DETAILED ACTION
This Office Action is in response to the Amendment filed on July 27th, 2021.
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
In the instant Amendment, claims 1, 8, 10, 13 & 14 are independent. Claims 1-20 have been examined and are pending. This Action is made FINAL.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant’s arguments in the instant Amendment, filed on 07/27/2021, with respect to limitations listed below, have been fully considered but they are not persuasive.
On pages 6-7 of Applicant’s Remarks, Applicants submitted that there is no attempt to offer interpretation of what the “access control events” are or apply specific elements of O’Hare, fig. 51, 5140a suggests a mere attempt to reconstruct by locating the word “access” as recited in claim 1 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0556] & [0574] and illustrated in figs. 48 & 51 in O’Hare’s secure distributed storage, the secure storage system 4800 is accessible by multiple user computing devices such as the User 1 
On page 7 of Applicant’s Remarks, Applicants submitted that the examiner merely found the word “shares” but this is shares of a user’s individual data not shares of a database regarding multiple users or of access control events as recited in claim 1 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0469], [0542], [0556], [0575] & [0578] in O’Hare’s secure distributed storage, the data or content or file 
On page 8 of Applicant’s Remarks, Applicants submitted that the rejection is internally inconsistent (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [00454], [0483] & [0536] in O’Hare’s secure distributed storage, the shares of data are processed and distributed such that the probability that any particular share of data receives a particular unit of data is equal to the probability that any one of the remaining shares will receive the unit of data. In addition, User 1 device 4202a and User 2 device 4202b are each in communication with multiple storage depositories 4208a, 4208b and 4208c. The storage depositories 4208a, 4208b and 4208c are located in computing cloud storage and may be suitable network-
On page 8 of Applicant’s Remarks, Applicants submitted that the extreme number of different embodiments begs the question of how this relates to any previously-asserted share or its relationship to any particular server as recited in claim 1 (Emphasis added).
The Examiner disagrees with the Applicants. As addressed and explanation above, the relationships between access control event, splitting and processing of data shares and the third-party are clear. Thus, the shares are processed in respective third party servers, wherein the depositories 4208a, 4208b and 4208c controlled by storage provider servers are third party servers. Thus, O’Hare does disclose the limitation argued above.
On page 9 of Applicant’s Remarks, Applicants submitted that there is no identification of what the particular processing is (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0514], [0543] & [0536] in O’Hare’s secure distributed storage, the cryptographic sharing client of User 1 device 4202 distributing the shares to storage depositories 4208a, 4208b and 4208c. Each of the multiple storage depositories 4208a, 4208b and 4208c receives a number of shares that is less than the number of shares needed to restore the file ANYFILE 4204a. The storage depositories 4208a, 4208b and 4208c are located in computing cloud storage and may be suitable network-attached storage devices such as those provided by at least one network 
On page 9 of Applicant’s Remarks, Applicants submitted that paragraph [0514] does not involve any output of processing from multiple third party servers to a further server in common as recited in claim 2 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0514], [0543] & [0536] in O’Hare’s secure distributed storage, the cryptographic sharing client of User 1 device 4202 distributing the shares to storage depositories 4208a, 4208b and 4208c. Each of the multiple storage depositories 4208a, 4208b and 4208c receives a number of shares that is less than the number of shares needed to restore the file ANYFILE 4204a. The storage depositories 4208a, 4208b and 4208c are located in computing cloud storage and may be suitable network-attached storage devices such as those provided by at least one network storage provider. Storage depositories 4208a, 4208b and 4208c controlled by storage provider servers are third party servers. Accordingly, it is clearly seen that the data is outputted to further servers. Thus, O’Hare does disclose the limitation argued above.
