Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


	Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 7, and 8 are rejected under 35 U.S.C. 103 as being unpatentable over US 20160171241 A1; YUN; Geun Yong (hereinafter Yun) in view of US 20210141763 A1; Yeager; Donnevan Scott et al (hereinafter Yeager)
Regarding claim 1, Yun teaches A secure data deletion device, comprising: an enclosure; a connector for communicatively coupling to a computing device; a storage medium disposed within the enclosure and communicatively coupled to the connector; ( Yun [FIG. 1 & 2] show the system with a enclosure, connection for communication between a computing device and corresponding storage and the corresponding deletion unit  [0061] If the file system deletes a file stored on a storage device of the terminal (e.g., a hard disk, RAM, ROM, etc.), a mobile storage apparatus (e.g., a universal serial bus ( USB) memory thumb drive, an externally connected storage drive, etc.), and/or a networked storage apparatus (e.g., a cloud storage drive, a networked drive, a distributed file system, etc.), the file system may self-contained software disposed on the storage medium and comprising instructions configured to execute, by a processor, the steps of selecting for deletion files disposed on storage media accessible on the computing device, and performing a secure deletion action on the files. (Yun [0003] One or more example embodiments relate to apparatuses, methods, systems, and/or computer programs stored on non-transitory computer readable media for providing a secure file -deletion function. More particularly to, apparatuses, methods, systems, and/or computer programs stored on non-transitory for providing a secure file -deletion function that makes file recovery more difficult and/or impossible. [0012] According to one or more example embodiments, a method of securely deleting a file may include receiving, using at least one processor, a file deletion request, the file deletion request including file information for a file to be deleted that is stored on a storage device of an apparatus, deleting, using the at least one processor, the file associated with the file information, and overwriting, using the at least one processor, a storage region of the storage device, the storage region including a location that stores the file with a desired value [56 and 69-73] further elaborate on the selection and deletion process [FIG. 1 & 2] show the system with a enclosure, connection for communication between a computing device and corresponding storage and the corresponding deletion unit(s) [45-47] detail in on the computer readable and software of the system)								performing a deep scan for each file of the files selected for deletion, the deep scan comprising scanning the storage media accessible on the computing device for files similar to the files selected for deletion, wherein files similar to the files selected for deletion comprise reformatted, duplicate, edited, changed, or modified versions of the files selected for deletion (Yeager [0023] During each execution interval, the first indexing thread may scan attributes of newly stored files or files that have been changed since a last execution interval. In some embodiments, the first indexing thread may query a write queue of MTI file system 100 to identify the new or changed files and to scan a desired subset of attributes of those files. In some embodiments, MTI file system 100 may tag or otherwise flag new or changed files to assist the first indexing thread in differentiating the new or changed files from unchanged files, and thereby reduce the number of files that are analyzed by each of the first set of executable instances 110.  [0033] In this manner, MTI file system 100 may efficiently perform complex file operations that are specified using wildcards, regular expressions, and/or other parameters that do not directly target specific files. Specifically, MTI file system 100 may identify files targeted by a complex file operation from billions of stored files without having to scan the 
Regarding claim 7, Yun and Yeager teach The device of claim 1, wherein the storage media accessible on the computing device comprise local storage media. (Yun [0069] Primary storage device 104 may be dedicated or shared. In some cases, each primary storage device 104 is dedicated to an associated client computing device 102, e.g., a local disk drive. In other cases, one or more primary storage devices 104 can be shared by multiple client computing devices 102, e.g., via a local network, in a cloud storage implementation, etc. As one example, primary storage device 104 can be a storage array shared by a group of client computing devices 102, such as EMC Clariion, EMC Symmetrix, EMC Celerra, Dell EqualLogic, 
Regarding claim 8, Yun and Yeager teach The device of claim 1, wherein the storage media accessible on the computing device comprise cloud storage media. (Yun [0053] In the present specification, a physical storage region is a part of a memory apparatus and/or storage device, such as a hard disk drive, a solid state drive, a rewriteable optical disk, a tape storage device, a floppy disk, a read-only memory (ROM), a random access memory (RAM), a flash memory, a networked drive and/or networked storage device (e.g., a cloud computing drive, a distributed 

Claim 2 is rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Yeager and  US 20180124174 A; SWALLOW; Douglas Cary et al. (hereinafter Swallow). 
