DETAILED ACTION
This action is responsive to application filed on 08/07/2020. Claims 1-20 are pending and being considered. Claims 1, 13 and 17 are independent. Thus, claims 1-20 are rejected.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
This application claims the benefit of Korean Patent Application No. 10-2019- 0102172, filed August 21, 2019, which is hereby incorporated by reference in its entirety into this application.

Information Disclosure Statement


The information disclosure statement (IDS) submitted on 08/07/2020 and 04/26/2021 were filed on or after the mailing date of the application no.16/988,134 filed on 08/07/2020. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner and an initialed and dated copy of Applicant’s IDS form 1449 filed on 8/07/2020 and 04/26/2021 are attached to the instant office action.

Abstract
Applicant is reminded of the proper language and format for an abstract of the disclosure.

The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, “The disclosure concerns,” “The disclosure defined by this invention,” “The disclosure describes,” etc. In addition, the form and legal phraseology often used in patent claims, such as “means” and “said,” should be avoided.
The abstract of the disclosure is objected to because the abstract recites phrases, “Disclosed herein is a …”, which should be avoided.  Correction is required.  See MPEP § 608.01(b).

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 5-6, 13-16 and 17-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
5, the claim recites "the data block” in line 3 of the claim, which has not been previously defined. Therefore, there is insufficient antecedent basis for “the data block” in the claim. Examiner notes that the claim 5 depends on claim 4 which only recites “the multiple data blocks”, and claim 4 further depends on claim 1 which only recites “multiple data blocks” and “a last updated data block”, and does not recite “a data block”. Therefore, limitation(s) is unclear as to which data block of the data blocks recited. 
Regarding claim 6, similarly the claim recites "the data block” in lines 3-4 of the claim, which has not been previously defined. Therefore, there is insufficient antecedent basis for “the data block” in the claim. Examiner notes that the claim 6 depends on claim 4 which only recites “the multiple data blocks”, and claim 4 further depends on claim 1 which only recites “multiple data blocks” and “a last updated data block”, and does not recite “a data block”. Therefore, limitation(s) is unclear.
Regarding claim 13, similarly the claim recites limitation(s) "generating, by the server, a server signature value by signing a representative value…” in lines 5-6 of the claim. The limitation(s) is indefinite because it is not clear whether “a representative value” defined in lines 5-6 of the claim refers to (or same as) “a representative value” defined in line 3 of the claim, or refers to a different “representative value”. Therefore, the claim is indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph. 
Dependent claims 14-16 are likewise rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph as being indefinite since they depend on and/or carries the deficiencies of the parent claims.
17, the claim recites limitation "to generate tags of the data blocks” in line 6 of the claim. The limitation(s) is indefinite because it is not clear whether “the data blocks” defined in line 6 of the claim refers to (or same as) “multiple data blocks” defined in line 6 of the claim, or refers to the different “data blocks”. Claim further recites limitation “to generate a server signature value by signing a representative value…” in lines 8-9 of the claim. The limitation(s) is indefinite because it is not clear whether “a representative value” defined in lines 8-9 of the claim refers to (or same as) “a representative value” defined in lines 6-7 of the claim, or refers to a different “representative value”.” Therefore, the claim is indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph. 
Regarding claim 18, the claim recites "the data block” in lines 3-4 of the claim, which has not been previously defined. Therefore, there is insufficient antecedent basis for “the data block” in the claim. Examiner notes that the claim 18 depends on claim 17 which only recites “multiple data blocks” and “the data blocks”, and does not recite “a data block”. Therefore, limitation(s) is unclear.
Dependent claim 19 is likewise rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph as being indefinite since they depend on and/or carries the deficiencies of the parent claims.
Regarding claim 20, the claim recites "the data block” in lines 3-4 of the claim, which has not been previously defined. Therefore, there is insufficient antecedent basis for “the data block” in the claim. Examiner notes that the claim 20 depends on claim 17 which only recites “multiple data blocks” and “the data blocks”, and does not recite “a data block”. Therefore, limitation(s) is unclear.

Claim Rejections - 35 U.S.C. 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:atent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1- 4 and 7-20 are rejected under 35 U.S.C. 103 as being unpatentable over Kolodner; Elliot K. et al. (US 2015/0058301 A1), hereinafter (Kolodner), in view of Samsonov; Yevgeniy A. et al. (US 2016/0379015 A1), hereinafter (Samsonov).

