Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Allowable Subject Matter
	Claims 1-11 are allowed.
The following is a statement of reasons for the indication of allowed subject matter:  

The prior art of record (in particular, Saarepera et al. U.S. Publication 20040193872 (hereinafter “Saarepera”) in view of Harrison et al. U.S. Publication 20020166064 (hereinafter “Harrison”), further in view of Chambers et al. U.S. Publication 20070049250 (hereinafter “Chambers”), Fisher et al. U.S. Publication 20200125282 (hereinafter “Fisher”), Leavy et al. U.S. Publication 20190020633 (hereinafter “Leavy”), Lewis et al. U.S. Publication 20020194476 U.S.  (hereinafter “Lewis”), Abraham et al. U.S. Publication 20130318357 (hereinafter “Abraham”)) does not expressly disclose all the limitations recited in independent claims and the combination of their features thereon. With respect to independent claim 1 the closest prior art does not disclose at least the following limitations in the recited context:

in response to the detecting of the storage of the data, invoking, at the cloud storage site, a function that operates at the cloud storage site by: 
accessing the data; 
generating and adding, to the data, a header that comprises a globally unique identifier of the data; 	creating a hash by hashing a combination that comprises the globally unique identifier and the data; 
transmitting the hash to a notary service; 
when the hash is authenticated by the notary service, 	
receiving, from the notary service, a digital signature that corresponds to the hash; and 	appending the digital signature to the data; and 
storing at the cloud storage site, as an object, a combination that comprises the digital signature, the data, and the globally unique identifier.


However, Saarepera does not disclose at least the features of claim 1 quoted above.  
To this, Harrison adds encrypting a digest of a combination of an identifier and data content, hashing the data and identifier, appending the signature to the data, and storing the signature and data content on a storage medium [Harrison, para. 19 and 59]. Chambers adds storing as an object a combination comprising a digital signature, a unique identifier, and audio/video data [Chambers, para. 51]. Fisher adds that an operation recognition module may recognize incoming read/write operations and a responding module may respond to the read, write, or other operation. Fisher also discloses executing one or more instructions in response to detection of an incoming write command [Fisher, para. 20, 50]. Leavy adds an interface for receiving an encrypted communication, decrypting the communication to obtain public keys, their unique identifiers, a signature for each key, and validating the signatures. Leavy also discloses storing the public keys in memory when the signatures are determined to be valid. [Leavy, para. 20]. 
Lewis adds a program may make a call to an extracting and verifying function to extract data of a smart chip. The smart chip may contain descriptor data and a digital signature. The data may include a public key, the digital signature, and a database index. A device may access a database that contains a complete copy of the descriptor data. The Lewis system may also construct a hash of the descriptor data other than the digital signature, decrypting the digital signature using the public key, and using the digital signature to verify the data has not been altered. The Lewis system may also warn the user upon unsuccessful verification [Lewis, para. 65, 67, 70]. Abraham adds extracting data and computing a hash value for the data extracted, and then determining whether the data is invalid based on a digital signature [Abraham, para. 7].

For the reasons described above, the prior art of record does not disclose, with respect to independent claim 1, features corresponding to those of independent claim 1 in their respective contexts. Therefore, the independent claims 1 is/are allowed.
Dependent claims 2-11 is/are allowed in view of their respective dependence from independent claim 1.
None of the prior art of record, either taken by itself or in any combination, would have anticipated or made obvious the claimed embodiments of the allowable claims at or before the time it was filed.



Response to Amendment
This communication is in response to the amendment filed on 11/18/2021. The Examiner acknowledges amended claims 1-20. No claims have been cancelled or added. Claims 1-20 are pending and claims 1-11 are allowed and claims 12-20 are rejected.  Claims 1 and 12 is/are independent. 
	
