Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
The present application is being examined under the pre-AIA  first to invent provisions.
This office action is in response to the Arguments/Remarks filed on 03/03/2022. Claims 1, 8, and 15 have been amended. Claims 1 – 20 are pending for consideration. 

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 03/03/2022 has been entered.

Response to Arguments
Applicant’s arguments/remarks filed on 03/03/2022 (hereafter Remarks) with respect to claims 1 – 20 have been fully considered but they are not persuasive.
On p. 10 of the Remarks Applicant stated that Shindo's address change direction tag is not an "alphanumeric value that uniquely identifies the set of data blocks that are associated with the data file," as recited in Claim 1.
Examiner respectfully disagrees. The tag values corresponding the address values are presented in hexadecimal format (Shindo, in Para. [0134] discloses “The tag value corresponding to the address Ox002008 is 0x00200, and the data of the address Ox002008 is stored at the location of D4. Here, "Ox" is the symbol showing that the subsequent number is hexadecimal.”). 
The hexadecimal format for addresses notation uses hexadecimal numbers that are represented in the alphanumeric form (see e.g. Wikipedia). For example, the tag value 65_1 of Shindo is given in hexadecimal, i.e. alphanumeric, form (Shindo, in Para. [0141] discloses “The value of the tag 65_1 of the way 1 is Ox00lFF, which matches the tag value 0x00lFF continuous with the tag value Ox.00200 of the way 0 in the direction opposite to the direction in which the address is incremented that the decrement flag 66_0 and decrement flag 66_1 indicate.”). 
In conclusion, the claims in the present edition do not overcome the prior art. Accordingly the 103 rejection is maintained.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1 – 3, 6 – 10, 13 – 17, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Naystut et al. (US 2014/0281486) (hereafter Naystut) and in view of Shindo (US 2015/0293850) (hereafter Shindo).

