DETAILED ACTION
This final office action is in response to claims 1-20 filed on 02/04/2021 for examination. Claims 1-20 are being examined and are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Response to Amendment
The amendment filed January 27, 2021 has been entered. Claims 1-20 remain pending in the application. The claims have been amended. Applicant’s arguments and amendments to the claims have overcome each and every drawing objection and 101 rejection previously set forth in the Non-Final Office Action mailed November 16, 2020. Claims 1-4, 6, 9-12, 14, 17-18, and 20 have been amended and have necessitated a new ground(s) of rejection in this Office Action. Further, Applicants’ arguments filed on 01/27/2021 have been fully considered but are not persuasive to distinguish against the previously identified prior art. Particularly:
Applicant opines that the prior art fails to disclose encoding additional authentication data (AAD) into a wrapped data encryption key (DEK), wherein the AAD is used to determine whether a requestor is authorized to unwrap the wrapped DEK. Remarks, pg. 9. 
Applicant is directed to Shankar et al. (US8601263, hereinafter “Shankar”) at column 2, lines 57-67, disclosing “The wrapped key can also include the group identifier <i.e., additional authenticated data> in encrypted form. <i.e., additional authentication data is encoded into the wrapped key>” wherein the group identifier is used to determine whether the user is authorized to unwrap the wrapped key. See also Shankar at column 8, lines 30-47: “The resource encryption key itself has been encrypted by the keystore 109. The encrypted key can also carry associated metadata <i.e., additional authentication data> that is cryptographically bound to the key itself. Such keys are referred to as wrapped keys <i.e., metadata is encoded in the wrapped key> … To obtain the cleartext key of a wrapped key for use (e.g., to encrypt or decrypt a data resource,) the interface backend 108 can provide the wrapped key and client authentication credentials to the keystore 109. The keystore 109 can verify, based in part on the wrapped key's metadata <i.e., additional authentication data>, that the provided authentication credential is sufficient to authorize release of the key, and if so, can return the unwrapped key to the interface backend 108.” Further, Shankar notes “The wrapped key can include the resource encryption key, resource identifier, and user identifier in the request from the interface backend 108.” Column 12, lines 41-54. In view of the foregoing, one of ordinary skill in the art before the effective filing date of the claimed invention would recognize the prior art discloses encoding additional authentication data (AAD) into a wrapped data encryption key (DEK), wherein the AAD is used to determine whether a requestor is authorized to unwrap the wrapped DEK.
Examiner further notes that while authentication credentials are sent with the wrapped key, the authentication credentials are not the additional authentication information relied upon in the present rejection (instead the identifier/metadata in the wrapped key is, see, e.g., Shankar at column 11 lines 1-6). This metadata is used with the authentication credentials to determine whether an unwrapping of the key is authorized (see Shankar
In view of the foregoing, Applicant’s amendment and remarks have been fully considered but are not persuasive to distinguish over the prior art.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.

