DETAILED ACTION

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114 was filed in this application after a decision by the Patent Trial and Appeal Board, but before the filing of a Notice of Appeal to the Court of Appeals for the Federal Circuit or the commencement of a civil action. Since this application is eligible for continued examination under 37 CFR  1.114 and the fee set forth in 37 CFR 1.17(e) has been timely paid, the appeal has been withdrawn pursuant to 37 CFR 1.114 and prosecution in this application has been reopened pursuant to 37 CFR 1.114. Applicant’s submission filed on 4/29/2021 has been entered.

Notice of Pre-AIA  or AIA  Status
The present application is being examined under the pre-AIA  first to invent provisions. 

Status of Claims
Claims 2-21, 23-24 are pending.  Claims 1, 22 are cancelled.

Claim Rejections - 35 USC § 103
The following is a quotation of pre-AIA  35 U.S.C. 103(a) which forms the basis for all obviousness rejections set forth in this Office action:
(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the invention was made.

Claims 2-10, 12-21, 23-24 are rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Pauker et al (US 7,921,292), and further in view of Cook (PGPUB 2004/0025057), Pauker et al (PGPUB 2005/0071632), hereinafter Pauker 2, and Kobayashi et al (PGPUB 2013/0114810).

Regarding Claim 23:
Pauker teaches a method for providing a plurality of terminal devices access to a data item (abstract, server used to decrypt encrypted message for recipient, so that recipient need not install decryption engine; col 4 line 46-57, users communicate with each other using user equipment such as personal computers; col 19 line 14-19, sender sends encrypted message to multiple recipients in parallel), the method comprising: 
intercepting the data item, which includes content (col 21 line 46-55, Fig. 11a-11b, sender creates encrypted message and sends to recipient; one or more servers between sender and recipient recognize that the message is encrypted and modify the message); 
determining that the content of the data item is encrypted content but that an encapsulation wrapper of the data item is unencrypted, wherein the unencrypted encapsulation wrapper encapsulates the data item from view to anyone other than an intended recipient (col 2 line 50-col 3 line 13, col 21 line 28-55, Fig. 11a-11b, sender includes unencrypted forwarding information incorporated into message, i.e. wrapper; one or more servers between sender and recipient recognize that the message content is encrypted; col 2 line 50-col 3 line 14, attempting to access content of encrypted message through use of plaintext access link in wrapper triggers server to verify that recipient is authorized to access content of encrypted message and can obtain a copy of recipient’s private key; therefore, the unencrypted wrapper encapsulates data item from view to anyone other than intended recipient; applicant’s specification, page 11-12, discloses that the wrapper is data that is put in front of or around a transmission that provides information about it and may encapsulate it from view to anyone other than the intended recipient; as the link in the plaintext portion of Pauker does not allow access to unauthorized recipients, the “wrapper” of Pauker can therefore be seen as encapsulating); 
in response to determining that the content of the data item is the encrypted content, modifying the unencrypted encapsulation wrapper of the data item by at least embedding (i) a uniform resource locator (URL) and (ii) an instruction message into the unencrypted encapsulation wrapper of the data item (col 2 line 50-col 3 line 13, col 21 line 28-55, Fig. 11a-11b, intermediate server recognizes that message is encrypted based on code or other characteristics, and adds interactive message prompt; prompt is added to original message; this can be seen as modifying the original unencrypted portion, or wrapper; prompt added to message such as “after forwarding message, click here to access” followed by URL), wherein the modified unencrypted encapsulation wrapper is viewable by the plurality of terminal devices without requiring decryption, and 
wherein the instruction message includes at least an instruction for a user of a particular terminal device included among the plurality of terminal devices to navigate to the URL to view the encrypted content of the data item (col 2 line 50-col 3 line 13, forwarding notification information and interactive message access prompt are unencrypted; recipient uses unencrypted information and prompt to retrieve decrypted message; col 21 line 28-35, prompt added to message such as “after forwarding message, click here to access” followed by URL; col 19 line 14-19, sender sends encrypted message to multiple recipients in parallel); 
sending the data item with the modified unencrypted encapsulation wrapper toward the plurality of terminal devices (col 19 line 14-19, sender sends encrypted message to multiple recipients in parallel; col 22 line 3-10, encrypted message with forward notification information and interactive message access prompt delivered to recipient); 
in response to a first terminal device in the plurality of terminal devices attempting to display the data item with the modified unencrypted encapsulation wrapper, where the first terminal device (col 13 line 27-49, recipient does not have appropriate decryption engine installed on their equipment), displaying the instruction message and URL on the first terminal device (col 22 line 11-28, recipient opens message and clicks on URL or other link in interactive message prompt; col 21 line 28-35, interactive message prompt includes URL and instruction message).
	Pauker does not explicitly teach the terminal devices, which have varying decryption capabilities;