Regarding claim 1, Kolodner teaches a method of operating a data management apparatus, comprising (Kolodner, Para. [0008], discloses methods of uploading data files (i.e., by using information management system, see Para. [0043]). In one embodiment, the method comprises): 
segmenting, by a client device, data into multiple data blocks (Kolodner, Para. [0008], discloses that a first client machine dividing a first file into N data chunks, or see also Para. [0019-0020], wherein a data chunk manager 114 may be ); 
generating, by the client device, tags corresponding to the multiple data blocks (Kolodner, Para. [0021 and/or 0031], discloses that the client machine applies a hash function to the data chunks (1 through N) to obtain the corresponding hash values (i.e., tags), or see also Para. [0027], discloses that a hash tree may be used for the purpose of storing the hash values (i.e., tags) calculated for the N data chunks (e.g., based on hashes taken over the minimal size data chunks that makeup a data chunk.sub.(i) where "i" is 1 through N)); 
generating, by the client device, a representative value by accumulating the tags (Kolodner, Para. [0021 and/or 0031], discloses that a full file signature may be calculated by concatenating the hash values for the data chunks and applying a hash function to the concatenation (i.e., representative value) to determine the full file hash signature, or see also Para. [0027], discloses a root hash (i.e., a representative value) of the hash tree. Wherein, the hash tree may be used for the purpose of storing the hash values calculated for the N data chunks (e.g., based on hashes taken over the minimal size data chunks that makeup a data chunk.sub.(i) where "i" is 1 through N)); 
generating, by the client device, a client signature value by signing the representative value Kolodner, Para. [0021 and/or 0031], discloses that a full file signature may be calculated by concatenating the hash values for the data chunks and applying a hash function to the concatenation (i.e., representative value) to determine the full file hash signature, or see also Para. [0028], ); and 
transmitting, by the client device, the data and the client signature value to a server (Kolodner, Para. [0023], discloses that the client machine 110 calculates the unique signature value for a file that is to be uploaded and forwards the signature value to server 120, and as disclosed in Para. [0022], wherein the signature values, for the data chunks or the data file, may be calculated either before or after the data file is uploaded to the server 120).  
However Kolodner fails to explicitly disclose but Matsuo teaches generating, by the client device, a client signature value by signing the representative value and a counter value corresponding to a last updated data block, among the multiple data blocks (Samsonov, Para. [0031], discloses to combine the root hash value 412 with a present counter value 414 of the trusted counter to create a hash message authentication code signature 416); and
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to generate a client signature value by signing the representative value and a counter value corresponding to a last updated data block, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 2, Kolodner as modified by Samsonov teaches the method of claim 1, wherein Kolodner further teaches individual sizes of the multiple data blocks are identical to each other (Kolodner, Para. [0020], discloses an example, wherein a 40 MB file may be divided into 40 one-MB data chunks, or 20 two-MB data chunks, or 10 four-MB data chunks […]. The data chunk size may be determined based on preference or an algorithm taking into account the most optimum chunk size according to network conditions, available bandwidth, etc.).  

Regarding claim 3, Kolodner as modified by Samsonov teaches the method of claim 1, wherein Kolodner further teaches at least one of the multiple data blocks has a different size (Kolodner, Para. [0020], discloses an example, wherein a 40 MB file may be divided into 10 two-MB data chunks and 20 one-MB data chunks, where the minimal data chunk is designated as 1 MB. The data chunk size may be determined based on preference or an algorithm taking into account the most optimum chunk size according to network conditions, available bandwidth, etc.).  

Regarding claim 4, Kolodner as modified by Samsonov teaches the method of claim 1, wherein Kolodner further teaches generating the tags comprises: generating a hash value for each of the multiple data blocks (Kolodner, Para. [0021 and/or 0031], discloses that the client machine applies a hash function to the data chunks (1 through N) to obtain the corresponding hash values (i.e., hereinafter tags)).  

