DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is Non-Final Office Action in response to application filed on August 12, 2020 in which claims 1-20 are presented for examination.
Information Disclosure Statement
The references listed in the IDSs filed on January 12, 2021 has been considered and entered into record. A copy of the signed or initialed IDS is hereby attached.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Independent claim 1 recites a method, independent claim 12 recites a system, and independent claim 17 recites a non-transitory machine-readable storage medium. Therefore, Step 1 is satisfied for claims 1-20. Step 2A Prong One: The independent claims 1 and 12 recite scanning a data storage node; iterating through the multiple certificates to determine a set of certificates, wherein the set of certificates comprises certificates that are invalid; and initiating a deletion of the file system objects in the plurality of different storage nodes; and assigning at least part of the first table to at least one node of the set of nodes of the cluster. The independent claim 17 recites receive a request to access a file system object of a first data storage node; identify a certificate associated with the file system object; determine that multiple certificates in the second data storage node are invalid; and initiating a deletion of the file system objects in the plurality of different storage nodes in response to the determining the multiple certificates are invalid.
These scanning, iterating, initiating, receiving, identifying and determining data are acts that can be practically performed in the human mind. Such mental scanning, iterating, initiating, receiving, identifying and determining fall within the “mental processes” grouping of abstract idea set forth in the 2019 PEG. 2019 PEG Section I, 84 Fed. Reg. at 52. The recitation of a processor in this claim does not negate the mental nature of these limitations because the claim here merely uses the processor as a tool to perform the otherwise mental processes. See October Update at Section I(C)(ii). Thus, the limitations recite concepts that fall into the “mental process” grouping of abstract ideas.
Step 2A Prong Two: This judicial exception is not integrated into a practical application because there are not any additional elements recited in the claim beyond the judicial exception when the additional elements individually and in combination that integrate the exception into a practical application. The claim(s) does/do not include additional elements that are sufficient to amount to significantly more than the judicial exception because besides the abstract idea, the claim recites the additional elements of a computer implemented method, a system, a computer program product, a computer readable medium, processing device and memory. a computer implemented method, a system, a computer program product, a computer readable medium, processing device and memory are so generic that they represent no more than mere instructions to apply the judicial exception on a computer. These limitations can also be viewed as nothing more than an attempt to generally link the use of the judicial exception to the technological environment of a computer. It should be noted that because the courts have made it clear that mere physicality or tangibility of an additional element or elements is not a relevant consideration in the eligibility analysis, the physical nature of these computer components does not affect this analysis. See MPEP 2106.05(1) for more information on this point, including explanations from judicial decisions including Alice Corp. Pty. Ltd. v. CLS Bank Int'l, 573 U.S. 208, 224-26 (2014).
Even when viewed in combination, the additional elements in this claim do no more than automate the mental processes of scanning, iterating, initiating, receiving, identifying and determining data certificates using the computer components as a tool. While this type of 
Step 2B: This part of the eligibility analysis evaluates whether the claim as a whole amounts to significantly more than the recited exception, i.e., whether any additional element, or combination of additional elements, adds an inventive concept to the claim. MPEP 2106.05. As explained with respect to Step 2A Prong Two, the memory, and processing device are at best the equivalent of merely adding the words “apply it” to the judicial exception. Mere instructions to apply an exception cannot provide an inventive concept. Under the 2019 PEG, however, a conclusion that an additional element is insignificant extra-solution activity in Step 2A should be re-evaluated in Step 2B. 2019 PEG Section III(B), 84 Fed. Reg. at 56. At Step 2B, the evaluation of the insignificant extra-solution activity consideration takes into account whether or not the extra-solution activity is well-known. See MPEP 2106.05(g). Here, the recitation of the processing device and memory is recited at a high level of generality, and, as disclosed in the specification, is also well-known. Similarly, limitations found in the dependent claims are just a nominal or tangential addition to the claim are also well-known. These limitations therefore remain insignificant extra-solution activity even upon reconsideration, and do not amount to significantly more. Even when considered in combination, these additional elements represent mere instructions to apply an exception and insignificant extra-solution activity, which cannot provide an inventive concept (Step 2B: NO). The claim are not eligible.


Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the 
Claims 1-20 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-24 of U.S. Patent No. 10,791,109. Although the claims at issue are not identical, they are not patentably distinct from each other because they are directed toward the same subject matter.
All limitations and elements in claim 1 of the instant application are found in claim 1 of Agarwal except “initiating a creation of a file system object in a first data storage node; determining an expiration time for the file system object in view of an expiration policy; transmitting a request to create a certificate” have been omitted. Given the fact that the ‘526 invention has broader applications. However, claim 2 of ‘526 recites “initiating a creation of a file system object in a first data storage node; determining an expiration time for the file system object in view of an expiration policy; transmitting a request to create a certificate.” Although the claims at issue are not identical, they are not patentably distinct from each other because they are substantially similar in scope and they use the similar limitations as showed in the Claims Comparison Table below.  It would have been obvious to a person of ordinary skill in the art at the time the invention was made to modify, add or omit the additional elements of claims 1, 11 and 16 to arrive at the claims 1, 2 and 17 of the instant application because the person would have realized that the remaining element would perform the same functions as before. "Omission of element and its   function in combination is obvious expedient if the remaining elements perform same functions 
Claims Comparison Table:
                                                     ‘526                ‘109
Claims       1-2	   1          
                   3	2              
                   4                   3
                  5                    4
                  6                    5
                  7	6
                   8	7
                   9	8
                    10	9
                     11	10
                     12-13	11
                     14	12
                     15	13
                     16	14
                      17-18	16
                      19	17
                      20	18                  
Instant application #16991526
US Patent # 10791109
Claim 1. A method comprising: 











scanning, by a processing device, a data storage node, wherein the data storage node comprises multiple certificates associated with file system objects in a plurality of different data storage nodes; 


iterating through the multiple certificates to determine a set of certificates, wherein the set of certificates comprises certificates that are invalid; and 


initiating a deletion of the file system objects in the plurality of different storage nodes. 

2. The method of claim 1, further comprising: initiating, by the processing device, a creation of a file system object of the file system objects in a first data storage node of the plurality of different data storage nodes; determining, by the processing device, an expiration time for the file system object in view of an expiration policy; transmitting, by the processing device, a request to create a certificate, the certificate being associated with the file system object and indicating the expiration time; and upon receiving the certificate associated with the file system object, causing the certificate to be stored with the multiple certificates in a data 

3. The method of claim 2, further comprising: receiving a request to access the file system object; determining the certificate associated with the file system object is valid in response to a current time preceding the expiration time of the certificate; and providing access to the file system object in response to determining the certificate is valid. 

4. The method of claim 2, wherein the certificate associated with the file system object further comprises at least one of an identifier of the file system object, a path of the file system object, or a hash of the file system object. 

5. The method of claim 2, further comprising scanning a plurality of file system objects, and deleting a subset of the plurality of file system objects in response to determining that certificates corresponding to the subset of the plurality of file system objects are invalid. 

6. The method of claim 1, further comprising determining additional certificates are invalid in response to receiving a message identifying the additional certificates as invalid certificates, and wherein initiating the deletion further comprises running an operation to delete each file system object associated with the additional certificates from the plurality of different data storage nodes. 



8. The method of claim 2, further comprising: identifying an access rate for the file system object, the access rate indicating the number of times the files system object was accessed during a period of time; and determining in view of the access rate how often to inspect a validity of the certificate associated with the file system object, wherein in response to the access rate exceeding a threshold rate the file system object may be accessed without inspecting the validity of the certificate. 

9. The method of claim 2, wherein transmitting the request to create a certificate associated with the file system object comprises transmitting a certificate signing request over a network to at least one of a public certificate authority or a private certificate authority. 

10. The method of claim 2, wherein the certificate is stored with the plurality of certificates on a device separate from a storage device storing the file system object. 

11. The method of claim 2, wherein initiating the creation of the file system object comprises: selecting the first storage node from a plurality of storage nodes associated with a distributed file system; and sending a request over a network to an intermediate storage node that creates the file system object on the first storage node. 

12. A system comprising: a memory; and a processing device operatively coupled to 

13. The system of claim 12, wherein the processing device is further to: initiate a creation of a file system object of the file system objects in a first data storage node of the plurality of different data storage nodes; determine an expiration time for the file system object in view of an expiration policy; transmit a request to create a certificate, the certificate being associated with the file system object and indicating the expiration time; and upon receiving the certificate associated with the file system object, cause the certificate to be stored with the multiple certificates in a data storage node that is different from the first data storage node, wherein the certificate is to indicate whether the file system object is valid at a point in time. 