Regarding claim 1 Naystut teaches: An information security device, comprising: a data control engine implemented by a processor operably coupled to a memory, configured to: receive a data file (Naystut, in Para. [0017] discloses “the illustrative computing device 102 includes a processor 110, an input/output ("I/0") subsystem 112, a memory 114, a communication circuitry 118, one or more peripheral devices 120, a data storage 122, and a security engine 124”); segment the data file into a set of data blocks (Naystut, in Para. [0027] discloses “the file management module 202 fragments or otherwise breaks a given file (e.g., a digital file) that is to be stored on the content data server 106 into one or more blocks or chunks. The file may be embodied as, for example, a digital file, program or application, atomic section of code or data, or other suitable data structure.”), 
[wherein each data block from the set of data block comprises a portion of data from the data file; associate the set of data blocks with a reference tag,] 
[wherein: the reference tag comprises an alphanumeric value that uniquely identifies the set of data blocks that are associated with the data file; and each data block within the set of data blocks is associated with the same alphanumeric value that uniquely identifies the set of data blocks that are associated with the data file;] 
identify an access key for encrypting each data block from the set of data blocks (Naystut, in Para. [0044] discloses “the content data server 106 determines whether the keyed hash associated with each encrypted block identified in the file information has either been stored from the member device 102 that transmitted the file or was previously stored on the content data server 106 from a file storage of another member device 102.”); encrypt each data block from the set of data blocks with a corresponding access key (Naystut, in Para. [0028] discloses “the cryptographic module 204 encrypts each block of a fragmented file using a file encryption key 212 and encrypts the list of blocks generated by the file management module 202 using the member encryption key 208.”); and store each data block from the encrypted set of data blocks in a memory, wherein the encrypted set of data blocks are not stored sequentially in the memory; and the memory operably coupled to the processor, operable to store: (Naystut, in Para. [0037] discloses “the computing device 102 receives the corresponding encrypted blocks, keyed hashes, and member IDs (i.e., the member ID of the computing device 102 that stored each particular encrypted block to the content data server 106) from the content data server 106.”)
[the encrypted set of data blocks; an association between the set of data blocks and the reference tag in a data information table;] 
an association between each data block in the set of data blocks and each corresponding access key in the data information table (Naystut, in Para. [0027] discloses “the file management module 202 may fragment a file into blocks X, Y, and Z, which may over time be stored in nonadjacent sections of memory in the computing device 102 and/ or on the content data server 106. As such, the list of blocks provides a mechanism for identifying the particular blocks associated with a file and their correct order for reconstruction purposes”); 
[and location information for each data block in the set of data blocks in the data information table, wherein the location information comprises a memory address that identifies a location in the memory where each data block is stored.]
Naystut fails to explicitly teach: wherein each data block from the set of data block comprises a portion of data from the data file; associate the set of data blocks with a reference tag, 
wherein: the reference tag comprises an alphanumeric value that uniquely identifies the set of data blocks that are associated with the data file; and each data block within the set of data blocks is associated with the same alphanumeric value that uniquely identifies the set of data blocks that are associated with the data file;
the encrypted set of data blocks; an association between the set of data blocks and the reference tag in a data information table
and location information for each data block in the set of data blocks in the data information table, wherein the location information comprises a memory address that identifies a location in the memory where each data block is stored.
Shindo from the analogous technical field teaches: wherein each data block from the set of data block comprises a portion of data from the data file; associate the set of data blocks with a reference tag (Examiner note: assigning tag values to the selected data blocks with a subsequent control of the memory access is met by prefetching technique of Shindo comprising assigning the tag values to the predefined ways of access to the memory, i.e. cache) (Shindo in Para. [0014] discloses “there is provided a semiconductor device including a processor, a memory, a plurality of tags each corresponding to each of a plurality of ways, and a cache controller.”),
wherein: the reference tag comprises an alphanumeric value that uniquely identifies the set of data blocks that are associated with the data file (Examiner note: the tag values corresponding the address values are presented in hexadecimal format which is alphanumeric by definition) (Shindo, in Para. [0134] discloses “The tag value corresponding to the address Ox002008 is 0x00200, and the data of the address Ox002008 is stored at the location of D4. Here, "Ox" is the symbol showing that the subsequent number is hexadecimal.”);
and each data block within the set of data blocks is associated with the same alphanumeric value that uniquely identifies the set of data blocks that are associated with the data file (Examiner note: data block control by using the reference tag values is met by prefetching technique of Shindo comprising control over data blocks per the tag values corresponding to the preselected, i.e. referenced, data processing way) (Shindo in Para. [0040] discloses “The predetermined prefetch operation is the prefetch of data, which is indicated by the tag value continuous in the direction that the address change direction flag indicates, with respect to the tag value corresponding to the first way”);
the encrypted set of data blocks; an association between the set of data blocks and the reference tag in a data information table (Shindo in Para. [0010] discloses “Cryptographic techniques include operations such as decryption of cipher using an encryption key with a long bit length, in which a continuous access of a series of data is expected and prefetching techniques are effective.” Shindo in Para. [0101] discloses “The data cache 61 includes a plurality of tags 65_0 to 65_3, as well as a plurality of ways 64_0 to 64_3 each of which can store a plurality of data of consecutive addresses of the memory 55 in which the tag value stored in the each tag is taken as the reference value”);
and location information for each data block in the set of data blocks in the data information table, wherein the location information comprises a memory address that identifies a location in the memory where each data block is stored. (Examiner note: location information in a memory comprising addresses is met by the cache memory storage control through the predefined/prefetched ways of data storage processing to relevant addresses) (Shindo in Para. [0038] discloses “There is provided a semiconductor device (50) including a processor (53), a memory (55), a plurality of tags (65), a plurality of ways (64), each of which can store a plurality of data of consecutive addresses of the memory in which the tag value stored in the each tag is taken as the reference address, and a cache controller (63).”).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Naystut, in view of the teaching of Shindo which discloses control over data processing and storage in memory using prefetching technique of data processing way control and using tag values represented in hexadecimal, i.e. alphanumeric, format in order to improve security of data management in the system (Shindo, [0010, 0014, 0038, 0040, 0101]).