modifying irrespective of the decryption capabilities of the plurality of terminal devices; and
	a URL that has a unique identifier.
	However, Cook teaches the concept of terminal devices, which have varying decryption capabilities (paragraph 87-89, forwarding service for forwarding messages to minimally configured recipients and fully configured recipients); and
modifying an unencrypted wrapper, irrespective of decryption capabilities of a plurality of terminal devices, by embedding a URL that has a unique identifier (paragraph 39, fig. 1, computer network comprising two or more client computers, including multiple recipients, i.e. “plurality of terminal devices”; paragraph 87-88, forwarding service receives each message to be forwarded to recipient; service forwards E-mail wrapper to recipient; if recipient is minimally configured or has designated a preference for web delivery, the E-mail wrapper includes a secure hyperlink that can allow the user to link to the web front end of the forwarding service; therefore, a preference for web delivery causes the forwarding service to perform web delivery irrespective of the capabilities of the receiving device; paragraph 87-88, 142, forwarding service replaces wrapper and forwards E-mail wrapper that has a secure hyperlink within the message; replacement is a form of modification; link includes a pointer to the particular message; link is presented through conventional email service; paragraph 142, unique random number generated as index; hypertext link with unique index points to message stored in queue structure).
It would have been obvious to one of ordinary skill in the art at the time of the applicant's invention to combine the unique URL identifier irrespective of capabilities teachings of Cook with the decryption server teachings of Pauker.  Incorporating the ability for a user to set a preference for receiving a modified message provides an improved user experience by allowing a user to decide when to offload decryption operations regardless of the capability of the user’s device, e.g. when the user is concerned about processor overhead or does not wish to manage decryption software or updates.  Further, incorporating a unique identifier of a data item into the URL for said data item improves the efficiency of database access by directly incorporating the index information, preventing extraneous lookup or translation steps.
Neither Pauker nor Cook explicitly teaches, in response to a second terminal device in the plurality of terminal devices attempting to display the data item with the modified unencrypted encapsulation wrapper, where the second terminal device has sufficient decryption capabilities, ignoring the URL, which has the unique identifier, and the instruction message, both of which are included within the modified unencrypted encapsulation wrapper and decrypting and displaying the content of the data item on the second terminal device. 
However, Pauker 2 teaches the concept of, in response to a second terminal device in a plurality of terminal devices attempting to display a data item with an unencrypted encapsulation wrapper (paragraph 167, sender does not know which type of environment a given recipient is operating in, so the inclusion of two copies of certain message content in the message by the sender's messaging application may help the sender accommodate both types of recipient, i.e. recipients with local decryption capabilities and recipients without; the messaging application may encrypt a first copy of certain content and place it into the body of the message; a second copy of this content is encrypted and placed into a form as a hidden form element; the form is then attached to the message; paragraph 172, it may not be efficient to provide large amounts of content as both part of the message body (for recipients like recipient A) and as form attachments (for recipients like recipient B); efficiency can be improved by providing encrypted content only once - as an html form (or other suitable file type)), where the second terminal device has sufficient decryption capabilities, ignoring access information within the unencrypted encapsulation wrapper and decrypting and displaying the content of the data item on the second terminal device (paragraph 39, recipient A capable of installing decryption software; recipient B incapable or does not want to install decryption software; paragraph 173, recipients such as recipient A who can install decryption software on their equipment can use the document handler application on their equipment to automate the decryption process; the document handler application automatically determines whether or not the form contains encrypted content; if the message contains encrypted content, the document handler application can invoke the decryption engine so that content is decrypted locally and presented to the recipient automatically without displaying form elements related to recipient credential collection and submission of the message for remote decryption); and
Pauker teaches the wrapper is a modified wrapper and the access information is a URL and the instruction message, both of which are included within the wrapper (col 2 line 50-col 3 line 13, col 21 line 28-55, Fig. 11a-11b, intermediate server recognizes that message is encrypted based on code or other characteristics, and adds interactive message prompt; prompt is added to original message; this can be seen as modifying the original unencrypted portion, or wrapper; prompt added to message such as “after forwarding message, click here to access” followed by URL); and
Cook teaches the URL which has the unique identifier (paragraph 142, unique random number generated as index; hypertext link with unique index points to message stored in queue structure).

