Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

DETAILED ACTION
This is in response to applicant’s response filed on 07/07/2021 to a Requirement for Election/Restriction mailed on 05/18/2021 for Application #16/428,415 filed on  05/31/2019 in which claims 1-20 are pending, Claims 1-8, 20 are withdrawn from consideration due to restriction election.

Status of Claims
Claims 1-20 are pending, of which Claims 9-11, 13, are rejected under 35 U.S.C. 103, Claims 1-8, 20 are withdrawn from consideration due to restriction election.  Claims 12, 14, 15, 16-19 are objected to as being allowable as a whole under prior art if rewritten in independent form including all of the limitations of their base claim and any intervening claims as well as addressing any additional issues described below.

Prior Art Rejections - 35 USC § 102 and/or 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 9-11, 13, are rejected under 35 U.S.C. 103 as being unpatentable over Lewis et al. US Patent Application Publication 2019/0258813 in view of Lewis et al. US Patent Application Publication 2019/0260753.

Regarding Claim 9, Lewis et al. 8813 discloses:
A method for selectively encrypting portions of data based on one or more security attributes or security policies, the method comprising [(Lewis et al. 8813 Par 3 Lines 2-7) where Lewis et al. 8813 teaches the creation of a container or portions :
accessing a collection of data in an unstructured data container having one or more data subgroups [(Lewis et al. 8813 Par 3 Lines 2-7; Par 5 Lines 1-4) where Lewis et al. 8813 teaches the container has one or more subgroups, the encrypted data within the container and key label metadata stored within the container];
assigning one or more security attributes or security policies to one or more data subgroups in the unstructured data container to control access to the unstructured data container subgroups [(Lewis et al. 8813 Par 9 Lines 2-15) where Lewis et al. 8813 teaches the container has security policies and attributes assigned to the container and it’s subgroups]; and
sending a call to an encryption service, wherein the call includes the unstructured data container and the one or more security attributes or security policies to selectively encrypt the one or more data subgroups within the unstructured data container based on the one or more security attributes or security policies assigned to each of the one or more data subgroups within the unstructured data container to obtain an encrypted ciphertext of the collection of data subgroups in the unstructured data container [(Lewis et al. 8813 Figure 5) where Lewis et al. 8813 teaches in the Fig 5 Flowchart that the container and its contents are encrypted by an encryption service to achieve an encrypted cipher text, based on selections made depending on the security policies and security attributes for the container].
	
Lewis et al. 8813 does not appear to explicitly disclose:
and decrypting

However, Lewis et al. 0753 discloses:
and decrypting [(Lewis et al. 0753 Par 3 Lines 2-15) where Lewis et al. 0753 teaches a user being allowed to access an encrypted container based on multiple authorizations and the possession of a security key label indicating that the user has permission to access the container according to the security policies in place, and based on the security policy for the container, and one or more attributes indicated as possessed by the user, the user is allowed to decrypt the data inside the container].

Lewis et al. 8813 and Lewis et al. 0753 are analogous art because they are from the “same field of endeavor” and are from the same “problem-solving area,”.  Namely, they are both from the field of “hardware circuits designed to be configured in FPGAs”.

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Lewis et al. 8813 and the teachings of Lewis et al. 0753 by providing a user being allowed to access an encrypted container based on multiple authorizations and the possession of a security key label indicating that the user has permission to access the container according to the security policies in place, and based on the security policy for the container, and one or more attributes indicated as possessed by the user, the user is allowed to decrypt the data inside the container as taught by Lewis et al. 0753 in the teaching described by Lewis et al. 8813.
The motivation for doing so would be to increase the usability and flexibility of Lewis et al. 8813 by providing a user being allowed to access an encrypted container based on multiple authorizations and the possession of a security key label indicating that the user has permission to access the container according to the security policies in place, and based on the security policy for the container, and one or more attributes indicated as possessed by the user, the user is allowed to decrypt the data inside the container as taught by Lewis et al. 0753 in the teaching described by Lewis et al. 8813 so as to provide access to encrypted data in a container to ones with the proper keys and attributes.

Regarding Claim 10, most of the limitations of this claim have been noted in the rejection of Claim 9.  Applicant is directed to the rejection of Claim 9 above.  In addition, the combination of Lewis et al. 8813 and Lewis et al. 0753 discloses:
The method of claim 9, wherein the unstructured container is one or more of an unstructured document, unstructured database, text file, spreadsheets, email, HTML page, PDF file, image file, video stream or an audio stream [(Lewis et al. 8813 Par 71 Lines 1-5; Fig 5)].

Regarding Claim 11, most of the limitations of this claim have been noted in the rejection of Claim 9.  Applicant is directed to the rejection of Claim 9 above.  In addition, the combination of Lewis et al. 8813 and Lewis et al. 0753 discloses:
The method of claim 9, wherein different subgroups of data within the one or more data subgroups within the unstructured data container are assigned different security attributes or security policies [(Lewis et al. 8813 Par 3 Lines 2-7; Par 5 Lines 1-4) where Lewis et al. 8813 teaches the container has one or more subgroups assigned different security policies or attributes, the encrypted data within the container and key label metadata stored within the container].

