DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 have been examined and are pending.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/23/2019 was filed.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.

3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-3, 5-6, and 9-12 are rejected under 35 U.S.C. 103 as being unpatentable over Gallancy et al., hereinafter (“Gallancy”), US PG Publication (20190288840 A1), in view of Chandra et al., hereinafter (“Chandra”), US PG Publication (20190238331 A1).
Regarding claims 1 and 11, Gallancy teaches a computer-implemented method of operating at least one internet-of-things (IoT) device on a local area network (LAN), said method comprising the steps of; and a secure internet-of-things (IoT) site with an intermittent connectivity to a corporate data center, said IoT site comprising:
(b)    collecting IoT data from said at least one IoT device onto said at least one gateway device as data-at-rest; [Gallancy et al 20190288840 A1, ¶0042: target data is any data designated (collecting IoT data) for encryption, which may include: photos, documents, spreadsheets, audio files, video files, or any type of encryptable data files, etc. ¶0052: An “originating device,” as used herein, is a computing device from which data-at-rest can be accessed. ¶0055: As such, the delegate devices 106 n can secure encrypted data-at-rest (aid at least one gateway device as data-at-rest) and authorize decryption of the encrypted data-at-rest by messaging key shards to the originating device 102.
¶0047: In an enterprise (a data center), if data-at-rest is encrypted, central management of encryption keys is often utilized to enable recovery of data when passwords are misplaced, lost, or forgotten. ¶¶0078-0079: The originating device can communicate with a relay server to distribute the shards among the delegate devices 106 a. In another example, at least one of the N key shards is communicated over a short-range radio link to at least one of the set of delegate devices 106 that is located remote from the originating device 102. The delegate devices 106 a may be temporarily or intermittently coupled to the originating device 102 (in intermittent connectivity) to communicate the key shards. The originating device 102 may pass the set of encrypted key shards to a communication service, which distributes the encrypted shards to respective delegate devices. Communication among the delegate devices 106 a (a corporate key manager) may be direct (e.g., on the same LAN, etc.) (to said LAN) or via a relay server or onion routing scheme.] 
wherein an encryption utilizing said one or cryptographic keys is used by said one or more gateway devices to secure said data-at-rest. [Gallancy et al 20190288840 A1, Fig. 1 and ¶0056: A “delegate device,” as used herein, may refer to a computing device on which private keys may be stored and on which key shards of cryptographic keys may be stored. A “key shard,” as used herein, may refer to a data item of a threshold number of data items from which a cryptographic key can be reconstituted (e.g., derived) (utilizing said one or cryptographic keys). The delegate devices 106 n can include any combination of computing devices such as those described herein with respect to the originating device 102. ¶0058: The user interface may be used to facilitate management of the encrypted data-at-rest by distributing and collecting key shards among the delegate devices 106 n. In some embodiments, the relay server 104 (said one or more gateway devices) may collect and store the encrypted data provided by the originating device 102 and/or the delegate devices 106, and provide that data to any of the other devices.]
 (e)    interfacing said at least one LAN key manager with said corporate key manager during a time period when said intermittent connectivity is working; [Gallancy et al 20190288840 A1, ¶0024: The method includes obtaining key shards from devices, reconstituting a cryptographic key from the key shards, and enabling decryption of encrypted data stored on a non-transitory computer memory of a computing device with the reconstituted cryptographic key. In some embodiments, the reconstituted cryptographic key is enabled for only a period (during a time period when said intermittent connectivity is working) sufficient to decrypt the encrypted data]
(g)    encrypting by one or more of said cryptographic keys said data-at-rest on said at least one gateway device. [Gallancy et al 20190288840 A1, ¶0006: The disclosed embodiments include at least one passwordless method and at least one apparatus for securing data-at-rest. The method includes encrypting data with a cryptographic key.]
