Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.	This action is in response to the applicant's communication filed on 01/04/2022. In virtue of this communication, claims 1-17 filed on 01/04/2022 are currently pending in the instant application. Claim 1 and 9 are amended. Claims 1, 9 and 17 are Independent. No new matter has been added by these amendments.

Examiner's Note:  The Examiner has pointed out particular references contained in the prior art of record within the body of this action for the convenience of the Applicant.  Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply.  Applicant, in preparing the response, should consider fully the entire reference as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the Examiner.
In view of this understanding, the argument made by the Applicant on 01/04/2022 concerning the Miller reference is not persuasive, because the limitation recited in each independent claim is disclosed by the reference on the record. Thus, the Miller, 964’ reference is maintained.

external secrets are stored separately from the computing system; and utilizing the final master secret to encrypt at least a portion of data stored on each storage device of the plurality of storage devices”, as recited in claim 8.

In response to the above argument, Applicant attention respectfully directed to fig. 1 of Miller depicted separate storage devices, for instance 150A-N may include its own key encryption unit, and 150Band storage controller 110 may provide a value to each device key encryption unit, and the device may use this value to encrypt its key.  As shown in fig. 1 of Miller each storage device 150A-N may include its own key encryption unit, and storage controller 110 may provide a value to each device key encryption unit, and the device may use this value to encrypt its key. Furthermore, each key may be encrypted independently and separately from the data that is encrypted and stored on each storage device. Para. 0062 of Miller discloses each storage device may generate the key independently of the other storage devices, and the key may be a randomly generated number.

B.	Applicant argue “… The Office Action cites Miller at para. [0010] (reproduced above) for the claimed element "utilizing the independent keys to encrypt the multiple portions of segmented data," as recited in claim 1. However, the encryption of "multiple portions of segmented data" is absent from Miller's teachings. Therefore, Miller does not teach the claimed element”. 

In response to the above argument, Examiner respectfully disagree with the above argument because, for instance, a method for protecting data on a group of storage devices.  Para. 0062 of Miller discloses method 300 may begin with each storage device of the group of storage devices generating a key (block 305). Fig. 2 of Miller depicted the operations of reconstructing final master secret 218 and decrypting the encrypted keys 270 may be performed a single time on boot up of the storage system 200. After the encrypted keys 270 have been decrypted, they may be stored in a volatile memory (RAM 230) and used multiple times for accesses to storage devices 250A-N. It is noted that this is an advantageous feature of storage system 200 which allows for final master secret 218 to be reconstructed and encrypted keys 270 to be decrypted a single time and then reused multiple times, for example.

C.	Applicant argue “… an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, but possession of an insufficient number of shares provides little or no information about the initial master secret. One or more shares may be generated for each storage device of the system, and then the share(s) may be stored on their corresponding storage device. If enough of the storage devices are present, then the initial master secret may be reconstructed from the shares stored on these storage devices. In one embodiment, the initial master secret may be combined with one or more external secrets to generate a final master secret”. 

In response to the above argument, Applicant’s attention respectfully directed to para. 0041 of Miller discloses to decrypt the data, the shares of a sufficient number of storage devices 150A-N may be used to reconstruct the initial master secret 120. Next, external secret(s) 124 may be retrieved and combined with initial master secret 120 to generate final master secret 128. Final master secret 128 may then be used to decrypt the encrypted data 170, for example. Furthermore, Miller discussed, see Abstract” a system, method, and computer-readable storage medium for protecting a set of storage devices using a secret sharing scheme in combination with an external secret. An initial master secret is generated and then transformed into a final master secret using an external secret. A plurality of shares are generated from the initial master secret and distributed to the storage devices. The data of each storage device is encrypted with a device-specific key, and this key is encrypted using the final master secret. In order to read the data on a given storage device, the initial master secret reconstructed from a threshold number of shares and the external secret is retrieved. Next, the initial master secret is transformed into the final master secret using the external secret, and then the final master secret is used to decrypt the encrypted key of a given storage device, for example. 

Claim Rejections – 35 USC §103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

s 1-17 are rejected under 35 U.S.C. 103 as being unpatentable over Miller et al. (US Pub. No. US 2015/0127946 A1, hereinafter “Miller”) in view of DeKeyser (US Pub. No. US 2008/0165249 A1).