Regarding claim 7, Kolodner as modified by Samsonov teaches the method of claim 4, wherein Kolodner fails to explicitly disclose but Samsonov further teaches the representative value is updated by adding or subtracting a hash value of a data block, corresponding to a change to dynamic data, to or from the representative value (Kolodner, Para. [0033], discloses that during a sector write, the client code set ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation wherein the representative value is updated by adding or subtracting a hash value of a data block, corresponding to a change to dynamic data, to or from the representative value, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 8, Kolodner as modified by Samsonov teaches the method of claim 1, wherein Kolodner fails to explicitly disclose but Samsonov further teaches further comprising: receiving, by the client device, a server signature value corresponding to the client signature value (Samsonov, Para. [0032], discloses that the client code set may read the entire simple header (i.e., including hash message authentication code signature) from the agnostic data storage, or see also Para. [0033], discloses that during a sector read, the client code set may read a data sector 406 from the mass storage and verify the hash message authentication code signature 416 found in the simple header 402).  
a server signature value corresponding to the client signature value, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 9, Kolodner as modified by Samsonov teaches the method of claim 8, wherein Kolodner fails to explicitly disclose but Samsonov further teaches further comprising: deleting, by the client device, the data after verifying the server signature value (Samsonov, Para. [0043], discloses that the client code set may verify the hash message authentication code signature to determine whether the data set has been corrupted (Block 712). If the verification indicates the data has been corrupted (Block 714), the client code set may mark the data set as corrupt (Block 716), e.g., as disclosed in Para. [0038 and/or 0041], wherein the client code set may discard any header instance which fails the cyclic redundancy check, and/or if the updated header instance is corrupted, the client code set may detect the corruption in the cyclic redundancy check and discard the update).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to delete the data after verifying the server signature value, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 10, Kolodner as modified by Samsonov teaches the method of claim 9, wherein Kolodner fails to explicitly disclose but Samsonov further teaches further comprising: storing, by the client device, the server signature value, the representative value, and the counter value (Kolodner, Para. [0032], discloses that the client code set may read the entire simple header from the agnostic data storage […]. Wherein, the client code set may cache the simple header (i.e., including hash message authentication code signature, re-computed root hash value and the trusted counter value) 402 locally).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to store the server signature value, the representative value, and the counter value, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 11, Kolodner as modified by Samsonov teaches the method of claim 1, wherein Kolodner fails to explicitly disclose but Samsonov further teaches further comprising: transmitting, by the client device, a request to update the data to the server (Samsonov, Para. [0042], discloses that the client code set may send a write request of the data set associated with the hash message authentication code signature to an agnostic data storage, or see also Para. [0043], discloses that the client code set may send a read request for a data set associated with a hash message ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to transmit a request to update the data to the server, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 12, Kolodner as modified by Samsonov teaches the method of claim 11, wherein Kolodner fails to explicitly disclose but Samsonov further teaches further comprising: receiving, by the client device, a new server signature value, corresponding to the request, from the server (Samsonov, Para. [0043], discloses that the client code set may receive a read response having the data set and associated header conveying the hash message authentication code signature from the agnostic data storage); 
verifying, by the client device, the new server signature value (Samsonov, Para. [0043], discloses that the client code set may verify the hash message authentication code signature to determine whether the data set has been corrupted); 
generating, by the client device, a new client signature value by signing an updated representative value and an updated counter value corresponding to the new server signature value after verification of the new server signature value is completed (Samsonov, Para. [0032-0033], discloses that the client code set may re-compute the root hash value 412. The client code set may combine the root hash value ); 
transmitting, by the client device, the new client signature value to the server (Samsonov, Para. [0033], discloses that the client code set may write the entire simple header 402 to the mass storage device, or see also Para. [0044], discloses that the agnostic data storage may store a hash message authentication code signature sent in the write request); 23and 
storing, by the client device, the new server signature value, the updated representative value, and the updated counter value (Samsonov, Para. [0032], discloses that the client code set may cache the entire simple header (i.e., including hash message authentication code signature, re-computed root hash value and the trusted counter value) 402 locally).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to store the new server signature value, the updated representative value, and the updated counter value, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 13, Kolodner teaches a method of operating a data management apparatus, comprising (Kolodner, Para. [0008], discloses methods of uploading data files (i.e., by using information management system, see Para. [0043]). In one embodiment, the method comprises): 
receiving, by a server, data and a client signature value from a client device (Kolodner, Para. [0013 and/or 0023], discloses that client machine 110 calculates the unique signature value for a file that is to be uploaded (e.g., according to the minimal size data chunk signature calculation noted above) and forwards the signature value to server 120 prior to the file upload process being initiated (S310), and/or as disclosed in Para. [0025], alternatively, a so-called server-side deduplication scheme may be utilized, where the file content is uploaded to the server first, the signature of the file after upload is determined);
generating, by the server, a representative value corresponding to the data (Kolodner, Para. [0032], discloses that as noted earlier, a hash process may be used by server 120 to calculate signature values for the uploaded data chunks and ultimately a signature value for the uploaded file (e.g., based on hash values (i.e., by concatenating the hash values, see Para. [0021 and/or 0031]) for the minimal size data chunks), for the purposes of integrity verification and deduplication, or see also Para. [0027], discloses root (i.e., a representative value) of the hash tree. Wherein, the hash tree may be used for the purpose of storing the hash values calculated for the N data chunks (e.g., based on hashes taken over the minimal size data chunks that makeup a data chunk.sub.(i) where "i" is 1 through N), and as disclosed in Para. [0028], wherein the root of the hash tree represents the signature value for the entire file); 
verifying, by the server, the client signature value using the representative value (Kolodner, Para. [0032], discloses that as noted earlier, a hash process may be used by server 120 […] for the purposes of integrity verification and deduplication, e.g., as disclosed in Para. [0033], when the data chunks are uploaded to the server, the hash ); 
generating, by the server, a server signature value Kolodner, Para. [0026], discloses that if a match for the file signature is not found (S320), the data chunks associated with the file are uploaded to the server 120 (S340). In one implementation, the server 120 may calculate the signature value for an uploaded chunk and the full signature of the data file); 
storing, by the server, the data, the client signature value, the representative value, Kolodner, Para. [0023 and 0025], discloses that client machine 110 calculates the unique signature value for a file that is to be uploaded and forwards the signature value to server 120 prior to the file upload process being initiated (S310), and as disclosed in Para. [0027-0028], wherein the hash tree allows for the root of the hash tree which represents the signature value for the entire file to be stored in volatile memory of server 120).  
However Kolodner fails to explicitly disclose but Samsonov teaches generating, by the server, a server signature value by signing a representative value and a counter value corresponding to the client signature value after verification of the client signature value is completed (Samsonov, Para. [0045], discloses to create the hash message authentication code signature in the primary header instance from a root hash of the data set and a counter value of the trusted counter, or see also Para. [0031 );
transmitting, by the server, the server signature value to the client device (Samsonov, Para. [0043, discloses that the client code set may receive a read response having the data set and associated header conveying the hash message authentication code signature form the agnostic data storage (Block 708), or as disclosed in Para. [0044], wherein the agnostic data storage may send a read response having the data set and the hash message authentication code signature to the client code set (Block 812)); and 
storing, by the server, the data, the client signature value, the representative value, and the counter value (Samsonov, Para. [0044], discloses that agnostic data storage may store a data set sent in the write request from the client code set (Block 804). The agnostic data storage may store a header instance describing the data set, possibly sent as a separate request (Block 806). The agnostic data storage may store a hash message authentication code signature (i.e., including Root hash and counter value, as depicted in Fig. 4) sent in the write request, possibly in the header instance (Block 808)).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to generate a server signature value by signing a representative value and a counter value corresponding to the client signature value, as taught by Samsonov, in order for an agnostic data storage (i.e., 