Neither Pauker nor Cook nor Pauker 2 explicitly teaches, after the encrypted content is decrypted such that decrypted content is available, determining that usage rights have been applied to the decrypted content to harden the decrypted content,
wherein the usage rights include a header field that has been added to a browser, which is available to display the decrypted content, to force the browser to not leave any traces of the decrypted content, and
wherein forcing the browser to not leave any traces of the decrypted content is performed as a result of the header field allowing only a fresh version of the decrypted content to be displayable.
However, Kobayashi teaches the concept wherein, after encrypted content is decrypted such that decrypted content is available, determining that usage rights have been applied to the decrypted content to harden the decrypted content (abstract, cryptographic communication technology; paragraph 801, to avoid caching operation of a WWW browser for decrypted content, an HTTP cache control header that disables caching may be added to a response to the WWW browser),
wherein the usage rights include a header field that has been added to a browser, which is available to display the decrypted content, to force the browser to not leave any traces of the decrypted content (paragraph 801, to avoid caching operation of a WWW browser for decrypted content, an HTTP cache control header that disables caching may be added to a response to the WWW browser), and
wherein forcing the browser to not leave any traces of the decrypted content is performed as a result of the header field allowing only a fresh version of the decrypted content to be displayable (paragraph 801, to avoid caching operation of a WWW browser for decrypted content, an HTTP cache control header that disables caching may be added to a response to the WWW browser; EXAMINER’S NOTE: applicant’s specification pages 16-17 makes clear that “only allowing a fresh version of the decrypted content to be displayable” is accomplished by adding special HTML headers like pragma:no-cache header field; therefore, using an HTTP cache control header that disables caching, as in Kobayashi, accomplishes “only allowing a fresh version of the decrypted content to be displayable”).
It would have been obvious to one of ordinary skill in the art at the time of the applicant's invention to combine the cache disabling header teachings of Kobayashi to the decryption server teachings of Pauker in view of Cook and Pauker 2, in order to improve security of an encrypted messaging system by preventing cache storage of decrypted data, which could otherwise be leaked to a malicious attacker by accessing the cache at a different time.