Miller provide the system provides a secret sharing scheme to protect the storage array by preventing data from being compromised if a small number of storage devices are lost or stolen, so that unauthorized data access can be prevented if the entire storage array is lost, thus ensuring that the stored data cannot be read or compromised by unauthorized users, and hence protecting data on the storage devices.

DeKeyser provide systems and methods in which a camera storing discrete segments of imaged data comprising, using a sensor in the camera to capture image data; using multiple portions of a memory as a loop in which to record the segments in approximately real time; and protecting the multiple portions from being overwritten by subsequent recording in the loop.

As per claim 1, Miller discloses a method for protecting and storing data (Abstract: storage medium for protecting a set of storage devices using a secret sharing scheme in combination with an external secret, for example), the method comprising: utilizing multiple storage devices in disparate locations (para.0007 discloses systems and methods for preventing unauthorized access to data stored in a storage array, for example and para. 0056 discloses locations for storing the decrypted keys are possible and are contemplated, for example); and performing operations using at least one processor of a data protection server connected over a network with the multiple storage devices (fig. 2 and furthermore, para. 0052 discloses storage controller 205 may be part of a server or computing device, and storage controller 205 may include hardware (e.g., circuitry, dedicated logic, programmable logic, microcode), software (e.g., executable program instructions), for example) the operations including: generating independent keys (para. 0010 discloses the encrypted key may then be stored on its corresponding storage device, for example) corresponding to multiple portions of segmented data; utilizing the independent keys to encrypt the multiple portions of segmented data (para. 0010 discloses the data on each storage device may be encrypted with a key, and each storage device may use a separate, unique key to encrypt data on the storage device. Any of a variety of encryption methods may be utilized to encrypt the data on the storage device using the key, for example); generating a master key (para. 0009 discloses an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, for example); encrypting the independent keys with the master key (para. 0010 discloses any of a variety of encryption methods may be utilized to encrypt the data on the storage device using the key, for example); storing each portion of the (para.0010, for example); segmenting the master key, thereby creating multiple master key segments (para. 0009 discloses an initial master secret may be generated and then split into a collection of shares, for example); and storing the multiple master key segments in disparate locations separate from the data (para. 0009 discloses the initial master secret may be combined with one or more external secrets to generate a final master secret. The external secret(s) may be a password, USB key, key stored on an external server, and/or another type of externally stored secret, for example).  

Miller fails to explicitly disclose the multiple portions of segmented data.

However, DeKeyser discloses the multiple portions of segmented data (para. 0009, 0014 and 0026 discloses methods and systems of storing discrete segments of imaged data in a camera by using a sensor in the camera to capture image data; using multiple portions of a memory as a loop in which to record the segments in approximately real time; and protecting the multiple portions from being overwritten by subsequent recording the loop, for example).

Miller and DeKeyser are analogous art because they both are directed to systems and methods in digital recording and one of ordinary skill in the art 

Therefore, it would have been obvious to one ordinary skilled in the art before the effective filing date of applicant’s claimed invention to combine the teachings of DeKeyser with the teachings of Miller in order to a system for securing data from unauthorized access [Abstract: Miller]. 

As per claim 2 as applied above, Miller as modified by DeKeyser discloses receiving the data over a network from participant systems (para. 0012 of Miller discloses a remote network server, for example) and segmenting the received data into the multiple portions of segmented data (para. 0010 of Miller).  

As per claim 3 as applied above, Miller as modified by DeKeyser discloses wherein segmenting the master key comprises segmenting the master key into "n" shares, wherein a quantity of at least "t" of the "n" shares is required to recover the master key (para. 0010 of Miller discloses for each storage device, the final master secret and a device-specific value may be used to encrypt the per-drive encryption key, for example).  

As per claim 4 as applied above, Miller as modified by DeKeyser discloses wherein any subset of fewer than "t" shares reveals no information (para. 0057 of Miller discloses storage controller 205 may gather sufficient shares to recover the master secret, for example). 

As per claim 5 as applied above, Miller as modified by DeKeyser discloses choosing the disparate locations to reduce chances of compromising security (para. 0009 of Miller discloses an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, but possession of an insufficient number of shares provides little or no information about the initial master secret, for example).

