DETAILED ACTION
This Final Office Action is in response to amendment filed on 01/05/2022.
Claims 11, 14-15 and 17 have been amended. Claims 1-25 remain pending in the application. 

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Drawings
The drawings filed on 07/02/2020 are accepted.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 11/22/2021 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly an initialed and dated copy of Applicant's IDS form 1449 filed 11/22/2021 are attached to the instant Office action. 

Examiner’s Note
The “computer readable storage medium” recited in claim 17 is a physical storage and “not to be construed as being transitory signals per se” as recited in [0125] of the instant application.

Response to Amendment 
Applicant’s amendments to the Specification filed on 01/05/2022 have overcome the specification objection previously set forth in the Non-Final Office Action mailed on 10/05/2021.
 Applicant’s claims amendments filed on 01/05/2022 have overcome the USC 112(b) rejection previously set forth in the Non-Final Office Action mailed on 10/05/2021.

Response to Arguments 
With respect to claim 1, applicant stated “Applicant respectfully asserts that one of ordinary skill in the art would appreciate the distinctions between the "first key unit" of claim 1 and Tegeder's "Third Party System", particularly in view of the Office's reliance on Tegeder's "Trustee Systems" as anticipating the "second key unit" and "third key unit" of claim 1. For example, Tegeder' s Third Party System is described and depicted as distinct from the rest of Tegeder's system (see Tegeder, FIG. 1). Further, Applicant sees no description in Tegeder that suggests that the Third Party System could be a Trustee System. In contrast, Applicant's Specification, [0046], provides: "Method 200 includes receiving encrypted slices of a key at operation 202. Operation 202 may be a replacement key unit. Operation 202 may include receiving encrypted slices of a secret key from other key units in the system." In short, claim 1 describes three key units, which are rejected based on two trustee systems (102a-102b) and a third party system (103). Based on Tegeder's description of these components, the trustee systems and third party system serve completely different functions, and Applicant sees no indication in Tegeder that the third party system could be one of the trustee systems. Therefore, it cannot be Applicant's "first key unit" of the three key units in claim 1. Applicant respectfully asserts that this fails to anticipate claim 1. In view of the above, Applicant respectfully asserts that the 35 U.S.C. § 102(a)(l) rejection of claim 1 has been overcome and may be withdrawn. Withdrawal of the rejection is therefore respectfully requested.”
Examiner respectfully disagrees. Examiner asserts that the trusted parties in the trusted system 102 and the third party in the disclosure of Tegeder are components that perform the same functions of the units as drafted in claim 1. Particularly, 
The claim limitations recite: 
a method of reconstructing a secret by a first key unit and Tegeder discloses reassembling secret shares by a third party illustrated in Figure 1 and disclosed in [0023],
receiving first encrypted secret slice and second encrypted secret slice from a second and a third key unit, and Tegeder discloses receiving encrypted secret shares from a plurality of trusted parties (102 a, b, c and d) in a trusted system 102 as illustrated in Figure 1 and disclosed in [0058], where two of the trusted parties 102(a) and 102 (b), corresponds to the second and third key units,

where the group authority key decrypts the secret slices, then reconstructing the slices and Tegeder discloses the key is used to decrypt the encrypted shares to enable the third party to reassemble the secret as illustrated in Figures 1-2 and disclosed in [0071]. 
Therefore, aside from the difference in naming the components/units, Tegeder discloses every component/unit/party and functionality of every component/unit/party recited in the claim limitations, as drafted.
With respect to the applicant’s argument that “Applicant sees no indication in Tegeder that the third party system could be one of the trustee systems. Therefore, it cannot be Applicant's "first key unit", examiner submits that no claim limitation in claim 1 suggests that the third party system should be one of the trustee systems.
Therefore, Tegeder discloses all limitations of claim 1.

With respect to claim 17, applicant stated “Applicant respectfully asserts that the cited references, taken alone or in combination, fail to teach or suggest at least "generate, based on the one or more received group authority keys, a plurality of encrypted slices of the secret," as required in currently-amended independent claim 17… upon review of Tegeder, Applicant sees no disclosure or indication that the first party system is capable of "getting/ obtaining" validation key pair beta beta* (or object key pair ɣ, ɣ*) outside of "generating" it. As an example, the paragraph cited for this  as shown in the quoted language from Tegeder, Tegeder's first party system generates the secret shares and generates the validation key pair. Even assuming, for sake of argument alone, that Tegeder' s "secret shares" and "validation key pair" correspond to the claimed "encrypted slices of the secret" and "one or more group authority keys, respectively, Tegeder's first party system does not receive the keys (as it generates them itself), and therefore still fails to teach or suggest "generate, based on the one or more received group authority keys, a plurality of encrypted slices of the secret," as required in currently amended independent claim 17 (emphasis added).”
	Examiner submits that Tegeder generates the validation keys, i.e. beta keys, corresponding to the group authority key, as opposed to receiving them from some other specified unit, e.g. group authority. Therefore, Tegeder discloses the generation of encrypted secret shares, encrypted based on generated validation keys, i.e. beta keys, as disclosed in [0046-0047]. Examiner submits that Tegeder does not disclose receiving the beta keys, i.e. group authority keys, from a group authority entity, however, NG explicitly disclose the concept of receiving an encryption key, i.e. group authority key, from a key master, i.e. group authority, which enables the receiving server to unlock its self and perform operations.
 	Applicant further stated “While the Office attempts to combine NG with Tegeder to address this deficiency, Applicant respectfully asserts that such a combination would require modifying Tegeder's first party system to send the validation key pair to a different system (such as, for example, one of the trustee systems). Further, there would be no benefit to modifying Tegeder to generate slices based on the keys received from the first party system (and such a modification would require substantial changes to Tegeder' s system), because Tegeder' s first party system is the component in Tegeder that actually generates the "plurality of secret shares" (which the Office Action relies upon in rejecting the "generating encrypted slices" limitation). Therefore, Applicant respectfully asserts that the proposed combination would change the principle of operation of Tegeder, which is prohibited by MPEP § 2143 .0 I (VI)”.
	Examiner respectfully disagrees. Examiner asserts that claim 17, as drafted, lends its self to a number of interpretations. For example, claim 17 is devoid from any entity pertaining to the trustee system or the third party, and there is no benefit one can ascertain from reading claim 17 as argued by the applicant. Examiner recommends clarifying the claimed invention in claim 17.