Claim(s) 1, 3, 8-9, 11, and 16-17 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Shankar et al. (US8601263, Hereinafter “Shankar”).
Regarding claim 1, Shankar discloses a method of managing cryptographic keys in a multi- tenant cloud based system (see abstract & column 1 lines 17-56: cryptographic keys may be managed in a cloud service), the method comprising: 
receiving from a client a request for a wrapped data encryption key (DEK) (column 12, lines 41-50: interface backend 108 requests a wrapped resource encryption key from keystore 109; column 8, lines 48-53: “the group exercising administrative control of the interface backend 108 and the group exercising administrative control over the keystore 109 may be different” <i.e., backend 108 may be a client of keystore 109>); 
generating a random key (column 9, lines 11-18: keystore generates a random resource encryption key); 
fetching additional authentication data (AAD) that corresponds to the client (Column 12, lines 41-50: the identifiers are received from a user/retrieved in memory and used to wrap a resource key; Column 2, lines 57-67: “The wrapped key can also include the group identifier <i.e., additional authenticated data corresponding to client> in encrypted form. <i.e., additional authentication data is  Shankar at column 8, lines 30-47: “The resource encryption key itself has been encrypted by the keystore 109. The encrypted key can also carry associated metadata <i.e., additional authentication data> that is cryptographically bound to the key itself.”); 
generating the wrapped DEK comprising the random key and the AAD encoded in the wrapped DEK (column 12, lines 41-50: “The keystore 109 generates and encrypts a wrapped key (214) and can provide the wrapped key to the backend 108. The wrapped key can include the resource encryption key, resource identifier, and user identifier”; Column 2, lines 57-67: “The wrapped key can also include the group identifier <i.e., additional authenticated data> in encrypted form. <i.e., additional authentication data is encoded into the wrapped key>”; See also Shankar at column 8, lines 30-47: “The resource encryption key itself has been encrypted by the keystore 109. The encrypted key can also carry associated metadata <i.e., additional authentication data> that is cryptographically bound to the key itself. Such keys are referred to as wrapped keys <i.e., metadata is encoded in the wrapped key>); and 
returning the wrapped DEK to the client (column 12, lines 41-50: “The keystore 109 generates and encrypts a wrapped key (214) and can provide the wrapped key to the backend 108.”); 
wherein, in response to a request from the client to unwrap the wrapped DEK (Column 2, line 60 to Column 3, line 12: a request is received from the client to unwrap the resource encryption key), the AAD is adapted to be used to determine whether the client is authorized to unwrap the wrapped DEK (Column 8, lines 30-47: “To obtain the cleartext key of a wrapped key for use (e.g., to encrypt or decrypt a data resource,) the interface backend 108 can provide the wrapped key and client authentication credentials to the keystore 109. The keystore 109 can verify, based in part on the wrapped key's metadata <i.e., the AAD>, that the provided authentication credential is sufficient to authorize release of the key, and if so, can return the unwrapped key to the interface backend 108.”).

Regarding claim 3, Shankar discloses the method of claim 1, further comprising embedding tags in the wrapped DEK (column 12, lines 41-50: the wrapped key includes additional context information of, e.g., a user identifier and resource identifier <i.e., embedded tags>; column 14, line 6-column 15, line 12: the user identifier in the context information is authenticated), the tags used for enforcing policy decisions in response to the request to unwrap (Column 8, lines 30-47: “To obtain the cleartext key of a wrapped key for use (e.g., to encrypt or decrypt a data resource,) the interface backend 108 can provide the wrapped key and client authentication credentials to the keystore 109. The keystore 109 can verify, based in part on the wrapped key's metadata <i.e., the tags/AAD>, that the provided authentication credential is sufficient to authorize release of the key <i.e., based on stored permissions/policies, see column 12, lines 55-60>, and if so, can return the unwrapped key to the interface backend 108.”; see also column 7 controlling scope of permissions based on the embedded identifiers).  

Regarding claim 8, Shankar discloses the method of claim 1, wherein the request comprises a representational state transfer (REST) application program interface (API) (column 4, lines 50-61 – “the hosted storage service 120 can be implemented as a Web Service with a corresponding set of Web Service Application Programming Interfaces (APIs). The Web Service APIs may be implemented, for example, as a Representational State Transfer (REST)-based HTTP interface or a Simple Object Access Protocol (SOAP)-based interface”; column 4, lines 50-61 – requests are received and controlled to keystore services).  