However, Gallancy fails to explicitly teach but Chandra teaches 
network 6 includes a fabric which may comprise a Local Area Network (LAN) (a local area network (LAN) deployed at said secure IoT site). Each data storage system 2 a, 2 b, 2 n may obtain an encryption key over a network 6 from a key server 8 a (one or more LAN key managers), 8 b . . . 8 n, for purposes of data encryption and decryption by the data storage system. ¶0088-0090: Computer system/server 1002 typically includes a variety of computer system readable media. System memory 1006 can include computer system readable media in the form of volatile and non-volatile memory: carrying out the functions of embodiments of the invention]
 (a)    operating at least one gateway device and at least one LAN key manager as members of said LAN; [Chandra et al 2019/0238331 A1, Fig. 1 and ¶¶0047-0048 and 0054: implementations of described techniques include hardware, method or process, or computer software illustrated as a plurality of hosts 1a, 1b . . . 1n; submitting Input/Output (I/O) requests to one or more data storage systems 2 a (at least one gateway device), 2 b, 2 n  over a network 6 to access data stored by the data storage systems. The network 6 includes a fabric which may comprise a Local Area Network (LAN). Each data storage system 2 a, 2 b, 2 n may obtain an encryption key over a network 6 from a key server 8 a (at least one LAN key manager), 8 b . . . 8 n, for purposes of data encryption and decryption by the data storage system.]
 (d)    utilizing by said at least one gateway device a local key manager discovery protocol for discovering said at least one LAN key manager; [Chandra, ¶¶0007 and 0045: Key management communication protocols (a local key manager discovery protocol) may permit various techniques for mirroring an encryption key from one key server; in synchronous key mirroring, a master key server generates an encryption key and then mirrors a copy of the encryption key to other key servers (often referred to as clone key servers). The copy relationship (for discovering) identifies: source, primary storage, secondary storage and target storage locations. See Fig. 1 and ¶¶0047-0048, and 0054:...submitting Input/Output (I/O) requests to one or more data storage systems 2 a (at least one gateway device), 2 b, 2 n over a network 6 to access data stored by the data storage systems. The network 6 includes a fabric which may comprise a Local Area Network (LAN). Each data storage system 2 a, 2 b, 2 n may obtain an encryption key over a network 6 from a key server 8 a (at least one LAN key manager), 8 b . . . 8 n, for purposes of data encryption and decryption by the data storage system.]
¶0007: in synchronous key mirroring, a master key server (a corporate key manager) generates an encryption key and then mirrors a copy of the encryption key to other key servers (often referred to as clone key servers); before requesting data storage system is in position to activate and use the encryption key. Examiner interprets the mirroring a copy as a form of downloading]
 (f)    having said at least one gateway device obtain cryptographic keys from said at least one LAN key manager; [Chandra et al 2019/0238331 A1, See Fig. 1 and ¶¶0047-0048 and 0054: The network 6 includes a fabric which may comprise a Local Area Network (LAN). Each data storage system 2 a, 2 b, 2 n may obtain an encryption key(s) (obtain cryptographic keys) over a network 6 from a key server 8 a (said at least one LAN key manager), 8 b . . . 8 n, for purposes of data encryption and decryption by the data storage system (at least one gateway device).] 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a passwordless security system for data-at-rest of Gallancy before him or her by including the teachings of encryption key management in a data storage system communicating with asynchronous key servers of Chandra. The motivation/suggestion would have been obvious to try an implementation of described techniques include hardware, method or 
Regarding claim 2, the combination of Gallancy and Chandra teach claim 1 as described above.
Gallancy teaches after said encrypting, transmitting said data-at-rest from said at least one gateway device to said data center during said time period when said intermittent connectivity is working. [Gallancy et al 20190288840 A1, ¶0024: The method includes obtaining key shards from devices, reconstituting a cryptographic key from the key shards; the reconstituted cryptographic key is enabled for only a period (during a time period when said intermittent connectivity is working) sufficient to decrypt the encrypted data]