Applicant’s arguments, see Applicant Remarks, Page 13, “Notably, NG's "newly added key master" is cited as corresponding to the claimed "replacement key unit" (Office Action, p. 31). However, NG's newly added key master is distinct from NG's "server" (see, e.g., NG, FIG. 3, Server 22 vs. FIG. 4, Key Master 24). Since NG's "server" does the reconstructing (see NG, Summary, [0032]” in combination with the newly added limitation “identifying, responsive to the determining, a replacement key unit; transmitting, responsive to the identifying, a signal to the group, the signal indicating that the replacement key unit is to reconstruct the secret”, filed 01/05/2022, with respect to the rejection of claim 11 under 35 U.S.C 103 have been fully considered a new ground(s) of rejection is made over the newly found prior art: Naqvi et. al. (US 20210034299 A1), hereinafter Naqvi (Note: Citation from us-provisional-application US 62879642), in view of the previously cited prior art Yoo (US 20170019385 A1), hereinafter Yoo. Please see detailed rejection below.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention. (FP 7.08.aia)

Claims 1 and 9 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Tegeder (US 20190372765 A1), hereinafter Tegeder.

Regarding claim 1 (Original), Tegeder teaches a method of reconstructing a secret by a first key unit (Tegeder [0023] “a method for giving to a designated third party system (i.e. first key unit) access to a secret is provided”, [0036] discloses the third party reassembling the secret shares), 

receiving a first encrypted slice from a second key unit and a second encrypted slice from a third key unit (Tegeder Figure 1 discloses receiving, by third party system, response including encrypted secret shares, corresponding to 1st encrypted slice and 2nd encrypted slice, from trustee systems 102a-b in Figure 1, corresponding to 2nd key unit and 3rd key unit, [0058] “…the trustee system publishes a response message 114, which includes the secret share .sigma..sub.i, to a ledger 104b…the secret share .sigma..sub.i that is published in the response message 114 may be further encrypted by the trustee system using the second validation key .beta.* that is held by the trustee system 102.”, [0059] “…the ledger 104b to which the response message 114 is published may be a different ledger, as long as the ledger 104b is accessible to the third party system 103--in order to retrieve the secret shares .sigma..sub.i”, where each trustee system, e.g. server, stores one secret share as disclosed in e.g. [0031]); 
receiving one or more group authority keys from a group authority (Tegeder Figure 1 discloses receiving, by the third party system 103 from a first party system 101, i.e. group authority, a validation key beta, i.e. one or more group authority keys, Figure 2 [0042] “At step 203, the first party system 101 securely sends a message 111 to the third party system 103. The message includes a first validation key .beta. of the validation key pair .beta., .beta.* and the encrypted secret .gamma.(p). The third party system 103 stores this message 111 securely for future use.”); 
(Tegeder discloses decrypting each encrypted secret share at the third party system using the validation key beta, received by the third party system, Figure 2 [0071] “At step 211, once at least k out of the n trustee systems 102 have published response messages 114 and the response messages 114 have been validated and obtained by the third party system 113, the third party system 103 reassembles the secret shares .sigma..sub.i to reveal the encrypted second object key…If the second object key .gamma.* or the secret shares .sigma..sub.i were encrypted using the second validation key .beta.*, the third party system 103 uses the first validation key .beta. to decrypt the second object key .gamma.* or the secret shares .sigma..sub.i at the appropriate time. The third party system 103 then uses the revealed second object key .gamma.* to decrypt the encrypted secret .gamma.(p), which is previously received from the first party system 101.”).

Regarding claim 9 (Original), Tegeder teaches the method of claim 1, wherein the secret is a storage encryption key (Tegeder discloses in [0030-0031] the secret to be encryption key to decrypt stored secrets p).  

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any 
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of Yoo (US 20170019385 A1), hereinafter Yoo.

