Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
2.    NO restrictions warranted at initial time of filing for patent.

Information Disclosure Statement
3.    The information disclosure statement (IDS) submitted on 05/19/2020, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Oath/Declaration
4.    Applicant’s Oath was filed on 07/29/2015.

Drawings
5.    Applicant’s drawings filed on 05/19/2020 has been inspected and is in compliance with MPEP 608.01.
Specification
6.    Applicant’s specification filed on 05/19/2020 has been inspected and is in compliance with MPEP 608.02.

Claim Objections
7.    NO objections warranted at initial time of filing for patent.

Remarks
8.   Examiner request Applicant review relevant prior art under the conclusion of this office action.

Claim Rejections - 35 USC § 112

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

9.	Claim 13 rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being incomplete for omitting essential structural cooperative relationships of elements, such omission amounting to a gap between the necessary structural connections.  See MPEP § 2172.01.  
Claims 13 each recites the limitation "The first data store via a closed network; and the first data store via an open network". However, it is unclear as to how the first data store is accessed by both a closed and open network. The deficiencies in claims set forth omit structural steps, such omission amounting to a gap between the steps between the steps, thereby rendering the claims indefinite. Therefore, they are rejected based on the same rationale as applied to their parent claims above.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

10.	Claims 1-10, 12-18 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20200099515 hereinafter Hopkins in view of U.S. Patent No. 9369443 hereinafter Sinor.

As per claim 1, Hopkins discloses:
A multistage secure data storage system (Fig. 1a, para 0018 “1A is a simplified block diagram of a communication system 100a that enables viewing and/or modifying of client-side encrypted data stored in a cloud, in accordance with an embodiment of the present disclosure. As illustrated in FIG. 1A, an embodiment of communication system 100a can include a client device 102, cloud service provider 104, and a security service provider 106. Client device 102 may be an electronic device and may include memory 110, a processor 112, and input/output (I/O) circuitry 114. Cloud service provider 104 may include memory 130, a cloud security module 134, a web application server 137, and an in-browser web application 135. Memory 130 may include secured storage 138 and temporary storage 140.”), 
comprising: a working database (Fig. 1a, element 140); 
para 0035 “As illustrated in FIG. 3A, the cloud service provider 304 may include secured storage locations 332, such as Documents folder, and temporary storage locations 340, as depicted by the dotted lines.” Fig. 1a, element 138, para 0020 “Security service provider 106 may be configured to intercept data sent by the client device 102 for storage in the cloud service provider 104, to encrypt the data using a client-side encryption, and to send the client-side encrypted data for storage in secured storage 138 in the cloud.”);
and at least one data storage controller (Fig. 1a, element 106) that: 
adds a decrypted version of an encrypted record from the multiple encrypted records from the long term storage database to the working database upon receipt of access authorization to the encrypted record (para 0035 “In response to receiving notification that the client device 302 is requesting to access to client-side encrypted data 334 stored in the cloud, the security service provider 306 may download the client-side encrypted data to memory 320 or a temporary file location and may decrypt the data by retrieving a client-side encryption key. Subsequent to decrypting the data, the security service provider 306 may upload the decrypted data 338 to the cloud service provider 304 for storage in the temporary storage location 340.” Retrieving the encryption key is an access authorization to the encrypted record); 
allows access by an access requestor to the decrypted version of the encrypted record from the working database (para 0035 “The in-browser web application 335 via the plugin/extension 326 or the web application 325 may 
and expunges the decrypted version of the encrypted record from the working database (para 0036 “The security service provider 306 may delete the decrypted data 338 from the temporary storage location 340.”)

