Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in reply to papers filed on 09/28/2020. Claims 1-20 are pending. Claims 1, 15, and 20 are independent.

Priority
This application claims priority to and is a continuation of PCT Patent Application No. PCT/CN2019/078420, filed on 03/18/2019, which claims priority to Chinese Patent Application No. CN201810274315.3, filed on 03/29/2018. Receipt is acknowledged of certified copies required by 37 CFR 1.55.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/06/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the Examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-14 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention. 

As per claim 1
Claim 1 recites: “segmenting the application program information …”. The term “the application program information” makes the claim ambiguous and indefinite as it lacks proper antecedent basis. 

As per claims 2-14
Claim 1, as stated above, is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter. Thus, claims 2-14 are similarly rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ) by virtue of their dependency on claim 1.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention 

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.

Claims 1-3, 5-9, 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Burshteyn, US 2016/0342608 A1 (hereinafter, “Burshteyn ‘608”), in view of Rakowski et al. 2007/0283011 A1 (hereinafter, “Rakowski ‘011”) 

As per claim 1: Burshteyn ‘608 discloses:
	A method comprising: 
segmenting the (partitioning the source data, where the source data may be sensitive files or information [Burshteyn ‘608, ¶¶2, 16, 39]) into multiple program sub-information (partitioning the source data into multiple obfuscated data files [Burshteyn ‘608, ¶¶31-32, 39])
by using an information segmentation algorithm of the (generating multiple obfuscated data files by using, in part, a data partition algorithm on the source data [Burshteyn ‘608, ¶¶32, 39, 53]), 
the information segmentation algorithm (data partition algorithm [Burshteyn ‘608, ¶¶32, 39, 53]) having undergone algorithm obfuscation processing (the data partition algorithm, along with other transformation algorithms used on the source file, is contained within a trace file, where the trace file is undergoes obfuscation to create a modified trace file [Burshteyn ‘608, ¶¶44-45, 55]); and 
storing the program sub-information (storing the multiple obfuscated data files in a data store [Burshteyn ‘608, ¶¶19, 36, 58]).

As stated above, Burshteyn ‘608 does not explicitly disclose:  “… the application program information … the application program information …”.
Rakowski ‘011, however, discloses:
… the application program information … the application program information … (configuration information, where the configuration information may correspond to one or more applications on a device [Rakowski ‘011, ¶¶3, 27]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in see Rakowski ‘011, ¶¶5, 50, 52).

As per claim 2: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 1, as stated above, from which claim 2 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
	wherein the segmenting the (partitioning the source data, where the source data may be sensitive files or information [Burshteyn ‘608, ¶¶2, 16, 39]) into the program sub-information (partitioning the source data into multiple obfuscated data files [Burshteyn ‘608, ¶¶31-32, 39]) comprises: 
randomly dispersing the (randomly partitioning the source data using various methods to obtain multiple obfuscated data files [Burshteyn ‘608, ¶39]).

As stated above, Burshteyn ‘608 does not explicitly disclose:  “… the application program information … the application program information …”.
Rakowski ‘011, however, discloses:
… the application program information … the application program information … (configuration information, where the configuration information may correspond to one or more applications on a device [Rakowski ‘011, ¶¶3, 27]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. For the reasons 

As per claim 3: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 1, as stated above, from which claim 3 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
wherein the storing the program sub-information (storing the multiple obfuscated data files in a data store [Burshteyn ‘608, ¶¶19, 36, 58]) comprises: 
storing multiple pieces of program sub-information to a plurality of storage locations (storing the multiple obfuscated data to a plurality of computers within a data store distributed over a computer network [Burshteyn ‘608, ¶¶Abstract, 17-18]) in an information management space (under the broadest reasonable interpretation, an ‘information management space’ is interpreted as a data store distributed over a computer network [Burshteyn ‘608, ¶¶Abstract, 11-12]).

As per claim 5: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 1, as stated above, from which claim 5 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
	further comprising: performing algorithm obfuscation processing on the information segmentation algorithm (the data partition algorithm, along with other transformation algorithms used on the source file, is contained within a trace file, where the trace file is undergoes obfuscation to create a modified trace file [Burshteyn ‘608, ¶¶44-45, 55]).

