DETAILED ACTION

Notice of Pre-AIA  or AIA  Status

1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Information Disclosure Statement

2.	The information disclosure statement (IDS) submitted on 12/05/2019 and 2/26/2020 was filed.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Double Patenting

3.	The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper time wise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
	Claims 1-9, 12-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claim 1-9, 12-19 of U.S. Patent No. 10540516. Although the claims at issue are not identical, they are not patentably distinct from each other (see below table).
Patent No.: 10540516
15/292,606
16/704350
1. A system for securing data within an unsecured environment, the system comprising: a storage management system implemented in computer hardware, the storage management system separate from a primary storage environment, the storage management system configured to: receive data to be backed up from the primary storage environment, the data comprising a plurality of files, the primary storage environment comprising an at least partially unsecured storage environment, wherein at least some data stored in the at least partially unsecured storage environment is stored in an unencrypted form or in a storage location with shared access; perform a natural language processing process on the plurality of files to determine content of files within the plurality of files; access a security policy for the primary storage environment; tag the files within the plurality of files based at least in part on the content of the files and the security policy; select a file from the plurality files based at least in part on the tags of the files; [[and]] index a location of the file at the primary storage environment, thereby enabling a secured version of the file to replace the file at the location of the file at the primary storage environment; and secure the file at the primary storage environment by at least modifying a storage location or storage format of the file.

1. A system, the system comprising: a data management system implemented in computer hardware, the data management system configured to: receive data from a primary storage environment, the data comprising a plurality of data objects, the primary storage environment comprising an at least partially unsecured storage environment, wherein at least some data objects are stored in the at least partially unsecured storage environment is stored in an unencrypted form or in a storage location with shared access; perform a natural language processing process on one or more data objects within the plurality of data objects to determine content of at least one data object within the plurality of data objects; access a security policy associated with the primary storage environment; identify at least one or more data objects within the plurality of data objects based at least in part on the content of the at least one data object and the security policy; 
select a data object from the one or more identified data objects within the plurality of data objects; determine a location of the selected data object at the primary storage environment; and 
secure the selected data object at the primary storage environment by either moving the selected data object to a secure storage environment or modifying a storage format of the selected data object.
2.    (Original) The system of claim 1, wherein the storage management system is further configured to secure the file by replacing the file at the primary storage environment with a stub file that points to a location of the file within a secure storage environment.
2. The system of claim 1, wherein the data management system is further configured to secure the selected data object by replacing the selected data object at the primary storage environment with a pointer to a location of the selected data object within the secure storage environment.

3. The system of claim 2, wherein the secure storage environment comprises a backup storage environment.
4.    (Original) The system of claim 2, wherein the secure storage environment comprises the storage management system.
4. The system of claim 2, wherein the secure storage environment comprises the data management system.
5.    (Original) The system of claim 1, wherein the storage management system is further configured to secure the file by replacing the file at the primary storage environment with an encrypted copy of the file.
5. The system of claim 1, wherein the data management system is further configured to secure the selected data object by replacing the selected data object at the primary storage environment with an encrypted copy of the selected data object.
6.    (Original) The system of claim 1, wherein the storage management system is further configured to secure the file by moving the file to a secure area within the primary storage environment.
6. The system of claim 1, wherein the data management system is further configured to: detect an attempt to access one or more of the identified data objects by a user via an unsecured client device; and in response to the attempt, prevent access to the one or more of the identified data objects.
7.    (Original) The system of claim 1, wherein the storage management system is further configured to determine a process for securing the file at the primary storage environment based at least in part on the security policy.
7. The system of claim 6, wherein the data management system is further configured to: notify the user to access the one or more of the identified data objects via a secured client device.
8.    (Original) The system of claim 1, wherein the storage management system is further configured to: detect an attempt to access the file by a user at an unsecured client device; prevent access to the file; and cause a message to be output to the user to access the file at a secured client device.