	
	Response to Arguments
Applicant's arguments filed 11/18/2021 have been fully considered and they are persuasive with respect to claims 1-11 but they are not persuasive with respect to claims 12-20. 
Applicant argues (see page 10 of Applicant's Remarks) that:
By this paper, claim 12 has been amended to recite in part "...accessing an object that comprises a combination of the data, a digital signature, and a unique identifier, wherein the object resides in data object storage at a cloud storage site..." As recited in the claims, the "object" is a data object that is stored in data object storage. See also, e.g., paragraphs 0018, 0028, and 0055, clearly indicating that the claimed "object" is not hardware. 
In contrast, Lewis, relied on by the Examiner in the rejection, discloses a "smart chip 100" that the Examiner has correlated with the claimed "object." OA at 23. In contrast with the claimed "object" however, the smart chip 100 is a physical piece of hardware, namely, an integrated circuit. See Lewis at paragraph 0046. As such, Lewis fails to support the rejection. 
At least in view of the foregoing, the references individually and collectively fail to disclose or suggest all the claim elements. Thus, even if the references were combined in the allegedly obvious manner, they would still fail to produce the claimed combinations. Applicant accordingly submit that the rejection of claims 12-20 under 35 USC 103 should be withdrawn. 

Examiner respectfully disagrees. Page 23 of the non-final office action states “object = all descriptor data; data = descriptor data other than the digital signature] is stored in the smart chip [smart chip also discloses object when all descriptor data is stored in the smart chip”. In other words, object is disclosed by all the descriptor data or is disclosed by the smart chip in Lewis et al. U.S. Publication 20020194476 (hereinafter “Lewis”). Furthermore, claim 12 
“there will be situations in which the volume of descriptor data is so large that it can not be conveniently stored in chip 100, or there are other reasons for storing it elsewhere. In such cases, many possible variations exist for storing all or portions of the descriptor data elsewhere. …… the digital device may be required to access a database (which may be external to the digital device) using the index in order to obtain complete descriptor data……..additional steps required to retrieve full descriptor data from other locations, such as database”

Thus, Lewis indeed discloses the object resides in data object storage at a cloud storage site, as amended.
Accordingly, Applicant's argument is not persuasive with respect to claim 12. The claims depending from claim 12 do not add any patentable features and are also not allowable. 
The rejection(s) of claims under 35 U.S.C. § 112 are withdrawn in view of Applicant's amendments except as specifically set forth below.
Applicant's arguments/amendments with respect to claims 12-20 have been fully considered, but are not persuasive. Note that this action is made FINAL. See MPEP § 706.07(a).	

	

Claim Rejections - 35 USC § 103
	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

	The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
	
	This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 12-17 and 19-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lewis et al. U.S. Publication 20020194476 U.S. Patent No. 20020194476 (hereinafter “Lewis”) in view of Chambers et al. U.S. Publication 20070049250 (hereinafter “Chambers”).

A non-transitory storage medium having stored therein instructions that 
are executable by one or more hardware processors to perform operations 
comprising: 
	(See Lewis Para. [0154]
 instructions which, when read and executed by one or more processors [discloses hardware processors, all instructions must be executed by a hardware processor somewhere in a machine]…… perform the steps necessary to execute steps or….capable of being distributed as a program product in a variety of forms, …..such as volatile and non-volatile memory devices, floppy disks, hard-disk drives
)

receiving a read request that identifies data to be read out;  
 (See Lewis Para. [0062]
Some other program (e.g., an application program or a control program) calls[receiving a read request] the extracting and verifying function 302 in order to extract data [data ] from a smart chip and verify the data. 
)