	Regarding claim 2 (Original), Tegeder teaches the method of claim 1, further comprising: 
Emphasis in Italic.
Yoo discloses generating a first fingerprint of the encrypted first slice and a second fingerprint of the encrypted second slice (Yoo [0067] “…the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100 corresponding to the group authority, where the hash value of the key pieces, i.e. first key piece and second key piece, correspond to the first fingerprint of the previously encrypted first slice and the second fingerprint of the previously encrypted second slice, respectively, consistent with the use of a hash function for fingerprints on key pieces, as disclosed in [0045] of the instant application, the encrypted slices are decrypted and hashed, i.e. fingerprint of the previously encrypted slice); and 
sending the first fingerprint and the second fingerprint to the group authority (Yoo [0067] “…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”), 
wherein the receiving the one or more group authority keys is in response to the group authority validating the first fingerprint and the second fingerprint (Yoo further discloses in Figure 5 transmitting secret service key, received by the service device 400, as disclosed in [0083], in response to the validation of hash values, fingerprint, of the key pieces as illustrated in S235 of Figure 5, where the secret service key is used by the service to reveal secret information).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of Yoo to utilize the above feature, with the motivation of enhancing security by validating hash values of key pieces, as recognized by (Yoo Figure 5).
  
Claims 3-4, 6-7, 17, 19-21 and 23-25 are rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of NG (US 20210028931 A1), hereinafter NG.

Regarding claim 3 (Original), Tegeder teaches the method of claim 1, further comprising: 
slicing the [reconstructed] secret into a first [new] slice and a second [new] slice (Tegeder discloses in Figure 2 (204) slicing the secret shares into a plurality of shares, [0046] “At step 204, the first party system 101 generates a plurality of secret shares .sigma..sub.i in a k, n secret sharing scheme, as described above with respect to FIG. 1, such that each secret share .sigma..sub.i includes an element of the second object key .gamma.*, i.e. the key that can be used to decrypt the encrypted secret .gamma.(p).”); 
encrypting the first [new] slice and the second [new] slice (Tegeder [0047] “…the secret shares .sigma..sub.i themselves can be encrypted, using the second validation key f* [sic]”, where the first party system, based on the validation key, beta*, generates encrypted slices/shares of the .sigma. key/secret); 
transmitting the encrypted first [new] slice to the second key unit; and transmitting the encrypted second [new] slice to the third key unit (Tegeder [0050] “The first party system 101 securely transmits a message (.beta.*, .sigma..sub.i) 112 including the second validation key .beta.*, which is the counterpart of the first validation key .beta. transmitted to the third party, and one of the secret shares .sigma..sub.i to each of the n selected trustee systems 102a, 102c, 102d.”, trustee systems correspond to the second and third key unit).
While Tegeder in view of Yoo disclose the aforementioned limitations, where slices are encrypted and transmitted to different trustee systems. Tegeder further discloses in [0030] the process rationalized in claim 1 may be “automatically repeated”, when the secret changed, indicating that the process of redistributing new secret shares/pieces as rationalized in claim 1 above is repeated, furthermore, Tegeder in [0034] disclose performing the above process for different secrets, where each trustee system 102a-d, corresponding to the second and third key units, hold more than one secret share for more than one secret indicating new secret slices generated for plurality of secret, however, Tegeder does not explicitly disclose slicing the reconstructed the secret, resulting into new slices. Emphasis in Italic.
NG disclose slicing the reconstructed secret into a first new slice and a second new slice and transmitting the first new slice to the second key unit and second new slice to the third key unit (NG discloses [0061] “When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters)…The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Regarding claim 4 (Original), Tegeder in view of NG teaches the method of claim 3, further comprising receiving one or more [new] group authority keys from the group authority, wherein the encrypting the first [new] slice and the second [new] slice is performed using the one or more [new] group authority keys (Tegeder Figure 1 discloses receiving, by the third party system 103 from a first party system 101, i.e. group authority, a validation key beta, i.e. one or more group authority keys, Figure 2 [0042] “At step 203, the first party system 101 securely sends a message 111 to the third party system 103. The message includes a first validation key .beta. of the validation key pair .beta., .beta.* and the encrypted secret .gamma.(p). The third party system 103 stores this message 111 securely for future use.”, where the secret shares .sigma..sub.i themselves are encrypted, based on the validation key, beta*, which generates encrypted slices/shares of the .sigma. key/secret).
  While Tegeder discloses the aforementioned limitations, where slices are encrypted and transmitted to different trustee systems. Tegeder further discloses in [0030] the process rationalized in claim 1 may be automatically repeated, when the secret changed, indicating that the process of redistributing new secret shares/pieces as rationalized in claim 1 above, 
furthermore, Tegeder in [0034] disclose performing the above process for different secrets, where each trustee system 102a-d, corresponding to the second and third key units, hold more than one secret share for more than one secret, however, Tegeder does not explicitly disclose new group authority keys, resulting into new slices. Emphasis in Italic.
NG discloses first new slice and a second new slice (NG discloses [0061] “When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters)…The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”).
NG further discloses one or more new group authority keys, the encrypting the first new slice and the second new slice is performed using the one or more new group authority keys ([0062] “The server 22 then changes the encryption key 34 of its configuration file 30 in Step 92, and distribute the new encryption key 34 y to all other key masters 24 in Step 94”, where the process disclosed in [0062] and Figure 9 illustrates the new encrypted key fragments distributed, based on the encryption key required and compulsory by the server and its associated configuration file as further disclosed in [0013-0014, 0051], where the encrypting of the slices is based on the configuration file storing host servers public keys, where the configuration files accessed by the encryption key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Regarding claim 6 (Original), Tegeder in view of NG teaches the method of claim 3, further comprising: receiving a third encrypted slice from the second key unit; receiving a fourth encrypted slice from the third key unit; and storing the third encrypted slice and the fourth encrypted slice in a slice storage (Tegeder Figure 1 discloses receiving, by third party system, response including encrypted secret shares, corresponding to 1st encrypted slice and 2nd encrypted slice, from trustee systems 102a-b in Figure 1, corresponding to 2nd  key unit and 3rd key unit, [0058] “…the trustee system publishes a response message 114, which includes the secret share .sigma..sub.i, to a ledger 104b…the secret share .sigma..sub.i that is published in the response message 114 may be further encrypted by the trustee system using the second validation key .beta.* that is held by the trustee system 102.”, [0059] “…the ledger 104b to which the response message 114 is published may be a different ledger, as long as the ledger 104b is accessible to the third party system 103--in order to retrieve the secret shares .sigma..sub.i”, where each trustee system, e.g. server, stores one secret share as disclosed in e.g. [0031], 
[0034] discloses that each trustee system 102, where two of them corresponding to second and third key unit, hold more than one secret share for different secrets, where the additional secret shares for each trustee system correspond to the third and fourth secret share, where the third party receives third and fourth secret shares, corresponding to their pertinent secret, where the received shares ought to be stored at the third party in order to eventually be reassembled).  