As per claim 6 as applied above, Miller as modified by DeKeyser discloses wherein the multiple storage devices are spread across multiple logical locations, or multiple physical locations, or a combination of at least one logical and at least one physical location (para. 0048 of Miller discloses variations in the locations and methods of encrypting the keys are possible and are contemplated, for example).  

As per claim 7 as applied above, Miller as modified by DeKeyser discloses storing the segmented data across multiple logical locations, or (para. 0009 of Miller discloses an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, but possession of an insufficient number of shares provides little or no information about the initial master secret. One or more shares may be generated for each storage device of the system, and then the share(s) may be stored on their corresponding storage device, for example).  

As per claim 8 as applied above, Miller as modified by DeKeyser discloses storing the master key segments across multiple logical locations, or multiple physical locations, or a combination of at least one logical and at least one physical location (para. 0004, 0031, 0047, 0055 and 0056 of Miller).  

As per claim 9, Miller discloses a system for protecting and storing data (Abstract: storage medium for protecting a set of storage devices using a secret sharing scheme in combination with an external secret, for example), the system comprising: multiple storage devices in disparate locations (para.0007 discloses systems and methods for preventing unauthorized access to data stored in a storage array, for example and para. 0056 discloses locations for storing the decrypted keys are possible and are contemplated, for example); and a data protection server (fig. 2 and furthermore, para. 0052 discloses storage controller 205 may be part of a server or computing device, and storage controller 205 may include hardware (e.g., circuitry, dedicated logic, programmable logic, microcode), software (e.g., executable program instructions), for example), the data protection server having at least one processor configured for: generating independent keys (para. 0010 discloses the encrypted key may then be stored on its corresponding storage device, for example) to operate on corresponding portions of segmented data (para. 0010 discloses the data on each storage device may be encrypted with a key, and each storage device may use a separate, unique key to encrypt data on the storage device. Any of a variety of encryption methods may be utilized to encrypt the data on the storage device using the key, for example); utilizing the independent keys to encrypt each portion of the segmented data; encrypting the independent keys using a master key (para. 0009 discloses an initial master secret may be generated and then split into a collection of shares, for example); storing each portion of the segmented data adjacent to the corresponding encrypted independent key in a data and key storage area; segmenting the master key creating multiple master key segments (para. 0009 discloses an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, for example); and storing the multiple master key segments in disparate locations separate from (para. 0009 discloses the initial master secret may be combined with one or more external secrets to generate a final master secret. The external secret(s) may be a password, USB key, key stored on an external server, and/or another type of externally stored secret, for example).   


Miller fails to explicitly disclose the multiple portions of segmented data.

However, DeKeyser discloses the multiple portions of segmented data (para. 0009, 0014 and 0026 discloses methods and systems of storing discrete segments of imaged data in a camera by using a sensor in the camera to capture image data; using multiple portions of a memory as a loop in which to record the segments in approximately real time; and protecting the multiple portions from being overwritten by subsequent recording the loop, for example).

Miller and DeKeyser are analogous art because they both are directed to systems and methods in digital recording and one of ordinary skill in the art would have had a reasonable expectation of success to modify DeKeyser with the specified features of Miller because they are from the same field of endeavor.

Abstract: Miller]. 

As per claim 10 as applied above, Miller as modified by DeKeyser discloses wherein the processor receives the data over a network from participant systems and segments the received data into the multiple portions of segmented data (para. 0010 discloses the data on each storage device may be encrypted with a key, and each storage device may use a separate, unique key to encrypt data on the storage device. Any of a variety of encryption methods may be utilized to encrypt the data on the storage device using the key, for example).

As per claim 11 as applied above, Miller as modified by DeKeyser discloses wherein segmenting the master key comprises segmenting the master key into "n" shares, wherein a quantity of at least "t" of the "n" shares is required to recover the master key (para. 0010 of Miller discloses for each storage device, the final master secret and a device-specific value may be used to encrypt the per-drive encryption key, for example).  

As per claim 12 as applied above, Miller as modified by DeKeyser discloses wherein any subset of fewer than "t" shares reveals no information (para. 0057 of Miller discloses storage controller 205 may gather sufficient shares to recover the master secret, for example). 
  
As per claim 13 as applied above, Miller as modified by DeKeyser discloses choosing the disparate locations to reduce chances of compromising security (para. 0009 of Miller discloses an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, but possession of an insufficient number of shares provides little or no information about the initial master secret, for example).