Regarding Claim 24:
Pauker teaches a system for providing a plurality of terminal devices access to content of an encrypted data item (abstract, server used to decrypt encrypted message for recipient, so that recipient need not install decryption engine; col 4 line 46-57, users communicate with each other using user equipment such as personal computers; col 19 line 14-19, sender sends encrypted message to multiple recipients in parallel), the system comprising: 
a plurality of terminal devices operable to receive and transmit data items over a network, each terminal device in the plurality of terminal devices having a browser or a web application client (col 4 line 46-67, personal computers for communicating over a network; col 6 line 45-55, communications between users and authenticating entity user web browser links); 
one or more software modules for performing the following steps before content of a particular data item is accessed by one of the plurality of terminal devices (col 5 line 47-56, software for message distribution): 
intercepting the particular data item containing the content (col 21 line 46-55, Fig. 11a-11b, sender creates encrypted message and sends to recipient; one or more servers between sender and recipient recognize that the message is encrypted and modify the message); 
determining that the content of the particular data item is encrypted but that an encapsulation wrapper of the particular data item is unencrypted, wherein the unencrypted encapsulation wrapper encapsulates the data item from view to anyone other than an intended recipient (col 2 line 50-col 3 line 13, col 21 line 28-55, Fig. 11a-11b, sender includes unencrypted forwarding information incorporated into message, i.e. wrapper; one or more servers between sender and recipient recognize that the message content is encrypted; col 2 line 50-col 3 line 14, attempting to access content of encrypted message through use of plaintext access link in wrapper triggers server to verify that recipient is authorized to access content of encrypted message and can obtain a copy of recipient’s private key; therefore, the unencrypted wrapper encapsulates data item from view to anyone other than intended recipient; applicant’s specification, page 11-12, discloses that the wrapper is data that is put in front of or around a transmission that provides information about it and may encapsulate it from view to anyone other than the intended recipient; as the link in the plaintext portion of Pauker does not allow access to unauthorized recipients, the “wrapper” of Pauker can therefore be seen as encapsulating); 
in response to determining that the content of the particular data item is encrypted, modifying the unencrypted encapsulation wrapper of the particular data item by at least embedding (i) a uniform (col 2 line 50-col 3 line 13, col 21 line 28-55, Fig. 11a-11b, intermediate server recognizes that message is encrypted based on code or other characteristics, and adds interactive message prompt; prompt is added to original message; this can be seen as modifying the original unencrypted portion, or wrapper; prompt added to message such as “after forwarding message, click here to access” followed by URL), 
wherein the modified unencrypted encapsulation wrapper of the particular data item is viewable by a particular terminal device of the plurality of terminal devices without decryption (col 2 line 50-col 3 line 13, forwarding notification information and interactive message access prompt are unencrypted; recipient uses unencrypted information and prompt to retrieve decrypted message), and 
wherein the instruction message includes at least an instruction for a user of the particular terminal device to navigate to the URL to view the encrypted content of the particular data item (col 2 line 50-col 3 line 13, forwarding notification information and interactive message access prompt are unencrypted; recipient uses unencrypted information and prompt to retrieve decrypted message; col 21 line 28-35, prompt added to message such as “after forwarding message, click here to access” followed by URL); 
sending the particular data item with the modified unencrypted encapsulation wrapper toward the plurality of terminal devices (col 19 line 14-19, sender sends encrypted message to multiple recipients in parallel; col 22 line 3-10, encrypted message with forward notification information and interactive message access prompt delivered to recipient); 
in response to the particular terminal device of the plurality of terminal devices attempting to access the encrypted data item with the modified unencrypted encapsulation wrapper, where the particular terminal device has insufficient decryption capabilities (col 13 line 27-49, recipient does not have appropriate decryption engine installed on their equipment), displaying the instruction message and the URL on the first terminal device (col 22 line 11-28, recipient opens message and clicks on URL or other link in interactive message prompt; col 21 line 28-35, interactive message prompt includes URL and instruction message). 
	Pauker does not explicitly teach the plurality of terminal devices, which have varying decryption capabilities;
modifying irrespective of decryption capabilities of the plurality of terminal devices;
	the URL, which has a unique identifier.
	However, Cook teaches the concept of a plurality of terminal devices, which have varying decryption capabilities (paragraph 87-89, forwarding service for forwarding messages to minimally configured recipients and fully configured recipients); and
modifying an unencrypted wrapper, irrespective of decryption capabilities of a plurality of terminal devices, by embedding a URL having a unique identifier (paragraph 87-88, forwarding service receives each message to be forwarded to recipient; service forwards E-mail wrapper to recipient; if recipient is minimally configured or has designated a preference for web delivery, the E-mail wrapper includes a secure hyperlink that can allow the user to link to the web front end of the forwarding service; therefore, a preference for web delivery causes the forwarding service to perform web delivery irrespective of the capabilities of the receiving device; paragraph 87-88, 142, forwarding service replaces wrapper and forwards E-mail wrapper that has a secure hyperlink within the message; replacement is a form of modification; link includes a pointer to the particular message; link is presented through conventional email service; paragraph 142, unique random number generated as index; hypertext link with unique index points to message stored in queue structure).
