Notice of Pre-AIA  or AIA  Status
The present application, filed on or after January 09, 2020, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 02/01/2022 has been entered.
Claims 1-20 are pending and are being considered.
Claims 1, 19 and 20 have been amended.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 02/23/2022 was filed after the mailing date of the application 16739015 on 01/09/2020.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Response to Double patenting 
	Applicants arguments filed on 01/03/2022 with respect to double patenting have been fully considered and are persuasive. The double patenting on claims 1-220 have been withdrawn due to amendments and further based on terminal disclaimed filled on 01/03/2022.

Response to 103

In response to applicants argument on page 12 para 1 of remarks that Baskaran fails to teach storage device having an access controlled and a cryptographic engine as required by the claims. The examiner acknowledges applicants point of view but respectfully disagrees because Baskaran (i.e. primary reference) Fig 2 block 204, 210, 212, 216 and text on [0051] teaches an authentication server (i.e. data storage device) includes processor 210 (i.e. controller), storage 212 (i.e. data store) and network interface (i.e. data path). The authentication server includes an authentication module 224 (i.e. equivalent to encryption engine) for performing encryption/decryption. The examiner cited Bolotin (i.e. secondary reference) to teach cryptographic engine connected between data port and the non-volatile storage. Applicant further argues that the cryptographic keys tied to authentication process of Baskaran are not calculated. The examiner respectfully disagrees because BASKARAN on [0030] teaches the authentication server calculates a symmetric public private key pair (i.e. cryptographic key). Note that the cryptographic keys are calculated by the processor (i.e. controller) of authentication server. Baskaran further teaches on [0066] user device (i.e. manager device) sends registration data along with other data (i.e. request) to server 104 (i.e. having a processor 210 equivalent to access controller) to complete the registration process. See on [0030] teaches calculates a symmetric public private key pair (i.e. cryptographic key) after passing the result of M2FA. See on [0066] authentication server generates key Ku (i.e. manager key) and transmits K.sub.PUB u (i.e. portion of cryptographic key) to user device along with other relevant data, while storing K.sub.PRI,U and the data received from the user device 106. See Fig 4 user device 6 holds private key portion. 

In response to applicant’s argument on page 12 last para of remarks that Bolotin (i.e. secondary reference) fails to teach a cryptography engine connected between the data port and the storage an encryption engine 110 (i.e. equivalent to cryptographic engine) is between communication channel 102 (i.e. equivalent to data port in instant case) and storage media 112. The encryption engine 110 also converts encrypted information from the storage media 112 and decrypts it to clear information for the host computer system 120 based on encryption key 116.
The applicant also argues that if the data security system of Boloin is equivalent to data storage of instant application then the authentication system does not appear to be manager device. The examiner respectfully disagrees because the Bolotin is not cited for manager device. Therefore, applicant’s argument is not persuasive. Bolotin is mainly cited for storage device having non-volatile storage device and cryptography engine connected between storage medium and data port as explained above.  For more detail see the rejection below. 
Rest of applicant’s argument with respect to authorized data record and unlocking cryptographic keys based on unlock request are moot in view of new grounds of rejection. The arguments do not apply to the current art being used.
The above remarks are equally applicable to applicants’ arguments with respect to independent claims 19 and 20.

CLAIM INTERPRETATION

The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 

As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 


Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 

Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Such claim limitation(s) is/are “means for receiving, means for generating, and means for storing” in claim 20.


Claim limitation(s) “means for receiving, means for generating, and means for storing” of claim 20 gives their broadest reasonable interpretation of the claim elements with a limited description in the specification. The examiner notes that the term “means” refers to an access controller within a data storage device for performing the above steps as shown in Fig 1. Accordingly claim 20 invoke 35 U.S.C. 112 (f) or sixth paragraph, but the corresponding structure is described.

Because these claim limitation(s) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.

