryption algorithm, and use KP-ABE to construct our ABEKS scheme.” Han § 5, See Han §§ 1 and 5 generally. “ABEKS employs the brilliant access control property from KPABE, and searchers can define a flexible search policy by constructing an access policy. We utilize the encrypted data file as a ABEKS plaintext. The encryptor encrypts the plaintext with the keyword set of the data file, the searchers construct an access policy to get a secret key as a trapdoor, and servers decrypt the ciphertext with the trapdoor to determine whether the data file is desired.” Han § 3.2.  Thus, the server can perform a decryption using the trapdoor to search the keywords, but the encrypted data is not itself decrypted.)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Adkinson-Orellana with Han by utilizing the encrypted search trapdoor functionality of Han in the system of Adkinson-Orellana.  It would have been obvious to a person of ordinary skill in the art to combine Adkinson-Orellana with Han in order to allow encrypted keyword search on a set of documents by permitted entities while maintaining permissions and security of the documents and the keywords, Han §§ 1 and 5.

Claim 18 are is/are rejected under 35 U.S.C. 103 as being unpatentable over Adkinson-Orellana et al., “Privacy for Google Docs: Implementing a Transparent Encryption Layer” (published 2010).
As to claim 18, Adkinson-Orellana discloses the method of claim 12 and further discloses:


Adkinson-Orellana does not explicitly disclose: and a second package of data with a second, different, encryption key.

However, Adkinson-Orellana does disclose that a user selects a different key configuration for annother newly encrypted file.  A person of ordinary skill in the art before the effective filing date of the claimed invention would have allowed or instructed the user to select different key information for different files.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to select different key information for different files in order to provide different access to different files to allow sharing of some documents but not others with designated parties, Adkinson-Orellana § 3.1.


Claims 19-20 are is/are rejected under 35 U.S.C. 103 as being unpatentable over Adkinson-Orellana et al., “Privacy for Google Docs: Implementing a Transparent Encryption Layer” (published 2010), in view of Kulkarni et al., US 2013/0283038 (filed 2012-04).
As to claim 19, Adkinson-Orellana discloses the method of claim 12 but does not disclose:
further comprising the step of the proxy server choosing a default encryption key.

Kulkarni discloses:
further comprising the step of the proxy server choosing a default encryption key. (“allow a user to select a private key that is used for universal data encryption. A user may initially select a private key and then may be required to enter the private key every time the user wishes to access data associated with the user's account from certain user devices. Alternatively, a default key may be used if the user does not wish to create and/or utilize the private key.” Kulkarni ¶ 7 and Figure 5)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Adkinson-Orellana with Kulkarni by providing a default key option in lieu of the user specified key of Adkinson-Orellana § 3.2.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to provide the option for a default key in order to allow the documents of Adkinson-Orellana to be quickly enciphered without bothering the user to generate and remember which key is used, thereby easing use of the system.


further comprising the step of a user selecting between a choice of a default encryption key or an alternative encryption key.

Kulkarni discloses:
further comprising the step of a user selecting between a choice of a default encryption key or an alternative encryption key.
(“allow a user to select a private key that is used for universal data encryption. A user may initially select a private key and then may be required to enter the private key every time the user wishes to access data associated with the user's account from certain user devices. Alternatively, a default key may be used if the user does not wish to create and/or utilize the private key.” Kulkarni ¶ 7 and Figure 5)

A person of ordinary skill in the art before the effective filing date of the claimed invention would have combined Adkinson-Orellana with Kulkarni by providing a default key option in lieu of the user specified key of Adkinson-Orellana § 3.2.  It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to provide the option for a default key in order to allow the documents of Adkinson-Orellana to be quickly enciphered without bothering the user to generate and remember which key is used, thereby easing use of the system.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892, particularly:
Glugck, US 2013/0091350, discloses a proxy/firewall that encrypts data transferred to a cloud service.
	Anderson et al., US 2017/0359317, discloses an encryption gateway that encrypts/decrypts data destined for a cloud storage entity.
	Aissi et al., US 9,547,769, discloses a user side data protection hub that encrypts transmitted data.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W CHAO whose telephone number is (571)272-5165.  The examiner can normally be reached on M, W-F 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  






/MICHAEL W CHAO/Examiner, Art Unit 2492