DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Office Action Summary
Instant application was filed 2/28/2019 with priority to 2/28/2018
Claims 1-20 are pending in the instant application.
Claims 1-8, 12-18 and 20 are rejected under 35 USC § 103.
Claims 9-11 and 19 are objected to.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains.  Patentability shall not be negatived by the manner in which the invention was made.

Claims 1-2, 4-8, 12-16, 18 and 20 rejected under 35 U.S.C. 103 as being unpatentable over Yang et al. (US Pre-Grant Publication No: 2020/0034528 A1) hereinafter referred to as Yang in view of Steven Norum et al. (US Patent No: 10,305,906 B1) hereinafter referred to as Norum.

 A method/system/computer program product of/for protecting data, comprising: transmitting a ; (Yang, [0021]-[0022], teaches receiving context data over one channel)
receiving a request from a user device, the request including the context identifier; (Yang, [0021]-[0022], teaches receiving context data over a second channel)
in response to the context identifier in the request matching the context identifier conveyed (Yang, [0021]-[0022], teaches comparing identification information, if matching decrypting the data)
in response to the context identifier in the request not matching the context identifier conveyed  (Yang, [0021]-[0022], teaches comparing identification information, if not matching denying signal is sent)
But, Yang does not teach that the credentials are transmitted in a heartbeat signal
However, Norum teaches credentials sent in a heartbeat signal (Norum, figure 1 and abstract)
It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention to modify the invention of Yang with the method of Norum, as a heartbeat signal is a known method to transmit credentials, this is a simple substitution of one method for transmitting credentials with another.

As per claims 2 and 16, Yang in view of Norum teaches The method/system of claims 1 and 15 respectively wherein unlocking the encrypted data comprises transmitting an encryption key to the user device, and the encrypted data is unlocked at the user device. (Yang, [0013], teaches transmitting encryption key)

 The method/system of claims 2 and 16 respectively wherein the request is a key-unlock request, and the encryption key is a context key for unlocking an encrypted data key. (Yang, [0006], teaches managing encryption Keys and [0014], teaches having multiple keys)

As per claim 5, Yang in view of Norum teaches The method of claim 4 wherein the user device uses the context key to unlock the encrypted data key, and uses the data key to unlock the data. (Yang, [0014])

As per claim 6, Yang in view of Norum teaches The method of claim 4 wherein the encrypted data key is stored in metadata of the data, and the data is encrypted by the data key. (Yang, [0013])

As per claim 7, Yang in view of Norum teaches The method of claim 2 wherein not unlocking the encrypted data comprises withholding the encryption key from the user device. (Yang, [0021]-[0022], teaches comparing identification information, if not matching denying signal is sent)

As per claim 8, Yang in view of Norum teaches The method of claim 2 wherein the user device includes an application, and further comprising: using the encryption key to generate plaintext from the encrypted data; modifying the plaintext using the application; and encrypting the modified plaintext using the encryption key. (Yang, [0021]-[0022], teaches comparing identification information, if matching decrypting the data)

As per claim 12, Yang in view of Norum teaches The method of claim 1 wherein the heartbeat signal is transmitted from a wireless unit, and the heartbeat signal is received only by the user device if the user device is in proximity to the wireless unit. (Norum, column 3, lines 4-9, teaches that the heartbeat signal is associated with proximity of user to device)

As per claim 13, Yang in view of Norum teaches The method of claim 12 wherein the wireless unit is a wireless router, an Internet of Things device, or a smart phone. (Norum, column 1, lines 44-67, teaches smartphone)

As per claim 14, Yang teaches The method of claim 1 wherein the request includes the encrypted data, and further comprising: transmitting plaintext of the encrypted data to the user device in a response to the request. (Yang, [0021]-[0022], teaches comparing identification information, if matching decrypting the data)

Claims 3 and 17 rejected under 35 U.S.C. 103 as being unpatentable over Yang in view of Norum and further in view of Jones et al. (US Patent No: 11,038,687 B2) hereinafter referred to as Jones.

As per claims 3 and 17, Yang in view of Norum teaches The method/system of claims 2 and 16 respectively 
But does not teach wherein the user device includes a memory, and further comprising: using the encryption key to generate plaintext from the encrypted data; storing the plaintext in the memory of the user device; and in response to the user device failing to receive the heartbeat signal, removing the encryption key and the plaintext from the memory of the user device.
However, Jones teaches when heartbeat signal is lost to encrypt data and delete encryption key.
It would have been obvious to one having ordinary skill in the art, before the effective filing of the claimed invention to modify the invention of Yang in view of Norum with the method of D3, as a .

REASONS FOR ALLOWANCE
Claims 9-11 and 19 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is an examiner’s statement of reasons for allowance: The primary reasons for allowance of the claims are applicant’s arguments and the inclusion of the limitation, inter alia, sindependent claims 1 and 15 along with the limitation in the dependent claims 9 and 19 “determining if the user device transmitting the request has exceeded an access control criteria threshold; and in response to the access control criteria threshold being exceeded, reducing a rate at which encryption keys are provided to the user device.” is not found in any new references found.

The closest art of record Yang et al. (US Pre-Grant Publication No: 2020/0034528 A1) teaches “An access control system includes a processor configured to provide a trusted execution environment isolated from a rich execution environment. A rich OS operates in the rich execution environment while a trusted OS operates in the trusted execution environment. An access monitoring module operates within the kernel of the rich OS and a trusted application operates in the trusted OS. The access monitoring module intercepts file requests directed at the file systems of the rich OS, and forwards the file requests to the trusted application. The trusted application then evaluates whether the file request is permitted and provides the access monitoring module with a response. The access monitoring module forwards the request to the file system only if the trusted application approves the request.” but does not teach the indicated subject matter above.

Another art of record Jones et al. (US Patent No: 11,038,687 B2) teaches “A method and system are provided for enabling collaborative access to a data object. The method comprises establishing an access control policy, the access control policy defining at least one collaborative condition under which access to the data object is permissible, monitoring a plurality of users for compliance with the collaborative condition and providing access to the data object after a predetermined number of the users meet the at least one collaborative condition.” but also does not teach the indicated subject matter above.


Other Related Arts of Record
Antony et al. (US 2017/0364422 A1) teaches “Examples provide a pooled memory heartbeat for virtual machine hosts. A virtual controller creates a pooled memory heartbeat file system in a shared 
Adams et al. (US 2007/0297609 A1) teaches “A wireless communications link may be made more secure by imposing additional security measures at the application level to create a secure channel. These measures are compatible with and transparent to any security measures which are applied at the link level. A secure keep-alive heartbeat may be created on the secure channel to ensure that both devices are within range and able to communicate throughout the connection.”
Schull (US 2002/0004785 A1) teaches “This is a method for limiting access to selected features of a freely distributed multimedia file, by disabling selected features of the file (using encryption, compression, or other access denial), distributing the file with some enabled features as an inducement to new users, and offering to enable more features when a new user attempts to use a disabled feature. A licensing system then receives a request from the user's system, identifying a specific operating context and one or more features desired by the corresponding user. Accounting is done and an authorization is sent to the user or the user's system to enable the features. However, the authorization is uniquely associated with the measured operating context of the user and the features remain enabled only for said operating context, thus limiting full operation to authorized users, while permitting new users access to limited operations.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMON P KANAAN whose telephone number is (571)270-3906.  The examiner can normally be reached on M-F (7AM-4PM).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SIMON P KANAAN/Primary Examiner, Art Unit 2492