If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 15-16 and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over BASKARAN et al (hereinafter BASKARAN) (US 20180062863) in view of Bolotin et al (hereinafter Bolotin) (US 20190007203) and further in view of Indukuri et al (hereinafter Indukuri) (US 20190266347).
Regarding claim 1 BASKARAN teaches A data storage device comprising a data path comprising: (BASKARAN Fig 2 block 204, 210, 212, 216 and text on [0051] teaches an authentication server (i.e. data storage device) includes processor 210 (i.e. controller), storage 212 (i.e. data store) and network interface (i.e. data path));
a data port configured to transmit data between a host computer system and the data storage device (BASKARAN on [0041] teaches the network interface (i.e. data path) may refer to any suitable device capable of receiving an input, sending an output from the authentication server 104, performing suitable processing of the input or output or both, communicating with other devices (i.e. host computer system which can be transaction server 114), the network interface may include one or more ports, conversion software, or both. The network interface connects the authentication server 104 to the network 102 for authenticating user device 106 and servicing data requests made by user 108);
and an access controller configured to: receive a request from a manager device to initialize the data storage device (BASKARAN on [0032] teaches user 108 may initiate a service request with the transaction server 114 using any of the one or more user devices 106. The one or more user devices 106 may be registered with the authentication server 104. See also on [0066] teaches user device (i.e. manager device) sends registration data along with other data (i.e. request) to server 104 (i.e. having a processor 210 equivalent to access controller) to complete the registration process as shown in Fig. 4);
 generate, responsive to the request from the manager device, the cryptographic key (BASKARAN on [0030] teaches the authentication server calculates a symmetric public private key pair (i.e. cryptographic key) after passing the result of M2FA);
generate, responsive to the request from the manager device, a manager key configured to provide manager access for the manager device, [[wherein the manager key is further configured to provide access to the cryptographic key]] (BASKARAN on [0066] teaches authentication server generates key Ku (i.e. manager key) and transmits K.sub.PUB u (i.e. portion of cryptographic key) to user device along with other relevant data, while storing K.sub.PRI,U and the data received from the user device 106);
and store, in a non-volatile data store, authorization data indicative of the manager key, wherein: the authorization data is accessible based on a private key stored on the manager device (BASKARAN on [0048] teaches the authentication server 104 decrypts the response based on a private key corresponding to the public key to obtain a result (i.e. authorization data accessible by private key). On obtaining the result, the authentication server 104 authenticates the user 108 based on detection of the challenge comprised in the result. See on [0033] teaches passing the result of M2FA to SP. K.sub.U (i.e. indicative of manager key). See Fig 4 user device 6 holds private key portion);
the host computer system is a first device (BASKARAN on [0041] teaches the network interface (i.e. data path) may refer to any suitable device capable of receiving an input, sending an output from the authentication server 104, performing suitable processing of the input or output or both, communicating with other devices (i.e. host computer system)); 
the manager device is a second device (BASKARAN on [0066] teaches user device (i.e. manager device) sends registration data along with other data).
Although BASKARAN teaches data path comprises port but fails to explicitly teach a non-volatile storage medium configured to store encrypted user content data; and a cryptography engine connected between the data port and the non-volatile storage medium, wherein the cryptography engine is configured to use a cryptographic key to decrypt the encrypted user content data stored on the non-volatile storage medium in response to a request from the host computer system; wherein the manager key is further configured to provide access to the cryptographic key, the authorization data includes at least one authorized device record for a user device; Page 2 of 15 Application No. 16/739,065Atty. Dkt. No. WDA-4677-USthe at least one authorized device record comprises: an encrypted user key configured to unlock, responsive to an unlock request from a corresponding authorized device, the cryptographic key for use by the cryptography engine;
(Bolotin on [0062 and 0070] teaches encrypted data is stored in a non-volatile storage medium 112);
and a cryptography engine connected between the data port and the non-volatile storage medium, wherein the cryptography engine is configured to use a cryptographic key to decrypt the encrypted user content data stored on the non-volatile storage medium in response to a request from the host computer system (Bolotin Fig 1 block 106, 110, 112 and text on [0062-0064] teaches an encryption engine 110 is between communication channel 102 (i.e. data port in instant case) and storage media 112. The encryption engine 110 also converts encrypted information from the storage media 112 and decrypts it to clear information for the host computer system 120 based on encryption key 116);
wherein the manager key is further configured to provide access to the cryptographic key (Bolotin on [0067] teaches the authentication key 118 is used to recover encryption key 116).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bolotin into the teaching of BASKARAN by having data port connected to a non-volatile storage medium for storing information encrypted by cryptographic engine. One would be motivated to do so in order to improve and maintain connectivity of data security system (Bolotin on [0013]).