8. The system of claim 1, wherein the data management system is further configured to determine a process for securing the selected data object at the primary storage environment based at least in part on the security policy.
9.    (Original) The system of claim 1, wherein at least one file from the plurality of files comprises a proprietary format and wherein the storage management system is further configured to convert the at least one file to a non-proprietary text format prior to performing the natural language processing process on the at least one file.
9. The system of claim 1, wherein at least one data object from the plurality of data objects comprises a proprietary format.
11. A computer-implemented method of securing data within an unsecured environment, the computer-implemented method comprising: as implemented by a storage management system implemented in computer hardware and configured with specific computer-executable instructions, receiving data to be backed up from a primary storage environment, the data comprising a plurality of files, the primary storage environment comprising an at least partially unsecured storage environment, wherein at least some data stored in the at least partially unsecured storage environment is stored in an unencrypted form or in a storage location with shared access; performing a natural language processing process on the 



identifying at least one or more data objects within the plurality of data objects based at least in part on the content of the at least one data object and the security policy selecting a data object from the one or more identified data objects within the plurality of data objects;
determining a location of the selected data object at the primary storage environment; and securing the selected data object at the primary storage 

13. The computer-implemented method of claim 12 further comprising: securing the selected data object by replacing the selected data object at the primary storage environment with a pointer to a location of the selected data object within the secure storage environment.
13.    (Original) The computer-implemented method of claim 12, wherein the secure storage environment comprises a backup storage environment.
14. The computer-implemented method of claim 13, wherein the secure storage environment comprises a backup storage environment.
14.    (Original) The computer-implemented method of claim 12, wherein the secure storage environment comprises the storage management system.
15. The computer-implemented method of claim 13, wherein the secure storage environment comprises the data management system.
15.    (Original) The computer-implemented method of claim 11, wherein securing the file comprises replacing the file at the primary storage environment with an encrypted copy of the file.
16. The computer-implemented method of claim 12 further comprising: securing the selected data object by replacing the selected data object at the primary storage environment with an encrypted copy of the selected data object.
16.    (Original) The computer-implemented method of claim 11, wherein securing the file comprises moving the file to a secure area within the primary storage environment.
17. |The computer-implemented method of claim 12 further comprising: detecting an attempt to access one or more of the identified data objects by a user via an unsecured client device; and in response to the attempt, preventing access to the one or more of the identified data objects.
17.    (Original) The computer-implemented method of claim 11, further comprising determining a process for securing the file at the primary storage environment based at least in part on the security policy.
18. The computer-implemented method of claim 17 further comprising: notifying the user to access the one or more of the identified data objects via a secured client device.
18.    (Original) The computer-implemented method of claim 11, further comprising: detecting an attempt to access the file by a user at an unsecured client device; preventing access to the file; and causing a message to be output to the user to access the file at a secured client device.


19.    (Original) The computer-implemented method of claim 11, wherein at least one file from the plurality of files comprises a proprietary format and wherein the method further comprises converting the at least one file to a non-proprietary text format prior to performing the natural language processing process on the at least one file.

20. The computer-implemented method of claim 12, wherein at least one data object from the plurality of data objects comprises a proprietary format.





Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



5.	Claims 1-22 are rejected under 35 U.S.C. 103 as being unpatentable over Patent No.: US 7,383,462 B2 to Osaki et al(hereafter referenced as Osaki), in view of Nasukawa, in further view of Pub.No.: US 2010/0250549 A1 to Muller et al(hereafter referenced as Muller). 
Regarding claim 1, Osaki discloses “a system, the system comprising: a data management system implemented in computer hardware” ([Fig.1]), “the data management system configured to: receive data from a primary storage environment” i.e. primary storage sends data to secondary storage unit [Col.2/lines 8-14]), “the  (receive RCCI [Fig.3/item 301]), “the primary storage environment comprising an at least partially unsecured storage environment” (secondary storage unit [Col.2/lines 8-14], “wherein at least some data objects are stored in the at least partially unsecured storage environment is stored in an unencrypted form or in a storage location with shared access”(primary unsecured storage environment is stored in unencrypted form for secondary storage system which is encrypted [Col.1/lines 54-60]) 
Osaki does not explicitly disclose “perform a natural language processing process on one or more data objects within the plurality of data objects to determine content of at least one data object within the plurality of data objects”
However, Nasukawa in an analogous art discloses “perform a natural language processing process (natural language processing Nasukawa[Fig.29/item 2906])on one or more data objects within the plurality of data objects to determine content of at least one data object within the plurality of data objects “(plurality of data objects being parsed Nasukawa  in [Fig.1]).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Osaki’s data backup system with Nasukawa's parsing and storage method for natural language processing system in order to provide additional security as suggested by Nasukawa. One of ordinary skill would have been motivated to combine Osaki’s data backup system with Nasukawa’s Parsing system for natural language processing because they both utilize a process requiring a backup storage system and are from the same field of endeavor.