Regarding claim 14, Kolodner as modified by Samsonov teaches the method of claim 13, Wherein Kolodner fails to disclose but Samsonov further teaches further comprising: receiving, by the server, an update request from the client device (Samsonov, Para. [0042], discloses that the client code set may send a write (i.e., update) request of the data set associated with the hash message authentication code signature to an agnostic data storage (Block 612). The client code set may send a header write (i.e., update) request of the data set to an agnostic data storage to write a simple header having the hash message authentication code signature (Block 614)). 
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to receive an update request from the client device, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 15, Kolodner as modified by Samsonov teaches the method of claim 14, Wherein Kolodner fails to disclose but Samsonov further teaches further comprising: updating, by the server, the representative value and the counter value in response to the update request (Samsonov, Para. [0040], discloses re-compute the root hash value 516 and re-calculate the hash message authentication code signature 520 using the local trusted counter value incremented by one); 
generating, by the server, a new server signature value by signing the updated representative value and the updated counter value (Samsonov, Para. [0036], discloses that the primary header instance 502 may combine the root hash value 516 with a present counter value 518 of the trusted counter to create a hash message authentication code signature 520); and 
transmitting, by the server, the new server signature value to the client device (Samsonov, Para. [0043], discloses that the client code set may receive a read response having the data set and associated header conveying the hash message authentication code signature from the agnostic data storage (Block 708)).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to transmit the new server signature value to the client device, as taught by Samsonov, in order for a data storage client to establish a protected storage system with an agnostic data storage; Samsonov, Para. [0003 and 0017].