14. The system of claim 13, wherein the processing device further to: receive a request to access the file system object; determine the certificate associated with the file system object is valid in response to a current time preceding the expiration time of the certificate; and providing access to the file system object in response to determining the certificate is valid. 

15. The system of claim 13, wherein the certificate associated with the file system 

16. The system of claim 13, wherein the processing device is further to scan a plurality of file system objects and delete a subset of the plurality of file system objects in response to determining that certificates corresponding to the subset of the plurality of file system objects are invalid. 

17. A non-transitory machine-readable storage medium storing instructions that cause a processing device to: receive a request to access a file system object of a first data storage node; identify a certificate associated with the file system object, the certificate being stored in a second data storage node that is different from the first data storage node; determine that multiple certificates in the second data storage node are invalid, wherein the multiple certificates comprise the certificate and are associated with file system objects in a plurality of different data storage nodes; and initiating a deletion of the file system objects in the plurality of different storage nodes in response to the determining the multiple certificates are invalid. 

18. The non-transitory machine-readable storage medium of claim 17, wherein the instructions further cause the processing device to: initiate a creation of a file system object of the file system objects in a first data storage node of the plurality of different data storage nodes; determine an expiration time for the file system object in view of an expiration policy; transmit a 

19. The non-transitory machine-readable storage medium of claim 18, wherein the processing device is further to determine the certificate associated with the file system object is valid in response to a current time preceding an expiration time of the certificate. 

20. The non-transitory machine-readable storage medium of claim 18, wherein the certificate associated with the file system object further comprises at least one of an identifier of the file system object, a path of the file system object, or a hash of content of the file system object.


determining an expiration time for the file system object in view of an expiration policy; 
transmitting, by the processing device, a request to create a certificate, the certificate being associated with the file system object and indicating the expiration time; 
upon receiving the certificate associated with the file system object, causing the certificate to be stored with a plurality of certificates in a second data storage node that is different from the first data storage node, wherein the certificate is to indicate whether the file system object is valid at a point in time; 
determining that multiple certificates in the second data storage node are invalid, wherein the multiple certificates comprise the certificate and are associated with file system objects in a plurality of different data storage nodes; and 
initiating a deletion of the file system objects in the plurality of different storage nodes in response to the determining the multiple certificates are invalid. 

   


















 2. The method of claim 1, further comprising: receiving a request to access the file system object; determining the certificate associated with the file system object is valid in response to a current time preceding the expiration time of the certificate; and providing access to the file system object in response to determining the certificate is valid. 

    3. The method of claim 1, wherein the certificate associated with the file system object further comprises at least one of an identifier of the file system object, a path of the file system object, or a hash of the file system object. 

    4. The method of claim 1, further comprising scanning a plurality of file system objects, and deleting a subset of the plurality of file system objects in response to determining that certificates corresponding to the subset of the plurality of file system objects are invalid. 

 5. The method of claim 1, wherein the determining that multiple certificates are invalid comprises receiving a message identifying a plurality of invalid certificates, and wherein initiating the deletion comprises running an operation to delete each of the file system objects in the plurality of different storage nodes. 






7. The method of claim 1, further comprising: identifying an access rate for the file system object, the access rate indicating the number of times the files system object was accessed during a period of time; and determining in view of the access rate how often to inspect a validity of the certificate associated with the file system object, wherein in response to the access rate exceeding a threshold rate the file system object may be accessed without inspecting the validity of the certificate. 

    8. The method of claim 1, wherein transmitting the request to create a certificate associated with the file system object comprises transmitting a certificate signing request over a network to at least one of a public certificate authority or a private certificate authority. 

    9. The method of claim 1, wherein the certificate is stored with the plurality of certificates on a device separate from a storage device storing the file system object. 

    10. The method of claim 1, wherein initiating the creation of the file system object comprises: selecting the first storage node from a plurality of storage nodes associated with a distributed file system; and sending a request over a network to an intermediate storage node that creates the file system object on the first storage node. 