However, Muller discloses “access a security policy associated with the primary storage environment” (security policy 415 within storage environment Muller[Fig.4b/item 415]); “identify at least one or more data objects within the plurality of data objects based at least in part on the content of the at least one data object and the security policy”(auto determine storage locator Muller [Fig.4b/item 430c]); “select a data object from the one or more identified data objects within the plurality of data objects”(data select via add location 435 Muller [Fig.4b]) ; “determine a location of the selected data object at the primary storage environment” (auto determine storage locator Muller [Fig.4b/item 430c]);” and secure the selected data object at the primary storage environment by either moving the selected data object to a secure storage environment or modifying a storage format of the selected data object.”(security 415 specifies security storage operations Muller [par.0082]).


Regarding claim 2 in view of claim 1, the references combined disclose “wherein the data management system is further configured to secure the selected data object by replacing the selected data object at the primary storage environment with a pointer to a location of the selected data object within the secure storage environment” (secondary storage computing device 165 also adds a pointer to the location at which the data object is stored to the variable instance database 205 Muller[par.0069]).
Regarding claim 3 in view of claim 2, the references combined disclose “wherein the secure storage environment comprises a backup storage environment” (secondary storage system Osaki [Col.1/lines 54-60]).
Regarding claim 4 in view of claim 2, the references combined disclose “wherein the secure storage environment comprises the data management system” (load encryption method Osaki [Fig.3/item 303]).

claim 5 in view of claim 1, the references combined disclose “wherein the data management system is further configured to secure the selected data object by replacing the selected data object at the primary storage environment with an encrypted copy of the selected data object” (after the instance of the data object has been stored, various post-processing operations may be performed upon the data object (e.g., indexing the content of the data object, classifying its content, encrypting the data object, and/or compressing it Muller[par.0069]).
Regarding claim 6 in view of claim 1, the references combined disclose “wherein the data management system is further configured to: detect an attempt to access one or more of the identified data objects by a user via an unsecured client device” i.e. identifier generation component 220 creates identifier for detection of objects of a user (Muller [par.0064]) ; “and in response to the attempt, prevent access to the one or more of the identified data objects” (storage security policy Muller[Fig.4a/item 415]).
Regarding claim 7 in view of claim 6, the references combined disclose “wherein the data management system is further configured to: notify the user to access the one or more of the identified data objects via a secured client device. (storage security policy Muller [Fig.4a/item 415]).
Regarding claim 8 in view of claim 1, the references combined disclose “wherein the data management system is further configured to determine a process for securing the selected data object at the primary storage environment based at least in part on the security policy” (storage security policy Muller[Fig.4a/item 415]).