Regarding claim 7 (Original), Tegeder in view of NG teaches the method of claim 6, 
Tegeder does not disclose the below limitations.
NG discloses further comprising: determining that the third key unit has failed; receiving a request from the group authority to transmit the fourth encrypted slice to a (NG discloses determining that a key master 24, corresponding to third key unit, has been damaged/not functional, [0062] “Turning to FIG. 9. If the distributed key management system of FIG. 1 encounters a situation that a key master 24 is lost from its user, damaged, or otherwise not functional to complete operations required for the distributed key management system, then this non-functional key master 24 should be prohibited from communicating with the server 22 regarding the distributed key management function to avoid security risks.”, [0061] “when adding a new key master 24 to the system, any existing key master 24 can initiate a request by submitting the new key master's public key to the server 22. Then, other existing key masters 24 in Step 80 send approval messages if it approves the addition of the new device …server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters).”, where a request is initiated by one existing key master, ac as a group authority, and authorizing adding/registering new key master to the group, after validation, the new key master, i.e. fourth key unit, receives an encrypted slice, corresponding to fourth encrypted slice, where communication between devices are encrypted as disclosed in [0051] ).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to 

Regarding claim 17 (Currently Amended), Tegeder teaches a computer program product, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a computer to cause the computer to (Tegeder [0024] “a computer-readable medium is provided. The computer-readable medium comprises instructions which, when executed by a computer, cause the computer to carry out the method described...”, [0040] discloses first party system as a computer): 
obtain a secret (Tegeder discloses in [0040] the first party system generating/getting/obtaining object key pair .gamma., .gamma.*, where the gamma key corresponds to a secret, “At step 201 of the method 200 shown in FIG. 2, the first party system 101 generates two pairs of asymmetric encryption keys: the object key pair .gamma., .gamma.* and a validation key pair .beta., .beta.*.”); 
[receive] one or more group authority keys [from a group authority] (Tegeder discloses in [0040] the first party system generating/getting/obtaining validation key pair .beta., .beta.*, where the validation key pair, beta, correspond to one or more group authority keys, “At step 201 of the method 200 shown in FIG. 2, the first party system 101 generates two pairs of asymmetric encryption keys: the object key pair .gamma., .gamma.* and a validation key pair .beta., .beta.*.”); and 
[received] group authority keys, a plurality of encrypted slices of the secret (Tegeder [0046] “At step 204, the first party system 101 generates a plurality of secret shares .sigma..sub.i in a k, n secret sharing scheme, as described above with respect to FIG. 1, such that each secret share .sigma..sub.i includes an element of the second object key .gamma.*”, [0047] “…the secret shares .sigma..sub.i themselves can be encrypted, using the second validation key f* [sic]”, where the first party system, based on the validation key, beta*, generates encrypted slices/shares of the .sigma. key/secret).  
Tegeder discloses generating beta., .beta.*, corresponding to the group authority keys at the first party, however, Tegeder does not disclose that the one or more group authority keys are received from a group authority.
NG discloses receiving group authority key from a group authority (NG discloses [0051] “…the server 22 possesses an encryption key 34 to encrypt the configuration file 30, and the server 22 shares the encryption key 34 with all key masters 24 that are registered with the server 22…If the server 22 needs to restart, it can't read the configuration file 30 and therefore it will require any key master 24 to unlock the server 22 by providing the encryption key 34 of the configuration file 30. Before the server 22 is unlocked, it cannot do anything except waiting to be unlocked. This prevents any unauthorized restart or code modification to the server 22 itself.”, where the key master responsible for transmitting encryption key, i.e. group authority key, corresponds to the group authority, where the encryption key is compulsory for the server to perform the operation of pertaining to distributed keys, as disclosed in [0013-0014, 0051]).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of enhancing security This by preventing any unauthorized restart or code modification to the server, as recognized by (NG [0051]).