Although the combination of BASKARAN and Bolotin teaches manager key and authorization data accessible based on private key and stored on non-volatile storage, but fails to explicitly teach the authorization data includes at least one authorized device record for a user device; Page 2 of 15 Application No. 16/739,065Atty. Dkt. No. WDA-4677-USthe at least one authorized device record comprises: an encrypted user key configured to unlock, responsive to an (Indukuri on [0073] teaches the key-unlock request 62 or key-unlock response 64 may include metadata associated with the data to be opened, such as a file identifier, a digital signature associated with the access control layer 50 that is used by the anchor service 26 to verify that the user device 14 is legitimate (i.e. authorized device record));
Page 2 of 15 Application No. 16/739,065Atty. Dkt. No. WDA-4677-USthe at least one authorized device record comprises: an encrypted user key configured to unlock, responsive to an unlock request from a corresponding authorized device, the cryptographic key for use by the cryptography engine (Indukuri on [0012-0013] teaches key unlock request for unlocking encrypted data key (i.e. cryptographic key) using the encryption key known as context key (i.e. encrypted user key in view of [0105]) for unlocking the encrypted data key and using the data key to unlock the data (i.e. using the cryptographic key));
and encrypted authorized device metadata configured to identify, responsive to the manager key, the corresponding authorized device to the manager device (Indukuri on [0073] teaches the key-unlock request 62 or key-unlock response 64 may include metadata associated with the data to be opened, such as a file identifier, a digital signature associated with the access control layer 50 that is used by the anchor service 26 to verify that the user device 14 is legitimate);
and the user device to be authorized is a third device (Indukuri on [0073] teaches the user device 14 is legitimate (i.e. third device)).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Indukuri into the combined teaching of BASKARAN and Bolotin by unlocking cryptographic key responsive to unlock request and using the cryptographic key. One would Indukuri on [0007-0008].)

Regarding claim 15 the combination of BASKARAN, Bolotin and Indukuri teaches all the limitations of claim 1 above, BASKARAN further teaches wherein receiving the request from the manager device to initialize the data storage device comprises establishing a secure communication channel (BASKARAN on [0047] teaches the authentication server 104 transmits a challenge to the user device 106 over the second communication channel).

