DETAILED ACTION
This Final Office Action is in response to amendment filed on 12/10/2021.
Amended claims 1-6 and 8-10 filed on 12/10/2021 are being considered on the merits. Claims 1-17 remain pending in the application. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 03/16/2020 are accepted.

Response to Amendment 
Applicant’s amendments to claim 3 and cancellation of claim 18 have overcome the objection pertaining to claims 3 ad 18 previously set forth in the Non-Final Office Action mailed on 09/16/2021. Claim 13 has not been amended, therefore the objection set forth in the Non-Final Office Action mailed on 09/16/2021 is maintained.
 Applicant’s amendments to claims 6 and 10 have overcome the USC 112(b) rejection previously set forth in the Non-Final Office Action mailed on 09/16/2021.

Response to Arguments 
With respect to claim 4, applicant’s arguments pertaining to claim 4, see Applicant Remarks, Page 8-9, regarding the newly added limitation “the first secret data element and the second secret data element are retrieved from one or more randomly selected secret data servers”, filed 12/10/2021, with respect to the rejection(s) of claim 4 under 35 U.S.C 103 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made further in view of the newly found prior art: Keshtkarjahromi (US 20210133152 A1), hereinafter Keshtkarjahromi. Please see detailed rejection below.
	
With respect to claim 10, applicant stated “The Current Office Action, at page 21, admitted that Tervo does not disclose "a second rule where retrieving/receiving different secrets based on data being encrypted or authorized user." However, the Current Office Action, at pages 21-22, stated the following with regards to Knas et al. (US 10735193) (hereinafter "Knas"): Knas discloses a second rule that defines the particular secret data elements to be retrieved from the one or more secret data servers based on the particular data being encrypted (Knas discloses retrieving secret segments from nodes/servers, where the number of key segments retrieved is based on the particular type of data, i.e. sensitive such as financial data, or less sensitive, Col. 11 line 55-65). (emphasis original) Applicant respectfully disagrees…the teachings of Knas are explicitly directed to determining a number of key segments based on the particular data to be encrypted (i.e., a level of security of a blockchain). However, claim 10 of the present application includes limitations directed to retrieving a particular secret data element (i.e., key segment) based on the particular data to be encrypted. In other words, whereas Knas teaches how many secret data elements to retrieve, claim 10 of the present application recites limitations directed towards the particular  fails to disclose "wherein the encryption policy includes: a second rule that defines a particular secret data element to be retrieved from a secret data server based on a particular data being encrypted" as required by claim 10 of the present application.”
Examiner respectfully disagrees. Examiner asserts that the excerpt recited from Knas reads on the second rule, as drafted in claim 10. In particular, the second rule of claim 10 recites retrieving a particular secret data element from a server based on a particular data being encrypted. Knas discloses retrieving a particular number of secret segments from nodes/servers based on a particular data security level of the data to be encrypted, e.g. retrieving 100 key segments based on financial data, as opposed to retrieving 5 keys based on less sensitive data, as disclosed in Col. 11 line 55-65. Therefore, Knas reads on the above argued limitations.

	
Claim Objections
Claim 13 is objected to because of the following informalities:
Claim 13 recites “The computer-implemented method of claim 1, wherein combining the first secret data element byte string and the second secret data element byte string further includes randomly selecting the first secret data element byte string from the first secret data element and the second secret data element byte from the second secret data element.”, emphasis in bold. Examiner recommends replacing “byte from…” with “byte string from…”, as disclosed in [0041] of the instant application.
Appropriate correction is required.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-3, 11-14 and 16-17 are rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds

Regarding claim 1 (Currently Amended), Tervo teaches a computer-implemented method for generating a symmetric key for data encryption (Tervo [0020] discloses generating symmetric key based on two key parts from each key part collection, Figure 1 illustrates steps to generate symmetric key in (110)), the computer-implemented method comprising: 
receiving a first request from an entity to generate a first symmetric key for data encryption (Tervo discloses in [0045] the mobile payment application 180 on the user equipment 114 illustrated in Figure 1 receiving a transaction request, e.g. financial payment message, from a user as disclosed in [0029], and a as a result of the request, a symmetric key is generated using the features of selecting two key parts from each key part collection 202A-D illustrated in Figure 2); 
retrieving a first secret data element and a second secret data element (Tervo Figure 1 (102-104) and [0027] “At 104, the server 199 may send the key parts collections generated and stored at 102 to user equipment 114…server 199 may share the key parts collections 202A-D with user equipment 114 including mobile payment application 180 by sending the key parts collections 202A-D.”, where the key part collection 1 202A and key part collection 2 202B in Figure 2 correspond to the first secret data element and a second secret data element, respectively, where the key part collections 202A-D are obtained via a secure connection, i.e. secret key part collections, as disclosed in [0027] “…user equipment 114 may obtain the initial key parts collections (and/or other software and/or data for the mobile application 180) via a secure connection using, for example, a symmetric key shared through asymmetric encryption.”); 
dividing each of the first secret data element and the second secret data element into a number of secret data element [byte strings] (Tervo discloses in [0025] and illustrated in Figure 2 dividing each key part collection 202A-D, divided into 16 values 208 and each value is indexed with indexes 204, where the user equipment 114 selects two key part from each key part collection 202A-D, i.e. selecting two key parts from key part collection 202A, corresponding to first secret data element and two key part from the key part collection 202B, corresponding to second secret data element, and two key parts from key part collection 202C and two key parts from key part collection 202D, to generate a symmetric key, as disclosed in [0030-00031], 
examiner notes that the random selection, by the user equipment 114, of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when randomly selecting two key parts from each key part collection); and 
generating the first symmetric key for data encryption based, at least in part, on combining a first secret data element [byte string] from the first secret data element and a second secret data element [byte string] from the second secret data element (Tervo [0030] “At 108, the application 180 at user equipment 114 may select key parts…application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”).  
Tervo discloses, in Figure 2, 16 key part values (208) in each key part collection 202A-D, where only two key part values from each key part collection 202A-D are randomly selected, where the randomly selected 8 key part values are combined to generate a symmetric key, while it is obvious for one of ordinary skill in the art before the effective date of the claimed invention to conceive of the key part collections 202A-D comprising the key part values to be represented by bits or bytes on a computer device, where a subset of the key part collection, i.e. two key part value, is translated into a subset of the bits or bytes of the key part collection, which implies a subset of bits or bytes, however, Tervo does not explicitly indicate dividing a key part collection into byte strings. Emphasis in italic.
Reynolds discloses dividing secret data elements into byte strings (Reynolds discloses dividing a secure encryption key into key portions, where each key portion consists of a byte or two bytes of the encryption key, corresponding to a byte string, [0062] “A key portion may be any portion of the encryption key. For example, a key portion may be a nibble (4 bits) of an encryption key, a byte of an encryption key, two bytes of an encryption key, or any other portion of the encryption key…when the key portion is a byte, and the encryption key is 256 bytes, then the encryption key may be broken up into 256 key portions.” And further discloses subsequently, in e.g. [006], combining tokens, which comprises byte strings into a single value).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of Reynolds to utilize the above feature, with the motivation of dividing encryption keys into portions such that impeding unauthorized entities from hacking the encryption key, as recognized by (Reynolds [0015]).

