DETAILED ACTION
This Office action is in response to a non-provisional utility patent application filed by Applicant on 1/15/2020.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Information Disclosure Statement PTO-1449
The Information Disclosure Statement submitted by applicant on 1/15/2020 has been considered. The submission is in compliance with the provisions of 37 CFR § 1.97. Form PTO-1449 signed and attached hereto.

Claim Rejections - 35 USC § 102/103
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 10, 19 rejected under 35 U.S.C. 102(a)(1) as anticipated by or, in the alternative, under 35 U.S.C. 103 as obvious over Doyle (U.S. Pat. App. Pub. 2008/0215897 A1).
Regarding claims 1, 10 and 19, Doyle discloses: a method for controlling context-based access of data, the method comprising: receiving, at a producer, a request to access a data block from a consumer (a requester (reads on recited consumer) requests access to a document component mediated by a security container. Doyle para. 0081. The security container’s interface received the user’s access request. Doyle para. 0081.); verifying whether a context associated with the consumer will allow the consumer to access the data block (determining whether the requester is a member of a group of authorized users allowed to access to the document component. Doyle paras. 0081-0083. Whether the requester is a member of a group authorized to access is interpreted as the recited context associated with the consumer.); and upon verifying that the context allows the consumer to access the data block, [transferring a data capsule, the data capsule comprising an encrypted version] of the data block and a micro agent (upon verification that the user is a member of a group allowed some level of access to the security container’s content. Doyle para. 0097. The content remains inside the security container after delivery in order to maintain continued access control. Doyle para. 0107. The content is always distributed with its security container and embedded rules, where the rules are written to prevent the user from being able to copy content that should not be distributed beyond the user. Doyle para. 0121. The functioning of the rules reads on the recited micro agent.) for monitoring access to the data block (the rules in the security container maintain ongoing control over access to the security container’s content. Doyle para. 0107. Examiner’s note: this limitation is interpreted as intended use and not given patentable weight.).
While Doyle does not specifically disclose: “transferring a data capsule, the data capsule comprising an encrypted version”, this limitation is inherent in the reference. Once being allowed some level of access to the security container, subsequent processing and additional access-related checking can be performed by the rules to determine what the requester can do with the document component. Doyle para. 0097. Since the security container content may be transferred by requesting delivery from a network server (Doyle para. 0110), the subsequent checking includes additional matching of identifiers, which would allow the actual decryption of the content with a symmetric key. Doyle para. 0098. Therefore, depending on the additional See MPEP Sect. 2112.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 10, 19 rejected under 35 U.S.C. 103 as being unpatentable over Doyle.
Regarding claims 1, 10 and 19, Doyle discloses: a method for controlling context-based access of data, the method comprising: receiving, at a producer, a request to access a data block from a consumer (a requester (reads on recited consumer) requests access to a document component mediated by a security container. Doyle para. 0081. The security container’s interface received the user’s access request. Doyle para. 0081.); verifying whether a context associated with the consumer will allow the consumer to access the data block (determining whether the requester is a member of a group of authorized users allowed to access to the document component. Doyle paras. 0081-0083. Whether the requester is a member of a group authorized to access is interpreted as the recited context associated with the consumer.); and upon verifying that the context allows the consumer to access the data block, [transferring a data capsule, the data capsule comprising an encrypted version] of the data block and a micro agent (upon verification that the user is a member of a group allowed some level of access to the security container’s content. Doyle para. 0097. The content remains inside the security container after delivery in order to maintain continued access control. Doyle para. 0107. The content is always distributed with its security container and embedded rules, where the rules are written to prevent the user from being able to copy content that should not be distributed beyond the user. Doyle para. 0121. The functioning of the rules reads on the recited micro agent.) for monitoring access to the data block (the rules in the security container maintain ongoing control over access to the security container’s content. Doyle para. 0107. Examiner’s note: this limitation is interpreted as intended use and not given patentable weight.).
While Doyle does not specifically disclose: “transferring a data capsule, the data capsule comprising an encrypted version”, it would be prima facie obvious to one or ordinary skill in the art to understand that once being allowed some level of access to the security container, subsequent processing and additional access-related checking can be performed by the rules to determine what the requester can do with the document component. Doyle para. 0097. Since the security container content may be transferred by requesting delivery from a network server (Doyle para. 0110), the subsequent checking includes additional matching of identifiers, which would allow the actual decryption of the content with a symmetric key. Doyle para. 0098. Therefore, depending on the additional permissions (such as whether the user is allowed read/write permission to the content) the container with the content would be transferred to the user in encrypted form with the agent.  The motivation for this conclusion is that since the protected data is already in encrypted form, one would design the system to continue to protect the included data in encrypted form until the permission level is established and the keys are made available based upon the specific permissions. Doyle para. 0098.

