DETAILED ACTION

1.	
This is in reply to an application filed on 02/19/2020. Claims 1-20 are pending examination.

2. 
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

3.
Drawing Objection
Figure 1 is objected to, because those figures are not labeled. Examiner suggests labeling the figure, for example labeling the figures with text in addition to the numbers according to the specification.

4.



Claim Rejections - 35 USC § 103
 In the event the determination of the status of the application as subject to AIA  35   U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new 

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

	Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Bhat et al, US 2016/0371495 (hereinafter Bhat), and further in view of Yasuda et al, US. 2015/0270964 (hereinafter Yasuda).

Regarding claim 1 Bhat teaches a method for securing data across execution contexts in a computing device, the method comprising: 
running, by the computing device, first code in a first execution context, code running in the first execution context having access to a first set of resources of the computing device; running, by the computing device, second code in a second execution context, code running in the second execution context having access to a second set of resources of the computing device, wherein the first set of resources is different than the second set of resources (Bhat teaches implementing a plurality of sandboxes (i.e. a plurality of execution context) on a computing device, wherein each of the sandbox may include a plurality of applications (i.e. a plurality of codes), wherein the applications may access data and resources on the sandbox, but not out the sandbox [0012-0013] [0019-0021], and fig. 2); 

 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify Bhat such that the invention further includes tokenizing data sent to a second party to protect the data from the second party. One would have been motivated to do so to protect the confidentiality of the data (i.e. sensitive data).

Regarding claim 2 Bhat as modified as modified teaches the method of claim 1, wherein tokenizing the first data comprises encrypting the first data [0030].  

Regarding claim 3 Bhat as modified as modified teaches the method of claim 1, wherein a tokenization method used to tokenize the first data is selected from a plurality of tokenization methods based on one or more of a type of the first data or a destination 

Regarding claim 4 Bhat as modified teaches the method of claim 3, wherein the tokenization method is selected based on a computation to be performed on the first data by the second code (Yasuda teaches a terminal may send data for analysis by a server, wherein the server analyzes the encrypted data without decrypting the encrypted data [0039]).  

Regarding claim 5 Bhat as modified teaches the method of claim 1, wherein based on determining that the first data is to be passed, tokenizing the first data comprises: based on determining that the first data is to be passed and based on determining the first data is one or more of: of a type of data requiring tokenization, associated with a security policy requiring tokenization, stored at a location requiring tokenization, associated with a source of data requiring tokenization, or has a content requiring tokenization, tokenizing the first data (Bhat teaches the requested application data can be encrypted and sent only to authorized applications to prevent unauthorized access to the application data (i.e. policy requires tokenization) [0026], [0033], and the application can be configured with a profile that specifies an appropriate encryption algorithm and/or includes the actual algorithm [0050]).  


 
Regarding claim 7 Bhat as modified teaches the method of claim 6, wherein: tokenizing the first data is performed using a first tokenization method; and the third data is further generated based on tokenizing, using a second tokenization method, the de-tokenized modified tokenized first data (Yasuda teaches using a homomorphic encryption process to encrypt the data [0048], and re-encrypting the encrypted data using each auxiliary information added to each encrypted data [0039]). 


In response to Claim 8: Rejected for the same reason as claim 1
In response to Claim 9: Rejected for the same reason as claim 2
In response to Claim 10: Rejected for the same reason as claim 3
In response to Claim 11: Rejected for the same reason as claim 4
In response to Claim 12: Rejected for the same reason as claim 5 
In response to Claim 13: Rejected for the same reason as claim 6
In response to Claim 14: Rejected for the same reason as claim 7
In response to Claim 15: Rejected for the same reason as claim 1
In response to Claim 16: Rejected for the same reason as claim 3
In response to Claim 17: Rejected for the same reason as claim 4
In response to Claim 18: Rejected for the same reason as claim 5
In response to Claim 19: Rejected for the same reason as claim 6
In response to Claim 20: Rejected for the same reason as claim 7



Conclusion


Any inquiry concerning this communication or earlier communications from the examiner should be directed to AYOUB ALATA whose telephone number is (313)446-6541.  The examiner can normally be reached on Monday - Friday 7:30 - 5:00 Est.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung (Jay) Kim can be reached on (571)272-3804.  The fax phone number for the organization where this application or proceeding is assigned is (571)273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For 
/AYOUB ALATA/Primary Examiner, Art Unit 2494