Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Specification
The disclosure is objected to because of the following informalities: Paragraph [0050] of the specification reads as follows:

[0050] FIG. 1B illustrates the system of FIG. 1A at a time t2. As shown in FIG. 1B, OB encryption component 102 and user workstation 101 handshake and negotiate a key to be used to encrypt the data within data field 308 via any known protocol, shown here as protocol communication 144. In simple terms, computer 104 and OB encryption component 102 may agree that OB encryption component 125 will use, for example, Key A for encryption of data that computer 104 will send to OB encryption component 102.

However element 125 is the key in the key store (looking back at paragraph [0032] of the filed specification) not the OB encryption component itself. Based on the figures and the rest of the specification paragraph [0050] should have been stated as follows:

[0050] FIG. 1B illustrates the system of FIG. 1A at a time t2. As shown in FIG. 1B, OB encryption component 102 and user workstation 101 handshake and negotiate a key to be used to encrypt the data within data field 308 via any known protocol, shown here as protocol communication 144. In simple terms, computer 104 and OB encryption component 102 may agree that OB encryption component 102  will use, for example, Key A for encryption of data that computer 104 will send to OB encryption component 102.



Allowable Subject Matter
Claims 2-7, 9-14, and 16-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. If correspondence collects allowable subject matter reasons for allowance will be furnished with notice of allowance.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1, 8, and 15 is/are rejected under 35 U.S.C. 102(a)(2) as being antedated by United States Patent Application Publication No.: US 2017/0039386 A1 (LEHNHARDT et al.).

As Per Claim 1: LEHNHARDT et al. teaches: A method of encrypting a data file, said method comprising:
- opening the data file;
- selecting, via a first user interface, a portion of the data file;
- encrypting, via an encryption component, the selected portion of the data file as one of a first level of encryption associated with a first authorized user and a second level of encryption associated with a second authorized user so as to create an encrypted data file; and

	(LEHNHARDT et al., Paragraph [0012], “In another aspect, the invention relates to a server computer, the server computer comprising a database, said database storing data records, the database further comprising a relation, wherein the relation comprises data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form, wherein a referential connection exists assigning each encrypted data item in the relation to a respective data record of the data records, wherein the encrypted data items are annotated with data elements of a linear order in the database, the linear order corresponding the order in which the encrypted data items are stored in the relation with respect to the partial ordered set. The server computer is configured for: receiving from a client computer a request for data records whose associated data items lie within a search interval, the request indicating an encrypted data item forming a first and a second interval boundary of the search interval, respectively; for each encrypted data item forming the first and second boundaries: determining if a cache entry is associated with the encrypted data item forming the interval boundary, in case a cache entry is not associated with the encrypted data item forming the interval 
	(LEHNHARDT et al., Paragraph [0039], “The first encryption method may comprise an arbitrary encryption method. For example, the first encryption method may comprise a non-deterministic encryption method, a homomorphic encryption or an order preserving encryption method. The first encryption method, when executed for a given data item, encrypts the data item using for example a cryptographic key. In accordance with an embodiment, the cryptographic key is a symmetric or an asymmetric key. A second encryption method which is the same or different from the first encryption method may be used to encrypt the data records which contain the corresponding values associated with the data items of the partially order set.”).

- saving the encrypted data file,
	(LEHNHARDT et al., Paragraph [0077], “Server system 106 may further comprise a linear list 330. The linear list comprises data elements associated with the data items 326. The elements of linear order are shown in integer numbers, for example 2, 5, 11 etc. The data elements having in the list a linear order corresponding to the order in which the encrypted data items 326 are stored in the index tree 324. The 

- wherein the encryption component includes an out-of-band encryption key component having stored therein, a first encryption key associated with the first level of encryption and a second encryption key associated with the second level of encryption. 
	(LEHNHARDT et al., Paragraph [0039], “The first encryption method may comprise an arbitrary encryption method. For example, the first encryption method may comprise a non-deterministic encryption method, a homomorphic encryption or an order preserving encryption method. The first encryption method, when executed for a given data item, encrypts the data item using for example a cryptographic key. In accordance with an embodiment, the cryptographic key is a symmetric or an asymmetric key. A second encryption method which is the same or different from the first encryption method may be used to encrypt the data records which contain the corresponding values associated with the data items of the partially order set.”).
	(LEHNHARDT et al., Paragraph [0044], “The present method and system may enable a secure access to the data via the partially ordered set. This may particularly be important for health system's sensitive data. The manipulation of the data items of the partially ordered set at the server side can be performed without having to decrypt the multiple data items at the server computer i.e. the server computer may have no access to the cryptographic key or the unencrypted content of multiple data items. Thus, the risk of compromising the data items at the server computer may be mitigated.”).