Regarding claim 2 (Currently Amended), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, further comprising: 
receiving a second request from the entity to generate a second symmetric key for data encryption (Tervo discloses in [0045] the mobile payment application 180 on the user equipment 114 illustrated in Figure 1 receiving a transaction request, e.g. financial payment message, from a user as disclosed in [0029], and a as a result of the request, a symmetric key is generated using the features of selecting two key parts from each key part collection 202A-D illustrated in Figure 2, as described above, Tervo further discloses in [0040] “…each generated symmetric key is used only during one request/response sequence before it is discarded.” Indicating that the second request would generate a second symmetric key); 
retrieving the first secret data element and the second secret data element (Tervo discloses in [0027] and Figures 1-2 (102) receiving, from the server 199, kay part collections 202A-D, [0040] further discloses sending renewed kay part collections 202A-D from the server 199, where key part collections 202A-B correspond to the first and second secret data element); 
dividing each of the first secret data element and the second secret data element into the number of secret data element [byte strings] (Tervo discloses in [0025] and illustrated in Figure 2 dividing each key part collection 202A-D, divided into 16 values 208 and each value is indexed with indexes 204, where the user equipment 114 selects two key part from each key part collection 202A-D, i.e. selecting two key parts from key part collection 202A, corresponding to first secret data element and two key part from the key part collection 202B, corresponding to second secret data element, and two key parts from key part collection 202C and two key parts from key part collection 202D, to generate a symmetric key, as disclosed in [0030-00031], 
examiner notes that the random selection, by the user equipment 114, of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when randomly selecting two key parts from each key part collection); and 
generating a second symmetric key for data encryption based, at least in part, on combining a third secret data element [byte string] from the first secret data element and a fourth secret data element [byte string] from the second secret data element, wherein the third and fourth secret data element [byte strings] are distinct from the first and second secret data element [byte strings] (Tervo [0030] “At 108, the application 180 at user equipment 114 may select key parts…application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”, [0040] “…each generated symmetric key is used only during one request/response sequence before it is discarded.”, 
where the random selection of two key parts from each key part collection 220A-D and the use of a generated symmetric key only once for every transaction indicates that the generated symmetric key for a second request/response utilizes different/distinct two key parts from each key part collection220A-D, where the different/distinct two key parts from each key part collection 220A-B correspond to the third and fourth secret data element).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.
Regarding claim 3 (Currently Amended), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, further comprising: generating a (Tervo discloses in [0038, 0045-0046] and Figure 5 the process of regeneration of symmetric key for decryption of payload messages, corresponds to decryption policy), wherein the decryption policy includes: 
a first rule for dividing the first secret data element and the second secret data element into the number of secret data element [byte strings]; and a second rule for combining the first secret data [byte strings] from the first secret data element and the second secret data element [byte strings] form the second secret data element (Tervo discloses in [0038, 0046] the user equipment re-generating a symmetric key for decrypting an encrypted message received from the server 199, where the re-generated symmetric key relies on receiving indexes embedded in the message header to identify two key parts of each key part collections 220A-B to use for re-generating the symmetric key,    
examiner notes that the selection, based on received indexes, by the user equipment 114, of two key parts from each key part collection 220A-D is a direct result of the system identifying each key part collection and ability to divide each key part collection when selecting two key parts from each key part collection,
where the instruction for the system to be able to dissect every key part collection, corresponding the first secret data element and the second secret data element, and identify the two key parts from each key part collection and accordingly re-generating the symmetric key, corresponds to the decryption policy and the first rule,
[0030] “At 108, the application 180 at user equipment 114 may select key parts…application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”, where the combining corresponds to the second rule).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing and combining secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 11 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein each of the first secret data element [byte string] and the second secret data element [byte string] are respectively randomly selected from the first secret data element and the second secret data element (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 12 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein each of the first secret data element byte string and the second secret data element [byte string] are respectively selected from the first secret data element and the second secret data element based on an encryption policy (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, where the encryption policy includes the random section of two key parts from each key part collection 202A-D).
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 13 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein combining the first secret data element [byte string]  and the second secret data element [byte string] further includes randomly selecting the first secret data element [byte string] from the first secret data element and the second secret data element byte from the second secret data element (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”).  
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 14 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein combining the first secret data [byte string] and the second secret data element [byte string] further includes selecting the first secret data element [byte string] from the first secret data element and the second secret data element byte from the second secret data element based on an encryption policy (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”, where the random selection corresponds to the encryption policy).  
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 16 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein an order in which the first secret data element [byte string] and the second secret data element [byte string] are (Tervo discloses random selection of two key parts from each key part collection 202A-D, where the order to combine the key parts is based on ordered index, or order agreed upon between the server and the user equipment as disclosed in [0033-0034], corresponding to encryption policy).  
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.

Regarding claim 17 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1. 
Tervo discloses in [0024, 0027, 0033] symmetric key, e.g. AES, however, Tervo does not explicitly disclose 256-bit advanced encryption standard (AES).
Reynolds discloses wherein the symmetric key is a 256-bit advanced encryption standard (AES) key (Reynolds [0021] “The data device 14 may have one or more encryption methods 34 that may be used to encrypt the data 30. An encryption method 34 represents any type of encryption method that may be utilized to encrypt data and/or decrypt encrypted data. For example, an encryption method 30 may be RSA, Data Encryption Standard (DES), triple DES (DESS), Advanced Encryption Standard (AES), AES-256, Cryptographic hash functions, Message authentication codes (MACs), symmetric encryption methods”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo to incorporate the teaching of .
  