	Hopkins does not disclose:
updates an encrypted record in the long term storage database with any changes to a decrypted version of the encrypted record

	Sinor discloses:
updates an encrypted record in the long term storage database with any changes to a decrypted version of the encrypted record (Col. 11 Lines 17-24 “The server/platform then accesses the requested data (which may be a file, record, document, etc.) and prepares it for transmission to the user (step 418). This may involve decrypting previously encrypted data that was protected when stored in a database, etc. in accordance with a data security protocol that is part of the database or data storage element management system (step 420).” Col. 11 Line 56 Col. 12 Line 3 “The user/client receives the data, and may use the client private key to decrypt the data or the portions of the data that they are authorized to access (step 426). Note that if the user is entitled to view and 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins to include updates an encrypted record in the long term storage database with any changes to a decrypted version of the encrypted record, as taught by Sinor.
The motivation would have been to securely store an updated data record.

As per claim 2, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 1, wherein the at least one data storage controller receives the access authorization from an authorization provider other than the access requestor (Hopkins para 0035) and (Sinor Col. 11 Lines 1-27, the motivation would have been to have only authorized entities receive access authorization).

As per claim 3, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 2, wherein the at least one data storage controller receives the access authorization from the authorization provider via the access requestor (Hopkins para 0035) and (Sinor Col. 11 Lines 1-27, the motivation would have been to have only authorized entities receive access authorization).

As per claim 4, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 2, wherein the at least one data storage controller prompts the authorization provider for the access authorization in response to a request from the access requestor (Sinor Col. 11 Lines 1-27, the motivation would have been to have only authorized entities receive access authorization)..

As per claim 5, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 1, wherein the long term storage database is communicably isolated from the access requestor (Hopkins Fig. 1a).

As per claim 6, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 1, wherein each of the multiple encrypted records are separately encrypted (Hopkins para 0035 “As Para 0035 “ In some embodiments, for example, when the client device 302 performs client-encryption, the client device 302 may interface with the cloud service provider 304 via an API to download and upload encrypted and decrypted files between the client device 302 and the cloud service provider 304.”).

As per claim 7, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 1, wherein each of the multiple encrypted records are accessed using separate access authorizations (Sinor Col. 5 Lines 56-58 “ In one embodiment, each session is associated with specific session “keys” for use in encrypting and decrypting data.” The motivation would have been to properly protect each file with a unique key to increase file security).
 
As per claim 8, Hopkins discloses:
A multistage secure data storage system (Fig. 1a, para 0018 “1A is a simplified block diagram of a communication system 100a that enables viewing and/or modifying of client-side encrypted data stored in a cloud, in accordance with an embodiment of the present disclosure. As illustrated in FIG. 1A, an embodiment of communication system 100a can include a client device 102, 
comprising: a first data store (Fig. 1a, element 140); 
a second data store (para 35 “As illustrated in FIG. 3A, the cloud service provider 304 may include secured storage locations 332, such as Documents folder, and temporary storage locations 340, as depicted by the dotted lines.” Fig. 1a, element 138, para 0020 “Security service provider 106 may be configured to intercept data sent by the client device 102 for storage in the cloud service provider 104, to encrypt the data using a client-side encryption, and to send the client-side encrypted data for storage in secured storage 138 in the cloud.”);
at least one non-transitory storage medium that stores instructions; and at least one processor that executes the instructions (para 0031)
decrypt a record from multiple encrypted records stored in the first data store upon receipt of access authorization to the record (para 0035 “In response to receiving notification that the client device 302 is requesting to access to client-side encrypted data 334 stored in the cloud, the security service provider 306 may download the client-side encrypted data to memory 320 or a temporary file location and may decrypt the data by retrieving a client-side encryption key. Subsequent to decrypting the data, the security service provider 306 may upload the decrypted data 338 to the cloud service provider 304 for storage in the temporary storage location 340.” Retrieving the encryption key is an access authorization to the encrypted record); 
move a copy of the record to the second data store and allow an access request to the second data store from an access requestor (para 0035 “The in-browser web application 335 via the plugin/extension 326 or the web application 325 may redirect the client's browser to view and/or modify the decrypted data 338 in the temporary storage location 340, such that the client may view and/or modify the decrypted data via the in-browser web application 335 in the cloud service provider 304.”); 
and upon occurrence of a time period, delete the copy from the first data store (para 0036 and 0037 “The security service provider 306 may delete the decrypted data 338 from the temporary storage location 340.”)