Regarding claim 9, Shankar discloses a non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to manage cryptographic keys in a multi-tenant cloud based system (column 20, lines 11-31: system may use a , the managing comprising: 
receiving from a client a request for a wrapped data encryption key (DEK) (column 12, lines 41-50: interface backend 108 requests a wrapped resource encryption key from keystore 109; column 8, lines 48-53: “the group exercising administrative control of the interface backend 108 and the group exercising administrative control over the keystore 109 may be different” <i.e., backend 108 may be a client of the keystore 109>); 
generating a random key (column 9, lines 11-18: keystore generates a random resource encryption key); 
fetching additional authentication data (AAD) that corresponds to the client (Column 12, lines 41-50: the identifiers are received from a user/retrieved in memory and used to wrap a resource key; Column 2, lines 57-67: “The wrapped key can also include the group identifier <i.e., additional authenticated data corresponding to client> in encrypted form. <i.e., additional authentication data is encoded into the wrapped key>” wherein the group identifier is used to determine whether the user is authorized to unwrap the wrapped key; See also Shankar at column 8, lines 30-47: “The resource encryption key itself has been encrypted by the keystore 109. The encrypted key can also carry associated metadata <i.e., additional authentication data> that is cryptographically bound to the key itself.”); U.S. Application No. 16/269,736 
generating the wrapped DEK comprising the random key and the AAD encoded in the wrapped DEK (column 12, lines 41-50: “The keystore 109 generates and encrypts a wrapped key (214) and can provide the wrapped key to the backend 108. The wrapped key can include the resource encryption key, resource identifier, and user identifier”; Column 2, lines 57-67: “The wrapped key can also include the group identifier <i.e., additional authenticated data> in encrypted form. <i.e., additional authentication data is encoded into the wrapped key>”; See also Shankar at column 8, lines 30-47: “The 109. The encrypted key can also carry associated metadata <i.e., additional authentication data> that is cryptographically bound to the key itself. Such keys are referred to as wrapped keys <i.e., metadata is encoded in the wrapped key>); and 
returning the wrapped DEK to the client (column 12, lines 41-50: “The keystore 109 generates and encrypts a wrapped key (214) and can provide the wrapped key to the backend 108.”); 
wherein, in response to a request from the client to unwrap the wrapped DEK (Column 2, line 60 to Column 3, line 12: a request is received from the client to unwrap the resource encryption key), the AAD is adapted to be used to determine whether the client is authorized to unwrap the wrapped DEK (Column 8, lines 30-47: “To obtain the cleartext key of a wrapped key for use (e.g., to encrypt or decrypt a data resource,) the interface backend 108 can provide the wrapped key and client authentication credentials to the keystore 109. The keystore 109 can verify, based in part on the wrapped key's metadata <i.e., the AAD>, that the provided authentication credential is sufficient to authorize release of the key, and if so, can return the unwrapped key to the interface backend 108.”).  

Regarding claim 11, Shankar discloses the computer readable medium of claim 9, further comprising embedding tags in the wrapped DEK (column 12, lines 41-50: the wrapped key includes additional context information of, e.g., a user identifier and resource identifier <i.e., embedded tags>; column 14, line 6-column 15, line 12: the user identifier in the context information is authenticated), the tags used for enforcing policy decisions in response to the request to unwrap (Column 8, lines 30-47: “To obtain the cleartext key of a wrapped key for use (e.g., to encrypt or decrypt a data resource,) the interface backend 108 can provide the wrapped key and client authentication credentials to the keystore 109. The keystore 109 can verify, based in part on the wrapped key's metadata <i.e., the AAD>, that the provided authentication credential is sufficient to authorize release of the key <i.e., based on stored permissions/policies, see column 12, lines 55-60>, and if so, can return the unwrapped key to the 108.”; see also column 7 controlling scope of permissions based on the embedded identifiers).  

Regarding claim 16, Shankar discloses the computer readable medium of claim 9, wherein the request comprises a representational state transfer (REST) application program interface (API) (column 4, lines 50-61 – “the hosted storage service 120 can be implemented as a Web Service with a corresponding set of Web Service Application Programming Interfaces (APIs). The Web Service APIs may be implemented, for example, as a Representational State Transfer (REST)-based HTTP interface or a Simple Object Access Protocol (SOAP)-based interface”; column 4, lines 50-61 – requests are received and controlled).  