Regarding Claim 13, most of the limitations of this claim have been noted in the rejection of Claim 9.  Applicant is directed to the rejection of Claim 9 above.  In addition, the combination of Lewis et al. 8813 and Lewis et al. 0753 discloses:
The method of claim 9, further comprising:
receiving, at an encryption service, the unencrypted unstructured data container having one or more data subgroups, one or more security attributes or security policies for the unstructured data container, and one or more public keys; and selectively encrypting one or more data subgroups within the unstructured data container using the one or more public keys and the one or more security attributes or security policies to generate an encrypted ciphertext [(Lewis et al. 8813 Par 3 Lines 2-7; Par 5 Lines 1-4; Fig 5) where Lewis et al. 8813 teaches the container has one or more subgroups assigned different security policies or attributes, the encrypted data within the container and key label metadata stored within the container, which are sent to the encryption service to be encrypted, in the Fig 5 Flowchart that the container and its contents are encrypted by an encryption service to achieve an encrypted cipher text, based on selections made depending on the security policies and security attributes for the container].

Response To Applicant’s Restriction Election Traverse Arguments
Applicant has elected with traverse Species 2, Claims 9-15, and has agreed to withdraw Species 1, Claims 1-8, and Species 4, Claim 20.  But instead of also withdrawing Species 3, Claims 16-19, applicant has instead chosen to amend the dependency of these Claims to depend from Claim 13 of Species 2, which in effect combines or joins two of the four species, Species 2 and 3.

Although this combining of two of the filed species claims is somewhat irregular, the examiner, in the spirit of cooperation, has agreed to accept the combining of Species 2 and 3, by making Species 3 dependent on Species 2.  The examiner does though want to bring to the attention of the applicant that by combining Species 2 and 3, filing a Divisional on the part of the applicant will not be quite as straight forward, as it would have been if the applicant had not chosen to combine two of the four species.

The examiner disagrees with applicant’s traverse of the restriction of Species 1, Claims 1-8, Species 2 Claims 9-15 now combined with Species 3 Claims 16-19, and Species 4, Claim 20.
Species 1, Claims 1-8, are drawn to a method for generating encryption and decryption keys.
Species 2, Claims 9-15, are drawn to a method for selectively encrypting portions of data based on one or more security attributes or security policies.
Species 3, Claims 16-19, are drawn to a method for selectively decrypting portions of data based on one or more security attributes or security policies.
Species 4, Claim 20, are drawn to a system for selectively encrypting and decrypting portions of a collection of data in an unstructured data container based on one or more security attributes or security policies.
Applicant argues that Species 1, Claims 1-8, Species 2, Claims 9-15, Species 3, Claims 16-19, and Species 4, Claim 20 are not independent and distinct and that a serious burden is not placed on the examiner.
The examiner respectively disagrees with applicant’s argument, since Species 1, Claims 1-8, Species 2, Claims 9-15, Species 3, Claims 16-19, and Species 4, Claim 20 each have different limitations, each requiring a different search and different prior art for four different inventions.  The examiner can certainly see that it might be preferable to the applicant to include multiple inventions in one patent application, but the resulting serious burden of extra work placed on the examiner during examination is not reasonable from the examiner’s point of view, not to mention the added complexity and serious burden of working different inventions with different limitations to allowance.  As a result, the examiner maintains the restriction as stated above and in the Requirement for Restriction/Election office action of 05/18/2021.

Allowable Subject Matter
Claims 12, 14, 15, 16-19 are objected to as being dependent upon a rejected base claim, but would be allowable as a whole under prior art if rewritten in independent form including all of the limitations of their base claim and any intervening claims as well as addressing any additional issues described above.

The following is a statement of reasons for the indication of allowable subject matter.  The examiner has found that the prior art of record does not teach, suggest, or render obvious:
each data subgroup within the one or more data subgroups that has a different security attribute or security policy assigned is encrypted based on the one or more security attributes or security policies assigned to that data subgroup, the encryption is performed using one of a Cipher text-policy Attribute Based Encryption (CPABE) scheme, a key-policy Attribute Based Encryption scheme (KPABE), or a hybrid encryption scheme, receiving the encrypted cypher text from the encryption service; and sending the encrypted cipher text of the unstructured data container to a plurality of parties, wherein each party of the plurality of parties can only decrypt a portion of the data based on a secret key that was sent to the party, accessing the unstructured data container having selectively encrypted one or more data subgroups within the collection of data; and responsive to a request by a first user, sending a call to a decryption service to selectively decrypt the one or more data subgroups within the unstructured data container using a secret key associated with the first user and based on the one or more security attributes or security policies assigned each of the one or more data subgroups within the collection of data, wherein the call includes the collection of data and the one or more security attributes or security policies

As recited in dependent Claims 12, 14, 15, 16-19 when also incorporating all of the limitations of the base claim and any intervening claims as well as addressing any additional issues described above.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Waters - US_8559631_B1_I: Waters teaches decryption of attribute based encryption.
Waller et al - US_8683602_B2_I: Waller et al teaches multilevel secure object management.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRADLEY HOLDER whose telephone number is 571-270-3789.  The examiner can normally be reached on Monday-Friday 10:00AM-7:00PM Eastern Time.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yin-Chen Shaw can be reached on (571) 272- 8878.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/BRADLEY W HOLDER/
Primary Examiner, Art Unit 2498