Claims 2-3, 8, 11-12, 17, 20 rejected under 35 U.S.C. 103 as being unpatentable over Doyle in view of Fontaine (U.S. Pat. App. Pub. 2009/0094164 A1).
Regarding claims 2, 11, and 20, Doyle discloses the limitations of claim 1, 10, and 19, respectively. Doyle does not disclose: wherein verifying whether a context associated with the 
However, Fontaine does disclose: wherein verifying whether a context associated with the consumer will allow the consumer to access the data block comprises: providing a challenge to the consumer (authenticating server issues a security challenge to the client. Fontaine para. 0016.), the challenge associated with the request (system receives a request for remote access to the application sever from a client. Fontaine para. 0015.); and obtaining a response to the challenge (the client receives the challenges, interrogates the security challenge, and generates a response that is sent to the authenticating server. Fontaine para. 0016.), the response comprising at least a certification that the context associated with the consumer will allow the consumer to access the data block (the response to the challenge enables the user’s presence at the location from which the request has been sent to be verified. Fontaine para. 0016.).
 Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the data security container containing rules to control permissions and decryption keys for encrypted content of Doyle with a challenge response function to verify the context used to verify the requester based upon the teachings of Fontaine. The motivation being to be able to ensure the requester is actually located in the place where the requested transactions take place for legal considerations in the requester’s asserted location. Fontaine para. 0008.
Regarding claims 3 and 12, Doyle in view of Fontaine discloses the limitations of claims 2 and 11, respectively, wherein the certification comprises a trusted third party certification and one or more parameters for proving that the trusted third party certification is associated with the request from the consumer to access the data block (the location verification is delegated from the application server to an authentication server which may employ a RADIUS server or another server which include dial up user validation software adapted to validate a user by comparing logon name or password with jurisdictional values in a database or table. Fontaine para. 0030. The dialing system includes a system for identifying the number associated with the dialer located at the user’s location. Fontaine para. 0031.). 
Regarding claims 8 and 17, Doyle discloses the limitations of claims 1 and 10, respectively. Doyle does not disclose: wherein the context is a geolocation associated with the consumer.
However, Fontaine does disclose: wherein the context is a geolocation associated with the consumer (authenticating the geographic location of a user, identifying the user, and permitting the user to access a system. Fontaine para. 0013.).
 Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the data security container containing rules to control permissions and decryption keys for encrypted content of Doyle with a challenge response function to verify the context used to verify the requester based upon the teachings of Fontaine. The motivation being to be able to ensure the requester is actually located in the place where the requested transactions take place for legal considerations in the requester’s asserted location. Fontaine para. 0008. 

Claims 4, 13 rejected under 35 U.S.C. 103 as being unpatentable over Doyle in view of Williams (U.S. Pat. App. Pub. 2007/0130070 A1).
Regarding claims 4 and 13
However, Willams does disclose: receiving the request from a data broker and transferring the data capsule to the data broker, the data broker configured as an intermediary between the producer and the consumer (a data broker situated as a third-party intermediary between the requester and the resource. Williams para. 0006.). 
  Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the data security container containing rules to control permissions and decryption keys for encrypted content of Doyle with the use of an intermediary data broker based upon the teachings of Williams. The motivation being to facilitate anonymous exchange of information between systems users and the resource. Williams para. 0006.