	As per claim 6: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claims 1 and 5, as stated above, all from which claim 6 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
wherein the algorithm obfuscation processing (the trace file is undergoes obfuscation to create a modified trace file [Burshteyn ‘608, ¶¶44-45, 55]) includes at least one of the following: 
function renaming, character string encryption (the trace file, which contains the at least the partition algorithm, undergoes obfuscation by applying an encryption algorithm that takes the trace file and an encryption key as input, and that outputs the modified version of the obfuscated data file [Burshteyn ‘608, ¶55]), 51instruction substitution, control flow flattening, fake branch transformation, garbage insertion, and order disruption.

	As per claim 7: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 1, as stated above, from which claim 7 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
	further comprising: 
generating the (generating the source data based on unencrypted source data and an encryption key [Burshteyn ‘608, ¶38; Fig. 3]).

As stated above, Burshteyn ‘608 does not explicitly disclose:  “… the application program information … raw application program information …”.
Rakowski ‘011, however, discloses:
… the application program information … raw application program information … (configuration information, where the configuration information may correspond to one or more applications on a device [Rakowski ‘011, ¶¶3, 27]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious 

As per claim 8: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claims 1 and 7, as stated above, all from which claim 8 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
wherein the generating the (generating the source data based on unencrypted source data and an encryption key [Burshteyn ‘608, ¶38; Fig. 3]) comprises: 
encrypting the raw (encrypting the unencrypted source data using the encryption key to obtain the source data [Burshteyn ‘608, ¶38; Fig. 3]).

As stated above, Burshteyn ‘608 does not explicitly disclose:  “… the application program information … raw application program information … raw application program information”.
Rakowski ‘011, however, discloses:
… the application program information … raw application program information … raw application program information (configuration information, where the configuration information may correspond to one or more applications on a device [Rakowski ‘011, ¶¶3, 27]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in Burshteyn ‘608 to include the teachings of Rakowski ‘011.

As per claim 9: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claims 1 and 7, as stated above, all from which claim 9 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
	further comprising: 
(generating an encryption key used to encrypt the unencrypted source data [Burshteyn ‘608, ¶38; Fig. 3]).

As stated above, Burshteyn ‘608 does not explicitly disclose:  “randomly generating the first auxiliary key.”
Rakowski ‘011, however, discloses:
randomly generating the first auxiliary key (generating a user key to encrypt the configuration information, where the user key may be generated using a random process [Rakowski ‘011, ¶31]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in Burshteyn ‘608 to include the teachings of Rakowski ‘011, namely to use a random process, as disclosed in Rakowski ‘011, to generate the encryption key used to encrypt the unencrypted source data, as disclosed in Burshteyn ‘608. The motivation for doing so would be to increase the security for configuration information by making the encryption key harder to access via a random generation process (see Rakowski ‘011, ¶¶31, 52).

As per claim 15: Burshteyn ‘608 discloses:
	An apparatus comprising: 
one or more processors (one or more processors 710 [Burshteyn ‘608, ¶77; Fig. 7]); and 
one or more memories storing thereon computer-readable instructions (memory 711 containing instructions [Burshteyn ‘608, ¶77; Fig. 7]) that, 
when executed by the one or more processors, cause the one or more processors to perform acts (processors 710 execute instructions stored on memory 711 to perform operations [Burshteyn ‘608, ¶77; Fig. 7]) comprising: 
performing deobfuscation on an information segmentation algorithm having undergone algorithm obfuscation processing (perform un-obfuscation on an obfuscated trace file, where the obfuscated trace file contains the partition algorithm [Burshteyn ‘608 ¶¶44-45, 55, 69; Fig. 4]); 
extracting program sub-information (receiving multiple obfuscated data files [Burshteyn ‘608 ¶¶73-74; Fig. 6]); and 
recombining the program sub-information (receiving multiple obfuscated data files from multiple locations at a computer system [Burshteyn ‘608 ¶74; Fig. 6]) according to the information segmentation algorithm having undergone deobfuscation to obtain (regenerating the source data based on the received obfuscated data files and the un-obfuscated trace file, where the un-obfuscated trace file contains the partition algorithm that can be used to reverse the obfuscation of the data files and generate the source data [Burshteyn ‘608 ¶¶16, 45, 75; Fig. 6]).

