Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Specification 
The specification filed on August 27, 2020 is accepted.
Drawings
The drawings filed on August 27, 2020 are accepted.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/22/2020 was filed after the mailing date of the application 17/004610 on 08/27/2020.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claim 3 and 8 objected to because of the following informalities:
Claim 3 recites “generating an electronic license to the electronic content item” should read as “generating an electronic license [[to]] for the electronic content item”
Claim 8 recites “wherein the content key comprises a content key generated by the content service” should read as “wherein the content key is generated by the content service”.  Appropriate correction is required.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:


Claims 1-13 and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over McGough (US 20080056501) in view of KESELMAN et al (hereinafter KESELMAN) (US 20200112429).

Regarding claim 1 McGough teaches a method for managing an electronic content item performed by a first license service system comprising (McGough on [0007-0008] teaches a system and method for secure exchange of numeric authentication and encryption keys and for authenticated encryption of any accompanying message content. See on [0010] teaches a method for obtaining a session master key by an application executing on a computer (i.e. first license service system) from a server);
 a processor and a non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the first license service system to perform the method, the method comprising (McGough on [0026] teaches  computer program embodied in a computer readable and usable medium for ensuring private communications between application programs running on different computers (i.e. having processor and memory));
receiving a first content key share of a content key from a content service managing the electronic content item (McGough on [0010-0011] teaches computer (i.e. first license service system)  executing an application receives a first portion of the session master key (i.e. first content key share) from server (i.e. content service));
receiving a protected second content key share of the content key from a second license service, the protected second content key share comprising a second content key share of the content key encrypted by the second license service using the public key (McGough on [0010-0011] teaches the application sends an open request to the directory server specified by the server in the first reply for the second portion of the session master key. The directory server (i.e. second license service) sends the second portion of the session master key (i.e. second content key share) to the application. Further teaches the open request sent by the application to the directory server may also include a public key, in which case the second portion of the session master key sent from the directory server to the application is encrypted with the public key);
generating a protected first content key share of the content key by encrypting the first content key share using the public key (McGough on [0010-0011] teaches the open request received by the server from the application may include a public key, in which case the first reply sent from the server to the application includes the first portion of the session master key encrypted with the public key);
generating a protected content key based on the protected first content key share and the protected second content key share (McGough on [0010-0011] teaches the session master key is generated by the application using the first portion received from the server and the second portion received from the directory server).
	Although McGough teaches using public key for encrypting portions of master keys, but fails to explicitly teach receiving a public key from a device and transmitting the protected content key to the device for use in accessing the electronic content item, however KESELMAN from analogous art teaches receiving a public key from a device (KESELMAN on [0045] teaches a client device may send public key PK to RCC processor. See also on [0059-0060] teaches RCC receives a request containing public key from client device);
and transmitting the protected content key to the device for use in accessing the electronic content item (KESELMAN on [0009] teaches  RCC 120 may compute an encrypted, or blinded, derived key (i.e. protected content key) using data from the other elements and send the blinded derived key to client 150. See on [0047-0050] teaches RCC 120 may use PK, s.sub.j.Math.K, and b.sub.i.Math.K (i.e. multiplying two different keys) to compute the blinded derived key in blind and send the derived key to the client device. See also on [0059-0061] teaches RCC receives a request containing public key from client device. RCC will compute blinded key and transmit it to client device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 2 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, KESELMAN  further teaches wherein the method further comprises receiving a request for a license to access the electronic content item from the device (KESELMAN on [0059-0060] teaches RCC receives a request containing public key from client device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 3 the combination of McGough and KESELMAN teaches all the limitations of claim 2 above, KESELMAN  further teaches wherein the method further comprises generating an electronic license to the electronic content item, the electronic license comprising the protected content key (KESELMAN on [0009] teaches  RCC 120 may compute an encrypted, or blinded, derived key (i.e. protected content key) using data from the other elements and send the blinded derived key to client 150. See on [0047-0050] teaches RCC 120 may use PK, s.sub.j.Math.K, and b.sub.i.Math.K (i.e. multiplying two different keys) to compute the blinded derived key in blind and send the derived key to the client device. See also on [0059-0061] teaches RCC receives a request containing public key from client device. RCC will compute blinded key and transmit it to client device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 4 the combination of McGough and KESELMAN teaches all the limitations of claim 3 above, KESELMAN further teaches wherein transmitting the protected content key to the device comprises transmitting the electronic license to the device (KESELMAN on [0009] teaches RCC 120 may compute an encrypted, or blinded, derived key (i.e. protected content key) using data from the other elements and send the blinded derived key to client 150. See on [0047-0050] teaches RCC 120 may use PK, s.sub.j.Math.K, and b.sub.i.Math.K (i.e. multiplying two different keys) to compute the blinded derived key in blind and send the derived key to the client device. See also on [0059-0061] teaches RCC receives a request containing public key from client device. RCC will compute blinded key and transmit it to client device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 5 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, KESELMAN  further teaches wherein generating the protected content key comprises multiplying the protected first content key share and the protected second content key share KESELMAN on [0047-0050] teaches RCC 120 may use PK, s.sub.j.Math.K, and b.sub.i.Math.K (i.e. multiplying two different keys) to compute the blinded derived key in blind and send the derived key to the client device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 6 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, McGough further teaches wherein the first license service is separate from the second license service (McGough on [0010] teaches a method for obtaining a session master key by an application executing on a computer (i.e. first license service system) from a server. Further teaches the directory server (i.e. second license service) sends the second portion of the session master key (i.e. second key share) to the application).