Regarding claim 16 the combination of BASKARAN, Bolotin and Indukuri teaches all the limitations of claim 15 above, Bolotin further teaches wherein establishing the secure communication channel is based on an identity key provided on the data storage device and readable by the manager device out-of-band (Bolotin on [0106] teaches verifying the user against an authentication key in a block 502; employing the authentication key for retrieving an encryption key in a block 504; and employing the encryption key for allowing unencrypted communication through a storage).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bolotin into the teaching of BASKARAN by having data port connected to a non-volatile storage medium for storing information encrypted by cryptographic engine. One would be motivated to do so in order to improve and maintain connectivity of data security system (Bolotin on [0013]).
Regarding claim 18 the combination of BASKARAN, Bolotin and Indukuri teaches all the limitations of claim 1 above, BASKARAN further teaches wherein the access controller is further configured to remove access for devices other than the manager device (BASKARAN on [0052 and 0058] teaches the transaction server 114 may allow or deny access to the user 108 for performing the transaction as it may deem appropriate).
Regarding claim 19 BASKARAN teaches a method for initializing a data storage device, configured for access from a host computer system, the method comprising: (BASKARAN on [0025] teaches the user to initiate transaction on a network connection, such as an internet connection, and in response receives a request on her smart device. See on [0041] teaches the network interface may refer to any suitable device capable of receiving an input, sending an output from the authentication server 104, performing suitable processing of the input or output or both, communicating with other devices (i.e. host computer system which can be transaction server 114));
receiving a request from a manager device to initialize the data storage device ( BASKARAN on [0032] teaches user 108 may initiate a service request with the transaction server 114 using any of the one or more user devices 106. The one or more user devices 106 may be registered with the authentication server 104. See also on [0066] teaches user device (i.e. manager device) sends registration data along with other data (i.e. request) to server 104 to complete the registration process as shown in Fig. 4);
generating responsive to the request from the manager device, a manager key configured to provide manager access for the manager device (BASKARAN on [0066] teaches authentication server generates key Ku (i.e. manager key) and transmits K.sub.PUB u (i.e. portion of cryptographic key) to user device along with other relevant data, while storing K.sub.PRI,U and the data received from the user device 106);
and store, in a non-volatile data store, authorization data indicative of the manager key wherein:  the authorization data is accessible based on a private key stored on the manager devices (BASKARAN on [0048] teaches the authentication server 104 decrypts the response based on a private key corresponding to the public key to obtain a result (i.e. authorization data accessible by private key). On obtaining the result, the authentication server 104 authenticates the user 108 based on detection of the challenge comprised in the result. See on [0033] teaches passing the result of M2FA to SP. K.sub.U (i.e. indicative of manager key). See Fig 4 user device 6 holds private key portion);
the host computer system is a first device (BASKARAN on [0041] teaches the network interface (i.e. data path) may refer to any suitable device capable of receiving an input, sending an output from the authentication server 104, performing suitable processing of the input or output or both, communicating with other devices (i.e. host computer system));
the manager device is a second device (BASKARAN on [0066] teaches user device (i.e. manager device) sends registration data along with other data).
Although BASKARAN teaches data path comprises port but fails to explicitly teach generating responsive to the request from the manager device, a cryptographic key configured to decrypt encrypted user content data stored on a storage medium of the data storage device, wherein the manager key is further configured to provide access to the cryptographic key, the authorization data includes at least one authorized device record for a user device configured to unlock the cryptographic key for use by the cryptography engine, however Bolotin from analogous art teaches generating responsive to the request from the manager device, a cryptographic key configured to decrypt encrypted user content data stored on a storage medium of the data storage device (Bolotin Fig 1 block 106, 110, 112 and text on [0062-0064] teaches an encryption engine 110 is between communication channel 102 (i.e. data port in instant case) and storage media 112. The encryption engine 110 also converts encrypted information from the storage media 112 and decrypts it to clear information for the host computer system 120 based on encryption key 116);
wherein the manager key is further configured to provide access to the cryptographic key (Bolotin on [0067] teaches the authentication key 118 is used to recover encryption key 116).