As stated above, Burshteyn ‘608 does not explicitly disclose:  “… application program information …”.
Rakowski ‘011, however, discloses:
… application program information … (configuration information, where the configuration information may correspond to one or more applications on a device [Rakowski ‘011, ¶¶3, 27]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. For the reasons 

As per claim 16: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 15, as stated above, from which claim 16 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
wherein performing the deobfuscation on the information segmentation algorithm (perform un-obfuscation on an obfuscated trace file, where the obfuscated trace file contains the partition algorithm [Burshteyn ‘608 ¶¶44-45, 55, 69; Fig. 4]) having undergone algorithm obfuscation processing (the data partition algorithm, along with other transformation algorithms used on the source file, is contained within a trace file, where the trace file is undergoes obfuscation to create a modified trace file [Burshteyn ‘608, ¶¶44-45, 55]) comprises: 
performing corresponding deobfuscation processing on the information segmentation algorithm (perform un-obfuscation on an obfuscated trace file, where the obfuscated trace file contains the partition algorithm [Burshteyn ‘608 ¶¶44-45, 55, 69; Fig. 4]) according to the algorithm obfuscation processing (the un-obfuscation process is based on the obfuscation process of the trace file [Burshteyn ‘608 ¶¶55, 69; Fig. 4]).

As per claim 17: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 15, as stated above, from which claim 17 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
wherein the extracting program sub-information (receiving multiple obfuscated data files [Burshteyn ‘608 ¶¶73-74; Fig. 6]) comprises: 
extracting the program sub-information according to a deobfuscated information storage algorithm (the multiple obfuscated data files are stored using a data movement process that includes .

As per claim 18: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 15, as stated above, from which claim 18 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
wherein: the (generating the source data based on unencrypted source data and an encryption key [Burshteyn ‘608, ¶38; Fig. 3])



As stated above, Burshteyn ‘608 does not explicitly disclose:  “… application program information …, and the acts further comprises: acquiring the first auxiliary key; and generating the raw application program information according to the application program information and the first auxiliary key.”
Rakowski ‘011, however, discloses:
… application program information (configuration information, where the configuration information may correspond to one or more applications on a device [Rakowski ‘011, ¶¶3, 27]) …, and the acts further comprises: 
acquiring the first auxiliary key (acquiring the user key used to encrypt the configuration information [Rakowski ‘011, ¶¶31, 36, 47, 51]); and 
generating the raw application program information according to the application program information and the first auxiliary key (generating the unencrypted configuration information according to the configuration information and the user key [Rakowski ‘011, ¶31, 36, 47, 51]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in Burshteyn ‘608 to include the teachings of Rakowski ‘011, namely to perform the data protection operations, as disclosed Burshteyn ‘608, not only on general source data, but also on configuration information that corresponds to one or more applications on a device, as disclosed in Rakowski ‘011. In particular, to generate the unencrypted source data, as disclosed in Burshteyn ‘608, by decrypting the encrypted source data using the encryption key, as disclosed in Rakowski ‘011. The motivation for doing so would be to provide a method of decrypting and accessing requested information, such as configuration information, for use by the requesting client, such as for configuring client applications (see Rakowski ‘011, ¶¶51, 57).

As per claim 19: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claims 15 and 18, as stated above, all from which claim 19 is dependent upon. Burshteyn ‘608 does not explicitly disclose the limitations of claim 19. Rakowski ‘011, however, discloses:
wherein the generating the raw application program information according to the application program information and the first auxiliary key (generating the unencrypted configuration information according to the configuration information and the user key [Rakowski ‘011, ¶31, 36, 47, 51]) comprises: 
using the first auxiliary key to decrypt the application program information to obtain the raw application program information (using the user key to decrypt the configuration information to obtain unencrypted configuration information [Rakowski ‘011, ¶31, 36, 47, 51]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. For the reasons stated in claim 18, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in Burshteyn ‘608 to include the teachings of Rakowski ‘011.