Regarding claim 7 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, KESELMAN  further teaches wherein the content key comprises a content decryption key associated with the electronic content item (KESELMAN on [0058] teaches client 150 may request and receive a current b.sub.i. At 414, as described above, client 150 may use b.sub.i and SK to decrypt the data received).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 8 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, McGough further teaches wherein the content key comprises a content key generated by the content service (McGough on [0010-0011] teaches the session master key is generated by the application of computer using the first portion received from the server and the second portion received from the directory server).

Regarding claim 9 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, McGough further teaches wherein the first content key share is generated by the content service (McGough on [0010-0011] teaches computer executing an application receives a first portion of the session master key (i.e. first content key share) from server (i.e. content service indicating separate device)).

Regarding claim 10 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, McGough further teaches wherein the second content key share is generated by the content service (McGough on [0011] teaches server sending a second reply to a directory server with a second portion of the session master key (i.e. indicating the second portion of the key is generated at server which in this case is the content service)).
Regarding claim 11 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, McGough further teaches wherein the protected content key comprises the content key encrypted using the public key (McGough on [0010-0011] teaches the session master key is generated by the application using the first portion received from the server and the second portion received from the directory server (i.e. first and second portion are encrypted based on public key)).

12 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, KESELMAN  further teaches wherein the protected content key comprises the content key encrypted with the public key using a homomorphic encryption algorithm (KESELMAN on [0007, 0014 and 0024] teaches Key derivation service instructions 218 may include instructions that perform the various homomorphic key derivation functions).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 13 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, McGough further teaches wherein the protected second content key share comprises the second content key share encrypted by the second license service with the public key [[using a homomorphic encryption algorithm]] (McGough on [0010-0011] teaches the application sends an open request to the directory server specified by the server in the first reply for the second portion of the session master key. The directory server (i.e. second license service) sends the second portion of the session master key (i.e. second key share) to the application. Further teaches the open request sent by the application to the directory server may also include a public key, in which case the second portion of the session master key sent from the directory server to the application is encrypted with the public key).
KESELMAN teaches encrypting using homomorphic encryption algorithm (KESELMAN on [0007, 0014 and 0024] teaches Key derivation service instructions 218 may include instructions that perform the various homomorphic key derivation functions).
 into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 17 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, KESELMAN  further teaches wherein the public key is associated with the device (KESELMAN on [0009] teaches client may generated public key (i.e. public key associated with client device). See on [0007] teaches client 150 may be any device configured to provide access to remote applications. For example, client 150 may be a smartphone, personal computer, tablet, laptop computer, or other device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected key to client device for accessing electronic content item. One would be motivated to do so in order to ensure security in a system (KESELMAN on [0006]).

