DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
This is a reply to the application filed on 03/06/2020, in which, claims 1-24 are pending. Claim 1 is independent.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04/09/2020, has been reviewed. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information disclosure statement.

Drawings
The drawings filed on 03/06/2020 are accepted by The Examiner.

Specification
The use of the trademark ASPERA, FASPEX, and BOX has been noted in this application (e.g. pages 7, 12, 18, 20, 32, 43, 48, 53, 62, 66, 69).  It should be capitalized wherever it appears and be accompanied by the generic terminology. For example: ASPERA.
Although the use of trademarks is permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as trademarks.
The disclosure is objected to because of the following informalities:
The disclosure is objected to because it contains an embedded hyperlink and/or other form of browser-executable code in page 47 of the specification (page 47, “https://en.wikipedia.org/wiki/Blockchain”). Applicant is required to delete the embedded hyperlink and/or other form of browser-executable code. See MPEP § 608.01.
Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-24 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.
Claim 1 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. Claim 1 recites “A system” in the preamble, "computer system”, and “data communications network”, in the claim body. As recited in the body of the claim, the claimed system lacks a structural component because the computer system and the data communications network can be implemented as software only (e.g. “Virtual Directory” page 2, “Virtual Private Network” page 1). Therefore, claim 1 is directed to non-statutory subject matter for lack of a hardware component. The Examiner respectfully suggests that the claim be further amended to positively recite at least one hardware element within the body of the claim to make the claim statutory subject matter under 35 U.S.C. 101 such as “a hardware processor” or “a hardware memory
Claims 2-24 don't cure the deficiency of claim 1 and are rejected under 35 U.S.C. 101 for their dependency upon claim 1.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
Claims 1-13 are rejected under 35 U.S.C. 103 as being unpatentable over Yingfang Fu (US 2018/0109378 A1) in view of Naqvi et al. (US 2018/0150647 A1).
Regarding Claim 1, Fu discloses A system for data distribution ([0053], “FIG. 3…system 300 can include a cloud user realm 310 and a cloud provider realm 320”) comprising: 
a first computer system comprising a first storage system, the first computer system further comprising a first file system comprising a first encryption system for encrypting a data file (Fig. 6, step 626, “Encrypt New Data”, [0090], “obtain the encrypted data” as in the cloud provider realm 320); 
a data communications network for communicating the data file having been encrypted from the first computer system ([0053], “FIG. 3…system 300 can include a cloud user realm 310 and a cloud provider realm 320”); and 
a second computer system coupled to the data communications network for receiving the data file from the data communications network, the second computer system further comprising a second encryption system for decrypting the data file ([0085], “Upon receiving the encrypted data, client 502 (as in the cloud user realm 310) decrypts the received data”).  
Fu does not explicitly teach but Naqvi teaches
system comprising a first input directory and a first virtual read directory ([0005], “data record stored in the database is accessed”, [0203], “access to a directory”, [0232], “associated virtual machine”); 
file stored to the first input directory upon access of the data file from the first virtual read directory ([0203], “access to a directory”, [0232], “associated virtual machine”, [0254], “write encrypted information into the respective lists in the data store”),
Fu and Naqvi are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Naqvi with 


Regarding Claim 2, the combined teaching of Fu and Naqvi teaches the second computer system, the second computer system comprising a second storage system comprising a second input directory and a second virtual read directory (Naqvi, [0203], “access to a directory”, [0232], “associated virtual machine”, [0254], “write encrypted information into the respective lists in the data store”), the second computer system further comprising a second file system comprising the second encryption system for decrypting the data file (Fu, [0085], “decrypts the received data”) upon access of the data file from the second virtual read directory (Naqvi, [0203], “access to a directory”, [0232], “associated virtual machine”).  

Regarding Claim 3, the combined teaching of Fu and Naqvi teaches the second computer system, the second computer system comprising the second encryption system for decrypting the data file upon receipt of the data file from 5the data communications network (Fu, [0085], “Upon receiving the encrypted data, client 502 (as in the cloud user realm 310) decrypts the received data”).  

Regarding Claim 4, the combined teaching of Fu and Naqvi teaches the second computer system, the second computer system comprising a second file system for storing the data 10file having been decrypted (Fu, [0079], “the data may be stored in peripheral storage devices”, [0080], “the cloud storage client”).

Regarding Claim 5, the combined teaching of Fu and Naqvi teaches
a key management server coupled to the first computer system (Fu, [0014], “The storage server stores the encrypted data and indexing the stored data using the key-identifier”); 
the first computer system comprising a file identifier generator coupled to the first computer system, the file identifier generator generating a file identifier of the data file and placing the file identifier of the data file in the data file after the data file is encrypted (Fu, [0014], “a key-identifier and encrypted data; the key-identifier is configured to identify a quantum data key from a plurality of quantum data keys shared between the client and the storage server; and the encrypted data is encrypted using the identified quantum data key. The storage server stores the encrypted data and indexing the stored data using the key-identifier”); 
a database coupled to the first encryption system, the database storing an encryption key for the data file, the encryption key used for encrypting the data file, the encryption key being indexed to the file identifier (Fu, [0014], “The storage server stores the encrypted data and indexing the stored data using the key-identifier”);  
the second computer system coupled to the key management server, the second computer system comprising a file identifier extractor, the second computer system  retrieving the encryption key from the database by submitting the file identifier having been extracted by the file identifier extractor, and the database matching the file identifier having been extracted by the file identifier extractor to the file identifier having been previously generated (Fu, [0015], “the 