(Bolotin on [0013]).
Although the combination of BASKARAN and Bolotin teaches manager key and authorization data accessible based on private key and stored on non-volatile storage, but fails to explicitly teach the authorization data includes at least one authorized device record for a user device; Page 2 of 15 Application No. 16/739,065Atty. Dkt. No. WDA-4677-USthe at least one authorized device record comprises: an encrypted user key configured to unlock, responsive to an unlock request from a corresponding authorized device, the cryptographic key for use by the cryptography engine, however Maron from analogous art teaches the authorization data includes at least one authorized device record for a user device (Indukuri on [0073] teaches the key-unlock request 62 or key-unlock response 64 may include metadata associated with the data to be opened, such as a file identifier, a digital signature associated with the access control layer 50 that is used by the anchor service 26 to verify that the user device 14 is legitimate (i.e. authorized device record));
Page 2 of 15 Application No. 16/739,065Atty. Dkt. No. WDA-4677-USthe at least one authorized device record comprises: an encrypted user key configured to unlock, responsive to an unlock request from a corresponding authorized device, the cryptographic key for use by the cryptography engine (Indukuri on [0012-0013] teaches key unlock request for unlocking encrypted data key (i.e. cryptographic key) using the encryption key known as context key (i.e. encrypted user key in view of [0105]) for unlocking the encrypted data key and using the data key to unlock the data (i.e. using the cryptographic key));
and encrypted authorized device metadata configured to identify, responsive to the manager key, the corresponding authorized device to the manager device (Indukuri on [0073] teaches the key-unlock request 62 or key-unlock response 64 may include metadata associated with the data to be opened, such as a file identifier, a digital signature associated with the access control layer 50 that is used by the anchor service 26 to verify that the user device 14 is legitimate);
and the user device to be authorized is a third device (Indukuri on [0073] teaches the user device 14 is legitimate (i.e. third device)).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Indukuri into the combined teaching of BASKARAN and Bolotin by unlocking cryptographic key responsive to unlock request and using the cryptographic key. One would be motivated to do so in order to controlling access to the sensitive data from unauthorized access (Indukuri on [0007-0008])
Regarding claim 20 BASKARAN teaches A data storage device comprising (BASKARAN on [0025] teaches the user to initiate transaction on a network connection, such as an internet connection, and in response receives a request on her smart device);
wherein the data storage device is configured for access from a host computer system (BASKARAN on [0041] teaches the network interface may refer to any suitable device capable of receiving an input, sending an output from the authentication server 104, performing suitable processing of the input or output or both, communicating with other devices (i.e. host computer system which can be transaction server 114));
 means for receiving a request from a manager device to initialize the data storage device  (BASKARAN on [0032] teaches user 108 may initiate a service request with the transaction server 114 using any of the one or more user devices 106. The one or more user devices 106 may be registered with the authentication server 104. See also on [0066] teaches user device (i.e. manager device) sends registration data along with other data (i.e. request) to server 104 to complete the registration process as shown in Fig. 4); 
means for generating responsive to the request from the manager device a manager key configured to provide manager access for the manager device (BASKARAN on [0066] teaches authentication server generates key Ku (i.e. manager key) and transmits K.sub.PUB u (i.e. portion of cryptographic key) to user device along with other relevant data, while storing K.sub.PRI,U and the data received from the user device 106);
means for storing, in a non-volatile data store, authorization data indicative of the manager key wherein:  the authorization data is accessible based on a private key stored on the manager devices (BASKARAN on [0048] teaches the authentication server 104 decrypts the response based on a private key corresponding to the public key to obtain a result (i.e. authorization data accessible by private key). On obtaining the result, the authentication server 104 authenticates the user 108 based on detection of the challenge comprised in the result. See on [0033] teaches passing the result of M2FA to SP. K.sub.U (i.e. indicative of manager key). See Fig 4 user device 6 holds private key portion);
the host computer system is a first device (BASKARAN on [0041] teaches the network interface (i.e. data path) may refer to any suitable device capable of receiving an input, sending an output from the authentication server 104, performing suitable processing of the input or output or both, communicating with other devices (i.e. host computer system));
the manager device is a second device (BASKARAN on [0066] teaches user device (i.e. manager device) sends registration data along with other data).

Although BASKARAN teaches data path comprises port but fails to explicitly teach means for generating responsive to the request from the manager device a cryptographic key configured to decrypt encrypted user content data stored on a storage medium of the data storage device, wherein (Bolotin Fig 1 block 106, 110, 112 and text on [0062-0064] teaches an encryption engine 110 is between communication channel 102 (i.e. data port in instant case) and storage media 112. The encryption engine 110 also converts encrypted information from the storage media 112 and decrypts it to clear information for the host computer system 120 based on encryption key 116);
wherein the manager key is further configured to provide access to the cryptographic key (Bolotin on [0067] teaches the authentication key 118 is used to recover encryption key 116).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Bolotin into the teaching of BASKARAN by having data port connected to a non-volatile storage medium for storing information encrypted by cryptographic engine. One would be motivated to do so in order to improve and maintain connectivity of data security system (Bolotin on [0013]).