Claims 5-7, 14-16 rejected under 35 U.S.C. 103 as being unpatentable over Doyle in view of Low (U.S. Pat. App. Pub. 2007/0050362 A1).
Regarding claims 5 and 14, Doyle discloses the limitations of claims 1 and 10, respectively. Doyle does not disclose: wherein the micro agent comprises a self-executable macro for maintaining a log of all read and write accesses to the data block.
However, Low does disclose: wherein the micro agent comprises a self-executable macro for maintaining a log of all read and write accesses to the data block (access control agent over encrypted protected data uses an audit log to track all reads and writes of the protected file. Low para. 0025.).
 Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the data security container containing rules to control permissions and decryption keys for encrypted content of Doyle with maintaining a log of all read and write access to the protected data based upon the teachings of Low. The motivation being to use complex access control rules and auditing controls to protect downloaded data from a repository. Low paras. 0005 and 0008.
Regarding claims 6 and 15, Doyle discloses the limitations of claims 1 and 10, respectively, wherein the micro agent is configured to control access to the data block by one or more applications when the data block is received by the consumer (the agent can control requests including requests based upon the application that generated the request. Doyle para. 0053.).
Doyle does not disclose: based on interacting with an operating system.
However, Low does disclose: based on interacting with an operating system (setting access controls such as time periods, which are based upon consulting the computer’s OS clock and network setting to determine whether the control requirements are satisfied. Low para. 0036.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the data security container containing rules to control permissions and decryption keys for encrypted content of Doyle with control access to the protected data based upon interacting with an operating system based upon the teachings of Low. The motivation being to have a trusted baseline for access control parameters. Low para. 0036.
Regarding claims 7 and 16, Doyle discloses the limitations of claims 1 and 10, respectively. Doyle does not disclose: wherein the data capsule further comprises a data block identifier associated with the data block, the data block identifier for identifying the data block.
However, Low does disclose: wherein the data capsule further comprises a data block identifier associated with the data block, the data block identifier for identifying the data block (the access agent registers the electronic file with a server and the protected electronic file in the encapsulated security container is given a unique ID or URI. Low para. 0023.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the data security container containing rules to control permissions and decryption keys for encrypted content of Doyle with .
 
Claims 9, 18 rejected under 35 U.S.C. 103 as being unpatentable over Doyle in view of Fontaine in view of Malaney (U.S. Pat. App. Pub. 2012/0195597 A1).
Regarding claims 9 and 18, Doyle in view of Fontaine discloses the limitations of claim 8, and 17, respectively. Doyle in view of Fontaine does not disclose: performing continuous geolocation assessment while transferring the data capsule, the continuous geolocation assessment for verifying the geolocation of the consumer at two or more points in time during the transfer.
However, Malaney does disclose: performing continuous geolocation assessment while transferring the data capsule, the continuous geolocation assessment for verifying the geolocation of the consumer at two or more points in time during the transfer (location verification can be monitored continuously in real-time during the data transfer, halting the data transfer upon violation of the verification parameters. Malaney para. 0075.).
Therefore, it would have been prima facie obvious to one of ordinary skill in the art prior to the effective filing date of the claimed invention to modify the data security container containing rules to control permissions and decryption keys for encrypted content of Doyle with continuous geolocation assessment during data transfer based upon the teachings of Malaney. The motivation being to prevent an adversary from continuing to receive real-time data without one of the adversary’s devices being at the specified location. Malaney para. 0075.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: Atluri (U.S. Pat. App. Pub. 2006/0010227 A1), access and control permissions where read/write access is logged; Parker (U.S. Pat. App. Pub. 2010/0130233 A1), continuously sending location data to the datacenter; Banerjee (U.S. Pat. 8,874,528 B1), protecting a decryption key using geolocation requirements; Endresen (U.S. Pat. 9,330,275 B1), location-based decryption requirements; Pama (U.S. Pat. App. Pub. 2016/0224970 A1), transaction authorization request requiring a challenge response; White (U.S. Pat. App. Pub. 2018/0020001 A1), data capsule allowing access only when context is verified
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VANCE M LITTLE whose telephone number is (571) 270-0408.  The examiner can normally be reached on Monday - Friday 9:30am - 5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jung (Jay) Kim can be reached on (571) 272-3804.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.






/VANCE M LITTLE/Examiner, Art Unit 2493