Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
EXAMINER'S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Authorization for this examiner’s amendment was given in an interview with Attorney Han Gim on 04/19/2022.

The application has been amended as follows: 

1.	(Currently amended) 	A method for controlling access to data stored in a cloud-based storage service, the method comprising:
storing, at the cloud-based storage service, files and folders associated with a user account, the files and folders requiring an authentication protocol for access to the files and folders, the files and folders uploaded to the cloud-based storage service and accessible by users having access to the uploaded files and folders via the user account;
receiving, at the cloud-based storage service, a first request from the user account, to cause a selected folder of the files and folders to be associated with a heightened authentication protocol;
in response to the first request, causing the selected folder to require the heightened authentication protocol for access, wherein files in the selected folder are restricted from file sharing capability while the selected folder is associated with the heightened authentication protocol, and wherein files moved into the selected folder require the heightened authentication protocol for access without applying the heightened authentication protocol to an entirety of the files and folders associated with the user account or individually applying the heightened authentication protocol to individual files;
receiving, at the cloud-based storage service, a second request from the user account for a file that is stored in the selected folder that is associated with the heightened authentication protocol;
authenticating the second request based on the heightened authentication protocol;
in response to authenticating the second request, granting permission to access the selected folder and files that are stored in the selected folder associated with the heightened authentication protocol, wherein visibility to the selected folders and files is provided in response to requests from applications that include an indication that the applications are configured to interact with files and folders that are associated with the heightened authentication protocol; and
in response to a failure to authenticate the second request, denying access to the selected folder that is associated with the heightened authentication protocol, while allowing access to other folders associated with the user account based on a simple or basic authentication mechanism associated with the user account, wherein visibility to the selected folders and files is hidden in response to requests from applications that do not include the indication that the applications are configured to interact with files and folders that are associated with the heightened authentication protocol.

2.	(Original)	The method of claim 1, wherein the permission is temporary.

3.	(Original)	The method of claim 1, wherein the permission is associated with a timeout period.

4.	(Previously presented)	The method of claim 1, wherein the files and folders are accessed via a file system.

5.	(Previously presented)	The method of claim 4, wherein the files and folders are accessible via a user interface for accessing the file system.

6.	(Previously presented)	The method of claim 1, wherein the files and folders are accessible based on a temporary session.

7.	(Original)	The method of claim 6, wherein temporary session is associated with a specific user device.

8.	(Original)	The method of claim 3, wherein the permission is withdrawn when the timeout period expires.

9.	(Original)	The method of claim 1, wherein the heightened authentication protocol comprises one of two-factor authentication, multifactor authentication, multiple step verification, two-step authentication, or strong authentication.
 
10. (Currently amended)	A system for controlling access to data, the system comprising:
one or more hardware data processing units; and
a non-transitory computer-readable medium having encoded thereon computer-executable instructions to cause the one or more hardware data processing units to perform operations comprising: 
storing files and folders associated with a user account, the files and folders requiring an authentication protocol for access to the files and folders, the files and folders uploaded to a cloud-based storage service and accessible by users having access to the uploaded files and folders via the user account;
receiving a first request from the user account, to cause a selected folder of the files and folders to be associated with a heightened authentication protocol;
in response to the first request, causing the selected folder to require the heightened authentication protocol for access, wherein files in the selected folder are restricted from file sharing capability while the selected folder is associated with the heightened authentication protocol, and wherein files moved into the selected folder require the heightened authentication protocol for access without applying the heightened authentication protocol to an entirety of the files and folders associated with the user account or individually applying the heightened authentication protocol to individual files;
receiving a second request from the user account for access to the selected folder that is associated with the heightened authentication protocol;
authenticating the second request based on the heightened authentication protocol;
in response to authenticating the second request, granting a session to access the selected folder and files that are stored in the selected folder that is associated with the heightened authentication protocol, wherein visibility to the selected folder and files is provided in response to requests from applications that include an indication that the applications are configured to interact with files and folders that are associated with the heightened authentication protocol; and
in response to a failure to authenticate the second request, denying access to the selected folder and files that are stored in the selected folder that is associated with the heightened authentication protocol, while allowing access to other folders associated with the user account based on other authentication mechanisms associated with the user account, wherein visibility to the selected folder and files is hidden in response to requests from applications that do not include the indication that the applications are configured to interact with files and folders that are associated with the heightened authentication protocol.