Although the combination of BASKARAN and Bolotin teaches manager key and authorization data accessible based on private key and stored on non-volatile storage, but fails to explicitly teach the authorization data includes at least one authorized device record for a user device; Page 2 of 15 Application No. 16/739,065Atty. Dkt. No. WDA-4677-USthe at least one authorized device record comprises: an encrypted user key configured to unlock, responsive to an unlock request from a corresponding authorized device, the cryptographic key for use by the cryptography engine, however Maron from analogous art teaches the authorization data includes at (Indukuri on [0073] teaches the key-unlock request 62 or key-unlock response 64 may include metadata associated with the data to be opened, such as a file identifier, a digital signature associated with the access control layer 50 that is used by the anchor service 26 to verify that the user device 14 is legitimate (i.e. authorized device record));
Page 2 of 15 Application No. 16/739,065Atty. Dkt. No. WDA-4677-USthe at least one authorized device record comprises: an encrypted user key configured to unlock, responsive to an unlock request from a corresponding authorized device, the cryptographic key for use by the cryptography engine (Indukuri on [0012-0013] teaches key unlock request for unlocking encrypted data key (i.e. cryptographic key) using the encryption key known as context key (i.e. encrypted user key in view of [0105]) for unlocking the encrypted data key and using the data key to unlock the data (i.e. using the cryptographic key));
and encrypted authorized device metadata configured to identify, responsive to the manager key, the corresponding authorized device to the manager device (Indukuri on [0073] teaches the key-unlock request 62 or key-unlock response 64 may include metadata associated with the data to be opened, such as a file identifier, a digital signature associated with the access control layer 50 that is used by the anchor service 26 to verify that the user device 14 is legitimate);
and the user device to be authorized is a third device (Indukuri on [0073] teaches the user device 14 is legitimate (i.e. third device)).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Indukuri into the combined teaching of BASKARAN and Bolotin by unlocking cryptographic key responsive to unlock request and using the cryptographic key. One would be motivated to do so in order to controlling access to the sensitive data from unauthorized access (Indukuri on [0007-0008].)


Claims 2-12 are rejected under 35 U.S.C. 103 as being unpatentable over BASKARAN et al (hereinafter BASKARAN) (US 20180062863) in view of Bolotin et al (hereinafter Bolotin) (US 20190007203), in view of Indukuri et al (hereinafter Indukuri ) (US 20190266347) and further in view of Benson et al (hereinafter Benson) (US 10965474).
Regarding claim 2 the combination of BASKARAN, Bolotin and Indukuri teaches all the limitations of claim 1 above, Bolotin further teaches wherein the access controller is further configured to: and encrypt the cryptographic key using the user key (Bolotin on [0008] teaches a password is used as the key to encrypt the encryption key). 
The combination fails to explicitly teach derive a user key from the manager key, however Benson from analogous art teaches derive a user key from the manager key (Benson on [Col 11 line 12-20] teaches derived key 334 is derived from keys stored at SPR).	
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri  by generating a key based on manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).
Regarding claim 3 the combination of BASKARAN, Bolotin and Indukuri teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein: the access controller is further configured to encrypt the manager key; and the authorization data comprises the encrypted manager key, however Benson from analogous art teaches wherein: the access controller is further configured to encrypt the manager key; and the authorization data comprises the encrypted manager key (Benson on [Col 3 line 1-10] teaches the verification value is a key. See on [Col 2 line 55-65] teaches encrypting the verification value. The encrypted verification value of some embodiments is encrypted with the public value so that only the security device can decrypt it using a private secret (e.g., a private key or a shared key generated based on information received from the target device) of the security device.).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri  by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).

Regarding claim 4 the combination of BASKARAN, Bolotin, Indukuri and Benson teaches all the limitations of claim 3 above, Benson further teaches wherein the encrypted manager key is decryptable based on a unlocking private key stored on the manager device (Benson on [Col 3 line 1-10] teaches the verification value is a key. See on [Col 2 line 55-65] teaches encrypting the verification value. The encrypted verification value of some embodiments is encrypted with the public value so that only the security device can decrypt it using a private secret (e.g., a private key or a shared key generated based on information received from the target device) of the security device).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri  by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).
Regarding claim 5 the combination of BASKARAN, Bolotin Indukuri and Benson teaches all the limitations of claim 4 above, Benson further teaches wherein: the encrypted manager key is decryptable based on a response from the manager device to a challenge generated by the access controller (Benson on [Col 3 line 25-35] teaches retrieves the encrypted verification value from the table based on the public key, and sends the encrypted verification value as part of a challenge to the security device);
 and  34 the response was calculated by the manager device based on the unlocking private key stored on the manager device (Benson on [Col 5 line 25-35] teaches the security device processes the challenge to retrieve the verification value and to return a response that includes the verification value. The method of some embodiments receives the response from the security device and determines whether the response is a valid response).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri  by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).
Regarding claim 6 the combination of BASKARAN, Bolotin, Indukuri Benson teaches all the limitations of claim 5 above, BASKARAN further teaches wherein the challenge is based on the authorization data (BASKARAN on [0048] teaches the authentication server 104 decrypts the response based on a private key corresponding to the public key to obtain a result (i.e. authorization data accessible by private key). On obtaining the result, the authentication server 104 authenticates the user 108 based on detection of the challenge comprised in the result).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri  by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).
Regarding claim 7 the combination of BASKARAN, Bolotin and Indukuri teaches all the limitations of claim 1 above, the combination fails to explicitly teach wherein the access controller is further configured to: generate an ephemeral private key; calculate an ephemeral unlock secret based Benson [Col 5 line 5-20] teaches the challenge includes a verification value that is encrypted such that only the security device is able to decrypt the encrypted verification value. For example, in some embodiments, the challenge is encrypted using a shared key (i.e. ephemeral public key) that is generated (e.g., using an elliptic curve Diffie-Hellman (ECDH) protocol) based on a combination of public values that are shared between the target and security devices and private secret values unique to the target and security devices).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri  by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).