Regarding claim 2, Yun and Yeager teach The device of claim 1, wherein the instructions are further configured to execute the steps of:				but lacks explicitly and orderly teaching scanning all files disposed on storage media accessible on the computing device;	generating a scan result list of files; and scanning all files disposed on storage media accessible on the computing device; generating a scan result list of files; and selecting desired files from the result list of files (Swallow [0021] FIG. 4 is a block diagram illustrating some salient portions of a system 400 for scanning a network storage system to identify files [274]a storage system may be scanned or analyzed to identify files  [0303] At block 514, the data agent 142 receives scan result from the network storage system 302. The scan result may include a list of files to be backed up, the location of the files to be backed up, and any other metadata associated with the files that may be used to facilitate the backup of the files. For instance, in some embodiments, different types of files may be backed up two different locations or systems within the secondary storage subsystem 118. In such embodiments, the scan result may include a type of each of the files. In some embodiments, the scan results may be received in a distributed manner from a plurality of scanning threads 406. For example, each of the scanning threads 406 may separately provide, or cause to be provided, the scan result or portion of the scan result to the scanning agent 402 or the data agent 142. In some cases, each of the scanning threads 406 may establish a separate communication channel with the data agent 142. Alternatively, the network storage manager 404 may aggregate the results from each of the scanning threads 406 the scan the network storage repository 304. In some such embodiments, the network storage manager 404 may provide the aggregated scan result to the data agent 142. In some embodiments, the scan results may be provided via plurality of packets to the data agent 142, which 						
Claim 4 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over Yun, Yeager in view of US 20060143476 A1; McGovern; William P. (hereinafter McGovern).
Regarding claim 4, Yun and Yeager teach The device of claim 1, wherein the secure deletion action 										but lacks explicitly teaching wherein the secure deletion action is a multi-pass random overwrite process										McGovern however helps teach wherein the secure deletion action is a multi-pass random overwrite process (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the 
Regarding claim 6, Yun and Yeager teach The device of claim 1, wherein the secure deletion action										but lacks explicitly teaching wherein the secure deletion action is a Guttman algorithm.													However McGovern teaches wherein the secure deletion action is a Guttman algorithm (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The " Guttman" pattern is an example of a pattern used by many hard drive sanitization 
Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Yun and Yeager in view of “Everything You Need to Know About the DoD 5220.22-M Wiping Standard & Its Applications Today”, Richard Stiennon, March 28, 2019 (hereinafter Richard)
Regarding claim 5, Yun and Yeager teach The device of claim 1, wherein the secure deletion action										but lacks explicitly teaching wherein the secure deletion action is a DOD Standard 5250.22M algorithm										However Richard helps teach wherein the secure deletion action is a DOD Standard 5250.22M algorithm (Richard [page 1]The DoD 5220.22-M method for data erasure first appeared in the early days of the data sanitization industry. When .			