On pages 9-10 of Applicant’s Remarks, Applicants submitted that the magic word “device” is found in the context of a removable data storage device. Apparent physical removal of the device appears to prevent compromise of the data stored on it. But that has no relationship to diagnosis of a malfunctioning device as recited in claims 3-5 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0305], [0485], [0536]-[0537] & [0556] in O’Hare’s secure distributed storage, User 1 device 4202a and 
On page 10 of Applicant’s Remarks, Applicants submitted that no malfunction or credential device is identified as recited in claim 4 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0305], [0485], [0536]-[0537] & [0556] in O’Hare’s secure distributed storage, User 1 device 4202a and User 2 device 4202b are communication with registration server 4210. The registration server 4210 registers users of secure sharing system 4200 including users, user devices, and groups of users or devices, store user credentials such as e-mail address or username, authenticate users based on the stored credentials, look up a user by their e-mail address or other credentials. Accordingly, the registration server diagnoses a malfunctioning device by authenticating or verifying the User 1 device and User 2 device credentials, wherein the User 1 device and User 2 device are malfunctioning devices. Thus, O’Hare does disclose the limitation argued above.
On pages 10-11 of Applicant’s Remarks, Applicants submitted that there is no claim interpretation that the [0094] “data routing device” (identified as a web server) is a reader as recited in claim 5 (Emphasis added).

On page 11 of Applicant’s Remarks, Applicants submitted that the examiner has not explained how it is further processed at all, let alone further processed to become access events data, let alone be the data divided into shares in claim 1 (as previously noted, the examiner purports to divide into shares, not user information, not access data, but the data the users seek to store) as recited in claim 6 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0469], [0542], [0556], [0575] & [0578] in O’Hare’s secure distributed storage, the data or content or file splits or parses or divides into multiple shares using the private key associated with the User 1 device and the public key associated with the User 2 device. In addition, a secure parser generates the shares of data. The registration or authentication database 5100 contains a record for each client of the secure storage system 4800. The registration or authentication database 5100 stores user records 5102a and 5102b for two users, User 1 and User 2 respectively. User 1 is associated with a product and does not store data shares in dedicated storage locations. User 2, on the other hand, is associated with an enterprise and stores data shares in four dedicated storage locations. The stored data in the registration or authentication database is stored in multiple shares, is associated with specific users and is only accessible 
On page 11 of Applicant’s Remarks, Applicants submitted that the “credentials” mentioned are not the initial registration credentials of [0137] but are rather identified as “user credentials such as email address or user name” recited in claim 7 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0305], [0485], [0536]-[0537] & [0556] in O’Hare’s secure distributed storage, User 1 device 4202a and User 2 device 4202b are communication with registration server 4210. The registration server 4210 registers users of secure sharing system 4200 including users, user devices, and groups of users or devices, store user credentials such as e-mail address or username, authenticate users based on the stored credentials, look up a user by their e-mail address or other credentials. Accordingly, the registration server diagnoses a malfunctioning device by authenticating or verifying the User 1 device and User 2 device credentials. Thus, O’Hare does disclose the limitation argued above.
On pages 11-12 of Applicant’s Remarks, Applicants submitted that there has been no interpretation of “smartphones and RFID cards or badges” as recited in claims 8-9 (Emphasis added).
The Examiner disagrees with the Applicants. As described in pars. [0421] & [0617] in O’Hare’s secure distributed storage, voice over Internet protocol (VoIP) applications uses of the secure data parser. Wireless or wired data transport from or to any 
Dependent claims 10-12 have similar scope as claims 1-7. Therefore, claims 10-12 remain un-patentable for the same reasons. 
Claim 13 has similar scope as claims 1-7. Therefore, claim 13 remains un-patentable for the same reasons.
Claim 14 has similar scope as claims 1-7. Therefore, claim 14 remains un-patentable for the same reasons.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by O’Hare et al. (O’Hare), U.S. Pub. Number 2012/0331088.