accessing an object that comprises a combination of the data, a digital signature, wherein the object resides in data object storage at a cloud storage site;
(See Lewis Para. [0065]
…., all descriptor data[object = all descriptor data; data =  descriptor data other than the digital signature] is stored in the smart chip [smart chip also discloses object when all descriptor data is stored in the smart chip]…… data stored in smart chip 100 may include only a public identity key, digital signature, and a database index. Upon accessing an object ]of partial descriptor data from the smart chip, the digital device may be required to access a database (which may be external to the digital device) using the index in order to obtain complete descriptor data[accessing an object]. Furthermore, the descriptor data may be stored in one or more additional memory chips (external to smart chip 100) … additional steps required to retrieve full descriptor data[accessing an object] from other locations…..
Para. 65 also states
“there will be situations in which the volume of descriptor data is so large that it can not be conveniently stored in chip 100, or there are other reasons for storing it elsewhere. In such cases, many possible variations exist for storing all or portions of the descriptor data elsewhere. …… the digital device may be required to access a database (which may be external to the digital device) using the index in order to obtain complete descriptor data……..additional steps required to retrieve full descriptor data from other locations, such as database”[ wherein the object resides in data object storage at a cloud storage site;] 
[claim 12 does not require that there is only one copy of the object. The amended claim language of claim 12 reads on prior art that may store a second copy of the object elsewhere, such as in a database of a server. The Lewis reference discloses at paragraph 65 that a copy of all the descriptor data can be stored elsewhere in a database on the server.]
)

stripping the data from the object;  
after the data has been stripped from the object, hashing the data to generate a hash;  
(See Lewis Para. [0070]
constructs a hash of the descriptor data other than the digital signature[stripping the data = constructs a hash of the descriptor data other than the digital signature; hashing the data to generate a hash = constructs a hash]  , i.e., the descriptor data consisting of the identity public key and the attribute data 
)

verifying the digital signature with a public key by 
determining whether or not the digital signature fits with the hash, and 
either: 
(See Lewis 
[0067]
The extract and verify function 302 then decrypts the digital signature contained within the descriptor data using the signature public key [with a public key ] …… (step 405).
Para. [0070]
The decrypted digital signature generated at step 405 is then compared to the hashed descriptor data [verifying the digital signature] generated at step 406. If the data match, then the descriptor data read from the smart chip is the same[verifying the digital signature] as that which the was used to generate the digital signature, indicating that the data has not been altered in an unauthorized manner.
)

returning the requested data when the digital signature fits with the 
hash;  or 
(See Lewis Para. [0062]
If verification completes successfully, the extract and verify function 302 returns the extracted data.
[0074]
In the case of a data match, ….. the attribute data is extracted from the descriptor and made available in some manner to the calling program (step 416). This could be accomplished, e.g., by returning the attribute data itself,
)

notifying a customer and/or a notary service when the digital 
signature does not fit with the hash.
	(See Lewis Para. [0075]
If the data does not match at either step 407 or step 415, the extract and verify function returns with an appropriate error indication (step 420). ….. calling program providing an appropriate indication such as a warning message to a user[notifying a customer] or to some other system.
)
However, Lewis does not expressly disclose 
accessing an object that comprises a combination of the data, a digital signature, and a unique identifier, wherein the object resides in data object storage at a cloud storage site;  

Chambers discloses 
 an object that comprises a combination of the data, a digital signature, and a unique identifier;  

(See Chambers Para. [0051] a database server for receiving and storing a 
digital data unit [data ]of visual and/or audio data captured by the mobile 
communications device, to which is optionally appended (a) reference data, (b) 
a unique identifier[unique identifier] generated on the basis of the digital data unit and/or the reference data, (c) a hash value generated by executing a hash function on the digital data unit, and (e) a digital signature generated from the digital data 
unit 


It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Lewis with the technique for storing data appended with a unique identifier and digital signature of Chambers to include 
accessing an object that comprises a combination of the data, a digital signature, and a unique identifier, wherein the object resides in data object storage at a cloud storage site.
One of ordinary skill in the art would have made this modification to improve the ability of the system to store data with a unique identifier and digital signature to make available such data for subsequently proving that the data is authentic. The system (e.g., digital device such as device 210, or digital data device 220) of the primary reference can be modified to append a unique identifier to the descriptor data. Such a unique identifier would uniquely identify descriptor data for storage and data retrieval reference purposes.