Claims 4-9 are rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds and further in view of Keshtkarjahromi (US 20210133152 A1), hereinafter Keshtkarjahromi.

Regarding claim 4 (Currently Amended), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, 
Tervo in view of Reynolds do not disclose randomly selected data servers.
Keshtkarjahromi discloses wherein the first secret data element and the second secret data element are retrieved from [[the]] one or more randomly selected secret data servers  (Keshtkarjahromi discloses retrieving secret data packets, by randomly selecting t storage nodes out of N storage nodes, [0047] “With this threshold probability, the probability that an authorized user can retrieve data F by selecting t random storage nodes out of N storage nodes is greater than or equal to 60%. However, the user can quickly check the number of blocks at each storage and figure out if it can retrieve the data or not. In case it could not retrieve the data, it can select another set of t storage nodes randomly; this increases the probability of success in retrieving the data to 1−(1−0.6).sup.2=0.84=84%, which is significant.”, [0025] “The system is designed such that the attacker 206 cannot read any partial information about the data file 200 with access to only Z nodes.”, where the data packets comprising linear combination of file partitions and keys as disclosed in [0035]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Keshtkarjahromi to utilize the above feature, with the motivation of optimize security by impeding eavesdropping and attacks, as recognized by (Keshtkarjahromi [0023]), where the random selection is one of finite selections, random or deterministic, to try.

Regarding claim 5 (Currently Amended), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, 
Tervo in view of Reynolds do not disclose how data servers are selected.
Keshtkarjahromi discloses wherein the first secret data element and the second secret data element are retrieved from one or more secret data servers in accordance with an encryption policy (Keshtkarjahromi discloses retrieving secret data packets, by randomly selecting t storage nodes out of N storage nodes, [0047] “With this threshold probability, the probability that an authorized user can retrieve data F by selecting t random storage nodes out of N storage nodes is greater than or equal to 60%. However, the user can quickly check the number of blocks at each storage and figure out if it can retrieve the data or not. In case it could not retrieve the data, it can select another set of t storage nodes randomly; this increases the probability of success in retrieving the data to 1−(1−0.6).sup.2=0.84=84%, which is significant.”, [0025] “The system is designed such that the attacker 206 cannot read any partial information about the data file 200 with access to only Z nodes.”, where the data packets comprising linear combination of file partitions and keys as disclosed in [0035], where the retrieval is based on retrieving from more than z storage nodes, where [0049] “The first Z storage nodes are allocated to store the keys only, however the remaining N−Z storage nodes store the file partitions masked with keys.”, where the access to the packet is based on accessing more than z nodes as disclosed in [0025], where the masked petitions are decrypted as disclosed in [0030], the above process correspond to encryption policy).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Keshtkarjahromi to utilize the above feature, with the motivation of optimize security by impeding eavesdropping and attacks, as recognized by (Keshtkarjahromi [0023]).

Regarding claim 6 (Currently Amended), Tervo in view of Reynolds and Keshtkarjahromi teaches the computer-implemented method of claim 5, 
Tervo in view of Reynolds do not disclose the below limitation.
wherein the encryption policy includes at least one of: 
a first rule that defines a predetermined threshold number of secret data servers from which to retrieve secret data; a second rule that defines [[the]] one or more  particular secret data servers from which to retrieve secret data elements based on the one or more  particular secret data servers from which to retrieve secret data elements based on a particular entity authorized to access the data encrypted by the symmetric key (Keshtkarjahromi [0025] “a subset 204 of the edge storage nodes 202 can be accessed by the attacker 206 such that the attacker 206 can at least view the data of interest stored on the subset 204. For purposes of this disclosure, the value Z signifies the maximum number of nodes to which the attacker 206 has access. The system is designed such that the attacker 206 cannot read any partial information about the data file 200 with access to only Z nodes. An authorized user will have access to more than Z of the nodes and therefore can read the data file 200. In some embodiment, the authorized user will need access to all of the edge nodes 202 to read the data file 200, and in other embodiments the authorized user may be able to read the data file 200 with fewer than all of the nodes 202, but more than Z nodes.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Keshtkarjahromi to utilize the above feature, with the motivation of optimize security by impeding eavesdropping and attacks, as recognized by (Keshtkarjahromi [0023]).