It would have been obvious to one of ordinary skill in the art at the time of the applicant's invention to combine the unique URL identifier irrespective of capabilities teachings of Cook with the 
Neither Pauker nor Cook explicitly teaches, in response to a different terminal device of the plurality of terminal devices attempting to display the particular data item with the modified unencrypted encapsulation wrapper, where the different terminal device has sufficient decryption capabilities, ignoring the modified wrapper, including the instruction message and the URL, and decrypting and displaying the content of the particular data item on the different terminal device. 
However, Pauker 2 teaches the concept of, in response to a terminal device of a plurality of terminal devices attempting to display a particular data item with an unencrypted encapsulation wrapper (paragraph 167, sender does not know which type of environment a given recipient is operating in, so the inclusion of two copies of certain message content in the message by the sender's messaging application may help the sender accommodate both types of recipient, i.e. recipients with local decryption capabilities and recipients without; the messaging application may encrypt a first copy of certain content and place it into the body of the message; a second copy of this content is encrypted and placed into a form as a hidden form element; the form is then attached to the message; paragraph 172, it may not be efficient to provide large amounts of content as both part of the message body (for recipients like recipient A) and as form attachments (for recipients like recipient B); efficiency can be improved by providing encrypted content only once - as an html form (or other suitable file type)), where the device has sufficient decryption capabilities, ignoring the (paragraph 39, recipient A capable of installing decryption software; recipient B incapable or does not want to install decryption software; paragraph 173, recipients such as recipient A who can install decryption software on their equipment can use the document handler application on their equipment to automate the decryption process; the document handler application automatically determines whether or not the form contains encrypted content; if the message contains encrypted content, the document handler application can invoke the decryption engine so that content is decrypted locally and presented to the recipient automatically without displaying form elements related to recipient credential collection and submission of the message for remote decryption); and
Pauker teaches the wrapper is a modified unencrypted encapsulation wrapper including an instruction message and URL (col 2 line 50-col 3 line 13, col 21 line 28-55, Fig. 11a-11b, intermediate server recognizes that message is encrypted based on code or other characteristics, and adds interactive message prompt; prompt is added to original message; this can be seen as modifying the original unencrypted portion, or wrapper; prompt added to message such as “after forwarding message, click here to access” followed by URL); and
wherein the terminal device is a different terminal device (col 19 line 14-19, sender sends encrypted message to multiple recipients in parallel).
It would have been obvious to one of ordinary skill in the art at the time of the applicant's invention to combine the ignoring an unencrypted wrapper of an encrypted message teachings of Pauker 2 with the decryption server teachings of Pauker in view of Cook.  Providing instructions and URLs for a remote decryption service could potentially cause confusion to a user whose device possesses local decryption capabilities, thereby resulting in extra steps or needless errors.  It would therefore be useful for a system to automatically recognize the capabilities of the user system, and 
Neither Pauker nor Cook nor Pauker 2 explicitly teaches, after the encrypted content is decrypted such that decrypted content is available, determining that usage rights have been applied to the decrypted content to harden the decrypted content,
wherein the usage rights include a header field that has been added to a browser, which is available to display the decrypted content, to force the browser to not leave any traces of the decrypted content, and
wherein forcing the browser to not leave any traces of the decrypted content is performed as a result of the header field allowing only a fresh version of the decrypted content to be displayable.
However, Kobayashi teaches the concept wherein, after encrypted content is decrypted such that decrypted content is available, determining that usage rights have been applied to the decrypted content to harden the decrypted content (abstract, cryptographic communication technology; paragraph 801, to avoid caching operation of a WWW browser for decrypted content, an HTTP cache control header that disables caching may be added to a response to the WWW browser),
wherein the usage rights include a header field that has been added to a browser, which is available to display the decrypted content, to force the browser to not leave any traces of the decrypted content (paragraph 801, to avoid caching operation of a WWW browser for decrypted content, an HTTP cache control header that disables caching may be added to a response to the WWW browser), and
wherein forcing the browser to not leave any traces of the decrypted content is performed as a result of the header field allowing only a fresh version of the decrypted content to be displayable (paragraph 801, to avoid caching operation of a WWW browser for decrypted content, an HTTP cache control header that disables caching may be added to a response to the WWW browser; EXAMINER’S NOTE: applicant’s specification pages 16-17 makes clear that “only allowing a fresh version of the decrypted content to be displayable” is accomplished by adding special HTML headers like pragma:no-cache header field; therefore, using an HTTP cache control header that disables caching, as in Kobayashi, accomplishes “only allowing a fresh version of the decrypted content to be displayable”).
It would have been obvious to one of ordinary skill in the art at the time of the applicant's invention to combine the cache disabling header teachings of Kobayashi to the decryption server teachings of Pauker in view of Cook and Pauker 2, in order to improve security of an encrypted messaging system by preventing cache storage of decrypted data, which could otherwise be leaked to a malicious attacker by accessing the cache at a different time.