11.	(Original)	The system of claim 10, wherein the session is temporary.

12.	(Original)	The system of claim 10, wherein the session is associated with a timeout period.

13.	(Previously presented)	The system of claim 10, wherein the selected folder is accessed via a file system.

14.	(Previously presented)	The system of claim 13, wherein the selected folder is accessible via a user interface for accessing the file system.

15.	(Previously presented)	The system of claim 10, wherein the selected folder is accessible based on a temporary session.

16.	(Original)	The system of claim 15, wherein the temporary session is associated with a specific user device.

17.	(Original)	The system of claim 12, wherein the session is terminated when the timeout period expires.

18.	(Original)	The system of claim 10, wherein the session is associated with a role using an access control list.

19.	(Currently amended)	A computing device comprising:
one or more hardware data processing units; and
a non-transitory computer-readable medium having encoded thereon computer-executable instructions to cause the one or more hardware data processing units to perform operations comprising: 
receiving a first request to cause a selected folder of files and folders of a storage area to be associated with a heightened authentication protocol, the selected folder of the storage area associated with a user account, the files and folders requiring an authentication protocol for access to the files and folders, the files and folders uploaded to a cloud-based storage service and accessible by users having access to the uploaded files and folders via the user account;
in response to the first request, causing the selected folder of the storage area to require the heightened authentication protocol for access, wherein files in the selected folder are restricted from file sharing capability while the selected folder is associated with the heightened authentication protocol, and wherein files moved into the selected folder require the heightened authentication protocol for access without applying the heightened authentication protocol to an entirety of the files and folders associated with the user account or individually applying the heightened authentication protocol to individual files;
receiving a second request from the user account to access a file that is stored in the selected folder that is associated with the heightened authentication protocol;
authenticating the second request based on the heightened authentication protocol;
in response to authenticating the second request, granting a session to access the file that is stored in the selected folder associated with the heightened authentication protocol, wherein visibility to the file is provided in response to requests from applications that include an indication that the applications are configured to interact with files and folders that are associated with the heightened authentication protocol; and
in response to a failure to authenticate the second request, denying access to the file that is stored in the selected folder associated with the heightened authentication protocol, while allowing access to other areas associated with the user account based on a different authentication mechanism associated with the user account, wherein visibility to the selected folders and files is hidden in response to requests from applications that do not include the indication that the applications are configured to interact with files and folders that are associated with the heightened authentication protocol.

20.	(Original)	The computing device of claim 19, further comprising when the second request is authenticated, allowing data to be moved from the storage area associated with the heightened authentication protocol to the other areas associated with the user account based on a different authentication mechanism.

Reasons for Allowance
The following is an examiner’s statement of reasons for allowance: The prior art of record in particular, Tan does not disclose the limitations “ does not disclose, in response to a failure to authenticate the second request, denying access to the file that is stored in the selected folder associated with the heightened authentication protocol, while allowing access to other areas associated with the user account based on a different authentication mechanism associated with the user account, wherein visibility to the selected folders and files is hidden in response to requests from applications that do not include the indication that the applications are configured to interact with files and folders that are associated with the heightened authentication protocol. Rather, Tan discloses secured storage system with temporary external assignable memory.  Accordingly, claims 1-20 are allowed.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to NEGA WOLDEMARIAM whose telephone number is (571)270-7478. The examiner can normally be reached Monday to Friday, 8am-5pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 5712726798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/NEGA WOLDEMARIAM/Examiner, Art Unit 2433                  

/JEFFREY C PWU/Supervisory Patent Examiner, Art Unit 2433