Regarding Claim 6, the combined teaching of Fu and Naqvi teaches the second computer system, the second computer 10system comprising a second storage system comprising a second input directory and a second virtual read directory (Naqvi, [0203], “access to a directory”, [0232], “associated virtual machine”, [0254], “write encrypted information into the respective lists in the data store”), the second computer system further comprising a second file system comprising the second encryption system for decrypting the data file (Fu, [0085], “decrypts the received data”) upon access of the data file from 15the second virtual read directory (Naqvi, [0203], “access to a directory”, [0232], “associated virtual machine”).

Regarding Claim 7, the combined teaching of Fu and Naqvi teaches the second computer system, the second computer system comprising the second encryption system for 20decrypting the data file upon receipt of the data file from the data communications network (Fu, [0085], “Upon receiving the encrypted data, client 502 (as in the cloud user realm 310) decrypts the received data”).  

Regarding Claim 8, the combined teaching of Fu and Naqvi teaches the second computer system, the second computer system comprising a second file system for storing the data file having been decrypted (Fu, [0079], “the data may be stored in peripheral storage devices”, [0080], “the cloud storage client”).

Regarding Claim 9, the combined teaching of Fu and Naqvi teaches a hash generator coupled to the first computer system, the hash generator generating a hash of the data file before the data file is encrypted (Fu, [0030], “a hash of the data”, [0073], “client 402 can calculate a hash of the to-be-stored data” before it is encrypted).

Regarding Claim 10, the combined teaching of Fu and Naqvi teaches the second computer system, the second computer system receiving the hash, and further comprising a hash comparator generating the hash of the data file after the data file is decrypted and for receiving the hash from the database, and for comparing the hash having been received with the hash having been generated to determine a match (Fu, [0085], “Upon receiving the encrypted data, client 502 decrypts the received data using the corresponding quantum data key”, “Client 502 can calculate a hash value of the decrypted data based on its private key Su, and compare the calculated hash value with the hash value stored in Table 5 (operation 524). A matching result can authenticate storage server 504 and indicate the completeness of the received data”).  

Regarding Claim 11, the combined teaching of Fu and Naqvi teaches storing the hash of the data file in the database (Fu, [0085], “the hash value stored in Table 5”).

Regarding Claim 12, the combined teaching of Fu and Naqvi teaches the database coupled to the first encryption system, the database storing the encryption key for the 20data file, the encryption key used for encrypting the data file (Fu, [0014], “a key-identifier and encrypted data; the key-identifier is configured to identify a quantum data key from a plurality of quantum data keys shared between the client and the storage server; and the encrypted data is encrypted using the identified quantum data key. The storage server stores the encrypted data and indexing the stored data using the key-identifier”).

Regarding Claim 13, the combined teaching of Fu and Naqvi teaches the database, wherein the database comprises a 25distributed ledger (Naqvi, [0115], “ledger-based block-chain systems”).

Claims 14, and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Yingfang Fu (US 2018/0109378 A1) in view of Naqvi et al. (US 2018/0150647 A1) further in view of Fahrny et al. (US 2017/0244729 A1).
Regarding Claim 14, the combined teaching of Fu and Naqvi does not explicitly teach but Fahrny teaches the second computer system further comprising the 5second encryption system for decrypting the data file further comprising a process verifier to verify a process accessing the data file to read is allowed ([0052], “By frequently monitoring any applications that access such a memory space, for example by checking their access privileges and digital signatures to verify that the application is trusted”).
Fu, Naqvi and Fahrny are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Fahrny with the combined teaching of Fu and Naqvi. The motivation/suggestion would have been for real-time security monitoring (Fahrny, Abstract).

Regarding Claim 15, the combined teaching of Fu and Naqvi does not explicitly teach but Fahrny teaches wherein a 10verification is performed by verifying a signature of a reading process ([0052], “By frequently monitoring any applications that access such a memory space, for example by checking their access privileges and digital signatures to verify that the application is trusted”).
Fu, Naqvi and Fahrny are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Fahrny with the combined teaching of Fu and Naqvi. The motivation/suggestion would have been for real-time security monitoring (Fahrny, Abstract).

Claims 16, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Yingfang Fu (US 2018/0109378 A1) in view of Naqvi et al. (US 2018/0150647 A1) further in view of Sasi et al. (US 2016/0048427 A1).
Regarding Claim 16, the combined teaching of Fu and Naqvi does not explicitly teach but Sasi teaches a virtual directory, wherein the virtual directory is a virtual mount ([0107], “which is a virtual "mount point" linking the subdirectory”).  
Fu, Naqvi and Sasi are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sasi with the combined teaching of Fu and Naqvi. The motivation/suggestion would have been to merge primary data storage, data protection, and intelligence into a single unified system (Sasi, [0003]).