As Per Claim 8: Claim 8 is substantially a restatement of the method of claim 1 as a non-transitory, tangible, computer-readable media and is rejected under substantially the same reasoning.

As Per Claim 15: LEHNHARDT et al. teaches: A method of encrypting a data file, said method comprising:
- opening the data file;
- selecting, via a first user interface, a portion of the data file;
- encrypting, via an encryption component, the selected portion of the data file as one of a first level of encryption associated with a first authorized user and a second level of encryption associated with a second authorized user so as to create an encrypted data file;
	(LEHNHARDT et al., Paragraph [0005], “In one aspect, the invention relates to a computer system for querying a database residing on a server computer of the computer system, said database storing data records, the database further comprising a relation, wherein the relation comprises data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form, wherein a referential connection exists assigning each encrypted data item in the relation to a respective data record of the data records, wherein the encrypted data items are annotated with data elements of a linear order in the database, the linear order corresponding the order in which the encrypted data items are stored in the relation with respect to the partial ordered set, the computer system further comprising a client computer,”).
	(LEHNHARDT et al., Paragraph [0012], “In another aspect, the invention relates to a server computer, the server computer comprising a database, said database storing data records, the database further comprising a relation, wherein the relation comprises data items, wherein the data items are encrypted with a first encryption method in the relation, wherein the data items form a partially ordered set in the relation, the partial order being formed with respect to the data items in non-encrypted form, 
	(LEHNHARDT et al., Paragraph [0039], “The first encryption method may comprise an arbitrary encryption method. For example, the first encryption method may comprise a non-deterministic encryption method, a homomorphic encryption or an order preserving encryption method. The first encryption method, when executed for a given data item, encrypts the data item using for example a cryptographic key. In accordance with an embodiment, the cryptographic key is a symmetric or an 

- additionally encrypting the encrypted data file by way of a network encryption to generate a network encrypted data file; and
	(LEHNHARDT et al., Paragraph [0060], “FIG. 1 shows a schematic block diagram of a client-server system 100 in accordance with the present disclosure. The client-server system 100 comprises one or more client systems (or client computers) 102A-N and a server system (or server computer) 106. The client system 102A-N and the server system 106 are connected over a network connection 104. The client system 102 can be regarded as a computer system that is able to communicate with the server system 106 via the network connection 104 which comprises for example a wireless local area network (WLAN) connection, WAN (Wide Area Network) connection LAN (Local Area Network) connection or a combination thereof. The server system 106 can be regarded as a computer system that is able to provide data access to the client system 102. In order to access data stored on the server 106, the client system 102 sends a request to the server 106, where the request is received and processed at the server system 106.”).

- saving the network encrypted data file,
	(LEHNHARDT et al., Paragraph [0077], “Server system 106 may further comprise a linear list 330. The linear list comprises data elements associated with the data items 326. The elements of linear order are shown in integer numbers, for example 2, 5, 11 etc. The data elements having in the list a linear order corresponding to the order in which the encrypted data items 326 are stored in the index tree 324. The linear list 330 may be used to identify the data items that belong to a given range and search interval. 

- wherein the encryption component includes an out-of-band encryption key component having stored therein, a first encryption key associated with the first level of encryption and a second encryption key associated with the second level of encryption. 
	(LEHNHARDT et al., Paragraph [0039], “The first encryption method may comprise an arbitrary encryption method. For example, the first encryption method may comprise a non-deterministic encryption method, a homomorphic encryption or an order preserving encryption method. The first encryption method, when executed for a given data item, encrypts the data item using for example a cryptographic key. In accordance with an embodiment, the cryptographic key is a symmetric or an asymmetric key. A second encryption method which is the same or different from the first encryption method may be used to encrypt the data records which contain the corresponding values associated with the data items of the partially order set.”).
	(LEHNHARDT et al., Paragraph [0044], “The present method and system may enable a secure access to the data via the partially ordered set. This may particularly be important for health system's sensitive data. The manipulation of the data items of the partially ordered set at the server side can be performed without having to decrypt the multiple data items at the server computer i.e. the server computer may have no access to the cryptographic key or the unencrypted content of multiple data items. Thus, the risk of compromising the data items at the server computer may be mitigated.”).

Conclusion

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571)272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/BENJAMIN A KAPLAN/Examiner, Art Unit 2434