Regarding claim 8 the combination of BASKARAN, Bolotin Indukuri and Benson teaches all the limitations of claim 7 above, Benson further teaches wherein the ephemeral unlock secret is based on an unlocking public key corresponding to an unlocking private key stored on the manager device (Benson [Col 5 line 5-20] teaches the challenge includes a verification value that is encrypted such that only the security device is able to decrypt the encrypted verification value. For example, in some embodiments, the challenge is encrypted using a shared key (i.e. ephemeral public key) that is generated (e.g., using an elliptic curve Diffie-Hellman (ECDH) protocol) based on a combination of public values that are shared between the target and security devices and private secret values unique to the target and security devices).
 by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).
Regarding claim 9 the combination of BASKARAN, Bolotin, Indukuri and Benson teaches all the limitations of claim 8 above, Benson further teaches wherein the ephemeral unlock secret and the unlocking private key are based on elliptic curve cryptography. (Benson [Col 5 line 5-20] teaches the challenge includes a verification value that is encrypted such that only the security device is able to decrypt the encrypted verification value. For example, in some embodiments, the challenge is encrypted using a shared key (i.e. ephemeral public key) that is generated (e.g., using an elliptic curve Diffie-Hellman (ECDH) protocol) based on a combination of public values that are shared between the target and security devices and private secret values unique to the target and security devices).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).

Regarding claim 10 the combination of BASKARAN, Bolotin, Indukuri and Benson teaches all the limitations of claim 9 above, Benson further teaches wherein the access controller is further configured to: calculate an ephemeral public key corresponding to the ephemeral private key and encrypt the ephemeral public key using a metadata wrapping key (Benson [Col 5 line 5-20] teaches the challenge includes a verification value that is encrypted such that only the security device is able to decrypt the encrypted verification value. For example, in some embodiments, the challenge is encrypted using a shared key (i.e. ephemeral public key) that is generated (e.g., using an elliptic curve Diffie-Hellman (ECDH) protocol) based on a combination of public values that are shared between the target and security devices and private secret values unique to the target and security devices).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).

Regarding claim 11 the combination of BASKARAN, Bolotin, Indukuri and Benson teaches all the limitations of claim 10 above, Benson further teaches wherein the access controller is further configured to generate the metadata wrapping key (Benson on [Col 13 line 51-65] teaches that target device 420 has created a new unlock secret key USK2 and generated a new blob Blob2).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).

Regarding claim 12 the combination of BASKARAN, Bolotin, Indukuri and Benson teaches all the limitations of claim 11 above, Benson further teaches wherein the access controller is further configured to provide the metadata wrapping key to the manager device (Benson on [Col 13 line 51-65] teaches that target device 420 has created a new unlock secret key USK2 and generated a new blob Blob.).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Benson into the combined teaching of BASKARAN, Bolotin and Indukuri by encrypting manager key. One would be motivated to do so in order to improve security of device by performing authentication on the device to unlock the device (Benson on [Col 1 line 50-60]).