Regarding claim 17, Shankar discloses a multi-tenant cloud based key management system (see abstract & column 1 lines 17-56: cryptographic keys may be managed in a cloud service) comprising: 
a mid-tier comprising one or more microservices (see, e.g., fig. 1A & column 4, lines 50-60: frontend backend interfaces 106 and 108 providing REST services and operating encryption/decryption <i.e., microservices>); and a data tier coupled to the mid-tier and comprising one or more databases and one or more hardware security modules (see, e.g., fig. 1A & column 4, lines 50-60 storage backend 110  storing data and keystore 109 performing security functions coupled with backend interface 108); the one or more microservices: 
receiving from a client a request for a wrapped data encryption key (DEK) (column 12, lines 41-50: interface backend 108 requests a wrapped resource encryption key from keystore 109; column 8, lines 48-53: “the group exercising administrative control of the interface backend 108 and the group exercising administrative control over the keystore 109 may be different” <i.e., backend 108 may be a client of the keystore 109>; see also column 1, lines 31-56 receiving application request); 
generating a random key (column 9, lines 11-18: keystore and/or backend generates a random resource encryption key); 
fetching additional authentication data (AAD) that corresponds to the client (Column 12, lines 41-50: the identifiers are received from a user/retrieved in memory and used to wrap a resource key; Column 2, lines 57-67: “The wrapped key can also include the group identifier <i.e., additional authenticated data corresponding to client> in encrypted form. <i.e., additional authentication data is encoded into the wrapped key>” wherein the group identifier is used to determine whether the user is authorized to unwrap the wrapped key; See also Shankar at column 8, lines 30-47: “The resource encryption key itself has been encrypted by the keystore 109. The encrypted key can also carry associated metadata <i.e., additional authentication data> that is cryptographically bound to the key itself.”); 
generating the wrapped DEK comprising the random key and the AAD encoded in the wrapped DEK (column 12, lines 41-50: “The keystore 109 generates and encrypts a wrapped key (214) and can provide the wrapped key to the backend 108. The wrapped key can include the resource encryption key, resource identifier, and user identifier”; Column 2, lines 57-67: “The wrapped key can also include the group identifier <i.e., additional authenticated data> in encrypted form. <i.e., additional authentication data is encoded into the wrapped key>”; See also Shankar at column 8, lines 30-47: “The resource encryption key itself has been encrypted by the keystore 109. The encrypted key can also carry associated metadata <i.e., additional authentication data> that is cryptographically bound to the key itself. Such keys are referred to as wrapped keys <i.e., metadata is encoded in the wrapped key>); and 
returning the wrapped DEK to the client (column 12, lines 41-50: “The keystore 109 generates and encrypts a wrapped key (214) and can provide the wrapped key to the backend 108.”); 
wherein, in response to a request from the client to unwrap the wrapped DEK (Column 2, line 60 to Column 3, line 12: a request is received from the client to unwrap the resource encryption key), the AAD is adapted to be used to determine whether the client is authorized to unwrap the wrapped DEK (Column 8, lines 30-47: “To obtain the cleartext key of a wrapped key for use (e.g., to encrypt or decrypt a data resource,) the interface backend 108 can provide the wrapped key and client authentication credentials to the keystore 109. The keystore 109 can verify, based in part on the wrapped key's metadata <i.e., the AAD>, that the provided authentication credential is sufficient to authorize release of the key, and if so, can return the unwrapped key to the interface backend 108.”).  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 2, 6, 10, 14, 18, and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Shankar in view of Roth (US20190229899, Hereinafter “Roth”).
Regarding claim 2, Shankar discloses the method of claim 1. Shankar appears to fail to disclose wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client.
However, Roth discloses a key management system using encryption contexts to decrypt keys (see abstract, [0021]), wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client ([0032] – “the client may make available to the cryptography service 212, as part of the encryption context, characteristics of the client that includes or precludes the use of an encryption configuration to fulfill the request. For example, a client may provide information on its .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the encryption context indicators of Shankar with the teachings of Roth, wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client, so that additional restrictions may be imposed on encryption configurations in compliance with local government regulations and/or exporting of cryptography regulations (see, e.g., Roth at [0032]).