Regarding claim 16, Kolodner as modified by Samsonov teaches the method of claim 15, wherein Kolodner further teaches further comprising: receiving, by the server, a new client signature value corresponding to the new server signature value from the client device (Kolodner, Para. [0013 and/or 0023], discloses that client machine 110 calculates the unique signature value for a file that is to be uploaded (e.g., according to the minimal size data chunk signature calculation noted above) and forwards the signature value to server 120 prior to the file upload process being initiated (S310)); 
24verifying, by the server, the new client signature value (Kolodner, Para. [0032], discloses that as noted earlier, a hash process may be used by server 120 […] for the purposes of integrity verification and deduplication, e.g., as disclosed in Para. [0033], when the data chunks are uploaded to the server, the hash function for calculating the file signature may be uniformly applied to the minimal size data chunks that make up the file data chunks to determine the same signature for the same files that may be uploaded by different client machines 110); 
updating, by the server, the data in compliance with the update request after verification of the new client signature value is completed (Kolodner, Para. [0025], discloses that the signature is compared to the records of a deduplication table, for example, to determine whether a duplicate copy exists based on a matching file signature. If so, then the proper deduplication records and file pointers are updated to indicate that the file was successfully uploaded); and 
storing, by the server, the updated data, the new client signature value, the updated representative value, Kolodner, Para. [0023 and 0025], discloses that client machine 110 calculates the unique signature value for a file that is to be uploaded and forwards the signature value to server 120 prior to the file upload process being initiated (S310), and as disclosed in Para. [0027-0028], wherein the hash tree allows for the root of the hash tree which represents the signature value for the entire file to be stored in volatile memory of server 120).  
However Kolodner fails to explicitly disclose but Samsonov teaches storing, by the server, the updated data, the new client signature value, the updated representative value, and the updated counter value (Samsonov, Para. [0044], discloses that ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation to store the updated data, the new client signature value, the updated representative value, and the updated counter value, as taught by Samsonov, in order to establish a virtual replay protected storage system with an agnostic data storage. Wherein, the virtual replay protected storage system may maintain a trusted counter and a secret key in a trusted client environment; Samsonov, Para. [0003 and 0017].

