DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Interpretation
Claim 15 invokes the phrase “computer-readable storage medium”. The specification states that such a medium “is not to be construed as being transitory signals per se” (paragraph 29, lines 13-14). Therefore, the term appears to comply with 35 U.S.C. 101.

Claim Objections
Claims 3-6 are objected to because of the following informalities:
Referring to claim 3, the claim refers to a “second storage object” without explicit reference to a “first storage object” in the current claim or any antecedent claims.
Referring to claim 5, the claim refers to “the deduplication module” without antecedent basis for this limitation in independent claim 1. It appears as if the claim should depend on claim 2; for purposes of consideration on the merits, it will be treated as depending on claim 2.
However, this may create further concerns, as an interpretation along these lines makes it appear as if claims 3-4 and 5-6 could be considered to be substantial duplicates. If this is the case, the claims could be objected to if they are determined to be allowable.
Appropriate correction is required.

Claim Rejections - 35 USC § 102

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-2, 8-9, and 15-16 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by De Atley et al. (US 8,443,901), hereafter referred to as De Atley’901.

Referring to independent claim 1, De Atley’901 anticipates an apparatus, comprising: a first encryption module (default key bag 710, see figure 7 and column 10, lines 8-10) that encrypts each data chunk on a storage device with a unique first encryption key that is different from each other first encryption key (unique file encryption key, see figure 4, step 410 and column 6, lines 48-49); and a second encryption module (protected key bag 720, see figure 7 and column 10, lines 23-25) that encrypts each storage object on the storage device with a unique second encryption key that is different from each first encryption key (class encryption key, see figure 4, step 420 and column 6, lines 49-50) and each other second encryption key (each class encryption key is unique, column 9, lines 6-7), wherein: each second encryption key encrypts a first encryption key for a data chunk, and at least a portion of said modules comprise one or more of a set of hardware circuits, a set of programmable hardware devices, and executable code stored on a set of non-transitory computer-readable storage 

Note that independent claims 8 and 15 contain the corresponding limitations of claim 1 as shown above; therefore, they are rejected using the same reasoning accordingly.

As to claim 2, De Atley’901 anticipates the apparatus of claim 1 further comprising: a deduplication module (server sends instructions to remote device to induce obliteration, column 16, lines 15-18) that crypto-erases the data chunk from the storage device by deleting a respective second encryption key associated with the data chunk (obliteration removes means for decrypting encrypted data, column 15, lines 65-67).

Note that claims 9 and 16 contain the corresponding limitations of claim 2 as shown above; therefore, they are rejected using the same reasoning accordingly.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the 

Claims 3-7, 10-14, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over De Atley’901 in view of Redlich et al. (US 2010/0250497), hereafter referred to as Redlich’497.

As to claim 3, De Atley’901 does not appear to explicitly teach the apparatus of claim 2, wherein the deduplication module is further configured to add a second storage object to the storage device by: generating a pointer to the data chunk. De Atley’901 does, however, appear to teach including the first encryption key in the second object (each file has a unique encryption key, see figure 6 and column 9, lines 9-10); and wherein the second encryption module is further configured to encrypt the first encryption key with a respective second encryption key (class encryption key, see figure 4, step 420 and column 6, lines 49-50).
Further, Redlich’497 teaches wherein the deduplication module is further configured to add a second storage object to the storage device by: generating a pointer to the data chunk (authenticated user receives map data, including pointers, to provide addresses of storage locations, paragraph 2227, lines 1-5).
De Atley’901 and Redlich’497 are analogous because they are both drawn to the same inventive field of data encryption and decryption.
Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of De Atley’901 and Redlich’497 before them, to modify the apparatus of De Atley’901 to include the pointer generation of Redlich’497 by providing pointers from a server to facilitate connections to storage locations.
The motivation for doing so would have been to allow for searching of key data without compromising document security (paragraph 2232).


Note that claims 5, 10, 12, 17, and 19 contain the corresponding limitations of claim 3 as shown above; therefore, they are rejected using the same reasoning accordingly.

As to claim 4, De Atley’901 teaches the apparatus of claim 3 wherein, in including the first encryption key in the second storage object, the deduplication module is further configured to obtain the first encryption key from a storage object that owns the data chunk (default key bag 710 on a device with file-level data protection with keys derived from unique device-specific code available in memory, see figure 7 and column 10, lines 7-12).

Note that claim 6, 11, 13, and 18 contain the corresponding limitations of claim 4 as shown above; therefore, they are rejected using the same reasoning accordingly.

As to claim 7, Redlich’497 teaches the apparatus of claim 1, wherein: each storage object includes a set of pointers (authenticated user receives map data, including pointers, to provide addresses of storage locations, paragraph 2227, lines 1-5); each pointer references a particular data chunk encrypted with a respective unique first encryption key (pointers to addresses of storage locations, paragraph 2227, lines 1-5); and each pointer in each respective set of points includes the unique second encryption key associated with a storage object that owns each particular pointer (keep a pointer to an encryption key document, paragraph 3069, lines 7-11).

.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Boren et al. (US 2017/0012949) appears to disclose a pointer used in relation to a key stream for encrypting or decrypting a specific file or secure session.
Amarendran et al. (US 2016/0078245) appears to disclose an encryption system that can provide encryption to encryption keys for added security.
Kawakita (US 2005/0195975) appears to disclose an invention that supports pass-thru encryption of cryptographic keys for content use management.

Contact Information
Any inquiry concerning this communication or earlier communications from the examiner should be directed to JOHN B ROCHE whose telephone number is (571)270-1721. The examiner can normally be reached Monday-Friday, 10:30 - 7.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Henry Tsai can be reached on (571)272-4176. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/J.B.R/Examiner, Art Unit 2184      


/HENRY TSAI/Supervisory Patent Examiner, Art Unit 2184