	Hopkins does not disclose:
deny access requests to the first data store from the access requestor

	Sinor discloses:
deny access requests to the first data store from the access requestor (Col. 10 Lines 44-54 “A user request for the data is typically generated by a client application (such as a browser) that identifies the requested data and accesses or generates the user's credentials (such as username and password) 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins to include denying access requests to the first data store from the access requestor, as taught by Sinor.
The motivation would have been to securely authorize access to a data record.

As per claim 9, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 8, wherein: the multiple encrypted records stored in the first data store are encrypted using at least one first encryption scheme; and the copy of the record in the second data store is encrypted using at least one second encryption scheme (Sinor Col. 11 Line 54- Col. 12 Line 3 “The user/client receives the data, and may use the client private key to decrypt the data or the portions of the data that they are authorized to access (step 426). Note that if the user is entitled to view and access certain data fields, they may be authorized to edit or modify the data in those fields (step 428). In such a case, the user may perform the desired edits and then save 430). Because the server/platform is in possession of the corresponding platform private key, the encrypted data may be decrypted and then undergo the normal security processes (such as re-encryption, etc.) to enable its storage in a database or other data storage element.” The motivation would have been to increase security of encrypted records in separate databases).
	
As per claim 10, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 8, wherein: decryption of a first record of the multiple encrypted records stored in the first data store uses a first access authorization; and decryption of a second record of the multiple encrypted records stored in the first data store uses a second access authorization (Sinor Col. 10 Lines 33-54 and Col. 11 Lines 1-27, The motivation would have been to increase security of encrypted records in separate databases).

	As per claim 12, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 8, wherein the first data store and the second data store are stored in a same storage medium (Hopkins Fig. 1a).

As per claim 13, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 8, wherein the at least one processor is communicably connected to: the first data store via a closed network; and the first data store via an open network (Hopkins Fig. 1a).

	As per claim 14, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 8, wherein: the first data store is stored in a first cloud storage partition; and the second data store is stored in a second cloud storage partition (Hopkins Fig. 1a).

As per claim 15, the implementation of the multistage secure data storage system of claim 8 will execute the system of claim 8. The claim is analyzed with respect to claim 8.

	As per claim 16, Hopkins in view of Sinor discloses:
The method of claim 15, further comprising: determining that the access requestor made a modification to the copy of the record in the short term storage database; and updating the record in the long term storage database using the modification (Hopkins para 0035) and (Sinor Col. 11 Lines 17-24, The motivation would have been to securely store an updated data record).

	As per claim 17, Hopkins in view of Sinor discloses:


	As per claim 18, Hopkins in view of Sinor discloses:
The method of claim 15, wherein: the access authorization is received from a customer; and the access requestor is a customer service agent (Hopkins Fig. 1a, 0034 and 0035).

	As per claim 20, Hopkins in view of Sinor discloses:
The method of claim 15, further comprising purging the copy of the record from the short term storage database after the access is complete (Hopkins para 0036).


11.	Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Sinor, and further in view of U.S. Publication No. 20140181969 hereinafter Mousty.

As per claim 11, Hopkins in view of Sinor discloses:
The multistage secure data storage system of claim 8, wherein the at least one processor (Hopkins Fig. 1a) 

Hopkins in view of Sinor does not disclose:


	Mousty discloses:
triggers: a first alarm if first data store access attempts deviate from first data store access metrics (para 0036 “FIG. 5 is a flowchart of a method, routine or process 500 for selecting and uploading a file associated with an event, such as an insurance claim. After the file has been uploaded by the user (for example according to the method 400 described in FIG. 4), the file may be transmitted to and received by a data server, such as the quarantine server of FIG. 1 (block 502). The file may be received by the quarantine server in order to scan the file, ensure that the file is secure and does not contain any malicious code. If the web security application scan is successful (YES branch of block 506), the data server may transmit the file through a firewall to a temporary data server (block 508) (such as the temporary data server 150 of FIG. 1). Para 0037 “If the web security application scan is not successful (NO branch of block 506), the data server may reject the document and end the routine 500 (block 510). In an alternate embodiment, the data server may generate and display a message to the customer indicating that the file has failed the web security application scan (block 510). The message may suggest that the customer try to upload a different file or contact their insurance agent for further details.”) 
Fig. 6, para 0039 “The file is first received by the data server (block 602). In an alternate embodiment, the temporary data server may also receive the user credentials and claim number associated with the file. Once the temporary data server has received the file, the temporary data server may determine if the file is in a supported formatted (block 604). For example, the system 100 may only support files in JPEG, PDF, TIFF, DOC, XLS, DOCX, XLSX, etc. If the data server determines that the file is not in a supported format (NO branch of block 604), the data server may convert the file into a supported format (block 606). For example, if the file is the .ODF (Open File Format) and that format is not supported by the system 100, the data server may convert the file into the PDF format. Of course, certain embodiments of the present invention may natively support ODF files. Once the file has been converted, the data server may display the file to the user for confirmation (block 608). The user may then examine the file to confirm that the correct file was selected and/or that there are no errors in the file. If the file has been compressed (such as the method 700 discussed below in reference to FIG. 7), the user may also determine if the compression algorithm applied to the file is acceptable. Once the user has decided whether the file is acceptable, the user may enter an input representing a verification that the file upload is acceptable. The verification input may be in the form of a mouse click, touch screen press, keyboard button press, etc. After the selection has been input, the data server may receive the selection. If the selection input indicates that the file is acceptable (YES branch of block 610), the data server may transmit the file to a permanent storage database (block 612). In an alternate embodiment, the data server may automatically associate the file with the claim number and flag the file, in response to receiving the file. The data server may also make an indication permanently associating the file with the claim number and flagging the file so that the file is attached to the electronic record of the claim (block 614). If the selection input indicates that the file is not acceptable (NO branch of block 610), the data server may reject the document (block 616) and end the routine 600. In an alternate embodiment, the data server may generate and display a message to the customer indicating that the file has not been verified. The message may suggest that the customer try to upload a different file or contact their agent for further details.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor to include triggers a first alarm if first data store access attempts deviate from first data store access metrics and a second alarm if second data store access attempts deviate from second data store access metrics, as taught by Mousty.
The motivation would have been to provide access control to various types of storage devices.

19 is rejected under 35 U.S.C. 103 as being unpatentable over Hopkins in view of Sinor, and further in view of U.S. Publication No. 20080046477 hereinafter Schulz.

	As per claim 19, Hopkins in view of Sinor discloses:
The method of claim 15, wherein the multiple records (Hopkins para0035)

	Hopkins in view of Sinor does not disclose:
multiple records are telecommunication company records

	Schulz discloses:
multiple records are telecommunication company records (para 0008 and 0079 “The OCN parameter may be used to identify data records associated with a particular telecommunications company.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method enable viewing and/or modifying of client-side encrypted data stored in a cloud of Hopkins in view of Sinor to include multiple records are telecommunication company records, as taught by Schulz.
The motivation would have been to have a database store data records with telecommunication companies.

Conclusion

A. U.S. Publication No. 20190325149 discloses on paragraph 0082 “As another example, the user interface application can control access to the decrypted document file by preventing modification of the decrypted document file by the user. Again, this control could be made fixed, or could be conditional or limited, in which case controlling access to the decrypted document file includes allowing, by the user interface application, modification of the decrypted document file by the user. If modification is allowed, the decrypted document file is loaded into temporary storage in the processing device and only a text file portion of the decrypted document file is copied using a text editor that is configured within the user interface application. The copied text file portion of the decrypted document file is then modified using the text editor and the modified copied text file portion of the decrypted document file is stored by replacing the text file portion of the decrypted document file stored in the temporary storage by the modified copied text file portion of the modified document file.”


Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/           Primary Examiner, Art Unit 2491