Regarding claim 19 (Original), Tegeder in view of NG teaches the computer program product of claim 17, 
wherein: the one or more group authority keys consist of a single group authority key; and the generating the plurality of encrypted slices includes: encrypting, using the single group authority key, the secret; and P202001751US01Page 42 of 45slicing the encrypted secret (Tegeder [0046] “At step 204, the first party system 101 generates a plurality of secret shares .sigma..sub.i in a k, n secret sharing scheme…As also mentioned above, the second object key .gamma.* may be encrypted using the third party's public key, .alpha..sub.3P*, or the second validation key .beta.*, which is provided to the trustee system before being split into the secret shares .sigma..sub.i by the first party system 101.”, where the second validation key .beta.*, corresponds to the single group authority key).  

Regarding claim 20 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the generating the plurality of encrypted slices (Tegeder [0046] “At step 204, the first party system 101 generates a plurality of secret shares .sigma..sub.i in a k, n secret sharing scheme, as described above with respect to FIG. 1, such that each secret share .sigma..sub.i includes an element of the second object key .gamma.*”, [0047] “…the secret shares .sigma..sub.i themselves can be encrypted, using the second validation key f* [sic]”, where the first party system, based on the validation key, beta*, generates encrypted slices/shares of the .sigma. key/secret).  

Regarding claim 21 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to transmit the plurality of encrypted slices to a plurality of key units (Tegeder Figure 2 [0049] “At step 205, the first party 101 chooses n trustee systems 102a, 102c, 102d from among the available trustee systems 102 to hold a single secret share .sigma..sub.i each. The n trustee systems chosen by the first party may be selected…”, where the trustee systems correspond to the plurality of units).

Regarding claim 23 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to: 
receive a first encrypted slice from a first key unit and a second encrypted slice from a second key unit (Tegeder discloses in [0075] the first party system receiving encrypted shares/slices, sigma..sub.i, from various trustee systems, corresponding to a first and second key units, as disclosed in [0058]); 
store the first encrypted slice and the second encrypted slice (Tegeder discloses in [0075] the first party receiving the shares/slices in order to reconstruct and eventual recover access to the secret p, indicating the first party storing the secret shares/pieces to eventually use it for reconstructing an eventually becoming the secret p); 
Tegeder does not disclose the below limitations.
NG discloses receive a request from the group authority to transmit the second encrypted slice to a replacement key unit; and transmit, responsive to the request, the second encrypted slice to the replacement key unit (NG [0061] “when adding a new key master 24 to the system, any existing key master 24 can initiate a request by submitting the new key master's public key to the server 22. Then, other existing key masters 24 in Step 80 send approval messages if it approves the addition of the new device and an approval message will include the necessary key fragment 36 held by the existing key master 24. When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters). The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”, the new key master corresponds to a replacement key unit and the particular existing key master submitting a request acts as a group authority, where shares are encrypted throughout the communication between the server and key masters as disclosed in [0049-0051], NG discloses in [0062] the case of removing a key master, e.g. key unit initially holding the second slice, and adding a new key master, e.g. replacement key unit, in which case, recalculation and then redistribution of a key fragment to the newly added key master can be the fragment replacing the removed key maser fragment).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of sending a key share in case one key master is damaged, as recognized by (NG [0062]).

Regarding claim 24 (Original), Tegeder in view of NG teaches the computer program product of claim 23, wherein the instructions further cause the computer to: 
Tegeder does not disclose the below limitations.
NG discloses receive a replacement slice from the replacement key unit, and replace the first encrypted slice with the replacement slice (NG [0061-0062] disclose adding new key masters and removing key masters, which results into recalculation and distribution of key fragments, for example based on the teaching of NG in the above paragraphs, if there are two key masters: one key master A holding the first slice and one key master B recently added as discussed in claim 23. Then, if there is a newly added key master C to replace the key master A holding the first slice, then the server receives key slice from key master B, i.e. replacement slice, then the server recalculates and redistribute two key fragments/slices between key master B and C, one key fragment can be the replacement slice provided to key master C, i.e. the replacement slice replaces the first slice in key master C).  
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of sending a key share in case one key master is damaged, as recognized by (NG [0062]).

Regarding claim 25 (Original), Tegeder in view of NG teaches the computer program product of claim 24, 
wherein the instructions further cause the computer to: 
Tegeder does not disclose the below limitations.
NG discloses receive one or more new group authority keys from the group authority (NG discloses in [0051] receiving, by the server, from one key master, corresponding to a group authority, an encryption key corresponding to one or more group authority keys, where the encryption key is renewed/changed when removing/adding master key units as disclosed in [0062]), 
generate, based on the one or more group authority keys, one or more new encrypted slices of the secret; and transmit at least one of the one or more new encrypted slices to the replacement key unit (NG discloses in [0013] the server conducting operations when unlocked by the encryption key, [0062] further discloses removing/adding key masters results in changing encryption key and recalculation and redistribution of “new” key fragments/slices to key masters, where the redistribution of the key fragments can result into sending a new key fragment to a recently added key master, corresponding to replacement key unit).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of NG to utilize the above feature, with the motivation of redistributing key fragments to accommodate newly added key master unit, in case one of the existing ones are damaged or have failed, as recognized by (NG [0061-0062]).

Claims 5 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of NG (US 20210028931 A1), hereinafter NG, and further in view of Yoo (US 20170019385 A1), hereinafter Yoo.

