DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Objections
Claim 15, which is a system claim, depends on Claim 10, which is a method claim.  For examining purposes, the examiner is construing Claim 15 to depend on Claim 11.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-2, 4-8, 11-12, 14-17, and 19-20  are rejected under 35 U.S.C. 103 as being unpatentable over Xidian University (CN 108566383 A) hereinafter referred to as Xidian in view of Starosielsky et al., (US 20190342096 A1) hereinafter referred to as Star.
Regarding Claims 1, 11, and 16, Xidian discloses A computer-implemented method for decentralized data management, comprising: instructing, by an operator, a client to obtain data from a data source, receiving, by the operator, encrypted data from the client, wherein the encrypted data is generated by the client based on the obtained data from the data source and an encryption key of an authorized data consumer; [paragraphs 0125-0224, Figures 1-5, when taxi users query vehicles near a riding point, a taxi user terminal encrypts a query area to generate an encrypted vehicle query request and sends it to an online taxi server; the online taxi server reduces a vehicle query range, and sends the query request to a vehicle user terminal; the vehicle user terminal uses a random number to disturb an accurate location information, and generates an encrypted vehicle query response which is returned to the taxi user terminal through the online taxi server; the taxi user terminal decrypts a data packet, and obtains vehicles near the riding point by further calculating the vehicle query response] [paragraphs 0202-0204, the online taxi server (operator) forwards the encrypted vehicle query information to the vehicle user terminal (authorized data consumer). The vehicle user terminal (authorized data consumer) decrypts the data packet which indicates that the encryption of those data packets or request which was performed by the client (taxi user terminal) was done by using an encryption key that they both share] 
wherein the operator is not allowed to directly obtain data from the data source; [paragraphs 0125-0224, Figures 1-5, the online taxi server does not decrypt, but directly calculates an encrypted vehicle detection response to determine the sub area where the vehicle user terminal is located]
Xidian does not explicitly teach and storing, by the operator, the encrypted data into a data store for the authorized data consumer to access and decrypt, wherein the operator is not allowed to read the saved encrypted data from the data store.
Star teaches and storing, by the operator, the encrypted data into a data store for the authorized data consumer to access and decrypt, wherein the operator is not allowed to read the saved encrypted data from the data store. [paragraph 0025, User information may reside in an app, in the cloud, or in another convenient storage location, but in all cases, the user information is encrypted and only accessible by the user themselves – the user information is the encrypted data which is stored and not accessible by any of the systems including the one performing the storing but only accessible to the user themselves] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Star with the disclosure of Xidian. The motivation or suggestion would have been “for identity binding systems and methods in a personal data store in an online trust system.” (paragraph 0002)
Regarding Claims 2, 12, and 17, Xidian does not explicitly teach wherein the storing the encrypted data into the data store comprises: transforming the encrypted data into a structured data; and storing the structured data into the data store.
Star teaches wherein the storing the encrypted data into the data store comprises: transforming the encrypted data into a structured data; and storing the structured data into the data store. [paragraph 0035, Attribute information can be represented as a structured data model where attributes can be grouped together in a logical hierarchy]
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Star with the disclosure of Xidian. The motivation or suggestion would have been “for identity binding systems and methods in a personal data store in an online trust system.” (paragraph 0002)
Regarding Claim 4, Xidian discloses wherein the instructing the client to obtain the data from the data source comprises: transmitting a user account identifier and one or more parameters to the client for the client to obtain the data from the data source according to the user account identifier and the one or more parameters. [paragraph 0198, The taxi-hailing user terminal generates ciphertext vehicle query information… where RC is the taxi-hailing user identity identifier…After that, the taxi-hailing user terminal generates a ciphertext vehicle query request]
Regarding Claim 5, Xidian discloses wherein the user account identifier is mapped to a user account information comprising one or more of the following: token, cookie, user id (uid), and phone number. [paragraph 0198, The taxi-hailing user terminal generates ciphertext vehicle query information… where RC is the taxi-hailing user identity identifier]
Regarding Claims 6, 14, and 19, Xidian discloses wherein the one or more parameters comprise one or more of the following: location information and time period information. [paragraph 0170, Define the precise position of the vehicle user terminal RVk as (xV, yV), and then the vehicle user terminal performs calculations]
Regarding Claims 7, 15, and 20, Xidian discloses wherein the operator is configured to instruct the client to perform: starting data collection according to the user account identifier and the one or more parameters; stopping the data collection; or restarting the data collection. [paragraph 0200, The online taxi server decrypts the encrypted vehicle query request to obtain < CSI IV SPI IR C 11 TSsrl ISisr >, and verifies the availability of the data packet. If the verification is unsuccessful, the taxi user terminal is required to resend the encrypted vehicle query Request ESR – this is the “restarting the data collection”]
Regarding Claim 8, Xidian discloses ride-hailing trip information, [paragraph 0225, The vehicle user terminal decrypts the ride information of the taxi user terminal, determines whether to accept the user's itinerary according to ATP] 
ride-hailing user location information; [paragraph 0191, The taxi user terminal selects the boarding location (xCP, yCP)]
Xidian does not explicitly teach wherein: the encrypted data comprises ride-hailing user payment information, and the storing, by the operator, the encrypted data into a data store comprises: storing the ride-hailing user payment information into a first data store; storing the ride-hailing trip information into a second data store; and storing the ride-hailing user location information into a third data store.
Star teaches wherein: the encrypted data comprises ride-hailing user payment information, [paragraph 0025, users can authenticate into the trust systems and methods using existing unique identification (IDs), such as Facebook, Google, phone number, credit/bank card/account – the user can authenticate into the trust system with payment information meaning the payment information is stored]
and the storing, by the operator, the encrypted data into a data store comprises: storing the ride-hailing user payment information into a first data store; storing the ride-hailing trip information into a second data store; and storing the ride-hailing user location information into a third data store. [paragraph 0031, User information may reside in the app 22, in the local data storage 62, or in the data storage 66 – teaches three different storage locations for “user information” which can include “ride-hailing user payment information, ride-hailing trip information, and ride-hailing user location information”] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Star with the disclosure of Xidian. The motivation or suggestion would have been “to allow different levels of assurance/verification for the information being requested by the Relying Party 56.” (paragraph 0031)

