DETAILED ACTION
Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.


Response to Amendment
The amendment filed 2022-01-07 has been entered and fully considered.

In light of applicant’s amendment, filed 2022-01-07, the 35 U.S.C. § 112(b) rejection has been withdrawn.


Response to Arguments
Applicant’s arguments, see pages 9-10, filed 2022-01-07, with respect to the claim amendments overcoming the cited prior art references of the rejection of claims 1-2, 12-13, 


Information Disclosure Statement
The information disclosure statement (IDS) submitted on 2021-12-10 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.


Double Patenting
The rejection on the ground of nonstatutory double patenting over copending U.S. Patent Application No. 17359475 in the Office action mailed 2021-10-15 is held in abeyance as requested by Applicant in the remarks filed 2022-01-07.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –



Claims 1, 12, and 20 are rejected under 35 U.S.C. 102(a)(1) as being clearly anticipated by Velamoor.

With respect to independent claim 1, Velamoor discloses a computer-implemented method, comprising:
obtaining, from a data user, an acquisition request for accessing target data of a data owner {paras. 0140-0141: a “person requesting the access from the mobile device”, the access request for “content, such as a document”}.
determining a trusted application (TAPP) for generating the target data based on decentralized identifier document (DID Doc) information of the data owner in response to the acquisition request {paras. 0099 & 0131: “A setting may be provided, which may be selected by an administrator, to allow the administrator to restrict how or when a document can be accessed. For example, a setting may allow a document only to be accessed by the secure viewing application”.  The “administrator” may be the user/owner that provides files, e.g. “an administrator 612 user may place files within an input file directory”}.
sending, to the TAPP, a target data generation request, wherein the target data generation request requests the TAPP to generate the target data based on processing data of the data owner {paras. 0195-0196: “Rather than opening the spreadsheet document directly with the spreadsheet application, a client spreadsheet viewer on the client computing device may enable a user to view and interact with a `viewable spreadsheet document` that has been rendered by the server-based spreadsheet viewer facility”}, wherein the data of the data owner {para. 0195: “the original spreadsheet document is stored with the server-based spreadsheet viewer facility, such as transmitted to the spreadsheet viewer facility by a first user trying to share the spreadsheet document with a second user”}, and wherein the data user is unable to access the data of the data owner {paras. 0200-0204: “the virtual container environment may control further dissemination of the document that a user is sharing by blocking the various operating system commands (e.g., print, print screen, save, send, and the like) that are the normal mechanisms by which a recipient of a sensitive document would save or disseminate a copy”}.
receiving a processing result from the TAPP in response to the target data generation request {paras. 0195-0196: “a client spreadsheet viewer on the client computing device may enable a user to view and interact with a `viewable spreadsheet document` that has been rendered by the server-based spreadsheet viewer facility”}.

With respect to claim 12, a corresponding reasoning as given earlier in this section with respect to claim 1 applies, mutatis mutandis, to the subject matter of claim 12; therefore, claim 12 are rejected, for similar reasons, under the grounds as set forth for claim 1.

With respect to claim 20, a corresponding reasoning as given earlier in this section with respect to claim 12 applies, mutatis mutandis, to the subject matter of claim 20; therefore, claim 20 are rejected, for similar reasons, under the grounds as set forth for claim 12.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 2 and 13 are rejected under 35 U.S.C. 103 as being unpatentable over Velamoor et al. (US Pre-Grant Publication No. 20140304836-A1, hereinafter “Velamoor”) in view of Danziger.

Velamoor teaches determining a secure viewing application such as a spreadsheet viewer, Velamoor does not explicitly disclose obtaining a program identifier; however, Danziger discloses:
before determining the TAPP for generating the target data, obtaining a program identifier of at least one TAPP {para. 0024: “the file access request further includes an application identifier to open the data file”}.
generating, based on the program identifier of at least one TAPP, a program binding request for requesting to store correspondence information between the target data and the TAPP in a DID Doc of the data owner {paras. 0021 & 0038: “the user can make changes to a data file via an application in the application server 120, and such changes” result in the system to “update file information with the storage server 302, so that the application server 303 maintains the latest metadata and content of the data file”; such changes “can update information relating to the title of the data file”; this update is based on the “application identifier” of the application in as much as the update would not occur if the application was not the conduit through which “changes to a data file” were made}.

Velamoor and Danziger are analogous art because they are from the same field of endeavor or problem-solving area of controlling access by a data owner to a file in a secure data storage system.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Velamoor and Danziger before him or her, to modify/develop the secure collaborative content system of Velamoor’s system to utilize program identifiers bound to the document identifier.  The suggestion and/or motivation for doing so would have been because it is merely combining prior art elements i.e. enabling the owner to specify a particular trusted viewer for accessing a particular file.  Therefore, it would have been obvious to combine the secure collaborative content system in Velamoor’s system with program identifiers bound to the document identifier to obtain the invention as specified in the instant claim(s).  The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.