Regarding Claim 17, the combined teaching of Fu and Naqvi does not explicitly teach but Sasi teaches wherein the first input directory and the first virtual read directory are the same directory ([0107], “which is a virtual "mount point" linking the subdirectory”).  
Fu, Naqvi and Sasi are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sasi with the combined teaching of Fu and Naqvi. The motivation/suggestion would have been to merge primary data storage, data protection, and intelligence into a single unified system (Sasi, [0003]).

Claims 18-20, and 22-24 are rejected under 35 U.S.C. 103 as being unpatentable over Yingfang Fu (US 2018/0109378 A1) in view of Naqvi et al. (US 2018/0150647 A1) further in view of Sitrick et al. (US 2008/0092239 A1).
Regarding Claim 18, the combined teaching of Fu and Naqvi does not explicitly teach but Sitrick teaches the first computer system, the first computer system generating a file descriptor for the data file ([0374], “The ESF data file structure (500) is comprised of multiple components”, [0375], “a part of each component is a (file) descriptor of the component for that respective component (i.e., what that component is, whether the component is encrypted or not, whether the respective component is compressed or not, and any other unique IDs or descriptors)”).
Fu, Naqvi and Sitrick are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sitrick with the combined teaching of Fu and Naqvi. The motivation/suggestion would have been to control use of the respective content as an application software program, exporting, modifying, executing as an application program, viewing, and/or printing of electronic data files (Sitrick, Abstract).

Regarding Claim 19, the combined teaching of Fu, Naqvi and Sitrick teaches the first computer system, the first computer system modifying the data file by adding the file descriptor to the data file after the data file is encrypted (Sitrick, [0375], “a part of each component is a (file) descriptor of the component for that encrypted or not, whether the respective component is compressed or not, and any other unique IDs or descriptors)”).

Regarding Claim 20, the combined teaching of Fu, Naqvi and Sitrick teaches the first computer system, the first computer system generating the file descriptor for the data file, where in the file descriptor comprises a unique identifier 10associated with a target user (Sitrick, [0375], “a part of each component is a (file) descriptor of the component for that respective component (i.e., what that component is, whether the component is encrypted or not, whether the respective component is compressed or not, and any other unique IDs or descriptors)”).

Regarding Claim 22, the combined teaching of Fu, Naqvi and Sitrick teaches the first computer system, the first computer 20system generating the file descriptor for the data file, where in the file descriptor comprises a unique identifier associated with the data file (Sitrick, [0375], “a part of each component is a (file) descriptor of the component for that respective component (i.e., what that component is, whether the component is encrypted or not, whether the respective component is compressed or not, and any other unique IDs or descriptors)”).

Regarding Claim 23, the combined teaching of Fu, Naqvi and Sitrick teaches the second computer system further comprising the second encryption system for decrypting the data file -104-Attorney Docket No. 21051-148644-US further comprising a location verifier to verify a location accessing the data file to read is allowed (Sitrick, [0237], “the encrypted content can be provided to the remote appliance”, [0240], “characteristics of the remote appliance that can be utilized:”, [0246], “Location of special files, e.g., this can be obtained by checking the physical location”).


Regarding Claim 24, the combined teaching of Fu and Naqvi does not explicitly teach but Sitrick teaches the second computer system further comprising the second encryption system for decrypting the data file further comprising a network address verifier to verify a network address accessing the data file to read is allowed ([0237], “the encrypted content can be provided to the remote appliance”, [0240], “characteristics of the remote appliance that can be utilized:”, [0249], “Network addresses”).
Fu, Naqvi and Sitrick are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Sitrick with the combined teaching of Fu and Naqvi. The motivation/suggestion would have been to control use of the respective content as an application software program, exporting, modifying, executing as an application program, viewing, and/or printing of electronic data files (Sitrick, Abstract).

Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Yingfang Fu (US 2018/0109378 A1) in view of Naqvi et al. (US 2018/0150647 A1) further in view .
Regarding Claim 21, the combined teaching of Fu, Naqvi and Sitrick teaches
the second computer system, the second computer system comprising the second encryption system, wherein the 15second encryption system decrypts the data file (Fu, [0085], “Upon receiving the encrypted data, client 502 (as in the cloud user realm 310) decrypts the received data”),
The combined teaching of Fu, Naqvi and Sitrick does not explicitly teach but Fahrny teaches only when the data file is accessed by a target application ([0052], “by checking their access privileges and digital signatures to verify that the application is trusted”).
Fu, Naqvi, Sitrick and Fahrny are analogous art as they are in the same field of endeavor of information security. It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Fahrny with the combined teaching of Fu, Naqvi and Sitrick. The motivation/suggestion would have been for real-time security monitoring (Fahrny, Abstract).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHENG-FENG HUANG whose telephone number is (571)272-6186.  The examiner can normally be reached on Monday-Friday: 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/CHENG-FENG HUANG/Primary Examiner, Art Unit 2497