Regarding claim 7 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, 
Tervo in view of Reynolds do not disclose the below limitation.
(Keshtkarjahromi (Keshtkarjahromi [0025] “a subset 204 of the edge storage nodes 202 can be accessed by the attacker 206 such that the attacker 206 can at least view the data of interest stored on the subset 204. For purposes of this disclosure, the value Z signifies the maximum number of nodes to which the attacker 206 has access. The system is designed such that the attacker 206 cannot read any partial information about the data file 200 with access to only Z nodes. An authorized user will have access to more than Z of the nodes and therefore can read the data file 200. In some embodiment, the authorized user will need access to all of the edge nodes 202 to read the data file 200, and in other embodiments the authorized user may be able to read the data file 200 with fewer than all of the nodes 202, but more than Z nodes.”) 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Keshtkarjahromi to utilize the above feature, with the motivation of optimize security by impeding eavesdropping and attacks, as recognized by (Keshtkarjahromi [0023]).

Regarding claim 8 (Currently Amended), Tervo in view of Reynolds and Keshtkarjahromi teaches the computer-implemented method of claim [[1]] 4, 
Tervo in view of Reynolds do not disclose randomly selected data servers.
randomly selected secret data servers (Keshtkarjahromi discloses retrieving secret data packets, by randomly selecting t storage nodes out of N storage nodes, [0047] “With this threshold probability, the probability that an authorized user can retrieve data F by selecting t random storage nodes out of N storage nodes is greater than or equal to 60%. However, the user can quickly check the number of blocks at each storage and figure out if it can retrieve the data or not. In case it could not retrieve the data, it can select another set of t storage nodes randomly; this increases the probability of success in retrieving the data to 1−(1−0.6).sup.2=0.84=84%, which is significant.”, [0025] “The system is designed such that the attacker 206 cannot read any partial information about the data file 200 with access to only Z nodes.”, where the data packets comprising linear combination of file partitions and keys as disclosed in [0035]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Keshtkarjahromi to utilize the above feature, with the motivation of optimize security by impeding eavesdropping and attacks, as recognized by (Keshtkarjahromi [0023]), where the random selection is one of finite selections, random or deterministic, to try.
 
Regarding claim 9 (Currently Amended), Tervo in view of Reynolds teaches the computer-implemented method of claim [[1]] 5, 

Keshtkarjahromi discloses wherein the first secret data element and the second secret data element are retrieved from the one or more secret data servers based on [[an]] the encryption policy (Keshtkarjahromi discloses retrieving secret data packets, by randomly selecting t storage nodes out of N storage nodes, [0047] “With this threshold probability, the probability that an authorized user can retrieve data F by selecting t random storage nodes out of N storage nodes is greater than or equal to 60%. However, the user can quickly check the number of blocks at each storage and figure out if it can retrieve the data or not. In case it could not retrieve the data, it can select another set of t storage nodes randomly; this increases the probability of success in retrieving the data to 1−(1−0.6).sup.2=0.84=84%, which is significant.”, [0025] “The system is designed such that the attacker 206 cannot read any partial information about the data file 200 with access to only Z nodes.”, where the data packets comprising linear combination of file partitions and keys as disclosed in [0035], where the retrieval is based on retrieving from more than z storage nodes, where [0049] “The first Z storage nodes are allocated to store the keys only, however the remaining N−Z storage nodes store the file partitions masked with keys.”, where the access to the packet is based on accessing more than z nodes as disclosed in [0025], where the masked petitions are decrypted as disclosed in [0030], the above process correspond to encryption policy) .
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to .

Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds, Keshtkarjahromi (US 20210133152 A1), hereinafter Keshtkarjahromi and further in view of Knas et. al. (US 10735193 B1), hereinafter Knas.
 