Regarding Claim 2:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein the data item is intercepted by a server (paragraph 57, 65, wherein the message is intercepted by a proxy server).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 2.

Regarding Claim 3:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23. In addition, Cook teaches wherein the data item is intercepted by a component that is integrated within an application (paragraph 84, 88, wherein the message is intercepted by a function of a stored application).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 3.

Regarding Claim 4:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein a plurality of data items are intercepted at different locations and during different time spans (paragraph 74-81, different locations, times, and situations in which messages are intercepted).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 4.

Regarding Claim 5:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 4.  In addition, Cook teaches wherein: 
a first encrypted data item is intercepted at a moment of its creation; 
a second encrypted data item is intercepted at a moment of its transmission; and 
a third encrypted data item is intercepted at a moment it is stored (paragraph 74-81, different locations, times, and situations in which messages are intercepted; the server is able to intercept messages at the moment of creation as the wrapping application is a part of the messaging system, the moment of transmission as the forwarding agent stores all the messages that are sent, and the forwarding agent may also intercept the messages that are stored to be sent at a later date).
The rationale to combine Pauker and Cook is the same as provided for claim 4 due to the overlapping subject matter between claims 4 and 5.

Regarding Claim 6:
(paragraph 71, wherein a determination may be made of the messages extension to note if the message has been encrypted according to a particular security extension; paragraph 131, processing performed by filter layer uniquely determined by type of message received).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 6.

Regarding Claim 7:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein the intercepted data item is determined to be encrypted when it has a predetermined structure (paragraph 71, wherein a determination may be made of the messages format to note if the message has been encrypted according to a particular security format; paragraph 132, processing performed by filter layer depends on format of message received).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 7.

Regarding Claim 8:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein the intercepted data item is determined to be encrypted when its content is found to contain unique strings that are indicative of encrypted content (paragraph 71, wherein a determination may be made of the messages makeup to note of the message has been encrypted; paragraph 134, unique addressing used to invoke particular processing in the filter layer).


Regarding Claim 9:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Pauker teaches wherein a component for interception and modification of the data item is integrated with an application that is responsible to creation or delivery or storage of the data item (col 21 line 19-57, server, e.g. server at recipient’s location, adds interactive message prompt by appending; col 22 line 3-10, message delivered by server at recipient’s location).

Regarding Claim 10:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 9.  In addition, Cook teaches wherein the component is a proxy between (i) the application, which sends the data item to a server and (ii) the server, which manages the data item (paragraph 47, 71, wherein a forwarding agent is a proxy between an application and the email server).
The rationale to combine Pauker and Cook is the same as provided for claim 9 due to the overlapping subject matter between claims 9 and 10.

Regarding Claim 12:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein modifying the unencrypted encapsulation wrapper is triggered by a predetermined event in a running application, to identify encrypted data items (paragraph 88-90, wherein the wrapping application is invoked and this invoking is the triggering by an event in the messaging system).


Regarding Claim 13:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein the unique ID is injected into an indexable property of a clear text section of the modified unencrypted encapsulation wrapper, to be used by a repository for retrieving the modified data item (paragraph 88, wherein the email wrapping application injects a unique hyperlink into the message which is used as a pointer to retrieve the encrypted message stored at a server).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 13.

Regarding Claim 14:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 13.  In addition, Cook teaches wherein the indexable property is an email header (paragraph 99, 137, wherein authorization and index data may be stored in a message header).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 13.

Regarding Claim 15:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Pauker teaches wherein the content of the data item is accessed after the user clicks on the URL link (col 22 line 11-28, recipient opens message and clicks on URL or other link in message; col 18 line 20-31, decrypted message content provided to recipient in the form of a web page; recipient views message using web browser).

