DETAILED ACTION
This action is in response to new application filed 11/12/2019 titled “Secure Print Policy Enforcement”. Claims 1-15 were received for consideration and are currently under consideration.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
Acknowledgment is made of applicant's claim for foreign priority under 35 U.S.C. 119(a)-(d).  The certified copy has been received.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/12/2019 and 8/3/2020 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-4, 6, 7, 9, 10 and 12-14 are rejected under 35 U.S.C. 102(a)(1)/(a)(2) as being anticipated by Kanai et al (US 2009/185223).
With respect claim 1, Kanai teaches a method for enforcing a secure print policy, the method comprising: 
providing a security policy (see Kanai paragraph 0391 and 0442 i.e. For example, the document printing program 421 may conduct the user authentication and then may send the document ID to the access control server 404. After that, the document printing program 421 may receive the security policy, the encryption key, and the security attribute from the access control server 404 and then may determine the permission information and the print requirement based on the security policy, the encryption key, and the security attribute); 
cryptographically binding the security policy to a print job to generate a secure print job (see Kanai paragraph 0388 i.e. The document protecting program 11 is a program to set a print requirement to a document file (hereinafter, simply called a document) in response to an input operation by a distributor using the distributor terminal 01, encrypt the document using an encryption algorithm (for example, an RC4, Triple DES, IDEA), and generate a secured document 13); 
verifying security properties of at least one of: a printer and an intermediary device using the security policy and a remote attestation protocol (see Kanai paragraph 0411-0412 i.e. When the document printing program 421 receives the permission 
provided the security properties are verified, releasing the print job to the printer (see Kanai paragraph 0411-0413 i.e. When the document printing program 421 receives the permission information, the encryption key, and the print requirement from the access control server 404, the document printing program 421 decrypts the secured document by using the encryption key and then restores the document. Then, the document printing program 421 controls the printer 403 to conduct the printing process so as to satisfy the print requirement. For example, in a case in that the BDP is set to the document as the print requirement, the printer 403 prints out contents of the document while printing out a background image. As described above, when the document is printed out, it is possible to enforce the print requirement corresponding to the security attribute that is set beforehand).
With respect claim 2, Kanai teaches a method as claimed in claim 1, wherein providing the security policy is performed when a user initiates the print job (see Kanai paragraph 0481 i.e. When the user attempts to access the document (for example, to print the document), the access control server 604 refers to the security policy 644 stored therein in response to a request from the document printing program 621, determines whether or not the user is authorized to access the document, and obtains the process requirement).
With respect claim 3, Kanai teaches a method as claimed in claim 1, wherein the security policy comprises one or more properties that must be satisfied in order to verify 
With respect claim 4, Kanai teaches a method as claimed in claim 3, wherein the properties are comprised of one or more of: whether the printer or intermediary device has full-disk encryption turned on; a specific set of printers or intermediary devices that the print job are to be printed at; whether the print job can be retained after use; whether the printer or intermediary device have specific operating system versions installed; an expiry date on the print job after which it is to be destroyed if if is not released; and whether the print job can be transported on a bring-your-own-device or mobile device (see Kanai paragraph 0495 i.e. In a case in that the user attempts to print out the document, the secured document 13 is implemented to the user terminal 602. For example, the user terminal 602 may read out the secured document 13 stored in the information recording medium set in the external storage unit. Alternatively, in a case in that the user terminal 602 connects with the distributor terminal 601 through a network, the user terminal 602 may obtain the secured document 13 through the network).
With respect claim 6, Kanai teaches a method as claimed in claim 1, wherein the secure print job is encrypted before transportation to the printer or intermediary device (see Kanai figure 44 and paragraph 0402-0403 i.e. The distributor provides the secured document 13 generated by the document protecting program 411 to the user).

With respect claim 9, Kanai teaches 9 a system for enforcing a secure print policy, the system comprising: 
a server configured to, provide a security policy; 
cryptographically bind the security policy to a print job to generate a secure print job; 
verify security properties of at least one of: a printer and an intermediary device using the security policy and a remote attestation protocol (see Kanai paragraph 0411-0412 i.e. When the document printing program 421 receives the permission information, the encryption key, and the print requirement from the access control server 404, the document printing program 421 decrypts the secured document by using the encryption key and then restores the document); and 
provided the security properties are verified, release the print job to the printer.
With respect claim 10, Kanai teaches a production device for enforcing a secure print policy, the production device comprising: 