Regarding claim 1; O’Hare discloses a method comprising:
(par. 0574; fig. 51; data structures for use in a registration/authentication database maintained by the registration/authentication server of the secure storage system.; );
dividing a portion (138) of the database into shares (140A, 140B, 140C) (pars. 0469 & 0578; the data is split to a predefined number of shares; splits each file into four shares and stores a share of each file in a different one of four dedicated storage locations.);
passing the respective shares to respective third party servers (44A, 44B, 44C) (pars. 0151 & 0169; providing biometric data and appearing before a third-party; the  third-party system receives a signal indicating positive user authentication from the trust engine.);
processing the shares in the respective third party servers (pars. 0454 & 0483; shares of data may be processed randomly or pseudo-randomly such that from a statistical perspective, the probability that any particular share of data receives a particular unit of data is equal to the probability that any one of the remaining shares will receive the unit of data.);
passing output of the processing to a further server ( 40) in common (par. 0514; the data to be secured may be distributed into a plurality of shares using deterministic, probabilistic, or both deterministic and probabilistic data distribution techniques.); and
processing the output on the further server (par. 0538; executing a cryptographic sharing client.).
Regarding claim 2; O’Hare discloses the method of claim 1 wherein: the processing the output on the further server includes combining the shares (par. 0547; enable secure sharing between any combination of an individual user, multiple individual users, a group of individual users (e.g., a workgroup) and multiple groups of individual users; e.g., a user may use sharing system to securely store files for his or her own use by treating the user as both User 1 and User 2.).
Regarding claim 3; O’Hare discloses the method of claim 1 wherein: the processing comprises diagnosing a malfunctioning device (par. 0305; possibly of compromise of secured data is effectively removed.).
Regarding claim 4; O’Hare discloses the method of claim 3 wherein: the diagnosing the malfunctioning device comprises diagnosing a malfunction in a credential device (0485; control access to the individual shares within that group of users or to share credentials among those users that would only allow members of the group to reassemble the shares.).
Regarding claim 5; O’Hare discloses the method of claim 3 wherein: the diagnosing the malfunctioning device comprises diagnosing a malfunction in a reader (par. 0094; the frond-end security system may include a firewall, an intrusion detection system searching for known attack profiles, and a virus scanner.).
Regarding claim 6; O’Hare discloses the method of claim 1 wherein: the portion of the access events data contains credential holder identifying information (par. 0137; produce credentials such as a birth certificate, driver’s license, military ID.).
Regarding claim 7; O’Hare discloses the method of claim 6 wherein: the dividing obscures the credential holder identifying information (par. 0537; store user credentials such as e-mail address or username, authenticate users (e.g., based on the stored credentials), look up a user by their e-mail address or other credentials, transmit a public key to a cryptographic sharing client.)
Regarding claims 8-9; Claims 8-9 are directed to system which have similar scope as claims 1-7. Therefore, claims 8-9 remain un-patentable for the same reasons.
Regarding claims 10-12; Claims 10-12 are directed to method which have similar scope as claims 1-7. Therefore, claims 10-12 remain un-patentable for the same reasons.
Regarding claim 13; Claim 13 is directed to a method which have similar scope as claims 1-7. Therefore, claims 13 remains un-patentable for the same reasons.
Regarding claim 14; Claim 14 is directed to a method which have similar scope as claims 1-7. Therefore, claims 14 remains un-patentable for the same reasons.
Regarding claim 15; Claim 15 is directed to the method of claim 14, wherein: the access control events involve a plurality of access-controlled points at a plurality of buildings (par. 0627; identifying storage locations based on geography; the server identifies the geographic location of the client device; the location of the client device is considered as one of the access-controlled points at a plurality of buildings.).
Regarding claim 16; Claim 16 is directed to the method of claim 1 which has similar scope as claims 15. Therefore, claims 16 remains un-patentable for the same reasons.
Regarding claim 17; Claim 17 is directed to the method of claim 5 which has similar scope as claims 15. Therefore, claims 17 remains un-patentable for the same reasons.
Regarding claim 18; Claim 18 is directed to the system of claim 8 which has similar scope as claims 15. Therefore, claims 18 remains un-patentable for the same reasons.
Regarding claim 19; Claim 19 is directed to the system of claim 18 which has similar scope as claims 15. Therefore, claims 19 remains un-patentable for the same reasons. 
Regarding claim 20; Claim 20 is directed to the method of claim 13 which has similar scope as claims 15. Therefore, claims 20 remains un-patentable for the same reasons.

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087.  The examiner can normally be reached on 9:00 AM - 5:00 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/KHOI V LE/
Primary Examiner, Art Unit 2436