claim 9 in view of claim 1, the references combined disclose “wherein at least one data object from the plurality of data objects comprises a proprietary format” (a primary storage system comprises a data Volume and an encryption mechanism configured/formatted to encrypt and remote copy data stored on the primary storage system Osaki[Col.2/lines 47-50]).
Regarding claim 10 in view of claim 9, the references combined disclose “wherein the data management system is further configured to convert the at least one data object to a non-proprietary text format prior to performing the natural language processing process on the at least one data object.” (natural language processing Nasukawa [Fig.29/item 2906])
Regarding claim 11 in view of claim 1, the references combined disclose “wherein the plurality of data objects comprises a plurality of files” (Data agents 195 comprises plurality of files via archiving to primary or secondary storage device Muller [par.0043]).
Regarding claim 12, Osaki discloses “a computer-implemented method, the computer-implemented method comprising:  as implemented by a data management system implemented in computer hardware and configured with specific computer-executable instructions, receiving data from a primary storage environment” i.e. primary storage sends data to secondary storage unit [Col.2/lines 8-14]), “the data comprising a plurality of data objects” (receive RCCI [Fig.3/item 301]), “the primary storage environment comprising an at least partially unsecured storage environment” (secondary storage unit [Col.2/lines 8-14], “wherein at least some data objects are stored in the at least partially unsecured storage environment is stored in an  (primary unsecured storage environment is stored in unencrypted form for secondary storage system which is encrypted [Col.1/lines 54-60])
Osaki does not explicitly disclose “performing a natural language processing process on one or more data objects within the plurality of data objects to determine content of at least one data object within the plurality of data objects.”
However, Nasukawa in an analogous art discloses “performing a natural language processing process (natural language processing Nasukawa[Fig.29/item 2906])on one or more data objects within the plurality of data objects to determine content of at least one data object within the plurality of data objects “(plurality of data objects being parsed Nasukawa  in [Fig.1]).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Osaki’s data backup system with Nasukawa's parsing and storage method for natural language processing system in order to provide additional security as suggested by Nasukawa. One of ordinary skill would have been motivated to combine Osaki’s data backup system with Nasukawa’s Parsing system for natural language processing because they both utilize a process requiring a backup storage system and are from the same field of endeavor.
Neither Osaki nor Nasukawa explicitly disclose “accessing a security policy associated with the primary storage environment; identifying at least one or more data objects within the plurality of data objects based at least in part on the content of the at least one data object and the security policy; selecting a data object from the one or 
However, Muller discloses “accessing a security policy associated with the primary storage environment” (security policy 415 within storage environment Muller[Fig.4b/item 415]); “identifying at least one or more data objects within the plurality of data objects based at least in part on the content of the at least one data object and the security policy”(auto determine storage locator Muller [Fig.4b/item 430c]); “selecting a data object from the one or more identified data objects within the plurality of data objects”(data select via add location 435 Muller [Fig.4b]) ; “determining a location of the selected data object at the primary storage environment” (auto determine storage locator Muller [Fig.4b/item 430c]);” and securing the selected data object at the primary storage environment by either moving the selected data object to a secure storage environment or modifying a storage format of the selected data object.”(security 415 specifies security storage operations Muller [par.0082]).
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was filed to modify Osaki’s data backup system and Nasukawa's parsing and storage method for natural language processing with Muller’s Storage of Data Objects utilizing a security policy system and backup storage system in order to provide additional security as suggested by Nasukawa. One of ordinary skill would have been 
Regarding claim 13 in view of claim 12, the references combined disclose “further comprising: securing the selected data object by replacing the selected data object at the primary storage environment with a pointer to a location of the selected data object within the secure storage environment” (secondary storage computing device 165 also adds a pointer to the location at which the data object is stored to the variable instance database 205 Muller [par.0069]).
Regarding claim 14 in view of claim 13, the references combined disclose “wherein the secure storage environment comprises a backup storage environment” (secondary storage system Osaki [Col.1/lines 54-60]).
Regarding claim 15 in view of claim 13, the references combined disclose “wherein the secure storage environment comprises the data management system” (load encryption method Osaki [Fig.3/item 303]).
Regarding claim 16 in view of claim 12, the references combined disclose “further comprising: securing the selected data object by replacing the selected data object at the primary storage environment with an encrypted copy of the selected data object.” (after the instance of the data object has been stored, various post-processing operations may be performed upon the data object (e.g., indexing the content of the data object, classifying its content, encrypting the data object, and/or compressing it Muller [par.0069]).
claim 17 in view of claim 12, the references combined disclose “further comprising: detecting an attempt to access one or more of the identified data objects by a user via an unsecured client device” i.e. identifier generation component 220 creates identifier for detection of objects of a user (Muller [par.0064]; “and in response to the attempt, preventing access to the one or more of the identified data objects.” (storage security policy Muller [Fig.4a/item 415]).
Regarding claim 18 in view of claim 17, the references combined disclose “further comprising: notifying the user to access the one or more of the identified data objects via a secured client device.” (storage security policy Muller [Fig.4a/item 415]).
Regarding claim 19 in view of claim 12, the references combined disclose “further comprising: determining a process for securing the selected data object at the primary storage environment based at least in part on the security policy” (storage security policy Muller[Fig.4a/item 415]).
Regarding claim 20 in view of claim 12, the references combined disclose “wherein at least one data object from the plurality of data objects comprises a proprietary format” (a primary storage system comprises a data Volume and an encryption mechanism configured/formatted to encrypt and remote copy data stored on the primary storage system Osaki[Col.2/lines 47-50]).
Regarding claim 21 in view of claim 20, the references combined disclose “further comprising: converting the at least one data object to a non-proprietary text format prior to performing the natural language processing process on the at least one data object” (natural language processing Nasukawa[Fig.29/item 2906]).

Regarding claim 22 in view of claim 12, the references combined disclose “wherein the plurality of data objects comprises a plurality of files.” (Data agents 195 comprises plurality of files via archiving to primary or secondary storage device Muller [par.0043]).


	Conclusion	

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL D ANDERSON whose telephone number is (571)270-5159. The examiner can normally be reached Mon-Fri 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571)272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-





/MICHAEL D ANDERSON/           Examiner, Art Unit 2433                                                                                                                                                                                             /William J. Goodchild/Primary Examiner, Art Unit 2433