As per claim 14 as applied above, Miller as modified by DeKeyser discloses wherein the multiple storage devices are spread across multiple logical locations, or multiple physical locations, or a combination of at least one logical and at least one physical location (para. 0048 of Miller discloses variations in the locations and methods of encrypting the keys are possible and are contemplated, for example).   

As per claim 15 as applied above, Miller as modified by DeKeyser discloses storing the segmented data across multiple logical locations, or multiple physical locations, or a combination of at least one logical and at least one physical location (para. 0009 of Miller discloses an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, but possession of an insufficient number of shares provides little or no information about the initial master secret. One or more shares may be generated for each storage device of the system, and then the share(s) may be stored on their corresponding storage device, for example).  

As per claim 16 as applied above, Miller as modified by DeKeyser discloses storing the master key segments across multiple logical locations, or multiple physical locations, or a combination of at least one logical and at least one physical location (para. 0004, 0031, 0047, 0055 and 0056 of Miller).  

As per claim 17, Miller discloses a  non-transitory computer readable medium storing instructions executable by at least one processor for securing (para. 0024 discloses circuits, memory storing program instructions executable to implement the operation, etc., for example) and managing data by executing instructions to perform steps including (para. 0078 discloses the program instructions that implement the methods and/or mechanisms may be conveyed or stored on a non-transitory computer readable medium, for example): generating independent keys (para. 0010), corresponding to multiple portions of segmented data (para. 0010 discloses for each storage device, the final master secret and a device-specific value may be used to encrypt the per-drive encryption key. The encrypted key may then be stored on its corresponding storage device, for example); utilizing the independent keys to encrypt the multiple portions of segmented data (para. 0010); generating a master key (para. 0009 discloses an initial master secret may be generated and then split into a collection of shares, such that possession of a sufficient number of shares enables recovery of the initial master secret, for example); encrypting the independent keys with the master key (para. 0010 discloses any of a variety of encryption methods may be utilized to encrypt the data on the storage device using the key, for example); storing each portion of the segmented data adjacent to the corresponding encrypted independent key in a data and key storage device (para.0010, for example); segmenting the master key (para. 0010), thereby creating multiple master key segments; and storing the multiple master key segments in disparate locations separate from the data (para. 0009 discloses the initial master secret may be combined with one or more external secrets to generate a final master secret. The external secret(s) may be a password, USB key, key stored on an external server, and/or another type of externally stored secret, for example).  

Miller fails to explicitly disclose the multiple portions of segmented data.

However, DeKeyser discloses the multiple portions of segmented data (para. 0009, 0014 and 0026 discloses methods and systems of storing discrete segments of imaged data in a camera by using a sensor in the camera to capture image data; using multiple portions of a memory as a loop in which to record the segments in approximately real time; and protecting the multiple portions from being overwritten by subsequent recording the loop, for example).

Miller and DeKeyser are analogous art because they both are directed to systems and methods in digital recording and one of ordinary skill in the art would have had a reasonable expectation of success to modify DeKeyser with the specified features of Miller because they are from the same field of endeavor.

Therefore, it would have been obvious to one ordinary skilled in the art before the effective filing date of applicant’s claimed invention to combine the teachings of DeKeyser with the teachings of Miller in order to a system for securing data from unauthorized access [Abstract: Miller]. 

Pertinent Art
4.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure Androulaki et al. (US 2016/0267291 A1) provide deduplication and compression on data performed downstream from where the data is encrypted. Confidentiality of data is maintained, and the ability of storage systems to perform data reduction functions is supported. Encrypted  Bishop et al. (US 2020/0184086 A1) provides redundancy of the encrypted data storage and implicit redundancy of the master key storage through the many shards protects against data loss without compromising security. The encrypted data storage is fully compromised without revealing anything about the underlying data other than the size, since the master key is never stored with the data. The method increases the robustness of the storage system against unauthorized access.
Conclusion
5.	THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH 

6.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABIY GETACHEW whose telephone number is (571)272-6932. The examiner can normally be reached Mon.-Fri. 9:00 AM - 5:30 PM.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application 





A.G.
March 9, 2022
/ABIY GETACHEW/Primary Examiner, Art Unit 2434