Regarding claim 3, the combination of Gallancy and Chandra teach claim 1 as described above.
Gallancy teaches decrypting at a target server operating in said corporate data center, said data-at-rest encrypted in said step (g). [Gallancy et al 20190288840 A1, ¶¶0017, 0051, and 0073:  A plurality of devices can produce a combined private key used for decryption and derived from the data identifier. In this embodiment, increased network efficiency is obtained at the expense of some security guarantee. The originating device 102 may have access to all the public keys of an array of delegate devices 106 a-n such that the originating device 102 can use the public keys to encrypt the key shards for respective delegate devices 106 a. The delegate devices 106 a hold respective counterpart private keys that can be uses to decrypt (decrypting at a target server) their respective key shards as needed.  ¶0047: In an enterprise (a data center), if data-at-rest is encrypted, central management of encryption keys is often utilized to enable recovery of data when passwords are misplaced, lost, or forgotten. Examiner interprets that the array of delegate devices can be analogous to the target server.]

Regarding claims 5 and 14, the combination of Gallancy and Chandra teach claim 1 as described above.
While Gallancy teaches having said at least one LAN key manager download a batch of said cryptographic keys [Gallancy et al 20190288840 A1, ¶0109: sharing schemes to create key shards]; however, Chandra teaches having said at least one LAN key manager download a batch of said cryptographic keys from said corporate key manager during said interfacing in said step (e). [Chandra, ¶0117: batch processing at computing devices which may be an originating device, a relay server, or a delegate device. ¶0032: Key servers frequently employ a suitable graphical user interface to assist a human user in manually initiating key mirroring between key servers.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a passwordless security system for data-at-rest of Gallancy before him or her by including 
Regarding claim 6, the combination of Gallancy and Chandra teach claim 1 as described above.
However, Gallancy fails to explicitly teach but Chandra teaches generating said cryptographic keys in said at least one LAN key manager, and later synchronizing with said corporate key manager during said interfacing in said step (e). [Chandra, ¶0003: In a synchronous relationship, any updates to the primary data storage device are typically synchronized with the secondary data storage device; ¶0057: asynchronous key server communication].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a passwordless security system for data-at-rest of Gallancy before him or her by including the teachings of encryption key management in a data storage system communicating with asynchronous key servers of Chandra. The motivation/suggestion would have been obvious to try synchronizing by performing updates [Chandra, ¶¶0003 and 0057].  
Regarding claim 9, the combination of Gallancy and Chandra teach claim 1 as described above.
¶0012: when the approach operates asynchronously (an unsecure mode) with key servers obtaining encryption keys without first verifying if successfully mirrored to other key servers; running the risk of loss of damage of copy].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a passwordless security system for data-at-rest of Gallancy before him or her by including the teachings of encryption key management in a data storage system communicating with asynchronous key servers of Chandra. The motivation/suggestion would have been obvious to try the mirroring technique to avert potential unsecure operations or possible damage [Chandra, ¶¶0012].  
Regarding claim 10, the combination of Gallancy and Chandra teach claim 1 as described above.
However, Gallancy fails to explicitly teach but Chandra teaches utilizing the key management interoperability protocol (KMIP) in said interfacing in said step (e). [Chandra, ¶0005: the Key Management Interoperability Protocol (KMIP) is used to protect data stored by a data storage device, the data is frequently encrypted using an encryption key provided in accordance with a suitable messaging protocol]


Regarding claim 12, the combination of Gallancy and Chandra teach claim 11 as described above.
 	Gallancy teaches wherein said data-at-rest is transmitted by said one or more gateway devices to a target server in said corporate data center. [See Gallancy et al 20190288840 A1, ¶0065: The originating device 102 encrypts target data with a cryptographic key. The cryptographic key may be created specifically to encrypt the target data; the cryptographic key is generated temporarily to encrypt data-at-rest. ¶0073:  The originating device 102 may have access to all the public keys of the delegate devices 106 a such that the originating device 102 can use the public keys to encrypt the key shards for respective delegate devices 106 a.]

 Claims 4 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Chandra et al., hereinafter (“Chandra”), US PG Publication (20190238331A1), in view of .
Regarding claims 4 and 13, the combination of Gallancy and Chandra teach claim 1 as described above.
 Gallancy teaches operating said LAN at one of an oilrig, a moving vehicle, a foreign embassy, an industrial site, a medical facility and a scientific exploration site. [Mukkamala et al 2017/0192414 A1, ¶0240: network 1780 can be an ad hoc network, an intranet, an extranet, a virtual private network (VPN), a local area network (LAN); ¶0242: system for managing a plurality of industrial assets]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of a passwordless security system for data-at-rest of Gallancy before him or her by including the teachings of systems and methods for managing industrial assets of Mukkamala. The motivation/suggestion would have been obvious to try an implementation in an industrial setting [Mukkamala, ¶¶0240-0242].  
Claims 7 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Gallancy et al., hereinafter (“Gallancy”), US PG Publication (20190288840 A1), in view of Chandra et al., hereinafter (“Chandra”), US PG Publication (20190238331 A1), in view of Luong et al, hereinafter (“Luong”), WIPO Application (WO2016115633A1).
Regarding claims 7 and 15, the combination of Gallancy and Chandra teach claim 1 as described above.
¶0006: one apparatus for securing data-at-rest that method includes encrypting data with a cryptographic key.]; however, the combination of Gallancy and Chandra fail to explicitly teach but Luong teaches where said encryption in said step (g) is an authenticated encryption. [Luong, p. 31, lines 20-21: C = E(K, Treq) is an authenticated encryption of the requested transaction details Treq].
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of Gallancy and Chandra before him or her by including the teachings of enhanced security authentication methods of Luong. The motivation/suggestion would have been obvious to try a transaction that has been mutually authenticated with either a relying party or other strong entity [Luong, p. 18, lines 13-15].  
Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Gallancy et al., hereinafter (“Gallancy”), US PG Publication (20190288840 A1), in view of Chandra et al., hereinafter (“Chandra”), US PG Publication (20190238331 A1), in view of Powers et al., hereinafter (“Powers”), US Patent (10,664,574 B1).