    11. A system comprising: a memory; and a processing device operatively 

   



12. The system of claim 11, wherein the processing device further to: receive a request to access the file system object; determine the certificate associated with the file system object is valid in response to a current time preceding the expiration time of the certificate; and providing access to the file system object in response to determining the certificate is valid. 

    13. The system of claim 11, wherein the certificate associated with the file system 

    14. The system of claim 11, wherein the processing device is further to scan a plurality of file system objects and delete a subset of the plurality of file system objects in response to determining that certificates corresponding to the subset of the plurality of file system objects are invalid. 


    16. A non-transitory machine-readable storage medium storing instructions that cause a processing device to: receive a request to access a file system object of a first data storage node; identify a certificate associated with the file system object, the certificate being stored in a second data storage node that is different from the first data storage node; determine that multiple certificates in the second data storage node are invalid, wherein the multiple certificates comprise the certificate and are associated with file system objects in a plurality of different data storage nodes; and initiating a deletion of the file system objects in the plurality of different storage nodes in response to the determining the multiple certificates are invalid. 

    




















17. The non-transitory machine of claim 16, wherein the processing device is further to determine the certificate associated with the file system object is valid in response to a current time preceding an expiration time of the certificate. 
18. The non-transitory machine-readable storage medium of claim 16, wherein the certificate associated with the file system object further comprises at least one of an identifier of the file system object, a path of the file system object, or a hash of content of the file system object. 



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 6, 12 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Fossen et al. (US 20080155691 A1) in view of Thornton et al. (US 2005/0076203 A1).

Scanning (file scanning processing of Fig.5 and ¶[0025]), by a processing device (Fig.5), a data storage node (file scanning processing of Fig.5), wherein the data storage node comprises multiple certificates (associated certificate chain 520 of Fig.5) associated with file system objects in a plurality of different data storage nodes; and
iterating through the multiple certificates to determine a set of certificates, wherein the set of certificates comprises certificates that are invalid (undesired file of Fig.5. please notes that the undesired file corresponding to the claimed “invalid”); 
Fossen, however, does not explicitly disclose initiating a deletion of the file system objects in the plurality of different storage nodes.
Thornton discloses iterating scan address including certificated (step 1204-1206 of Fig.12, ¶[0086], Thornton), and checking for revoked or invalid certificates (step 1308-1310 of Fig.13, ¶[0081] and [0084], Thornton) and initiating a deletion of the file system objects in the plurality of different storage nodes (¶[0086], Thornton).
It would have been obvious to a person having ordinary skill in the art before the effective filing date, having both Fossen and Thornton before them to modify the feature of deleting the file system object in response to receiving a request to access the file system object associated with the invalid certificate for security’s purposes in file system’s management, as taught by Thornton. The motivation of doing so would have been to provide greater security in management system over infrastructure networks.
Regarding claim 6, Fossen/Thornton combination discloses determining additional certificates are invalid in response to receiving a message identifying the additional certificates as invalid certificates (¶[0081] and [0084], Thornton), and wherein initiating the deletion further (¶[0081], [0084] and [0086], Thornton).
Allowable Subject Matter
Claims 2-11, 13-16 and 18-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Regarding claim 2, similar claim 13 and claim 18, Fossen/Thornton combination discloses all of the claimed limitations as discussed above, except “initiating a creation of a file system object of the file system objects in a first data storage node of the plurality of different data storage nodes; determining an expiration time for the file system object in view of an expiration policy; transmitting a request to create a certificate, the certificate being associated with the file system object and indicating the expiration time; and upon receiving the certificate associated with the file system object, causing the certificate to be stored with the multiple certificates in a data storage node that is different from the first data storage node, wherein the certificate is to indicate whether the file system object is valid at a point in time.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Tseitlin et al. (US 20130276089 A1) disclose METHOD AND SYSTEM FOR IMPROVING SECURITY AND RELIABILITY IN A NETWORKED APPLICATION ENVIRONMENT.
Micali (US 20080163338 A1) discloses efficient certificate revocation.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to HANH B THAI whose telephone number is (571)272-4029. The examiner can normally be reached Mon-Friday 7-4:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Tony Mahmoudi can be reached on 571-272-4078. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/HANH B THAI/Primary Examiner, Art Unit 2163                                                                                                                                                                                                        

March 25, 2022