Claims 9,15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Yeager and US 20210034244 A1; AUSARKAR; Amit Bhaskar et al. (hereinafter Amit)
Regarding claim 9, Yun and Yeager teach A method for secure data deletion, comprising: … a data deletion device to a computing device, the data deletion device comprising an enclosure, a connector for communicatively coupling the data deletion device to the computing device, ( Yun [FIG. 1 & 2] show the system with a enclosure, connection for communication between a computing device and corresponding storage and the corresponding deletion unit  [0061] If the file and a storage medium on which a self- contained secure data deletion software is stored; selecting for deletion files disposed on storage media accessible on the computing device; performing a secure deletion action on the selected files; (Yun [0003] One or more example embodiments relate to apparatuses, methods, systems, and/or computer programs stored on non-transitory computer readable media for providing a secure file -deletion function. More particularly to, apparatuses, methods, systems, and/or computer programs stored on non-transitory for providing a secure file -deletion function that makes file recovery more difficult and/or impossible. [0012] According to one or more example embodiments, a method of securely deleting a file may include receiving, using at least one processor, a file deletion request, the file deletion request including file information for a file to be deleted that is stored on a storage device of an apparatus, deleting, using the at least one processor, the file associated with the file information, and overwriting, using the at least one processor, a storage region of the storage device, the storage region including a location that stores the file with a desired value [56 and 69-73] further elaborate on the selection and deletion process coupling and decoupling the secure data deletion device from the computing device ( Amit [0056] System 100 includes computing devices and computing technologies. For instance, system 100 can include one or more client computing devices 102 and secondary storage computing devices 106, as well as storage manager 140 or a host computing device for it. Computing devices can include, without limitation, one or more: workstations, personal computers, desktop computers, or other types of generally fixed computing systems such as mainframe computers, servers, and minicomputers. Other computing devices can include mobile or portable computing devices, such as one or more laptops, tablet computers, personal data assistants, mobile phones (such as smartphones), and other mobile or portable computing devices such as embedded computers, set top boxes, vehicle-mounted devices, wearable computers, etc. Servers can include mail servers, file servers, database servers, virtual machine servers, and web servers. Any given computing device comprises one or more processors  [0064] Client computing devices 102 and other components in system 100 can be connected to one another via one or more electronic communication pathways 114. For example, a first communication pathway 114 may performing a deep scan for each file of the files selected for deletion, the deep scan comprising scanning the storage media accessible on the computing device for files similar to the files selected for deletion, wherein files similar to the files selected for deletion comprise reformatted, duplicate, edited, changed, or modified versions of the files selected for deletion; (Yeager [0023] During each execution interval, the first indexing thread may scan attributes of newly stored files or files that have been changed since a last execution interval. In some embodiments, the first indexing thread may query a write queue of MTI file system 100 to identify the new or changed files and to scan a 
Regarding claim 15, the combination of Yun, Yeager and Amit teach The method of claim 9, wherein the storage media accessible on the computing device comprise local storage media (Yun [0069] Primary storage device 104 may be dedicated or shared. In some cases, each primary storage device 104 is dedicated to an associated client computing device 102, e.g., a local disk drive. In other cases, one or more primary storage devices 104 can be shared by multiple client computing devices 102, e.g., via a local network, in a cloud storage implementation, etc. As one example, primary storage device 104 can be a storage array shared by a group of client computing devices 102, such as EMC Clariion, EMC Symmetrix, EMC Celerra, Dell EqualLogic, IBM XIV, NetApp FAS, HP EVA, and HP 3PAR. [0123] As noted, off-loading certain responsibilities from client computing devices 102 to intermediate components such as secondary storage computing device(s) 106 and corresponding media agent(s) 144 can provide a number of benefits including improved performance of client computing device 102, faster and more reliable information management operations, and enhanced scalability. In one example which will be discussed further below, media agent 144 can act as a local cache of recently-copied data and/or metadata stored to secondary storage device(s) 108, thus improving restore capabilities and performance for the cached data.  [0127] Each media agent 144 may maintain an associated media agent database 152. Media agent database 152 may be stored to a disk or other storage device (not shown) that is local to the secondary storage computing device 106 on which media agent 144 executes.[0294] In some embodiments, the media agent 332 may maintain an associated media agent database, which may be stored to a disk or other storage 