Regarding claim 5 (Original), Tegeder in view of NG teaches the method of claim 3, 
Tegeder in view of NG do not disclose the below limitations. 
Yoo discloses further comprising: generating a first new fingerprint of the encrypted first new slice; generating a second new fingerprint of the encrypted second slice (Yoo [0067] “Next, the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100 corresponding to the group authority, where the hash value of the key pieces, i.e. first key piece and second key piece, correspond to the first fingerprint of the encrypted first slice and the second fingerprint of the encrypted second slice, respectively, Yoo further discloses generating hash values from master key pieces, Yoo further discloses that the master key is required to be renewed, [0052, 0115] “the key access server 100 receives the random seed from the host servers 200 that are stably connected at the time when a new master key is required” indicating that the process illustrated in Figure 4 is performed including receiving “new” hash values (S140) of the master key pieces); and 
transmitting the first new fingerprint and the second new fingerprint to the group authority (Yoo [0067] “…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”, where renewing master key results into new hash values of master key pieces).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG to incorporate the teaching of Yoo to utilize the above feature, with the motivation of validating master key pieces and reducing a possibility of predicting a value of the generated master key, as recognized by (Yoo [0115]).

Regarding claim 18 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to: 
Tegeder in view of NG do not disclose the below limitations.
generate one or more fingerprints based on the secret key; and transmit the one or more fingerprints to the group authority (Yoo [0067] “Next, the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140)…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100, where the hash value of the key pieces, i.e. first key piece and second key piece, correspond to the first fingerprint of the encrypted first slice and the second fingerprint of the encrypted second slice).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG to incorporate the teaching of Yoo to utilize the above feature, with the motivation of enhancing security by validating hash values of key pieces, as recognized by (Yoo Figure 5).
  
Claims 8 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of Yoo (US 20170019385 A1), .

Regarding claim 8 (Original), Tegeder teaches the method of claim 1, further comprising:
Tegeder does not explicitly disclose the below limitations.
 Yoo discloses storing the reconstructed secret in a secret access control unit (Yoo disclose soring in memory based database 700, corresponding to the secret access control unit, the reconstructed master key repeatedly used in order to improve an access speed of the key access sever 100 to the master key, [0047] “A memory based database 700 may store the master key repeatedly used by the key access server 100 in a memory therein, in order to improve an access speed of the key access sever 100 to the master key…the memory based database 700 may store the master key reconstructed by the key access server 100.”); 
receiving request from a user, and responding to the request using the reconstructed secret (Yoo [0047] “the memory based database 700 may store the master key reconstructed by the key access server 100. The memory based database 700 may receive a request for a master key from the key access server 100. The memory based database 700 may transmit to the key access server 100 the master key stored in the memory in response to the request for the master key.”, where the request from the access server is further in response to request from service device by the user to retrieve service key as disclosed in [0007,0008, 0047]).
 to incorporate the teaching of Yoo to utilize the above feature, with the motivation of improving access speed, as recognized by (Yoo [0047]).
While Yoo discloses the above limitations, where a server device requesting reconstructed master key, and the reconstructed master key is received in response to the request, however, Yoo does not disclose that the reconstructed master key is encrypted, and then decrypted by a key from a distinct device.
Machani discloses encrypting reconstructed secret, and decrypting the reconstructed secret using a user key (Machani discloses a managed device 24 receiving an encrypted reconstructed encryption key and decrypting the reconstructed encryption key using the private key of the Managed Device 24, Col. 8 line 65-67 and Col. 9 line 1-8 “When Managed Device 24 receives Reconstructed Master Encryption Key 212, it may use its private key to decrypt Reconstructed Master Encryption Key 212. Managed Device 24 may then use the decrypted Reconstructed Master Encryption Key 212 to complete its startup.”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of Yoo to incorporate the teaching of Machani to utilize the above feature, with the motivation of enhancing security by protecting a key store and using the decrypted reconstructed key for encrypting sensitive information during startup operation, as recognized by (Machani Col. 9 line 1-10).
request including a user key.
Li discloses request include a user key (Li disclose in [0006] sending a request that includes a user key, where the user key is used to decrypt a server key).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of Yoo and Machani to incorporate the teaching of Li to utilize the above feature, with the motivation of providing control of sensitive data by encrypting and decrypting the sensitive information using multiple authority keys, as recognized by (Li [0005]).

Claims 10 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of Orsini (US 20110202755 A1), hereinafter Orsini.

Regarding claim 10 (Original), Tegeder teaches the method of claim 1, 
Tegeder does not disclose the below limitation.
Orsini discloses wherein the group authority is a certificate authority (Orsini discloses in [0550] the group authority, which may be root certificate authorities are used to provide certificates to secret shares for encrypting the secret shares).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder to incorporate the teaching of Orsini to utilize the above feature, with the motivation of distributing trust among a set .
  
Claims 11-12, 14 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Naqvi et. al. (US 20210034299 A1), hereinafter Naqvi (Note: Citation from us-provisional-application US 62879642), in view of Yoo (US 20170019385 A1), hereinafter Yoo.