Regarding claim 6, Shankar discloses the method of claim 1, further comprising: 
receiving a-the request to unwrap the wrapped DEK (column 10, lines 17-27: a request is received to unwrap the wrapped key); 
parsing the wrapped DEK (column 13, lines 1-7: the keystore unwraps the key and looks through the authentication credentials to match the unwrapped key’s user identifiers; column 8, lines 30-47: metadata of the wrapped key may be used to verify release the key); 
validating the AAD (column 13, lines 1-7: the keystore unwraps the key and looks through the authentication credentials to match the unwrapped key’s user identifiers; see also column 11, lines 1-6 validating the user identifier <i.e., AAD> of the wrapped key; column 8, lines 30-47: metadata of a wrapped key used to verify release the key); and 
returning an unwrapped DEK (column 8, lines 30-58: an unwrapped key is returned for use to decrypt a data resource; column 11, lines 1-6 similarly sends key in unencrypted form to backend 108 from keystore 109).  
	While Shankar discloses locating and using a master key to decrypt the encryption key (see, e.g., column 14, lines 21-46; column 10, lines 46-53), Shankar appears to fail to specifically disclose validating a master encryption key (MEK) presence in a hardware security module (HSM).
	However, Roth discloses using a system for requesting a key to be unwrapped (see, e.g., Roth at [0023-0027]), comprising validating a master encryption key (MEK) presence in a hardware security module (HSM) ([0027] – “the encryption service 110 may be a software and/or hardware component that is capable of accessing a cryptographic key usable to perform cryptographic operations such as encryption and decryption. In some embodiments, the encryption service may comprise a hardware security module (HSM)”, see also [0031-0035] – encryption context is used to determine whether to permit the encryption operation to be performed using a HSM cryptography service’s managed key <i.e., master encryption key>).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the master key of Shankar with the teachings of Roth, comprising validating a master encryption key (MEK) presence in a hardware security module (HSM), to securely locate and provide the key to decrypt the wrapped key using a cryptography service separate from the client systems (see, e.g., Roth at [0020], [0027], [0035]).

Regarding claim 10, Shankar discloses the computer readable medium of claim 9. Shankar appears to fail to disclose wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client.  
However, Roth discloses a key management system using encryption contexts (see abstract, [0021]), wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client ([0032] – “the client may make available to the cryptography service 212, as part of the encryption context, characteristics of the client that includes or precludes the use of an encryption .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the encryption context factors of Shankar with the teachings of Roth, wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client, so that additional restrictions may be imposed on encryption configurations in compliance with local government regulations and/or exporting of cryptography regulations (see, e.g., Roth at [0032]).

Regarding claim 14, Shankar discloses the computer readable medium of claim 9, the managing further comprising: 
receiving the request to unwrap the wrapped DEK (column 10, lines 17-27: a request is received to unwrap the wrapped key); 
parsing the wrapped DEK (column 13, lines 1-7: the keystore unwraps the key and looks through the authentication credentials match the unwrapped keys user identifiers; column 8, lines 30-47: metadata of a wrapped key may be used to verify release the key); 
validating the AAD (column 13, lines 1-7: the keystore unwraps the key and looks through the authentication credentials match the unwrapped keys user identifiers; see also column 11, lines 1-6 validating the user identifier <i.e., AAD> of the wrapped key; see also: column 8, lines 30-47: metadata of a wrapped key may be used to verify release the key); and 
returning an unwrapped DEK (column 8, lines 30-58: an unwrapped key is returned for use to decrypt a data resource; column 11, lines 1-6 similarly sends key in unencrypted form to backend 108 from keystore 109).  
Shankar discloses locating and using a master key to decrypt the encryption key (see, e.g., column 14, lines 21-46; column 10, lines 46-53), Shankar appears to fail to specifically disclose validating a master encryption key (MEK) presence in a hardware security module (HSM).
However, Roth discloses using a system for requesting a key to be unwrapped (see, e.g., Roth at [0023-0027]), comprising validating a master encryption key (MEK) presence in a hardware security module (HSM) ([0027] – “the encryption service 110 may be a software and/or hardware component that is capable of accessing a cryptographic key usable to perform cryptographic operations such as encryption and decryption. In some embodiments, the encryption service may comprise a hardware security module (HSM)”, see also [0031-0035] – encryption context is used to determine whether to permit the encryption operation to be performed using a HSM cryptography service’s managed key <i.e., master encryption key>).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the master key of Shankar with the teachings of Roth, comprising validating a master encryption key (MEK) presence in a hardware security module (HSM), to securely locate and provide the key to decrypt the wrapped key using a cryptography service separate from the client systems (see, e.g., Roth at [0020], [0027], [0035]).