Regarding claim 16, the combination of Yun, Yeager and Amit teach the method of claim 9, wherein the storage media accessible on the computing device comprise cloud storage media. (Yun [0053] In the present specification, a physical storage region is a part of a memory apparatus and/or storage device, such as a hard disk drive, a solid state drive, a rewriteable optical disk, a tape storage device, a floppy disk, a read-only memory (ROM), a random access memory (RAM), a flash memory, a networked drive and/or networked storage device (e.g., a cloud computing drive, a distributed file system, etc.), etc., in which data is actually stored. The physical storage region may be usually accessed via an address allocated to the region. [0059] The file system is configured to control how data (e.g., files, information, materials, etc.) is stored, organized, and/or retrieved from the terminal via the OS. The file system may manage physical locations (and/or logical locations) of files and/or data stored on a physical storage apparatus, such as a hard disk, a solid state drive, a rewriteable optical disk, a tape storage device, a floppy disk, a read-only memory (ROM), a random access memory (RAM), a flash memory, etc., and may include providing access to materials on a file server, cloud computing system[0061]If the file system deletes a file stored on a storage device of the terminal (e.g., a hard disk, RAM, ROM, etc.), a mobile storage apparatus (e.g., a universal serial bus (USB) memory thumb drive, an externally connected storage drive, etc.), and/or a networked storage apparatus (e.g., a cloud storage drive, a networked drive, a distributed file system, etc.[0066] implemented as one or more 
Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Yeager, Amit and Swallow.
Regarding claim 10, the combination of Yun, Yeager and Amit teach The method of claim 9, wherein selecting files further comprises						but lack scanning all files disposed on storage media accessible on the computing device; generating a scan result list of file and selecting desired files from the result list of files.											However Swallow helps teach scanning all files disposed on storage media accessible on the computing device; generating a scan result list of file and selecting desired files from the result list of files. (Swallow  [0021] FIG. 4 is a block diagram illustrating some salient portions of a system 400 for scanning a network storage system to identify files [274]a storage system may be scanned or analyzed to identify files  [0303] At block 514, the data agent 142 receives scan result from the network storage system 302. The scan result may include a list of files to be backed up, the location of the files to be backed up, and any other metadata associated with the files that may be used to facilitate the backup of the files. For instance, in some embodiments, different types of files may be backed up two different locations or systems within the secondary storage subsystem 118. In such embodiments, the scan result may include a type of each of the files. In some embodiments, the scan results may be received in a distributed manner from a plurality of scanning threads 406. For example, each of the scanning threads 406 
Claim 12 and 14 areYun in view of Amit and Yeager.
 Regarding claim 12, the combination of Yun and Amit teach the method of claim 9, wherein the secure deletion action								But lack explicitly teaching the secure deletion action is a multi-pass random overwrite process.											McGovern helps teach wherein the secure deletion action is a multi-pass random overwrite process. (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The " Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data. [0039] In operation 608, the first encryption key is deleted, and the blocks 504c-504e representing the file are marked as available, so that they may be overwritten. The first encryption key is deleted by overwriting the key in the cryptographic key database. The first encryption key may be overwritten using any one of several known techniques, including using any one of the well-known patterns (such as a " Guttman" pattern), writing zeroes over the key ("zeroing" the key), etc. According to one embodiment, the first encryption key may be overwritten only once, since the data that comprises an encryption key must be completely intact to be useful. Therefore, more robust sanitization techniques may not be necessary. Further, the cryptographic key database is encrypted using the master key 316 (see FIG. 3). The master key 316 is physically located within the system 300 of FIG. 3, 
Regarding claim 14, the combination of Yun, Yeager and Amit teach The method of claim 9, wherein the secure deletion action						teach wherein the secure deletion action is a Guttman algorithm (McGovern [0006] Several different "patterns" have been developed to perform media overwrite sanitization. A pattern is the sequence of bits (ones and zeros) that is written to the drive in order to prevent recovery of deleted data. The " Guttman" pattern is an example of a pattern used by many hard drive sanitization applications. Using a multiple pass overwrite, different patterns may be used for each pass. For example, the first pass may use a particular pattern, where the second pass may use the pattern's complement, and the third pass may use random data. [0039] In operation 608, the first encryption key is deleted, and the blocks 504c-504e representing the file are marked as available, so that they may be overwritten. The first encryption key is deleted by overwriting the key in the cryptographic key database. The first encryption key may be overwritten using any one of several known techniques, including using any one of the well-known patterns (such as a " Guttman" pattern), writing zeroes over the key ("zeroing" the key), etc. According to one embodiment, the first encryption key may be overwritten only once, since the data that comprises an encryption key must be completely intact to be useful. Therefore, more robust sanitization techniques may not be necessary. Further, the cryptographic key database is encrypted using the master key 316 (see FIG. 3). The master key 316 is physically located within the system 300 of FIG. 3, and therefore a user or client must have access to the system 300 to gain access to the first encryption key. If a malicious user only has access to the disk 500 (see FIG. 