Regarding claim 17, Kolodner teaches a data management apparatus, comprising: at least one processor; and memory for storing at least one instruction executed by the at least one processor (Kolodner, Para. [0037], discloses that the application software and logic code disclosed herein may be implemented in the form of machine readable code executed over one or more computing systems i.e., by using information management system, see Para. [0043]) represented by the exemplary hardware environment 1110. As illustrated, hardware environment 110 may comprise a processor 1101 coupled to one or more storage ), 
wherein the at least one instruction is executed by the at least one processor so as to (Kolodner, Para. [0039 and 0043], discloses that an information management system instruct one or more processors 1101 (e.g., microcontrollers) in the hardware environment 1110 on how to function and process information by loading executable code from storage media 1106 to) receive data and a client signature value from a client device (Kolodner, Para. [0013 and/or 0023], discloses that client machine 110 calculates the unique signature value for a file that is to be uploaded (e.g., according to the minimal size data chunk signature calculation noted above) and forwards the signature value to server 120 prior to the file upload process being initiated (S310), and/or as disclosed in Para. [0025], alternatively, a so-called server-side deduplication scheme may be utilized, where the file content is uploaded to the server first, the signature of the file after upload is determined), to segment the data into multiple data blocks, to generate tags of the data blocks ((Kolodner, Para. [0027], discloses that a file is divided into N data chunks (e.g., where a data chunk is equal to or is a multiple of a predetermined minimal size data chunk), a hash tree may be used for the purpose of storing the hash values calculated for the N data chunks (e.g., based on hashes taken over the minimal size data chunks that makeup a data chunk.sub.(i) where "i" is 1 through N))), to generate a representative value using the generated tags (Kolodner, Para. [0027], discloses root of the hash tree. Wherein, the hash tree may be used for the purpose of storing the hash values calculated for the N data chunks (e.g., based on hashes taken over the minimal size data chunks that makeup a data ), to verify the client signature value using the representative value (Kolodner, Para. [0032], discloses that as noted earlier, a hash process may be used by server 120 […] for the purposes of integrity verification and deduplication, e.g., as disclosed in Para. [0033], when the data chunks are uploaded to the server, the hash function for calculating the file signature may be uniformly applied to the minimal size data chunks that make up the file data chunks to determine the same signature for the same files that may be uploaded by different client machines 110), to generate a server signature value Kolodner, Para. [0026], discloses that if a match for the file signature is not found (S320), the data chunks associated with the file are uploaded to the server 120 (S340). In one implementation, the server 120 may calculate the signature value for an uploaded chunk and the full signature of the data file), Kolodner, Para. [0023 and 0025], discloses that client machine 110 calculates the unique signature value for a file that is to be uploaded and forwards the signature value to server 120 prior to the file upload process being initiated (S310), and as disclosed in Para. [0027-0028], wherein the hash tree allows for the root of the hash tree which represents the signature value for the entire file to be stored in volatile memory of server 120).  
 signing a representative value and a counter value corresponding to the client signature value after verification of the client signature value is completed (Samsonov, Para. [0045], discloses to create the hash message authentication code signature in the primary header instance from a root hash of the data set and a counter value of the trusted counter, or see also Para. [0031 or 0036], wherein the header 402 may combine the root hash value 412 with a present counter value 414 of the trusted counter to create a hash message authentication code signature 416), to transmit the server signature value to the client device (Samsonov, Para. [0043, discloses that the client code set may receive a read response having the data set and associated header conveying the hash message authentication code signature form the agnostic data storage (Block 708), or as disclosed in Para. [0044], wherein the agnostic data storage may send a read response having the data set and the hash message authentication code signature to the client code set (Block 812)), and the counter value (Samsonov, Para. [0044], discloses that agnostic data storage may store a data set sent in the write request from the client code set (Block 804). The agnostic data storage may store a header instance describing the data set, possibly sent as a separate request (Block 806). The agnostic data storage may store a hash message authentication code signature (i.e., including Root hash and counter value, as depicted in Fig. 4) sent in the write request, possibly in the header instance (Block 808)).


Regarding claim 18, Kolodner as modified by Samsonov teaches the data management apparatus of claim 17, wherein Kolodner fails to explicitly disclose but Samsonov further teaches: in response to a request for modification of any one of the multiple data blocks (Samsonov, Para. [0042], discloses that the client code set may send a write (i.e., update) request of the data set associated with the hash message authentication code signature to an agnostic data storage (Block 612)), the representative value is updated by subtracting a hash value corresponding to the data block to be modified from the representative value and by adding a new hash value thereto, the new hash value is generated using the data block, the modification of which is requested, and a new counter value (Samsonov, Para. [0033 and 0040], discloses to re-compute the root hash value 516 (i.e., representative value) and re-calculate the hash message authentication code signature 520 using the local trusted counter value incremented by one for each of the updated data sectors), and the counter value is updated to the new counter value by adding 1 to the counter value (Samsonov, Para. [0040], discloses that the local trusted counter value is incremented by one).  
 in response to a request for modification of any one of the multiple data blocks, the representative value is updated, as taught by Samsonov, in order for an agnostic data storage (i.e., server) to establish a virtual replay protected storage system with a data storage client; Samsonov, Para. [0017].

Regarding claim 19, Kolodner as modified by Samsonov teaches the data management apparatus of claim 17, wherein Kolodner fails to explicitly disclose but Samsonov further teaches: in response to a request for addition of a data block in the multiple data blocks, the representative value is updated by adding an additional hash value, corresponding to the data block to be added, thereto, the additional hash value is generated using the data block, the addition of which is requested, and a new counter value (Samsonov, Para. [0042], discloses that the client code set may send a write (i.e., update) request of the data set associated with the hash message authentication code signature to an agnostic data storage (Block 612), and as disclosed in Para. [0033], during a sector write (i.e., addition of a data block), the client code set may write data for one or more data sectors 406 to mass storage, and as further disclosed in Para. [0040], to re-compute the root hash value 516 (i.e., representative value) and re-calculate the hash message authentication code signature 520 using the local trusted counter value incremented by one for each of the updated (i.e., a) data sectors), and the counter value is updated to the new counter value by adding 1 to the counter value (Samsonov, Para. [0040], discloses that the local trusted counter value is incremented by one).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Samsonov’ into the teachings of ‘Kolodner’, with a motivation wherein in response to a request for addition of a data block in the multiple data blocks, the representative value is updated by adding an additional hash value, as taught by Samsonov, in order for an agnostic data storage (i.e., server) to establish a virtual replay protected storage system with a data storage client; Samsonov, Para. [0017].