Regarding claim 18 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, KESELMAN  further teaches wherein the public key is associated with a user of the device (KESELMAN on [0009] teaches client may generated public key (i.e. public key associated with client device). See on [0007] teaches client 150 may be any device configured to provide access to remote applications. For example, client 150 may be a smartphone, personal computer, tablet, laptop computer, or other device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of KESELMAN into the teaching of McGough by transmitting the protected (KESELMAN on [0006]).

Claims 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over McGough (US 20080056501) in view of KESELMAN et al (hereinafter KESELMAN) (US 20200112429) and further in view of Dean et al (hereinafter Dean) (US 11238140).

Regarding claim 14 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein the first content key share comprises a first padded content key share, however Dean from analogous art teaches wherein the first content key share comprises a first padded content key share (Dean on [Col 25 line 45-55] teaches the LUK 614 may be divided into two portions. The first portion of LUK 614 may be generated by padding the key index with a first value to generate a first padded key index (e.g., 1YHHHHCC80000000), and encrypting the first padded key index using the second encryption key 608. The second portion of LUK 614 may be generated by padding the key index with a second value to generate a second padded key index (e.g., 2YHHHHCC80000000), and encrypting the second padded key index using the second encryption key 608).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Dean into the combined teaching of McGough and KESELMAN by having a padded key share. One would be motivated to do so in order to ensure transactions in a secure and reliable manner (Dean on [Col 1 line 50-55]).
Regarding claim 15 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein the protected second content key share comprises a protected padded content key share, however Dean from analogous art teaches wherein (Dean on [Col 25 line 45-55] teaches the LUK 614 may be divided into two portions. The first portion of LUK 614 may be generated by padding the key index with a first value to generate a first padded key index (e.g., 1YHHHHCC80000000), and encrypting the first padded key index using the second encryption key 608. The second portion of LUK 614 may be generated by padding the key index with a second value to generate a second padded key index (e.g., 2YHHHHCC80000000), and encrypting the second padded key index using the second encryption key 608).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Dean into the combined teaching of McGough and KESELMAN by having a padded key share. One would be motivated to do so in order to ensure transactions in a secure and reliable manner (Dean on [Col 1 line 50-55]).

Regarding claim 16 the combination of McGough and KESELMAN teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein the protected content key comprises a protected padded content key, however Dean from analogous art teaches wherein the protected content key comprises a protected padded content key (Dean on [Col 25 line 45-55] teaches the LUK 614 may be divided into two portions. The first portion of LUK 614 may be generated by padding the key index with a first value to generate a first padded key index (e.g., 1YHHHHCC80000000), and encrypting the first padded key index using the second encryption key 608. The second portion of LUK 614 may be generated by padding the key index with a second value to generate a second padded key index (e.g., 2YHHHHCC80000000), and encrypting the second padded key index using the second encryption key 608).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Dean into the combined teaching of McGough and KESELMAN by having a (Dean on [Col 1 line 50-55]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Humphrey et al (US 20100208889) is directed towards a secure storage system secures confidential information of a client by first encrypting the information with a first key to generate first-key encrypted data. The secure storage system then encrypts with a second key the first key to generate a second-key encrypted first key. The secure storage system divides the first-key encrypted data into a first portion and a second portion. The secure storage system generates an identifier for the information and provides the client with the identifier and the first portion and the second-key encrypted first key.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522. The examiner can normally be reached 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To 





/MOEEN KHAN/Examiner, Art Unit 2436                                                                                                                                                                                                        
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436