Regarding claim 2 Naystut, as modified by Shindo, teaches: The system of claim 1, wherein the data control engine is further configured to: identify a file key for encrypting the data file; and encrypt the set of data blocks using the file key after encrypting each data block 5from the set of data blocks with a corresponding access key (Naystut, in Para. [0024] discloses “the computing devices 102 may encrypt and generate hashes of blocks of a file to be stored in the system 100 and transmit both the encrypted block 150 and hashed blocks 152 to the content data server 106.” Naystut, in Para. [0028] discloses “the cryptographic module 204 encrypts each block of a fragmented file using a file encryption key 212 and encrypts the list of blocks generated by the file management module 202 using the member encryption key 208.”).

Regarding claim 3 Naystut, as modified by Shindo, teaches: The system of claim 1, wherein the data control engine is further configured to: identify a file key for encrypting the data file; and 10encrypt the set of data blocks using a combination of the file key and a corresponding access key (Naystut, in Para. [0024] discloses “each member computing device 102 in the community has a unique member identification, which is transmitted to both the content data server 106 and the key server 108. As discussed in greater detail below, each of the computing devices 102 also has file encryption and decryption keys, which may be used to encrypt the data blocks” Naystut, in Para. [0028] discloses “the cryptographic module 204 encrypts each block of a fragmented file using a file encryption key 212 and encrypts the list of blocks generated by the file management module 202 using the member encryption key 208”).

Regarding claim 6 Naystut, as modified by Shindo, teaches: The system of claim 1, wherein encrypting each data from the set of data blocks comprises each data block with a different access key (Examiner note: encryption of each data block with different access key is met by the encryption of each of data blocks with different keys from file 212) (Naystut, in Para. [0028] discloses “the cryptographic module 204 may generate cryptographic keys (i.e., the file keys 212) to encrypt and/or decrypt various file blocks.” Naystut, in Para. [0042] discloses “the content data server 106 also associates the keyed hash, member ID, and encrypted block with each other.”).

Regarding claim 7 Naystut, as modified by Shindo, teaches: The system of claim 1, wherein encrypting each data from the set of data blocks comprises each data block with the same key (Naystut, in Para. [0028] discloses “the cryptographic module 204 encrypts each block of a fragmented file using a file encryption key 212 and encrypts the list of blocks generated by the file management module 202 using the member encryption key 208.”).

Regarding claim 8, claim 8 discloses a method that is substantially equivalent to the system of claim 1. Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 8 and rejected for the same reasons.

Regarding claim 9, claim 9 dependent on claim 8 discloses a method that is substantially equivalent to the system of claim 2 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 2 are equally applicable to claim 9 and rejected for the same reasons.

Regarding claim 10, claim 10 dependent on claim 8 discloses a method that is substantially equivalent to the system of claim 3 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 3 are equally applicable to claim 10 and rejected for the same reasons.

Regarding claim 13, claim 13 dependent on claim 8 discloses a method that is substantially equivalent to the system of claim 6 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 6 are equally applicable to claim 13 and rejected for the same reasons.

Regarding claim 14, claim 14 dependent on claim 8 discloses a method that is substantially equivalent to the system of claim 7 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 7 are equally applicable to claim 14 and rejected for the same reasons.

Regarding claim 15, claim 15 discloses a medium that is substantially equivalent to the system of claim 1. Therefore, the arguments set forth above with respect to claim 1 are equally applicable to claim 15 and rejected for the same reasons.

Regarding claim 16, claim 16 dependent on claim 15 discloses a medium that is substantially equivalent to the system of claim 2 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 2 are equally applicable to claim 16 and rejected for the same reasons.

Regarding claim 17, claim 17 dependent on claim 15 discloses a medium that is substantially equivalent to the system of claim 3 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 3 are equally applicable to claim 17 and rejected for the same reasons.

Regarding claim 20, claim 20 dependent on claim 15 discloses a medium that is substantially equivalent to the system of claim 6 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 6 are equally applicable to claim 20 and rejected for the same reasons.

Claims 4, 5, 11, 12, 18, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Naystut et al. (US 2014/0281486) (hereafter Naystut), in view of Shindo (US 2015/0293850) (hereafter Shindo), and in view of O’Hare et al. (US 2013/0013931) (hereafter O’Hare).