receive a secure print job having a security policy that is cryptographically bound to the print job (see Kanai paragraph 0388 i.e. The document protecting program 11 is a program to set a print requirement to a document file (hereinafter, simply called a document) in response to an input operation by a distributor using the distributor terminal 01, encrypt the document using an encryption algorithm (for example, an RC4, Triple DES, IDEA), and generate a secured document 13); 
receive a remote attestation protocol verify security properties of at least one of: a printer and an intermediary device using the security policy and a remote attestation protocol (see Kanai paragraph 0676-0678); and 
provided the security properties are verified, produce the print job at the production device (see Kanai paragraph 0411-0413 i.e. When the document printing program 421 receives the permission information, the encryption key, and the print requirement from the access control server 404, the document printing program 421 decrypts the secured document by using the encryption key and then restores the document. Then, the document printing program 421 controls the printer 403 to conduct the printing process so as to satisfy the print requirement. For example, in a case in that 
With respect claim 12, Kanai teaches a non-transitory machine-readable storage medium encoded with instructions executable by a processor, the machine-readable storage medium comprising: instructions to: 
(i) provide a security policy (see Kanai paragraph 0391 and 0442 i.e. For example, the document printing program 421 may conduct the user authentication and then may send the document ID to the access control server 404. After that, the document printing program 421 may receive the security policy, the encryption key, and the security attribute from the access control server 404 and then may determine the permission information and the print requirement based on the security policy, the encryption key, and the security attribute); 
(ii) cryptographically bind the security policy to a print job to generate a secure print job (see Kanai paragraph 0388 i.e. The document protecting program 11 is a program to set a print requirement to a document file (hereinafter, simply called a document) in response to an input operation by a distributor using the distributor terminal 01, encrypt the document using an encryption algorithm (for example, an RC4, Triple DES, IDEA), and generate a secured document 13); 
(iii) verify security properties of at least one of: a printer and an intermediary device using the security policy and a remote attestation protocol (see Kanai paragraph 0411-0412 i.e. When the document printing program 421 receives the permission 
(iv) provided the security properties are verified, release the print job to the printer (see Kanai paragraph 0411-0413 i.e. When the document printing program 421 receives the permission information, the encryption key, and the print requirement from the access control server 404, the document printing program 421 decrypts the secured document by using the encryption key and then restores the document. Then, the document printing program 421 controls the printer 403 to conduct the printing process so as to satisfy the print requirement. For example, in a case in that the BDP is set to the document as the print requirement, the printer 403 prints out contents of the document while printing out a background image. As described above, when the document is printed out, it is possible to enforce the print requirement corresponding to the security attribute that is set beforehand).
With respect claim 13, Kanai teaches a non-transitory machine-readable storage medium encoded with instructions executable by a processor as claimed in claim 12, further comprising instructions to: provide the security policy when a user initiates the print job (see Kanai paragraph 0478-0481 i.e. When the user attempts to access the document (for example, to print the document), the access control server 604 refers to the security policy 644 stored therein in response to a request from the document printing program 621, determines whether or not the user is authorized to access the document, and obtains the process requirement. FIG. 58 is a diagram showing a configuration example of the access control server according to the sixth embodiment of 
With respect claim 14, Kanai teaches a non-transitory machine-readable storage medium encoded with instructions executable by a processor as claimed in claim 12, further comprising instructions to: encrypt the secure print job prior to transportation to the printer or intermediary device (see Kanai figure 44 and paragraph 0402-0403 i.e. Also, the document protecting program 411 provides the document ID to the document which is encrypted by using the encryption key and then generates the secured document 13).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 5 and 11 are rejected under 35 U.S.C. 103 as being unpatentable over Kanai et al (US 2009/185223) in view of Bastaldo-Tsampalis et al (US 2016/0026418) 
With respect to claim 5 Kanai teaches a method as claimed in claim 1, but does not disclose wherein a workstation shares a symmetric key with the printer or intermediary device or a server thereof to protect the integrity of the security policy. 

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kanai in view of Bastaldo-Tsampalis to have used a symmetric key as a way to encrypt the 3D print files as a way to securely transmit the print files over network (see Bastaldo-Tsampalis paragraph 0031. Therefore one would have been motivated to have to have used a symmetric key as a way to encrypt the 3D print files.

With respect to claim 11 Kanai teaches a production device as claimed in claim 10, but does not disclose wherein the production device is a three-dimensional printer.  
Bastaldo-Tsampalis teaches wherein the production device is a three-dimensional printer (see Bastaldo-Tsampalis paragraph 0029).
.

Claims 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Kanai et al (US 2009/185223) in view of Kakigi (US 20080034403)
With respect to claim 8 Kanai teaches a method as claimed in claim 1, but does not disclose wherein the security policy is sent to a device performing the remote attestation protocol.
	Kakigi teaches wherein the security policy is sent to a device performing the remote attestation protocol (see Kakigi paragraph 0040-0042).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kanai in view of Kanai to have the policy check performed on the side of the printing apparatus by having the information processing apparatus transmits the authentication information and access information along with the print data to the printing apparatus in order that the policy check can be performed on the side of the printing apparatus. Therefore one would have been motivated to have the policy check can be performed on the side of the printing apparatus.


	Kakigi teaches further comprising instructions to: transmit the security policy to a device performing the remote attestation protocol (see Kakigi paragraph 0040-0042).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Kanai in view of Kanai to have the policy check performed on the side of the printing apparatus by having the information processing apparatus transmits the authentication information and access information along with the print data to the printing apparatus in order that the policy check can be performed on the side of the printing apparatus. Therefore one would have been motivated to have the policy check can be performed on the side of the printing apparatus.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DEVIN E ALMEIDA whose telephone number is (571)270-1018.  The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 5:00 P.M.  The examiner can also be reached on alternate Fridays from 7:30 A.M. to 4:00 P.M. 
Saleh Najjar, can be reached on 571-272-4006. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).

/DEVIN E ALMEIDA/Examiner, Art Unit 2492   

/SALEH NAJJAR/Supervisory Patent Examiner, Art Unit 2492