Regarding claim 8, the combination of Gallancy and Chandra teach claim 1 as described above.
However, the combination of Gallancy and Chandra fail to explicitly teach but Powers teaches having a time period when said intermittent connectivity is not working because of one of a malicious hack and a human error. [Powers et al 10,664,574 B1, intermittent connectivity resulting in continuously changing network topology and routes; nodes are disrupted.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of Gallancy and Chandra before him or her by including the teachings of distributed data storage and sharing in a peer-to-peer network of Powers. The motivation/suggestion would have been obvious to try an approach that protects against both accidental and malicious modification of pieces or received pieces peer to peer shared [Powers, Col 8, lines 11-23].  
Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Gallancy et al., hereinafter (“Gallancy”), US PG Publication (20190288840 A1), in view of Chandra et al., hereinafter (“Chandra”), US PG Publication (20190238331 A1), in view of Burton et al., hereinafter (“Burton”), US PG Publication (20070226777 A1).
Regarding claim 16, the combination of Gallancy and Chandra teach claim 11 as described above.
However, the combination of Gallancy and Chandra fail to explicitly teach but Burton teaches wherein said local key manager discovery protocol is based on a broadcast scheme. [Burton et al 20070226777 A1, Abstract: The host broadcasts a discovery command which includes an IP address of the host and a service requested by the host. The discovery command conforms to a proprietary discovery command protocol.].
.  

 Claims 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Chandra et al., hereinafter (“Chandra”), US PG Publication (20190238331 A1), in view of Gallancy et al., hereinafter (“Gallancy”), US PG Publication (20190288840 A1).
Regarding claim 17, Chandra teaches system of one or more internet-of-things (IoT) endpoints operated at a secure IoT site with an intermittent connectivity to a corporate data center, said system comprising:
(a)    one or more gateway devices, one or more LAN key managers and said IoT endpoints, as members of a local area network (LAN) deployed at said secure IoT site, said one or more gateway devices, said one or more LAN key managers and said one or more IoT endpoints, comprising at least one memory device storing computer-readable instructions and at least one microprocessor coupled to said at least one memory device for executing said computer-readable instructions; [See Chandra et al 2019/0238331 A1, Fig. 1 and ¶¶0047-0048 and 0054: implementations of described techniques include hardware, method or process, or computer software illustrated as a plurality of hosts 1a, 1b . . . 1n; submitting Input/Output (I/O) network 6 includes a fabric which may comprise a Local Area Network (LAN) (a local area network (LAN) deployed at said secure IoT site). Each data storage system 2 a, 2 b, 2 n may obtain an encryption key over a network 6 from a key server 8 a (one or more LAN key managers), 8 b . . . 8 n, for purposes of data encryption and decryption by the data storage system. ¶0088-0090: Computer system/server 1002 typically includes a variety of computer system readable media. System memory 1006 can include computer system readable media in the form of volatile and non-volatile memory: carrying out the functions of embodiments of the invention]
 (c)    a local key manager discovery protocol to enable said one or more gateway device discover said one or more LAN key managers; [See Chandra, ¶¶0007 and 0045: Key management communication protocols (a local key manager discovery protocol) may permit various techniques for mirroring an encryption key from one key server; in synchronous key mirroring, a master key server generates an encryption key and then mirrors a copy of the encryption key to other key servers (often referred to as clone key servers). The copy relationship (for discovering) identifies: source, primary storage, secondary storage and target storage locations.] 
However, Chandra fails to explicitly teach but Gallancy teaches
¶0042: target data is any data designated (collecting IoT data) for encryption, which may include: photos, documents, spreadsheets, audio files, video files, or any type of encryptable data files, etc. ¶0052: An “originating device,” as used herein, is a computing device from which data-at-rest can be accessed. ¶0055: As such, the delegate devices 106 n can secure encrypted data-at-rest (aid at least one gateway device as data-at-rest) and authorize decryption of the encrypted data-at-rest by messaging key shards to the originating device 102.]
 (d)    one or more cryptographic keys obtained by said one or more gateway devices from said one or more LAN key managers, said one or more cryptographic keys generated by said one or more LAN key managers and then stored on a shared storage on said LAN; [Gallancy, ¶0065: the delegate public key is shared by another delegate device or the originating device. In some embodiments, the key shards can be encrypted with the delegate public keys to produce encrypted key shards that can be securely communicated to their delegate devices. Fig. 3 and ¶0069: process for generating a set of key shards, based on a cryptographic key, of which a threshold number of the key shards can be used to reconstitute a cryptographic key. A set of key shards can be distributed across combinations of the computing devices A, B, C, D, E, and/or F.]
¶0058: relay server 104 facilitates encrypted data-at-rest and delivers messages and notifications between delegate devices 106a-n and originating device 102]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of encryption key management in a data storage system communicating with asynchronous key servers of Chandra before him or her by including the teachings of a passwordless security system for data-at-rest of Gallancy. The motivation/suggestion would have been obvious to try the functionality of the relay server function analogous to a gateway [Gallancy, ¶¶0058 and 0077].  