Regarding Claim 16:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein the data item is rendered to the terminal device, said rendering being done by accessing a renderer component (Cook Para 70-71 discloses wherein a user client device is able to render messages for a user's access).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 16.

Regarding Claim 17:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 16.  In addition, Cook teaches wherein the renderer component performs one or more of the following actions selected from a group of:
analyzing a user agent, authenticating the user, obtaining an identifier associated with the data item, retrieving the data item, decrypting the data item, converting the data item to a standard rendering format, adjusting the rendering format to a screen requestor, hardening functionalities of the data item, and responding to the screen requestor (paragraph 72, 88, wherein a user device may authenticate a user, obtain an identifier regarding the location of data, and converting the data into a standard format).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 16.

Claim 18:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Pauker teaches wherein the terminal device is a tablet or a smartphone (col 4 line 46-57, user equipment, e.g. handheld computer or PDA).

Regarding Claim 19:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 16.  In addition, Cook teaches wherein the renderer component is a server (paragraph 72, 78, wherein a server may act as proxy for a device; the server will perform the modifications to a message based on the user preferences).
The rationale to combine Pauker and Cook is the same as provided for claim 16 due to the overlapping subject matter between claims 16 and 19.

Regarding Claim 20:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Cook teaches wherein a global unique identifier is transmitted to a central database and the modified data item is copied to a dedicated storage server (paragraph 87, 100-101, wherein indexable information regarding the message to be stored and the message are all stored on a storage server).
The rationale to combine Pauker and Cook is the same as provided for claim 23 due to the overlapping subject matter between claims 23 and 20.

Regarding Claim 21:
(col 4 line 46-57, user equipment, e.g. cellular telephones).

Claim 11 is rejected under pre-AIA  35 U.S.C. 103(a) as being unpatentable over Pauker in view of Cook, Pauker 2, and Kobayashi, and further in view of Rashad et al (PGPUB 2011/0078260).

Regarding Claim 11:
Pauker in view of Cook, Pauker 2, and Kobayashi teaches the method according to claim 23.  In addition, Pauker teaches wherein modifying the unencrypted encapsulation wrapper is triggered by a process that scans data items located at different locations, to identify encrypted data items (col 2 line 50-col 3 line 13, col 21 line 28-55, Fig. 11a-11b, intermediate server recognizes that message is encrypted based on code or other characteristics, and adds interactive message prompt).
Neither Pauker nor Cook nor Pauker 2 nor Kobayashi explicitly teaches wherein the scanning process is a batch process that scans data items located at different locations during predetermined time intervals.
However, Rashad teaches the concept wherein a scanning process is a batch process that scans data items located at different locations during predetermined time intervals (paragraph 59-61, Email analyzer for analyzing received email data in periodic batches; email analyzer receives and processes email data once every month, week, and/or according to any appropriate schedule).
It would have been obvious to one of ordinary skill in the art at the time of the applicant's invention to combine the email batch processing teachings of Rashad with the decryption server teachings of Pauker in view of Cook, Pauker 2, and Kobayashi, in order to improve system efficiency and load balancing by performing processor intensive operations such as email scanning or .

Response to Arguments
Applicant's arguments filed 4/29/2021 have been fully considered but they are not persuasive.

Regarding the rejection of claims under 35 USC 103:
Applicant’s arguments, pages 10-12 (Remarks dated 4/29/2021), consist of the mere assertion that the prior art of record fails to teach the subject matter newly added by amendment.  The only elements missing from Pauker, Cook, Pauker 2, and Rashad are those incorporated by amendment, i.e. “after the encrypted content is decrypted such that decrypted content is available, determining that usage rights have been applied to the decrypted content to harden the decrypted content, wherein the usage rights include a header field that has been added to a browser, which is available to display the decrypted content, to force the browser to not leave any traces of the decrypted content, and wherein forcing the browser to not leave any traces of the decrypted content is performed as a result of the header field allowing only a fresh version of the decrypted content to be displayable”.  However, a new ground(s) for rejection is provided above which does teach this amended subject matter.

Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814.  The examiner can normally be reached on 9:00AM-5:30PM M-F.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                                        


/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491