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Yun in view of Amit, Yeager and Richard.
Regarding claim 13, the combination of Yun, Amit, Yeager teaches The method of claim 9, wherein the secure deletion action							but lacks explicitly teaching wherein the secure deletion action is a DOD Standard 5250.22M algorithm										However Richard helps teach wherein the secure deletion action is a DOD Standard 5250.22M algorithm (Richard [page 1]The DoD 5220.22-M method for data erasure first appeared in the early days of the data sanitization industry. When it was published by the U.S. Department of Defense (DoD) in the National Industrial Security Program Operating Manual (also known as“NISPOM,” or Department of Defense document #5220.22-M), it specified a process of overwriting hard disk drives (HDDs) with patterns of ones and zeros. The process required three secure overwriting passes and verification at the end of the final pass.This was in 1995, before the debut of smartphones and the widespread use of flash-based storage technologies.[page 2] Erasing an HDD using the DoD 5220.22-M (https://www.dss.mil/ma/ctp/io/fcb/nisp/) data sanitization method will prevent all software-based file recovery methods, as well as hardware-based recovery 
Response to Arguments
Applicant's arguments filed 1/11/2022 have been fully considered
35 USC § 102 & 35 USC § 103: 
Regarding Applicant’s Argument (page(s): 6-8): “Claim 1, as amended, recites: "performing a deep scan for each file of the files selected for deletion, the deep scan comprising scanning the storage media accessible on the computing device for files similar to the files selected for deletion, wherein files similar to the files selected for deletion comprise reformatted, duplicate, edited, changed, or modified versions of the files selected for deletion" (emphasis added). In the Specification, paragraph [0017] supports this subject matter. A version of this subject matter formerly appeared in claims 3 and 11. On page 9, the Office Action conceded that Yun did not teach this subject matter. To remedy this deficiency, the Examiner cited paragraphs [0023], [0033], and [0061] of Yeager. The Examiner then alleged that Yeager's teachings could be applied to Yun. Yeager loads and scans metadata of files in directories targeted by the file Examiner’s response:- The Examiner respectfully disagrees with the applicant. It is important to note that due to the amendments claim 1 has now become a 103 obviousness rejection and is no longer a 102 anticipation rejection, henceforth there can be obviousness conclusions reached in the mapping and teaching of the prior arts inventions into the instant applications claim limitations. Method claim 9 is also a 103 obviousness rejection, hence the same obviousness nature of the rejection applies. Yun already establishes teaching selecting data for deletion and Yeager is brought in to help teach the idea behind scanning for changed files and using said files in a proceeding operation (para. 23,33 and 61). Yeagers scanning files/similar files is being applied to Yun's deleted files to help have an efficient and fast manner to search for 
Conclusion
Applicant’s amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ARYAN D TOUGHIRY whose telephone number is (571)272-5212. The examiner can normally be reached Monday - Friday, 9 am - 5 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Aleksandr Kerzhner can be reached on (571) 270-1760. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 





/ARYAN D TOUGHIRY/Examiner, Art Unit 2165                                                                                                                                                                                                        
/William B Partridge/Primary Examiner, Art Unit 2183