Claims 13-14 are rejected under 35 U.S.C. 103 as being unpatentable over BASKARAN et al (hereinafter BASKARAN) (US 20180062863) in view of Bolotin et al (hereinafter Bolotin) (US 20190007203) in view of in view of Indukuri  et al (hereinafter Indukuri ) (US 20190266347), in view of Benson et al (hereinafter Benson) (US 10965474) and further in view of Hunt et al (hereinafter Hunt) (US 20210152372).

Regarding claim 13 the combination of BASKARAN, Bolotin, Indukuri  and Benson teaches all the limitations of claim 12 above, the combination fails to explicitly teach wherein the access controller is further configured to: create a certificate for the manager device, wherein the certificate includes the metadata wrapping key; sign the certificate; and send the signed certificate to the manager device, however Hunt from analogous art teaches wherein the access controller is further configured to: create a certificate for the manager device, wherein the certificate includes the metadata wrapping key; sign the certificate; and send the signed certificate to the manager device (Hunt on [0003] teaches a digital certificate is associated with a private key and a mathematically-correlated public key (i.e. wrapped key and transport key). Further teaches digitally signs certificates to verify their validity, and tracks which certificates have been revoked or have expired. See on [0026] teaches provide newly-generated certificates to the client 101).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Hunt into the combined teaching of BASKARAN, Bolotin, Indukuri and Benson by create a certificate for the manager device and sending the signed certificate. One would be motivated to do so in order to improve security of digital asset utilizing digital certificate (Hunt on [0009]).

14 the combination of BASKARAN, Bolotin, Indukuri, Benson and Hunt teaches all the limitations of claim 13 above, Hunt further teaches wherein the certificate comprises a transport public key sent to the access controller and corresponding to a transport private key stored on the manager device (Hunt on [0003] teaches a digital certificate is associated with a private key and a mathematically-correlated public key (i.e. wrapped key and transport key). Further teaches digitally signs certificates to verify their validity, and tracks which certificates have been revoked or have expired. See on [0026] teaches provide newly-generated certificates to the client 101).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Hunt into the combined teaching of BASKARAN, Bolotin, Indukuri  and Benson by create a certificate for the manager device and sending the signed certificate. One would be motivated to do so in order to improve security of digital asset utilizing digital certificate (Hunt on [0009]).

Claims 17 are rejected under 35 U.S.C. 103 as being unpatentable over BASKARAN et al (hereinafter BASKARAN) (US 20180062863) in view of Bolotin et al (hereinafter Bolotin) (US 20190007203), in view of in view of Indukuri  et al (hereinafter Indukuri ) (US 20190266347) and further in view of Hunt et al (hereinafter Hunt) (US 20210152372).

Regarding claim 17 the combination of BASKARAN, Bolotin and Indukuri teaches all the limitations of claim 16 above, the combination fails to explicitly teach wherein establishing the secure communication channel comprises: generating a certificate; signing the certificate; and sending the signed certificate to the manager device, however Hunt from analogous art teaches wherein establishing the secure communication channel comprises: generating a certificate; signing the certificate; and sending the signed certificate to the manager device (Hunt on [0003] teaches a digital certificate is associated with a private key and a mathematically-correlated public key (i.e. wrapped key and transport key). Further teaches digitally signs certificates to verify their validity, and tracks which certificates have been revoked or have expired. See on [0026] teaches provide newly-generated certificates to the client 101). 

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Hunt into the combined teaching of BASKARAN, Bolotin and Indukuri by create a certificate for the manager device and sending the signed certificate. One would be motivated to do so in order to improve security of digital asset utilizing digital certificate (Hunt on [0009]).


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Maron et al (US 20180323970) The invention is directed towards systems and methods relating to master password reset in a zero-knowledge architecture. A master password reset may be used to regain access to encrypted user data despite not having access to the master password associated with decrypting the user data. As an example, the user data may be encrypted using a local ciphering key, wherein the local ciphering key may be encrypted using a master password to generate a first encrypted local ciphering key that may be stored. The local ciphering key may also be encrypted using a recovery key to generate a second encrypted local ciphering key, which may also be stored. The recovery key may then be stored by a third party, such as a trusted third party.

Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOEEN KHAN/Examiner, Art Unit 2436                                                                                                                                                                                                        
/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436