Regarding claim 18, Shankar discloses the multi-tenant cloud based key management system of claim 17. Shankar appears to fail to disclose wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client.  
However, Roth discloses a key management system using encryption contexts (see abstract, [0021]), wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client ([0032] – “the client may make available to the cryptography service 212, as part of the encryption context, characteristics of the client that includes or precludes the use of an encryption .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the encryption context factors of Shankar with the teachings of Roth, wherein the AAD comprises at least one of a location of the client, a region of the client or a tenant of the client, so that additional restrictions may be imposed on encryption configurations in compliance with local government regulations and/or exporting of cryptography regulations (see, e.g., Roth at [0032]). 

Regarding claim 20, Shankar discloses the multi-tenant cloud based key management system of claim 17, the one or more microservices further: 
receiving a-the request to unwrap the wrapped DEK (column 10, lines 17-27: a request is received to unwrap the wrapped key); 
parsing the wrapped DEK (column 13, lines 1-7: the keystore unwraps the key and looks through the authentication credentials match the unwrapped keys user identifiers; see also: column 8, lines 30-47: metadata of a wrapped key may be used to verify release the key); 
validating the AAD (column 13, lines 1-7: the keystore unwraps the key and looks through the authentication credentials match the unwrapped keys user identifiers; see also column 11, lines 1-6 validating the user identifier <i.e., AAD> of the wrapped key; see also: column 8, lines 30-47: metadata of a wrapped key may be used to verify release the key); and 
returning an unwrapped DEK (column 8, lines 30-58: an unwrapped key is returned for use to decrypt a data resource; column 11, lines 1-6 similarly sends key in unencrypted form to backend 108 from keystore 109).
Shankar discloses locating and using a master key to decrypt the encryption key (see, e.g., column 14, lines 21-46; column 10, lines 46-53), Shankar appears to fail to specifically disclose validating a master encryption key (MEK) presence in a hardware security module (HSM).
	However, Roth discloses using a system for requesting a key to be unwrapped (see, e.g., Roth at [0023-0027]), comprising validating a master encryption key (MEK) presence in a hardware security module (HSM) ([0027] – “the encryption service 110 may be a software and/or hardware component that is capable of accessing a cryptographic key usable to perform cryptographic operations such as encryption and decryption. In some embodiments, the encryption service may comprise a hardware security module (HSM)”, see also [0031-0035] – encryption context is used to determine whether to permit the encryption operation to be performed using a HSM cryptography service’s managed key <i.e., master encryption key>).
	It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement the master key of Shankar with the teachings of Roth, comprising validating a master encryption key (MEK) presence in a hardware security module (HSM), to securely locate and provide the key to decrypt the wrapped key using a cryptography service separate from the client systems (see, e.g., Roth at [0020], [0027], [0035]).