As per claim 20: Burshteyn ‘608 discloses:
One or more memories storing thereon computer-readable instructions (memory 711 containing instructions [Burshteyn ‘608, ¶¶77, 82; Fig. 7]) that, 
when executed by one or more processors, cause the one or more processors to perform acts (processors 710 execute instructions stored on memory 711 to perform operations [Burshteyn ‘608, ¶77; Fig. 7]) comprising: 
performing deobfuscation on an information segmentation algorithm having undergone algorithm obfuscation processing (perform un-obfuscation on an obfuscated trace file, where the obfuscated trace file contains the partition algorithm [Burshteyn ‘608 ¶¶44-45, 55, 69; Fig. 4]); 
extracting program sub-information (receiving multiple obfuscated data files [Burshteyn ‘608 ¶¶73-74; Fig. 6]); and 
recombining the program sub-information (receiving multiple obfuscated data files from multiple locations at a computer system [Burshteyn ‘608 ¶74; Fig. 6]) according to the information segmentation algorithm having undergone deobfuscation to obtain (regenerating the source data based on the received obfuscated data files and the un-obfuscated trace .

As stated above, Burshteyn ‘608 does not explicitly disclose:  “… application program information …”.
Rakowski ‘011, however, discloses:
… application program information … (configuration information, where the configuration information may correspond to one or more applications on a device [Rakowski ‘011, ¶¶3, 27]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. For the reasons stated in claim 1, prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in Burshteyn ‘608 to include the teachings of Rakowski ‘011.

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Burshteyn ‘608, in view of Rakowski ‘011, and further in view of Ehud, US 2005/0216754 A1 (hereinafter, “Ehud ‘754”).

As per claim 4: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 1, as stated above, from which claim 4 is dependent upon. Furthermore, Burshteyn ‘608 discloses:
wherein the storing the program sub-information (storing the multiple obfuscated data files in a data store [Burshteyn ‘608, ¶¶19, 36, 58]) comprises: 
storing the program sub-information using an information storage algorithm (storing the multiple obfuscated data files using a data movement process that includes sending each of the multiple 


As stated above, Burshteyn ‘608 in view of Rakowski ‘011 does not explicitly disclose: “wherein the information storage algorithm has undergone algorithm obfuscation processing.”
Ehud ‘754, however, discloses:
wherein the information storage algorithm (the location algorithm, also referred to as the distribution algorithm, where the location algorithm is used to determine the locations of which data fragments are to be stored [Ehud ‘754, ¶¶Abstract, 11, 22-24]) has undergone algorithm obfuscation processing (the location algorithm, also referred to as the distribution algorithm, undergoes obfuscation through the use of random factors and parameters [Ehud ‘754, ¶¶Abstract, 11, 22]).
Burshteyn ‘608 (modified by Rakowski ‘011) and Ehud ‘754 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 (modified by Rakowski ‘011) and Ehud ‘754 before them, to modify the method in Burshteyn ‘608 (modified by Rakowski ‘011) to include the teachings of Ehud ‘754, namely to incorporate more random factors and random parameters, as disclosed in Ehud ‘754, into the data movement process, as disclosed in Burshteyn ‘608, such that the process is obfuscated. The motivation for doing so would be to provide increased protection to data fragments or data files by making the location algorithm more difficult to ascertain by incorporating elements of randomness (see Ehud ‘754, ¶¶9-10, 22).

Claims 10-11 are rejected under 35 U.S.C. 103 as being unpatentable over Burshteyn ‘608, in view of Rakowski ‘011, and further in view of Bao et al., US 2016/0239674 A1 (hereinafter, “Bao ‘674”)

As per claim 10: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claims 1 and 7, as stated above, all from which claim 10 is dependent upon. Burshteyn ‘608 does not explicitly disclose the limitations of claim 10. Rakowski ‘011, however, discloses:
further comprising: 
generating a second auxiliary key (generating a second user key, where the second user key is generated based on a user’s PIN [Rakowski ‘011, ¶31]) 
encrypting the first auxiliary key by using the second auxiliary key (encrypting the user key with the second user key [Rakowski ‘011, ¶31]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in Burshteyn ‘608 to include the teachings of Rakowski ‘011, namely to encrypt the encryption key used to encrypt the source data, as disclosed in Burshteyn ‘608, with a second key to generate an encrypted encryption key, as disclosed in Rakowski ‘011. The motivation for doing so would be to provide more protection to sensitive data, such as configuration information, by making the encrypted data more difficult to decrypt though another layer of encryption (see Rakowski ‘011, ¶¶31, 52, 57).