Regarding claim 18, the combination of Chandra and Gallancy teach claim 17 as described above.
However, Chandra fails to explicitly teach but Gallancy teaches wherein said one or more cryptographic keys are synchronized with a corporate key manager at said corporate data center during a time period when said intermittent connectivity is working. [See Gallancy et al 20190288840 A1, ¶0024: The method includes obtaining key shards from devices, reconstituting a cryptographic key from the key shards, and enabling decryption of encrypted data stored on a non-transitory computer memory of a computing device with the reconstituted cryptographic key. In some embodiments, the reconstituted cryptographic key is enabled for only a period (during a time period when said intermittent connectivity is working) sufficient to decrypt the encrypted data.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of encryption key management in a data storage system communicating with asynchronous key servers of Chandra before him or her by including the teachings of a passwordless security system for data-at-rest of Gallancy. The motivation/suggestion would have been obvious to try the reconstitution feature during the allotted period to sufficiently perform operations [Gallancy, ¶0024].  

Regarding claim 19, the combination of Chandra and Gallancy teach claim 17 as described above.
However, Chandra fails to explicitly teach but Gallancy teaches wherein said encryption is asymmetric encryption. [Gallancy, ¶0061: system 100 uses a combination of symmetric, asymmetric cryptography, and threshold cryptography implemented by multiple computing devices.]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of encryption key management in a data storage system communicating with asynchronous key servers of Chandra before him or her by including the teachings of a passwordless security system for data-at-rest of Gallancy. The motivation/suggestion .  
 Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Chandra et al., hereinafter (“Chandra”), US PG Publication (20190238331 A1), in view of Gallancy et al., hereinafter (“Gallancy”), US PG Publication (20190288840 A1), in view of Kumar et al., hereinafter (“Kumar”), US PG Publication (20180205711 A1).
Regarding claim 20, the combination of Chandra and Gallancy teach claim 17 as described above.
However, the combination of Chandra and Gallancy fail to explicitly teach but Kumar teaches wherein said local key manager discovery protocol utilizes digital certificates provisioned for said one or more gateway devices to identify said one or more LAN key managers and to authenticate said one or more gateway devices with said one or more LAN key managers. [Kumar et al US 20180205711 A1, ¶¶0032, 0041, and 0043: The authentication process may be repeated for each application that provides a key to the self-encrypting key management service; self-encrypting key management service]
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention was made to combine the teachings of encryption key management in a data storage system communicating with asynchronous key servers of Chandra before him or her by including the teachings of a self-encrypting key management system of Kumar. The motivation/suggestion would have been obvious to try [Kumar, ¶¶0058 and 0077].  

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Stueve et al. (20170250799 A1) discloses a linking encryption key management with granular policy.
	
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAKINAH W TAYLOR whose telephone number is (571)270-0682.  The examiner can normally be reached on Monday-Friday, 9:45-5:45.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ELENI SHIFERAW can be reached on 571-272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private 

/Sakinah White Taylor/Examiner, Art Unit 2497