Regarding claim 20, Kolodner as modified by Samsonov teaches the data management apparatus of claim 17, wherein Kolodner fails to explicitly disclose but Samsonov further teaches: in response to a request for deletion of any one of the multiple data blocks, the representative value is updated by subtracting a hash value, corresponding to the data block to be deleted, therefrom (Samsonov, Para. [0042], discloses that the client code set may send a write (i.e., delete) request of the data set associated with the hash message authentication code signature to an agnostic data storage (Block 612), and as disclosed in Para. [0033 and 0040], to re-compute the root hash value 516 (i.e., representative value) and re-calculate the hash message authentication code signature 520 using the local trusted counter value incremented by one for each of the updated (i.e., corrupted/deleted) data sectors), and the counter value is updated by adding 1 thereto (Samsonov, Para. [0040], discloses that the local trusted counter value is incremented by one).
.

Claims 5-6 are rejected under 35 U.S.C. 103 as being unpatentable over Kolodner; Elliot K. et al. (US 2015/0058301 A1), hereinafter (Kolodner), in view of Samsonov; Yevgeniy A. et al. (US 2016/0379015 A1), hereinafter (Samsonov), and further in view of Cowling; James et al. (US 2016/0092125 A1), hereinafter (Cowling).

Regarding claim 5, Kolodner as modified by Samsonov teaches the method of claim 4, wherein Kolodner further teaches generating the hash value comprises: generating the hash value using Kolodner, Para. [0021 and/or 0031], discloses that the client machine applies a hash function to the data chunks (1 through N) to obtain the corresponding hash values). 
However Kolodner as modified by Samsonov fails to explicitly disclose but Cowling teaches generating the hash value using a key value shared between the client device and the server, the data block, and a counter value corresponding to the data block (Cowling, Para. [0065], discloses that each data block is associated with a “hash” that serves as a global identifier for the data block. The hash can be computed ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Cowling’ into the teachings of ‘Kolodner’ as modified by ‘Samsonov’, with a motivation to generate hash value using a key value shared between the client device and the server, the data block, and a counter value corresponding to the data block, as taught by Cowling, in order to design a data storage system that stores sets of data blocks in extents that are located in storage devices in the system; Cowling, Para. [0008].

Regarding claim 6, Kolodner as modified by Samsonov teaches the method of claim 4, wherein Kolodner as modified by Samsonov fails to explicitly disclose but Cowling teaches generating the hash value comprises: generating the hash value using Kolodner, Para. [0021 and/or 0031], discloses that the client machine applies a hash function to the data chunks (1 through N) to obtain the corresponding hash values). 
However Kolodner as modified by Samsonov fails to explicitly disclose but Cowling teaches generating the hash value using a key value shared between the client device and the server, the data block, a length of the data block, and a counter value corresponding 22to the data block (Cowling, Para. [0065], discloses that each data block is associated with a “hash” that serves as a global identifier for the data block. The hash can be computed from the data block by running through a hash function, such as a SHA-256 hash function, and as disclosed in Para. [0103], wherein a typical hash table entry 930 is illustrated in FIG. 9C. This hash table entry 930 includes an offset 932 (i.e., counter value), and also a length 934 of an associated data block for the extent. Hash table entry 930 also includes a tag 938 that is matched against a portion of a hash key for a data block during a lookup. Entry 930 also includes a key length field 936 that specifies the length of the hash key that is used to access the hash table).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Cowling’ into the teachings of ‘Kolodner’ as modified by ‘Samsonov’, with a motivation to generate hash value using a key value shared between the client device and the server, the data block,  length of the data block and a counter value corresponding to the data block, as taught by Cowling, in order to design a data storage system that stores sets of data blocks in extents that are located in storage devices in the system; Cowling, Para. [0008].

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See form PTO-892.

 If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALI CHEEMA/
Examiner, Art Unit 2496

/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496