Regarding claim 10 (Currently Amended), Tervo in view of Reynolds and Keshtkarjahromi teaches the computer-implemented method of claim 9, wherein the encryption policy includes: 
a first rule that defines [[the]] a particular secret data element[[s]] to be retrieved from a secret data server[[s]] (Tervo discloses in Figure 1 (102) and [0027] obtaining by the user equipment 114 key part collections 202A-D from the server 199); 
Tervo does not disclose a second rule where retrieving/receiving different secrets based on data being encrypted or authorized user.
Knas discloses a second rule that defines [[the]] a particular secret data element[[s]] to be retrieved from a secret data servers based on [[the]] a particular data being encrypted (Knas discloses retrieving secret segments from nodes/servers, where the number of key segments retrieved is based on the particular type of data, i.e. sensitive such as financial data, or less sensitive, Col. 11 line 55-65), 
Knas discloses a third rule that defines [[the]] a particular secret data element[[s]] to be retrieved from a secret data server[[s]] based on a particular entity authorized to access [[the]] a data encrypted by the symmetric key (Knas discloses retrieving key fragment elements based on authorized user, Figure 5, Col. 18 line 6-14 “At step 506, the analytics server may display an authentication request on the graphical user interface…An authentication request may refer to an input field configured to request inputs from the user in order to authenticate the user. Upon displaying the authentication request, the analytics server may receive an input from the user's client computing device (step 508).”, Col. 20 line 39-43 “…upon positively authenticating the user, may instruct a database to transmit a key record associated encryption and division of the blockchain key.”, Col. 20 line 50-54 “At step 512, the analytics server may instruct one or more network nodes to transmit the encrypted key segments.”, Col. 21 line 18-31 “At step 516, the analytics server may generate a blockchain key string based on the division method used. Upon decrypting the encrypted key segments based on the received encryption methods (step 514), the analytics server may append the key segments in accordance with the first encryption method (e.g., append the strings associated with each key segment) in order to generate a blockchain key. For example, and referring to FIG. 4, the analytics server may append key segments 420a-c in order to generate blockchain key 410. The analytics server may then display the blockchain key on the graphical user interface associated with the user's computing device or otherwise transmit the blockchain key to the user computing device or any other computing device selected by the user.” where the retrieval of the key segments (510-514) is performed based on the user authentication (508)).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Knas to utilize the above feature, with the motivation of decreasing the chances of data compromise in case of a cyber-attack, as recognized by (Knas [0029]).

Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Tervo et. al. (US 20140229386 A1), hereinafter Tervo in view of Reynolds (US 20190372945 A1), hereinafter Reynolds, Singhal (US 8363834 B1), hereinafter Singhal.

Regarding claim 15 (Original), Tervo in view of Reynolds teaches the computer-implemented method of claim 1, wherein an order in which the first secret data element [byte string] and the second secret data element [byte string] are combined to generate the symmetric key [is random] (Tervo discloses random selection of two key parts from each key part collection 202A-D, [0030] “At 108, the application 180 at user equipment 114 may select key parts. For example, application 180 may randomly select 2 key parts from each collection, as depicted at 220A-D at FIG. 2.”, [0031] “At 110, a symmetric key may be generated, based on the selected key parts…user equipment 114 and/or application 180 may select the key values from each of the selected key parts 220A-D and then combine those key values to form a symmetric key. Referring again to FIG. 2, the generated key is 7613167486354513 (at 230). This generated key represents the concatenation of the selected key parts values, 76 and 13, from the first collection, the key parts values, 16 and 74, from the second collection, the key parts values, 86 and 35, from the third collection, and the key parts values, 45 and 13, from the fourth collection.”, [0033-0034] disclose the order of coming key parts to form the symmetric key).    
Tervo does not explicitly disclose byte strings as discussed in claim 1.
Reynolds discloses dividing secret data elements into byte strings. Rationale and motivation described in claim 1 applies.
Tervo discloses generating symmetrical key from key parts, however, Tervo in view of Reynolds do not disclose the order of combining two key/secret elements is random. Emphasis in italic.
Singhal discloses wherein an order in which the first secret data element byte string and the second secret data element byte string are combined to generate the symmetric key is random (Singhal Col 5 line 40-50 “two keys are concatenated in a random order to yield a key of twice the length of the prior art key”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tervo in view of Reynolds to incorporate the teaching of Singhal to utilize the above feature, with the motivation of producing a stronger key, as recognized by (Singhal Col 5 line 40-50).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone 
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BASSAM A NOAMAN/          Examiner, Art Unit 2497                                                                                                                                                                                              /ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497