With respect to claim 13, a corresponding reasoning as given earlier in this section with respect to claim 2 applies, mutatis mutandis, to the subject matter of claim 13; therefore, claim 13 are rejected, for similar reasons, under the grounds as set forth for claim 2.


Claims 3-6, 8-9, 14-17, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Velamoor in view of Danziger and Motes.

With respect to dependent claim 3, although Velamoor teaches determining an application that should open a file, Velamoor does not explicitly disclose that the determination is based on a program identifier selected by the data owner; however, Motes discloses wherein obtaining the program identifier of at least one TAPP comprises: obtaining a program identifier  {para. 0033: “link-based sharing module 26 may also allow users to specify which application should open a particular file or set of files when the files are accessed via a particular link”}.

Velamoor-Danziger and Motes are analogous art because they are from the same field of endeavor or problem-solving area of content management.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Velamoor-Danziger and Motes before him or her, to modify/develop the application server of Velamoor-Danziger’s system to utilize a user-specified application for accessing a file.  The suggestion and/or motivation for doing so would have been because it is merely combining prior art elements according to known methods to yield predictable results, i.e. it enables a user to ensure files are opened by an appropriate application.  Therefore, it would have been obvious to combine the application server in Velamoor-Danziger’s system with a user-specified application for accessing a file to obtain the invention as specified in the instant claim(s).  The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.

With respect to dependent claim 4, Motes discloses wherein obtaining the program identifier selected by the data owner comprises: obtaining the TAPP for generating the target data selected by the data owner from TAPPs supported by a target application when the DID is registered or published by the data owner using the target application {para. 0033: “link-based sharing module 26 may be configured to select the proper applications or application plug-ins to use in the file browser”}.

With respect to dependent claim 5, Danziger-Motes disclose wherein obtaining the acquisition request for the target data of the data owner comprises:
obtaining, from the data user, the acquisition request, wherein the acquisition request requests to use a specified TAPP to generate the target data {Danziger, para. 0024: “the file access request further includes an application identifier to open the data file”}.
wherein determining the TAPP for generating the target data comprises:
determining that the DID Doc information of the data owner comprises correspondence information between the target data and the specified TAPP {Motes, para. 0033: “the generated link for a given file set could be the URL …, which specifies … that some application uniquely associated with the identifier … (e.g., Microsoft Word or Microsoft Visio) should be used to view the file set”}.
determining the TAPP for generating the target data as the specified TAPP {Danziger, para. 0024: “when the file access request further includes an application identifier to open the data file, …, and the application identifier of the selected application is included in the file access request, the application server can launch the application directly”; it would be obvious for a request for a specific application to override a default application, similar to how Microsoft® Windows enables a user to open a data file with a different application than the default application}.

With respect to dependent claim 6, Danziger
before sending, to the TAPP, the target data generation request, obtaining a use authorization instruction of a usage right approver of the target data for the acquisition request {para. 0034: “The user can also log into the storage server 302 via the browser 301 such that the storage server 302 can determine whether the user is authorized to create a data file or to open a data file at the storage server 302”}.
generating a use authorization verifiable statement based on the use authorization instruction, wherein the target data generation request comprises the use authorization verifiable statement {paras. 0034 & 0039: “the browser 301 can include such user credentials into the HTTP POST request at 307 for the application server 303” wherein “the remote storage server 302 can check access authentication based on a user identifier, e.g., by verifying whether the user identifier is on the access control list associated with the data file that the user has authorization to access the respective data file”}.

With respect to claim 8, a corresponding reasoning as given earlier in this section with respect to claim 5 applies, mutatis mutandis, to the subject matter of claim 8; therefore, claim 8 is rejected, for similar reasons, under the grounds as set forth for claim 5 and for the reasoning set forth for the following limitations not explicitly disclosed in in-dependent claim 5.  Danziger discloses wherein obtaining the acquisition request for the target data of the data owner comprises:
obtaining, from the data owner, the acquisition request for the target data of the data owner {paras. 0020 & 0024: “0024: “the file access request further includes an application identifier to open the data file”, wherein the request may originate from “the owner”}.

Danziger discloses:
determining, based on the processing result, that the target data is already generated {para. 0024: “the application server can identify in a data store (e.g., database) for cached data files, and query whether a cached version of the data file has been previously saved in the database”}.
obtaining the target data from the TAPP that generates the target data {paras. 0024-0027: “the application server can launch the application directly” and then “the application server can provide the cached version of the data file to the user device via the user interface (e.g., file storage UI 105 in FIG. 1)”}.
storing the target data in trusted hardware {para. 0039: “opening a data file that is stored by a remote storage server for viewing, commenting, or editing by a user device via an API”}.