As per claim 13, the rejection of claim 12 is incorporated herein. 
The combined teaching of Lewis, Chambers discloses wherein the 
digital signature is based on the hash and a private key. 
 (See Lewis Para. [0016]
digital signature is generated by creating a hash of all data bits in the identity public key and attribute data portions of the descriptor, using any of various known hash algorithms, such as SHA-1 or MD5. This hash will change if any bits are modified in the original data. The hash is then encrypted using the signature private key.
)

As per claim 14, the rejection of claim 12 is incorporated herein. 
wherein the hash includes a timestamp. 

Chambers discloses wherein the hash includes a timestamp. 
(See Chambers Para. [0064] the digital data unit, the digital 
signature of the digital data unit or the digital signature of a hash value of 
the digital data unit can all be time-stamped by such entity.  Time-stamping of 
a digital data unit can, for example, consist of appending date and time 
information to the digital data unit and encrypting the resulting data unit 
with a private key of an asymmetric key pair that belongs to the trusted entity 
by which the time-stamping is performed.).

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified Lewis with the technique for adding a timestamp to the data to be hashed of Chambers to include wherein the hash includes a timestamp.
One of ordinary skill in the art would have made this modification to improve the ability of the system to record the time associated with the data, thereby allowing the system to determine which data is most recent. The system (e.g., digital device such as device 210, or digital data device 220) of the primary reference can be modified to add a timestamp to the data to be hash, such as the descriptor data other than the digital signature.

As per claim 15, the rejection of claim 12 is incorporated herein. 
The combined teaching of Lewis, Chambers discloses wherein the 
operations are performed at a cloud storage entity.
(See Lewis Para. [0058] 
FIGS. 2A and 2B …..  Devices 210 or 220 may also be larger multi-user 
cloud storage entity]….multiple interactive 
workstations could be attached to a mainframe computer system, the mainframe 
storing a database of service provider and client data……Alternatively, client-server computing model in which a central server or servers of the service provider store data [cloud storage entity ]or perform certain tasks on behalf of the service provider's requesting terminals which act as clients
)

As per claim 16, the rejection of claim 12 is incorporated herein. 
The combined teaching of Lewis, Chambers discloses
wherein the data 
of the object is authenticated when it is determined that the digital signature 
fits with the hash and the data of the object is not authenticated when it is 
determined that the digital signature does not fit with the hash. 
(See Lewis 
[0065]
…., all descriptor data[object = all descriptor data; data =  descriptor data other than the digital signature ] is stored in the smart chip [smart chip also discloses object when all descriptor data is stored in the smart chip]……
Lewis Para. [0070]
 constructs a hash of the descriptor data other than the digital signature[data= descriptor data other than the digital signature], i.e., the descriptor data consisting of the identity public key and the attribute data, which was used as a source for generating the digital signature by the issuer (step 406). The decrypted digital signature generated at step 405 is then compared to the hashed descriptor data generated at step 406. 
when it is determined that the digital signature 
fits with the hash ] In this case, the “Y” branch is taken from step 407. If the data do not match, then the descriptor data has somehow been altered after the signature was generated or the descriptor data was signed by a different private key
Lewis [0074]
In the case of a data match,. ….. returns with an indication of successful completion [the data of the object is authenticated ](step 417).
Lewis [0075]
If the data does not match at either step 407 or step 415, the extract and verify function returns with an appropriate error indication)

As per claim 17, the rejection of claim 12 is incorporated herein. 
The combined teaching of Lewis, Chambers discloses
wherein any one 
or more of the operations are performed by a function that is run by a compute 
service at a cloud storage entity. 
(See Lewis Para. [0058] 
FIGS. 2A and 2B …..  Devices 210 or 220 may also be larger multi-user 
computer systems such as an IBM Enterprise system or an IBM AS/400 system.  [cloud storage entity]…. Such multiple 
terminals may have their own processors and memory, so that various functions [operations are performed by a function]
could be distributed between the processor of the mainframe computer system and 
the processors of the terminals. …..multiple interactive 

storing a database of service provider and client data……Alternatively, client-server computing model in which a central server or servers of the service provider[compute 
service] store data [cloud storage entity ]or perform certain tasks on behalf of the service provider's requesting terminals which act as clients
[0059] FIG. 3 is a 
verification and extraction function 302 for 
verifying and extracting data from smart chip 100, as explained in greater 
detail herein.  Verification and extraction function 302 is shown in FIG. 3 as 
part of the operating system[compute service]; 
)