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Xidian in view of Star, as applied to Claim 1, above, in view of Farquharson et al., (US 20030208533 A1) hereinafter referred to as Farquharson.
Regarding Claim 9, the combination of Xidian and Star does not explicitly teach wherein the storing the encrypted data into the data store comprises: storing the encrypted data into the data store by using a Data Access Object (DAO) associated with the data store.
Farquharson teaches wherein the storing the encrypted data into the data store comprises: storing the encrypted data into the data store by using a Data Access Object (DAO) associated with the data store. [paragraph 0043, The Data Access Objects (DAO) Layer 340 is used to access data present in the database 304… and is used to manage and collect data from the MSC's for presentation to the user and storage in the Database 304] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Farquharson with the disclosures of Xidian and Star. The motivation or suggestion would have been “to manage and collect data.” (paragraph 0043)

Claims 3, 10, 13, and 18  are rejected under 35 U.S.C. 103 as being unpatentable over Xidian in view of Star, as applied to Claims 1, 9, and , 16, respectively, above, and further in view of Smith et al., (US 20190349426 A1) hereinafter referred to as Smith.
Regarding Claims 3, 13, and 18, the combination of Xidian and Star does not explicitly teach further comprising: removing the encrypted data from the operator's storage medium.
Smith teaches further comprising: removing the encrypted data from the operator's storage medium. [paragraph 1172, Data may be preserved indefinitely, if the owner of that data has not specified any conditions around how the data can be removed or deleted. Otherwise, data can have a fixed time-to-live (TTL) or the owner and specified delegates may remove it] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Smith with the disclosures of Xidian and Star. The motivation or suggestion would have been to manage data storage. (paragraph 1172)
Regarding Claim 10, the combination of Xidian and Star does not explicitly teach wherein the encrypted data is tagged with a time to live (TTL), and the encrypted data is automatically removed from the data store upon expiration of the TTL.
Smith teaches wherein the encrypted data is tagged with a time to live (TTL), and the encrypted data is automatically removed from the data store upon expiration of the TTL. [paragraph 1172, Data may be preserved indefinitely, if the owner of that data has not specified any conditions around how the data can be removed or deleted. Otherwise, data can have a fixed time-to-live (TTL) or the owner and specified delegates may remove it] 
Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Smith with the disclosures of Xidian and Star. The motivation or suggestion would have been to manage data storage. (paragraph 1172)

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ANDREW J STEINLE whose telephone number is (571)272-9923.  The examiner can normally be reached on M-F 10am-6pm CT.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/ANDREW J STEINLE/Primary Examiner, Art Unit 2497