Regarding claim 11 (Currently Amended), Naqvi teaches a system (Naqvi discloses a system comprising user device, storage devices and custodian device illustrated in Figure 3), comprising: 
a memory; and a central processing unit (CPU) coupled to the memory, the CPU configured to execute instructions to (Naqvi illustrates a system comprising user device, storage devices and custodian device illustrated in Figure 3, which include a memory and processor, as further disclosed in Page 2 line 2-3): 
determine that a key unit storing a secret has failed, the key unit included in a group (Naqvi discloses a Custodian, which is part of the system illustrated in Figure 3, using automated computer programs to achieve the custodian function as disclosed in Page 4 line 7, where the custodian in Figure 1 authenticates the user device in steps 2 and 8 and accordingly provide the user device with challenges C1 and C2, and signatures respectively, which enable the user device to save key fragments in storage nodes in steps 6 and 12, respectively, as disclosed in Page 8 line 8-22 and Page 9 line 1-5, where a subsequent retrieval of key fragments illustrated in Figure 2 is achieved without the need to contact the custodian, however, when the original device is lost, i.e. failed/corrupted, Page 11 line 16-17 “If the memory of the original device has been corrupted, we may use the process described in FIG. 3 for replacing a lost user device.”, where the custodian, as illustrated in Figure 3, determines that an original user device is lost/failed because a replacement/new user device, by the user, using the new/replacement user device, is contacting the custodian to authenticates with the custodian in step 2, where the new/replacement user device is included in the group of the storage nodes/devices. Figure 3 illustrates the steps of the custodian determining a new device and providing a challenge and a signature used by the new/replacement user device for retrieving the key fragments from the storage nodes is disclosed in Page 10 lines 9-24, Page 11 line 1-13, where the original device corresponds to the key unit, and the new/replacement user device corresponds to the replacement key unit); 
identifying, responsive to the determining, a replacement key unit (Naqvi discloses the custodian identifying the new/replacement user device when the custodian is provided with an authentication message form the new/replacement user device in Figure 3 (step 2), since a normal case and operation for the original user device to retrieve the key fragments is for communicating directly from the storage nodes as illustrated in Figure 2, however, since a new/replacement user device is used, it is determined that the original device is lost/failed/corrupted and the corrupted device is replaced, Page 11 line 16-17 “If the memory of the original device has been corrupted, we may use the process described in FIG. 3 for replacing a lost user device.”, which would require another authentication from the custodian); 
transmitting, responsive to the identifying, a signal to the group, the signal indicating that the replacement key unit is to reconstruct the secret (Naqvi Figure 3 illustrates that responsive to replacing the original user device, with a new user device, the custodian sends a signal challenge with signature of Z3  in step 4 and a signal challenge with signature of Z4 in step 7, and accordingly the new/replacement user device sends a signal to the remaining storage nodes in steps 11 and 14  to retrieve the key fragments, as disclosed in Page 11 line 9-13); 
responsive to the validation, transmit one or more stored group authority keys to the replacement key unit (Naqvi illustrates in Figure 3 steps 10 and 13, the storage nodes validate the signal from the new/replacement user device and accordingly collectively transmit the key fragment to construct the cryptographic key for the user device, as disclosed in Page 5 line 1-14, in response to the overall validation, receiving by the new/replacement user device a reassembled key corresponding to the group authority key).
While Naqvi discloses a form of validation, by a custodian and the storage nodes, and accordingly, transmit newly calculated key fragment to a newly added user device, replacement key unit, however, Naqvi does not disclose the below validation.
Yoo discloses receive fingerprints of encrypted key slices from a replacement key unit; validate the received fingerprints, the validating including comparing the received fingerprints to stored fingerprints stored in a fingerprint storage (Yoo [0067] “…the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140)…the key access server 100 compares the received hash values and the hash values of the generated key pieces to determine whether the hash values are the same as each other (S145).”).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Naqvi to incorporate the teaching of Yoo to utilize the above feature, with the motivation of enhancing security by validating hash values of key pieces and ensuring the key pieces is associated with their hash values, as recognized by (Yoo Figure 5).

Regarding claim 12 (Original), Naqvi in view of Yoo teaches the system of claim 11, wherein the CPU is further configured to: add the replacement key unit to the group; and validate an identity of the replacement key unit (Naqvi illustrates in Figure 3 the new user device replaces the original user device that was lost/corrupted and added to the storage device nodes as a device to retrieve the fragments from the storage nodes group, where the replacement/new user device is validated by the custodian in Figure 3 (Step 2), and by the storage nodes in Figure 3 (Steps 10 and 13)).

Regarding claim 14 (Currently Amended), Naqvi in view of Yoo teaches the system of claim 12, wherein the CPU is further configured to: 
Naqvi discloses in new user device, i.e. replacement key unit, to replace a lost/corrupted user device, where the new user devices is authenticated by the however, Naqvi does not disclose utilizing hash values of key pieces/shares, i.e. fingerprints. Emphasis in Italic.
Yoo discloses receive new fingerprints from the replacement key unit; and store the new fingerprints in [[the]] a fingerprint store (Yoo [0067] “Next, the key access server 100 receives hash values from host servers 200 in which encrypted key pieces are distributed and distributed, respectively (S140).”, [0093] “The host servers 200 generate hash values of the decrypted key pieces”, where the host servers 200 send generated hashed values of key pieces to the key access server 100 corresponding to the group authority, where the hash value of the key pieces correspond to the fingerprint, Yoo further discloses generating hash values from master key pieces, Yoo further discloses that the master key, divided into key pieces, is required to be renewed, [0052, 0115] “the key access server 100 receives the random seed from the host servers 200 that are stably connected at the time when a new master key is required” indicating that the process illustrated in Figure 4, for distributing the new master key pieces, is performed including receiving “new” hash values (S140) of the master key pieces) in order to be able to perform and complete the operation illustrated in Figures 4 and 5). 
 It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Naqvi to incorporate the teaching of Yoo to utilize the above feature, with the motivation of validating master key pieces and reducing a possibility of predicting a value of the generated master key, as recognized by (Yoo [0115]).