As per claim 19, the rejection of claim 12 is incorporated herein. 
The combined teaching of Lewis, Chambers discloses wherein the 
digital signature fits with the hash, and the operations further comprise 
notifying a third party that the data of the object has been authenticated.
(See Lewis [0070]
The decrypted digital signature generated at step 405 is then compared to the hashed descriptor data generated at step 406. If the data match, then the descriptor data read from the smart chip is the same as that which the was used to generate the digital signature, indicating that the data has not been altered in an unauthorized manner. 
Para. [0074]
In the case of a data match, ….. attribute data is extracted from the descriptor and made available in some manner to the calling program (step 416). This could be accomplished, e.g., by returning the attribute data itself[notifying a third party], or by writing[notifying a third party] the attribute data to a record or file accessible to the calling program. The extract and verify function then returns with an indication of successful completion (step 417).
)

As per claim 20, the rejection of claim 12 is incorporated herein. 
The combined teaching of Lewis, Chambers discloses wherein the 
digital signature does not fit with the hash, and the operations further 
comprise notifying a third party that the data of the object has not been 
authenticated.
(See Lewis Para. 
[0075]
If the data does not match at either step 407 or step 415, the extract and verify function returns with an appropriate error indication[notifying a third party that the data of the object has not been authenticated.] (step 420). The form of error indication and action to be taken by the calling program [third party ]will vary depending upon the application. In some cases, the extract and verify function may return the attribute data, and the calling program may use it notwithstanding that it is considered unreliable, the calling program providing an appropriate indication such as a warning message to a user[notifying a third party] or to some other system [notifying a third party ]or system component. In other cases, the failure of the extract and verify routine is cause for aborting a requested operation or shutting down a system or subsystem.
) 

Claim 18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Lewis in view of Chambers, further in view of Leavy et al. U.S. Publication 20190020633 (hereinafter “Leavy”).

	However, the combination of Lewis, Chambers does not expressly disclose wherein the object further comprises a second unique identifier and a second digital signature.
Leavy discloses wherein the object further comprises a second unique identifier and a second digital signature.
(See Leavy Para. 
[0020] …. an interface for 
receiving[received objects are stored objects] an encrypted communication from  a second device and a processor that 
decrypts the encrypted communication received to obtain a plurality of 
ephemeral public keys, their unique identifiers, and a signature for each 
public key of the plurality of ephemeral public keys and validates the 
signature of each public key in the plurality of the plurality ephemeral public 
keys.  The system includes a memory to store the plurality of ephemeral public 
keys when the signatures of each public key are valid.  In some examples, the 
processor may encrypt the plurality of ephemeral public keys with a local 
storage device key prior to storing them in the memory.  
).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to have modified the combination of Lewis, Chambers with the technique for storing multiple identifiers and signatures of Leavy to include 
wherein the object further comprises a second unique identifier and a second digital signature.
One of ordinary skill in the art would have made this modification to improve the ability of the system to store multiple identifiers and signatures. Chambers discloses storing signature, identifier, and data as an object. Leavy teaches storing different identifiers and signatures in  .






Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HOWARD H LOUIE whose telephone number is (571)272-0036.  The examiner can normally be reached on Monday-Friday 9 AM-5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung W. Kim can be reached on 571-272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR 


/HOWARD H. LOUIE/Examiner, Art Unit 2494                                                                                                                                                                                                   
	
/THEODORE C PARSONS/Primary Examiner, Art Unit 2494