With respect to claims 14-17, a corresponding reasoning as given earlier in this section with respect to claims 3-6 applies, mutatis mutandis, to the subject matter of claims 14-17; therefore, claims 14-17 are rejected, for similar reasons, under the grounds as set forth for claims 3-6.

With respect to claim 19, a corresponding reasoning as given earlier in this section with respect to claim 8 applies, mutatis mutandis, to the subject matter of claim 19; therefore, claim 19 are rejected, for similar reasons, under the grounds as set forth for claim 8.


Claims 7 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Velamoor in view of Danziger, Motes, and Reinertsen.

With respect to dependent claim 7, although Velamoor teaches verifying that a user is authorized to access a particular file, Velamoor does not explicitly disclose that the verification is performed using digital-signature based authorization from the data owner; however, Reinertsen discloses after generating the use authorization verifiable statement, digitally signing, by a target application, the use authorization verifiable statement using a private key of the data owner to obtain a signed verifiable statement {col. 3, ll. 4-42: “the data owner uses it's own private key (300 in FIG. 3) to compute a digital signature of the access request signature, and includes the data user's digital signature in the computation of the new signature”}, wherein the private key is in a key pair generated after requesting to establish a correspondence between trusted hardware and a DID of the data owner using the target application, wherein the private key is stored in the trusted hardware {col. 4, ll. 34-41: the “private key of the data owner is assumed to be under the secure control of the data owner and the data owner is therefore concluded to have approved the requests contained in the data access token for the user whose private key also signed the data access token”}, wherein a public key in the key pair is stored in a DID Doc of the data owner, and wherein the target data generation request comprises the signed verifiable statement {col. 3, ll. 4-42: “the data owner appends it's own public key, or public certificate (which contains the public key) to the request (65 in FIGS. 2 and 3), creating 120” and “the data owner uses it's own private key (300 in FIG. 3) to compute a digital signature of the access request signature, and includes the data user's digital signature in the computation of the new signature”}.

Velamoor-Danziger-Motes and Reinertsen are analogous art because they are from the same field of endeavor or problem-solving area of controlling access by a data owner to a file in a secure data storage system.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Velamoor-Danziger-Motes and Reinertsen before him or her, to modify/develop the application server of Velamoor-Danziger-Motes’s system to utilize authorization tokens.  The suggestion and/or motivation for doing so would have been because it is merely combining prior art elements according to known methods to yield predictable results, i.e. it enhances privacy by enabling a data owner to authorize another user to access data without the data facility knowing the identity of the data owner or data user.  Therefore, it would have been obvious to combine the application server in Velamoor-Danziger-Motes’s system with authorization tokens to obtain the invention as specified in the instant claim(s).  The Examiner notes that this motivation applies to all dependent and/or otherwise subsequently addressed claims.

With respect to claim 18, a corresponding reasoning as given earlier in this section with respect to claim 7 applies, mutatis mutandis, to the subject matter of claim 18; therefore, claim 18 are rejected, for similar reasons, under the grounds as set forth for claim 7.


Claims 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Velamoor in view of Sprague.

With respect to dependent claim 10, although Velamoor teaches access control on an application server, Velamoor does not explicitly disclose that the application server utilizes a trusted execution environment; however, Sprague discloses wherein the TAPP is installed in a trusted execution environment (TEE) of a server, and the TEE is isolated from an operating system of the server {para. 0054: “TEE is a hardware environment where applications (apps) or applets, such as the TEE applet 208 and service provider applications, can be deployed and executed outside, and in isolation from, the primary OS”}.

Velamoor and Sprague are analogous art because they are from the same field of endeavor or problem-solving area of access control to a file system.  Before the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Velamoor and Sprague before him or her, to modify/develop the application server of Velamoor’s system to utilize a trusted execution environment.  The suggestion and/or motivation for doing so would have been because it is merely combining prior art elements according to known methods to yield predictable results, i.e. to enable the application server to assert trust.  Therefore, it would have been obvious to combine the application server in Velamoor’s system with a trusted execution environment to obtain the 

With respect to dependent claim 11, Sprague discloses wherein the data of the data owner is obtained by the TAPP from the trusted institution through a predetermined interface of the TEE {para. 0071: “adapter 214 is configured as the interface between the TEE applet 208 installed at the TEE of the user device 205 and the external applications and online services”}.


Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 



Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 571-272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Kevin Bechtel/Primary Examiner, Art Unit 2491