Regarding claim 16 (Original), Naqvi in view of Yoo teaches the system of claim 11, wherein the secret is a storage encryption key (Naqvi discloses in Page 4 line 16-21 the private key, i.e. secret, to access an account and authenticate/validate transactions, Page 5 line 1-8, 14-22 discloses fragmenting the private key distributed and eventually combined to be used for accessing the account).    

Claims 13 is rejected under 35 U.S.C. 103 as being unpatentable over Naqvi et. al. (US 20210034299 A1), hereinafter Naqvi (Note: Citation from us-provisional-application US 62879642), in view of Yoo (US 20170019385 A1), hereinafter Yoo and NG (US 20210028931 A1), hereinafter NG.

Regarding claim 13 (Original), Naqvi in view of Yoo teaches the system of claim 11, wherein the CPU is further configured to: 
Naqvi in view of Yoo do not disclose the below limitation.
NG discloses generate one or more new group authority keys; and transmit the one or more new group authority keys to the replacement key unit (NG [0062] “The server 22 then changes the encryption key 34 of its configuration file 30 in Step 92, and distribute the new encryption key 34 y to all other key masters 24 in Step 94…a new key master 34 will be added shortly after a non-functional key master 34 is removed”, where the changed/new encryption key is shared with all master keys, including the new master key).
Naqvi in view of Yoo to incorporate the teaching of NG to utilize the above feature, with the motivation of replacing lost/damaged key masters, as recognized by (NG [0062]).

Claims 15 is rejected under 35 U.S.C. 103 as being unpatentable over Naqvi et. al. (US 20210034299 A1), hereinafter Naqvi (Note: Citation from us-provisional-application US 62879642), in view of Yoo (US 20170019385 A1), hereinafter Yoo, and further in view of Orsini (US 20110202755 A1), hereinafter Orsini.

Regarding claim 15 (Currently Amended), Naqvi in view of Yoo teaches the system of claim 11, 
Naqvi in view of Yoo do not disclose the below limitation.
Orsini discloses wherein the system is a certificate authority (Orsini discloses in [0550] the group authority, which may be root certificate authorities are used to provide certificates to secret shares for encrypting the secret shares).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Naqvi in view of Yoo to incorporate the teaching of Orsini to utilize the above feature, with the motivation of distributing trust among a set of certificate authorities in the structure of the communication channel, as recognized by (Orsini Abstract).

Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over Tegeder (US 20190372765 A1), hereinafter Tegeder in view of NG (US 20210028931 A1), hereinafter NG, and further in view of Juels et. al (US 8031875 B1), hereinafter Juels.

Regarding claim 22 (Original), Tegeder in view of NG teaches the computer program product of claim 17, wherein the instructions further cause the computer to: 
Tegeder does not explicitly disclose the below limitations.
NG discloses generate, based on the encrypted slices [and an error correcting code], a second plurality of slices; and transmit the second plurality of slices to a plurality of key units (NG discloses recalculating/generating share secrets, i.e. second plurality of slices, based on receiving from other key masters, enough number of share secrets, original plurality of slices, and then transmit the recalculated/generated shared secrets to the key masters, [0061] “When enough fragments 36 are received by the server 22 with a limited time frame, the server 22 allows the new key master 24 to register to the system in Step 82. The server 22 in Step 84 then re-calculates the share secrets (i.e. split the original main private key according to the new number of key masters 24 again) and redistribute it to all key masters 24 (both new and existing key masters). The re-calculation is needed as the new key master 24 needs to have a copy of a key fragment 36 as well, and this will require the system to reconstruct the main private key based on received, old fragments 36 and get new fragment 36. The main private key is then held by the new formation of key masters 24.”, where the secret shares are encrypted during transmission as disclosed in [0051]).

Tegeder in view of NG do not disclose generation of shares/slices based on error correcting code. Emphasis in italic.
Juels discloses generate, based on an error correcting code, a second plurality of slices; and transmit the second plurality of slices to a plurality of key units (Juels discloses in Col. 2 line 5-15 generating small shares of an encryption key utilizing an error correction code, e.g. Reed-Solomon, “Improvements are directed to techniques which involve encryption of data using an encryption key, and then secret sharing of that encryption key using error correction code (ECC) encoding. In particular, use of certain types of ECC encoding such as Reed-Solomon encoding is capable of providing extremely small shares (e.g., "tiny shares") but nevertheless delivers an acceptable level of information security”, Figure 3 (130) illustrates storing the different shares on different memory devices, i.e. key units).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Tegeder in view of NG to incorporate the teaching of Juels to utilize the above feature, with the motivation of providing tiny shares and delivering acceptable level of information security, as recognized by (Juels Col. 2 line 5-15).

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705. The examiner can normally be reached Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BASSAM A NOAMAN/Examiner, Art Unit 2497                                                                                                                                                                                                        /ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497