As stated above, Burshteyn ‘608 in view of Rakowski does not explicitly disclose: “generating a second auxiliary key according to a unique device identifier”.
Bao ‘674, however, discloses:
 according to a unique device identifier (generating a cryptographic security key based on a unique identifier associated with the client device, where the cryptographic security key is used to encrypt the file key, and where the file key is used to encrypt a file [Bao ‘674, ¶14]).
Burshteyn ‘608 (modified by Rakowski ‘011) and Bao ‘674 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 (modified by Rakowski ‘011) and Bao ‘674 before them, to modify the method in Burshteyn ‘608 (modified by Rakowski ‘011) to include the teachings of Bao ‘674, namely to encrypt the encryption key used to encrypt the source data, as disclosed in Burshteyn ‘608, with a second key to generate an encrypted encryption key, as disclosed in Rakowski ‘011, where the second key is generated based on a unique identifier associated with the client device, as disclosed in Bao ‘674. The motivation for doing so would be to add another layer of protection to encrypted data or files by generating encryption keys based on hard-to-obtain unique identifiers. Furthermore, using unique identifiers also provides a method of authenticating the requesting client device (see Bao ‘674, ¶¶14-15).

As per claim 11: Burshteyn ‘608, in view of Rakowski ‘011, and further in view of Bao ‘674 discloses all limitations of claims 1, 7, and 10, as stated above, all from which claim 11 is dependent upon. Burshteyn ‘608 does not explicitly disclose the limitations of claim 11. Rakowski ‘011, however, discloses:
further comprising: 
after the encrypting the first auxiliary key by using the second auxiliary key (encrypting the user key with the second user key [Rakowski ‘011, ¶31]), 
saving an encryption result of encrypting the first auxiliary key by using the second auxiliary key (storing the encrypted used key on a computer server [Rakowski ‘011, ¶31]).
Burshteyn ‘608 and Rakowski ‘011 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data across multiple devices. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 and Rakowski ‘011 before them, to modify the method in Burshteyn ‘608 to include the teachings of Rakowski ‘011, namely to encrypt the encryption key used to encrypt the source data, as disclosed in Burshteyn ‘608, with a second key to generate an encrypted encryption key, as disclosed in Rakowski ‘011, and then storing the encrypted encryption key. The motivation for doing so would be to provide more protection to sensitive data, such as configuration information, by making the encrypted data more difficult to decrypt though another layer of encryption via an encrypted key, but also storing the encrypted key such that an authorized user is able to use it to obtain and decrypt the requested data (see Rakowski ‘011, ¶¶31, 52, 57).

Claims 12-14 are rejected under 35 U.S.C. 103 as being unpatentable over Burshteyn ‘608, in view of Rakowski ‘011, and further in view of Redjaian et al., US 2008/0147831 A1 (hereinafter, “Redjaian ‘831”).

As per claim 12: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claims 1 and 7, as stated above, all from which claim 12 is dependent upon. Burshteyn ‘608 in view of Rakowski ‘011 does not explicitly disclose the limitations of claim 12. Redjaian ‘831, however, discloses:
further comprising: 
generating check information for an integrity check according to at least one of the following: the raw application program information or the application program information (generating a digital ; and 
adding the check information to the application program information (adding digital signatures to the configuration files [Redjaian ‘831, ¶¶6, 15]) to 
determine integrity of the raw application program information or the application program information according to the check information (determining the integrity of the configuration files by validating the corresponding digital signature of the configuration files [Redjaian ‘831, ¶¶6, 15, 26]).
Burshteyn ‘608 (modified by Rakowski ‘011) and Redjaian ‘831 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data for use in configuration data validation. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 (modified by Rakowski ‘011) and Redjaian ‘831 before them, to modify the method in Burshteyn ‘608 (modified by Rakowski ‘011) to include the teachings of Redjaian ‘831, namely to validate the source data, as disclosed in Burshteyn ‘608, by authenticating a digital signature, as disclosed in Redjaian ‘831,  associated with the source data. The motivation for doing so would be to check the integrity of the configuration files by ensuring that they have not been compromised via the authentication of a signature (see Redjaian ‘831, ¶¶6, 15).