Claim(s) 4-5, 7, 12-13, 15, and 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Shankar in view of Jones et al. (NPL: “RFC 7516 - JSON Web Encryption (JWE)”, May 2015, Hereinafter “RFC 7516”).
Regarding claim 4, Shankar discloses the method of claim 1. Shankar appears to fail to specifically disclose wherein the wrapped DEK comprises a header and the AAD is encoded in the header.
RFC 7516 discloses a known method of wrapping a key and including additional authenticated data (see abstract; pg. 16-17, section 5.1), particularly, wherein the wrapped DEK comprises a header and the AAD is encoded in the header (see, e.g., pg. 16-17, section 5.1 at 14: includes the wrapped encrypted key with the AAD encoded in the header; further, id., “Let the Additional Authenticated Data encryption parameter be ASCII (Encoded Protected Header) […] If a JWE AAD value is present, compute the encoded AAD value BASE64URL(JWE AAD). 19. Create the desired serialized <i.e., wrapped> output. The Compact Serialization of this result is the string BASE64URL(UTF8(JWE Protected Header)) || '.' || BASE64URL(JWE Encrypted Key) || '.' || BASE64URL(JWE Initialization Vector) || '.' || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE Authentication Tag).”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Shankar to perform its key wrapping in compliance with RFC 7516, wherein the wrapped DEK comprises a header and the AAD is encoded in the header, to be compliant with standard wrapper formatting and to allow verification of additional authentication factors (see, e.g., RFC 7516 at pgs. 17-19, section 5.2 and RFC 7516 at pgs. 10, section 3.3).

Regarding claim 5, Shankar discloses the method of claim 1. Shankar appears to fail to specifically disclose wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure.
However, RFC 7516 discloses a known method of wrapping a key and including policy enforcement information in the header (see abstract; pg. 16-17, section 5.1), particularly, wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure (see, e.g., pg. 15-17, section 5.1, steps 1-19: system wraps keys using a JWE structure to create a serialized .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Shankar to perform its key wrapping in compliance with RFC 7516, wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure, to follow a standard data wrapping format for producing protected and validatable information (see, e.g., RFC 7516 at pgs. 17-19, section 5.2 and RFC 7516 at pgs. 10, section 3.3).

Regarding claim 7, Shankar discloses the method of claim 1. While Shankar discloses wrapping a key (see, e.g., Shankar at column 12, lines 41-51), Shankar appears to fail to specifically disclose the generating the wrapped DEK further comprising an Initialization Vector (IV) and an authentication TAG key.
However, RFC 7516 discloses a known method of wrapping a key and including policy enforcement information in the header (see abstract; pg. 16-17, section 5.1), particularly, the generating the wrapped DEK further comprising an Initialization Vector (IV) and an authentication TAG key (see, e.g., pg. 15-17, section 5.1, steps 1-19: system wraps keys using a JWE structure to, e.g., “Create the desired serialized output. The Compact Serialization of this result is the string BASE64URL(UTF8(JWE Protected Header)) || '.' || BASE64URL(JWE Encrypted Key) || '.' || BASE64URL(JWE Initialization Vector) || '.' || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE Authentication Tag).” [emphasis added]; see also, e.g., section 3.3, pg. 10 wrapping using a JWE initialization vector and JWE authentication tag).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Shankar to perform its key wrapping in compliance with RFC 7516, the generating the wrapped DEK further comprising an Initialization Vector (IV) and an authentication TAG RFC 7516 at pgs. 17-19, section 5.2 and RFC 7516 at pgs. 10, section 3.3).

Regarding claim 12, Shankar discloses the computer readable medium of claim 9. Shankar appears to fail to specifically disclose wherein the wrapped DEK comprises a header and the AAD is encoded in the header.
However, RFC 7516 discloses a known method of wrapping a key and including additional authenticated data (see abstract; pg. 16-17, section 5.1), particularly, wherein the wrapped DEK comprises a header and the AAD is encoded in the header (see, e.g., pg. 16-17, section 5.1 at 14: includes the wrapped encrypted key with the AAD encoded in the header; further, id., “Let the Additional Authenticated Data encryption parameter be ASCII (Encoded Protected Header) […] If a JWE AAD value is present, compute the encoded AAD value BASE64URL(JWE AAD). 19. Create the desired serialized <i.e., wrapped> output. The Compact Serialization of this result is the string BASE64URL(UTF8(JWE Protected Header)) || '.' || BASE64URL(JWE Encrypted Key) || '.' || BASE64URL(JWE Initialization Vector) || '.' || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE Authentication Tag).”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Shankar to perform its key wrapping in compliance with RFC 7516, wherein the wrapped DEK comprises a header and the AAD is encoded in the header, to be compliant with standard JSON formatting and to allow verification of additional authentication factors (see, e.g., RFC 7516 at pgs. 17-19, section 5.2 and RFC 7516 at pgs. 10, section 3.3).