Regarding claim 4 Naystut, as modified by Shindo, fails to explicitly teach: The system of claim 1, wherein: the data file is represented as a numeric string of values;  15segmenting the data file into a set of data blocks comprises partitioning the numeric string of values into substrings of numeric values; and each substring of numeric values corresponds with a data block.
O’Hare from the analogous technical field teaches: The system of claim 1, wherein: the data file is represented as a numeric string of values;  15segmenting the data file into a set of data blocks comprises partitioning the numeric string of values into substrings of numeric values; and each substring of numeric values corresponds with a data block (O’Hare, in Para. [0428] discloses “A hash may be used (e.g., as a function of the cipher feedback session key, as a function of any other suitable value) to determine a bit value at which to split each byte of data. It will be understood that this is merely one illustrative way in which to implement splitting at the bit level. Any other suitable technique may be used.” O’Hare, in Para. [0430] discloses “After a split point has been determined in accordance with the above illustrative procedure or through any other procedure or algorithm, a determination may be made with regard to which data portions to append each of the left and right segments.” O’Hare, in Para. [0435] discloses “the secure data parser or some external component to the secure data parser may encrypt one or more portions of the original data.”).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Naystut, as modified by Shindo, in view of the teaching of O’Hare which discloses segmenting the binary data files into portions prior to further encryption in order to higher security of the data processing in the system (O’Hare, [0428, 0430, 0435]).

Regarding claim 5 Naystut, as modified by Shindo, fails to explicitly teach: The system of claim 1, wherein the data control engine is further 20configured to: detect a decryption attempt for a first data block from the set of data blocks; determine that the decryption attempt has failed; and set a security flag for the first data block from the set of data blocks to indicate that the first data block has failed decryption.
O’Hare from the analogous technical field teaches: The system of claim 1, wherein the data control engine is further 20configured to: detect a decryption attempt for a first data block from the set of data blocks; determine that the decryption attempt has failed; and set a security flag for the first data block from the set of data blocks to indicate that the first data block has failed decryption (Examiner note: flagging a failed operation is met by labelling the relevant step in numerical process) (O’Hare, in Para. [0448] discloses “Each combination of options is outlined below and labeled with the appropriate step numbers from FIG. 36.” O’Hare, in Para. [0502] discloses “Standard blockcipher-based schemes may fail in the presence of a key-retrieval oracle.” O’Hare, in Para. [0529] discloses “the data may also be retrieved by User 1 device 4202a by decrypting the first encrypted key ( e.g., the file session key encrypted with the public key Pub-Ul 4212a) to restore the file session key, then decrypting the encrypted data set using the file session key.”).
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to modify Naystut, as modified by Shindo, in view of the teaching of O’Hare which discloses labeling/flagging a failed operation in data block-cipher based procedure in order to improve data management in the system (O’Hare, [0448, 0502, 0529]).

Regarding claim 11, claim 11 dependent on claim 8 discloses a method that is substantially equivalent to the system of claim 4 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 4 are equally applicable to claim 11 and rejected for the same reasons.

Regarding claim 12, claim 12 dependent on claim 8 discloses a method that is substantially equivalent to the system of claim 5 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 5 are equally applicable to claim 12 and rejected for the same reasons.

Regarding claim 18, claim 18 dependent on claim 15 discloses a medium that is substantially equivalent to the system of claim 4 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 4 are equally applicable to claim 18 and rejected for the same reasons.

Regarding claim 19, claim 19 dependent on claim 15 discloses a medium that is substantially equivalent to the system of claim 5 dependent on claim 1. Therefore, the arguments set forth above with respect to claim 5 are equally applicable to claim 19 and rejected for the same reasons.




Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VLADIMIR IVANOVICH GAVRILENKO whose telephone number is (313)446-6530.  The examiner can normally be reached on Monday-Friday 7:30-4:30 EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn Feild can be reached on (571) 272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Vladimir I. Gavrilenko/Examiner, Art Unit 2431        

/TRANG T DOAN/Primary Examiner, Art Unit 2431