As per claim 13: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claims 1 and 7, as stated above, all from which claim 13 is dependent upon. Burshteyn ‘608 in view of Rakowski ‘011 does not explicitly disclose the limitations of claim 13. Redjaian ‘831, however, discloses:
further comprising: 
adding attribute information of the raw application program information (under the broadest reasonable interpretation, ‘attribute information’ can be interpreted as identification information associated with the configuration files; adding an identifier associated with the configuration file  [Redjaian ‘831, ¶14]) to the application program information (adding an identifier associated with the configuration file and then encrypting the configuration files to generate encrypted configuration files that are associated with the identifier [Redjaian ‘831, ¶14-15]) to 
determine integrity of the raw application program information according to the attribute information (validating the configuration files by authenticating the identifier [Redjaian ‘831, ¶14, 19]).
Burshteyn ‘608 (modified by Rakowski ‘011) and Redjaian ‘831 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data for use in configuration data validation. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 (modified by Rakowski ‘011) and Redjaian ‘831 before them, to modify the method in Burshteyn ‘608 (modified by Rakowski ‘011) to include the teachings of Redjaian ‘831, namely to validate the source data, as disclosed in Burshteyn ‘608, by validating an identifier, as disclosed in Redjaian ‘831, associated with the source data. The motivation for doing so would be to validate the configuration files by ensuring that they correspond to the correct target device (see Redjaian ‘831, ¶¶5, 14, 19).

As per claim 14: Burshteyn ‘608 in view of Rakowski ‘011 discloses all limitations of claim 1, as stated above, from which claim 14 is dependent upon. Burshteyn ‘608 in view of Rakowski ‘011 does not explicitly disclose the limitations of claim 14. Redjaian ‘831, however, discloses:
wherein the application program information (configuration files, where the configuration files correspond to a computing devices running various applications, and where the configuration files are also encrypted [Redjaian ‘831, ¶¶3, 6, 15]) includes an application program key (the configuration files .
Burshteyn ‘608 (modified by Rakowski ‘011) and Redjaian ‘831 are analogous art because they are from the same field of endeavor, namely that of the secure storage of sensitive data for use in configuration data validation. Prior to the effective filing date of the claimed invention, it would have been obvious to one of ordinary skill in the art, having the teachings of Burshteyn ‘608 (modified by Rakowski ‘011) and Redjaian ‘831 before them, to modify the method in Burshteyn ‘608 (modified by Rakowski ‘011) to include the teachings of Redjaian ‘831, namely to include a key associated with application specific devices, as disclosed in Redjaian ‘831, within the source data, as disclosed in Burshteyn ‘608, or within the configuration information, as disclosed in Rakowski ‘011. The motivation for doing so would be to include sensitive information, such as keys, passwords, or usernames, within configuration files, such that they would be better protected once the configuration files are encrypted (see Redjaian ‘831, ¶¶6, 23).








Conclusion
The prior art made of record and not relied upon is considered pertinent to the Applicant’s disclosure:
Resch, US 2014/0281550 A1: producing and storing a set of encrypted key slices, and then retrieving a threshold number of the stored key slices from a plurality of storage units.
Orsini et al
Negahdar, US 2006/0182282 A1: a server retrieves configuration information. A key is randomly generated and used to encrypt the configuration information. The key is combined with the encrypted configuration information into a composite file, and the composite file is distributed.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALAN LINGQIAN KONG whose telephone number is (571)272-2646. The examiner can normally be reached Monday-Thursday 7:30am-5:00pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JUNG (JAY) KIM can be reached on (571)272-3804. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALAN LINGQIAN KONG/Examiner, Art Unit 2494

/JUNG W KIM/Supervisory Patent Examiner, Art Unit 2494