Regarding claim 13, Shankar discloses the computer readable medium of claim 9. Shankar appears to fail to specifically disclose wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure.
However, RFC 7516 discloses a known method of wrapping a key and including policy enforcement information in the header (see abstract; pg. 16-17, section 5.1), particularly, wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure (see, e.g., pg. 15-17, section 5.1, steps 1-19: system wraps keys using a JWE structure to create a serialized output with authentication data that made be validated during decryption (as in pgs. 17-19 at section 5.2)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Shankar to perform its key wrapping in compliance with RFC 7516, wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure, to follow a standard data wrapping format for producing protected and validatable information (see, e.g., RFC 7516 at pgs. 17-19, section 5.2 and RFC 7516 at pgs. 10, section 3.3).

Regarding claim 15, Shankar discloses the computer readable medium of claim 9. While Shankar discloses wrapping a key (see, e.g., Shankar at column 12, lines 41-51), Shankar appears to fail to specifically disclose the generating the wrapped DEK further comprising an Initialization Vector (IV) and an authentication TAG key.
However, RFC 7516 discloses a known method of wrapping a key and including policy enforcement information in the header (see abstract; pg. 16-17, section 5.1), particularly, the generating the wrapped DEK further comprising an Initialization Vector (IV) and an authentication TAG key (see, e.g., pg. 15-17, section 5.1, steps 1-19: system wraps keys using a JWE structure to, e.g., “Create the desired serialized output. The Compact Serialization of this result is the string BASE64URL(JWE Initialization Vector) || '.' || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE Authentication Tag).” [emphasis added]; see also, e.g., section 3.3, pg. 10 wrapping using a JWE initialization vector and JWE authentication tag).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Shankar to perform its key wrapping in compliance with RFC 7516, the generating the wrapped DEK further comprising an Initialization Vector (IV) and an authentication TAG key, to be compliant with standard JSON formatting to produce a wrapped protected information for verification (see, e.g., RFC 7516 at pgs. 17-19, section 5.2 and RFC 7516 at pgs. 10, section 3.3).

Regarding claim 19, Shankar discloses the multi-tenant cloud based key management system of claim 17. Shankar appears to fail to specifically disclose wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure.
However, RFC 7516 discloses a known method of wrapping a key and including policy enforcement information in the header (see abstract; pg. 16-17, section 5.1), particularly, wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure (see, e.g., pg. 15-17, section 5.1, steps 1-19: system wraps keys using a JWE structure to create a serialized output with authentication data that made be validated during decryption (as in pgs. 17-19 at section 5.2)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Shankar to perform its key wrapping in compliance with RFC 7516, wherein the wrapped DEK comprises a JavaScript Object Notation (JSON) Web Encryption (JWE) structure, to follow a standard data wrapping format for producing protected and validatable information (see, e.g., RFC 7516 at pgs. 17-19, section 5.2 and RFC 7516 at pgs. 10, section 3.3).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Le Saint et al. (US20160241389) discloses a method of wrapping and transmitting encryption keys to a client using JSON web encryption, additional authenticated information, and a hardware security module (see, e.g., Le Saint at [0261]-[0269]).
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOSHUA RAYMOND WHITE whose telephone number is (571)272-4365.  The examiner can normally be reached on Monday-Thursday, & Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/J.R.W./Examiner, Art Unit 2438                                                                                                                                                                                         /TAGHI T ARANI/Supervisory Patent Examiner, Art Unit 2438